diff --git a/wolfcrypt/src/sp_arm32.c b/wolfcrypt/src/sp_arm32.c index 191fbce29e..beb0134c91 100644 --- a/wolfcrypt/src/sp_arm32.c +++ b/wolfcrypt/src/sp_arm32.c @@ -139,10 +139,10 @@ #ifndef WOLFSSL_SP_NO_2048 /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -186,9 +186,9 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -275,8 +275,8 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 256 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_2048_to_bin_64(sp_digit* r, byte* a) { @@ -294,14 +294,14 @@ static void sp_2048_to_bin_64(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_2048_norm_64(a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_2048_norm_64(a) @@ -309,9 +309,9 @@ static void sp_2048_to_bin_64(sp_digit* r, byte* a) #if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_mul_8(sp_digit* r_p, @@ -2318,9 +2318,9 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_8(sp_digit* r, const sp_digit* a, #elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_mul_8(sp_digit* r_p, @@ -2685,9 +2685,9 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_8(sp_digit* r, const sp_digit* a, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_mul_8(sp_digit* r_p, @@ -2830,9 +2830,9 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_8(sp_digit* r, const sp_digit* a, #endif /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_8(sp_digit* r_p, @@ -2879,8 +2879,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_8(sp_digit* r, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_16(sp_digit* a_p, @@ -2939,9 +2939,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_16(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_16(sp_digit* r_p, @@ -3002,9 +3002,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_16(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_8(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -3028,9 +3028,9 @@ static void sp_2048_mask_8(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -3067,8 +3067,8 @@ SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, @@ -3155,9 +3155,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r_p, @@ -3246,9 +3246,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -3276,9 +3276,9 @@ static void sp_2048_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -3315,8 +3315,8 @@ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, @@ -3459,9 +3459,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r_p, @@ -3606,9 +3606,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -3636,9 +3636,9 @@ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -3676,8 +3676,8 @@ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, #if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_sqr_8(sp_digit* r_p, @@ -4899,8 +4899,8 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a) #elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_sqr_8(sp_digit* r_p, @@ -5155,8 +5155,8 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a) #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_sqr_8(sp_digit* r_p, @@ -5284,9 +5284,9 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a) #endif /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_8(sp_digit* r_p, @@ -5332,8 +5332,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_8(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a) { @@ -5368,9 +5368,9 @@ SP_NOINLINE static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_16(sp_digit* r_p, @@ -5430,8 +5430,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_16(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) { @@ -5466,9 +5466,9 @@ SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_32(sp_digit* r_p, @@ -5556,8 +5556,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_32(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a) { @@ -5594,9 +5594,9 @@ SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r_p, @@ -5647,8 +5647,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, @@ -5697,9 +5697,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_mul_64(sp_digit* r_p, @@ -5910,8 +5910,8 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_sqr_64(sp_digit* r_p, @@ -6083,9 +6083,9 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -6100,9 +6100,9 @@ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r_p, @@ -6153,8 +6153,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, @@ -6203,9 +6203,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_mul_32(sp_digit* r_p, @@ -6416,8 +6416,8 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r_p, @@ -6589,8 +6589,8 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -6610,9 +6610,9 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r_p, @@ -6721,9 +6721,9 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r_p, @@ -8801,8 +8801,8 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m) { @@ -8816,10 +8816,11 @@ static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtractx + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, @@ -8869,10 +8870,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, @@ -9020,9 +9022,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r, #if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4) /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( @@ -10014,9 +10017,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( #elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7) /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( @@ -10323,9 +10327,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( #else /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( @@ -10543,11 +10548,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -10558,10 +10563,10 @@ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -10573,9 +10578,9 @@ SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r_p, @@ -10684,9 +10689,9 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r_p, @@ -11739,10 +11744,11 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -11811,10 +11817,11 @@ WC_OMIT_FRAME_POINTER static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -11962,10 +11969,11 @@ WC_OMIT_FRAME_POINTER static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0, #endif /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_32(const sp_digit* a_p, @@ -12374,11 +12382,12 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_32(const sp_digit* a, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -12416,10 +12425,11 @@ static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -12430,14 +12440,17 @@ static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -12567,14 +12580,17 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -12726,8 +12742,8 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_64(sp_digit* r, const sp_digit* m) { @@ -12742,10 +12758,11 @@ static void sp_2048_mont_norm_64(sp_digit* r, const sp_digit* m) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtractx + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, @@ -12795,10 +12812,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, @@ -13058,9 +13076,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r, #if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4) /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( @@ -14980,9 +14999,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( #elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7) /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( @@ -15545,9 +15565,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( #else /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( @@ -15925,11 +15946,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -15940,10 +15961,10 @@ SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -15955,9 +15976,9 @@ SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r_p, @@ -16006,9 +16027,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r_p, @@ -16154,10 +16175,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -16226,10 +16248,11 @@ WC_OMIT_FRAME_POINTER static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -16378,11 +16401,12 @@ WC_OMIT_FRAME_POINTER static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -16436,10 +16460,11 @@ static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_mod_64_cond(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -16451,9 +16476,9 @@ static WC_INLINE int sp_2048_mod_64_cond(sp_digit* r, const sp_digit* a, #if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_64(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -16481,10 +16506,11 @@ static void sp_2048_mask_64(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_64(const sp_digit* a_p, @@ -17245,11 +17271,12 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_64(const sp_digit* a, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -17287,10 +17314,11 @@ static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_mod_64(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -17304,14 +17332,17 @@ static WC_INLINE int sp_2048_mod_64(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -17432,14 +17463,17 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -17573,15 +17607,19 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -17722,10 +17760,11 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r_p, @@ -17775,10 +17814,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r_p, @@ -17926,20 +17966,24 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -18078,8 +18122,8 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) { @@ -18146,12 +18190,14 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -18196,6 +18242,12 @@ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_2048 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_lshift_64(sp_digit* r_p, const sp_digit* a_p, byte n_p) @@ -18609,13 +18661,15 @@ WC_OMIT_FRAME_POINTER static void sp_2048_lshift_64(sp_digit* r, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -18721,15 +18775,17 @@ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -18787,12 +18843,14 @@ int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -18844,10 +18902,10 @@ int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifndef WOLFSSL_SP_NO_3072 /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -18891,9 +18949,9 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -18980,8 +19038,8 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 384 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_3072_to_bin_96(sp_digit* r, byte* a) { @@ -18999,23 +19057,23 @@ static void sp_3072_to_bin_96(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_3072_norm_96(a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_3072_norm_96(a) #ifndef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_mul_12(sp_digit* r_p, @@ -24523,9 +24581,9 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_12(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_12(sp_digit* r_p, @@ -24579,8 +24637,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_12(sp_digit* r, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_24(sp_digit* a_p, @@ -24653,9 +24711,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_24(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_24(sp_digit* r_p, @@ -24730,9 +24788,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_24(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_12(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -24760,9 +24818,9 @@ static void sp_3072_mask_12(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -24799,8 +24857,8 @@ SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, @@ -24915,9 +24973,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r_p, @@ -25034,9 +25092,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_24(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -25064,9 +25122,9 @@ static void sp_3072_mask_24(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -25103,8 +25161,8 @@ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, @@ -25303,9 +25361,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r_p, @@ -25506,9 +25564,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -25536,9 +25594,9 @@ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -25575,8 +25633,8 @@ SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r_p, @@ -28650,9 +28708,9 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_12(sp_digit* r_p, @@ -28705,8 +28763,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_12(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a) { @@ -28741,9 +28799,9 @@ SP_NOINLINE static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_24(sp_digit* r_p, @@ -28817,8 +28875,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_24(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) { @@ -28853,9 +28911,9 @@ SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_48(sp_digit* r_p, @@ -28971,8 +29029,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_48(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a) { @@ -29009,9 +29067,9 @@ SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r_p, @@ -29062,8 +29120,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, @@ -29112,9 +29170,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_mul_96(sp_digit* r_p, @@ -29325,8 +29383,8 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_sqr_96(sp_digit* r_p, @@ -29498,9 +29556,9 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -29515,9 +29573,9 @@ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r_p, @@ -29568,8 +29626,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, @@ -29618,9 +29676,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_mul_48(sp_digit* r_p, @@ -29831,8 +29889,8 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r_p, @@ -30004,8 +30062,8 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -30025,9 +30083,9 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r_p, @@ -30136,9 +30194,9 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r_p, @@ -33240,8 +33298,8 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m) { @@ -33255,10 +33313,11 @@ static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtractx + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, @@ -33308,10 +33367,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, @@ -33515,9 +33575,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r, #if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4) /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( @@ -34973,9 +35034,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( #elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7) /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( @@ -35410,9 +35472,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( #else /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( @@ -35710,11 +35773,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -35725,10 +35788,10 @@ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -35740,9 +35803,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r_p, @@ -35851,9 +35914,9 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r_p, @@ -37418,10 +37481,11 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -37490,10 +37554,11 @@ WC_OMIT_FRAME_POINTER static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -37641,10 +37706,11 @@ WC_OMIT_FRAME_POINTER static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0, #endif /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_48(const sp_digit* a_p, @@ -38229,11 +38295,12 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_48(const sp_digit* a, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -38271,10 +38338,11 @@ static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -38285,14 +38353,17 @@ static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -38422,14 +38493,17 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -38581,8 +38655,8 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_96(sp_digit* r, const sp_digit* m) { @@ -38597,10 +38671,11 @@ static void sp_3072_mont_norm_96(sp_digit* r, const sp_digit* m) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtractx + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, @@ -38650,10 +38725,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, @@ -39025,9 +39101,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r, #if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4) /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( @@ -41875,9 +41952,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( #elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7) /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( @@ -42696,9 +42774,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( #else /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( @@ -43236,11 +43315,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -43251,10 +43330,10 @@ SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -43266,9 +43345,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r_p, @@ -43317,9 +43396,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r_p, @@ -43521,10 +43600,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -43593,10 +43673,11 @@ WC_OMIT_FRAME_POINTER static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -43745,11 +43826,12 @@ WC_OMIT_FRAME_POINTER static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -43803,10 +43885,11 @@ static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_mod_96_cond(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -43818,9 +43901,9 @@ static WC_INLINE int sp_3072_mod_96_cond(sp_digit* r, const sp_digit* a, #if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_96(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -43848,10 +43931,11 @@ static void sp_3072_mask_96(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_96(const sp_digit* a_p, @@ -44969,11 +45053,12 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_96(const sp_digit* a, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -45011,10 +45096,11 @@ static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_mod_96(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -45028,14 +45114,17 @@ static WC_INLINE int sp_3072_mod_96(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -45156,14 +45245,17 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -45297,15 +45389,19 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -45446,10 +45542,11 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r_p, @@ -45499,10 +45596,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r_p, @@ -45706,20 +45804,24 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -45858,8 +45960,8 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) { @@ -45926,12 +46028,14 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -45976,6 +46080,12 @@ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_3072 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_lshift_96(sp_digit* r_p, const sp_digit* a_p, byte n_p) @@ -46581,13 +46691,15 @@ WC_OMIT_FRAME_POINTER static void sp_3072_lshift_96(sp_digit* r, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -46693,15 +46805,17 @@ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -46759,12 +46873,14 @@ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -46816,10 +46932,10 @@ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_SP_4096 /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -46863,9 +46979,9 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -46952,8 +47068,8 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 512 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_4096_to_bin_128(sp_digit* r, byte* a) { @@ -46971,22 +47087,22 @@ static void sp_4096_to_bin_128(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_4096_norm_128(a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_4096_norm_128(a) #ifndef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, @@ -47241,9 +47357,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r_p, @@ -47500,9 +47616,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r, /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -47539,8 +47655,8 @@ SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a) { @@ -47577,9 +47693,9 @@ SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r_p, @@ -47630,8 +47746,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, @@ -47680,9 +47796,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_4096_mul_128(sp_digit* r_p, @@ -47893,8 +48009,8 @@ WC_OMIT_FRAME_POINTER static void sp_4096_mul_128(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r_p, @@ -48065,8 +48181,8 @@ WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -48086,9 +48202,9 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r_p, @@ -48197,9 +48313,9 @@ WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r_p, @@ -52325,8 +52441,8 @@ WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 4096 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_4096_mont_norm_128(sp_digit* r, const sp_digit* m) { @@ -52341,10 +52457,11 @@ static void sp_4096_mont_norm_128(sp_digit* r, const sp_digit* m) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtractx + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, @@ -52394,10 +52511,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, @@ -52881,9 +52999,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r, #if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4) /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( @@ -56659,9 +56778,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( #elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7) /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( @@ -57736,9 +57856,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( #else /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( @@ -58436,11 +58557,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -58451,10 +58572,10 @@ SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -58466,9 +58587,9 @@ SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r_p, @@ -58517,9 +58638,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r_p, @@ -58777,10 +58898,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -58849,10 +58971,11 @@ WC_OMIT_FRAME_POINTER static sp_digit div_4096_word_128(sp_digit d1, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -59001,11 +59124,12 @@ WC_OMIT_FRAME_POINTER static sp_digit div_4096_word_128(sp_digit d1, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -59059,10 +59183,11 @@ static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_mod_128_cond(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -59074,9 +59199,9 @@ static WC_INLINE int sp_4096_mod_128_cond(sp_digit* r, const sp_digit* a, #if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_4096_mask_128(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -59104,10 +59229,11 @@ static void sp_4096_mask_128(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_4096_cmp_128(const sp_digit* a_p, @@ -60577,11 +60703,12 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_4096_cmp_128(const sp_digit* a, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -60619,10 +60746,11 @@ static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_mod_128(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -60636,14 +60764,17 @@ static WC_INLINE int sp_4096_mod_128(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -60764,14 +60895,17 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -60905,15 +61039,19 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -61054,10 +61192,11 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r_p, @@ -61107,10 +61246,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r_p, @@ -61370,20 +61510,24 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -61522,8 +61666,8 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) { @@ -61590,12 +61734,14 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -61640,6 +61786,12 @@ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_4096 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_4096_lshift_128(sp_digit* r_p, const sp_digit* a_p, byte n_p) @@ -62437,13 +62589,15 @@ WC_OMIT_FRAME_POINTER static void sp_4096_lshift_128(sp_digit* r, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -62549,15 +62703,17 @@ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -62705,9 +62861,9 @@ static const sp_digit p256_b[8] = { #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r_p, @@ -62920,9 +63076,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a, #if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r_p, @@ -64929,9 +65085,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a, #elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r_p, @@ -65296,9 +65452,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r_p, @@ -65443,8 +65599,8 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r_p, @@ -65615,8 +65771,8 @@ WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a) #if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r_p, @@ -66838,8 +66994,8 @@ WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a) #elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r_p, @@ -67094,8 +67250,8 @@ WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a) #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r_p, @@ -67225,9 +67381,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r_p, @@ -67277,9 +67433,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r_p, @@ -67327,9 +67483,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static int sp_256_mod_mul_norm_8(sp_digit* r_p, @@ -67581,9 +67737,9 @@ WC_OMIT_FRAME_POINTER static int sp_256_mod_mul_norm_8(sp_digit* r, /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -67669,8 +67825,8 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_256. * - * p Point of type sp_point_256 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_256 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_256_point_from_ecc_point_8(sp_point_256* p, const ecc_point* pm) @@ -67686,8 +67842,8 @@ static void sp_256_point_from_ecc_point_8(sp_point_256* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_256_to_mp(const sp_digit* a, mp_int* r) { @@ -67754,10 +67910,11 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_256 to type ecc_point. * - * p Point of type sp_point_256. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_256. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm) { @@ -67778,11 +67935,11 @@ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, @@ -69921,11 +70078,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, @@ -70421,11 +70578,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, @@ -70699,10 +70856,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r, #if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4) /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, @@ -71918,10 +72075,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r, #elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7) /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, @@ -72306,10 +72463,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r, #else /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, @@ -72569,11 +72726,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r, #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_sqr_n_8(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -72596,9 +72753,9 @@ static const word32 p256_mod_minus_2[8] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P256 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -72664,10 +72821,11 @@ static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_256_cmp_8(const sp_digit* a_p, @@ -72811,7 +72969,7 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_256_cmp_8(const sp_digit* a, /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_256_norm_8(a) @@ -72819,10 +72977,11 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_256_cmp_8(const sp_digit* a, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtractx + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r_p, @@ -72872,10 +73031,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r_p, @@ -72942,9 +73102,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r, #if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4) /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8( @@ -73240,9 +73401,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, #elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7) /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8( @@ -73357,9 +73519,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, #else /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8( @@ -73457,9 +73620,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, #else /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8( @@ -73630,9 +73794,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, #if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4) /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( @@ -73928,9 +74093,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( #elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7) /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( @@ -74045,9 +74211,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( #else /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( @@ -74145,9 +74312,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( #endif /* WOLFSSL_SP_SMALL */ /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_256_map_8(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -74185,10 +74352,10 @@ static void sp_256_map_8(sp_point_256* r, const sp_point_256* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_mont_add_8(sp_digit* r_p, @@ -74259,9 +74426,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_mont_add_8(sp_digit* r, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_mont_dbl_8(sp_digit* r_p, @@ -74327,9 +74494,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_mont_dbl_8(sp_digit* r, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_mont_tpl_8(sp_digit* r_p, @@ -74427,10 +74594,10 @@ WC_OMIT_FRAME_POINTER static void sp_256_mont_tpl_8(sp_digit* r, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_mont_sub_8(sp_digit* r_p, @@ -74499,9 +74666,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_mont_sub_8(sp_digit* r, /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_mont_div2_8(sp_digit* r_p, @@ -74589,9 +74756,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_mont_div2_8(sp_digit* r, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -74660,9 +74827,13 @@ typedef struct sp_256_proj_point_dbl_8_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -74792,9 +74963,10 @@ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_256_cmp_equal_8(const sp_digit* a, const sp_digit* b) { @@ -74806,8 +74978,9 @@ static int sp_256_cmp_equal_8(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_256_iszero_8(const sp_digit* a) { @@ -74817,10 +74990,10 @@ static int sp_256_iszero_8(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_8(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -74920,10 +75093,14 @@ typedef struct sp_256_proj_point_add_8_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -75108,9 +75285,9 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_256_get_point_16_8(sp_point_256* r, const sp_point_256* table, int idx) @@ -75180,13 +75357,15 @@ static void sp_256_get_point_16_8(sp_point_256* r, const sp_point_256* table, * 256 doubles. * 76 adds. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -75316,10 +75495,9 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons #ifdef FP_ECC /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i, sp_digit* t) @@ -75409,8 +75587,8 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_256_proj_to_affine_8(sp_point_256* a, sp_digit* t) { @@ -75441,10 +75619,10 @@ typedef struct sp_table_entry_256 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_qz1_8(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -75526,10 +75704,10 @@ static void sp_256_proj_point_add_qz1_8(sp_point_256* r, * 16 entries * 64 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_256_gen_stripe_table_8(const sp_point_256* a, sp_table_entry_256* table, sp_digit* tmp, void* heap) @@ -75601,9 +75779,9 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_256_get_entry_16_8(sp_point_256* r, const sp_table_entry_256* table, int idx) @@ -75658,13 +75836,16 @@ static void sp_256_get_entry_16_8(sp_point_256* r, * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_stripe_8(sp_point_256* r, const sp_point_256* g, const sp_table_entry_256* table, const sp_digit* k, int map, @@ -75781,8 +75962,8 @@ static THREAD_LS_T int sp_cache_256_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) { @@ -75845,13 +76026,15 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -75931,10 +76114,10 @@ static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, * 256 entries * 32 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_256_gen_stripe_table_8(const sp_point_256* a, sp_table_entry_256* table, sp_digit* tmp, void* heap) @@ -76006,9 +76189,9 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_256_get_entry_256_8(sp_point_256* r, const sp_table_entry_256* table, int idx) @@ -76063,13 +76246,16 @@ static void sp_256_get_entry_256_8(sp_point_256* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_stripe_8(sp_point_256* r, const sp_point_256* g, const sp_table_entry_256* table, const sp_digit* k, int map, @@ -76186,8 +76372,8 @@ static THREAD_LS_T int sp_cache_256_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) { @@ -76250,13 +76436,15 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -76332,12 +76520,14 @@ static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -76367,14 +76557,16 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -76517,12 +76709,14 @@ static const sp_table_entry_256 p256_table[16] = { * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_8(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -77825,12 +78019,14 @@ static const sp_table_entry_256 p256_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_8(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -77844,11 +78040,13 @@ static int sp_256_ecc_mulmod_base_8(sp_point_256* r, const sp_digit* k, /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -77876,13 +78074,15 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P256 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -77936,7 +78136,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * a A single precision integer. + * @param [in, out] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_add_one_8(sp_digit* a_p) @@ -77975,10 +78175,10 @@ WC_OMIT_FRAME_POINTER static void sp_256_add_one_8(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -78022,10 +78222,12 @@ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_gen_k_8(WC_RNG* rng, sp_digit* k) { @@ -78055,12 +78257,15 @@ static int sp_256_ecc_gen_k_8(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -78132,6 +78337,23 @@ typedef struct sp_ecc_key_gen_256_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_256_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -78202,8 +78424,8 @@ int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 32 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_256_to_bin_8(sp_digit* r, byte* a) { @@ -78221,14 +78443,16 @@ static void sp_256_to_bin_8(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -78269,6 +78493,25 @@ typedef struct sp_ecc_sec_gen_256_ctx { sp_point_256 point; } sp_ecc_sec_gen_256_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -78318,8 +78561,8 @@ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, @@ -78367,8 +78610,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a, #else /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, @@ -78415,9 +78658,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r_p, @@ -78526,9 +78769,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r_p, @@ -78813,10 +79056,11 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -78885,10 +79129,11 @@ WC_OMIT_FRAME_POINTER static sp_digit div_256_word_8(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -79036,9 +79281,9 @@ WC_OMIT_FRAME_POINTER static sp_digit div_256_word_8(sp_digit d1, sp_digit d0, #endif /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_256_mask_8(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -79063,11 +79308,12 @@ static void sp_256_mask_8(sp_digit* r, const sp_digit* a, sp_digit m) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -79105,10 +79351,11 @@ static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -79120,9 +79367,9 @@ static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P256 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_256_mont_mul_order_8(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -79146,8 +79393,8 @@ static const sp_int_digit p256_order_low[4] = { /* Square number mod the order of P256 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_256_mont_sqr_order_8(sp_digit* r, const sp_digit* a) { @@ -79159,8 +79406,9 @@ static void sp_256_mont_sqr_order_8(sp_digit* r, const sp_digit* a) /* Square number mod the order of P256 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_256_mont_sqr_n_order_8(sp_digit* r, const sp_digit* a, int n) { @@ -79173,19 +79421,24 @@ static void sp_256_mont_sqr_n_order_8(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_256_mont_inv_order_8_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_256_mont_inv_order_8_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P256 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_256_mont_inv_order_8_ctx { - int state; - int i; -} sp_256_mont_inv_order_8_ctx; static int sp_256_mont_inv_order_8_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -79221,6 +79474,13 @@ static int sp_256_mont_inv_order_8_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const s } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P256 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -79329,13 +79589,15 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_calc_s_8(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -79383,15 +79645,18 @@ static int sp_256_calc_s_8(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 256 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -79499,6 +79764,30 @@ typedef struct sp_ecc_sign_256_ctx { int i; } sp_ecc_sign_256_ctx; +/* Sign the hash using the private key. + * e = [hash, 256 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 256 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -79649,9 +79938,9 @@ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r_p, @@ -79700,9 +79989,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r_p, @@ -79747,6 +80036,12 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r, } #endif /* WOLFSSL_SP_SMALL */ +/* Shift number right one bit. + * Bottom bit is lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_rshift1_8(sp_digit* r_p, const sp_digit* a_p) @@ -79839,9 +80134,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_rshift1_8(sp_digit* r, /* Divide the number by 2 mod the modulus. (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus. + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_div2_mod_8(sp_digit* r_p, @@ -79973,6 +80268,12 @@ XALIGNED(4) static const word8 L_sp_256_num_bits_8_table[] = { 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, }; +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a_p) #else @@ -80313,6 +80614,12 @@ WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a) } #else +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a_p) #else @@ -80409,9 +80716,10 @@ WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a) #endif /* WOLFSSL_ARM_ARCH && (WOLFSSL_ARM_ARCH < 7) */ /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ static int sp_256_mod_inv_8(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -80493,9 +80801,9 @@ static int sp_256_mod_inv_8(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_256_add_points_8(sp_point_256* p1, const sp_point_256* p2, sp_digit* tmp) @@ -80523,13 +80831,16 @@ static void sp_256_add_points_8(sp_point_256* p1, const sp_point_256* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_calc_vfy_point_8(sp_point_256* p1, sp_point_256* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -80590,14 +80901,18 @@ static int sp_256_calc_vfy_point_8(sp_point_256* p1, sp_point_256* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 256 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -80693,6 +81008,32 @@ typedef struct sp_ecc_verify_256_ctx { sp_point_256 p2; } sp_ecc_verify_256_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 256) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 256 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -80829,10 +81170,12 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_256_ecc_is_point_8(const sp_point_256* point, void* heap) @@ -80874,10 +81217,12 @@ static int sp_256_ecc_is_point_8(const sp_point_256* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY) { @@ -80903,13 +81248,17 @@ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -80993,16 +81342,18 @@ int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -81051,13 +81402,15 @@ int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -81097,10 +81450,12 @@ int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -81140,8 +81495,10 @@ int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ) #ifdef HAVE_COMP_KEY /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_256_mont_sqrt_8(sp_digit* y) { @@ -81194,10 +81551,12 @@ static int sp_256_mont_sqrt_8(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym) { @@ -81335,9 +81694,9 @@ static const sp_digit p384_b[12] = { #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r_p, @@ -81549,9 +81908,9 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r, const sp_digit* a, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r_p, @@ -87061,8 +87420,8 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r_p, @@ -87232,8 +87591,8 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r_p, @@ -90309,9 +90668,9 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r_p, @@ -90361,9 +90720,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r_p, @@ -90418,10 +90777,12 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_mod_mul_norm_12(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -90507,9 +90868,9 @@ static int sp_384_mod_mul_norm_12(sp_digit* r, const sp_digit* a, const sp_digit /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -90595,8 +90956,8 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_384. * - * p Point of type sp_point_384 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_384 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_384_point_from_ecc_point_12(sp_point_384* p, const ecc_point* pm) @@ -90612,8 +90973,8 @@ static void sp_384_point_from_ecc_point_12(sp_point_384* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_384_to_mp(const sp_digit* a, mp_int* r) { @@ -90680,10 +91041,11 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_384 to type ecc_point. * - * p Point of type sp_point_384. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_384. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_384_point_to_ecc_point_12(const sp_point_384* p, ecc_point* pm) { @@ -90704,10 +91066,11 @@ static int sp_384_point_to_ecc_point_12(const sp_point_384* p, ecc_point* pm) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtractx + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r_p, @@ -90757,10 +91120,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r_p, @@ -90840,9 +91204,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r, #if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4) /* Reduce the number back to 384 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12( @@ -91254,9 +91619,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a, #elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7) /* Reduce the number back to 384 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12( @@ -91403,9 +91769,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a, #else /* Reduce the number back to 384 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12( @@ -91523,11 +91890,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -91538,10 +91905,10 @@ SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -91553,11 +91920,11 @@ SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a, #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_n_12(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -91580,9 +91947,9 @@ static const word32 p384_mod_minus_2[12] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P384 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -91664,10 +92031,11 @@ static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_384_cmp_12(const sp_digit* a_p, @@ -91855,15 +92223,15 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_384_cmp_12(const sp_digit* a, /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_384_norm_12(a) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_384_map_12(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -91901,10 +92269,10 @@ static void sp_384_map_12(sp_point_384* r, const sp_point_384* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_mont_add_12(sp_digit* r_p, @@ -92002,9 +92370,9 @@ WC_OMIT_FRAME_POINTER static void sp_384_mont_add_12(sp_digit* r, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_mont_dbl_12(sp_digit* r_p, @@ -92091,9 +92459,9 @@ WC_OMIT_FRAME_POINTER static void sp_384_mont_dbl_12(sp_digit* r, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_mont_tpl_12(sp_digit* r_p, @@ -92246,9 +92614,9 @@ WC_OMIT_FRAME_POINTER static void sp_384_mont_tpl_12(sp_digit* r, #ifndef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_12(sp_digit* r_p, @@ -92304,10 +92672,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_12(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r_p, @@ -92357,10 +92726,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r_p, @@ -92437,10 +92807,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_mont_sub_12(sp_digit* r_p, @@ -92537,6 +92907,12 @@ WC_OMIT_FRAME_POINTER static void sp_384_mont_sub_12(sp_digit* r, #ifdef WOLFSSL_SP_SMALL #else #endif /* WOLFSSL_SP_SMALL */ +/* Shift number right one bit. + * Bottom bit is lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_rshift1_12(sp_digit* r_p, const sp_digit* a_p) @@ -92610,9 +92986,9 @@ WC_OMIT_FRAME_POINTER static void sp_384_rshift1_12(sp_digit* r, /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ static void sp_384_mont_div2_12(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -92625,9 +93001,9 @@ static void sp_384_mont_div2_12(sp_digit* r, const sp_digit* a, const sp_digit* /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -92696,9 +93072,13 @@ typedef struct sp_384_proj_point_dbl_12_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -92828,9 +93208,10 @@ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_384_cmp_equal_12(const sp_digit* a, const sp_digit* b) { @@ -92843,8 +93224,9 @@ static int sp_384_cmp_equal_12(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_384_iszero_12(const sp_digit* a) { @@ -92855,10 +93237,10 @@ static int sp_384_iszero_12(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_12(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -92958,10 +93340,14 @@ typedef struct sp_384_proj_point_add_12_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -93146,9 +93532,9 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_point_16_12(sp_point_384* r, const sp_point_384* table, int idx) @@ -93242,13 +93628,15 @@ static void sp_384_get_point_16_12(sp_point_384* r, const sp_point_384* table, * 384 doubles. * 108 adds. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -93378,10 +93766,9 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con #ifdef FP_ECC /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i, sp_digit* t) @@ -93471,8 +93858,8 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_384_proj_to_affine_12(sp_point_384* a, sp_digit* t) { @@ -93503,10 +93890,10 @@ typedef struct sp_table_entry_384 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_qz1_12(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -93588,10 +93975,10 @@ static void sp_384_proj_point_add_qz1_12(sp_point_384* r, * 16 entries * 96 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_384_gen_stripe_table_12(const sp_point_384* a, sp_table_entry_384* table, sp_digit* tmp, void* heap) @@ -93663,9 +94050,9 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_entry_16_12(sp_point_384* r, const sp_table_entry_384* table, int idx) @@ -93736,13 +94123,16 @@ static void sp_384_get_entry_16_12(sp_point_384* r, * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_stripe_12(sp_point_384* r, const sp_point_384* g, const sp_table_entry_384* table, const sp_digit* k, int map, @@ -93859,8 +94249,8 @@ static THREAD_LS_T int sp_cache_384_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) { @@ -93923,13 +94313,15 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -94009,10 +94401,10 @@ static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, * 256 entries * 48 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_384_gen_stripe_table_12(const sp_point_384* a, sp_table_entry_384* table, sp_digit* tmp, void* heap) @@ -94084,9 +94476,9 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_entry_256_12(sp_point_384* r, const sp_table_entry_384* table, int idx) @@ -94157,13 +94549,16 @@ static void sp_384_get_entry_256_12(sp_point_384* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_stripe_12(sp_point_384* r, const sp_point_384* g, const sp_table_entry_384* table, const sp_digit* k, int map, @@ -94280,8 +94675,8 @@ static THREAD_LS_T int sp_cache_384_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) { @@ -94344,13 +94739,15 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -94426,12 +94823,14 @@ static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -94461,14 +94860,16 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -94611,12 +95012,14 @@ static const sp_table_entry_384 p384_table[16] = { * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_12(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -95919,12 +96322,14 @@ static const sp_table_entry_384 p384_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_12(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -95938,11 +96343,13 @@ static int sp_384_ecc_mulmod_base_12(sp_point_384* r, const sp_digit* k, /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -95970,13 +96377,15 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P384 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -96030,7 +96439,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * a A single precision integer. + * @param [in, out] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_add_one_12(sp_digit* a_p) @@ -96075,10 +96484,10 @@ WC_OMIT_FRAME_POINTER static void sp_384_add_one_12(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -96122,10 +96531,12 @@ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_gen_k_12(WC_RNG* rng, sp_digit* k) { @@ -96155,12 +96566,15 @@ static int sp_384_ecc_gen_k_12(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -96232,6 +96646,23 @@ typedef struct sp_ecc_key_gen_384_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_384_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -96302,8 +96733,8 @@ int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 48 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_384_to_bin_12(sp_digit* r, byte* a) { @@ -96321,14 +96752,16 @@ static void sp_384_to_bin_12(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -96369,6 +96802,25 @@ typedef struct sp_ecc_sec_gen_384_ctx { sp_point_384 point; } sp_ecc_sec_gen_384_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -96418,8 +96870,8 @@ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, @@ -96467,8 +96919,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a, #else /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, @@ -96522,9 +96974,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r_p, @@ -96633,9 +97085,9 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r_p, @@ -97048,10 +97500,11 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -97120,10 +97573,11 @@ WC_OMIT_FRAME_POINTER static sp_digit div_384_word_12(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -97271,9 +97725,9 @@ WC_OMIT_FRAME_POINTER static sp_digit div_384_word_12(sp_digit d1, sp_digit d0, #endif /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_384_mask_12(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -97302,11 +97756,12 @@ static void sp_384_mask_12(sp_digit* r, const sp_digit* a, sp_digit m) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -97344,10 +97799,11 @@ static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -97359,9 +97815,9 @@ static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P384 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_384_mont_mul_order_12(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -97385,8 +97841,8 @@ static const word32 p384_order_low[6] = { /* Square number mod the order of P384 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_384_mont_sqr_order_12(sp_digit* r, const sp_digit* a) { @@ -97398,8 +97854,9 @@ static void sp_384_mont_sqr_order_12(sp_digit* r, const sp_digit* a) /* Square number mod the order of P384 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_384_mont_sqr_n_order_12(sp_digit* r, const sp_digit* a, int n) { @@ -97412,19 +97869,24 @@ static void sp_384_mont_sqr_n_order_12(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_384_mont_inv_order_12_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_384_mont_inv_order_12_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P384 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_384_mont_inv_order_12_ctx { - int state; - int i; -} sp_384_mont_inv_order_12_ctx; static int sp_384_mont_inv_order_12_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -97460,6 +97922,13 @@ static int sp_384_mont_inv_order_12_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P384 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_384_mont_inv_order_12(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -97535,13 +98004,15 @@ static void sp_384_mont_inv_order_12(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_calc_s_12(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -97589,15 +98060,18 @@ static int sp_384_calc_s_12(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 384 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -97705,6 +98179,30 @@ typedef struct sp_ecc_sign_384_ctx { int i; } sp_ecc_sign_384_ctx; +/* Sign the hash using the private key. + * e = [hash, 384 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 384 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -97854,9 +98352,9 @@ int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W #ifndef WOLFSSL_SP_SMALL /* Divide the number by 2 mod the modulus. (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus. + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_div2_mod_12(sp_digit* r_p, @@ -98010,6 +98508,12 @@ XALIGNED(4) static const word8 L_sp_384_num_bits_12_table[] = { 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, }; +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a_p) #else @@ -98581,6 +99085,12 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a) } #else +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a_p) #else @@ -98733,9 +99243,10 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a) #endif /* WOLFSSL_ARM_ARCH && (WOLFSSL_ARM_ARCH < 7) */ /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ static int sp_384_mod_inv_12(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -98817,9 +99328,9 @@ static int sp_384_mod_inv_12(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_384_add_points_12(sp_point_384* p1, const sp_point_384* p2, sp_digit* tmp) @@ -98851,13 +99362,16 @@ static void sp_384_add_points_12(sp_point_384* p1, const sp_point_384* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_calc_vfy_point_12(sp_point_384* p1, sp_point_384* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -98918,14 +99432,18 @@ static int sp_384_calc_vfy_point_12(sp_point_384* p1, sp_point_384* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 384 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -99021,6 +99539,32 @@ typedef struct sp_ecc_verify_384_ctx { sp_point_384 p2; } sp_ecc_verify_384_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 384) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 384 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -99157,10 +99701,12 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_384_ecc_is_point_12(const sp_point_384* point, void* heap) @@ -99202,10 +99748,12 @@ static int sp_384_ecc_is_point_12(const sp_point_384* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY) { @@ -99231,13 +99779,17 @@ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -99321,16 +99873,18 @@ int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -99379,13 +99933,15 @@ int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -99425,10 +99981,12 @@ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -99468,8 +100026,10 @@ int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ) #ifdef HAVE_COMP_KEY /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_384_mont_sqrt_12(sp_digit* y) { @@ -99553,10 +100113,12 @@ static int sp_384_mont_sqrt_12(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym) { @@ -99706,9 +100268,9 @@ static const sp_digit p521_b[17] = { #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r_p, @@ -99923,9 +100485,9 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r, const sp_digit* a, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r_p, @@ -110954,8 +111516,8 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r_p, @@ -111128,8 +111690,8 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r_p, @@ -117014,9 +117576,9 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r_p, @@ -117072,9 +117634,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r_p, @@ -117140,10 +117702,12 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_mod_mul_norm_17(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -117158,9 +117722,9 @@ static int sp_521_mod_mul_norm_17(sp_digit* r, const sp_digit* a, const sp_digit /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -117246,8 +117810,8 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_521. * - * p Point of type sp_point_521 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_521 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_521_point_from_ecc_point_17(sp_point_521* p, const ecc_point* pm) @@ -117263,8 +117827,8 @@ static void sp_521_point_from_ecc_point_17(sp_point_521* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_521_to_mp(const sp_digit* a, mp_int* r) { @@ -117331,10 +117895,11 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_521 to type ecc_point. * - * p Point of type sp_point_521. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_521. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_521_point_to_ecc_point_17(const sp_point_521* p, ecc_point* pm) { @@ -117355,10 +117920,11 @@ static int sp_521_point_to_ecc_point_17(const sp_point_521* p, ecc_point* pm) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtractx + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r_p, @@ -117408,10 +117974,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r_p, @@ -117507,9 +118074,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_17( @@ -117657,9 +118225,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_17(sp_digit* a, #if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4) /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( @@ -118298,9 +118867,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( #elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7) /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( @@ -118569,9 +119139,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( #else /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( @@ -118796,11 +119367,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -118811,10 +119382,10 @@ SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -118826,11 +119397,11 @@ SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a, #ifndef WOLFSSL_SP_SMALL /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_sqr_n_17(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -118854,9 +119425,9 @@ static const word32 p521_mod_minus_2[17] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P521 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -118934,10 +119505,11 @@ static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_521_cmp_17(const sp_digit* a_p, @@ -119180,15 +119752,15 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_521_cmp_17(const sp_digit* a, /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_521_norm_17(a) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_521_map_17(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -119226,10 +119798,10 @@ static void sp_521_map_17(sp_point_521* r, const sp_point_521* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_mont_add_17(sp_digit* r_p, @@ -119330,9 +119902,9 @@ WC_OMIT_FRAME_POINTER static void sp_521_mont_add_17(sp_digit* r, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_mont_dbl_17(sp_digit* r_p, @@ -119423,9 +119995,9 @@ WC_OMIT_FRAME_POINTER static void sp_521_mont_dbl_17(sp_digit* r, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_mont_tpl_17(sp_digit* r_p, @@ -119550,10 +120122,10 @@ WC_OMIT_FRAME_POINTER static void sp_521_mont_tpl_17(sp_digit* r, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_mont_sub_17(sp_digit* r_p, @@ -119653,6 +120225,12 @@ WC_OMIT_FRAME_POINTER static void sp_521_mont_sub_17(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ } +/* Shift number right one bit. + * Bottom bit is lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_rshift1_17(sp_digit* r_p, const sp_digit* a_p) @@ -119746,9 +120324,9 @@ WC_OMIT_FRAME_POINTER static void sp_521_rshift1_17(sp_digit* r, /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ static void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -119762,9 +120340,9 @@ static void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -119833,9 +120411,13 @@ typedef struct sp_521_proj_point_dbl_17_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -119965,9 +120547,10 @@ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_521_cmp_equal_17(const sp_digit* a, const sp_digit* b) { @@ -119982,8 +120565,9 @@ static int sp_521_cmp_equal_17(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_521_iszero_17(const sp_digit* a) { @@ -119995,10 +120579,10 @@ static int sp_521_iszero_17(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_17(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -120098,10 +120682,14 @@ typedef struct sp_521_proj_point_add_17_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -120286,9 +120874,9 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_point_16_17(sp_point_521* r, const sp_point_521* table, int idx) @@ -120412,13 +121000,15 @@ static void sp_521_get_point_16_17(sp_point_521* r, const sp_point_521* table, * 521 doubles. * 143 adds. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -120562,10 +121152,9 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con #ifdef FP_ECC /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i, sp_digit* t) @@ -120655,8 +121244,8 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_521_proj_to_affine_17(sp_point_521* a, sp_digit* t) { @@ -120687,10 +121276,10 @@ typedef struct sp_table_entry_521 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_qz1_17(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -120772,10 +121361,10 @@ static void sp_521_proj_point_add_qz1_17(sp_point_521* r, * 16 entries * 130 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_521_gen_stripe_table_17(const sp_point_521* a, sp_table_entry_521* table, sp_digit* tmp, void* heap) @@ -120847,9 +121436,9 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_entry_16_17(sp_point_521* r, const sp_table_entry_521* table, int idx) @@ -120940,13 +121529,16 @@ static void sp_521_get_entry_16_17(sp_point_521* r, * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_stripe_17(sp_point_521* r, const sp_point_521* g, const sp_table_entry_521* table, const sp_digit* k, int map, @@ -121063,8 +121655,8 @@ static THREAD_LS_T int sp_cache_521_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) { @@ -121127,13 +121719,15 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -121213,10 +121807,10 @@ static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, * 256 entries * 65 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_521_gen_stripe_table_17(const sp_point_521* a, sp_table_entry_521* table, sp_digit* tmp, void* heap) @@ -121288,9 +121882,9 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_entry_256_17(sp_point_521* r, const sp_table_entry_521* table, int idx) @@ -121381,13 +121975,16 @@ static void sp_521_get_entry_256_17(sp_point_521* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_stripe_17(sp_point_521* r, const sp_point_521* g, const sp_table_entry_521* table, const sp_digit* k, int map, @@ -121504,8 +122101,8 @@ static THREAD_LS_T int sp_cache_521_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) { @@ -121568,13 +122165,15 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -121650,12 +122249,14 @@ static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -121685,14 +122286,16 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -121867,12 +122470,14 @@ static const sp_table_entry_521 p521_table[16] = { * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_17(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -123687,12 +124292,14 @@ static const sp_table_entry_521 p521_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_17(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -123706,11 +124313,13 @@ static int sp_521_ecc_mulmod_base_17(sp_point_521* r, const sp_digit* k, /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -123738,13 +124347,15 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P521 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -123798,7 +124409,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * a A single precision integer. + * @param [in, out] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_add_one_17(sp_digit* a_p) @@ -123852,10 +124463,10 @@ WC_OMIT_FRAME_POINTER static void sp_521_add_one_17(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -123899,10 +124510,12 @@ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_gen_k_17(WC_RNG* rng, sp_digit* k) { @@ -123933,12 +124546,15 @@ static int sp_521_ecc_gen_k_17(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -124010,6 +124626,23 @@ typedef struct sp_ecc_key_gen_521_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_521_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -124080,8 +124713,8 @@ int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 66 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_521_to_bin_17(sp_digit* r, byte* a) { @@ -124101,14 +124734,16 @@ static void sp_521_to_bin_17(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_521(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -124149,6 +124784,25 @@ typedef struct sp_ecc_sec_gen_521_ctx { sp_point_521 point; } sp_ecc_sec_gen_521_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -124191,6 +124845,13 @@ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #endif /* HAVE_ECC_DHE */ #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_rshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p) @@ -124312,6 +124973,12 @@ WC_OMIT_FRAME_POINTER static void sp_521_rshift_17(sp_digit* r, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_lshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p) @@ -124441,6 +125108,12 @@ WC_OMIT_FRAME_POINTER static void sp_521_lshift_17(sp_digit* r, ); } +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_lshift_34(sp_digit* r_p, const sp_digit* a_p, byte n_p) @@ -124675,8 +125348,8 @@ WC_OMIT_FRAME_POINTER static void sp_521_lshift_34(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, @@ -124729,8 +125402,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a, #else /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, @@ -124795,9 +125468,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r_p, @@ -124906,9 +125579,9 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r_p, @@ -125481,10 +126154,11 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -125553,10 +126227,11 @@ WC_OMIT_FRAME_POINTER static sp_digit div_521_word_17(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -125704,9 +126379,9 @@ WC_OMIT_FRAME_POINTER static sp_digit div_521_word_17(sp_digit d1, sp_digit d0, #endif /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_521_mask_17(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -125736,11 +126411,12 @@ static void sp_521_mask_17(sp_digit* r, const sp_digit* a, sp_digit m) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -125782,10 +126458,11 @@ static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_521_mod_17(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -125797,9 +126474,9 @@ static WC_INLINE int sp_521_mod_17(sp_digit* r, const sp_digit* a, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P521 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_521_mont_mul_order_17(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -125825,8 +126502,8 @@ static const word32 p521_order_low[9] = { /* Square number mod the order of P521 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_521_mont_sqr_order_17(sp_digit* r, const sp_digit* a) { @@ -125838,8 +126515,9 @@ static void sp_521_mont_sqr_order_17(sp_digit* r, const sp_digit* a) /* Square number mod the order of P521 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_521_mont_sqr_n_order_17(sp_digit* r, const sp_digit* a, int n) { @@ -125852,19 +126530,24 @@ static void sp_521_mont_sqr_n_order_17(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_521_mont_inv_order_17_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_521_mont_inv_order_17_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P521 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_521_mont_inv_order_17_ctx { - int state; - int i; -} sp_521_mont_inv_order_17_ctx; static int sp_521_mont_inv_order_17_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -125900,6 +126583,13 @@ static int sp_521_mont_inv_order_17_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P521 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_521_mont_inv_order_17(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -125988,13 +126678,15 @@ static void sp_521_mont_inv_order_17(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_calc_s_17(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -126042,15 +126734,18 @@ static int sp_521_calc_s_17(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 521 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_521(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -126163,6 +126858,30 @@ typedef struct sp_ecc_sign_521_ctx { int i; } sp_ecc_sign_521_ctx; +/* Sign the hash using the private key. + * e = [hash, 521 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 521 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -126316,9 +127035,9 @@ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r_p, @@ -126372,9 +127091,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r_p, @@ -126439,9 +127158,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Divide the number by 2 mod the modulus. (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus. + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_div2_mod_17(sp_digit* r_p, @@ -126630,6 +127349,12 @@ XALIGNED(4) static const word8 L_sp_521_num_bits_17_table[] = { 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, }; +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a_p) #else @@ -127491,6 +128216,12 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) } #else +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a_p) #else @@ -127708,9 +128439,10 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) #endif /* WOLFSSL_ARM_ARCH && (WOLFSSL_ARM_ARCH < 7) */ /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ static int sp_521_mod_inv_17(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -127792,9 +128524,9 @@ static int sp_521_mod_inv_17(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_521_add_points_17(sp_point_521* p1, const sp_point_521* p2, sp_digit* tmp) @@ -127831,13 +128563,16 @@ static void sp_521_add_points_17(sp_point_521* p1, const sp_point_521* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_calc_vfy_point_17(sp_point_521* p1, sp_point_521* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -127898,14 +128633,18 @@ static int sp_521_calc_vfy_point_17(sp_point_521* p1, sp_point_521* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 521 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_521(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -128005,6 +128744,32 @@ typedef struct sp_ecc_verify_521_ctx { sp_point_521 p2; } sp_ecc_verify_521_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 521) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 521 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -128144,10 +128909,12 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_521_ecc_is_point_17(const sp_point_521* point, void* heap) @@ -128189,10 +128956,12 @@ static int sp_521_ecc_is_point_17(const sp_point_521* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY) { @@ -128218,13 +128987,17 @@ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -128308,16 +129081,18 @@ int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -128366,13 +129141,15 @@ int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -128412,10 +129189,12 @@ int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_521(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -128462,8 +129241,10 @@ static const word32 p521_sqrt_power[17] = { /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_521_mont_sqrt_17(sp_digit* y) { @@ -128494,10 +129275,12 @@ static int sp_521_mont_sqrt_17(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_521(mp_int* xm, int odd, mp_int* ym) { @@ -128564,9 +129347,9 @@ typedef struct sp_point_1024 { #ifndef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_mul_16(sp_digit* r_p, @@ -138336,8 +139119,8 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_16(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r_p, @@ -143581,9 +144364,9 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_16(sp_digit* r_p, @@ -143644,8 +144427,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_16(sp_digit* r, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, @@ -143732,9 +144515,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r_p, @@ -143823,9 +144606,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_1024_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -143853,9 +144636,9 @@ static void sp_1024_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -143892,9 +144675,9 @@ SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_16(sp_digit* r_p, @@ -143954,8 +144737,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_16(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a) { @@ -143991,9 +144774,9 @@ SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a) #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_mul_32(sp_digit* r_p, @@ -144204,8 +144987,8 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_sqr_32(sp_digit* r_p, @@ -144461,8 +145244,8 @@ static const sp_point_1024 p1024_base = { #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, @@ -144512,10 +145295,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtractx + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, @@ -144565,10 +145349,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, @@ -144716,9 +145501,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r_p, @@ -144769,9 +145554,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r_p, @@ -144880,9 +145665,9 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r_p, @@ -145935,10 +146720,11 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -146007,10 +146793,11 @@ WC_OMIT_FRAME_POINTER static sp_digit div_1024_word_32(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -146158,9 +146945,9 @@ WC_OMIT_FRAME_POINTER static sp_digit div_1024_word_32(sp_digit d1, sp_digit d0, #endif /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_1024_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -146188,10 +146975,11 @@ static void sp_1024_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_1024_cmp_32(const sp_digit* a_p, @@ -146600,11 +147388,12 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_1024_cmp_32(const sp_digit* a, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -146642,10 +147431,11 @@ static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_1024_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -146655,10 +147445,12 @@ static WC_INLINE int sp_1024_mod_32(sp_digit* r, const sp_digit* a, /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_mod_mul_norm_32(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -146671,10 +147463,12 @@ static int sp_1024_mod_mul_norm_32(sp_digit* r, const sp_digit* a, #ifdef WOLFCRYPT_HAVE_SAKKE /* Create a new point. * - * heap [in] Buffer to allocate dynamic memory from. - * sp [in] Data for point - only if not allocating. - * p [out] New point. - * returns MEMORY_E when dynamic memory allocation fails and 0 otherwise. + * @param [in] heap Buffer to allocate dynamic memory from. + * @param [in] sp Data for point - only if not allocating. + * @param [out] p New point. + * + * @return 0 otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_1024_point_new_ex_32(void* heap, sp_point_1024* sp, sp_point_1024** p) @@ -146706,9 +147500,9 @@ static int sp_1024_point_new_ex_32(void* heap, sp_point_1024* sp, #ifdef WOLFCRYPT_HAVE_SAKKE /* Free the point. * - * p [in,out] Point to free. - * clear [in] Indicates whether to zeroize point. - * heap [in] Buffer from which dynamic memory was allocate from. + * @param [in, out] p Point to free. + * @param [in] clear Indicates whether to zeroize point. + * @param [in] heap Buffer from which dynamic memory was allocate from. */ static void sp_1024_point_free_32(sp_point_1024* p, int clear, void* heap) { @@ -146733,9 +147527,9 @@ static void sp_1024_point_free_32(sp_point_1024* p, int clear, void* heap) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -146821,8 +147615,8 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_1024. * - * p Point of type sp_point_1024 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_1024 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_1024_point_from_ecc_point_32(sp_point_1024* p, const ecc_point* pm) @@ -146838,8 +147632,8 @@ static void sp_1024_point_from_ecc_point_32(sp_point_1024* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) { @@ -146906,10 +147700,11 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_1024 to type ecc_point. * - * p Point of type sp_point_1024. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_1024. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm) { @@ -146929,9 +147724,10 @@ static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm) #if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4) /* Reduce the number back to 1024 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( @@ -147928,9 +148724,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( #elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7) /* Reduce the number back to 1024 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( @@ -148242,9 +149039,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( #else /* Reduce the number back to 1024 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( @@ -148467,11 +149265,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -148482,10 +149280,10 @@ SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_sqr_32(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -148520,9 +149318,9 @@ static const word8 p1024_mod_minus_2[] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P1024 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_1024_mont_inv_32(sp_digit* r, const sp_digit* a, sp_digit* td) @@ -148557,15 +149355,15 @@ static void sp_1024_mont_inv_32(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_1024_norm_32(a) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_1024_map_32(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -148603,10 +149401,10 @@ static void sp_1024_map_32(sp_point_1024* r, const sp_point_1024* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_mont_add_32(sp_digit* r_p, @@ -148790,9 +149588,9 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mont_add_32(sp_digit* r, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_mont_dbl_32(sp_digit* r_p, @@ -148959,9 +149757,9 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mont_dbl_32(sp_digit* r, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_mont_tpl_32(sp_digit* r_p, @@ -149283,10 +150081,10 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mont_tpl_32(sp_digit* r, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_mont_sub_32(sp_digit* r_p, @@ -149466,10 +150264,11 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mont_sub_32(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r_p, @@ -149519,10 +150318,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r_p, @@ -149667,6 +150467,12 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r, } #endif /* WOLFSSL_SP_SMALL */ +/* Shift number right one bit. + * Bottom bit is lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_rshift1_32(sp_digit* r_p, const sp_digit* a_p) @@ -149820,9 +150626,9 @@ WC_OMIT_FRAME_POINTER static void sp_1024_rshift1_32(sp_digit* r, /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ static void sp_1024_mont_div2_32(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -149835,9 +150641,9 @@ static void sp_1024_mont_div2_32(sp_digit* r, const sp_digit* a, const sp_digit* /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -149906,9 +150712,13 @@ typedef struct sp_1024_proj_point_dbl_32_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -150038,9 +150848,10 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_1024_cmp_equal_32(const sp_digit* a, const sp_digit* b) { @@ -150060,8 +150871,9 @@ static int sp_1024_cmp_equal_32(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_1024_iszero_32(const sp_digit* a) { @@ -150074,10 +150886,10 @@ static int sp_1024_iszero_32(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_32(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -150177,10 +150989,14 @@ typedef struct sp_1024_proj_point_add_32_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -150371,13 +151187,15 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, * 1024 doubles. * 268 adds. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -150478,10 +151296,9 @@ static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g, #if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL) /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i, sp_digit* t) @@ -150571,8 +151388,8 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_1024_proj_to_affine_32(sp_point_1024* a, sp_digit* t) { @@ -150603,10 +151420,10 @@ typedef struct sp_table_entry_1024 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -150688,10 +151505,10 @@ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r, * 16 entries * 256 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_1024_gen_stripe_table_32(const sp_point_1024* a, sp_table_entry_1024* table, sp_digit* tmp, void* heap) @@ -150768,13 +151585,16 @@ static int sp_1024_gen_stripe_table_32(const sp_point_1024* a, * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_stripe_32(sp_point_1024* r, const sp_point_1024* g, const sp_table_entry_1024* table, const sp_digit* k, int map, @@ -150876,8 +151696,8 @@ static THREAD_LS_T int sp_cache_1024_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache) { @@ -150940,13 +151760,15 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -151026,10 +151848,10 @@ static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, * 256 entries * 128 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_1024_gen_stripe_table_32(const sp_point_1024* a, sp_table_entry_1024* table, sp_digit* tmp, void* heap) @@ -151106,13 +151928,16 @@ static int sp_1024_gen_stripe_table_32(const sp_point_1024* a, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_stripe_32(sp_point_1024* r, const sp_point_1024* g, const sp_table_entry_1024* table, const sp_digit* k, int map, @@ -151214,8 +152039,8 @@ static THREAD_LS_T int sp_cache_1024_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache) { @@ -151278,13 +152103,15 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -151360,12 +152187,14 @@ static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -151610,12 +152439,14 @@ static const sp_table_entry_1024 p1024_table[16] = { * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_base_32(sp_point_1024* r, const sp_digit* k, int map, int ct, void* heap) @@ -154962,12 +155793,14 @@ static const sp_table_entry_1024 p1024_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_base_32(sp_point_1024* r, const sp_digit* k, int map, int ct, void* heap) @@ -154981,11 +155814,13 @@ static int sp_1024_ecc_mulmod_base_32(sp_point_1024* r, const sp_digit* k, /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -155013,13 +155848,15 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P1024 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -155070,12 +155907,15 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, #ifndef WOLFSSL_SP_SMALL /* Generate a pre-computation table for the point. * - * gm Point to generate table for. - * table Buffer to hold pre-computed points table. - * len Length of table. - * heap Heap to use for allocation. - * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is - * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise. + * @param [in] gm Point to generate table for. + * @param [out] table Buffer to hold pre-computed points table. + * @param [in, out] len Length of table. + * @param [in] heap Heap to use for allocation. + * + * @return 0 otherwise. + * @return BAD_FUNC_ARG when gm or len is NULL. + * @return LENGTH_ONLY_E when table is NULL and length is returned. + * @return BUFFER_E when length is too small. */ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, void* heap) @@ -155115,12 +155955,15 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, #else /* Generate a pre-computation table for the point. * - * gm Point to generate table for. - * table Buffer to hold pre-computed points table. - * len Length of table. - * heap Heap to use for allocation. - * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is - * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise. + * @param [in] gm Point to generate table for. + * @param [out] table Buffer to hold pre-computed points table. + * @param [in, out] len Length of table. + * @param [in] heap Heap to use for allocation. + * + * @return 0 otherwise. + * @return BAD_FUNC_ARG when gm or len is NULL. + * @return LENGTH_ONLY_E when table is NULL and length is returned. + * @return BUFFER_E when length is too small. */ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, void* heap) @@ -155150,13 +155993,15 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * gm Point to multiply. - * table Pre-computed points. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] table Pre-computed points. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, ecc_point* r, int map, void* heap) @@ -155194,10 +156039,12 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, * r.x = p.x - (p.y * q.y) * r.y = (p.x * q.y) + p.y * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * q [in] A single precision integer - multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] q A single precision integer - multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_qx1_32(sp_digit* px, sp_digit* py, const sp_digit* q, sp_digit* t) @@ -155220,9 +156067,11 @@ static void sp_1024_proj_mul_qx1_32(sp_digit* px, sp_digit* py, * px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2 * py' = 2 * p.x * p.y * - * px [in,out] A single precision integer - X ordinate of number to square. - * py [in,out] A single precision integer - Y ordinate of number to square. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_sqr_32(sp_digit* px, sp_digit* py, sp_digit* t) { @@ -155247,10 +156096,12 @@ static void sp_1024_proj_sqr_32(sp_digit* px, sp_digit* py, sp_digit* t) * Simple square and multiply when expontent bit is one algorithm. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -157143,11 +157994,13 @@ static const sp_digit sp_1024_g_table[256][32] = { * Total of 256 points in table. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -157242,13 +158095,15 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) * p.x' = v0 - v1 * p.y' = (px + py) * (qx + qy) - v0 - v1 * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * qx [in] A single precision integer - X ordinate of number of - * multiplier. - * qy [in] A single precision integer - Y ordinate of number of - * multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] qx A single precision integer - X ordinate of number of + * multiplier. + * @param [in] qy A single precision integer - Y ordinate of number of + * multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_32(sp_digit* px, sp_digit* py, const sp_digit* qx, const sp_digit* qy, sp_digit* t) @@ -157278,8 +158133,8 @@ static void sp_1024_proj_mul_32(sp_digit* px, sp_digit* py, /* * Convert point from projective to affine but keep in Montgomery form. * - * p [in,out] Point to convert. - * t [in] Temporary numbers: 2. + * @param [in, out] p Point to convert. + * @param [in] t Temporary numbers: 2. */ static void sp_1024_mont_map_32(sp_point_1024* p, sp_digit* t) { @@ -157308,11 +158163,11 @@ static void sp_1024_mont_map_32(sp_point_1024* p, sp_digit* t) * p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 * p'.z = 2 * p.y * p.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -157398,14 +158253,14 @@ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy, * c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 * c'.z = (c.x - p.x * c.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added * to. - * @param [in] p ECC point - point on E(F_p^2) to add. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] qx_px SP that is a constant value across adds. - * @param [in] t SP temporaries (6 used). + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] qx_px SP that is a constant value across adds. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_add_one_32(sp_digit* vx, sp_digit* vy, sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px, @@ -157482,10 +158337,10 @@ static void sp_1024_accumulate_line_add_one_32(sp_digit* vx, sp_digit* vy, * * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q. * - * @param [in] key SAKKE key. - * @param [in] p First point on E(F_p)[q]. - * @param [in] q Second point on E(F_p)[q]. - * @param [in] r Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -157619,14 +158474,14 @@ int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res) * c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 * c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added - * to. - * @param [in,out] p ECC point - point on E(F_p^2) to add. - * @param [in,out] q ECC point - second point on E(F_P^2). - * @param [in,out] t SP temporaries (6 used). - * @param [in,out] neg Indicates to use negative P. + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added to. + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in, out] t SP temporaries (6 used). + * @param [in] neg Indicates to use negative P. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -157740,12 +158595,12 @@ static void sp_1024_accumulate_line_add_n_32(sp_digit* vx, sp_digit* vy, * Finally: * p'.y = py' / 2 * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] n Number of times to double. - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] n Number of times to double. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t) @@ -157860,9 +158715,10 @@ static const signed char sp_1024_order_op[] = { * Subtract if top bit in window is one. * Width of 6 bits. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -158034,13 +158890,14 @@ int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res) * * Small implementation does not use a table - returns 0 length. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. */ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, word32* len) @@ -158067,11 +158924,12 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, * * Small implementation does not use a table - use the normal implementation. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -158090,11 +158948,11 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm, * l = 3 * (p.x^2 - 1) / (2 * p.y) * c = l * p.x - p.y * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to double. - * @param [in] py Y-ordinate of point to double. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to double. + * @param [in] py Y-ordinate of point to double. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_dbl_calc_lc_32(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, sp_digit* t) @@ -158131,13 +158989,13 @@ static void sp_1024_accum_dbl_calc_lc_32(sp_digit* lr, sp_digit* cr, * l = (c.y - p.y) / (c.x - p.x) * c = (p.x * c.y - cx * p.y) / (cx - p.x) * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to add. - * @param [in] py Y-ordinate of point to add. - * @param [in] cx X-ordinate of current point. - * @param [in] cy Y-ordinate of current point. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to add. + * @param [in] py Y-ordinate of point to add. + * @param [in] cx X-ordinate of current point. + * @param [in] cy Y-ordinate of current point. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_add_calc_lc_32(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, const sp_digit* cx, @@ -158181,13 +159039,13 @@ static void sp_1024_accum_add_calc_lc_32(sp_digit* lr, sp_digit* cr, * r.y = q->y * v* = v* * r* * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in] l Gradient to multiply with. - * @param [in] c Constant to add with. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (3 used). - * @param [in] dbl Indicates whether this is for doubling. Otherwise + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in] l Gradient to multiply with. + * @param [in] c Constant to add with. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (3 used). + * @param [in] dbl Indicates whether this is for doubling. Otherwise * adding. */ static void sp_1024_accumulate_line_lc_32(sp_digit* vx, sp_digit* vy, @@ -158243,14 +159101,15 @@ static const signed char sp_1024_order_op_pre[] = { * Subtract if top bit in window is one. * Width of 6 bits. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. - * MEMORY_E when dynamic memory allocation fauls. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. + * @return MEMORY_E when dynamic memory allocation fauls. */ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, word32* len) @@ -158404,11 +159263,12 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, * Pre-generate values in window (1, 3, ...) - only V. * Table contains all gradient l and a constant for each point on the path. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -158589,10 +159449,10 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm, #endif /* WOLFSSL_SP_SMALL */ /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -158636,10 +159496,12 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_1024_ecc_is_point_32(const sp_point_1024* point, void* heap) @@ -158685,10 +159547,12 @@ static int sp_1024_ecc_is_point_32(const sp_point_1024* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY) { @@ -158714,13 +159578,17 @@ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) diff --git a/wolfcrypt/src/sp_arm64.c b/wolfcrypt/src/sp_arm64.c index be0ec3fc73..bdf1ec8338 100644 --- a/wolfcrypt/src/sp_arm64.c +++ b/wolfcrypt/src/sp_arm64.c @@ -139,10 +139,10 @@ #ifndef WOLFSSL_SP_NO_2048 /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -252,9 +252,9 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -341,8 +341,8 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 256 * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ static void sp_2048_to_bin_32(sp_digit* r, byte* a) { @@ -366,23 +366,23 @@ static void sp_2048_to_bin_32(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_2048_norm_32(a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_2048_norm_32(a) #ifndef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_2048_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -797,9 +797,9 @@ static void sp_2048_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_2048_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -836,9 +836,9 @@ static sp_digit sp_2048_add_8(sp_digit* r, const sp_digit* a, /* Add digit to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_2048_add_word_8(sp_digit* r, const sp_digit* a, sp_digit b) @@ -868,8 +868,8 @@ static void sp_2048_add_word_8(sp_digit* r, const sp_digit* a, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ static sp_digit sp_2048_sub_in_place_16(sp_digit* a, const sp_digit* b) { @@ -925,9 +925,9 @@ static sp_digit sp_2048_sub_in_place_16(sp_digit* a, const sp_digit* b) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -986,10 +986,11 @@ static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_2048_cond_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -1036,9 +1037,9 @@ static sp_digit sp_2048_cond_add_8(sp_digit* r, const sp_digit* a, const sp_digi /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -1071,9 +1072,9 @@ SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a, /* Add digit to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_2048_add_word_16(sp_digit* r, const sp_digit* a, sp_digit b) @@ -1119,8 +1120,8 @@ static void sp_2048_add_word_16(sp_digit* r, const sp_digit* a, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ static sp_digit sp_2048_sub_in_place_32(sp_digit* a, const sp_digit* b) { @@ -1216,9 +1217,9 @@ static sp_digit sp_2048_sub_in_place_32(sp_digit* a, const sp_digit* b) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -1317,10 +1318,11 @@ static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_2048_cond_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -1395,9 +1397,9 @@ static sp_digit sp_2048_cond_add_16(sp_digit* r, const sp_digit* a, const sp_dig /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -1430,8 +1432,8 @@ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a) { @@ -2437,9 +2439,9 @@ static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_2048_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -2496,8 +2498,8 @@ static sp_digit sp_2048_sub_16(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) { @@ -2533,9 +2535,9 @@ SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -2571,8 +2573,8 @@ static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_2048_sub_in_place_32(sp_digit* a, const sp_digit* b) { @@ -2607,9 +2609,9 @@ static sp_digit sp_2048_sub_in_place_32(sp_digit* a, const sp_digit* b) #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -2657,8 +2659,8 @@ static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) { @@ -2725,9 +2727,9 @@ static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -2763,8 +2765,8 @@ static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_2048_sub_in_place_16(sp_digit* a, const sp_digit* b) { @@ -2799,9 +2801,9 @@ static sp_digit sp_2048_sub_in_place_16(sp_digit* a, const sp_digit* b) #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_2048_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -2849,8 +2851,8 @@ static void sp_2048_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a) { @@ -2917,8 +2919,8 @@ static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a) /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -2938,9 +2940,9 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ static void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a, sp_digit b) @@ -3254,8 +3256,8 @@ static void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_16(sp_digit* r, const sp_digit* m) { @@ -3267,9 +3269,10 @@ static void sp_2048_mont_norm_16(sp_digit* r, const sp_digit* m) /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ SP_NOINLINE static void sp_2048_mont_reduce_16(sp_digit* a, const sp_digit* m, sp_digit mp) @@ -3477,11 +3480,11 @@ SP_NOINLINE static void sp_2048_mont_reduce_16(sp_digit* a, const sp_digit* m, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -3492,10 +3495,10 @@ SP_NOINLINE static void sp_2048_mont_mul_16(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_16(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -3507,10 +3510,11 @@ SP_NOINLINE static void sp_2048_mont_sqr_16(sp_digit* r, const sp_digit* a, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static sp_digit sp_2048_cond_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -3608,9 +3612,9 @@ static sp_digit sp_2048_cond_sub_16(sp_digit* r, const sp_digit* a, const sp_dig /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ static void sp_2048_mul_d_16(sp_digit* r, const sp_digit* a, sp_digit b) @@ -3788,10 +3792,11 @@ static void sp_2048_mul_d_16(sp_digit* r, const sp_digit* a, * * Assumes divisor has highest bit set. * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. */ static sp_digit div_2048_word_16(sp_digit d1, sp_digit d0, sp_digit div) { @@ -3847,9 +3852,9 @@ static sp_digit div_2048_word_16(sp_digit d1, sp_digit d0, sp_digit div) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -3877,10 +3882,11 @@ static void sp_2048_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_int64 sp_2048_cmp_16(const sp_digit* a, const sp_digit* b) { @@ -4028,11 +4034,12 @@ static sp_int64 sp_2048_cmp_16(const sp_digit* a, const sp_digit* b) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_div_16(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -4070,10 +4077,11 @@ static WC_INLINE int sp_2048_div_16(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_mod_16(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -4083,14 +4091,17 @@ static WC_INLINE int sp_2048_mod_16(sp_digit* r, const sp_digit* a, const sp_dig #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_16(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -4220,14 +4231,17 @@ static int sp_2048_mod_exp_16(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_16(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -4379,8 +4393,8 @@ static int sp_2048_mod_exp_16(sp_digit* r, const sp_digit* a, const sp_digit* e, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m) { @@ -4393,9 +4407,10 @@ static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m) #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */ /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp) @@ -4809,11 +4824,11 @@ SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -4824,10 +4839,10 @@ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -4839,9 +4854,9 @@ SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -4876,9 +4891,9 @@ static sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -4978,10 +4993,11 @@ static sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a, * * Assumes divisor has highest bit set. * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. */ static sp_digit div_2048_word_32_cond(sp_digit d1, sp_digit d0, sp_digit div) { @@ -5038,11 +5054,12 @@ static sp_digit div_2048_word_32_cond(sp_digit d1, sp_digit d0, sp_digit div) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_div_32_cond(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -5096,10 +5113,11 @@ static WC_INLINE int sp_2048_div_32_cond(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_mod_32_cond(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -5110,10 +5128,11 @@ static WC_INLINE int sp_2048_mod_32_cond(sp_digit* r, const sp_digit* a, const s /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static sp_digit sp_2048_cond_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -5269,10 +5288,11 @@ static sp_digit sp_2048_cond_sub_32(sp_digit* r, const sp_digit* a, const sp_dig * * Assumes divisor has highest bit set. * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. */ static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0, sp_digit div) { @@ -5328,9 +5348,9 @@ static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0, sp_digit div) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -5358,10 +5378,11 @@ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_int64 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b) { @@ -5605,11 +5626,12 @@ static sp_int64 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -5647,10 +5669,11 @@ static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -5662,14 +5685,17 @@ static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a, const sp_dig #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -5816,14 +5842,17 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -6007,15 +6036,19 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -6156,10 +6189,11 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_2048_cond_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -6191,20 +6225,24 @@ static sp_digit sp_2048_cond_add_16(sp_digit* r, const sp_digit* a, const sp_dig #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -6343,8 +6381,8 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) { @@ -6411,12 +6449,14 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -6461,6 +6501,12 @@ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_2048 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ static void sp_2048_lshift_32(sp_digit* r, const sp_digit* a, byte n) { word64 n64 = n; @@ -6666,13 +6712,15 @@ static void sp_2048_lshift_32(sp_digit* r, const sp_digit* a, byte n) /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_2048_mod_exp_2_32(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -6779,15 +6827,17 @@ static int sp_2048_mod_exp_2_32(sp_digit* r, const sp_digit* e, int bits, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -6845,12 +6895,14 @@ int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -6902,10 +6954,10 @@ int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifndef WOLFSSL_SP_NO_3072 /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -7015,9 +7067,9 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -7104,8 +7156,8 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 384 * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ static void sp_3072_to_bin_48(sp_digit* r, byte* a) { @@ -7129,23 +7181,23 @@ static void sp_3072_to_bin_48(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_3072_norm_48(a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_3072_norm_48(a) #ifndef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_3072_mul_6(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -7386,9 +7438,9 @@ static void sp_3072_mul_6(sp_digit* r, const sp_digit* a, const sp_digit* b) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_3072_add_6(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -7423,9 +7475,9 @@ static sp_digit sp_3072_add_6(sp_digit* r, const sp_digit* a, /* Add digit to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_3072_add_word_6(sp_digit* r, const sp_digit* a, sp_digit b) @@ -7453,8 +7505,8 @@ static void sp_3072_add_word_6(sp_digit* r, const sp_digit* a, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ static sp_digit sp_3072_sub_in_place_12(sp_digit* a, const sp_digit* b) { @@ -7500,9 +7552,9 @@ static sp_digit sp_3072_sub_in_place_12(sp_digit* a, const sp_digit* b) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_3072_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -7551,10 +7603,11 @@ static sp_digit sp_3072_add_12(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_3072_cond_add_6(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -7594,9 +7647,9 @@ static sp_digit sp_3072_cond_add_6(sp_digit* r, const sp_digit* a, const sp_digi /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_12(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -7629,9 +7682,9 @@ SP_NOINLINE static void sp_3072_mul_12(sp_digit* r, const sp_digit* a, /* Add digit to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_3072_add_word_12(sp_digit* r, const sp_digit* a, sp_digit b) @@ -7669,8 +7722,8 @@ static void sp_3072_add_word_12(sp_digit* r, const sp_digit* a, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ static sp_digit sp_3072_sub_in_place_24(sp_digit* a, const sp_digit* b) { @@ -7746,9 +7799,9 @@ static sp_digit sp_3072_sub_in_place_24(sp_digit* a, const sp_digit* b) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -7827,10 +7880,11 @@ static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_3072_cond_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -7891,9 +7945,9 @@ static sp_digit sp_3072_cond_add_12(sp_digit* r, const sp_digit* a, const sp_dig /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -7926,9 +7980,9 @@ SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a, /* Add digit to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_3072_add_word_24(sp_digit* r, const sp_digit* a, sp_digit b) @@ -7990,8 +8044,8 @@ static void sp_3072_add_word_24(sp_digit* r, const sp_digit* a, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ static sp_digit sp_3072_sub_in_place_48(sp_digit* a, const sp_digit* b) { @@ -8127,9 +8181,9 @@ static sp_digit sp_3072_sub_in_place_48(sp_digit* a, const sp_digit* b) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -8268,10 +8322,11 @@ static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_3072_cond_add_24(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -8374,9 +8429,9 @@ static sp_digit sp_3072_cond_add_24(sp_digit* r, const sp_digit* a, const sp_dig /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -8409,8 +8464,8 @@ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a) { @@ -11090,9 +11145,9 @@ static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_3072_sub_24(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -11169,8 +11224,8 @@ static sp_digit sp_3072_sub_24(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) { @@ -11206,9 +11261,9 @@ SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -11244,8 +11299,8 @@ static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_3072_sub_in_place_48(sp_digit* a, const sp_digit* b) { @@ -11280,9 +11335,9 @@ static sp_digit sp_3072_sub_in_place_48(sp_digit* a, const sp_digit* b) #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -11330,8 +11385,8 @@ static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) { @@ -11398,9 +11453,9 @@ static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -11436,8 +11491,8 @@ static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_3072_sub_in_place_24(sp_digit* a, const sp_digit* b) { @@ -11472,9 +11527,9 @@ static sp_digit sp_3072_sub_in_place_24(sp_digit* a, const sp_digit* b) #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_3072_mul_24(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -11522,8 +11577,8 @@ static void sp_3072_mul_24(sp_digit* r, const sp_digit* a, const sp_digit* b) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a) { @@ -11590,8 +11645,8 @@ static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a) /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -11611,9 +11666,9 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ static void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a, sp_digit b) @@ -12064,8 +12119,8 @@ static void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_24(sp_digit* r, const sp_digit* m) { @@ -12077,9 +12132,10 @@ static void sp_3072_mont_norm_24(sp_digit* r, const sp_digit* m) /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ SP_NOINLINE static void sp_3072_mont_reduce_24(sp_digit* a, const sp_digit* m, sp_digit mp) @@ -12393,11 +12449,11 @@ SP_NOINLINE static void sp_3072_mont_reduce_24(sp_digit* a, const sp_digit* m, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_24(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -12408,10 +12464,10 @@ SP_NOINLINE static void sp_3072_mont_mul_24(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_24(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -12423,10 +12479,11 @@ SP_NOINLINE static void sp_3072_mont_sqr_24(sp_digit* r, const sp_digit* a, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static sp_digit sp_3072_cond_sub_24(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -12552,9 +12609,9 @@ static sp_digit sp_3072_cond_sub_24(sp_digit* r, const sp_digit* a, const sp_dig /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ static void sp_3072_mul_d_24(sp_digit* r, const sp_digit* a, sp_digit b) @@ -12801,10 +12858,11 @@ static void sp_3072_mul_d_24(sp_digit* r, const sp_digit* a, * * Assumes divisor has highest bit set. * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. */ static sp_digit div_3072_word_24(sp_digit d1, sp_digit d0, sp_digit div) { @@ -12860,9 +12918,9 @@ static sp_digit div_3072_word_24(sp_digit d1, sp_digit d0, sp_digit div) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_24(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -12890,10 +12948,11 @@ static void sp_3072_mask_24(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_int64 sp_3072_cmp_24(const sp_digit* a, const sp_digit* b) { @@ -13089,11 +13148,12 @@ static sp_int64 sp_3072_cmp_24(const sp_digit* a, const sp_digit* b) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_div_24(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -13131,10 +13191,11 @@ static WC_INLINE int sp_3072_div_24(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_mod_24(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -13144,14 +13205,17 @@ static WC_INLINE int sp_3072_mod_24(sp_digit* r, const sp_digit* a, const sp_dig #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_24(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -13281,14 +13345,17 @@ static int sp_3072_mod_exp_24(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_24(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -13440,8 +13507,8 @@ static int sp_3072_mod_exp_24(sp_digit* r, const sp_digit* a, const sp_digit* e, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m) { @@ -13454,9 +13521,10 @@ static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m) #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */ /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m, sp_digit mp) @@ -14070,11 +14138,11 @@ SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -14085,10 +14153,10 @@ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -14100,9 +14168,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -14137,9 +14205,9 @@ static sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -14279,10 +14347,11 @@ static sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a, * * Assumes divisor has highest bit set. * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. */ static sp_digit div_3072_word_48_cond(sp_digit d1, sp_digit d0, sp_digit div) { @@ -14339,11 +14408,12 @@ static sp_digit div_3072_word_48_cond(sp_digit d1, sp_digit d0, sp_digit div) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_div_48_cond(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -14397,10 +14467,11 @@ static WC_INLINE int sp_3072_div_48_cond(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_mod_48_cond(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -14411,10 +14482,11 @@ static WC_INLINE int sp_3072_mod_48_cond(sp_digit* r, const sp_digit* a, const s /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static sp_digit sp_3072_cond_sub_48(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -14626,10 +14698,11 @@ static sp_digit sp_3072_cond_sub_48(sp_digit* r, const sp_digit* a, const sp_dig * * Assumes divisor has highest bit set. * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. */ static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0, sp_digit div) { @@ -14685,9 +14758,9 @@ static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0, sp_digit div) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -14715,10 +14788,11 @@ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_int64 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b) { @@ -15058,11 +15132,12 @@ static sp_int64 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -15100,10 +15175,11 @@ static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -15115,14 +15191,17 @@ static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a, const sp_dig #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -15243,14 +15322,17 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -15384,15 +15466,19 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -15533,10 +15619,11 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_3072_cond_add_24(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -15568,20 +15655,24 @@ static sp_digit sp_3072_cond_add_24(sp_digit* r, const sp_digit* a, const sp_dig #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -15720,8 +15811,8 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) { @@ -15788,12 +15879,14 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -15838,6 +15931,12 @@ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_3072 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ static void sp_3072_lshift_48(sp_digit* r, const sp_digit* a, byte n) { word64 n64 = n; @@ -16139,13 +16238,15 @@ static void sp_3072_lshift_48(sp_digit* r, const sp_digit* a, byte n) /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_3072_mod_exp_2_48(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -16252,15 +16353,17 @@ static int sp_3072_mod_exp_2_48(sp_digit* r, const sp_digit* e, int bits, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -16318,12 +16421,14 @@ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -16375,10 +16480,10 @@ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_SP_4096 /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -16488,9 +16593,9 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -16577,8 +16682,8 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 512 * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ static void sp_4096_to_bin_64(sp_digit* r, byte* a) { @@ -16602,23 +16707,23 @@ static void sp_4096_to_bin_64(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_4096_norm_64(a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_4096_norm_64(a) #ifndef WOLFSSL_SP_SMALL /* Add digit to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_4096_add_word_32(sp_digit* r, const sp_digit* a, sp_digit b) @@ -16696,8 +16801,8 @@ static void sp_4096_add_word_32(sp_digit* r, const sp_digit* a, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ static sp_digit sp_4096_sub_in_place_64(sp_digit* a, const sp_digit* b) { @@ -16873,9 +16978,9 @@ static sp_digit sp_4096_sub_in_place_64(sp_digit* a, const sp_digit* b) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_4096_add_64(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -17054,10 +17159,11 @@ static sp_digit sp_4096_add_64(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_4096_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -17188,9 +17294,9 @@ static sp_digit sp_4096_cond_add_32(sp_digit* r, const sp_digit* a, const sp_dig /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_4096_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -17223,8 +17329,8 @@ SP_NOINLINE static void sp_4096_mul_64(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_4096_sqr_64(sp_digit* r, const sp_digit* a) { @@ -17260,9 +17366,9 @@ SP_NOINLINE static void sp_4096_sqr_64(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_4096_add_64(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -17298,8 +17404,8 @@ static sp_digit sp_4096_add_64(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_4096_sub_in_place_64(sp_digit* a, const sp_digit* b) { @@ -17334,9 +17440,9 @@ static sp_digit sp_4096_sub_in_place_64(sp_digit* a, const sp_digit* b) #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_4096_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -17384,8 +17490,8 @@ static void sp_4096_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ static void sp_4096_sqr_64(sp_digit* r, const sp_digit* a) { @@ -17450,8 +17556,8 @@ static void sp_4096_sqr_64(sp_digit* r, const sp_digit* a) #endif /* WOLFSSL_SP_SMALL */ /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -17471,9 +17577,9 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ static void sp_4096_mul_d_64(sp_digit* r, const sp_digit* a, sp_digit b) @@ -18059,8 +18165,8 @@ static void sp_4096_mul_d_64(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 4096 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_4096_mont_norm_64(sp_digit* r, const sp_digit* m) { @@ -18073,9 +18179,10 @@ static void sp_4096_mont_norm_64(sp_digit* r, const sp_digit* m) #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */ /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ SP_NOINLINE static void sp_4096_mont_reduce_64(sp_digit* a, const sp_digit* m, sp_digit mp) @@ -18889,11 +18996,11 @@ SP_NOINLINE static void sp_4096_mont_reduce_64(sp_digit* a, const sp_digit* m, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -18904,10 +19011,10 @@ SP_NOINLINE static void sp_4096_mont_mul_64(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_sqr_64(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -18919,9 +19026,9 @@ SP_NOINLINE static void sp_4096_mont_sqr_64(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_4096_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -18956,9 +19063,9 @@ static sp_digit sp_4096_sub_64(sp_digit* r, const sp_digit* a, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_4096_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -19138,10 +19245,11 @@ static sp_digit sp_4096_sub_64(sp_digit* r, const sp_digit* a, * * Assumes divisor has highest bit set. * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. */ static sp_digit div_4096_word_64_cond(sp_digit d1, sp_digit d0, sp_digit div) { @@ -19198,11 +19306,12 @@ static sp_digit div_4096_word_64_cond(sp_digit d1, sp_digit d0, sp_digit div) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_div_64_cond(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -19256,10 +19365,11 @@ static WC_INLINE int sp_4096_div_64_cond(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_mod_64_cond(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -19270,10 +19380,11 @@ static WC_INLINE int sp_4096_mod_64_cond(sp_digit* r, const sp_digit* a, const s /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static sp_digit sp_4096_cond_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -19541,10 +19652,11 @@ static sp_digit sp_4096_cond_sub_64(sp_digit* r, const sp_digit* a, const sp_dig * * Assumes divisor has highest bit set. * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. */ static sp_digit div_4096_word_64(sp_digit d1, sp_digit d0, sp_digit div) { @@ -19600,9 +19712,9 @@ static sp_digit div_4096_word_64(sp_digit d1, sp_digit d0, sp_digit div) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_4096_mask_64(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -19630,10 +19742,11 @@ static void sp_4096_mask_64(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_int64 sp_4096_cmp_64(const sp_digit* a, const sp_digit* b) { @@ -20069,11 +20182,12 @@ static sp_int64 sp_4096_cmp_64(const sp_digit* a, const sp_digit* b) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_div_64(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -20111,10 +20225,11 @@ static WC_INLINE int sp_4096_div_64(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_mod_64(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -20126,14 +20241,17 @@ static WC_INLINE int sp_4096_mod_64(sp_digit* r, const sp_digit* a, const sp_dig #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_4096_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -20254,14 +20372,17 @@ static int sp_4096_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_4096_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -20395,15 +20516,19 @@ static int sp_4096_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -20544,10 +20669,11 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_4096_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -20579,20 +20705,24 @@ static sp_digit sp_4096_cond_add_32(sp_digit* r, const sp_digit* a, const sp_dig #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -20731,8 +20861,8 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) { @@ -20799,12 +20929,14 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -20849,6 +20981,12 @@ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_4096 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ static void sp_4096_lshift_64(sp_digit* r, const sp_digit* a, byte n) { word64 n64 = n; @@ -21246,13 +21384,15 @@ static void sp_4096_lshift_64(sp_digit* r, const sp_digit* a, byte n) /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_4096_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -21359,15 +21499,17 @@ static int sp_4096_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -21514,9 +21656,9 @@ static const sp_digit p256_b[4] = { #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_256_mul_4(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -21565,9 +21707,9 @@ static void sp_256_mul_4(sp_digit* r, const sp_digit* a, const sp_digit* b) #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_256_mul_4(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -21673,8 +21815,8 @@ SP_NOINLINE static void sp_256_mul_4(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_256_sqr_4(sp_digit* r, const sp_digit* a) { @@ -21746,9 +21888,9 @@ SP_NOINLINE static void sp_256_sqr_4(sp_digit* r, const sp_digit* a) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_256_add_4(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -21775,9 +21917,9 @@ static sp_digit sp_256_add_4(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_256_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -21804,9 +21946,9 @@ static sp_digit sp_256_sub_4(sp_digit* r, const sp_digit* a, /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). */ static int sp_256_mod_mul_norm_4(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -21883,9 +22025,9 @@ static int sp_256_mod_mul_norm_4(sp_digit* r, const sp_digit* a, const sp_digit* /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -21971,8 +22113,8 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_256. * - * p Point of type sp_point_256 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_256 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_256_point_from_ecc_point_4(sp_point_256* p, const ecc_point* pm) @@ -21988,8 +22130,8 @@ static void sp_256_point_from_ecc_point_4(sp_point_256* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_256_to_mp(const sp_digit* a, mp_int* r) { @@ -22056,10 +22198,11 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_256 to type ecc_point. * - * p Point of type sp_point_256. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_256. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_256_point_to_ecc_point_4(const sp_point_256* p, ecc_point* pm) { @@ -22079,9 +22222,9 @@ static int sp_256_point_to_ecc_point_4(const sp_point_256* p, ecc_point* pm) /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ static void sp_256_cond_copy_4(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -22113,11 +22256,11 @@ static void sp_256_cond_copy_4(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_mul_4(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -22289,10 +22432,10 @@ SP_NOINLINE static void sp_256_mont_mul_4(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_sqr_4(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -22433,11 +22576,11 @@ SP_NOINLINE static void sp_256_mont_sqr_4(sp_digit* r, const sp_digit* a, #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_sqr_n_4(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -22460,9 +22603,9 @@ static const word64 p256_mod_minus_2[4] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P256 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_256_mont_inv_4(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -22528,10 +22671,11 @@ static void sp_256_mont_inv_4(sp_digit* r, const sp_digit* a, sp_digit* td) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_int64 sp_256_cmp_4(const sp_digit* a, const sp_digit* b) { @@ -22606,17 +22750,18 @@ static sp_int64 sp_256_cmp_4(const sp_digit* a, const sp_digit* b) /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_256_norm_4(a) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static sp_digit sp_256_cond_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -22648,9 +22793,10 @@ static sp_digit sp_256_cond_sub_4(sp_digit* r, const sp_digit* a, const sp_digit /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ SP_NOINLINE static void sp_256_mont_reduce_4(sp_digit* a, const sp_digit* m, sp_digit mp) @@ -22735,9 +22881,9 @@ SP_NOINLINE static void sp_256_mont_reduce_4(sp_digit* a, const sp_digit* m, } /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_256_map_4(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -22775,9 +22921,9 @@ static void sp_256_map_4(sp_point_256* r, const sp_point_256* p, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_256_mont_dbl_4(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -22816,9 +22962,9 @@ SP_NOINLINE static void sp_256_mont_dbl_4(sp_digit* r, const sp_digit* a, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_256_mont_tpl_4(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -22871,10 +23017,10 @@ SP_NOINLINE static void sp_256_mont_tpl_4(sp_digit* r, const sp_digit* a, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_256_mont_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -22914,9 +23060,9 @@ SP_NOINLINE static void sp_256_mont_sub_4(sp_digit* r, const sp_digit* a, /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_256_mont_div2_4(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -22946,10 +23092,10 @@ SP_NOINLINE static void sp_256_mont_div2_4(sp_digit* r, const sp_digit* a, /* Double number and subtract (r = (a - 2.b) % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_256_mont_rsb_sub_dbl_4(sp_digit* r, const sp_digit* a, sp_digit* b, const sp_digit* m) @@ -23022,11 +23168,11 @@ SP_NOINLINE static void sp_256_mont_rsb_sub_dbl_4(sp_digit* r, /* Subtract two Montgomery form numbers (r = a - b % m). * - * ra Result of addition. - * rs Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] ra Result of addition. + * @param [out] rs Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_256_mont_add_sub_4(sp_digit* ra, sp_digit* rs, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -23087,9 +23233,9 @@ SP_NOINLINE static void sp_256_mont_add_sub_4(sp_digit* ra, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_4(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -23153,9 +23299,13 @@ typedef struct sp_256_proj_point_dbl_4_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -23279,10 +23429,9 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, #endif /* WOLFSSL_SP_NONBLOCK */ /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i, sp_digit* t) @@ -23367,9 +23516,10 @@ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_256_cmp_equal_4(const sp_digit* a, const sp_digit* b) { @@ -23380,8 +23530,9 @@ static int sp_256_cmp_equal_4(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_256_iszero_4(const sp_digit* a) { @@ -23391,10 +23542,10 @@ static int sp_256_iszero_4(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_4(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -23535,10 +23686,14 @@ typedef struct sp_256_proj_point_add_4_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -23763,10 +23918,11 @@ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_n_store_4(sp_point_256* r, const sp_point_256* p, int n, int m, sp_digit* t) @@ -23833,11 +23989,11 @@ static void sp_256_proj_point_dbl_n_store_4(sp_point_256* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_sub_4(sp_point_256* ra, sp_point_256* rs, const sp_point_256* p, const sp_point_256* q, @@ -23937,8 +24093,8 @@ static const word8 recode_neg_4_6[66] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_256_ecc_recode_6_4(const sp_digit* k, ecc_recode_256* v) { @@ -23982,9 +24138,9 @@ static void sp_256_ecc_recode_6_4(const sp_digit* k, ecc_recode_256* v) #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ SP_NOINLINE static void sp_256_get_point_33_4(sp_point_256* r, const sp_point_256* table, int idx) @@ -24058,13 +24214,15 @@ SP_NOINLINE static void sp_256_get_point_33_4(sp_point_256* r, * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_win_add_sub_4(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -24183,10 +24341,10 @@ typedef struct sp_table_entry_256 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_qz1_4(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -24307,8 +24465,8 @@ static void sp_256_proj_point_add_qz1_4(sp_point_256* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_256_proj_to_affine_4(sp_point_256* a, sp_digit* t) { @@ -24332,10 +24490,10 @@ static void sp_256_proj_to_affine_4(sp_point_256* a, sp_digit* t) * 64 entries * 42 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_256_gen_stripe_table_4(const sp_point_256* a, sp_table_entry_256* table, sp_digit* tmp, void* heap) @@ -24408,9 +24566,9 @@ static int sp_256_gen_stripe_table_4(const sp_point_256* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ SP_NOINLINE static void sp_256_get_entry_64_4(sp_point_256* r, const sp_table_entry_256* table, int idx) @@ -24468,13 +24626,16 @@ SP_NOINLINE static void sp_256_get_entry_64_4(sp_point_256* r, * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g, const sp_table_entry_256* table, const sp_digit* k, int map, @@ -24592,8 +24753,8 @@ static THREAD_LS_T int sp_cache_256_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) { @@ -24656,13 +24817,15 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -24744,10 +24907,10 @@ static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, * 256 entries * 32 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_256_gen_stripe_table_4(const sp_point_256* a, sp_table_entry_256* table, sp_digit* tmp, void* heap) @@ -24820,9 +24983,9 @@ static int sp_256_gen_stripe_table_4(const sp_point_256* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ SP_NOINLINE static void sp_256_get_entry_256_4(sp_point_256* r, const sp_table_entry_256* table, int idx) @@ -24880,13 +25043,16 @@ SP_NOINLINE static void sp_256_get_entry_256_4(sp_point_256* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g, const sp_table_entry_256* table, const sp_digit* k, int map, @@ -25004,8 +25170,8 @@ static THREAD_LS_T int sp_cache_256_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) { @@ -25068,13 +25234,15 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -25150,12 +25318,14 @@ static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -25185,14 +25355,16 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -25576,12 +25748,14 @@ static const sp_table_entry_256 p256_table[64] = { * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_4(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -26884,12 +27058,14 @@ static const sp_table_entry_256 p256_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_4(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -26929,8 +27105,8 @@ static const word8 recode_neg_4_7[130] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_256_ecc_recode_7_4(const sp_digit* k, ecc_recode_256* v) { @@ -26974,9 +27150,9 @@ static void sp_256_ecc_recode_7_4(const sp_digit* k, ecc_recode_256* v) #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ SP_NOINLINE static void sp_256_get_entry_65_4(sp_point_256* r, const sp_table_entry_256* table, int idx) @@ -38987,14 +39163,16 @@ static const sp_table_entry_256 p256_table[2405] = { * Width between powers is 7 bits. * Accumulate into the result. * - * r Resulting point. - * g Point to scalar multiply. - * k Scalar to multiply by. - * table Pre-computed table of points. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to scalar multiply. + * @param [in] k Scalar to multiply by. + * @param [in] table Pre-computed table of points. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g, const sp_table_entry_256* table, const sp_digit* k, int map, @@ -39072,12 +39250,14 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g, /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_4(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -39090,11 +39270,13 @@ static int sp_256_ecc_mulmod_base_4(sp_point_256* r, const sp_digit* k, /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -39122,13 +39304,15 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P256 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -39182,7 +39366,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * a A single precision integer. + * @param [in, out] a A single precision integer. */ static void sp_256_add_one_4(sp_digit* a) { @@ -39205,10 +39389,10 @@ static void sp_256_add_one_4(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -39318,10 +39502,12 @@ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_gen_k_4(WC_RNG* rng, sp_digit* k) { @@ -39351,12 +39537,15 @@ static int sp_256_ecc_gen_k_4(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -39428,6 +39617,23 @@ typedef struct sp_ecc_key_gen_256_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_256_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -39498,8 +39704,8 @@ int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 32 * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ static void sp_256_to_bin_4(sp_digit* r, byte* a) { @@ -39523,14 +39729,16 @@ static void sp_256_to_bin_4(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -39571,6 +39779,25 @@ typedef struct sp_ecc_sec_gen_256_ctx { sp_point_256 point; } sp_ecc_sec_gen_256_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -39619,8 +39846,8 @@ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ static sp_digit sp_256_sub_in_place_4(sp_digit* a, const sp_digit* b) { @@ -39646,9 +39873,9 @@ static sp_digit sp_256_sub_in_place_4(sp_digit* a, const sp_digit* b) /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ static void sp_256_mul_d_4(sp_digit* r, const sp_digit* a, sp_digit b) @@ -39687,10 +39914,11 @@ static void sp_256_mul_d_4(sp_digit* r, const sp_digit* a, * * Assumes divisor has highest bit set. * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. */ static sp_digit div_256_word_4(sp_digit d1, sp_digit d0, sp_digit div) { @@ -39746,9 +39974,9 @@ static sp_digit div_256_word_4(sp_digit d1, sp_digit d0, sp_digit div) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_256_mask_4(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -39769,11 +39997,12 @@ static void sp_256_mask_4(sp_digit* r, const sp_digit* a, sp_digit m) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_256_div_4(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -39811,10 +40040,11 @@ static WC_INLINE int sp_256_div_4(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_256_mod_4(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -39825,9 +40055,9 @@ static WC_INLINE int sp_256_mod_4(sp_digit* r, const sp_digit* a, const sp_digit #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P256 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ SP_NOINLINE static void sp_256_mont_mul_order_4(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -40052,8 +40282,8 @@ static const word64 p256_order_minus_2[4] = { /* Square number mod the order of P256 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ SP_NOINLINE static void sp_256_mont_sqr_order_4(sp_digit* r, const sp_digit* a) @@ -40239,8 +40469,9 @@ SP_NOINLINE static void sp_256_mont_sqr_order_4(sp_digit* r, /* Square number mod the order of P256 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ SP_NOINLINE static void sp_256_mont_sqr_n_order_4(sp_digit* r, const sp_digit* a, int n) @@ -40427,19 +40658,24 @@ SP_NOINLINE static void sp_256_mont_sqr_n_order_4(sp_digit* r, } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_256_mont_inv_order_4_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_256_mont_inv_order_4_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P256 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_256_mont_inv_order_4_ctx { - int state; - int i; -} sp_256_mont_inv_order_4_ctx; static int sp_256_mont_inv_order_4_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -40475,6 +40711,13 @@ static int sp_256_mont_inv_order_4_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const s } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P256 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_256_mont_inv_order_4(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -40611,13 +40854,15 @@ static void sp_256_mont_inv_order_4(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_calc_s_4(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -40665,15 +40910,18 @@ static int sp_256_calc_s_4(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 256 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -40781,6 +41029,30 @@ typedef struct sp_ecc_sign_256_ctx { int i; } sp_ecc_sign_256_ctx; +/* Sign the hash using the private key. + * e = [hash, 256 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 256 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -40930,9 +41202,10 @@ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W #ifndef WOLFSSL_SP_SMALL /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ static int sp_256_mod_inv_4(sp_digit* r, const sp_digit* a, @@ -41196,9 +41469,9 @@ static int sp_256_mod_inv_4(sp_digit* r, const sp_digit* a, /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_256_add_points_4(sp_point_256* p1, const sp_point_256* p2, sp_digit* tmp) @@ -41222,13 +41495,16 @@ static void sp_256_add_points_4(sp_point_256* p1, const sp_point_256* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_calc_vfy_point_4(sp_point_256* p1, sp_point_256* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -41289,14 +41565,18 @@ static int sp_256_calc_vfy_point_4(sp_point_256* p1, sp_point_256* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 256 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -41392,6 +41672,32 @@ typedef struct sp_ecc_verify_256_ctx { sp_point_256 p2; } sp_ecc_verify_256_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 256) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 256 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -41528,10 +41834,10 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_256_mont_add_4(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -41572,10 +41878,12 @@ SP_NOINLINE static void sp_256_mont_add_4(sp_digit* r, const sp_digit* a, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_256_ecc_is_point_4(const sp_point_256* point, void* heap) @@ -41617,10 +41925,12 @@ static int sp_256_ecc_is_point_4(const sp_point_256* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY) { @@ -41646,13 +41956,17 @@ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -41736,16 +42050,18 @@ int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -41794,13 +42110,15 @@ int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -41840,10 +42158,12 @@ int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -41883,8 +42203,10 @@ int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ) #ifdef HAVE_COMP_KEY /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_256_mont_sqrt_4(sp_digit* y) { @@ -41937,10 +42259,12 @@ static int sp_256_mont_sqrt_4(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym) { @@ -42077,9 +42401,9 @@ static const sp_digit p384_b[6] = { #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_384_mul_6(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -42128,9 +42452,9 @@ static void sp_384_mul_6(sp_digit* r, const sp_digit* a, const sp_digit* b) #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_384_mul_6(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -42373,8 +42697,8 @@ static void sp_384_mul_6(sp_digit* r, const sp_digit* a, const sp_digit* b) #ifdef WOLFSSL_SP_SMALL /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ static void sp_384_sqr_6(sp_digit* r, const sp_digit* a) { @@ -42441,8 +42765,8 @@ static void sp_384_sqr_6(sp_digit* r, const sp_digit* a) * * All registers version. * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ static void sp_384_sqr_6(sp_digit* r, const sp_digit* a) { @@ -42588,9 +42912,9 @@ static void sp_384_sqr_6(sp_digit* r, const sp_digit* a) #endif /* WOLFSSL_SP_SMALL */ /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_384_add_6(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42625,9 +42949,9 @@ static sp_digit sp_384_add_6(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_384_sub_6(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42662,10 +42986,12 @@ static sp_digit sp_384_sub_6(sp_digit* r, const sp_digit* a, /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_mod_mul_norm_6(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -42761,9 +43087,9 @@ static int sp_384_mod_mul_norm_6(sp_digit* r, const sp_digit* a, const sp_digit* /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -42849,8 +43175,8 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_384. * - * p Point of type sp_point_384 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_384 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_384_point_from_ecc_point_6(sp_point_384* p, const ecc_point* pm) @@ -42866,8 +43192,8 @@ static void sp_384_point_from_ecc_point_6(sp_point_384* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_384_to_mp(const sp_digit* a, mp_int* r) { @@ -42934,10 +43260,11 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_384 to type ecc_point. * - * p Point of type sp_point_384. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_384. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_384_point_to_ecc_point_6(const sp_point_384* p, ecc_point* pm) { @@ -42957,9 +43284,9 @@ static int sp_384_point_to_ecc_point_6(const sp_point_384* p, ecc_point* pm) /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ static void sp_384_cond_copy_6(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -42999,9 +43326,10 @@ static void sp_384_cond_copy_6(sp_digit* r, const sp_digit* a, sp_digit m) /* Reduce the number back to 384 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ SP_NOINLINE static void sp_384_mont_reduce_6(sp_digit* a, const sp_digit* m, sp_digit mp) @@ -43130,9 +43458,10 @@ SP_NOINLINE static void sp_384_mont_reduce_6(sp_digit* a, const sp_digit* m, /* Reduce the number back to 384 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ SP_NOINLINE static void sp_384_mont_reduce_order_6(sp_digit* a, const sp_digit* m, sp_digit mp) @@ -43230,11 +43559,11 @@ SP_NOINLINE static void sp_384_mont_reduce_order_6(sp_digit* a, const sp_digit* /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_mul_6(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -43245,10 +43574,10 @@ SP_NOINLINE static void sp_384_mont_mul_6(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_6(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -43260,11 +43589,11 @@ SP_NOINLINE static void sp_384_mont_sqr_6(sp_digit* r, const sp_digit* a, #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_n_6(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -43287,9 +43616,9 @@ static const word64 p384_mod_minus_2[6] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P384 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_384_mont_inv_6(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -43371,10 +43700,11 @@ static void sp_384_mont_inv_6(sp_digit* r, const sp_digit* a, sp_digit* td) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_int64 sp_384_cmp_6(const sp_digit* a, const sp_digit* b) { @@ -43461,17 +43791,18 @@ static sp_int64 sp_384_cmp_6(const sp_digit* a, const sp_digit* b) /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_384_norm_6(a) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static sp_digit sp_384_cond_sub_6(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -43510,9 +43841,9 @@ static sp_digit sp_384_cond_sub_6(sp_digit* r, const sp_digit* a, const sp_digit /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_384_map_6(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -43550,10 +43881,10 @@ static void sp_384_map_6(sp_point_384* r, const sp_point_384* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_384_mont_add_6(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -43566,9 +43897,9 @@ SP_NOINLINE static void sp_384_mont_add_6(sp_digit* r, const sp_digit* a, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_384_mont_dbl_6(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -43581,9 +43912,9 @@ SP_NOINLINE static void sp_384_mont_dbl_6(sp_digit* r, const sp_digit* a, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_384_mont_tpl_6(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -43600,10 +43931,11 @@ SP_NOINLINE static void sp_384_mont_tpl_6(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_384_cond_add_6(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -43636,10 +43968,11 @@ static sp_digit sp_384_cond_add_6(sp_digit* r, const sp_digit* a, const sp_digit /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_384_cond_add_6(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -43679,10 +44012,10 @@ static sp_digit sp_384_cond_add_6(sp_digit* r, const sp_digit* a, const sp_digit /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_384_mont_sub_6(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -43693,6 +44026,12 @@ SP_NOINLINE static void sp_384_mont_sub_6(sp_digit* r, const sp_digit* a, sp_384_cond_add_6(r, r, m, o); } +/* Shift number right one bit. + * Bottom bit is lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + */ static void sp_384_rshift1_6(sp_digit* r, const sp_digit* a) { __asm__ __volatile__ ( @@ -43716,9 +44055,9 @@ static void sp_384_rshift1_6(sp_digit* r, const sp_digit* a) /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_384_mont_div2_6(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -43732,9 +44071,9 @@ SP_NOINLINE static void sp_384_mont_div2_6(sp_digit* r, const sp_digit* a, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_6(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -43803,9 +44142,13 @@ typedef struct sp_384_proj_point_dbl_6_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -43934,10 +44277,9 @@ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, #endif /* WOLFSSL_SP_NONBLOCK */ /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i, sp_digit* t) @@ -44027,9 +44369,10 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_384_cmp_equal_6(const sp_digit* a, const sp_digit* b) { @@ -44040,8 +44383,9 @@ static int sp_384_cmp_equal_6(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_384_iszero_6(const sp_digit* a) { @@ -44051,10 +44395,10 @@ static int sp_384_iszero_6(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_6(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -44154,10 +44498,14 @@ typedef struct sp_384_proj_point_add_6_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -44341,10 +44689,11 @@ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r, const sp_point_384* p, int n, int m, sp_digit* t) @@ -44414,11 +44763,11 @@ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_sub_6(sp_point_384* ra, sp_point_384* rs, const sp_point_384* p, const sp_point_384* q, @@ -44520,8 +44869,8 @@ static const word8 recode_neg_6_6[66] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_384_ecc_recode_6_6(const sp_digit* k, ecc_recode_384* v) { @@ -44565,9 +44914,9 @@ static void sp_384_ecc_recode_6_6(const sp_digit* k, ecc_recode_384* v) #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ SP_NOINLINE static void sp_384_get_point_33_6(sp_point_384* r, const sp_point_384* table, int idx) @@ -44645,13 +44994,15 @@ SP_NOINLINE static void sp_384_get_point_33_6(sp_point_384* r, * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_win_add_sub_6(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -44770,10 +45121,10 @@ typedef struct sp_table_entry_384 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_qz1_6(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -44854,8 +45205,8 @@ static void sp_384_proj_point_add_qz1_6(sp_point_384* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_384_proj_to_affine_6(sp_point_384* a, sp_digit* t) { @@ -44879,10 +45230,10 @@ static void sp_384_proj_to_affine_6(sp_point_384* a, sp_digit* t) * 64 entries * 64 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_384_gen_stripe_table_6(const sp_point_384* a, sp_table_entry_384* table, sp_digit* tmp, void* heap) @@ -44955,9 +45306,9 @@ static int sp_384_gen_stripe_table_6(const sp_point_384* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_entry_64_6(sp_point_384* r, const sp_table_entry_384* table, int idx) @@ -45015,13 +45366,16 @@ static void sp_384_get_entry_64_6(sp_point_384* r, * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_stripe_6(sp_point_384* r, const sp_point_384* g, const sp_table_entry_384* table, const sp_digit* k, int map, @@ -45139,8 +45493,8 @@ static THREAD_LS_T int sp_cache_384_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) { @@ -45203,13 +45557,15 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -45291,10 +45647,10 @@ static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g, * 256 entries * 48 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_384_gen_stripe_table_6(const sp_point_384* a, sp_table_entry_384* table, sp_digit* tmp, void* heap) @@ -45367,9 +45723,9 @@ static int sp_384_gen_stripe_table_6(const sp_point_384* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_entry_256_6(sp_point_384* r, const sp_table_entry_384* table, int idx) @@ -45427,13 +45783,16 @@ static void sp_384_get_entry_256_6(sp_point_384* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_stripe_6(sp_point_384* r, const sp_point_384* g, const sp_table_entry_384* table, const sp_digit* k, int map, @@ -45551,8 +45910,8 @@ static THREAD_LS_T int sp_cache_384_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) { @@ -45615,13 +45974,15 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -45697,12 +46058,14 @@ static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -45732,14 +46095,16 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -46123,12 +46488,14 @@ static const sp_table_entry_384 p384_table[64] = { * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_6(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -47431,12 +47798,14 @@ static const sp_table_entry_384 p384_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_6(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -47476,8 +47845,8 @@ static const word8 recode_neg_6_7[130] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_384_ecc_recode_7_6(const sp_digit* k, ecc_recode_384* v) { @@ -47521,9 +47890,9 @@ static void sp_384_ecc_recode_7_6(const sp_digit* k, ecc_recode_384* v) #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_entry_65_6(sp_point_384* r, const sp_table_entry_384* table, int idx) @@ -65348,14 +65717,16 @@ static const sp_table_entry_384 p384_table[3575] = { * Width between powers is 7 bits. * Accumulate into the result. * - * r Resulting point. - * g Point to scalar multiply. - * k Scalar to multiply by. - * table Pre-computed table of points. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to scalar multiply. + * @param [in] k Scalar to multiply by. + * @param [in] table Pre-computed table of points. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_add_only_6(sp_point_384* r, const sp_point_384* g, const sp_table_entry_384* table, const sp_digit* k, int map, @@ -65433,12 +65804,14 @@ static int sp_384_ecc_mulmod_add_only_6(sp_point_384* r, const sp_point_384* g, /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_6(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -65451,11 +65824,13 @@ static int sp_384_ecc_mulmod_base_6(sp_point_384* r, const sp_digit* k, /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -65483,13 +65858,15 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P384 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -65543,7 +65920,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * a A single precision integer. + * @param [in, out] a A single precision integer. */ static void sp_384_add_one_6(sp_digit* a) { @@ -65570,10 +65947,10 @@ static void sp_384_add_one_6(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -65683,10 +66060,12 @@ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_gen_k_6(WC_RNG* rng, sp_digit* k) { @@ -65716,12 +66095,15 @@ static int sp_384_ecc_gen_k_6(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -65793,6 +66175,23 @@ typedef struct sp_ecc_key_gen_384_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_384_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -65863,8 +66262,8 @@ int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 48 * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ static void sp_384_to_bin_6(sp_digit* r, byte* a) { @@ -65888,14 +66287,16 @@ static void sp_384_to_bin_6(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -65936,6 +66337,25 @@ typedef struct sp_ecc_sec_gen_384_ctx { sp_point_384 point; } sp_ecc_sec_gen_384_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -65984,8 +66404,8 @@ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ static sp_digit sp_384_sub_in_place_6(sp_digit* a, const sp_digit* b) { @@ -66019,9 +66439,9 @@ static sp_digit sp_384_sub_in_place_6(sp_digit* a, const sp_digit* b) /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ static void sp_384_mul_d_6(sp_digit* r, const sp_digit* a, sp_digit b) @@ -66115,10 +66535,11 @@ static void sp_384_mul_d_6(sp_digit* r, const sp_digit* a, * * Assumes divisor has highest bit set. * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. */ static sp_digit div_384_word_6(sp_digit d1, sp_digit d0, sp_digit div) { @@ -66174,9 +66595,9 @@ static sp_digit div_384_word_6(sp_digit d1, sp_digit d0, sp_digit div) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_384_mask_6(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -66199,11 +66620,12 @@ static void sp_384_mask_6(sp_digit* r, const sp_digit* a, sp_digit m) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_384_div_6(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -66241,10 +66663,11 @@ static WC_INLINE int sp_384_div_6(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_384_mod_6(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -66255,9 +66678,9 @@ static WC_INLINE int sp_384_mod_6(sp_digit* r, const sp_digit* a, const sp_digit #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P384 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_384_mont_mul_order_6(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -66281,8 +66704,8 @@ static const word64 p384_order_low[3] = { /* Square number mod the order of P384 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_384_mont_sqr_order_6(sp_digit* r, const sp_digit* a) { @@ -66294,8 +66717,9 @@ static void sp_384_mont_sqr_order_6(sp_digit* r, const sp_digit* a) /* Square number mod the order of P384 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_384_mont_sqr_n_order_6(sp_digit* r, const sp_digit* a, int n) { @@ -66308,19 +66732,24 @@ static void sp_384_mont_sqr_n_order_6(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_384_mont_inv_order_6_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_384_mont_inv_order_6_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P384 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_384_mont_inv_order_6_ctx { - int state; - int i; -} sp_384_mont_inv_order_6_ctx; static int sp_384_mont_inv_order_6_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -66356,6 +66785,13 @@ static int sp_384_mont_inv_order_6_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const s } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P384 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_384_mont_inv_order_6(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -66431,13 +66867,15 @@ static void sp_384_mont_inv_order_6(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_calc_s_6(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -66485,15 +66923,18 @@ static int sp_384_calc_s_6(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 384 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -66601,6 +67042,30 @@ typedef struct sp_ecc_sign_384_ctx { int i; } sp_ecc_sign_384_ctx; +/* Sign the hash using the private key. + * e = [hash, 384 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 384 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -66750,9 +67215,9 @@ int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W #ifndef WOLFSSL_SP_SMALL /* Divide the number by 2 mod the modulus. (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus. + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus. */ static void sp_384_div2_mod_6(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -66798,6 +67263,12 @@ static void sp_384_div2_mod_6(sp_digit* r, const sp_digit* a, ); } +/* Get the number of bits in the value. (Position of the highest set bit + 1.) + * + * @param [in] n Value to count bits in. + * + * @return The number of bits. + */ static int sp_384_num_bits_64_6(sp_digit n) { int64_t r = -1; @@ -66814,6 +67285,12 @@ static int sp_384_num_bits_64_6(sp_digit n) return (int)(r + 1); } +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ static int sp_384_num_bits_6(const sp_digit* a) { int i; @@ -66832,9 +67309,10 @@ static int sp_384_num_bits_6(const sp_digit* a) /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ static int sp_384_mod_inv_6(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -66916,9 +67394,9 @@ static int sp_384_mod_inv_6(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_384_add_points_6(sp_point_384* p1, const sp_point_384* p2, sp_digit* tmp) @@ -66944,13 +67422,16 @@ static void sp_384_add_points_6(sp_point_384* p1, const sp_point_384* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_calc_vfy_point_6(sp_point_384* p1, sp_point_384* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -67011,14 +67492,18 @@ static int sp_384_calc_vfy_point_6(sp_point_384* p1, sp_point_384* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 384 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -67114,6 +67599,32 @@ typedef struct sp_ecc_verify_384_ctx { sp_point_384 p2; } sp_ecc_verify_384_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 384) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 384 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -67250,10 +67761,12 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_384_ecc_is_point_6(const sp_point_384* point, void* heap) @@ -67295,10 +67808,12 @@ static int sp_384_ecc_is_point_6(const sp_point_384* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY) { @@ -67324,13 +67839,17 @@ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -67414,16 +67933,18 @@ int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -67472,13 +67993,15 @@ int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -67518,10 +68041,12 @@ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -67561,8 +68086,10 @@ int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ) #ifdef HAVE_COMP_KEY /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_384_mont_sqrt_6(sp_digit* y) { @@ -67646,10 +68173,12 @@ static int sp_384_mont_sqrt_6(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym) { @@ -67795,9 +68324,9 @@ static const sp_digit p521_b[9] = { #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_521_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -67846,9 +68375,9 @@ static void sp_521_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b) #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_521_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -68371,8 +68900,8 @@ static void sp_521_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b) #ifdef WOLFSSL_SP_SMALL /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ static void sp_521_sqr_9(sp_digit* r, const sp_digit* a) { @@ -68437,8 +68966,8 @@ static void sp_521_sqr_9(sp_digit* r, const sp_digit* a) #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ static void sp_521_sqr_9(sp_digit* r, const sp_digit* a) { @@ -68813,9 +69342,9 @@ static void sp_521_sqr_9(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_521_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -68856,9 +69385,9 @@ static sp_digit sp_521_add_9(sp_digit* r, const sp_digit* a, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_521_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -68901,9 +69430,9 @@ static sp_digit sp_521_add_9(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_521_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -68944,9 +69473,9 @@ static sp_digit sp_521_sub_9(sp_digit* r, const sp_digit* a, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_521_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -68986,6 +69515,12 @@ static sp_digit sp_521_sub_9(sp_digit* r, const sp_digit* a, } #endif /* WOLFSSL_SP_SMALL */ +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ static void sp_521_lshift_9(sp_digit* r, const sp_digit* a, byte n) { word64 n64 = n; @@ -69051,6 +69586,12 @@ static void sp_521_lshift_9(sp_digit* r, const sp_digit* a, byte n) ); } +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ static void sp_521_lshift_18(sp_digit* r, const sp_digit* a, byte n) { word64 n64 = n; @@ -69170,6 +69711,13 @@ static void sp_521_lshift_18(sp_digit* r, const sp_digit* a, byte n) ); } +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ static void sp_521_rshift_9(sp_digit* r, const sp_digit* a, byte n) { sp_uint64 nl = n; @@ -69226,8 +69774,8 @@ static void sp_521_rshift_9(sp_digit* r, const sp_digit* a, byte n) #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_521_sub_in_place_9(sp_digit* a, const sp_digit* b) { @@ -69267,8 +69815,8 @@ static sp_digit sp_521_sub_in_place_9(sp_digit* a, const sp_digit* b) #else /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ static sp_digit sp_521_sub_in_place_9(sp_digit* a, const sp_digit* b) { @@ -69310,10 +69858,11 @@ static sp_digit sp_521_sub_in_place_9(sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static sp_digit sp_521_cond_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -69388,9 +69937,9 @@ static sp_digit sp_521_cond_sub_9(sp_digit* r, const sp_digit* a, const sp_digit /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ static void sp_521_mul_d_9(sp_digit* r, const sp_digit* a, sp_digit b) @@ -69510,10 +70059,11 @@ static void sp_521_mul_d_9(sp_digit* r, const sp_digit* a, * * Assumes divisor has highest bit set. * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. */ static sp_digit div_521_word_9(sp_digit d1, sp_digit d0, sp_digit div) { @@ -69569,9 +70119,9 @@ static sp_digit div_521_word_9(sp_digit d1, sp_digit d0, sp_digit div) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_521_mask_9(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -69596,10 +70146,11 @@ static void sp_521_mask_9(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_int64 sp_521_cmp_9(const sp_digit* a, const sp_digit* b) { @@ -69713,11 +70264,12 @@ static sp_int64 sp_521_cmp_9(const sp_digit* a, const sp_digit* b) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_521_div_9(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -69759,10 +70311,11 @@ static WC_INLINE int sp_521_div_9(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_521_mod_9(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -69771,10 +70324,12 @@ static WC_INLINE int sp_521_mod_9(sp_digit* r, const sp_digit* a, const sp_digit /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_mod_mul_norm_9(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -69785,9 +70340,9 @@ static int sp_521_mod_mul_norm_9(sp_digit* r, const sp_digit* a, /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -69873,8 +70428,8 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_521. * - * p Point of type sp_point_521 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_521 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_521_point_from_ecc_point_9(sp_point_521* p, const ecc_point* pm) @@ -69890,8 +70445,8 @@ static void sp_521_point_from_ecc_point_9(sp_point_521* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_521_to_mp(const sp_digit* a, mp_int* r) { @@ -69958,10 +70513,11 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_521 to type ecc_point. * - * p Point of type sp_point_521. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_521. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_521_point_to_ecc_point_9(const sp_point_521* p, ecc_point* pm) { @@ -69981,9 +70537,9 @@ static int sp_521_point_to_ecc_point_9(const sp_point_521* p, ecc_point* pm) /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ static void sp_521_cond_copy_9(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -70039,11 +70595,11 @@ static void sp_521_cond_copy_9(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -70623,10 +71179,10 @@ SP_NOINLINE static void sp_521_mont_mul_9(sp_digit* r, const sp_digit* a, const /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -71059,11 +71615,11 @@ SP_NOINLINE static void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a, const #ifndef WOLFSSL_SP_SMALL /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_sqr_n_9(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -71087,9 +71643,9 @@ static const word64 p521_mod_minus_2[9] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P521 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_521_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -71167,7 +71723,7 @@ static void sp_521_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td) /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_521_norm_9(a) @@ -71175,9 +71731,10 @@ static void sp_521_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td) /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ SP_NOINLINE static void sp_521_mont_reduce_9(sp_digit* a, const sp_digit* m, sp_digit mp) @@ -71320,9 +71877,9 @@ SP_NOINLINE static void sp_521_mont_reduce_9(sp_digit* a, const sp_digit* m, /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_521_map_9(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -71360,10 +71917,10 @@ static void sp_521_map_9(sp_point_521* r, const sp_point_521* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_521_mont_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -71414,9 +71971,9 @@ SP_NOINLINE static void sp_521_mont_add_9(sp_digit* r, const sp_digit* a, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_521_mont_dbl_9(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -71462,9 +72019,9 @@ SP_NOINLINE static void sp_521_mont_dbl_9(sp_digit* r, const sp_digit* a, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_521_mont_tpl_9(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -71519,10 +72076,10 @@ SP_NOINLINE static void sp_521_mont_tpl_9(sp_digit* r, const sp_digit* a, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -71576,10 +72133,11 @@ SP_NOINLINE static void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_521_cond_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -71612,10 +72170,11 @@ static sp_digit sp_521_cond_add_9(sp_digit* r, const sp_digit* a, const sp_digit /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_521_cond_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -71665,6 +72224,12 @@ static sp_digit sp_521_cond_add_9(sp_digit* r, const sp_digit* a, const sp_digit } #endif /* !WOLFSSL_SP_SMALL */ +/* Shift number right one bit. + * Bottom bit is lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + */ static void sp_521_rshift1_9(sp_digit* r, const sp_digit* a) { __asm__ __volatile__ ( @@ -71702,9 +72267,9 @@ static void sp_521_rshift1_9(sp_digit* r, const sp_digit* a) /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_521_mont_div2_9(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -71718,9 +72283,9 @@ SP_NOINLINE static void sp_521_mont_div2_9(sp_digit* r, const sp_digit* a, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -71789,9 +72354,13 @@ typedef struct sp_521_proj_point_dbl_9_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -71920,10 +72489,9 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, #endif /* WOLFSSL_SP_NONBLOCK */ /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i, sp_digit* t) @@ -72013,9 +72581,10 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_521_cmp_equal_9(const sp_digit* a, const sp_digit* b) { @@ -72027,8 +72596,9 @@ static int sp_521_cmp_equal_9(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_521_iszero_9(const sp_digit* a) { @@ -72039,10 +72609,10 @@ static int sp_521_iszero_9(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_9(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -72142,10 +72712,14 @@ typedef struct sp_521_proj_point_add_9_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -72329,10 +72903,11 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r, const sp_point_521* p, int n, int m, sp_digit* t) @@ -72402,11 +72977,11 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_sub_9(sp_point_521* ra, sp_point_521* rs, const sp_point_521* p, const sp_point_521* q, @@ -72508,8 +73083,8 @@ static const word8 recode_neg_9_6[66] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v) { @@ -72553,9 +73128,9 @@ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v) #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ SP_NOINLINE static void sp_521_get_point_33_9(sp_point_521* r, const sp_point_521* table, int idx) @@ -72660,13 +73235,15 @@ SP_NOINLINE static void sp_521_get_point_33_9(sp_point_521* r, * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -72785,10 +73362,10 @@ typedef struct sp_table_entry_521 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_qz1_9(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -72869,8 +73446,8 @@ static void sp_521_proj_point_add_qz1_9(sp_point_521* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_521_proj_to_affine_9(sp_point_521* a, sp_digit* t) { @@ -72894,10 +73471,10 @@ static void sp_521_proj_to_affine_9(sp_point_521* a, sp_digit* t) * 64 entries * 86 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_521_gen_stripe_table_9(const sp_point_521* a, sp_table_entry_521* table, sp_digit* tmp, void* heap) @@ -72970,9 +73547,9 @@ static int sp_521_gen_stripe_table_9(const sp_point_521* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_entry_64_9(sp_point_521* r, const sp_table_entry_521* table, int idx) @@ -73048,13 +73625,16 @@ static void sp_521_get_entry_64_9(sp_point_521* r, * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_stripe_9(sp_point_521* r, const sp_point_521* g, const sp_table_entry_521* table, const sp_digit* k, int map, @@ -73172,8 +73752,8 @@ static THREAD_LS_T int sp_cache_521_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) { @@ -73236,13 +73816,15 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -73324,10 +73906,10 @@ static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, * 256 entries * 65 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_521_gen_stripe_table_9(const sp_point_521* a, sp_table_entry_521* table, sp_digit* tmp, void* heap) @@ -73400,9 +73982,9 @@ static int sp_521_gen_stripe_table_9(const sp_point_521* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_entry_256_9(sp_point_521* r, const sp_table_entry_521* table, int idx) @@ -73478,13 +74060,16 @@ static void sp_521_get_entry_256_9(sp_point_521* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_stripe_9(sp_point_521* r, const sp_point_521* g, const sp_table_entry_521* table, const sp_digit* k, int map, @@ -73602,8 +74187,8 @@ static THREAD_LS_T int sp_cache_521_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) { @@ -73666,13 +74251,15 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -73748,12 +74335,14 @@ static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -73783,14 +74372,16 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -74300,12 +74891,14 @@ static const sp_table_entry_521 p521_table[64] = { * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -76118,12 +76711,14 @@ static const sp_table_entry_521 p521_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -76163,8 +76758,8 @@ static const word8 recode_neg_9_7[130] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_521_ecc_recode_7_9(const sp_digit* k, ecc_recode_521* v) { @@ -76208,9 +76803,9 @@ static void sp_521_ecc_recode_7_9(const sp_digit* k, ecc_recode_521* v) #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_entry_65_9(sp_point_521* r, const sp_table_entry_521* table, int idx) @@ -110113,14 +110708,16 @@ static const sp_table_entry_521 p521_table[4875] = { * Width between powers is 7 bits. * Accumulate into the result. * - * r Resulting point. - * g Point to scalar multiply. - * k Scalar to multiply by. - * table Pre-computed table of points. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to scalar multiply. + * @param [in] k Scalar to multiply by. + * @param [in] table Pre-computed table of points. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_add_only_9(sp_point_521* r, const sp_point_521* g, const sp_table_entry_521* table, const sp_digit* k, int map, @@ -110198,12 +110795,14 @@ static int sp_521_ecc_mulmod_add_only_9(sp_point_521* r, const sp_point_521* g, /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -110216,11 +110815,13 @@ static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k, /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -110248,13 +110849,15 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P521 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -110308,7 +110911,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * a A single precision integer. + * @param [in, out] a A single precision integer. */ static void sp_521_add_one_9(sp_digit* a) { @@ -110343,10 +110946,10 @@ static void sp_521_add_one_9(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -110456,10 +111059,12 @@ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_gen_k_9(WC_RNG* rng, sp_digit* k) { @@ -110490,12 +111095,15 @@ static int sp_521_ecc_gen_k_9(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -110567,6 +111175,23 @@ typedef struct sp_ecc_key_gen_521_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_521_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -110637,8 +111262,8 @@ int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 66 * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ static void sp_521_to_bin_9(sp_digit* r, byte* a) { @@ -110664,14 +111289,16 @@ static void sp_521_to_bin_9(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_521(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -110712,6 +111339,25 @@ typedef struct sp_ecc_sec_gen_521_ctx { sp_point_521 point; } sp_ecc_sec_gen_521_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -110760,9 +111406,9 @@ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P521 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_521_mont_mul_order_9(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -110788,8 +111434,8 @@ static const word64 p521_order_low[5] = { /* Square number mod the order of P521 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_521_mont_sqr_order_9(sp_digit* r, const sp_digit* a) { @@ -110801,8 +111447,9 @@ static void sp_521_mont_sqr_order_9(sp_digit* r, const sp_digit* a) /* Square number mod the order of P521 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_521_mont_sqr_n_order_9(sp_digit* r, const sp_digit* a, int n) { @@ -110815,19 +111462,24 @@ static void sp_521_mont_sqr_n_order_9(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_521_mont_inv_order_9_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_521_mont_inv_order_9_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P521 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_521_mont_inv_order_9_ctx { - int state; - int i; -} sp_521_mont_inv_order_9_ctx; static int sp_521_mont_inv_order_9_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -110863,6 +111515,13 @@ static int sp_521_mont_inv_order_9_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const s } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P521 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_521_mont_inv_order_9(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -110951,13 +111610,15 @@ static void sp_521_mont_inv_order_9(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_calc_s_9(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -111005,15 +111666,18 @@ static int sp_521_calc_s_9(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 521 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_521(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -111126,6 +111790,30 @@ typedef struct sp_ecc_sign_521_ctx { int i; } sp_ecc_sign_521_ctx; +/* Sign the hash using the private key. + * e = [hash, 521 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 521 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -111278,9 +111966,9 @@ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W #ifndef WOLFSSL_SP_SMALL /* Divide the number by 2 mod the modulus. (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus. + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus. */ static void sp_521_div2_mod_9(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -111341,6 +112029,12 @@ static void sp_521_div2_mod_9(sp_digit* r, const sp_digit* a, ); } +/* Get the number of bits in the value. (Position of the highest set bit + 1.) + * + * @param [in] n Value to count bits in. + * + * @return The number of bits. + */ static int sp_521_num_bits_64_9(sp_digit n) { int64_t r = -1; @@ -111357,6 +112051,12 @@ static int sp_521_num_bits_64_9(sp_digit n) return (int)(r + 1); } +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ static int sp_521_num_bits_9(const sp_digit* a) { int i; @@ -111375,9 +112075,10 @@ static int sp_521_num_bits_9(const sp_digit* a) /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ static int sp_521_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -111459,9 +112160,9 @@ static int sp_521_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_521_add_points_9(sp_point_521* p1, const sp_point_521* p2, sp_digit* tmp) @@ -111490,13 +112191,16 @@ static void sp_521_add_points_9(sp_point_521* p1, const sp_point_521* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_calc_vfy_point_9(sp_point_521* p1, sp_point_521* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -111557,14 +112261,18 @@ static int sp_521_calc_vfy_point_9(sp_point_521* p1, sp_point_521* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 521 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_521(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -111664,6 +112372,32 @@ typedef struct sp_ecc_verify_521_ctx { sp_point_521 p2; } sp_ecc_verify_521_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 521) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 521 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -111803,10 +112537,12 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_521_ecc_is_point_9(const sp_point_521* point, void* heap) @@ -111848,10 +112584,12 @@ static int sp_521_ecc_is_point_9(const sp_point_521* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY) { @@ -111877,13 +112615,17 @@ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -111967,16 +112709,18 @@ int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -112025,13 +112769,15 @@ int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -112071,10 +112817,12 @@ int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_521(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -112121,8 +112869,10 @@ static const word64 p521_sqrt_power[9] = { /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_521_mont_sqrt_9(sp_digit* y) { @@ -112153,10 +112903,12 @@ static int sp_521_mont_sqrt_9(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_521(mp_int* xm, int odd, mp_int* ym) { @@ -112223,9 +112975,9 @@ typedef struct sp_point_1024 { #ifndef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_1024_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -112642,8 +113394,8 @@ static void sp_1024_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b) * * All registers version. * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ static void sp_1024_sqr_8(sp_digit* r, const sp_digit* a) { @@ -112883,9 +113635,9 @@ static void sp_1024_sqr_8(sp_digit* r, const sp_digit* a) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_1024_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -112922,9 +113674,9 @@ static sp_digit sp_1024_add_8(sp_digit* r, const sp_digit* a, /* Add digit to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_1024_add_word_8(sp_digit* r, const sp_digit* a, sp_digit b) @@ -112954,8 +113706,8 @@ static void sp_1024_add_word_8(sp_digit* r, const sp_digit* a, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ static sp_digit sp_1024_sub_in_place_16(sp_digit* a, const sp_digit* b) { @@ -113011,9 +113763,9 @@ static sp_digit sp_1024_sub_in_place_16(sp_digit* a, const sp_digit* b) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -113072,10 +113824,11 @@ static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_1024_cond_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -113122,9 +113875,9 @@ static sp_digit sp_1024_cond_add_8(sp_digit* r, const sp_digit* a, const sp_digi /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_1024_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -113157,9 +113910,9 @@ SP_NOINLINE static void sp_1024_mul_16(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_1024_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -113196,8 +113949,8 @@ static sp_digit sp_1024_sub_8(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) { @@ -113232,9 +113985,9 @@ SP_NOINLINE static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static void sp_1024_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -113282,8 +114035,8 @@ static void sp_1024_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) { @@ -113425,8 +114178,8 @@ static const sp_point_1024 p1024_base = { #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_1024_sub_in_place_16(sp_digit* a, const sp_digit* b) { @@ -113461,10 +114214,11 @@ static sp_digit sp_1024_sub_in_place_16(sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static sp_digit sp_1024_cond_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -113563,9 +114317,9 @@ static sp_digit sp_1024_cond_sub_16(sp_digit* r, const sp_digit* a, const sp_dig #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -113600,9 +114354,9 @@ static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ static void sp_1024_mul_d_16(sp_digit* r, const sp_digit* a, sp_digit b) @@ -113780,10 +114534,11 @@ static void sp_1024_mul_d_16(sp_digit* r, const sp_digit* a, * * Assumes divisor has highest bit set. * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. */ static sp_digit div_1024_word_16(sp_digit d1, sp_digit d0, sp_digit div) { @@ -113839,9 +114594,9 @@ static sp_digit div_1024_word_16(sp_digit d1, sp_digit d0, sp_digit div) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_1024_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -113869,10 +114624,11 @@ static void sp_1024_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_int64 sp_1024_cmp_16(const sp_digit* a, const sp_digit* b) { @@ -114020,11 +114776,12 @@ static sp_int64 sp_1024_cmp_16(const sp_digit* a, const sp_digit* b) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_1024_div_16(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -114062,10 +114819,11 @@ static WC_INLINE int sp_1024_div_16(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_1024_mod_16(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -114074,10 +114832,12 @@ static WC_INLINE int sp_1024_mod_16(sp_digit* r, const sp_digit* a, const sp_dig /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_mod_mul_norm_16(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -114090,10 +114850,12 @@ static int sp_1024_mod_mul_norm_16(sp_digit* r, const sp_digit* a, #ifdef WOLFCRYPT_HAVE_SAKKE /* Create a new point. * - * heap [in] Buffer to allocate dynamic memory from. - * sp [in] Data for point - only if not allocating. - * p [out] New point. - * returns MEMORY_E when dynamic memory allocation fails and 0 otherwise. + * @param [in] heap Buffer to allocate dynamic memory from. + * @param [in] sp Data for point - only if not allocating. + * @param [out] p New point. + * + * @return 0 otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_1024_point_new_ex_16(void* heap, sp_point_1024* sp, sp_point_1024** p) @@ -114125,9 +114887,9 @@ static int sp_1024_point_new_ex_16(void* heap, sp_point_1024* sp, #ifdef WOLFCRYPT_HAVE_SAKKE /* Free the point. * - * p [in,out] Point to free. - * clear [in] Indicates whether to zeroize point. - * heap [in] Buffer from which dynamic memory was allocate from. + * @param [in, out] p Point to free. + * @param [in] clear Indicates whether to zeroize point. + * @param [in] heap Buffer from which dynamic memory was allocate from. */ static void sp_1024_point_free_16(sp_point_1024* p, int clear, void* heap) { @@ -114152,9 +114914,9 @@ static void sp_1024_point_free_16(sp_point_1024* p, int clear, void* heap) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -114240,8 +115002,8 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_1024. * - * p Point of type sp_point_1024 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_1024 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_1024_point_from_ecc_point_16(sp_point_1024* p, const ecc_point* pm) @@ -114257,8 +115019,8 @@ static void sp_1024_point_from_ecc_point_16(sp_point_1024* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) { @@ -114325,10 +115087,11 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_1024 to type ecc_point. * - * p Point of type sp_point_1024. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_1024. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_1024_point_to_ecc_point_16(const sp_point_1024* p, ecc_point* pm) { @@ -114348,9 +115111,9 @@ static int sp_1024_point_to_ecc_point_16(const sp_point_1024* p, ecc_point* pm) /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ static void sp_1024_cond_copy_16(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -114435,9 +115198,10 @@ static void sp_1024_cond_copy_16(sp_digit* r, const sp_digit* a, sp_digit m) /* Reduce the number back to 1024 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ SP_NOINLINE static void sp_1024_mont_reduce_16(sp_digit* a, const sp_digit* m, sp_digit mp) @@ -114648,11 +115412,11 @@ SP_NOINLINE static void sp_1024_mont_reduce_16(sp_digit* a, const sp_digit* m, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -114663,10 +115427,10 @@ SP_NOINLINE static void sp_1024_mont_mul_16(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_sqr_16(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -114701,9 +115465,9 @@ static const word8 p1024_mod_minus_2[] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P1024 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_1024_mont_inv_16(sp_digit* r, const sp_digit* a, sp_digit* td) @@ -114738,15 +115502,15 @@ static void sp_1024_mont_inv_16(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_1024_norm_16(a) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_1024_map_16(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -114784,10 +115548,10 @@ static void sp_1024_map_16(sp_point_1024* r, const sp_point_1024* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_1024_mont_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -114886,9 +115650,9 @@ SP_NOINLINE static void sp_1024_mont_add_16(sp_digit* r, const sp_digit* a, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_1024_mont_dbl_16(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -114979,9 +115743,9 @@ SP_NOINLINE static void sp_1024_mont_dbl_16(sp_digit* r, const sp_digit* a, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_1024_mont_tpl_16(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -115141,10 +115905,10 @@ SP_NOINLINE static void sp_1024_mont_tpl_16(sp_digit* r, const sp_digit* a, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_1024_mont_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -115241,10 +116005,11 @@ SP_NOINLINE static void sp_1024_mont_sub_16(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_1024_cond_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -115277,10 +116042,11 @@ static sp_digit sp_1024_cond_add_16(sp_digit* r, const sp_digit* a, const sp_dig /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static sp_digit sp_1024_cond_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -115353,6 +116119,12 @@ static sp_digit sp_1024_cond_add_16(sp_digit* r, const sp_digit* a, const sp_dig } #endif /* !WOLFSSL_SP_SMALL */ +/* Shift number right one bit. + * Bottom bit is lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + */ static void sp_1024_rshift1_16(sp_digit* r, const sp_digit* a) { __asm__ __volatile__ ( @@ -115411,9 +116183,9 @@ static void sp_1024_rshift1_16(sp_digit* r, const sp_digit* a) /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ SP_NOINLINE static void sp_1024_mont_div2_16(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -115427,9 +116199,9 @@ SP_NOINLINE static void sp_1024_mont_div2_16(sp_digit* r, const sp_digit* a, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_16(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -115498,9 +116270,13 @@ typedef struct sp_1024_proj_point_dbl_16_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -115629,10 +116405,9 @@ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, #endif /* WOLFSSL_SP_NONBLOCK */ /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i, sp_digit* t) @@ -115722,9 +116497,10 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_1024_cmp_equal_16(const sp_digit* a, const sp_digit* b) { @@ -115739,8 +116515,9 @@ static int sp_1024_cmp_equal_16(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_1024_iszero_16(const sp_digit* a) { @@ -115751,10 +116528,10 @@ static int sp_1024_iszero_16(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_16(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -115854,10 +116631,14 @@ typedef struct sp_1024_proj_point_add_16_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -116041,10 +116822,11 @@ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r, const sp_point_1024* p, int n, int m, sp_digit* t) @@ -116114,11 +116896,11 @@ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_sub_16(sp_point_1024* ra, sp_point_1024* rs, const sp_point_1024* p, const sp_point_1024* q, @@ -116228,8 +117010,8 @@ static const word8 recode_neg_16_7[130] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_1024_ecc_recode_7_16(const sp_digit* k, ecc_recode_1024* v) { @@ -116280,13 +117062,15 @@ static void sp_1024_ecc_recode_7_16(const sp_digit* k, ecc_recode_1024* v) * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_win_add_sub_16(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -116411,10 +117195,10 @@ typedef struct sp_table_entry_1024 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -116492,8 +117276,8 @@ static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_1024_proj_to_affine_16(sp_point_1024* a, sp_digit* t) { @@ -116517,10 +117301,10 @@ static void sp_1024_proj_to_affine_16(sp_point_1024* a, sp_digit* t) * 256 entries * 128 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_1024_gen_stripe_table_16(const sp_point_1024* a, sp_table_entry_1024* table, sp_digit* tmp, void* heap) @@ -116597,13 +117381,16 @@ static int sp_1024_gen_stripe_table_16(const sp_point_1024* a, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_stripe_16(sp_point_1024* r, const sp_point_1024* g, const sp_table_entry_1024* table, const sp_digit* k, int map, @@ -116705,8 +117492,8 @@ static THREAD_LS_T int sp_cache_1024_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache) { @@ -116769,13 +117556,15 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -116850,12 +117639,14 @@ static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -120217,12 +121008,14 @@ static const sp_table_entry_1024 p1024_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_base_16(sp_point_1024* r, const sp_digit* k, int map, int ct, void* heap) @@ -120234,11 +121027,13 @@ static int sp_1024_ecc_mulmod_base_16(sp_point_1024* r, const sp_digit* k, /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -120266,13 +121061,15 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P1024 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -120323,12 +121120,15 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, #ifndef WOLFSSL_SP_SMALL /* Generate a pre-computation table for the point. * - * gm Point to generate table for. - * table Buffer to hold pre-computed points table. - * len Length of table. - * heap Heap to use for allocation. - * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is - * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise. + * @param [in] gm Point to generate table for. + * @param [out] table Buffer to hold pre-computed points table. + * @param [in, out] len Length of table. + * @param [in] heap Heap to use for allocation. + * + * @return 0 otherwise. + * @return BAD_FUNC_ARG when gm or len is NULL. + * @return LENGTH_ONLY_E when table is NULL and length is returned. + * @return BUFFER_E when length is too small. */ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, void* heap) @@ -120368,12 +121168,15 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, #else /* Generate a pre-computation table for the point. * - * gm Point to generate table for. - * table Buffer to hold pre-computed points table. - * len Length of table. - * heap Heap to use for allocation. - * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is - * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise. + * @param [in] gm Point to generate table for. + * @param [out] table Buffer to hold pre-computed points table. + * @param [in, out] len Length of table. + * @param [in] heap Heap to use for allocation. + * + * @return 0 otherwise. + * @return BAD_FUNC_ARG when gm or len is NULL. + * @return LENGTH_ONLY_E when table is NULL and length is returned. + * @return BUFFER_E when length is too small. */ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, void* heap) @@ -120403,13 +121206,15 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * gm Point to multiply. - * table Pre-computed points. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] table Pre-computed points. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, ecc_point* r, int map, void* heap) @@ -120447,10 +121252,12 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, * r.x = p.x - (p.y * q.y) * r.y = (p.x * q.y) + p.y * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * q [in] A single precision integer - multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] q A single precision integer - multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_qx1_16(sp_digit* px, sp_digit* py, const sp_digit* q, sp_digit* t) @@ -120473,9 +121280,11 @@ static void sp_1024_proj_mul_qx1_16(sp_digit* px, sp_digit* py, * px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2 * py' = 2 * p.x * p.y * - * px [in,out] A single precision integer - X ordinate of number to square. - * py [in,out] A single precision integer - Y ordinate of number to square. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_sqr_16(sp_digit* px, sp_digit* py, sp_digit* t) { @@ -120500,10 +121309,12 @@ static void sp_1024_proj_sqr_16(sp_digit* px, sp_digit* py, sp_digit* t) * Simple square and multiply when expontent bit is one algorithm. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -122140,11 +122951,13 @@ static const sp_digit sp_1024_g_table[256][16] = { * Total of 256 points in table. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -122239,13 +123052,15 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) * p.x' = v0 - v1 * p.y' = (px + py) * (qx + qy) - v0 - v1 * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * qx [in] A single precision integer - X ordinate of number of - * multiplier. - * qy [in] A single precision integer - Y ordinate of number of - * multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] qx A single precision integer - X ordinate of number of + * multiplier. + * @param [in] qy A single precision integer - Y ordinate of number of + * multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_16(sp_digit* px, sp_digit* py, const sp_digit* qx, const sp_digit* qy, sp_digit* t) @@ -122275,8 +123090,8 @@ static void sp_1024_proj_mul_16(sp_digit* px, sp_digit* py, /* * Convert point from projective to affine but keep in Montgomery form. * - * p [in,out] Point to convert. - * t [in] Temporary numbers: 2. + * @param [in, out] p Point to convert. + * @param [in] t Temporary numbers: 2. */ static void sp_1024_mont_map_16(sp_point_1024* p, sp_digit* t) { @@ -122305,11 +123120,11 @@ static void sp_1024_mont_map_16(sp_point_1024* p, sp_digit* t) * p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 * p'.z = 2 * p.y * p.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_16(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -122395,14 +123210,14 @@ static void sp_1024_accumulate_line_dbl_16(sp_digit* vx, sp_digit* vy, * c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 * c'.z = (c.x - p.x * c.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added * to. - * @param [in] p ECC point - point on E(F_p^2) to add. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] qx_px SP that is a constant value across adds. - * @param [in] t SP temporaries (6 used). + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] qx_px SP that is a constant value across adds. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_add_one_16(sp_digit* vx, sp_digit* vy, sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px, @@ -122479,10 +123294,10 @@ static void sp_1024_accumulate_line_add_one_16(sp_digit* vx, sp_digit* vy, * * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q. * - * @param [in] key SAKKE key. - * @param [in] p First point on E(F_p)[q]. - * @param [in] q Second point on E(F_p)[q]. - * @param [in] r Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -122616,14 +123431,14 @@ int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res) * c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 * c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added - * to. - * @param [in,out] p ECC point - point on E(F_p^2) to add. - * @param [in,out] q ECC point - second point on E(F_P^2). - * @param [in,out] t SP temporaries (6 used). - * @param [in,out] neg Indicates to use negative P. + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added to. + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in, out] t SP temporaries (6 used). + * @param [in] neg Indicates to use negative P. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -122737,12 +123552,12 @@ static void sp_1024_accumulate_line_add_n_16(sp_digit* vx, sp_digit* vy, * Finally: * p'.y = py' / 2 * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] n Number of times to double. - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] n Number of times to double. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_n_16(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t) @@ -122857,9 +123672,10 @@ static const signed char sp_1024_order_op[] = { * Subtract if top bit in window is one. * Width of 6 bits. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -123031,13 +123847,14 @@ int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res) * * Small implementation does not use a table - returns 0 length. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. */ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, word32* len) @@ -123064,11 +123881,12 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, * * Small implementation does not use a table - use the normal implementation. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -123087,11 +123905,11 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm, * l = 3 * (p.x^2 - 1) / (2 * p.y) * c = l * p.x - p.y * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to double. - * @param [in] py Y-ordinate of point to double. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to double. + * @param [in] py Y-ordinate of point to double. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_dbl_calc_lc_16(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, sp_digit* t) @@ -123128,13 +123946,13 @@ static void sp_1024_accum_dbl_calc_lc_16(sp_digit* lr, sp_digit* cr, * l = (c.y - p.y) / (c.x - p.x) * c = (p.x * c.y - cx * p.y) / (cx - p.x) * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to add. - * @param [in] py Y-ordinate of point to add. - * @param [in] cx X-ordinate of current point. - * @param [in] cy Y-ordinate of current point. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to add. + * @param [in] py Y-ordinate of point to add. + * @param [in] cx X-ordinate of current point. + * @param [in] cy Y-ordinate of current point. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_add_calc_lc_16(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, const sp_digit* cx, @@ -123178,13 +123996,13 @@ static void sp_1024_accum_add_calc_lc_16(sp_digit* lr, sp_digit* cr, * r.y = q->y * v* = v* * r* * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in] l Gradient to multiply with. - * @param [in] c Constant to add with. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (3 used). - * @param [in] dbl Indicates whether this is for doubling. Otherwise + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in] l Gradient to multiply with. + * @param [in] c Constant to add with. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (3 used). + * @param [in] dbl Indicates whether this is for doubling. Otherwise * adding. */ static void sp_1024_accumulate_line_lc_16(sp_digit* vx, sp_digit* vy, @@ -123240,14 +124058,15 @@ static const signed char sp_1024_order_op_pre[] = { * Subtract if top bit in window is one. * Width of 6 bits. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. - * MEMORY_E when dynamic memory allocation fauls. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. + * @return MEMORY_E when dynamic memory allocation fauls. */ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, word32* len) @@ -123401,11 +124220,12 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, * Pre-generate values in window (1, 3, ...) - only V. * Table contains all gradient l and a constant for each point on the path. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -123586,10 +124406,10 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm, #endif /* WOLFSSL_SP_SMALL */ /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -123699,10 +124519,12 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_1024_ecc_is_point_16(const sp_point_1024* point, void* heap) @@ -123748,10 +124570,12 @@ static int sp_1024_ecc_is_point_16(const sp_point_1024* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY) { @@ -123777,13 +124601,17 @@ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) diff --git a/wolfcrypt/src/sp_armthumb.c b/wolfcrypt/src/sp_armthumb.c index 47bcafd122..078be16087 100644 --- a/wolfcrypt/src/sp_armthumb.c +++ b/wolfcrypt/src/sp_armthumb.c @@ -139,10 +139,10 @@ #ifndef WOLFSSL_SP_NO_2048 /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -186,9 +186,9 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -275,8 +275,8 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 256 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_2048_to_bin_64(sp_digit* r, byte* a) { @@ -294,14 +294,14 @@ static void sp_2048_to_bin_64(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_2048_norm_64(a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_2048_norm_64(a) @@ -309,9 +309,9 @@ static void sp_2048_to_bin_64(sp_digit* r, byte* a) #ifndef WOLFSSL_SP_LARGE_CODE /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -557,9 +557,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_8(sp_digit* r, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -9512,9 +9512,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_8(sp_digit* r, #endif /* !WOLFSSL_SP_LARGE_CODE */ /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -9604,9 +9604,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_8(sp_digit* r, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_word_8( sp_digit* r, const sp_digit* a, sp_digit b) @@ -9693,8 +9693,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_word_8( /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_in_place_16( sp_digit* a, const sp_digit* b) @@ -9859,9 +9859,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_in_place_16( /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -10019,9 +10019,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_16(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_8(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -10045,9 +10045,9 @@ static void sp_2048_mask_8(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -10082,9 +10082,9 @@ SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_word_16( sp_digit* r, const sp_digit* a, sp_digit b) @@ -10235,8 +10235,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_word_16( /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_in_place_32( sp_digit* a, const sp_digit* b) @@ -10545,9 +10545,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_in_place_32( /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -10841,9 +10841,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_32(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -10871,9 +10871,9 @@ static void sp_2048_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -10908,9 +10908,9 @@ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_word_32( sp_digit* r, const sp_digit* a, sp_digit b) @@ -11189,8 +11189,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_word_32( /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_in_place_64( sp_digit* a, const sp_digit* b) @@ -11787,9 +11787,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_in_place_64( /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -12355,9 +12355,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_64(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -12385,9 +12385,9 @@ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -12423,8 +12423,8 @@ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, #ifndef WOLFSSL_SP_LARGE_CODE /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_8(sp_digit* r, const sp_digit* a) @@ -12850,8 +12850,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_8(sp_digit* r, #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_8(sp_digit* r, const sp_digit* a) @@ -19368,9 +19368,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_8(sp_digit* r, #endif /* !WOLFSSL_SP_LARGE_CODE */ /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -19459,8 +19459,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_8(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a) { @@ -19494,9 +19494,9 @@ SP_NOINLINE static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -19653,8 +19653,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_16(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) { @@ -19688,9 +19688,9 @@ SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -19983,8 +19983,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_32(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a) { @@ -20020,9 +20020,9 @@ SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -20102,8 +20102,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_64(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_in_place_64( sp_digit* a, const sp_digit* b) @@ -20182,9 +20182,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_in_place_64( #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -20439,8 +20439,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_64(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_64(sp_digit* r, const sp_digit* a) @@ -20893,9 +20893,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_64(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -20910,9 +20910,9 @@ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -20986,8 +20986,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_add_32(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_in_place_32( sp_digit* a, const sp_digit* b) @@ -21060,9 +21060,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_in_place_32( #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -21307,8 +21307,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_32(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) @@ -21746,8 +21746,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_32(sp_digit* r, /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -21766,9 +21766,9 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_d_64(sp_digit* r, const sp_digit* a, sp_digit b) @@ -21960,8 +21960,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_d_64(sp_digit* r, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m) { @@ -21974,10 +21974,11 @@ static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_cond_sub_32( sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -22038,9 +22039,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_cond_sub_32( #define sp_2048_mont_reduce_order_64 sp_2048_mont_reduce_64 /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( sp_digit* a, const sp_digit* m, sp_digit mp) @@ -23107,11 +23109,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -23122,10 +23124,10 @@ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -23136,9 +23138,9 @@ SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a, /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a, sp_digit b) @@ -23323,10 +23325,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_d_32(sp_digit* r, /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -23940,10 +23943,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_32(sp_digit d1, /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_2048_cmp_32( const sp_digit* a, const sp_digit* b) @@ -24052,11 +24056,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_2048_cmp_32( /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -24094,10 +24099,11 @@ static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -24109,14 +24115,17 @@ static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a, const sp_dig #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -24246,14 +24255,17 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -24405,8 +24417,8 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_64(sp_digit* r, const sp_digit* m) { @@ -24420,10 +24432,11 @@ static void sp_2048_mont_norm_64(sp_digit* r, const sp_digit* m) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_cond_sub_64( sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -24489,9 +24502,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_cond_sub_64( #define sp_2048_mont_reduce_order_64 sp_2048_mont_reduce_64 /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( sp_digit* a, const sp_digit* m, sp_digit mp) @@ -26112,11 +26126,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -26127,10 +26141,10 @@ SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -26142,9 +26156,9 @@ SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -26217,9 +26231,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_64(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -26785,10 +26799,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_sub_64(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -27403,11 +27418,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_64(sp_digit d1, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -27461,10 +27477,11 @@ static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_mod_64_cond(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -27476,9 +27493,9 @@ static WC_INLINE int sp_2048_mod_64_cond(sp_digit* r, const sp_digit* a, const s #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_64(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -27506,10 +27523,11 @@ static void sp_2048_mask_64(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_2048_cmp_64( const sp_digit* a, const sp_digit* b) @@ -27618,11 +27636,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_2048_cmp_64( /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -27660,10 +27679,11 @@ static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_mod_64(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -27677,14 +27697,17 @@ static WC_INLINE int sp_2048_mod_64(sp_digit* r, const sp_digit* a, const sp_dig #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -27805,14 +27828,17 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -27946,15 +27972,19 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -28094,10 +28124,11 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_cond_add_32( sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -28164,20 +28195,24 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_2048_cond_add_32( #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -28316,8 +28351,8 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) { @@ -28384,12 +28419,14 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -28436,9 +28473,15 @@ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef HAVE_FFDHE_2048 /* Lefy shift a by n bits into r. (r = a << n) * - * r A single precision integer. - * a A single precision integer. - * n Integer representing number of bits to shift. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] n Integer representing number of bits to shift. + */ +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. */ WC_OMIT_FRAME_POINTER static void sp_2048_lshift_64(sp_digit* r, const sp_digit* a, byte n) @@ -30029,13 +30072,15 @@ WC_OMIT_FRAME_POINTER static void sp_2048_lshift_64(sp_digit* r, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -30141,15 +30186,17 @@ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -30207,12 +30254,14 @@ int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -30264,10 +30313,10 @@ int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifndef WOLFSSL_SP_NO_3072 /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -30311,9 +30360,9 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -30400,8 +30449,8 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 384 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_3072_to_bin_96(sp_digit* r, byte* a) { @@ -30419,14 +30468,14 @@ static void sp_3072_to_bin_96(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_3072_norm_96(a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_3072_norm_96(a) @@ -30434,9 +30483,9 @@ static void sp_3072_to_bin_96(sp_digit* r, byte* a) #ifndef WOLFSSL_SP_LARGE_CODE /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mul_12(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -30682,9 +30731,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mul_12(sp_digit* r, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mul_12(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -50863,9 +50912,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mul_12(sp_digit* r, #endif /* !WOLFSSL_SP_LARGE_CODE */ /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -50989,9 +51038,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_12(sp_digit* r, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_word_12( sp_digit* r, const sp_digit* a, sp_digit b) @@ -51110,8 +51159,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_word_12( /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_in_place_24( sp_digit* a, const sp_digit* b) @@ -51348,9 +51397,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_in_place_24( /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -51576,9 +51625,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_24(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_12(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -51606,9 +51655,9 @@ static void sp_3072_mask_12(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -51643,9 +51692,9 @@ SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_word_24( sp_digit* r, const sp_digit* a, sp_digit b) @@ -51860,8 +51909,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_word_24( /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_in_place_48( sp_digit* a, const sp_digit* b) @@ -52314,9 +52363,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_in_place_48( /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -52746,9 +52795,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_48(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_24(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -52776,9 +52825,9 @@ static void sp_3072_mask_24(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -52813,9 +52862,9 @@ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_word_48( sp_digit* r, const sp_digit* a, sp_digit b) @@ -53222,8 +53271,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_word_48( /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_in_place_96( sp_digit* a, const sp_digit* b) @@ -54108,9 +54157,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_in_place_96( /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -54948,9 +54997,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_96(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -54978,9 +55027,9 @@ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -55016,8 +55065,8 @@ SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, #ifndef WOLFSSL_SP_LARGE_CODE /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) @@ -55443,8 +55492,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_sqr_12(sp_digit* r, #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) @@ -70217,9 +70266,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_sqr_12(sp_digit* r, #endif /* !WOLFSSL_SP_LARGE_CODE */ /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -70342,8 +70391,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_12(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a) { @@ -70377,9 +70426,9 @@ SP_NOINLINE static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_24(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -70604,8 +70653,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_24(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) { @@ -70639,9 +70688,9 @@ SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -71070,8 +71119,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_48(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a) { @@ -71107,9 +71156,9 @@ SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -71189,8 +71238,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_96(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_in_place_96( sp_digit* a, const sp_digit* b) @@ -71269,9 +71318,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_in_place_96( #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mul_96(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -71536,8 +71585,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mul_96(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_sqr_96(sp_digit* r, const sp_digit* a) @@ -72005,9 +72054,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_sqr_96(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -72022,9 +72071,9 @@ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -72098,8 +72147,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_add_48(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_in_place_48( sp_digit* a, const sp_digit* b) @@ -72172,9 +72221,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_in_place_48( #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -72424,8 +72473,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mul_48(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) @@ -72873,8 +72922,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_sqr_48(sp_digit* r, /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -72893,9 +72942,9 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mul_d_96(sp_digit* r, const sp_digit* a, sp_digit b) @@ -73087,8 +73136,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mul_d_96(sp_digit* r, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m) { @@ -73101,10 +73150,11 @@ static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_cond_sub_48( sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -73165,9 +73215,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_cond_sub_48( #define sp_3072_mont_reduce_order_96 sp_3072_mont_reduce_96 /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( sp_digit* a, const sp_digit* m, sp_digit mp) @@ -74506,11 +74557,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -74521,10 +74572,10 @@ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -74535,9 +74586,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a, /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a, sp_digit b) @@ -74722,10 +74773,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mul_d_48(sp_digit* r, /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -75339,10 +75391,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_48(sp_digit d1, /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_3072_cmp_48( const sp_digit* a, const sp_digit* b) @@ -75451,11 +75504,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_3072_cmp_48( /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -75493,10 +75547,11 @@ static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -75508,14 +75563,17 @@ static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a, const sp_dig #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -75645,14 +75703,17 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -75804,8 +75865,8 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_96(sp_digit* r, const sp_digit* m) { @@ -75819,10 +75880,11 @@ static void sp_3072_mont_norm_96(sp_digit* r, const sp_digit* m) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_cond_sub_96( sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -75888,9 +75950,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_cond_sub_96( #define sp_3072_mont_reduce_order_96 sp_3072_mont_reduce_96 /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( sp_digit* a, const sp_digit* m, sp_digit mp) @@ -78065,11 +78128,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -78080,10 +78143,10 @@ SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -78095,9 +78158,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -78170,9 +78233,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_96(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -79010,10 +79073,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_sub_96(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -79628,11 +79692,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_96(sp_digit d1, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -79686,10 +79751,11 @@ static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_mod_96_cond(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -79701,9 +79767,9 @@ static WC_INLINE int sp_3072_mod_96_cond(sp_digit* r, const sp_digit* a, const s #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_96(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -79731,10 +79797,11 @@ static void sp_3072_mask_96(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_3072_cmp_96( const sp_digit* a, const sp_digit* b) @@ -79848,11 +79915,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_3072_cmp_96( /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -79890,10 +79958,11 @@ static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_mod_96(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -79907,14 +79976,17 @@ static WC_INLINE int sp_3072_mod_96(sp_digit* r, const sp_digit* a, const sp_dig #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -80035,14 +80107,17 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -80176,15 +80251,19 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -80324,10 +80403,11 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_cond_add_48( sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -80394,20 +80474,24 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_3072_cond_add_48( #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -80546,8 +80630,8 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) { @@ -80614,12 +80698,14 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -80666,9 +80752,15 @@ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef HAVE_FFDHE_3072 /* Lefy shift a by n bits into r. (r = a << n) * - * r A single precision integer. - * a A single precision integer. - * n Integer representing number of bits to shift. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] n Integer representing number of bits to shift. + */ +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. */ WC_OMIT_FRAME_POINTER static void sp_3072_lshift_96(sp_digit* r, const sp_digit* a, byte n) @@ -83057,13 +83149,15 @@ WC_OMIT_FRAME_POINTER static void sp_3072_lshift_96(sp_digit* r, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -83169,15 +83263,17 @@ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -83235,12 +83331,14 @@ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -83292,10 +83390,10 @@ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_SP_4096 /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -83339,9 +83437,9 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -83428,8 +83526,8 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 512 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_4096_to_bin_128(sp_digit* r, byte* a) { @@ -83447,23 +83545,23 @@ static void sp_4096_to_bin_128(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_4096_norm_128(a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_4096_norm_128(a) #ifndef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_add_word_64( sp_digit* r, const sp_digit* a, sp_digit b) @@ -83998,8 +84096,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_add_word_64( /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_sub_in_place_128( sp_digit* a, const sp_digit* b) @@ -85172,9 +85270,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_sub_in_place_128( /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -86284,9 +86382,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_add_128(sp_digit* r, /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -86321,8 +86419,8 @@ SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a) { @@ -86358,9 +86456,9 @@ SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -86440,8 +86538,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_add_128(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_sub_in_place_128( sp_digit* a, const sp_digit* b) @@ -86520,9 +86618,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_sub_in_place_128( #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mul_128(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -86787,8 +86885,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mul_128(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_sqr_128(sp_digit* r, const sp_digit* a) @@ -87254,8 +87352,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_sqr_128(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -87274,9 +87372,9 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mul_d_128(sp_digit* r, const sp_digit* a, sp_digit b) @@ -87468,8 +87566,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mul_d_128(sp_digit* r, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 4096 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_4096_mont_norm_128(sp_digit* r, const sp_digit* m) { @@ -87483,10 +87581,11 @@ static void sp_4096_mont_norm_128(sp_digit* r, const sp_digit* m) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_cond_sub_128( sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -87552,9 +87651,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_cond_sub_128( #define sp_4096_mont_reduce_order_128 sp_4096_mont_reduce_128 /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( sp_digit* a, const sp_digit* m, sp_digit mp) @@ -90273,11 +90373,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -90288,10 +90388,10 @@ SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -90303,9 +90403,9 @@ SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -90378,9 +90478,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_sub_128(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -91490,10 +91590,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_sub_128(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -92108,11 +92209,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_4096_word_128(sp_digit d1, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -92166,10 +92268,11 @@ static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_mod_128_cond(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -92181,9 +92284,9 @@ static WC_INLINE int sp_4096_mod_128_cond(sp_digit* r, const sp_digit* a, const #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_4096_mask_128(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -92211,10 +92314,11 @@ static void sp_4096_mask_128(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_4096_cmp_128( const sp_digit* a, const sp_digit* b) @@ -92328,11 +92432,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_4096_cmp_128( /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -92370,10 +92475,11 @@ static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_mod_128(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -92387,14 +92493,17 @@ static WC_INLINE int sp_4096_mod_128(sp_digit* r, const sp_digit* a, const sp_di #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -92515,14 +92624,17 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -92656,15 +92768,19 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -92804,10 +92920,11 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_cond_add_64( sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -92879,20 +92996,24 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_4096_cond_add_64( #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -93031,8 +93152,8 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) { @@ -93099,12 +93220,14 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -93151,9 +93274,15 @@ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef HAVE_FFDHE_4096 /* Lefy shift a by n bits into r. (r = a << n) * - * r A single precision integer. - * a A single precision integer. - * n Integer representing number of bits to shift. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] n Integer representing number of bits to shift. + */ +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. */ WC_OMIT_FRAME_POINTER static void sp_4096_lshift_128(sp_digit* r, const sp_digit* a, byte n) @@ -96330,13 +96459,15 @@ WC_OMIT_FRAME_POINTER static void sp_4096_lshift_128(sp_digit* r, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -96442,15 +96573,17 @@ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -96597,9 +96730,9 @@ static const sp_digit p256_b[8] = { /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -96844,8 +96977,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mul_8(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_sqr_8(sp_digit* r, const sp_digit* a) @@ -97271,9 +97404,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_sqr_8(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -97346,9 +97479,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_256_add_8(sp_digit* r, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -97439,9 +97572,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_256_add_8(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). */ static int sp_256_mod_mul_norm_8(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -97522,9 +97655,9 @@ static int sp_256_mod_mul_norm_8(sp_digit* r, const sp_digit* a, const sp_digit* /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -97610,8 +97743,8 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_256. * - * p Point of type sp_point_256 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_256 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_256_point_from_ecc_point_8(sp_point_256* p, const ecc_point* pm) @@ -97627,8 +97760,8 @@ static void sp_256_point_from_ecc_point_8(sp_point_256* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_256_to_mp(const sp_digit* a, mp_int* r) { @@ -97695,10 +97828,11 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_256 to type ecc_point. * - * p Point of type sp_point_256. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_256. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm) { @@ -97717,9 +97851,10 @@ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm) /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, const sp_digit* m, sp_digit mp) @@ -98040,9 +98175,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( sp_digit* a, const sp_digit* m, sp_digit mp) @@ -98701,11 +98837,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -98716,10 +98852,10 @@ SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -98731,11 +98867,11 @@ SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a, #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_sqr_n_8(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -98758,9 +98894,9 @@ static const word32 p256_mod_minus_2[8] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P256 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -98826,10 +98962,11 @@ static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_256_cmp_8( const sp_digit* a, const sp_digit* b) @@ -98937,17 +99074,18 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_256_cmp_8( /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_256_norm_8(a) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_256_cond_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -99007,9 +99145,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_256_cond_sub_8(sp_digit* r, /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_256_map_8(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -99047,10 +99185,10 @@ static void sp_256_map_8(sp_point_256* r, const sp_point_256* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -99236,9 +99374,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_add_8(sp_digit* r, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_dbl_8(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -99416,9 +99554,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_dbl_8(sp_digit* r, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_tpl_8(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -99752,10 +99890,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_tpl_8(sp_digit* r, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -99934,9 +100072,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sub_8(sp_digit* r, /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_div2_8(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -100209,9 +100347,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_div2_8(sp_digit* r, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -100280,9 +100418,13 @@ typedef struct sp_256_proj_point_dbl_8_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -100412,9 +100554,10 @@ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_256_cmp_equal_8(const sp_digit* a, const sp_digit* b) { @@ -100426,8 +100569,9 @@ static int sp_256_cmp_equal_8(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_256_iszero_8(const sp_digit* a) { @@ -100437,10 +100581,10 @@ static int sp_256_iszero_8(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_8(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -100540,10 +100684,14 @@ typedef struct sp_256_proj_point_add_8_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -100728,9 +100876,9 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_256_get_point_16_8(sp_point_256* r, const sp_point_256* table, int idx) @@ -100800,13 +100948,15 @@ static void sp_256_get_point_16_8(sp_point_256* r, const sp_point_256* table, * 256 doubles. * 76 adds. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -100936,10 +101086,9 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons #ifdef FP_ECC /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i, sp_digit* t) @@ -101029,8 +101178,8 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_256_proj_to_affine_8(sp_point_256* a, sp_digit* t) { @@ -101061,10 +101210,10 @@ typedef struct sp_table_entry_256 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_qz1_8(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -101146,10 +101295,10 @@ static void sp_256_proj_point_add_qz1_8(sp_point_256* r, * 16 entries * 64 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_256_gen_stripe_table_8(const sp_point_256* a, sp_table_entry_256* table, sp_digit* tmp, void* heap) @@ -101221,9 +101370,9 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_256_get_entry_16_8(sp_point_256* r, const sp_table_entry_256* table, int idx) @@ -101278,13 +101427,16 @@ static void sp_256_get_entry_16_8(sp_point_256* r, * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_stripe_8(sp_point_256* r, const sp_point_256* g, const sp_table_entry_256* table, const sp_digit* k, int map, @@ -101401,8 +101553,8 @@ static THREAD_LS_T int sp_cache_256_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) { @@ -101465,13 +101617,15 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -101551,10 +101705,10 @@ static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, * 256 entries * 32 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_256_gen_stripe_table_8(const sp_point_256* a, sp_table_entry_256* table, sp_digit* tmp, void* heap) @@ -101626,9 +101780,9 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_256_get_entry_256_8(sp_point_256* r, const sp_table_entry_256* table, int idx) @@ -101683,13 +101837,16 @@ static void sp_256_get_entry_256_8(sp_point_256* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_stripe_8(sp_point_256* r, const sp_point_256* g, const sp_table_entry_256* table, const sp_digit* k, int map, @@ -101806,8 +101963,8 @@ static THREAD_LS_T int sp_cache_256_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) { @@ -101870,13 +102027,15 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -101952,12 +102111,14 @@ static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -101987,14 +102148,16 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -102137,12 +102300,14 @@ static const sp_table_entry_256 p256_table[16] = { * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_8(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -103445,12 +103610,14 @@ static const sp_table_entry_256 p256_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_8(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -103464,11 +103631,13 @@ static int sp_256_ecc_mulmod_base_8(sp_point_256* r, const sp_digit* k, /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -103496,13 +103665,15 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P256 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -103556,7 +103727,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * a A single precision integer. + * @param [in, out] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_add_one_8(sp_digit* a) { @@ -103643,10 +103814,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_add_one_8(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -103690,10 +103861,12 @@ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_gen_k_8(WC_RNG* rng, sp_digit* k) { @@ -103723,12 +103896,15 @@ static int sp_256_ecc_gen_k_8(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -103800,6 +103976,23 @@ typedef struct sp_ecc_key_gen_256_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_256_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -103870,8 +104063,8 @@ int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 32 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_256_to_bin_8(sp_digit* r, byte* a) { @@ -103889,14 +104082,16 @@ static void sp_256_to_bin_8(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -103937,6 +104132,25 @@ typedef struct sp_ecc_sec_gen_256_ctx { sp_point_256 point; } sp_ecc_sec_gen_256_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -103986,8 +104200,8 @@ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_256_sub_in_place_8( sp_digit* a, const sp_digit* b) @@ -104059,8 +104273,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_256_sub_in_place_8( #else /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_256_sub_in_place_8( sp_digit* a, const sp_digit* b) @@ -104154,9 +104368,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_256_sub_in_place_8( #endif /* WOLFSSL_SP_SMALL */ /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mul_d_8(sp_digit* r, const sp_digit* a, sp_digit b) @@ -104341,10 +104555,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mul_d_8(sp_digit* r, /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -104958,9 +105173,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_256_word_8(sp_digit d1, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_256_mask_8(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -104985,11 +105200,12 @@ static void sp_256_mask_8(sp_digit* r, const sp_digit* a, sp_digit m) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -105027,10 +105243,11 @@ static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -105043,9 +105260,9 @@ static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a, const sp_digit #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P256 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_256_mont_mul_order_8(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -105069,8 +105286,8 @@ static const sp_int_digit p256_order_low[4] = { /* Square number mod the order of P256 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_256_mont_sqr_order_8(sp_digit* r, const sp_digit* a) { @@ -105082,8 +105299,9 @@ static void sp_256_mont_sqr_order_8(sp_digit* r, const sp_digit* a) /* Square number mod the order of P256 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_256_mont_sqr_n_order_8(sp_digit* r, const sp_digit* a, int n) { @@ -105096,19 +105314,24 @@ static void sp_256_mont_sqr_n_order_8(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_256_mont_inv_order_8_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_256_mont_inv_order_8_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P256 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_256_mont_inv_order_8_ctx { - int state; - int i; -} sp_256_mont_inv_order_8_ctx; static int sp_256_mont_inv_order_8_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -105144,6 +105367,13 @@ static int sp_256_mont_inv_order_8_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const s } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P256 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -105252,13 +105482,15 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_calc_s_8(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -105306,15 +105538,18 @@ static int sp_256_calc_s_8(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 256 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -105422,6 +105657,30 @@ typedef struct sp_ecc_sign_256_ctx { int i; } sp_ecc_sign_256_ctx; +/* Sign the hash using the private key. + * e = [hash, 256 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 256 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -105572,9 +105831,9 @@ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -105641,9 +105900,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_256_sub_8(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -105733,8 +105992,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_256_sub_8(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Right shift a by 1 bit into r. (r = a >> 1) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + */ +/* Shift number right one bit. + * Bottom bit is lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. */ WC_OMIT_FRAME_POINTER static void sp_256_rshift1_8(sp_digit* r, const sp_digit* a) @@ -105889,9 +106154,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_rshift1_8(sp_digit* r, /* Divide the number by 2 mod the modulus. (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus. + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus. */ WC_OMIT_FRAME_POINTER static void sp_256_div2_mod_8(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -106160,6 +106425,12 @@ WC_OMIT_FRAME_POINTER static void sp_256_div2_mod_8(sp_digit* r, ); } +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(sp_digit* a) { @@ -106919,9 +107190,10 @@ WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(sp_digit* a) /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ static int sp_256_mod_inv_8(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -107003,9 +107275,9 @@ static int sp_256_mod_inv_8(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_256_add_points_8(sp_point_256* p1, const sp_point_256* p2, sp_digit* tmp) @@ -107033,13 +107305,16 @@ static void sp_256_add_points_8(sp_point_256* p1, const sp_point_256* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_calc_vfy_point_8(sp_point_256* p1, sp_point_256* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -107100,14 +107375,18 @@ static int sp_256_calc_vfy_point_8(sp_point_256* p1, sp_point_256* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 256 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -107203,6 +107482,32 @@ typedef struct sp_ecc_verify_256_ctx { sp_point_256 p2; } sp_ecc_verify_256_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 256) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 256 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -107339,10 +107644,12 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_256_ecc_is_point_8(const sp_point_256* point, void* heap) @@ -107384,10 +107691,12 @@ static int sp_256_ecc_is_point_8(const sp_point_256* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY) { @@ -107413,13 +107722,17 @@ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -107503,16 +107816,18 @@ int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -107561,13 +107876,15 @@ int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -107607,10 +107924,12 @@ int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -107650,8 +107969,10 @@ int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ) #ifdef HAVE_COMP_KEY /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_256_mont_sqrt_8(sp_digit* y) { @@ -107704,10 +108025,12 @@ static int sp_256_mont_sqrt_8(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym) { @@ -107844,9 +108167,9 @@ static const sp_digit p384_b[12] = { /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mul_12(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -108091,8 +108414,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mul_12(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_sqr_12(sp_digit* r, const sp_digit* a) @@ -108518,9 +108841,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_sqr_12(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -108593,9 +108916,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_add_12(sp_digit* r, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -108720,10 +109043,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_add_12(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_mod_mul_norm_12(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -108809,9 +109134,9 @@ static int sp_384_mod_mul_norm_12(sp_digit* r, const sp_digit* a, const sp_digit /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -108897,8 +109222,8 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_384. * - * p Point of type sp_point_384 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_384 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_384_point_from_ecc_point_12(sp_point_384* p, const ecc_point* pm) @@ -108914,8 +109239,8 @@ static void sp_384_point_from_ecc_point_12(sp_point_384* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_384_to_mp(const sp_digit* a, mp_int* r) { @@ -108982,10 +109307,11 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_384 to type ecc_point. * - * p Point of type sp_point_384. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_384. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_384_point_to_ecc_point_12(const sp_point_384* p, ecc_point* pm) { @@ -109005,10 +109331,11 @@ static int sp_384_point_to_ecc_point_12(const sp_point_384* p, ecc_point* pm) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_cond_sub_12( sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -109070,9 +109397,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_cond_sub_12( /* Reduce the number back to 384 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a, const sp_digit* m, sp_digit mp) @@ -109799,11 +110127,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -109814,10 +110142,10 @@ SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -109829,11 +110157,11 @@ SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a, #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_n_12(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -109856,9 +110184,9 @@ static const word32 p384_mod_minus_2[12] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P384 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -109940,10 +110268,11 @@ static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_384_cmp_12( const sp_digit* a, const sp_digit* b) @@ -110051,15 +110380,15 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_384_cmp_12( /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_384_norm_12(a) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_384_map_12(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -110097,10 +110426,10 @@ static void sp_384_map_12(sp_point_384* r, const sp_point_384* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -110114,9 +110443,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_add_12(sp_digit* r, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_dbl_12(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -110130,9 +110459,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_dbl_12(sp_digit* r, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_tpl_12(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -110149,9 +110478,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_tpl_12(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -110218,9 +110547,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_sub_12(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -110345,10 +110674,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_sub_12(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_cond_add_12( sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -110414,10 +110744,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_cond_add_12( /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -110431,8 +110761,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_sub_12(sp_digit* r, /* Right shift a by 1 bit into r. (r = a >> 1) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + */ +/* Shift number right one bit. + * Bottom bit is lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. */ WC_OMIT_FRAME_POINTER static void sp_384_rshift1_12(sp_digit* r, const sp_digit* a) @@ -110663,9 +110999,9 @@ WC_OMIT_FRAME_POINTER static void sp_384_rshift1_12(sp_digit* r, /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_div2_12(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -110680,9 +111016,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_div2_12(sp_digit* r, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -110751,9 +111087,13 @@ typedef struct sp_384_proj_point_dbl_12_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -110883,9 +111223,10 @@ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_384_cmp_equal_12(const sp_digit* a, const sp_digit* b) { @@ -110898,8 +111239,9 @@ static int sp_384_cmp_equal_12(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_384_iszero_12(const sp_digit* a) { @@ -110910,10 +111252,10 @@ static int sp_384_iszero_12(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_12(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -111013,10 +111355,14 @@ typedef struct sp_384_proj_point_add_12_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -111201,9 +111547,9 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_point_16_12(sp_point_384* r, const sp_point_384* table, int idx) @@ -111297,13 +111643,15 @@ static void sp_384_get_point_16_12(sp_point_384* r, const sp_point_384* table, * 384 doubles. * 108 adds. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -111433,10 +111781,9 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con #ifdef FP_ECC /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i, sp_digit* t) @@ -111526,8 +111873,8 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_384_proj_to_affine_12(sp_point_384* a, sp_digit* t) { @@ -111558,10 +111905,10 @@ typedef struct sp_table_entry_384 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_qz1_12(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -111643,10 +111990,10 @@ static void sp_384_proj_point_add_qz1_12(sp_point_384* r, * 16 entries * 96 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_384_gen_stripe_table_12(const sp_point_384* a, sp_table_entry_384* table, sp_digit* tmp, void* heap) @@ -111718,9 +112065,9 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_entry_16_12(sp_point_384* r, const sp_table_entry_384* table, int idx) @@ -111791,13 +112138,16 @@ static void sp_384_get_entry_16_12(sp_point_384* r, * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_stripe_12(sp_point_384* r, const sp_point_384* g, const sp_table_entry_384* table, const sp_digit* k, int map, @@ -111914,8 +112264,8 @@ static THREAD_LS_T int sp_cache_384_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) { @@ -111978,13 +112328,15 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -112064,10 +112416,10 @@ static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, * 256 entries * 48 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_384_gen_stripe_table_12(const sp_point_384* a, sp_table_entry_384* table, sp_digit* tmp, void* heap) @@ -112139,9 +112491,9 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_entry_256_12(sp_point_384* r, const sp_table_entry_384* table, int idx) @@ -112212,13 +112564,16 @@ static void sp_384_get_entry_256_12(sp_point_384* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_stripe_12(sp_point_384* r, const sp_point_384* g, const sp_table_entry_384* table, const sp_digit* k, int map, @@ -112335,8 +112690,8 @@ static THREAD_LS_T int sp_cache_384_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) { @@ -112399,13 +112754,15 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -112481,12 +112838,14 @@ static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -112516,14 +112875,16 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -112666,12 +113027,14 @@ static const sp_table_entry_384 p384_table[16] = { * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_12(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -113974,12 +114337,14 @@ static const sp_table_entry_384 p384_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_12(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -113993,11 +114358,13 @@ static int sp_384_ecc_mulmod_base_12(sp_point_384* r, const sp_digit* k, /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -114025,13 +114392,15 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P384 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -114085,7 +114454,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * a A single precision integer. + * @param [in, out] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_add_one_12(sp_digit* a) { @@ -114208,10 +114577,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_add_one_12(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -114255,10 +114624,12 @@ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_gen_k_12(WC_RNG* rng, sp_digit* k) { @@ -114288,12 +114659,15 @@ static int sp_384_ecc_gen_k_12(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -114365,6 +114739,23 @@ typedef struct sp_ecc_key_gen_384_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_384_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -114435,8 +114826,8 @@ int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 48 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_384_to_bin_12(sp_digit* r, byte* a) { @@ -114454,14 +114845,16 @@ static void sp_384_to_bin_12(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -114502,6 +114895,25 @@ typedef struct sp_ecc_sec_gen_384_ctx { sp_point_384 point; } sp_ecc_sec_gen_384_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -114551,8 +114963,8 @@ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_sub_in_place_12( sp_digit* a, const sp_digit* b) @@ -114624,8 +115036,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_sub_in_place_12( #else /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_sub_in_place_12( sp_digit* a, const sp_digit* b) @@ -114755,9 +115167,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_384_sub_in_place_12( #endif /* WOLFSSL_SP_SMALL */ /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mul_d_12(sp_digit* r, const sp_digit* a, sp_digit b) @@ -114942,10 +115354,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mul_d_12(sp_digit* r, /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -115559,9 +115972,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_384_word_12(sp_digit d1, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_384_mask_12(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -115590,11 +116003,12 @@ static void sp_384_mask_12(sp_digit* r, const sp_digit* a, sp_digit m) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -115632,10 +116046,11 @@ static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -115648,9 +116063,9 @@ static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a, const sp_digi #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P384 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_384_mont_mul_order_12(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -115674,8 +116089,8 @@ static const word32 p384_order_low[6] = { /* Square number mod the order of P384 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_384_mont_sqr_order_12(sp_digit* r, const sp_digit* a) { @@ -115687,8 +116102,9 @@ static void sp_384_mont_sqr_order_12(sp_digit* r, const sp_digit* a) /* Square number mod the order of P384 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_384_mont_sqr_n_order_12(sp_digit* r, const sp_digit* a, int n) { @@ -115701,19 +116117,24 @@ static void sp_384_mont_sqr_n_order_12(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_384_mont_inv_order_12_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_384_mont_inv_order_12_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P384 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_384_mont_inv_order_12_ctx { - int state; - int i; -} sp_384_mont_inv_order_12_ctx; static int sp_384_mont_inv_order_12_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -115749,6 +116170,13 @@ static int sp_384_mont_inv_order_12_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P384 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_384_mont_inv_order_12(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -115824,13 +116252,15 @@ static void sp_384_mont_inv_order_12(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_calc_s_12(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -115878,15 +116308,18 @@ static int sp_384_calc_s_12(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 384 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -115994,6 +116427,30 @@ typedef struct sp_ecc_sign_384_ctx { int i; } sp_ecc_sign_384_ctx; +/* Sign the hash using the private key. + * e = [hash, 384 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 384 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -116143,9 +116600,9 @@ int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W #ifndef WOLFSSL_SP_SMALL /* Divide the number by 2 mod the modulus. (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus. + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus. */ WC_OMIT_FRAME_POINTER static void sp_384_div2_mod_12(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -116548,6 +117005,12 @@ WC_OMIT_FRAME_POINTER static void sp_384_div2_mod_12(sp_digit* r, ); } +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(sp_digit* a) { @@ -117751,9 +118214,10 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(sp_digit* a) /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ static int sp_384_mod_inv_12(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -117835,9 +118299,9 @@ static int sp_384_mod_inv_12(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_384_add_points_12(sp_point_384* p1, const sp_point_384* p2, sp_digit* tmp) @@ -117869,13 +118333,16 @@ static void sp_384_add_points_12(sp_point_384* p1, const sp_point_384* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_calc_vfy_point_12(sp_point_384* p1, sp_point_384* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -117936,14 +118403,18 @@ static int sp_384_calc_vfy_point_12(sp_point_384* p1, sp_point_384* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 384 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -118039,6 +118510,32 @@ typedef struct sp_ecc_verify_384_ctx { sp_point_384 p2; } sp_ecc_verify_384_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 384) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 384 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -118175,10 +118672,12 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_384_ecc_is_point_12(const sp_point_384* point, void* heap) @@ -118220,10 +118719,12 @@ static int sp_384_ecc_is_point_12(const sp_point_384* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY) { @@ -118249,13 +118750,17 @@ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -118339,16 +118844,18 @@ int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -118397,13 +118904,15 @@ int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -118443,10 +118952,12 @@ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -118486,8 +118997,10 @@ int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ) #ifdef HAVE_COMP_KEY /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_384_mont_sqrt_12(sp_digit* y) { @@ -118571,10 +119084,12 @@ static int sp_384_mont_sqrt_12(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym) { @@ -118723,9 +119238,9 @@ static const sp_digit p521_b[17] = { /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mul_17(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -118970,8 +119485,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mul_17(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_sqr_17(sp_digit* r, const sp_digit* a) @@ -119397,9 +119912,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_sqr_17(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -119472,9 +119987,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_add_17(sp_digit* r, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -119643,10 +120158,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_add_17(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_mod_mul_norm_17(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -119661,9 +120178,9 @@ static int sp_521_mod_mul_norm_17(sp_digit* r, const sp_digit* a, const sp_digit /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -119749,8 +120266,8 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_521. * - * p Point of type sp_point_521 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_521 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_521_point_from_ecc_point_17(sp_point_521* p, const ecc_point* pm) @@ -119766,8 +120283,8 @@ static void sp_521_point_from_ecc_point_17(sp_point_521* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_521_to_mp(const sp_digit* a, mp_int* r) { @@ -119834,10 +120351,11 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_521 to type ecc_point. * - * p Point of type sp_point_521. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_521. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_521_point_to_ecc_point_17(const sp_point_521* p, ecc_point* pm) { @@ -119857,10 +120375,11 @@ static int sp_521_point_to_ecc_point_17(const sp_point_521* p, ecc_point* pm) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_cond_sub_17( sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -119920,9 +120439,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_cond_sub_17( /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_17(sp_digit* a, const sp_digit* m, sp_digit mp) @@ -120570,9 +121090,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_17(sp_digit* a, /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( sp_digit* a, const sp_digit* m, sp_digit mp) @@ -121740,11 +122261,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -121755,10 +122276,10 @@ SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -121770,11 +122291,11 @@ SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a, #ifndef WOLFSSL_SP_SMALL /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_sqr_n_17(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -121798,9 +122319,9 @@ static const word32 p521_mod_minus_2[17] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P521 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -121878,10 +122399,11 @@ static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_521_cmp_17( const sp_digit* a, const sp_digit* b) @@ -121989,15 +122511,15 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_521_cmp_17( /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_521_norm_17(a) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_521_map_17(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -122035,10 +122557,10 @@ static void sp_521_map_17(sp_point_521* r, const sp_point_521* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_add_17(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -122370,9 +122892,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_add_17(sp_digit* r, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_dbl_17(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -122687,9 +123209,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_dbl_17(sp_digit* r, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_tpl_17(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -123166,10 +123688,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_tpl_17(sp_digit* r, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -123508,10 +124030,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_sub_17(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_cond_add_17( sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -123577,8 +124100,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_cond_add_17( /* Right shift a by 1 bit into r. (r = a >> 1) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + */ +/* Shift number right one bit. + * Bottom bit is lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. */ WC_OMIT_FRAME_POINTER static void sp_521_rshift1_17(sp_digit* r, const sp_digit* a) @@ -123904,9 +124433,9 @@ WC_OMIT_FRAME_POINTER static void sp_521_rshift1_17(sp_digit* r, /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -123921,9 +124450,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_div2_17(sp_digit* r, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -123992,9 +124521,13 @@ typedef struct sp_521_proj_point_dbl_17_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -124124,9 +124657,10 @@ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_521_cmp_equal_17(const sp_digit* a, const sp_digit* b) { @@ -124141,8 +124675,9 @@ static int sp_521_cmp_equal_17(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_521_iszero_17(const sp_digit* a) { @@ -124154,10 +124689,10 @@ static int sp_521_iszero_17(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_17(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -124257,10 +124792,14 @@ typedef struct sp_521_proj_point_add_17_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -124445,9 +124984,9 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_point_16_17(sp_point_521* r, const sp_point_521* table, int idx) @@ -124571,13 +125110,15 @@ static void sp_521_get_point_16_17(sp_point_521* r, const sp_point_521* table, * 521 doubles. * 143 adds. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -124721,10 +125262,9 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con #ifdef FP_ECC /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i, sp_digit* t) @@ -124814,8 +125354,8 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_521_proj_to_affine_17(sp_point_521* a, sp_digit* t) { @@ -124846,10 +125386,10 @@ typedef struct sp_table_entry_521 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_qz1_17(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -124931,10 +125471,10 @@ static void sp_521_proj_point_add_qz1_17(sp_point_521* r, * 16 entries * 130 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_521_gen_stripe_table_17(const sp_point_521* a, sp_table_entry_521* table, sp_digit* tmp, void* heap) @@ -125006,9 +125546,9 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_entry_16_17(sp_point_521* r, const sp_table_entry_521* table, int idx) @@ -125099,13 +125639,16 @@ static void sp_521_get_entry_16_17(sp_point_521* r, * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_stripe_17(sp_point_521* r, const sp_point_521* g, const sp_table_entry_521* table, const sp_digit* k, int map, @@ -125222,8 +125765,8 @@ static THREAD_LS_T int sp_cache_521_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) { @@ -125286,13 +125829,15 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -125372,10 +125917,10 @@ static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, * 256 entries * 65 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_521_gen_stripe_table_17(const sp_point_521* a, sp_table_entry_521* table, sp_digit* tmp, void* heap) @@ -125447,9 +125992,9 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_entry_256_17(sp_point_521* r, const sp_table_entry_521* table, int idx) @@ -125540,13 +126085,16 @@ static void sp_521_get_entry_256_17(sp_point_521* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_stripe_17(sp_point_521* r, const sp_point_521* g, const sp_table_entry_521* table, const sp_digit* k, int map, @@ -125663,8 +126211,8 @@ static THREAD_LS_T int sp_cache_521_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) { @@ -125727,13 +126275,15 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -125809,12 +126359,14 @@ static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -125844,14 +126396,16 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -126026,12 +126580,14 @@ static const sp_table_entry_521 p521_table[16] = { * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_17(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -127846,12 +128402,14 @@ static const sp_table_entry_521 p521_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_17(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -127865,11 +128423,13 @@ static int sp_521_ecc_mulmod_base_17(sp_point_521* r, const sp_digit* k, /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -127897,13 +128457,15 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P521 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -127957,7 +128519,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * a A single precision integer. + * @param [in, out] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_add_one_17(sp_digit* a) { @@ -128125,10 +128687,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_add_one_17(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -128172,10 +128734,12 @@ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_gen_k_17(WC_RNG* rng, sp_digit* k) { @@ -128206,12 +128770,15 @@ static int sp_521_ecc_gen_k_17(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -128283,6 +128850,23 @@ typedef struct sp_ecc_key_gen_521_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_521_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -128353,8 +128937,8 @@ int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 66 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_521_to_bin_17(sp_digit* r, byte* a) { @@ -128374,14 +128958,16 @@ static void sp_521_to_bin_17(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_521(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -128422,6 +129008,25 @@ typedef struct sp_ecc_sec_gen_521_ctx { sp_point_521 point; } sp_ecc_sec_gen_521_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -128466,9 +129071,16 @@ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Right shift a by n bits into r. (r = a >> n) * - * r A single precision integer. - * a A single precision integer. - * n Integer representing number of bits to shift. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] n Integer representing number of bits to shift. + */ +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. */ WC_OMIT_FRAME_POINTER static void sp_521_rshift_17(sp_digit* r, const sp_digit* a, byte n) @@ -128824,9 +129436,15 @@ WC_OMIT_FRAME_POINTER static void sp_521_rshift_17(sp_digit* r, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Lefy shift a by n bits into r. (r = a << n) * - * r A single precision integer. - * a A single precision integer. - * n Integer representing number of bits to shift. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] n Integer representing number of bits to shift. + */ +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. */ WC_OMIT_FRAME_POINTER static void sp_521_lshift_17(sp_digit* r, const sp_digit* a, byte n) @@ -129249,9 +129867,15 @@ WC_OMIT_FRAME_POINTER static void sp_521_lshift_17(sp_digit* r, /* Lefy shift a by n bits into r. (r = a << n) * - * r A single precision integer. - * a A single precision integer. - * n Integer representing number of bits to shift. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] n Integer representing number of bits to shift. + */ +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. */ WC_OMIT_FRAME_POINTER static void sp_521_lshift_34(sp_digit* r, const sp_digit* a, byte n) @@ -130113,8 +130737,8 @@ WC_OMIT_FRAME_POINTER static void sp_521_lshift_34(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_sub_in_place_17( sp_digit* a, const sp_digit* b) @@ -130186,8 +130810,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_sub_in_place_17( #else /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_sub_in_place_17( sp_digit* a, const sp_digit* b) @@ -130363,9 +130987,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_sub_in_place_17( #endif /* WOLFSSL_SP_SMALL */ /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mul_d_17(sp_digit* r, const sp_digit* a, sp_digit b) @@ -130550,10 +131174,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mul_d_17(sp_digit* r, /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -131167,9 +131792,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_521_word_17(sp_digit d1, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_521_mask_17(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -131199,11 +131824,12 @@ static void sp_521_mask_17(sp_digit* r, const sp_digit* a, sp_digit m) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -131245,10 +131871,11 @@ static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_521_mod_17(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -131261,9 +131888,9 @@ static WC_INLINE int sp_521_mod_17(sp_digit* r, const sp_digit* a, const sp_digi #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P521 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_521_mont_mul_order_17(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -131289,8 +131916,8 @@ static const word32 p521_order_low[9] = { /* Square number mod the order of P521 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_521_mont_sqr_order_17(sp_digit* r, const sp_digit* a) { @@ -131302,8 +131929,9 @@ static void sp_521_mont_sqr_order_17(sp_digit* r, const sp_digit* a) /* Square number mod the order of P521 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_521_mont_sqr_n_order_17(sp_digit* r, const sp_digit* a, int n) { @@ -131316,19 +131944,24 @@ static void sp_521_mont_sqr_n_order_17(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_521_mont_inv_order_17_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_521_mont_inv_order_17_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P521 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_521_mont_inv_order_17_ctx { - int state; - int i; -} sp_521_mont_inv_order_17_ctx; static int sp_521_mont_inv_order_17_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -131364,6 +131997,13 @@ static int sp_521_mont_inv_order_17_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P521 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_521_mont_inv_order_17(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -131452,13 +132092,15 @@ static void sp_521_mont_inv_order_17(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_calc_s_17(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -131506,15 +132148,18 @@ static int sp_521_calc_s_17(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 521 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_521(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -131627,6 +132272,30 @@ typedef struct sp_ecc_sign_521_ctx { int i; } sp_ecc_sign_521_ctx; +/* Sign the hash using the private key. + * e = [hash, 521 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 521 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -131780,9 +132449,9 @@ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -131849,9 +132518,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_sub_17(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -132019,9 +132688,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_521_sub_17(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Divide the number by 2 mod the modulus. (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus. + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus. */ WC_OMIT_FRAME_POINTER static void sp_521_div2_mod_17(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -132579,6 +133248,12 @@ WC_OMIT_FRAME_POINTER static void sp_521_div2_mod_17(sp_digit* r, ); } +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(sp_digit* a) { @@ -134352,9 +135027,10 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(sp_digit* a) /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ static int sp_521_mod_inv_17(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -134436,9 +135112,9 @@ static int sp_521_mod_inv_17(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_521_add_points_17(sp_point_521* p1, const sp_point_521* p2, sp_digit* tmp) @@ -134475,13 +135151,16 @@ static void sp_521_add_points_17(sp_point_521* p1, const sp_point_521* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_calc_vfy_point_17(sp_point_521* p1, sp_point_521* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -134542,14 +135221,18 @@ static int sp_521_calc_vfy_point_17(sp_point_521* p1, sp_point_521* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 521 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_521(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -134649,6 +135332,32 @@ typedef struct sp_ecc_verify_521_ctx { sp_point_521 p2; } sp_ecc_verify_521_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 521) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 521 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -134788,10 +135497,12 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_521_ecc_is_point_17(const sp_point_521* point, void* heap) @@ -134833,10 +135544,12 @@ static int sp_521_ecc_is_point_17(const sp_point_521* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY) { @@ -134862,13 +135575,17 @@ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -134952,16 +135669,18 @@ int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -135010,13 +135729,15 @@ int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -135056,10 +135777,12 @@ int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_521(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -135106,8 +135829,10 @@ static const word32 p521_sqrt_power[17] = { /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_521_mont_sqrt_17(sp_digit* y) { @@ -135138,10 +135863,12 @@ static int sp_521_mont_sqrt_17(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_521(mp_int* xm, int odd, mp_int* ym) { @@ -135209,9 +135936,9 @@ typedef struct sp_point_1024 { #ifndef WOLFSSL_SP_LARGE_CODE /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -135457,9 +136184,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mul_16(sp_digit* r, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -171345,8 +172072,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mul_16(sp_digit* r, #ifndef WOLFSSL_SP_LARGE_CODE /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) @@ -171772,8 +172499,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_sqr_16(sp_digit* r, #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) @@ -198130,9 +198857,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_sqr_16(sp_digit* r, #endif /* !WOLFSSL_SP_LARGE_CODE */ /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -198290,9 +199017,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_add_16(sp_digit* r, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_add_word_16( sp_digit* r, const sp_digit* a, sp_digit b) @@ -198443,8 +199170,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_add_word_16( /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_sub_in_place_32( sp_digit* a, const sp_digit* b) @@ -198753,9 +199480,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_sub_in_place_32( /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -199049,9 +199776,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_add_32(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_1024_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -199079,9 +199806,9 @@ static void sp_1024_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -199116,9 +199843,9 @@ SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -199275,8 +200002,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_sub_16(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a) { @@ -199311,9 +200038,9 @@ SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a) #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -199558,8 +200285,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mul_32(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_sqr_32(sp_digit* r, const sp_digit* a) @@ -200081,8 +200808,8 @@ static const sp_point_1024 p1024_base = { #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_sub_in_place_32( sp_digit* a, const sp_digit* b) @@ -200155,10 +200882,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_sub_in_place_32( /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_cond_sub_32( sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -200219,9 +200947,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_cond_sub_32( #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -200294,9 +201022,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_add_32(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mul_d_32(sp_digit* r, const sp_digit* a, sp_digit b) @@ -200481,10 +201209,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mul_d_32(sp_digit* r, /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -201098,9 +201827,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_1024_word_32(sp_digit d1, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_1024_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -201128,10 +201857,11 @@ static void sp_1024_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_1024_cmp_32( const sp_digit* a, const sp_digit* b) @@ -201240,11 +201970,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_int32 sp_1024_cmp_32( /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -201282,10 +202013,11 @@ static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_1024_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -201296,10 +202028,12 @@ static WC_INLINE int sp_1024_mod_32(sp_digit* r, const sp_digit* a, const sp_dig /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_mod_mul_norm_32(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -201312,10 +202046,12 @@ static int sp_1024_mod_mul_norm_32(sp_digit* r, const sp_digit* a, #ifdef WOLFCRYPT_HAVE_SAKKE /* Create a new point. * - * heap [in] Buffer to allocate dynamic memory from. - * sp [in] Data for point - only if not allocating. - * p [out] New point. - * returns MEMORY_E when dynamic memory allocation fails and 0 otherwise. + * @param [in] heap Buffer to allocate dynamic memory from. + * @param [in] sp Data for point - only if not allocating. + * @param [out] p New point. + * + * @return 0 otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_1024_point_new_ex_32(void* heap, sp_point_1024* sp, sp_point_1024** p) @@ -201347,9 +202083,9 @@ static int sp_1024_point_new_ex_32(void* heap, sp_point_1024* sp, #ifdef WOLFCRYPT_HAVE_SAKKE /* Free the point. * - * p [in,out] Point to free. - * clear [in] Indicates whether to zeroize point. - * heap [in] Buffer from which dynamic memory was allocate from. + * @param [in, out] p Point to free. + * @param [in] clear Indicates whether to zeroize point. + * @param [in] heap Buffer from which dynamic memory was allocate from. */ static void sp_1024_point_free_32(sp_point_1024* p, int clear, void* heap) { @@ -201374,9 +202110,9 @@ static void sp_1024_point_free_32(sp_point_1024* p, int clear, void* heap) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -201462,8 +202198,8 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_1024. * - * p Point of type sp_point_1024 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_1024 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_1024_point_from_ecc_point_32(sp_point_1024* p, const ecc_point* pm) @@ -201479,8 +202215,8 @@ static void sp_1024_point_from_ecc_point_32(sp_point_1024* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) { @@ -201547,10 +202283,11 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_1024 to type ecc_point. * - * p Point of type sp_point_1024. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_1024. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm) { @@ -201570,9 +202307,10 @@ static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm) #define sp_1024_mont_reduce_order_32 sp_1024_mont_reduce_32 /* Reduce the number back to 1024 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( sp_digit* a, const sp_digit* m, sp_digit mp) @@ -202659,11 +203397,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -202674,10 +203412,10 @@ SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_sqr_32(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -202712,9 +203450,9 @@ static const word8 p1024_mod_minus_2[] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P1024 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_1024_mont_inv_32(sp_digit* r, const sp_digit* a, sp_digit* td) @@ -202749,15 +203487,15 @@ static void sp_1024_mont_inv_32(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_1024_norm_32(a) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_1024_map_32(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -202795,10 +203533,10 @@ static void sp_1024_map_32(sp_point_1024* r, const sp_point_1024* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -203706,9 +204444,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_add_32(sp_digit* r, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_dbl_32(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -204584,9 +205322,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_dbl_32(sp_digit* r, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_tpl_32(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -206355,10 +207093,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_tpl_32(sp_digit* r, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -207791,10 +208529,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_sub_32(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_cond_add_32( sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m) @@ -207860,8 +208599,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit sp_1024_cond_add_32( /* Right shift a by 1 bit into r. (r = a >> 1) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + */ +/* Shift number right one bit. + * Bottom bit is lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. */ WC_OMIT_FRAME_POINTER static void sp_1024_rshift1_32(sp_digit* r, const sp_digit* a) @@ -208472,9 +209217,9 @@ WC_OMIT_FRAME_POINTER static void sp_1024_rshift1_32(sp_digit* r, /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_div2_32(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -208489,9 +209234,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_div2_32(sp_digit* r, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -208560,9 +209305,13 @@ typedef struct sp_1024_proj_point_dbl_32_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -208692,9 +209441,10 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_1024_cmp_equal_32(const sp_digit* a, const sp_digit* b) { @@ -208714,8 +209464,9 @@ static int sp_1024_cmp_equal_32(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_1024_iszero_32(const sp_digit* a) { @@ -208728,10 +209479,10 @@ static int sp_1024_iszero_32(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_32(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -208831,10 +209582,14 @@ typedef struct sp_1024_proj_point_add_32_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -209025,13 +209780,15 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, * 1024 doubles. * 268 adds. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -209132,10 +209889,9 @@ static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g, #if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL) /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i, sp_digit* t) @@ -209225,8 +209981,8 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_1024_proj_to_affine_32(sp_point_1024* a, sp_digit* t) { @@ -209257,10 +210013,10 @@ typedef struct sp_table_entry_1024 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -209342,10 +210098,10 @@ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r, * 16 entries * 256 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_1024_gen_stripe_table_32(const sp_point_1024* a, sp_table_entry_1024* table, sp_digit* tmp, void* heap) @@ -209422,13 +210178,16 @@ static int sp_1024_gen_stripe_table_32(const sp_point_1024* a, * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_stripe_32(sp_point_1024* r, const sp_point_1024* g, const sp_table_entry_1024* table, const sp_digit* k, int map, @@ -209530,8 +210289,8 @@ static THREAD_LS_T int sp_cache_1024_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache) { @@ -209594,13 +210353,15 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -209680,10 +210441,10 @@ static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, * 256 entries * 128 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_1024_gen_stripe_table_32(const sp_point_1024* a, sp_table_entry_1024* table, sp_digit* tmp, void* heap) @@ -209760,13 +210521,16 @@ static int sp_1024_gen_stripe_table_32(const sp_point_1024* a, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_stripe_32(sp_point_1024* r, const sp_point_1024* g, const sp_table_entry_1024* table, const sp_digit* k, int map, @@ -209868,8 +210632,8 @@ static THREAD_LS_T int sp_cache_1024_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache) { @@ -209932,13 +210696,15 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -210014,12 +210780,14 @@ static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -210264,12 +211032,14 @@ static const sp_table_entry_1024 p1024_table[16] = { * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_base_32(sp_point_1024* r, const sp_digit* k, int map, int ct, void* heap) @@ -213616,12 +214386,14 @@ static const sp_table_entry_1024 p1024_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_base_32(sp_point_1024* r, const sp_digit* k, int map, int ct, void* heap) @@ -213635,11 +214407,13 @@ static int sp_1024_ecc_mulmod_base_32(sp_point_1024* r, const sp_digit* k, /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -213667,13 +214441,15 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P1024 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -213724,12 +214500,15 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, #ifndef WOLFSSL_SP_SMALL /* Generate a pre-computation table for the point. * - * gm Point to generate table for. - * table Buffer to hold pre-computed points table. - * len Length of table. - * heap Heap to use for allocation. - * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is - * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise. + * @param [in] gm Point to generate table for. + * @param [out] table Buffer to hold pre-computed points table. + * @param [in, out] len Length of table. + * @param [in] heap Heap to use for allocation. + * + * @return 0 otherwise. + * @return BAD_FUNC_ARG when gm or len is NULL. + * @return LENGTH_ONLY_E when table is NULL and length is returned. + * @return BUFFER_E when length is too small. */ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, void* heap) @@ -213769,12 +214548,15 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, #else /* Generate a pre-computation table for the point. * - * gm Point to generate table for. - * table Buffer to hold pre-computed points table. - * len Length of table. - * heap Heap to use for allocation. - * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is - * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise. + * @param [in] gm Point to generate table for. + * @param [out] table Buffer to hold pre-computed points table. + * @param [in, out] len Length of table. + * @param [in] heap Heap to use for allocation. + * + * @return 0 otherwise. + * @return BAD_FUNC_ARG when gm or len is NULL. + * @return LENGTH_ONLY_E when table is NULL and length is returned. + * @return BUFFER_E when length is too small. */ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, void* heap) @@ -213804,13 +214586,15 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * gm Point to multiply. - * table Pre-computed points. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] table Pre-computed points. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, ecc_point* r, int map, void* heap) @@ -213848,10 +214632,12 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, * r.x = p.x - (p.y * q.y) * r.y = (p.x * q.y) + p.y * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * q [in] A single precision integer - multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] q A single precision integer - multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_qx1_32(sp_digit* px, sp_digit* py, const sp_digit* q, sp_digit* t) @@ -213874,9 +214660,11 @@ static void sp_1024_proj_mul_qx1_32(sp_digit* px, sp_digit* py, * px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2 * py' = 2 * p.x * p.y * - * px [in,out] A single precision integer - X ordinate of number to square. - * py [in,out] A single precision integer - Y ordinate of number to square. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_sqr_32(sp_digit* px, sp_digit* py, sp_digit* t) { @@ -213901,10 +214689,12 @@ static void sp_1024_proj_sqr_32(sp_digit* px, sp_digit* py, sp_digit* t) * Simple square and multiply when expontent bit is one algorithm. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -215797,11 +216587,13 @@ static const sp_digit sp_1024_g_table[256][32] = { * Total of 256 points in table. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -215896,13 +216688,15 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) * p.x' = v0 - v1 * p.y' = (px + py) * (qx + qy) - v0 - v1 * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * qx [in] A single precision integer - X ordinate of number of - * multiplier. - * qy [in] A single precision integer - Y ordinate of number of - * multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] qx A single precision integer - X ordinate of number of + * multiplier. + * @param [in] qy A single precision integer - Y ordinate of number of + * multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_32(sp_digit* px, sp_digit* py, const sp_digit* qx, const sp_digit* qy, sp_digit* t) @@ -215932,8 +216726,8 @@ static void sp_1024_proj_mul_32(sp_digit* px, sp_digit* py, /* * Convert point from projective to affine but keep in Montgomery form. * - * p [in,out] Point to convert. - * t [in] Temporary numbers: 2. + * @param [in, out] p Point to convert. + * @param [in] t Temporary numbers: 2. */ static void sp_1024_mont_map_32(sp_point_1024* p, sp_digit* t) { @@ -215962,11 +216756,11 @@ static void sp_1024_mont_map_32(sp_point_1024* p, sp_digit* t) * p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 * p'.z = 2 * p.y * p.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -216052,14 +216846,14 @@ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy, * c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 * c'.z = (c.x - p.x * c.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added * to. - * @param [in] p ECC point - point on E(F_p^2) to add. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] qx_px SP that is a constant value across adds. - * @param [in] t SP temporaries (6 used). + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] qx_px SP that is a constant value across adds. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_add_one_32(sp_digit* vx, sp_digit* vy, sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px, @@ -216136,10 +216930,10 @@ static void sp_1024_accumulate_line_add_one_32(sp_digit* vx, sp_digit* vy, * * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q. * - * @param [in] key SAKKE key. - * @param [in] p First point on E(F_p)[q]. - * @param [in] q Second point on E(F_p)[q]. - * @param [in] r Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -216273,14 +217067,14 @@ int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res) * c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 * c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added - * to. - * @param [in,out] p ECC point - point on E(F_p^2) to add. - * @param [in,out] q ECC point - second point on E(F_P^2). - * @param [in,out] t SP temporaries (6 used). - * @param [in,out] neg Indicates to use negative P. + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added to. + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in, out] t SP temporaries (6 used). + * @param [in] neg Indicates to use negative P. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -216394,12 +217188,12 @@ static void sp_1024_accumulate_line_add_n_32(sp_digit* vx, sp_digit* vy, * Finally: * p'.y = py' / 2 * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] n Number of times to double. - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] n Number of times to double. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t) @@ -216514,9 +217308,10 @@ static const signed char sp_1024_order_op[] = { * Subtract if top bit in window is one. * Width of 6 bits. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -216688,13 +217483,14 @@ int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res) * * Small implementation does not use a table - returns 0 length. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. */ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, word32* len) @@ -216721,11 +217517,12 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, * * Small implementation does not use a table - use the normal implementation. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -216744,11 +217541,11 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm, * l = 3 * (p.x^2 - 1) / (2 * p.y) * c = l * p.x - p.y * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to double. - * @param [in] py Y-ordinate of point to double. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to double. + * @param [in] py Y-ordinate of point to double. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_dbl_calc_lc_32(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, sp_digit* t) @@ -216785,13 +217582,13 @@ static void sp_1024_accum_dbl_calc_lc_32(sp_digit* lr, sp_digit* cr, * l = (c.y - p.y) / (c.x - p.x) * c = (p.x * c.y - cx * p.y) / (cx - p.x) * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to add. - * @param [in] py Y-ordinate of point to add. - * @param [in] cx X-ordinate of current point. - * @param [in] cy Y-ordinate of current point. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to add. + * @param [in] py Y-ordinate of point to add. + * @param [in] cx X-ordinate of current point. + * @param [in] cy Y-ordinate of current point. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_add_calc_lc_32(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, const sp_digit* cx, @@ -216835,13 +217632,13 @@ static void sp_1024_accum_add_calc_lc_32(sp_digit* lr, sp_digit* cr, * r.y = q->y * v* = v* * r* * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in] l Gradient to multiply with. - * @param [in] c Constant to add with. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (3 used). - * @param [in] dbl Indicates whether this is for doubling. Otherwise + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in] l Gradient to multiply with. + * @param [in] c Constant to add with. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (3 used). + * @param [in] dbl Indicates whether this is for doubling. Otherwise * adding. */ static void sp_1024_accumulate_line_lc_32(sp_digit* vx, sp_digit* vy, @@ -216897,14 +217694,15 @@ static const signed char sp_1024_order_op_pre[] = { * Subtract if top bit in window is one. * Width of 6 bits. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. - * MEMORY_E when dynamic memory allocation fauls. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. + * @return MEMORY_E when dynamic memory allocation fauls. */ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, word32* len) @@ -217058,11 +217856,12 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, * Pre-generate values in window (1, 3, ...) - only V. * Table contains all gradient l and a constant for each point on the path. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -217243,10 +218042,10 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm, #endif /* WOLFSSL_SP_SMALL */ /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -217290,10 +218089,12 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_1024_ecc_is_point_32(const sp_point_1024* point, void* heap) @@ -217339,10 +218140,12 @@ static int sp_1024_ecc_is_point_32(const sp_point_1024* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY) { @@ -217368,13 +218171,17 @@ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) diff --git a/wolfcrypt/src/sp_c32.c b/wolfcrypt/src/sp_c32.c index 443c5c2d49..eb87e8ed50 100644 --- a/wolfcrypt/src/sp_c32.c +++ b/wolfcrypt/src/sp_c32.c @@ -126,6 +126,15 @@ #ifndef WOLFSSL_SP_ASM #if SP_WORD_SIZE == 32 #ifdef SP_NO_MUL_INSTRUCTION +/* Multiply two signed numbers. (r = a * b) + * Software replacement for the compiler builtin used when the target has no + * multiply instruction. + * + * @param [in] a First number to multiply. + * @param [in] b Second number to multiply. + * + * @return The product of a and b. + */ sp_uint64 __muldi3(sp_uint64 a, sp_uint64 b); sp_uint64 __muldi3(sp_uint64 a, sp_uint64 b) { @@ -237,10 +246,10 @@ static const size_t addr_mask[2] = { 0, (size_t)-1 }; #ifndef WOLFSSL_SP_NO_2048 /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -272,9 +281,9 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -361,8 +370,8 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 256 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_2048_to_bin_72(sp_digit* r, byte* a) { @@ -405,7 +414,7 @@ static void sp_2048_to_bin_72(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 29 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_2048_norm_36(sp_digit* a) { @@ -436,7 +445,7 @@ static void sp_2048_norm_36(sp_digit* a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 29 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_2048_norm_72(sp_digit* a) { @@ -471,9 +480,9 @@ static void sp_2048_norm_72(sp_digit* a) #ifndef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_12(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -655,9 +664,9 @@ SP_NOINLINE static void sp_2048_mul_12(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -680,9 +689,9 @@ SP_NOINLINE static int sp_2048_add_12(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_sub_24(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -705,9 +714,9 @@ SP_NOINLINE static int sp_2048_sub_24(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_add_24(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -730,7 +739,7 @@ SP_NOINLINE static int sp_2048_add_24(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 29 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_2048_norm_12(sp_digit* a) { @@ -757,7 +766,7 @@ static void sp_2048_norm_12(sp_digit* a) /* Normalize the values in each word to 29 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_2048_norm_24(sp_digit* a) { @@ -791,9 +800,9 @@ static void sp_2048_norm_24(sp_digit* a) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_36(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -851,9 +860,9 @@ SP_NOINLINE static void sp_2048_mul_36(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_add_36(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -880,9 +889,9 @@ SP_NOINLINE static int sp_2048_add_36(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_add_72(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -905,9 +914,9 @@ SP_NOINLINE static int sp_2048_add_72(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_sub_72(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -930,7 +939,7 @@ SP_NOINLINE static int sp_2048_sub_72(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 29 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_2048_norm_144(sp_digit* a) { @@ -964,9 +973,9 @@ static void sp_2048_norm_144(sp_digit* a) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_72(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -991,8 +1000,8 @@ SP_NOINLINE static void sp_2048_mul_72(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_12(sp_digit* r, const sp_digit* a) { @@ -1107,8 +1116,8 @@ SP_NOINLINE static void sp_2048_sqr_12(sp_digit* r, const sp_digit* a) /* Square a into r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_36(sp_digit* r, const sp_digit* a) { @@ -1156,8 +1165,8 @@ SP_NOINLINE static void sp_2048_sqr_36(sp_digit* r, const sp_digit* a) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_72(sp_digit* r, const sp_digit* a) { @@ -1180,9 +1189,9 @@ SP_NOINLINE static void sp_2048_sqr_72(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_add_72(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -1199,9 +1208,9 @@ SP_NOINLINE static int sp_2048_add_72(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_sub_72(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -1219,9 +1228,9 @@ SP_NOINLINE static int sp_2048_sub_72(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_72(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -1274,8 +1283,8 @@ SP_NOINLINE static void sp_2048_mul_72(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_72(sp_digit* r, const sp_digit* a) { @@ -1341,9 +1350,9 @@ SP_NOINLINE static void sp_2048_sqr_72(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_add_36(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -1360,9 +1369,9 @@ SP_NOINLINE static int sp_2048_add_36(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_sub_36(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -1379,9 +1388,9 @@ SP_NOINLINE static int sp_2048_sub_36(sp_digit* r, const sp_digit* a, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_sub_36(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -1410,9 +1419,9 @@ SP_NOINLINE static int sp_2048_sub_36(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_36(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -1465,8 +1474,8 @@ SP_NOINLINE static void sp_2048_mul_36(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_36(sp_digit* r, const sp_digit* a) { @@ -1532,8 +1541,8 @@ SP_NOINLINE static void sp_2048_sqr_36(sp_digit* r, const sp_digit* a) /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -1553,9 +1562,9 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_2048_mul_d_72(sp_digit* r, const sp_digit* a, sp_digit b) @@ -1608,8 +1617,8 @@ SP_NOINLINE static void sp_2048_mul_d_72(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_36(sp_digit* r, const sp_digit* m) { @@ -1648,10 +1657,11 @@ static void sp_2048_mont_norm_36(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_2048_cmp_36(const sp_digit* a, const sp_digit* b) { @@ -1687,10 +1697,11 @@ static sp_digit sp_2048_cmp_36(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_2048_cond_sub_36(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -1723,9 +1734,9 @@ static void sp_2048_cond_sub_36(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_2048_mul_add_36(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -1825,8 +1836,8 @@ SP_NOINLINE static void sp_2048_mul_add_36(sp_digit* r, const sp_digit* a, /* Shift the result in the high 1024 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_2048_mont_shift_36(sp_digit* r, const sp_digit* a) { @@ -1873,9 +1884,10 @@ static void sp_2048_mont_shift_36(sp_digit* r, const sp_digit* a) /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_2048_mont_reduce_36(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -1903,11 +1915,11 @@ static void sp_2048_mont_reduce_36(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_36(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -1918,10 +1930,10 @@ SP_NOINLINE static void sp_2048_mont_mul_36(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_36(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -1932,9 +1944,9 @@ SP_NOINLINE static void sp_2048_mont_sqr_36(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_2048_mul_d_36(sp_digit* r, const sp_digit* a, sp_digit b) @@ -1987,10 +1999,11 @@ SP_NOINLINE static void sp_2048_mul_d_36(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_2048_cond_add_36(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -2007,10 +2020,11 @@ static void sp_2048_cond_add_36(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_2048_cond_add_36(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -2034,6 +2048,13 @@ static void sp_2048_cond_add_36(sp_digit* r, const sp_digit* a, } #endif /* !WOLFSSL_SP_SMALL */ +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_2048_rshift_36(sp_digit* r, const sp_digit* a, byte n) { @@ -2061,6 +2082,14 @@ SP_NOINLINE static void sp_2048_rshift_36(sp_digit* r, const sp_digit* a, r[35] = a[35] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_2048_div_word_36(sp_digit d1, sp_digit d0, sp_digit div) { @@ -2142,6 +2171,13 @@ static WC_INLINE sp_digit sp_2048_div_word_36(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_2048_word_div_word_36(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -2156,11 +2192,13 @@ static WC_INLINE sp_digit sp_2048_word_div_word_36(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_2048_div_36(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -2225,10 +2263,12 @@ static int sp_2048_div_36(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_2048_mod_36(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -2237,17 +2277,20 @@ static int sp_2048_mod_36(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 72); @@ -2540,8 +2583,8 @@ static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_72(sp_digit* r, const sp_digit* m) { @@ -2584,10 +2627,11 @@ static void sp_2048_mont_norm_72(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_2048_cmp_72(const sp_digit* a, const sp_digit* b) { @@ -2619,10 +2663,11 @@ static sp_digit sp_2048_cmp_72(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_2048_cond_sub_72(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -2651,9 +2696,9 @@ static void sp_2048_cond_sub_72(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_2048_mul_add_72(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -2765,8 +2810,8 @@ SP_NOINLINE static void sp_2048_mul_add_72(sp_digit* r, const sp_digit* a, /* Shift the result in the high 2048 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_2048_mont_shift_72(sp_digit* r, const sp_digit* a) { @@ -2816,9 +2861,10 @@ static void sp_2048_mont_shift_72(sp_digit* r, const sp_digit* a) /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_2048_mont_reduce_72(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -2871,11 +2917,11 @@ static void sp_2048_mont_reduce_72(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_72(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -2886,10 +2932,10 @@ SP_NOINLINE static void sp_2048_mont_mul_72(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_72(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -2900,7 +2946,7 @@ SP_NOINLINE static void sp_2048_mont_sqr_72(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 29 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_2048_norm_71(sp_digit* a) { @@ -2933,9 +2979,9 @@ static void sp_2048_norm_71(sp_digit* a) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_2048_mul_d_144(sp_digit* r, const sp_digit* a, sp_digit b) @@ -2988,10 +3034,11 @@ SP_NOINLINE static void sp_2048_mul_d_144(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_2048_cond_add_72(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -3008,10 +3055,11 @@ static void sp_2048_cond_add_72(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_2048_cond_add_72(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -3031,6 +3079,13 @@ static void sp_2048_cond_add_72(sp_digit* r, const sp_digit* a, } #endif /* !WOLFSSL_SP_SMALL */ +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_2048_rshift_72(sp_digit* r, const sp_digit* a, byte n) { @@ -3062,6 +3117,14 @@ SP_NOINLINE static void sp_2048_rshift_72(sp_digit* r, const sp_digit* a, r[71] = a[71] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_2048_div_word_72(sp_digit d1, sp_digit d0, sp_digit div) { @@ -3143,6 +3206,13 @@ static WC_INLINE sp_digit sp_2048_div_word_72(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_2048_word_div_word_72(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -3157,11 +3227,13 @@ static WC_INLINE sp_digit sp_2048_word_div_word_72(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_2048_div_72(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -3226,10 +3298,12 @@ static int sp_2048_div_72(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_2048_mod_72(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -3241,17 +3315,20 @@ static int sp_2048_mod_72(sp_digit* r, const sp_digit* a, const sp_digit* m) defined(WOLFSSL_HAVE_SP_DH) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_2048_mod_exp_72(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_2048_mod_exp_72(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 144); @@ -3541,6 +3618,24 @@ typedef struct sp_2048_mod_exp_72_ctx { int bits; } sp_2048_mod_exp_72_ctx; +/* Modular exponentiate a to the e mod m. (r = a^e mod m) + * + * Non-blocking version. Call repeatedly with the same context until it does + * not return MP_WOULDBLOCK. State is saved and restored through ctx. + * + * @param [in, out] ctx Context saving state for the non-blocking + * operation. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + */ static int sp_2048_mod_exp_72_nb(sp_2048_mod_exp_72_ctx* ctx, sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -3663,15 +3758,19 @@ static int sp_2048_mod_exp_72_nb(sp_2048_mod_exp_72_ctx* ctx, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -3882,18 +3981,23 @@ typedef struct sp_2048_RsaPublic_nb_ctx { * sub-state of the inner modular exponentiation, returning MP_WOULDBLOCK * until the operation completes. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_TO_E when outLen is too small, MP_READ_E on input size errors, - * MP_VAL when the modulus is even, or MP_EXPTMOD_E when the exponent - * is zero. + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_TO_E when outLen is too small. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even. + * @return MP_EXPTMOD_E when the exponent is zero. */ int sp_RsaPublic_2048_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -3973,20 +4077,24 @@ int sp_RsaPublic_2048_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -4277,17 +4385,22 @@ typedef struct sp_2048_RsaPrivate_nb_ctx { * The CRT path is not supported in non-blocking mode; configure with * RSA_LOW_MEM or SP_RSA_PRIVATE_EXP_D to enable this entry point. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_TO_E when outLen is too small, MP_READ_E on input size errors, or - * MP_VAL when the modulus is even. + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_TO_E when outLen is too small. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even. */ int sp_RsaPrivate_2048_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, const mp_int* dm, const mp_int* mm, byte* out, word32* outLen) @@ -4363,8 +4476,8 @@ int sp_RsaPrivate_2048_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) { @@ -4431,12 +4544,14 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -4542,14 +4657,18 @@ typedef struct sp_2048_ModExp_nb_ctx { /* Non-blocking modular exponentiation for Diffie-Hellman (mp_int form). * Drives sp_2048_mod_exp_72_nb one sub-state per call. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_READ_E on input size errors, or MP_VAL when the modulus is even or - * the exponent is zero (the latter rejected inside sp_mod_exp_nb). + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even or the exponent is zero (the latterx + * rejected inside sp_mod_exp_nb). */ int sp_ModExp_2048_nb(sp_dh_ctx_t* sp_ctx, const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -4617,6 +4736,12 @@ int sp_ModExp_2048_nb(sp_dh_ctx_t* sp_ctx, const mp_int* base, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_2048 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_2048_lshift_72(sp_digit* r, const sp_digit* a, byte n) { @@ -4781,15 +4906,18 @@ SP_NOINLINE static void sp_2048_lshift_72(sp_digit* r, const sp_digit* a, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ -static int sp_2048_mod_exp_2_72(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) +static int sp_2048_mod_exp_2_72(sp_digit* r, const sp_digit* e, int bits, + const sp_digit* m) { SP_DECL_VAR(sp_digit, td, 217); sp_digit* norm = NULL; @@ -4886,15 +5014,17 @@ static int sp_2048_mod_exp_2_72(sp_digit* r, const sp_digit* e, int bits, const /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -4975,19 +5105,24 @@ typedef struct sp_2048_DhExp_nb_ctx { * Computes base^exp mod mod where base and exp are byte strings; suitable * for the TLS path where otherPub is already a byte buffer. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * base Base bytes (other party's public key). - * baseSz Length, in bytes, of base (max 256). - * exp Exponent bytes (our private key). - * expLen Length, in bytes, of exp (max 256). - * mod Modulus. MP integer (must remain valid until first call returns). - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_READ_E when baseSz, expLen, or the modulus bit length is out of - * range, or MP_VAL when the modulus is even or expLen is zero (the - * latter rejected inside sp_mod_exp_nb). + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] base Base bytes (other party's public key). + * @param [in] baseSz Length, in bytes, of base (max 256). + * @param [in] exp Exponent bytes (our private key). + * @param [in] expLen Length, in bytes, of exp (max 256). + * @param [in] mod Modulus. MP integer (must remain valid until first + * call returns). + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_READ_E when baseSz, expLen, or the modulus bit length is out of + * range. + * @return MP_VAL when the modulus is even or expLen is zero (the latterx + * rejected inside sp_mod_exp_nb). */ int sp_DhExp_2048_nb(sp_dh_ctx_t* sp_ctx, const byte* base, word32 baseSz, const byte* exp, word32 expLen, const mp_int* mod, byte* out, @@ -5063,12 +5198,14 @@ int sp_DhExp_2048_nb(sp_dh_ctx_t* sp_ctx, const byte* base, word32 baseSz, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -5170,10 +5307,10 @@ int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_SP_SMALL /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -5205,9 +5342,9 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -5294,8 +5431,8 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 384 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_3072_to_bin_106(sp_digit* r, byte* a) { @@ -5338,7 +5475,7 @@ static void sp_3072_to_bin_106(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 29 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_3072_norm_53(sp_digit* a) { @@ -5352,7 +5489,7 @@ static void sp_3072_norm_53(sp_digit* a) #endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 29 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_3072_norm_106(sp_digit* a) { @@ -5365,9 +5502,9 @@ static void sp_3072_norm_106(sp_digit* a) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_106(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -5420,8 +5557,8 @@ SP_NOINLINE static void sp_3072_mul_106(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_106(sp_digit* r, const sp_digit* a) { @@ -5484,8 +5621,8 @@ SP_NOINLINE static void sp_3072_sqr_106(sp_digit* r, const sp_digit* a) /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -5505,9 +5642,9 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_d_106(sp_digit* r, const sp_digit* a, sp_digit b) @@ -5527,9 +5664,9 @@ SP_NOINLINE static void sp_3072_mul_d_106(sp_digit* r, const sp_digit* a, #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_sub_53(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -5546,8 +5683,8 @@ SP_NOINLINE static int sp_3072_sub_53(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_53(sp_digit* r, const sp_digit* m) { @@ -5568,10 +5705,11 @@ static void sp_3072_mont_norm_53(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_3072_cmp_53(const sp_digit* a, const sp_digit* b) { @@ -5588,10 +5726,11 @@ static sp_digit sp_3072_cmp_53(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_sub_53(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -5605,9 +5744,9 @@ static void sp_3072_cond_sub_53(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_add_53(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -5652,8 +5791,8 @@ SP_NOINLINE static void sp_3072_mul_add_53(sp_digit* r, const sp_digit* a, /* Shift the result in the high 1536 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_3072_mont_shift_53(sp_digit* r, const sp_digit* a) { @@ -5672,9 +5811,10 @@ static void sp_3072_mont_shift_53(sp_digit* r, const sp_digit* a) /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_3072_mont_reduce_53(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -5701,9 +5841,9 @@ static void sp_3072_mont_reduce_53(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_53(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -5757,11 +5897,11 @@ SP_NOINLINE static void sp_3072_mul_53(sp_digit* r, const sp_digit* a, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_53(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -5772,8 +5912,8 @@ SP_NOINLINE static void sp_3072_mont_mul_53(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_53(sp_digit* r, const sp_digit* a) { @@ -5836,10 +5976,10 @@ SP_NOINLINE static void sp_3072_sqr_53(sp_digit* r, const sp_digit* a) /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_53(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -5850,9 +5990,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_53(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_d_53(sp_digit* r, const sp_digit* a, sp_digit b) @@ -5873,10 +6013,11 @@ SP_NOINLINE static void sp_3072_mul_d_53(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_add_53(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -5891,9 +6032,9 @@ static void sp_3072_cond_add_53(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_add_53(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -5907,6 +6048,13 @@ SP_NOINLINE static int sp_3072_add_53(sp_digit* r, const sp_digit* a, return 0; } +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_3072_rshift_53(sp_digit* r, const sp_digit* a, byte n) { @@ -5918,6 +6066,14 @@ SP_NOINLINE static void sp_3072_rshift_53(sp_digit* r, const sp_digit* a, r[52] = a[52] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_div_word_53(sp_digit d1, sp_digit d0, sp_digit div) { @@ -5999,6 +6155,13 @@ static WC_INLINE sp_digit sp_3072_div_word_53(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_word_div_word_53(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -6013,11 +6176,13 @@ static WC_INLINE sp_digit sp_3072_word_div_word_53(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_div_53(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -6082,10 +6247,12 @@ static int sp_3072_div_53(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_mod_53(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -6094,17 +6261,20 @@ static int sp_3072_mod_53(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_3072_mod_exp_53(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_3072_mod_exp_53(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 106); @@ -6396,9 +6566,9 @@ static int sp_3072_mod_exp_53(sp_digit* r, const sp_digit* a, const sp_digit* e, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_sub_106(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -6415,8 +6585,8 @@ SP_NOINLINE static int sp_3072_sub_106(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_106(sp_digit* r, const sp_digit* m) { @@ -6437,10 +6607,11 @@ static void sp_3072_mont_norm_106(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_3072_cmp_106(const sp_digit* a, const sp_digit* b) { @@ -6457,10 +6628,11 @@ static sp_digit sp_3072_cmp_106(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_sub_106(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -6474,9 +6646,9 @@ static void sp_3072_cond_sub_106(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_add_106(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -6524,8 +6696,8 @@ SP_NOINLINE static void sp_3072_mul_add_106(sp_digit* r, const sp_digit* a, /* Shift the result in the high 3072 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_3072_mont_shift_106(sp_digit* r, const sp_digit* a) { @@ -6544,9 +6716,10 @@ static void sp_3072_mont_shift_106(sp_digit* r, const sp_digit* a) /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_3072_mont_reduce_106(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -6599,11 +6772,11 @@ static void sp_3072_mont_reduce_106(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_106(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -6614,10 +6787,10 @@ SP_NOINLINE static void sp_3072_mont_mul_106(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_106(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -6628,9 +6801,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_106(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_d_212(sp_digit* r, const sp_digit* a, sp_digit b) @@ -6651,10 +6824,11 @@ SP_NOINLINE static void sp_3072_mul_d_212(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_add_106(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -6669,9 +6843,9 @@ static void sp_3072_cond_add_106(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_add_106(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -6685,6 +6859,13 @@ SP_NOINLINE static int sp_3072_add_106(sp_digit* r, const sp_digit* a, return 0; } +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_3072_rshift_106(sp_digit* r, const sp_digit* a, byte n) { @@ -6696,6 +6877,14 @@ SP_NOINLINE static void sp_3072_rshift_106(sp_digit* r, const sp_digit* a, r[105] = a[105] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_div_word_106(sp_digit d1, sp_digit d0, sp_digit div) { @@ -6777,6 +6966,13 @@ static WC_INLINE sp_digit sp_3072_div_word_106(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_word_div_word_106(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -6791,11 +6987,13 @@ static WC_INLINE sp_digit sp_3072_word_div_word_106(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_div_106(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -6860,10 +7058,12 @@ static int sp_3072_div_106(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_mod_106(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -6873,17 +7073,20 @@ static int sp_3072_mod_106(sp_digit* r, const sp_digit* a, const sp_digit* m) #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_3072_mod_exp_106(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_3072_mod_exp_106(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 212); @@ -7173,6 +7376,24 @@ typedef struct sp_3072_mod_exp_106_ctx { int bits; } sp_3072_mod_exp_106_ctx; +/* Modular exponentiate a to the e mod m. (r = a^e mod m) + * + * Non-blocking version. Call repeatedly with the same context until it does + * not return MP_WOULDBLOCK. State is saved and restored through ctx. + * + * @param [in, out] ctx Context saving state for the non-blocking + * operation. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + */ static int sp_3072_mod_exp_106_nb(sp_3072_mod_exp_106_ctx* ctx, sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -7293,15 +7514,19 @@ static int sp_3072_mod_exp_106_nb(sp_3072_mod_exp_106_ctx* ctx, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -7512,18 +7737,23 @@ typedef struct sp_3072_RsaPublic_nb_ctx { * sub-state of the inner modular exponentiation, returning MP_WOULDBLOCK * until the operation completes. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_TO_E when outLen is too small, MP_READ_E on input size errors, - * MP_VAL when the modulus is even, or MP_EXPTMOD_E when the exponent - * is zero. + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_TO_E when outLen is too small. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even. + * @return MP_EXPTMOD_E when the exponent is zero. */ int sp_RsaPublic_3072_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -7603,20 +7833,24 @@ int sp_RsaPublic_3072_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -7907,17 +8141,22 @@ typedef struct sp_3072_RsaPrivate_nb_ctx { * The CRT path is not supported in non-blocking mode; configure with * RSA_LOW_MEM or SP_RSA_PRIVATE_EXP_D to enable this entry point. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_TO_E when outLen is too small, MP_READ_E on input size errors, or - * MP_VAL when the modulus is even. + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_TO_E when outLen is too small. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even. */ int sp_RsaPrivate_3072_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, const mp_int* dm, const mp_int* mm, byte* out, word32* outLen) @@ -7993,8 +8232,8 @@ int sp_RsaPrivate_3072_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) { @@ -8061,12 +8300,14 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -8172,14 +8413,18 @@ typedef struct sp_3072_ModExp_nb_ctx { /* Non-blocking modular exponentiation for Diffie-Hellman (mp_int form). * Drives sp_3072_mod_exp_106_nb one sub-state per call. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_READ_E on input size errors, or MP_VAL when the modulus is even or - * the exponent is zero (the latter rejected inside sp_mod_exp_nb). + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even or the exponent is zero (the latterx + * rejected inside sp_mod_exp_nb). */ int sp_ModExp_3072_nb(sp_dh_ctx_t* sp_ctx, const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -8247,6 +8492,12 @@ int sp_ModExp_3072_nb(sp_dh_ctx_t* sp_ctx, const mp_int* base, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_3072 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_3072_lshift_106(sp_digit* r, const sp_digit* a, byte n) { @@ -8261,15 +8512,18 @@ SP_NOINLINE static void sp_3072_lshift_106(sp_digit* r, const sp_digit* a, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ -static int sp_3072_mod_exp_2_106(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) +static int sp_3072_mod_exp_2_106(sp_digit* r, const sp_digit* e, int bits, + const sp_digit* m) { SP_DECL_VAR(sp_digit, td, 319); sp_digit* norm = NULL; @@ -8366,15 +8620,17 @@ static int sp_3072_mod_exp_2_106(sp_digit* r, const sp_digit* e, int bits, const /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -8455,19 +8711,24 @@ typedef struct sp_3072_DhExp_nb_ctx { * Computes base^exp mod mod where base and exp are byte strings; suitable * for the TLS path where otherPub is already a byte buffer. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * base Base bytes (other party's public key). - * baseSz Length, in bytes, of base (max 384). - * exp Exponent bytes (our private key). - * expLen Length, in bytes, of exp (max 384). - * mod Modulus. MP integer (must remain valid until first call returns). - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_READ_E when baseSz, expLen, or the modulus bit length is out of - * range, or MP_VAL when the modulus is even or expLen is zero (the - * latter rejected inside sp_mod_exp_nb). + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] base Base bytes (other party's public key). + * @param [in] baseSz Length, in bytes, of base (max 384). + * @param [in] exp Exponent bytes (our private key). + * @param [in] expLen Length, in bytes, of exp (max 384). + * @param [in] mod Modulus. MP integer (must remain valid until first + * call returns). + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_READ_E when baseSz, expLen, or the modulus bit length is out of + * range. + * @return MP_VAL when the modulus is even or expLen is zero (the latterx + * rejected inside sp_mod_exp_nb). */ int sp_DhExp_3072_nb(sp_dh_ctx_t* sp_ctx, const byte* base, word32 baseSz, const byte* exp, word32 expLen, const mp_int* mod, byte* out, @@ -8543,12 +8804,14 @@ int sp_DhExp_3072_nb(sp_dh_ctx_t* sp_ctx, const byte* base, word32 baseSz, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -8647,10 +8910,10 @@ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, #else /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -8682,9 +8945,9 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -8771,8 +9034,8 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 384 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_3072_to_bin_112(sp_digit* r, byte* a) { @@ -8815,7 +9078,7 @@ static void sp_3072_to_bin_112(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 28 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_3072_norm_56(sp_digit* a) { @@ -8842,7 +9105,7 @@ static void sp_3072_norm_56(sp_digit* a) #endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 28 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_3072_norm_55(sp_digit* a) { @@ -8867,7 +9130,7 @@ static void sp_3072_norm_55(sp_digit* a) /* Normalize the values in each word to 28 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_3072_norm_112(sp_digit* a) { @@ -8893,7 +9156,7 @@ static void sp_3072_norm_112(sp_digit* a) /* Normalize the values in each word to 28 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_3072_norm_110(sp_digit* a) { @@ -8918,9 +9181,9 @@ static void sp_3072_norm_110(sp_digit* a) #ifndef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_14(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -9158,9 +9421,9 @@ SP_NOINLINE static void sp_3072_mul_14(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_add_14(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -9185,9 +9448,9 @@ SP_NOINLINE static int sp_3072_add_14(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_add_28(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -9214,9 +9477,9 @@ SP_NOINLINE static int sp_3072_add_28(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_sub_28(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -9243,7 +9506,7 @@ SP_NOINLINE static int sp_3072_sub_28(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 28 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_3072_norm_14(sp_digit* a) { @@ -9264,9 +9527,9 @@ static void sp_3072_norm_14(sp_digit* a) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_28(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -9291,9 +9554,9 @@ SP_NOINLINE static void sp_3072_mul_28(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_add_56(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -9316,9 +9579,9 @@ SP_NOINLINE static int sp_3072_add_56(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_sub_56(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -9341,7 +9604,7 @@ SP_NOINLINE static int sp_3072_sub_56(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 28 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_3072_norm_28(sp_digit* a) { @@ -9363,9 +9626,9 @@ static void sp_3072_norm_28(sp_digit* a) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_56(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -9390,9 +9653,9 @@ SP_NOINLINE static void sp_3072_mul_56(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_add_112(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -9415,9 +9678,9 @@ SP_NOINLINE static int sp_3072_add_112(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_sub_112(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -9440,7 +9703,7 @@ SP_NOINLINE static int sp_3072_sub_112(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 28 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_3072_norm_224(sp_digit* a) { @@ -9466,9 +9729,9 @@ static void sp_3072_norm_224(sp_digit* a) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_112(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -9493,8 +9756,8 @@ SP_NOINLINE static void sp_3072_mul_112(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_14(sp_digit* r, const sp_digit* a) { @@ -9640,8 +9903,8 @@ SP_NOINLINE static void sp_3072_sqr_14(sp_digit* r, const sp_digit* a) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_28(sp_digit* r, const sp_digit* a) { @@ -9662,8 +9925,8 @@ SP_NOINLINE static void sp_3072_sqr_28(sp_digit* r, const sp_digit* a) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_56(sp_digit* r, const sp_digit* a) { @@ -9684,8 +9947,8 @@ SP_NOINLINE static void sp_3072_sqr_56(sp_digit* r, const sp_digit* a) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_112(sp_digit* r, const sp_digit* a) { @@ -9707,8 +9970,8 @@ SP_NOINLINE static void sp_3072_sqr_112(sp_digit* r, const sp_digit* a) #endif /* !WOLFSSL_SP_SMALL */ /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -9728,9 +9991,9 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_d_112(sp_digit* r, const sp_digit* a, sp_digit b) @@ -9770,8 +10033,8 @@ SP_NOINLINE static void sp_3072_mul_d_112(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_56(sp_digit* r, const sp_digit* m) { @@ -9806,10 +10069,11 @@ static void sp_3072_mont_norm_56(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_3072_cmp_56(const sp_digit* a, const sp_digit* b) { @@ -9833,10 +10097,11 @@ static sp_digit sp_3072_cmp_56(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_sub_56(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -9857,9 +10122,9 @@ static void sp_3072_cond_sub_56(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_add_56(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -9937,8 +10202,8 @@ SP_NOINLINE static void sp_3072_mul_add_56(sp_digit* r, const sp_digit* a, /* Shift the result in the high 1536 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_3072_mont_shift_56(sp_digit* r, const sp_digit* a) { @@ -9975,9 +10240,10 @@ static void sp_3072_mont_shift_56(sp_digit* r, const sp_digit* a) /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_3072_mont_reduce_56(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -10005,11 +10271,11 @@ static void sp_3072_mont_reduce_56(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_56(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -10020,10 +10286,10 @@ SP_NOINLINE static void sp_3072_mont_mul_56(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_56(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -10034,9 +10300,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_56(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_d_56(sp_digit* r, const sp_digit* a, sp_digit b) @@ -10076,10 +10342,11 @@ SP_NOINLINE static void sp_3072_mul_d_56(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_add_56(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -10099,6 +10366,13 @@ static void sp_3072_cond_add_56(sp_digit* r, const sp_digit* a, } #endif /* !WOLFSSL_SP_SMALL */ +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_3072_rshift_56(sp_digit* r, const sp_digit* a, byte n) { @@ -10124,6 +10398,14 @@ SP_NOINLINE static void sp_3072_rshift_56(sp_digit* r, const sp_digit* a, r[55] = a[55] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_div_word_56(sp_digit d1, sp_digit d0, sp_digit div) { @@ -10205,6 +10487,13 @@ static WC_INLINE sp_digit sp_3072_div_word_56(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_word_div_word_56(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -10219,11 +10508,13 @@ static WC_INLINE sp_digit sp_3072_word_div_word_56(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_div_56(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -10288,10 +10579,12 @@ static int sp_3072_div_56(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_mod_56(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -10300,17 +10593,20 @@ static int sp_3072_mod_56(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_3072_mod_exp_56(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_3072_mod_exp_56(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 112); @@ -10603,8 +10899,8 @@ static int sp_3072_mod_exp_56(sp_digit* r, const sp_digit* a, const sp_digit* e, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_112(sp_digit* r, const sp_digit* m) { @@ -10639,10 +10935,11 @@ static void sp_3072_mont_norm_112(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_3072_cmp_112(const sp_digit* a, const sp_digit* b) { @@ -10666,10 +10963,11 @@ static sp_digit sp_3072_cmp_112(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_sub_112(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -10690,9 +10988,9 @@ static void sp_3072_cond_sub_112(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_add_112(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -10770,8 +11068,8 @@ SP_NOINLINE static void sp_3072_mul_add_112(sp_digit* r, const sp_digit* a, /* Shift the result in the high 3072 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_3072_mont_shift_112(sp_digit* r, const sp_digit* a) { @@ -10807,9 +11105,10 @@ static void sp_3072_mont_shift_112(sp_digit* r, const sp_digit* a) /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_3072_mont_reduce_112(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -10862,11 +11161,11 @@ static void sp_3072_mont_reduce_112(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_112(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -10877,10 +11176,10 @@ SP_NOINLINE static void sp_3072_mont_mul_112(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_112(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -10891,9 +11190,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_112(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_d_224(sp_digit* r, const sp_digit* a, sp_digit b) @@ -10933,10 +11232,11 @@ SP_NOINLINE static void sp_3072_mul_d_224(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_add_112(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -10956,6 +11256,13 @@ static void sp_3072_cond_add_112(sp_digit* r, const sp_digit* a, } #endif /* !WOLFSSL_SP_SMALL */ +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_3072_rshift_112(sp_digit* r, const sp_digit* a, byte n) { @@ -10981,6 +11288,14 @@ SP_NOINLINE static void sp_3072_rshift_112(sp_digit* r, const sp_digit* a, r[111] = a[111] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_div_word_112(sp_digit d1, sp_digit d0, sp_digit div) { @@ -11062,6 +11377,13 @@ static WC_INLINE sp_digit sp_3072_div_word_112(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_word_div_word_112(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -11076,11 +11398,13 @@ static WC_INLINE sp_digit sp_3072_word_div_word_112(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_div_112(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -11146,10 +11470,12 @@ static int sp_3072_div_112(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_mod_112(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -11161,17 +11487,20 @@ static int sp_3072_mod_112(sp_digit* r, const sp_digit* a, const sp_digit* m) defined(WOLFSSL_HAVE_SP_DH) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_3072_mod_exp_112(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_3072_mod_exp_112(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 224); @@ -11461,6 +11790,24 @@ typedef struct sp_3072_mod_exp_112_ctx { int bits; } sp_3072_mod_exp_112_ctx; +/* Modular exponentiate a to the e mod m. (r = a^e mod m) + * + * Non-blocking version. Call repeatedly with the same context until it does + * not return MP_WOULDBLOCK. State is saved and restored through ctx. + * + * @param [in, out] ctx Context saving state for the non-blocking + * operation. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + */ static int sp_3072_mod_exp_112_nb(sp_3072_mod_exp_112_ctx* ctx, sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -11583,15 +11930,19 @@ static int sp_3072_mod_exp_112_nb(sp_3072_mod_exp_112_ctx* ctx, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -11786,20 +12137,24 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -12081,8 +12436,8 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) { @@ -12149,12 +12504,14 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -12249,6 +12606,12 @@ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_3072 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_3072_lshift_112(sp_digit* r, const sp_digit* a, byte n) { @@ -12484,15 +12847,18 @@ SP_NOINLINE static void sp_3072_lshift_112(sp_digit* r, const sp_digit* a, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ -static int sp_3072_mod_exp_2_112(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) +static int sp_3072_mod_exp_2_112(sp_digit* r, const sp_digit* e, int bits, + const sp_digit* m) { SP_DECL_VAR(sp_digit, td, 337); sp_digit* norm = NULL; @@ -12589,15 +12955,17 @@ static int sp_3072_mod_exp_2_112(sp_digit* r, const sp_digit* e, int bits, const /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -12664,12 +13032,14 @@ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -12772,10 +13142,10 @@ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_SP_SMALL /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -12807,9 +13177,9 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -12896,8 +13266,8 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 512 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_4096_to_bin_142(sp_digit* r, byte* a) { @@ -12941,7 +13311,7 @@ static void sp_4096_to_bin_142(sp_digit* r, byte* a) #if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D) /* Normalize the values in each word to 29 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_4096_norm_71(sp_digit* a) { @@ -12956,7 +13326,7 @@ static void sp_4096_norm_71(sp_digit* a) #endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 29 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_4096_norm_142(sp_digit* a) { @@ -12969,9 +13339,9 @@ static void sp_4096_norm_142(sp_digit* a) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_4096_mul_142(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -13024,8 +13394,8 @@ SP_NOINLINE static void sp_4096_mul_142(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_4096_sqr_142(sp_digit* r, const sp_digit* a) { @@ -13088,8 +13458,8 @@ SP_NOINLINE static void sp_4096_sqr_142(sp_digit* r, const sp_digit* a) /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -13109,9 +13479,9 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_d_142(sp_digit* r, const sp_digit* a, sp_digit b) @@ -13132,9 +13502,9 @@ SP_NOINLINE static void sp_4096_mul_d_142(sp_digit* r, const sp_digit* a, #if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_sub_71(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -13151,8 +13521,8 @@ SP_NOINLINE static int sp_4096_sub_71(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 4096 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_4096_mont_norm_71(sp_digit* r, const sp_digit* m) { @@ -13173,10 +13543,11 @@ static void sp_4096_mont_norm_71(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_4096_cmp_71(const sp_digit* a, const sp_digit* b) { @@ -13193,10 +13564,11 @@ static sp_digit sp_4096_cmp_71(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_sub_71(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -13210,9 +13582,9 @@ static void sp_4096_cond_sub_71(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_add_71(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -13263,8 +13635,8 @@ SP_NOINLINE static void sp_4096_mul_add_71(sp_digit* r, const sp_digit* a, /* Shift the result in the high 2048 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_4096_mont_shift_71(sp_digit* r, const sp_digit* a) { @@ -13283,9 +13655,10 @@ static void sp_4096_mont_shift_71(sp_digit* r, const sp_digit* a) /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_4096_mont_reduce_71(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -13312,9 +13685,9 @@ static void sp_4096_mont_reduce_71(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_4096_mul_71(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -13368,11 +13741,11 @@ SP_NOINLINE static void sp_4096_mul_71(sp_digit* r, const sp_digit* a, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_mul_71(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -13383,8 +13756,8 @@ SP_NOINLINE static void sp_4096_mont_mul_71(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_4096_sqr_71(sp_digit* r, const sp_digit* a) { @@ -13447,10 +13820,10 @@ SP_NOINLINE static void sp_4096_sqr_71(sp_digit* r, const sp_digit* a) /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_sqr_71(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -13461,9 +13834,9 @@ SP_NOINLINE static void sp_4096_mont_sqr_71(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_d_71(sp_digit* r, const sp_digit* a, sp_digit b) @@ -13484,10 +13857,11 @@ SP_NOINLINE static void sp_4096_mul_d_71(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_add_71(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -13502,9 +13876,9 @@ static void sp_4096_cond_add_71(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_add_71(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -13518,6 +13892,13 @@ SP_NOINLINE static int sp_4096_add_71(sp_digit* r, const sp_digit* a, return 0; } +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_4096_rshift_71(sp_digit* r, const sp_digit* a, byte n) { @@ -13529,6 +13910,14 @@ SP_NOINLINE static void sp_4096_rshift_71(sp_digit* r, const sp_digit* a, r[70] = a[70] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_div_word_71(sp_digit d1, sp_digit d0, sp_digit div) { @@ -13610,6 +13999,13 @@ static WC_INLINE sp_digit sp_4096_div_word_71(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_word_div_word_71(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -13624,11 +14020,13 @@ static WC_INLINE sp_digit sp_4096_word_div_word_71(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_div_71(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -13693,10 +14091,12 @@ static int sp_4096_div_71(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_mod_71(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -13705,17 +14105,20 @@ static int sp_4096_mod_71(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_4096_mod_exp_71(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_4096_mod_exp_71(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 142); @@ -14008,9 +14411,9 @@ static int sp_4096_mod_exp_71(sp_digit* r, const sp_digit* a, const sp_digit* e, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_sub_142(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -14027,8 +14430,8 @@ SP_NOINLINE static int sp_4096_sub_142(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 4096 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_4096_mont_norm_142(sp_digit* r, const sp_digit* m) { @@ -14049,10 +14452,11 @@ static void sp_4096_mont_norm_142(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_4096_cmp_142(const sp_digit* a, const sp_digit* b) { @@ -14069,10 +14473,11 @@ static sp_digit sp_4096_cmp_142(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_sub_142(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -14086,9 +14491,9 @@ static void sp_4096_cond_sub_142(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_add_142(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -14136,8 +14541,8 @@ SP_NOINLINE static void sp_4096_mul_add_142(sp_digit* r, const sp_digit* a, /* Shift the result in the high 4096 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_4096_mont_shift_142(sp_digit* r, const sp_digit* a) { @@ -14156,9 +14561,10 @@ static void sp_4096_mont_shift_142(sp_digit* r, const sp_digit* a) /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_4096_mont_reduce_142(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -14211,11 +14617,11 @@ static void sp_4096_mont_reduce_142(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_mul_142(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -14226,10 +14632,10 @@ SP_NOINLINE static void sp_4096_mont_mul_142(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_sqr_142(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -14240,9 +14646,9 @@ SP_NOINLINE static void sp_4096_mont_sqr_142(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_d_284(sp_digit* r, const sp_digit* a, sp_digit b) @@ -14263,10 +14669,11 @@ SP_NOINLINE static void sp_4096_mul_d_284(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_add_142(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -14281,9 +14688,9 @@ static void sp_4096_cond_add_142(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_add_142(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -14297,6 +14704,13 @@ SP_NOINLINE static int sp_4096_add_142(sp_digit* r, const sp_digit* a, return 0; } +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_4096_rshift_142(sp_digit* r, const sp_digit* a, byte n) { @@ -14308,6 +14722,14 @@ SP_NOINLINE static void sp_4096_rshift_142(sp_digit* r, const sp_digit* a, r[141] = a[141] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_div_word_142(sp_digit d1, sp_digit d0, sp_digit div) { @@ -14389,6 +14811,13 @@ static WC_INLINE sp_digit sp_4096_div_word_142(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_word_div_word_142(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -14403,11 +14832,13 @@ static WC_INLINE sp_digit sp_4096_word_div_word_142(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_div_142(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -14472,10 +14903,12 @@ static int sp_4096_div_142(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_mod_142(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -14485,17 +14918,20 @@ static int sp_4096_mod_142(sp_digit* r, const sp_digit* a, const sp_digit* m) #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_4096_mod_exp_142(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_4096_mod_exp_142(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 284); @@ -14785,6 +15221,24 @@ typedef struct sp_4096_mod_exp_142_ctx { int bits; } sp_4096_mod_exp_142_ctx; +/* Modular exponentiate a to the e mod m. (r = a^e mod m) + * + * Non-blocking version. Call repeatedly with the same context until it does + * not return MP_WOULDBLOCK. State is saved and restored through ctx. + * + * @param [in, out] ctx Context saving state for the non-blocking + * operation. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + */ static int sp_4096_mod_exp_142_nb(sp_4096_mod_exp_142_ctx* ctx, sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -14905,15 +15359,19 @@ static int sp_4096_mod_exp_142_nb(sp_4096_mod_exp_142_ctx* ctx, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -15124,18 +15582,23 @@ typedef struct sp_4096_RsaPublic_nb_ctx { * sub-state of the inner modular exponentiation, returning MP_WOULDBLOCK * until the operation completes. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_TO_E when outLen is too small, MP_READ_E on input size errors, - * MP_VAL when the modulus is even, or MP_EXPTMOD_E when the exponent - * is zero. + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_TO_E when outLen is too small. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even. + * @return MP_EXPTMOD_E when the exponent is zero. */ int sp_RsaPublic_4096_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -15215,20 +15678,24 @@ int sp_RsaPublic_4096_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -15519,17 +15986,22 @@ typedef struct sp_4096_RsaPrivate_nb_ctx { * The CRT path is not supported in non-blocking mode; configure with * RSA_LOW_MEM or SP_RSA_PRIVATE_EXP_D to enable this entry point. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_TO_E when outLen is too small, MP_READ_E on input size errors, or - * MP_VAL when the modulus is even. + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_TO_E when outLen is too small. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even. */ int sp_RsaPrivate_4096_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, const mp_int* dm, const mp_int* mm, byte* out, word32* outLen) @@ -15605,8 +16077,8 @@ int sp_RsaPrivate_4096_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) { @@ -15673,12 +16145,14 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -15784,14 +16258,18 @@ typedef struct sp_4096_ModExp_nb_ctx { /* Non-blocking modular exponentiation for Diffie-Hellman (mp_int form). * Drives sp_4096_mod_exp_142_nb one sub-state per call. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_READ_E on input size errors, or MP_VAL when the modulus is even or - * the exponent is zero (the latter rejected inside sp_mod_exp_nb). + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even or the exponent is zero (the latterx + * rejected inside sp_mod_exp_nb). */ int sp_ModExp_4096_nb(sp_dh_ctx_t* sp_ctx, const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -15859,6 +16337,12 @@ int sp_ModExp_4096_nb(sp_dh_ctx_t* sp_ctx, const mp_int* base, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_4096 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_4096_lshift_142(sp_digit* r, const sp_digit* a, byte n) { @@ -15873,15 +16357,18 @@ SP_NOINLINE static void sp_4096_lshift_142(sp_digit* r, const sp_digit* a, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ -static int sp_4096_mod_exp_2_142(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) +static int sp_4096_mod_exp_2_142(sp_digit* r, const sp_digit* e, int bits, + const sp_digit* m) { SP_DECL_VAR(sp_digit, td, 427); sp_digit* norm = NULL; @@ -15978,15 +16465,17 @@ static int sp_4096_mod_exp_2_142(sp_digit* r, const sp_digit* e, int bits, const /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -16067,19 +16556,24 @@ typedef struct sp_4096_DhExp_nb_ctx { * Computes base^exp mod mod where base and exp are byte strings; suitable * for the TLS path where otherPub is already a byte buffer. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * base Base bytes (other party's public key). - * baseSz Length, in bytes, of base (max 512). - * exp Exponent bytes (our private key). - * expLen Length, in bytes, of exp (max 512). - * mod Modulus. MP integer (must remain valid until first call returns). - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_READ_E when baseSz, expLen, or the modulus bit length is out of - * range, or MP_VAL when the modulus is even or expLen is zero (the - * latter rejected inside sp_mod_exp_nb). + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] base Base bytes (other party's public key). + * @param [in] baseSz Length, in bytes, of base (max 512). + * @param [in] exp Exponent bytes (our private key). + * @param [in] expLen Length, in bytes, of exp (max 512). + * @param [in] mod Modulus. MP integer (must remain valid until first + * call returns). + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_READ_E when baseSz, expLen, or the modulus bit length is out of + * range. + * @return MP_VAL when the modulus is even or expLen is zero (the latterx + * rejected inside sp_mod_exp_nb). */ int sp_DhExp_4096_nb(sp_dh_ctx_t* sp_ctx, const byte* base, word32 baseSz, const byte* exp, word32 expLen, const mp_int* mod, byte* out, @@ -16158,10 +16652,10 @@ int sp_DhExp_4096_nb(sp_dh_ctx_t* sp_ctx, const byte* base, word32 baseSz, #else /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -16193,9 +16687,9 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -16282,8 +16776,8 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 512 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_4096_to_bin_162(sp_digit* r, byte* a) { @@ -16325,7 +16819,7 @@ static void sp_4096_to_bin_162(sp_digit* r, byte* a) /* Normalize the values in each word to 26 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_4096_norm_81(sp_digit* a) { @@ -16346,7 +16840,7 @@ static void sp_4096_norm_81(sp_digit* a) #if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D) /* Normalize the values in each word to 26 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_4096_norm_79(sp_digit* a) { @@ -16373,7 +16867,7 @@ static void sp_4096_norm_79(sp_digit* a) #endif /* (WOLFSSL_HAVE_SP_RSA || WOLFSSL_HAVE_SP_DH) && !WOLFSSL_RSA_PUBLIC_ONLY */ /* Normalize the values in each word to 26 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_4096_norm_162(sp_digit* a) { @@ -16393,7 +16887,7 @@ static void sp_4096_norm_162(sp_digit* a) /* Normalize the values in each word to 26 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_4096_norm_158(sp_digit* a) { @@ -16418,9 +16912,9 @@ static void sp_4096_norm_158(sp_digit* a) #ifndef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_4096_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -16533,9 +17027,9 @@ SP_NOINLINE static void sp_4096_mul_9(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -16555,9 +17049,9 @@ SP_NOINLINE static int sp_4096_add_9(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_sub_18(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -16582,9 +17076,9 @@ SP_NOINLINE static int sp_4096_sub_18(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_add_18(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -16609,7 +17103,7 @@ SP_NOINLINE static int sp_4096_add_18(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 26 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_4096_norm_9(sp_digit* a) { @@ -16625,7 +17119,7 @@ static void sp_4096_norm_9(sp_digit* a) /* Normalize the values in each word to 26 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_4096_norm_18(sp_digit* a) { @@ -16645,7 +17139,7 @@ static void sp_4096_norm_18(sp_digit* a) /* Normalize the values in each word to 26 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_4096_norm_54(sp_digit* a) { @@ -16669,9 +17163,9 @@ static void sp_4096_norm_54(sp_digit* a) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_4096_mul_27(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -16729,9 +17223,9 @@ SP_NOINLINE static void sp_4096_mul_27(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_add_27(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -16757,9 +17251,9 @@ SP_NOINLINE static int sp_4096_add_27(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_sub_54(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -16788,9 +17282,9 @@ SP_NOINLINE static int sp_4096_sub_54(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_add_54(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -16819,7 +17313,7 @@ SP_NOINLINE static int sp_4096_add_54(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 26 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_4096_norm_27(sp_digit* a) { @@ -16840,9 +17334,9 @@ static void sp_4096_norm_27(sp_digit* a) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_4096_mul_81(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -16900,9 +17394,9 @@ SP_NOINLINE static void sp_4096_mul_81(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_add_81(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -16926,9 +17420,9 @@ SP_NOINLINE static int sp_4096_add_81(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_add_162(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -16953,9 +17447,9 @@ SP_NOINLINE static int sp_4096_add_162(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_sub_162(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -16980,7 +17474,7 @@ SP_NOINLINE static int sp_4096_sub_162(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 26 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_4096_norm_324(sp_digit* a) { @@ -17002,9 +17496,9 @@ static void sp_4096_norm_324(sp_digit* a) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_4096_mul_162(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -17029,8 +17523,8 @@ SP_NOINLINE static void sp_4096_mul_162(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_4096_sqr_9(sp_digit* r, const sp_digit* a) { @@ -17106,8 +17600,8 @@ SP_NOINLINE static void sp_4096_sqr_9(sp_digit* r, const sp_digit* a) /* Square a into r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_4096_sqr_27(sp_digit* r, const sp_digit* a) { @@ -17155,8 +17649,8 @@ SP_NOINLINE static void sp_4096_sqr_27(sp_digit* r, const sp_digit* a) /* Square a into r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_4096_sqr_81(sp_digit* r, const sp_digit* a) { @@ -17204,8 +17698,8 @@ SP_NOINLINE static void sp_4096_sqr_81(sp_digit* r, const sp_digit* a) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_4096_sqr_162(sp_digit* r, const sp_digit* a) { @@ -17227,8 +17721,8 @@ SP_NOINLINE static void sp_4096_sqr_162(sp_digit* r, const sp_digit* a) #endif /* !WOLFSSL_SP_SMALL */ /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -17248,9 +17742,9 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_d_162(sp_digit* r, const sp_digit* a, sp_digit b) @@ -17296,9 +17790,9 @@ SP_NOINLINE static void sp_4096_mul_d_162(sp_digit* r, const sp_digit* a, #if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_sub_81(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -17323,8 +17817,8 @@ SP_NOINLINE static int sp_4096_sub_81(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 4096 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_4096_mont_norm_81(sp_digit* r, const sp_digit* m) { @@ -17360,10 +17854,11 @@ static void sp_4096_mont_norm_81(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_4096_cmp_81(const sp_digit* a, const sp_digit* b) { @@ -17388,10 +17883,11 @@ static sp_digit sp_4096_cmp_81(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_sub_81(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -17413,9 +17909,9 @@ static void sp_4096_cond_sub_81(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_add_81(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -17472,8 +17968,8 @@ SP_NOINLINE static void sp_4096_mul_add_81(sp_digit* r, const sp_digit* a, /* Shift the result in the high 2048 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_4096_mont_shift_81(sp_digit* r, const sp_digit* a) { @@ -17510,9 +18006,10 @@ static void sp_4096_mont_shift_81(sp_digit* r, const sp_digit* a) /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_4096_mont_reduce_81(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -17540,11 +18037,11 @@ static void sp_4096_mont_reduce_81(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_mul_81(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -17555,10 +18052,10 @@ SP_NOINLINE static void sp_4096_mont_mul_81(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_sqr_81(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -17569,9 +18066,9 @@ SP_NOINLINE static void sp_4096_mont_sqr_81(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_d_81(sp_digit* r, const sp_digit* a, sp_digit b) @@ -17614,10 +18111,11 @@ SP_NOINLINE static void sp_4096_mul_d_81(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_add_81(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -17638,6 +18136,13 @@ static void sp_4096_cond_add_81(sp_digit* r, const sp_digit* a, } #endif /* !WOLFSSL_SP_SMALL */ +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_4096_rshift_81(sp_digit* r, const sp_digit* a, byte n) { @@ -17656,6 +18161,14 @@ SP_NOINLINE static void sp_4096_rshift_81(sp_digit* r, const sp_digit* a, r[80] = a[80] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_div_word_81(sp_digit d1, sp_digit d0, sp_digit div) { @@ -17737,6 +18250,13 @@ static WC_INLINE sp_digit sp_4096_div_word_81(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_word_div_word_81(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -17751,11 +18271,13 @@ static WC_INLINE sp_digit sp_4096_word_div_word_81(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_div_81(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -17821,10 +18343,12 @@ static int sp_4096_div_81(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_mod_81(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -17833,17 +18357,20 @@ static int sp_4096_mod_81(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_4096_mod_exp_81(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_4096_mod_exp_81(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 162); @@ -18137,8 +18664,8 @@ static int sp_4096_mod_exp_81(sp_digit* r, const sp_digit* a, const sp_digit* e, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 4096 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_4096_mont_norm_162(sp_digit* r, const sp_digit* m) { @@ -18175,10 +18702,11 @@ static void sp_4096_mont_norm_162(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_4096_cmp_162(const sp_digit* a, const sp_digit* b) { @@ -18204,10 +18732,11 @@ static sp_digit sp_4096_cmp_162(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_sub_162(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -18230,9 +18759,9 @@ static void sp_4096_cond_sub_162(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_add_162(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -18292,8 +18821,8 @@ SP_NOINLINE static void sp_4096_mul_add_162(sp_digit* r, const sp_digit* a, /* Shift the result in the high 4096 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_4096_mont_shift_162(sp_digit* r, const sp_digit* a) { @@ -18329,9 +18858,10 @@ static void sp_4096_mont_shift_162(sp_digit* r, const sp_digit* a) /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_4096_mont_reduce_162(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -18384,11 +18914,11 @@ static void sp_4096_mont_reduce_162(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_mul_162(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -18399,10 +18929,10 @@ SP_NOINLINE static void sp_4096_mont_mul_162(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_sqr_162(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -18413,9 +18943,9 @@ SP_NOINLINE static void sp_4096_mont_sqr_162(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_d_324(sp_digit* r, const sp_digit* a, sp_digit b) @@ -18455,10 +18985,11 @@ SP_NOINLINE static void sp_4096_mul_d_324(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_add_162(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -18480,6 +19011,13 @@ static void sp_4096_cond_add_162(sp_digit* r, const sp_digit* a, } #endif /* !WOLFSSL_SP_SMALL */ +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_4096_rshift_162(sp_digit* r, const sp_digit* a, byte n) { @@ -18499,6 +19037,14 @@ SP_NOINLINE static void sp_4096_rshift_162(sp_digit* r, const sp_digit* a, r[161] = a[161] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_div_word_162(sp_digit d1, sp_digit d0, sp_digit div) { @@ -18580,6 +19126,13 @@ static WC_INLINE sp_digit sp_4096_div_word_162(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_word_div_word_162(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -18594,11 +19147,13 @@ static WC_INLINE sp_digit sp_4096_word_div_word_162(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_div_162(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -18666,10 +19221,12 @@ static int sp_4096_div_162(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_mod_162(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -18681,17 +19238,20 @@ static int sp_4096_mod_162(sp_digit* r, const sp_digit* a, const sp_digit* m) defined(WOLFSSL_HAVE_SP_DH) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_4096_mod_exp_162(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_4096_mod_exp_162(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 324); @@ -18981,6 +19541,24 @@ typedef struct sp_4096_mod_exp_162_ctx { int bits; } sp_4096_mod_exp_162_ctx; +/* Modular exponentiate a to the e mod m. (r = a^e mod m) + * + * Non-blocking version. Call repeatedly with the same context until it does + * not return MP_WOULDBLOCK. State is saved and restored through ctx. + * + * @param [in, out] ctx Context saving state for the non-blocking + * operation. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + */ static int sp_4096_mod_exp_162_nb(sp_4096_mod_exp_162_ctx* ctx, sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -19103,15 +19681,19 @@ static int sp_4096_mod_exp_162_nb(sp_4096_mod_exp_162_ctx* ctx, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -19306,20 +19888,24 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -19601,8 +20187,8 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) { @@ -19669,12 +20255,14 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -19769,6 +20357,12 @@ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_4096 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_4096_lshift_162(sp_digit* r, const sp_digit* a, byte n) { @@ -20104,15 +20698,18 @@ SP_NOINLINE static void sp_4096_lshift_162(sp_digit* r, const sp_digit* a, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ -static int sp_4096_mod_exp_2_162(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) +static int sp_4096_mod_exp_2_162(sp_digit* r, const sp_digit* e, int bits, + const sp_digit* m) { SP_DECL_VAR(sp_digit, td, 487); sp_digit* norm = NULL; @@ -20209,15 +20806,17 @@ static int sp_4096_mod_exp_2_162(sp_digit* r, const sp_digit* e, int bits, const /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -20375,9 +20974,9 @@ static const sp_digit p256_b[9] = { #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_256_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -20415,9 +21014,9 @@ SP_NOINLINE static void sp_256_mul_9(sp_digit* r, const sp_digit* a, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_256_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -20532,8 +21131,8 @@ SP_NOINLINE static void sp_256_mul_9(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_256_sqr_9(sp_digit* r, const sp_digit* a) { @@ -20574,8 +21173,8 @@ SP_NOINLINE static void sp_256_sqr_9(sp_digit* r, const sp_digit* a) #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_256_sqr_9(sp_digit* r, const sp_digit* a) { @@ -20653,9 +21252,9 @@ SP_NOINLINE static void sp_256_sqr_9(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_256_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -20671,9 +21270,9 @@ SP_NOINLINE static int sp_256_add_9(sp_digit* r, const sp_digit* a, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_256_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -20695,9 +21294,9 @@ SP_NOINLINE static int sp_256_add_9(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_256_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -20714,9 +21313,9 @@ SP_NOINLINE static int sp_256_sub_9(sp_digit* r, const sp_digit* a, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_256_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -20737,9 +21336,9 @@ SP_NOINLINE static int sp_256_sub_9(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -20825,8 +21424,8 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_256. * - * p Point of type sp_point_256 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_256 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_256_point_from_ecc_point_9(sp_point_256* p, const ecc_point* pm) @@ -20842,8 +21441,8 @@ static void sp_256_point_from_ecc_point_9(sp_point_256* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_256_to_mp(const sp_digit* a, mp_int* r) { @@ -20910,10 +21509,11 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_256 to type ecc_point. * - * p Point of type sp_point_256. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_256. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_256_point_to_ecc_point_9(const sp_point_256* p, ecc_point* pm) { @@ -20932,10 +21532,11 @@ static int sp_256_point_to_ecc_point_9(const sp_point_256* p, ecc_point* pm) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_256_cmp_9(const sp_digit* a, const sp_digit* b) { @@ -20964,10 +21565,11 @@ static sp_digit sp_256_cmp_9(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_256_cond_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -20993,9 +21595,9 @@ static void sp_256_cond_sub_9(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_256_mul_add_9(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -21077,7 +21679,7 @@ SP_NOINLINE static void sp_256_mul_add_9(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 29 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_256_norm_9(sp_digit* a) { @@ -21101,8 +21703,8 @@ static void sp_256_norm_9(sp_digit* a) /* Shift the result in the high 256 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_256_mont_shift_9(sp_digit* r, const sp_digit* a) { @@ -21135,9 +21737,10 @@ static void sp_256_mont_shift_9(sp_digit* r, const sp_digit* a) /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_256_mont_reduce_order_9(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -21164,9 +21767,10 @@ static void sp_256_mont_reduce_order_9(sp_digit* a, const sp_digit* m, sp_digit /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_256_mont_reduce_9(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -21242,11 +21846,11 @@ static void sp_256_mont_reduce_9(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -21257,10 +21861,10 @@ SP_NOINLINE static void sp_256_mont_mul_9(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_sqr_9(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -21272,11 +21876,11 @@ SP_NOINLINE static void sp_256_mont_sqr_9(sp_digit* r, const sp_digit* a, #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_sqr_n_9(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -21299,9 +21903,9 @@ static const word32 p256_mod_minus_2[8] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P256 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_256_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -21367,9 +21971,9 @@ static void sp_256_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_256_map_9(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -21407,10 +22011,10 @@ static void sp_256_map_9(sp_point_256* r, const sp_point_256* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_256_mont_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -21425,9 +22029,9 @@ static void sp_256_mont_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_256_mont_dbl_9(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -21441,9 +22045,9 @@ static void sp_256_mont_dbl_9(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_256_mont_tpl_9(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -21464,10 +22068,11 @@ static void sp_256_mont_tpl_9(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_256_cond_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -21484,10 +22089,11 @@ static void sp_256_cond_add_9(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_256_cond_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -21506,10 +22112,10 @@ static void sp_256_cond_add_9(sp_digit* r, const sp_digit* a, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_256_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -21520,11 +22126,11 @@ static void sp_256_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_256_norm_9(r); } -/* Shift number left one bit. +/* Shift number right one bit. * Bottom bit is lost. * - * r Result of shift. - * a Number to shift. + * @param [out] r Result of shift. + * @param [in] a Number to shift. */ SP_NOINLINE static void sp_256_rshift1_9(sp_digit* r, const sp_digit* a) { @@ -21549,9 +22155,9 @@ SP_NOINLINE static void sp_256_rshift1_9(sp_digit* r, const sp_digit* a) /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ static void sp_256_mont_div2_9(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -21563,9 +22169,9 @@ static void sp_256_mont_div2_9(sp_digit* r, const sp_digit* a, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_9(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -21634,9 +22240,13 @@ typedef struct sp_256_proj_point_dbl_9_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -21766,9 +22376,10 @@ static int sp_256_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_256_cmp_equal_9(const sp_digit* a, const sp_digit* b) { @@ -21780,8 +22391,9 @@ static int sp_256_cmp_equal_9(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_256_iszero_9(const sp_digit* a) { @@ -21792,10 +22404,10 @@ static int sp_256_iszero_9(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_9(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -21895,10 +22507,14 @@ typedef struct sp_256_proj_point_add_9_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -22082,10 +22698,12 @@ static int sp_256_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_mod_mul_norm_9(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -22200,13 +22818,15 @@ static int sp_256_mod_mul_norm_9(sp_digit* r, const sp_digit* a, const sp_digit* * allocates memory rather than use large stacks. * 256 adds and doubles. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_9(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -22295,6 +22915,24 @@ typedef struct sp_256_ecc_mulmod_9_ctx { int y; } sp_256_ecc_mulmod_9_ctx; +/* Multiply the point by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_256_ecc_mulmod_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) { @@ -22404,9 +23042,9 @@ typedef struct sp_table_entry_256 { /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ static void sp_256_cond_copy_9(sp_digit* r, const sp_digit* a, const sp_digit m) { @@ -22444,10 +23082,9 @@ static void sp_256_cond_copy_9(sp_digit* r, const sp_digit* a, const sp_digit m) /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_n_9(sp_point_256* p, int i, sp_digit* t) @@ -22536,10 +23173,11 @@ static void sp_256_proj_point_dbl_n_9(sp_point_256* p, int i, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_n_store_9(sp_point_256* r, const sp_point_256* p, int n, int m, sp_digit* t) @@ -22609,11 +23247,11 @@ static void sp_256_proj_point_dbl_n_store_9(sp_point_256* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_sub_9(sp_point_256* ra, sp_point_256* rs, const sp_point_256* p, const sp_point_256* q, @@ -22715,8 +23353,8 @@ static const word8 recode_neg_9_6[66] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_256_ecc_recode_6_9(const sp_digit* k, ecc_recode_256* v) { @@ -22760,9 +23398,9 @@ static void sp_256_ecc_recode_6_9(const sp_digit* k, ecc_recode_256* v) #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_256_get_point_33_9(sp_point_256* r, const sp_point_256* table, int idx) @@ -22839,13 +23477,15 @@ static void sp_256_get_point_33_9(sp_point_256* r, const sp_point_256* table, * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_win_add_sub_9(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -22960,10 +23600,10 @@ static int sp_256_ecc_mulmod_win_add_sub_9(sp_point_256* r, const sp_point_256* * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_qz1_9(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -23041,8 +23681,8 @@ static void sp_256_proj_point_add_qz1_9(sp_point_256* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_256_proj_to_affine_9(sp_point_256* a, sp_digit* t) { @@ -23066,10 +23706,10 @@ static void sp_256_proj_to_affine_9(sp_point_256* a, sp_digit* t) * 256 entries * 32 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_256_gen_stripe_table_9(const sp_point_256* a, sp_table_entry_256* table, sp_digit* tmp, void* heap) @@ -23141,9 +23781,9 @@ static int sp_256_gen_stripe_table_9(const sp_point_256* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_256_get_entry_256_9(sp_point_256* r, const sp_table_entry_256* table, int idx) @@ -23202,13 +23842,16 @@ static void sp_256_get_entry_256_9(sp_point_256* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_stripe_9(sp_point_256* r, const sp_point_256* g, const sp_table_entry_256* table, const sp_digit* k, int map, @@ -23325,8 +23968,8 @@ static THREAD_LS_T int sp_cache_256_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) { @@ -23389,13 +24032,15 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_9(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -23471,12 +24116,14 @@ static int sp_256_ecc_mulmod_9(sp_point_256* r, const sp_point_256* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -23506,14 +24153,16 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -23566,11 +24215,14 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm, /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_9(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -23580,6 +24232,23 @@ static int sp_256_ecc_mulmod_base_9(sp_point_256* r, const sp_digit* k, } #ifdef WOLFSSL_SP_NONBLOCK +/* Multiply the base point of P256 by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_256_ecc_mulmod_base_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) { @@ -24883,12 +25552,14 @@ static const sp_table_entry_256 p256_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_9(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -24902,11 +25573,13 @@ static int sp_256_ecc_mulmod_base_9(sp_point_256* r, const sp_digit* k, /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -24934,13 +25607,15 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P256 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -24994,8 +25669,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * r A single precision integer. - * a A single precision integer. + * @param [in, out] a A single precision integer. */ SP_NOINLINE static void sp_256_add_one_9(sp_digit* a) { @@ -25006,10 +25680,10 @@ SP_NOINLINE static void sp_256_add_one_9(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -25041,10 +25715,12 @@ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_gen_k_9(WC_RNG* rng, sp_digit* k) { @@ -25074,12 +25750,15 @@ static int sp_256_ecc_gen_k_9(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -25151,6 +25830,23 @@ typedef struct sp_ecc_key_gen_256_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_256_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -25221,8 +25917,8 @@ int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 32 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_256_to_bin_9(sp_digit* r, byte* a) { @@ -25265,14 +25961,16 @@ static void sp_256_to_bin_9(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -25313,6 +26011,25 @@ typedef struct sp_ecc_sec_gen_256_ctx { sp_point_256 point; } sp_ecc_sec_gen_256_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -25357,6 +26074,13 @@ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_256_rshift_9(sp_digit* r, const sp_digit* a, byte n) { @@ -25383,9 +26107,9 @@ SP_NOINLINE static void sp_256_rshift_9(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_256_mul_d_9(sp_digit* r, const sp_digit* a, sp_digit b) @@ -25427,6 +26151,12 @@ SP_NOINLINE static void sp_256_mul_d_9(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_256_lshift_18(sp_digit* r, const sp_digit* a, byte n) { @@ -25486,11 +26216,13 @@ SP_NOINLINE static void sp_256_lshift_18(sp_digit* r, const sp_digit* a, * * Simplified based on top word of divisor being (1 << 29) - 1 * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_256_div_9(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -25536,10 +26268,12 @@ static int sp_256_div_9(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_256_mod_9(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -25550,9 +26284,9 @@ static int sp_256_mod_9(sp_digit* r, const sp_digit* a, const sp_digit* m) #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P256 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_256_mont_mul_order_9(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -25576,8 +26310,8 @@ static const sp_int_digit p256_order_low[4] = { /* Square number mod the order of P256 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_256_mont_sqr_order_9(sp_digit* r, const sp_digit* a) { @@ -25589,8 +26323,9 @@ static void sp_256_mont_sqr_order_9(sp_digit* r, const sp_digit* a) /* Square number mod the order of P256 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_256_mont_sqr_n_order_9(sp_digit* r, const sp_digit* a, int n) { @@ -25603,19 +26338,24 @@ static void sp_256_mont_sqr_n_order_9(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_256_mont_inv_order_9_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_256_mont_inv_order_9_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P256 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_256_mont_inv_order_9_ctx { - int state; - int i; -} sp_256_mont_inv_order_9_ctx; static int sp_256_mont_inv_order_9_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -25651,6 +26391,13 @@ static int sp_256_mont_inv_order_9_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const s } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P256 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_256_mont_inv_order_9(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -25759,13 +26506,15 @@ static void sp_256_mont_inv_order_9(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_calc_s_9(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -25813,15 +26562,18 @@ static int sp_256_calc_s_9(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 256 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -25929,6 +26681,30 @@ typedef struct sp_ecc_sign_256_ctx { int i; } sp_ecc_sign_256_ctx; +/* Sign the hash using the private key. + * e = [hash, 256 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 256 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -26082,6 +26858,12 @@ static const char sp_256_tab32_9[32] = { 9, 13, 21, 29, 16, 18, 25, 8, 20, 28, 24, 7, 27, 6, 5, 32}; +/* Get the number of bits in the value. (Position of the highest set bit + 1.) + * + * @param [in] v Value to count bits in. + * + * @return The number of bits. + */ static int sp_256_num_bits_29_9(sp_digit v) { v |= v >> 1; @@ -26092,6 +26874,12 @@ static int sp_256_num_bits_29_9(sp_digit v) return sp_256_tab32_9[(word32)(v*0x07C4ACDD) >> 27]; } +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ static int sp_256_num_bits_9(const sp_digit* a) { int i; @@ -26110,11 +26898,12 @@ static int sp_256_num_bits_9(const sp_digit* a) /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. - * @return MEMEORY_E when dynamic memory allocation fails. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_256_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -26217,9 +27006,9 @@ static int sp_256_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_256_add_points_9(sp_point_256* p1, const sp_point_256* p2, sp_digit* tmp) @@ -26248,13 +27037,16 @@ static void sp_256_add_points_9(sp_point_256* p1, const sp_point_256* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_calc_vfy_point_9(sp_point_256* p1, sp_point_256* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -26315,14 +27107,18 @@ static int sp_256_calc_vfy_point_9(sp_point_256* p1, sp_point_256* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 256 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -26418,6 +27214,32 @@ typedef struct sp_ecc_verify_256_ctx { sp_point_256 p2; } sp_ecc_verify_256_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 256) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 256 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -26554,10 +27376,12 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_256_ecc_is_point_9(const sp_point_256* point, void* heap) @@ -26599,10 +27423,12 @@ static int sp_256_ecc_is_point_9(const sp_point_256* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY) { @@ -26628,13 +27454,17 @@ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -26718,16 +27548,18 @@ int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -26776,13 +27608,15 @@ int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -26822,10 +27656,12 @@ int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -26865,8 +27701,10 @@ int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ) #ifdef HAVE_COMP_KEY /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_256_mont_sqrt_9(sp_digit* y) { @@ -26919,10 +27757,12 @@ static int sp_256_mont_sqrt_9(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym) { @@ -27069,9 +27909,9 @@ static const sp_digit p384_b[15] = { #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_384_mul_15(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -27109,9 +27949,9 @@ SP_NOINLINE static void sp_384_mul_15(sp_digit* r, const sp_digit* a, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_384_mul_15(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -27382,8 +28222,8 @@ SP_NOINLINE static void sp_384_mul_15(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_384_sqr_15(sp_digit* r, const sp_digit* a) { @@ -27424,8 +28264,8 @@ SP_NOINLINE static void sp_384_sqr_15(sp_digit* r, const sp_digit* a) #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_384_sqr_15(sp_digit* r, const sp_digit* a) { @@ -27590,9 +28430,9 @@ SP_NOINLINE static void sp_384_sqr_15(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_384_add_15(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -27608,9 +28448,9 @@ SP_NOINLINE static int sp_384_add_15(sp_digit* r, const sp_digit* a, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_384_add_15(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -27638,9 +28478,9 @@ SP_NOINLINE static int sp_384_add_15(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_384_sub_15(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -27657,9 +28497,9 @@ SP_NOINLINE static int sp_384_sub_15(sp_digit* r, const sp_digit* a, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_384_sub_15(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -27686,9 +28526,9 @@ SP_NOINLINE static int sp_384_sub_15(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -27774,8 +28614,8 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_384. * - * p Point of type sp_point_384 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_384 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_384_point_from_ecc_point_15(sp_point_384* p, const ecc_point* pm) @@ -27791,8 +28631,8 @@ static void sp_384_point_from_ecc_point_15(sp_point_384* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_384_to_mp(const sp_digit* a, mp_int* r) { @@ -27859,10 +28699,11 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_384 to type ecc_point. * - * p Point of type sp_point_384. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_384. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_384_point_to_ecc_point_15(const sp_point_384* p, ecc_point* pm) { @@ -27881,10 +28722,11 @@ static int sp_384_point_to_ecc_point_15(const sp_point_384* p, ecc_point* pm) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_384_cmp_15(const sp_digit* a, const sp_digit* b) { @@ -27919,10 +28761,11 @@ static sp_digit sp_384_cmp_15(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_384_cond_sub_15(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -27954,9 +28797,9 @@ static void sp_384_cond_sub_15(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_384_mul_add_15(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -28030,7 +28873,7 @@ SP_NOINLINE static void sp_384_mul_add_15(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 26 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_384_norm_15(sp_digit* a) { @@ -28060,8 +28903,8 @@ static void sp_384_norm_15(sp_digit* a) /* Shift the result in the high 384 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_384_mont_shift_15(sp_digit* r, const sp_digit* a) { @@ -28100,9 +28943,10 @@ static void sp_384_mont_shift_15(sp_digit* r, const sp_digit* a) /* Reduce the number back to 384 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_384_mont_reduce_order_15(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -28129,9 +28973,10 @@ static void sp_384_mont_reduce_order_15(sp_digit* a, const sp_digit* m, sp_digit /* Reduce the number back to 384 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_384_mont_reduce_15(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -28235,11 +29080,11 @@ static void sp_384_mont_reduce_15(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_mul_15(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -28250,10 +29095,10 @@ SP_NOINLINE static void sp_384_mont_mul_15(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_15(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -28265,11 +29110,11 @@ SP_NOINLINE static void sp_384_mont_sqr_15(sp_digit* r, const sp_digit* a, #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_n_15(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -28292,9 +29137,9 @@ static const word32 p384_mod_minus_2[12] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P384 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_384_mont_inv_15(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -28376,9 +29221,9 @@ static void sp_384_mont_inv_15(sp_digit* r, const sp_digit* a, sp_digit* td) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_384_map_15(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -28416,10 +29261,10 @@ static void sp_384_map_15(sp_point_384* r, const sp_point_384* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_384_mont_add_15(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -28434,9 +29279,9 @@ static void sp_384_mont_add_15(sp_digit* r, const sp_digit* a, const sp_digit* b /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_384_mont_dbl_15(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -28450,9 +29295,9 @@ static void sp_384_mont_dbl_15(sp_digit* r, const sp_digit* a, const sp_digit* m /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_384_mont_tpl_15(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -28473,10 +29318,11 @@ static void sp_384_mont_tpl_15(sp_digit* r, const sp_digit* a, const sp_digit* m /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_384_cond_add_15(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -28493,10 +29339,11 @@ static void sp_384_cond_add_15(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_384_cond_add_15(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -28521,10 +29368,10 @@ static void sp_384_cond_add_15(sp_digit* r, const sp_digit* a, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_384_mont_sub_15(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -28535,11 +29382,11 @@ static void sp_384_mont_sub_15(sp_digit* r, const sp_digit* a, const sp_digit* b sp_384_norm_15(r); } -/* Shift number left one bit. +/* Shift number right one bit. * Bottom bit is lost. * - * r Result of shift. - * a Number to shift. + * @param [out] r Result of shift. + * @param [in] a Number to shift. */ SP_NOINLINE static void sp_384_rshift1_15(sp_digit* r, const sp_digit* a) { @@ -28570,9 +29417,9 @@ SP_NOINLINE static void sp_384_rshift1_15(sp_digit* r, const sp_digit* a) /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ static void sp_384_mont_div2_15(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -28584,9 +29431,9 @@ static void sp_384_mont_div2_15(sp_digit* r, const sp_digit* a, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_15(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -28655,9 +29502,13 @@ typedef struct sp_384_proj_point_dbl_15_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_dbl_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -28787,9 +29638,10 @@ static int sp_384_proj_point_dbl_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_384_cmp_equal_15(const sp_digit* a, const sp_digit* b) { @@ -28803,8 +29655,9 @@ static int sp_384_cmp_equal_15(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_384_iszero_15(const sp_digit* a) { @@ -28815,10 +29668,10 @@ static int sp_384_iszero_15(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_15(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -28918,10 +29771,14 @@ typedef struct sp_384_proj_point_add_15_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_add_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -29105,10 +29962,12 @@ static int sp_384_proj_point_add_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_mod_mul_norm_15(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -29267,13 +30126,15 @@ static int sp_384_mod_mul_norm_15(sp_digit* r, const sp_digit* a, const sp_digit * allocates memory rather than use large stacks. * 384 adds and doubles. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_15(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -29362,6 +30223,24 @@ typedef struct sp_384_ecc_mulmod_15_ctx { int y; } sp_384_ecc_mulmod_15_ctx; +/* Multiply the point by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_384_ecc_mulmod_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) { @@ -29471,9 +30350,9 @@ typedef struct sp_table_entry_384 { /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ static void sp_384_cond_copy_15(sp_digit* r, const sp_digit* a, const sp_digit m) { @@ -29523,10 +30402,9 @@ static void sp_384_cond_copy_15(sp_digit* r, const sp_digit* a, const sp_digit m /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_n_15(sp_point_384* p, int i, sp_digit* t) @@ -29615,10 +30493,11 @@ static void sp_384_proj_point_dbl_n_15(sp_point_384* p, int i, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_n_store_15(sp_point_384* r, const sp_point_384* p, int n, int m, sp_digit* t) @@ -29688,11 +30567,11 @@ static void sp_384_proj_point_dbl_n_store_15(sp_point_384* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_sub_15(sp_point_384* ra, sp_point_384* rs, const sp_point_384* p, const sp_point_384* q, @@ -29794,8 +30673,8 @@ static const word8 recode_neg_15_6[66] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_384_ecc_recode_6_15(const sp_digit* k, ecc_recode_384* v) { @@ -29839,9 +30718,9 @@ static void sp_384_ecc_recode_6_15(const sp_digit* k, ecc_recode_384* v) #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_point_33_15(sp_point_384* r, const sp_point_384* table, int idx) @@ -29954,13 +30833,15 @@ static void sp_384_get_point_33_15(sp_point_384* r, const sp_point_384* table, * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_win_add_sub_15(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -30075,10 +30956,10 @@ static int sp_384_ecc_mulmod_win_add_sub_15(sp_point_384* r, const sp_point_384* * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_qz1_15(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -30156,8 +31037,8 @@ static void sp_384_proj_point_add_qz1_15(sp_point_384* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_384_proj_to_affine_15(sp_point_384* a, sp_digit* t) { @@ -30181,10 +31062,10 @@ static void sp_384_proj_to_affine_15(sp_point_384* a, sp_digit* t) * 256 entries * 48 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_384_gen_stripe_table_15(const sp_point_384* a, sp_table_entry_384* table, sp_digit* tmp, void* heap) @@ -30256,9 +31137,9 @@ static int sp_384_gen_stripe_table_15(const sp_point_384* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_entry_256_15(sp_point_384* r, const sp_table_entry_384* table, int idx) @@ -30341,13 +31222,16 @@ static void sp_384_get_entry_256_15(sp_point_384* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_stripe_15(sp_point_384* r, const sp_point_384* g, const sp_table_entry_384* table, const sp_digit* k, int map, @@ -30464,8 +31348,8 @@ static THREAD_LS_T int sp_cache_384_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) { @@ -30528,13 +31412,15 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_15(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -30610,12 +31496,14 @@ static int sp_384_ecc_mulmod_15(sp_point_384* r, const sp_point_384* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -30645,14 +31533,16 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -30705,11 +31595,14 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm, /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_15(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -30719,6 +31612,23 @@ static int sp_384_ecc_mulmod_base_15(sp_point_384* r, const sp_digit* k, } #ifdef WOLFSSL_SP_NONBLOCK +/* Multiply the base point of P384 by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_384_ecc_mulmod_base_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) { @@ -32534,12 +33444,14 @@ static const sp_table_entry_384 p384_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_15(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -32553,11 +33465,13 @@ static int sp_384_ecc_mulmod_base_15(sp_point_384* r, const sp_digit* k, /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -32585,13 +33499,15 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P384 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -32645,8 +33561,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * r A single precision integer. - * a A single precision integer. + * @param [in, out] a A single precision integer. */ SP_NOINLINE static void sp_384_add_one_15(sp_digit* a) { @@ -32657,10 +33572,10 @@ SP_NOINLINE static void sp_384_add_one_15(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -32692,10 +33607,12 @@ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_gen_k_15(WC_RNG* rng, sp_digit* k) { @@ -32725,12 +33642,15 @@ static int sp_384_ecc_gen_k_15(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -32802,6 +33722,23 @@ typedef struct sp_ecc_key_gen_384_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_384_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -32872,8 +33809,8 @@ int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 48 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_384_to_bin_15(sp_digit* r, byte* a) { @@ -32916,14 +33853,16 @@ static void sp_384_to_bin_15(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -32964,6 +33903,25 @@ typedef struct sp_ecc_sec_gen_384_ctx { sp_point_384 point; } sp_ecc_sec_gen_384_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -33008,6 +33966,13 @@ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_384_rshift_15(sp_digit* r, const sp_digit* a, byte n) { @@ -33040,9 +34005,9 @@ SP_NOINLINE static void sp_384_rshift_15(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_384_mul_d_15(sp_digit* r, const sp_digit* a, sp_digit b) @@ -33096,6 +34061,12 @@ SP_NOINLINE static void sp_384_mul_d_15(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_384_lshift_30(sp_digit* r, const sp_digit* a, byte n) { @@ -33179,11 +34150,13 @@ SP_NOINLINE static void sp_384_lshift_30(sp_digit* r, const sp_digit* a, * * Simplified based on top word of divisor being (1 << 26) - 1 * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_384_div_15(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -33229,10 +34202,12 @@ static int sp_384_div_15(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_384_mod_15(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -33243,9 +34218,9 @@ static int sp_384_mod_15(sp_digit* r, const sp_digit* a, const sp_digit* m) #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P384 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_384_mont_mul_order_15(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -33269,8 +34244,8 @@ static const word32 p384_order_low[6] = { /* Square number mod the order of P384 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_384_mont_sqr_order_15(sp_digit* r, const sp_digit* a) { @@ -33282,8 +34257,9 @@ static void sp_384_mont_sqr_order_15(sp_digit* r, const sp_digit* a) /* Square number mod the order of P384 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_384_mont_sqr_n_order_15(sp_digit* r, const sp_digit* a, int n) { @@ -33296,19 +34272,24 @@ static void sp_384_mont_sqr_n_order_15(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_384_mont_inv_order_15_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_384_mont_inv_order_15_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P384 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_384_mont_inv_order_15_ctx { - int state; - int i; -} sp_384_mont_inv_order_15_ctx; static int sp_384_mont_inv_order_15_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -33344,6 +34325,13 @@ static int sp_384_mont_inv_order_15_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P384 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_384_mont_inv_order_15(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -33419,13 +34407,15 @@ static void sp_384_mont_inv_order_15(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_calc_s_15(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -33473,15 +34463,18 @@ static int sp_384_calc_s_15(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 384 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -33589,6 +34582,30 @@ typedef struct sp_ecc_sign_384_ctx { int i; } sp_ecc_sign_384_ctx; +/* Sign the hash using the private key. + * e = [hash, 384 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 384 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -33742,6 +34759,12 @@ static const char sp_384_tab32_15[32] = { 9, 13, 21, 29, 16, 18, 25, 8, 20, 28, 24, 7, 27, 6, 5, 32}; +/* Get the number of bits in the value. (Position of the highest set bit + 1.) + * + * @param [in] v Value to count bits in. + * + * @return The number of bits. + */ static int sp_384_num_bits_26_15(sp_digit v) { v |= v >> 1; @@ -33752,6 +34775,12 @@ static int sp_384_num_bits_26_15(sp_digit v) return sp_384_tab32_15[(word32)(v*0x07C4ACDD) >> 27]; } +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ static int sp_384_num_bits_15(const sp_digit* a) { int i; @@ -33770,11 +34799,12 @@ static int sp_384_num_bits_15(const sp_digit* a) /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. - * @return MEMEORY_E when dynamic memory allocation fails. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_384_mod_inv_15(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -33877,9 +34907,9 @@ static int sp_384_mod_inv_15(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_384_add_points_15(sp_point_384* p1, const sp_point_384* p2, sp_digit* tmp) @@ -33914,13 +34944,16 @@ static void sp_384_add_points_15(sp_point_384* p1, const sp_point_384* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_calc_vfy_point_15(sp_point_384* p1, sp_point_384* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -33981,14 +35014,18 @@ static int sp_384_calc_vfy_point_15(sp_point_384* p1, sp_point_384* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 384 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -34084,6 +35121,32 @@ typedef struct sp_ecc_verify_384_ctx { sp_point_384 p2; } sp_ecc_verify_384_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 384) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 384 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -34220,10 +35283,12 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_384_ecc_is_point_15(const sp_point_384* point, void* heap) @@ -34265,10 +35330,12 @@ static int sp_384_ecc_is_point_15(const sp_point_384* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY) { @@ -34294,13 +35361,17 @@ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -34384,16 +35455,18 @@ int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -34442,13 +35515,15 @@ int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -34488,10 +35563,12 @@ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -34531,8 +35608,10 @@ int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ) #ifdef HAVE_COMP_KEY /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_384_mont_sqrt_15(sp_digit* y) { @@ -34616,10 +35695,12 @@ static int sp_384_mont_sqrt_15(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym) { @@ -34772,9 +35853,9 @@ static const sp_digit p521_b[21] = { #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_521_mul_21(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -34812,9 +35893,9 @@ SP_NOINLINE static void sp_521_mul_21(sp_digit* r, const sp_digit* a, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_521_mul_21(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -34840,8 +35921,8 @@ SP_NOINLINE static void sp_521_mul_21(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_521_sqr_21(sp_digit* r, const sp_digit* a) { @@ -34882,8 +35963,8 @@ SP_NOINLINE static void sp_521_sqr_21(sp_digit* r, const sp_digit* a) #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_521_sqr_21(sp_digit* r, const sp_digit* a) { @@ -34909,9 +35990,9 @@ SP_NOINLINE static void sp_521_sqr_21(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_521_add_21(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -34927,9 +36008,9 @@ SP_NOINLINE static int sp_521_add_21(sp_digit* r, const sp_digit* a, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_521_add_21(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -34959,9 +36040,9 @@ SP_NOINLINE static int sp_521_add_21(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_521_sub_21(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -34978,9 +36059,9 @@ SP_NOINLINE static int sp_521_sub_21(sp_digit* r, const sp_digit* a, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_521_sub_21(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -35009,9 +36090,9 @@ SP_NOINLINE static int sp_521_sub_21(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -35097,8 +36178,8 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_521. * - * p Point of type sp_point_521 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_521 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_521_point_from_ecc_point_21(sp_point_521* p, const ecc_point* pm) @@ -35114,8 +36195,8 @@ static void sp_521_point_from_ecc_point_21(sp_point_521* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_521_to_mp(const sp_digit* a, mp_int* r) { @@ -35182,10 +36263,11 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_521 to type ecc_point. * - * p Point of type sp_point_521. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_521. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_521_point_to_ecc_point_21(const sp_point_521* p, ecc_point* pm) { @@ -35204,7 +36286,7 @@ static int sp_521_point_to_ecc_point_21(const sp_point_521* p, ecc_point* pm) /* Normalize the values in each word to 25 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_521_norm_21(sp_digit* a) { @@ -35235,9 +36317,10 @@ static void sp_521_norm_21(sp_digit* a) /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_521_mont_reduce_21(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -35260,10 +36343,11 @@ static void sp_521_mont_reduce_21(sp_digit* a, const sp_digit* m, sp_digit mp) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_521_cmp_21(const sp_digit* a, const sp_digit* b) { @@ -35300,10 +36384,11 @@ static sp_digit sp_521_cmp_21(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_521_cond_sub_21(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -35337,9 +36422,9 @@ static void sp_521_cond_sub_21(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_521_mul_add_21(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -35405,8 +36490,8 @@ SP_NOINLINE static void sp_521_mul_add_21(sp_digit* r, const sp_digit* a, /* Shift the result in the high 521 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_521_mont_shift_21(sp_digit* r, const sp_digit* a) { @@ -35464,9 +36549,10 @@ static void sp_521_mont_shift_21(sp_digit* r, const sp_digit* a) /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_521_mont_reduce_order_21(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -35494,11 +36580,11 @@ static void sp_521_mont_reduce_order_21(sp_digit* a, const sp_digit* m, sp_digit /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_mul_21(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -35509,10 +36595,10 @@ SP_NOINLINE static void sp_521_mont_mul_21(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_sqr_21(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -35524,11 +36610,11 @@ SP_NOINLINE static void sp_521_mont_sqr_21(sp_digit* r, const sp_digit* a, #ifndef WOLFSSL_SP_SMALL /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_sqr_n_21(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -35552,9 +36638,9 @@ static const word32 p521_mod_minus_2[17] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P521 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_521_mont_inv_21(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -35632,9 +36718,9 @@ static void sp_521_mont_inv_21(sp_digit* r, const sp_digit* a, sp_digit* td) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_521_map_21(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -35672,10 +36758,10 @@ static void sp_521_map_21(sp_point_521* r, const sp_point_521* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_521_mont_add_21(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -35690,9 +36776,9 @@ static void sp_521_mont_add_21(sp_digit* r, const sp_digit* a, const sp_digit* b /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_521_mont_dbl_21(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -35706,9 +36792,9 @@ static void sp_521_mont_dbl_21(sp_digit* r, const sp_digit* a, const sp_digit* m /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_521_mont_tpl_21(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -35729,10 +36815,11 @@ static void sp_521_mont_tpl_21(sp_digit* r, const sp_digit* a, const sp_digit* m /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_521_cond_add_21(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -35749,10 +36836,11 @@ static void sp_521_cond_add_21(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_521_cond_add_21(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -35779,10 +36867,10 @@ static void sp_521_cond_add_21(sp_digit* r, const sp_digit* a, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_521_mont_sub_21(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -35793,11 +36881,11 @@ static void sp_521_mont_sub_21(sp_digit* r, const sp_digit* a, const sp_digit* b sp_521_norm_21(r); } -/* Shift number left one bit. +/* Shift number right one bit. * Bottom bit is lost. * - * r Result of shift. - * a Number to shift. + * @param [out] r Result of shift. + * @param [in] a Number to shift. */ SP_NOINLINE static void sp_521_rshift1_21(sp_digit* r, const sp_digit* a) { @@ -35834,9 +36922,9 @@ SP_NOINLINE static void sp_521_rshift1_21(sp_digit* r, const sp_digit* a) /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ static void sp_521_mont_div2_21(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -35848,9 +36936,9 @@ static void sp_521_mont_div2_21(sp_digit* r, const sp_digit* a, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_21(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -35919,9 +37007,13 @@ typedef struct sp_521_proj_point_dbl_21_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_dbl_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -36051,9 +37143,10 @@ static int sp_521_proj_point_dbl_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_521_cmp_equal_21(const sp_digit* a, const sp_digit* b) { @@ -36069,8 +37162,9 @@ static int sp_521_cmp_equal_21(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_521_iszero_21(const sp_digit* a) { @@ -36082,10 +37176,10 @@ static int sp_521_iszero_21(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_21(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -36185,10 +37279,14 @@ typedef struct sp_521_proj_point_add_21_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_add_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -36372,10 +37470,12 @@ static int sp_521_proj_point_add_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_mod_mul_norm_21(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -36396,13 +37496,15 @@ static int sp_521_mod_mul_norm_21(sp_digit* r, const sp_digit* a, const sp_digit * allocates memory rather than use large stacks. * 521 adds and doubles. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_21(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -36491,6 +37593,24 @@ typedef struct sp_521_ecc_mulmod_21_ctx { int y; } sp_521_ecc_mulmod_21_ctx; +/* Multiply the point by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_521_ecc_mulmod_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) { @@ -36600,9 +37720,9 @@ typedef struct sp_table_entry_521 { /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ static void sp_521_cond_copy_21(sp_digit* r, const sp_digit* a, const sp_digit m) { @@ -36664,10 +37784,9 @@ static void sp_521_cond_copy_21(sp_digit* r, const sp_digit* a, const sp_digit m /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_n_21(sp_point_521* p, int i, sp_digit* t) @@ -36756,10 +37875,11 @@ static void sp_521_proj_point_dbl_n_21(sp_point_521* p, int i, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_n_store_21(sp_point_521* r, const sp_point_521* p, int n, int m, sp_digit* t) @@ -36829,11 +37949,11 @@ static void sp_521_proj_point_dbl_n_store_21(sp_point_521* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_sub_21(sp_point_521* ra, sp_point_521* rs, const sp_point_521* p, const sp_point_521* q, @@ -36935,8 +38055,8 @@ static const word8 recode_neg_21_6[66] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_521_ecc_recode_6_21(const sp_digit* k, ecc_recode_521* v) { @@ -36980,9 +38100,9 @@ static void sp_521_ecc_recode_6_21(const sp_digit* k, ecc_recode_521* v) #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_point_33_21(sp_point_521* r, const sp_point_521* table, int idx) @@ -37131,13 +38251,15 @@ static void sp_521_get_point_33_21(sp_point_521* r, const sp_point_521* table, * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_win_add_sub_21(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -37252,10 +38374,10 @@ static int sp_521_ecc_mulmod_win_add_sub_21(sp_point_521* r, const sp_point_521* * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_qz1_21(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -37333,8 +38455,8 @@ static void sp_521_proj_point_add_qz1_21(sp_point_521* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_521_proj_to_affine_21(sp_point_521* a, sp_digit* t) { @@ -37358,10 +38480,10 @@ static void sp_521_proj_to_affine_21(sp_point_521* a, sp_digit* t) * 256 entries * 65 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_521_gen_stripe_table_21(const sp_point_521* a, sp_table_entry_521* table, sp_digit* tmp, void* heap) @@ -37433,9 +38555,9 @@ static int sp_521_gen_stripe_table_21(const sp_point_521* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_entry_256_21(sp_point_521* r, const sp_table_entry_521* table, int idx) @@ -37542,13 +38664,16 @@ static void sp_521_get_entry_256_21(sp_point_521* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_stripe_21(sp_point_521* r, const sp_point_521* g, const sp_table_entry_521* table, const sp_digit* k, int map, @@ -37665,8 +38790,8 @@ static THREAD_LS_T int sp_cache_521_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) { @@ -37729,13 +38854,15 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_21(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -37811,12 +38938,14 @@ static int sp_521_ecc_mulmod_21(sp_point_521* r, const sp_point_521* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -37846,14 +38975,16 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -37906,11 +39037,14 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm, /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_21(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -37920,6 +39054,23 @@ static int sp_521_ecc_mulmod_base_21(sp_point_521* r, const sp_digit* k, } #ifdef WOLFSSL_SP_NONBLOCK +/* Multiply the base point of P521 by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_521_ecc_mulmod_base_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) { @@ -40245,12 +41396,14 @@ static const sp_table_entry_521 p521_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_21(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -40264,11 +41417,13 @@ static int sp_521_ecc_mulmod_base_21(sp_point_521* r, const sp_digit* k, /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -40296,13 +41451,15 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P521 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -40356,8 +41513,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * r A single precision integer. - * a A single precision integer. + * @param [in, out] a A single precision integer. */ SP_NOINLINE static void sp_521_add_one_21(sp_digit* a) { @@ -40368,10 +41524,10 @@ SP_NOINLINE static void sp_521_add_one_21(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -40403,10 +41559,12 @@ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_gen_k_21(WC_RNG* rng, sp_digit* k) { @@ -40437,12 +41595,15 @@ static int sp_521_ecc_gen_k_21(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -40514,6 +41675,23 @@ typedef struct sp_ecc_key_gen_521_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_521_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -40584,8 +41762,8 @@ int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 66 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_521_to_bin_21(sp_digit* r, byte* a) { @@ -40628,14 +41806,16 @@ static void sp_521_to_bin_21(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_521(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -40676,6 +41856,25 @@ typedef struct sp_ecc_sec_gen_521_ctx { sp_point_521 point; } sp_ecc_sec_gen_521_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -40718,6 +41917,13 @@ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #endif /* HAVE_ECC_DHE */ #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_521_rshift_21(sp_digit* r, const sp_digit* a, byte n) { @@ -40750,9 +41956,9 @@ SP_NOINLINE static void sp_521_rshift_21(sp_digit* r, const sp_digit* a, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_521_mul_d_21(sp_digit* r, const sp_digit* a, sp_digit b) @@ -40804,6 +42010,12 @@ SP_NOINLINE static void sp_521_mul_d_21(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_521_lshift_42(sp_digit* r, const sp_digit* a, byte n) { @@ -40911,11 +42123,13 @@ SP_NOINLINE static void sp_521_lshift_42(sp_digit* r, const sp_digit* a, * * Simplified based on top word of divisor being (1 << 25) - 1 * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_521_div_21(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -40961,10 +42175,12 @@ static int sp_521_div_21(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_521_mod_21(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -40975,9 +42191,9 @@ static int sp_521_mod_21(sp_digit* r, const sp_digit* a, const sp_digit* m) #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P521 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_521_mont_mul_order_21(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -41003,8 +42219,8 @@ static const word32 p521_order_low[9] = { /* Square number mod the order of P521 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_521_mont_sqr_order_21(sp_digit* r, const sp_digit* a) { @@ -41016,8 +42232,9 @@ static void sp_521_mont_sqr_order_21(sp_digit* r, const sp_digit* a) /* Square number mod the order of P521 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_521_mont_sqr_n_order_21(sp_digit* r, const sp_digit* a, int n) { @@ -41030,19 +42247,24 @@ static void sp_521_mont_sqr_n_order_21(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_521_mont_inv_order_21_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_521_mont_inv_order_21_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P521 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_521_mont_inv_order_21_ctx { - int state; - int i; -} sp_521_mont_inv_order_21_ctx; static int sp_521_mont_inv_order_21_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -41078,6 +42300,13 @@ static int sp_521_mont_inv_order_21_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P521 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_521_mont_inv_order_21(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -41166,13 +42395,15 @@ static void sp_521_mont_inv_order_21(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_calc_s_21(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -41220,15 +42451,18 @@ static int sp_521_calc_s_21(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 521 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_521(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -41342,6 +42576,30 @@ typedef struct sp_ecc_sign_521_ctx { int i; } sp_ecc_sign_521_ctx; +/* Sign the hash using the private key. + * e = [hash, 521 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 521 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -41499,6 +42757,12 @@ static const char sp_521_tab32_21[32] = { 9, 13, 21, 29, 16, 18, 25, 8, 20, 28, 24, 7, 27, 6, 5, 32}; +/* Get the number of bits in the value. (Position of the highest set bit + 1.) + * + * @param [in] v Value to count bits in. + * + * @return The number of bits. + */ static int sp_521_num_bits_25_21(sp_digit v) { v |= v >> 1; @@ -41509,6 +42773,12 @@ static int sp_521_num_bits_25_21(sp_digit v) return sp_521_tab32_21[(word32)(v*0x07C4ACDD) >> 27]; } +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ static int sp_521_num_bits_21(const sp_digit* a) { int i; @@ -41527,11 +42797,12 @@ static int sp_521_num_bits_21(const sp_digit* a) /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. - * @return MEMEORY_E when dynamic memory allocation fails. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_521_mod_inv_21(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -41634,9 +42905,9 @@ static int sp_521_mod_inv_21(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_521_add_points_21(sp_point_521* p1, const sp_point_521* p2, sp_digit* tmp) @@ -41677,13 +42948,16 @@ static void sp_521_add_points_21(sp_point_521* p1, const sp_point_521* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_calc_vfy_point_21(sp_point_521* p1, sp_point_521* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -41744,14 +43018,18 @@ static int sp_521_calc_vfy_point_21(sp_point_521* p1, sp_point_521* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 521 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_521(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -41852,6 +43130,32 @@ typedef struct sp_ecc_verify_521_ctx { sp_point_521 p2; } sp_ecc_verify_521_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 521) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 521 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -41992,10 +43296,12 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_521_ecc_is_point_21(const sp_point_521* point, void* heap) @@ -42037,10 +43343,12 @@ static int sp_521_ecc_is_point_21(const sp_point_521* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY) { @@ -42066,13 +43374,17 @@ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -42156,16 +43468,18 @@ int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -42214,13 +43528,15 @@ int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -42260,10 +43576,12 @@ int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_521(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -42310,8 +43628,10 @@ static const word32 p521_sqrt_power[17] = { /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_521_mont_sqrt_21(sp_digit* y) { @@ -42342,10 +43662,12 @@ static int sp_521_mont_sqrt_21(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_521(mp_int* xm, int odd, mp_int* ym) { @@ -42412,9 +43734,9 @@ typedef struct sp_point_1024 { #ifndef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_1024_mul_7(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42487,8 +43809,8 @@ SP_NOINLINE static void sp_1024_mul_7(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_1024_sqr_7(sp_digit* r, const sp_digit* a) { @@ -42539,9 +43861,9 @@ SP_NOINLINE static void sp_1024_sqr_7(sp_digit* r, const sp_digit* a) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_1024_add_7(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42559,9 +43881,9 @@ SP_NOINLINE static int sp_1024_add_7(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_1024_sub_14(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42586,9 +43908,9 @@ SP_NOINLINE static int sp_1024_sub_14(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_1024_add_14(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42613,9 +43935,9 @@ SP_NOINLINE static int sp_1024_add_14(sp_digit* r, const sp_digit* a, /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_1024_mul_21(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42663,8 +43985,8 @@ SP_NOINLINE static void sp_1024_mul_21(sp_digit* r, const sp_digit* a, /* Square a into r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_1024_sqr_21(sp_digit* r, const sp_digit* a) { @@ -42705,9 +44027,9 @@ SP_NOINLINE static void sp_1024_sqr_21(sp_digit* r, const sp_digit* a) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_1024_add_21(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42735,9 +44057,9 @@ SP_NOINLINE static int sp_1024_add_21(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_1024_add_42(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42762,9 +44084,9 @@ SP_NOINLINE static int sp_1024_add_42(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_1024_sub_42(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42789,9 +44111,9 @@ SP_NOINLINE static int sp_1024_sub_42(sp_digit* r, const sp_digit* a, /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_1024_mul_42(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42813,8 +44135,8 @@ SP_NOINLINE static void sp_1024_mul_42(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_1024_sqr_42(sp_digit* r, const sp_digit* a) { @@ -42834,9 +44156,9 @@ SP_NOINLINE static void sp_1024_sqr_42(sp_digit* r, const sp_digit* a) #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_1024_mul_42(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42873,8 +44195,8 @@ SP_NOINLINE static void sp_1024_mul_42(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_1024_sqr_42(sp_digit* r, const sp_digit* a) { @@ -43006,7 +44328,7 @@ static const sp_point_1024 p1024_base = { /* Normalize the values in each word to 25 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_1024_norm_41(sp_digit* a) { @@ -43033,9 +44355,9 @@ static void sp_1024_norm_41(sp_digit* a) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_1024_mul_d_42(sp_digit* r, const sp_digit* a, sp_digit b) @@ -43092,9 +44414,9 @@ SP_NOINLINE static void sp_1024_mul_d_42(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_1024_mul_d_84(sp_digit* r, const sp_digit* a, sp_digit b) @@ -43147,10 +44469,11 @@ SP_NOINLINE static void sp_1024_mul_d_84(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_1024_cond_add_42(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -43167,10 +44490,11 @@ static void sp_1024_cond_add_42(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_1024_cond_add_42(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -43195,9 +44519,9 @@ static void sp_1024_cond_add_42(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_1024_sub_42(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -43215,9 +44539,9 @@ SP_NOINLINE static int sp_1024_sub_42(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_1024_add_42(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -43232,6 +44556,13 @@ SP_NOINLINE static int sp_1024_add_42(sp_digit* r, const sp_digit* a, } #endif /* WOLFSSL_SP_SMALL */ +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_1024_rshift_42(sp_digit* r, const sp_digit* a, byte n) { @@ -43257,6 +44588,14 @@ SP_NOINLINE static void sp_1024_rshift_42(sp_digit* r, const sp_digit* a, r[41] = a[41] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_1024_div_word_42(sp_digit d1, sp_digit d0, sp_digit div) { @@ -43338,6 +44677,13 @@ static WC_INLINE sp_digit sp_1024_div_word_42(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_1024_word_div_word_42(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -43352,11 +44698,13 @@ static WC_INLINE sp_digit sp_1024_word_div_word_42(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_1024_div_42(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -43421,10 +44769,12 @@ static int sp_1024_div_42(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_1024_mod_42(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -43433,10 +44783,12 @@ static int sp_1024_mod_42(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_mod_mul_norm_42(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -43449,10 +44801,12 @@ static int sp_1024_mod_mul_norm_42(sp_digit* r, const sp_digit* a, #ifdef WOLFCRYPT_HAVE_SAKKE /* Create a new point. * - * heap [in] Buffer to allocate dynamic memory from. - * sp [in] Data for point - only if not allocating. - * p [out] New point. - * returns MEMORY_E when dynamic memory allocation fails and 0 otherwise. + * @param [in] heap Buffer to allocate dynamic memory from. + * @param [in] sp Data for point - only if not allocating. + * @param [out] p New point. + * + * @return 0 otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_1024_point_new_ex_42(void* heap, sp_point_1024* sp, sp_point_1024** p) @@ -43484,9 +44838,9 @@ static int sp_1024_point_new_ex_42(void* heap, sp_point_1024* sp, #ifdef WOLFCRYPT_HAVE_SAKKE /* Free the point. * - * p [in,out] Point to free. - * clear [in] Indicates whether to zeroize point. - * heap [in] Buffer from which dynamic memory was allocate from. + * @param [in, out] p Point to free. + * @param [in] clear Indicates whether to zeroize point. + * @param [in] heap Buffer from which dynamic memory was allocate from. */ static void sp_1024_point_free_42(sp_point_1024* p, int clear, void* heap) { @@ -43511,9 +44865,9 @@ static void sp_1024_point_free_42(sp_point_1024* p, int clear, void* heap) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -43599,8 +44953,8 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_1024. * - * p Point of type sp_point_1024 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_1024 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_1024_point_from_ecc_point_42(sp_point_1024* p, const ecc_point* pm) @@ -43616,8 +44970,8 @@ static void sp_1024_point_from_ecc_point_42(sp_point_1024* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) { @@ -43684,10 +45038,11 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_1024 to type ecc_point. * - * p Point of type sp_point_1024. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_1024. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_1024_point_to_ecc_point_42(const sp_point_1024* p, ecc_point* pm) { @@ -43706,10 +45061,11 @@ static int sp_1024_point_to_ecc_point_42(const sp_point_1024* p, ecc_point* pm) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_1024_cmp_42(const sp_digit* a, const sp_digit* b) { @@ -43743,10 +45099,11 @@ static sp_digit sp_1024_cmp_42(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_1024_cond_sub_42(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -43777,9 +45134,9 @@ static void sp_1024_cond_sub_42(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_1024_mul_add_42(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -43842,7 +45199,7 @@ SP_NOINLINE static void sp_1024_mul_add_42(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 25 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_1024_norm_42(sp_digit* a) { @@ -43870,8 +45227,8 @@ static void sp_1024_norm_42(sp_digit* a) /* Shift the result in the high 1024 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_1024_mont_shift_42(sp_digit* r, const sp_digit* a) { @@ -43910,9 +45267,10 @@ static void sp_1024_mont_shift_42(sp_digit* r, const sp_digit* a) /* Reduce the number back to 1024 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_1024_mont_reduce_42(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -43954,11 +45312,11 @@ static void sp_1024_mont_reduce_42(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_mul_42(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -43969,10 +45327,10 @@ SP_NOINLINE static void sp_1024_mont_mul_42(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_sqr_42(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -44007,9 +45365,9 @@ static const word8 p1024_mod_minus_2[] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P1024 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_1024_mont_inv_42(sp_digit* r, const sp_digit* a, sp_digit* td) @@ -44044,9 +45402,9 @@ static void sp_1024_mont_inv_42(sp_digit* r, const sp_digit* a, /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_1024_map_42(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -44084,10 +45442,10 @@ static void sp_1024_map_42(sp_point_1024* r, const sp_point_1024* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_1024_mont_add_42(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -44102,9 +45460,9 @@ static void sp_1024_mont_add_42(sp_digit* r, const sp_digit* a, const sp_digit* /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_1024_mont_dbl_42(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -44118,9 +45476,9 @@ static void sp_1024_mont_dbl_42(sp_digit* r, const sp_digit* a, const sp_digit* /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_1024_mont_tpl_42(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -44139,10 +45497,10 @@ static void sp_1024_mont_tpl_42(sp_digit* r, const sp_digit* a, const sp_digit* /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_1024_mont_sub_42(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -44153,11 +45511,11 @@ static void sp_1024_mont_sub_42(sp_digit* r, const sp_digit* a, const sp_digit* sp_1024_norm_42(r); } -/* Shift number left one bit. +/* Shift number right one bit. * Bottom bit is lost. * - * r Result of shift. - * a Number to shift. + * @param [out] r Result of shift. + * @param [in] a Number to shift. */ SP_NOINLINE static void sp_1024_rshift1_42(sp_digit* r, const sp_digit* a) { @@ -44215,9 +45573,9 @@ SP_NOINLINE static void sp_1024_rshift1_42(sp_digit* r, const sp_digit* a) /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ static void sp_1024_mont_div2_42(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -44229,9 +45587,9 @@ static void sp_1024_mont_div2_42(sp_digit* r, const sp_digit* a, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_42(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -44300,9 +45658,13 @@ typedef struct sp_1024_proj_point_dbl_42_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_dbl_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -44432,9 +45794,10 @@ static int sp_1024_proj_point_dbl_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_1024_cmp_equal_42(const sp_digit* a, const sp_digit* b) { @@ -44457,8 +45820,9 @@ static int sp_1024_cmp_equal_42(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_1024_iszero_42(const sp_digit* a) { @@ -44473,10 +45837,10 @@ static int sp_1024_iszero_42(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_42(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -44576,10 +45940,14 @@ typedef struct sp_1024_proj_point_add_42_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_add_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -44769,13 +46137,15 @@ static int sp_1024_proj_point_add_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, * allocates memory rather than use large stacks. * 1024 adds and doubles. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_42(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -44864,6 +46234,24 @@ typedef struct sp_1024_ecc_mulmod_42_ctx { int y; } sp_1024_ecc_mulmod_42_ctx; +/* Multiply the point by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_1024_ecc_mulmod_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) { @@ -44973,9 +46361,9 @@ typedef struct sp_table_entry_1024 { /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ static void sp_1024_cond_copy_42(sp_digit* r, const sp_digit* a, const sp_digit m) { @@ -45079,10 +46467,9 @@ static void sp_1024_cond_copy_42(sp_digit* r, const sp_digit* a, const sp_digit /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_n_42(sp_point_1024* p, int i, sp_digit* t) @@ -45171,10 +46558,11 @@ static void sp_1024_proj_point_dbl_n_42(sp_point_1024* p, int i, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_n_store_42(sp_point_1024* r, const sp_point_1024* p, int n, int m, sp_digit* t) @@ -45244,11 +46632,11 @@ static void sp_1024_proj_point_dbl_n_store_42(sp_point_1024* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_sub_42(sp_point_1024* ra, sp_point_1024* rs, const sp_point_1024* p, const sp_point_1024* q, @@ -45358,8 +46746,8 @@ static const word8 recode_neg_42_7[130] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_1024_ecc_recode_7_42(const sp_digit* k, ecc_recode_1024* v) { @@ -45410,13 +46798,15 @@ static void sp_1024_ecc_recode_7_42(const sp_digit* k, ecc_recode_1024* v) * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_win_add_sub_42(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -45535,10 +46925,10 @@ static int sp_1024_ecc_mulmod_win_add_sub_42(sp_point_1024* r, const sp_point_10 * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_qz1_42(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -45616,8 +47006,8 @@ static void sp_1024_proj_point_add_qz1_42(sp_point_1024* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_1024_proj_to_affine_42(sp_point_1024* a, sp_digit* t) { @@ -45641,10 +47031,10 @@ static void sp_1024_proj_to_affine_42(sp_point_1024* a, sp_digit* t) * 256 entries * 128 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_1024_gen_stripe_table_42(const sp_point_1024* a, sp_table_entry_1024* table, sp_digit* tmp, void* heap) @@ -45721,13 +47111,16 @@ static int sp_1024_gen_stripe_table_42(const sp_point_1024* a, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_stripe_42(sp_point_1024* r, const sp_point_1024* g, const sp_table_entry_1024* table, const sp_digit* k, int map, @@ -45829,8 +47222,8 @@ static THREAD_LS_T int sp_cache_1024_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache) { @@ -45893,13 +47286,15 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_42(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -45975,12 +47370,14 @@ static int sp_1024_ecc_mulmod_42(sp_point_1024* r, const sp_point_1024* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -46011,11 +47408,14 @@ int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_base_42(sp_point_1024* r, const sp_digit* k, int map, int ct, void* heap) @@ -46025,6 +47425,23 @@ static int sp_1024_ecc_mulmod_base_42(sp_point_1024* r, const sp_digit* k, } #ifdef WOLFSSL_SP_NONBLOCK +/* Multiply the base point of P1024 by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_1024_ecc_mulmod_base_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_digit* k, int map, int ct, void* heap) { @@ -49884,12 +51301,14 @@ static const sp_table_entry_1024 p1024_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_base_42(sp_point_1024* r, const sp_digit* k, int map, int ct, void* heap) @@ -49903,11 +51322,13 @@ static int sp_1024_ecc_mulmod_base_42(sp_point_1024* r, const sp_digit* k, /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -49935,13 +51356,15 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P1024 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -49992,12 +51415,15 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, #ifndef WOLFSSL_SP_SMALL /* Generate a pre-computation table for the point. * - * gm Point to generate table for. - * table Buffer to hold pre-computed points table. - * len Length of table. - * heap Heap to use for allocation. - * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is - * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise. + * @param [in] gm Point to generate table for. + * @param [out] table Buffer to hold pre-computed points table. + * @param [in, out] len Length of table. + * @param [in] heap Heap to use for allocation. + * + * @return 0 otherwise. + * @return BAD_FUNC_ARG when gm or len is NULL. + * @return LENGTH_ONLY_E when table is NULL and length is returned. + * @return BUFFER_E when length is too small. */ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, void* heap) @@ -50037,12 +51463,15 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, #else /* Generate a pre-computation table for the point. * - * gm Point to generate table for. - * table Buffer to hold pre-computed points table. - * len Length of table. - * heap Heap to use for allocation. - * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is - * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise. + * @param [in] gm Point to generate table for. + * @param [out] table Buffer to hold pre-computed points table. + * @param [in, out] len Length of table. + * @param [in] heap Heap to use for allocation. + * + * @return 0 otherwise. + * @return BAD_FUNC_ARG when gm or len is NULL. + * @return LENGTH_ONLY_E when table is NULL and length is returned. + * @return BUFFER_E when length is too small. */ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, void* heap) @@ -50072,13 +51501,15 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * gm Point to multiply. - * table Pre-computed points. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] table Pre-computed points. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, ecc_point* r, int map, void* heap) @@ -50116,10 +51547,12 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, * r.x = p.x - (p.y * q.y) * r.y = (p.x * q.y) + p.y * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * q [in] A single precision integer - multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] q A single precision integer - multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_qx1_42(sp_digit* px, sp_digit* py, const sp_digit* q, sp_digit* t) @@ -50142,9 +51575,11 @@ static void sp_1024_proj_mul_qx1_42(sp_digit* px, sp_digit* py, * px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2 * py' = 2 * p.x * p.y * - * px [in,out] A single precision integer - X ordinate of number to square. - * py [in,out] A single precision integer - Y ordinate of number to square. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_sqr_42(sp_digit* px, sp_digit* py, sp_digit* t) { @@ -50169,10 +51604,12 @@ static void sp_1024_proj_sqr_42(sp_digit* px, sp_digit* py, sp_digit* t) * Simple square and multiply when expontent bit is one algorithm. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -52065,11 +53502,13 @@ static const sp_digit sp_1024_g_table[256][42] = { * Total of 256 points in table. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -52164,13 +53603,15 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) * p.x' = v0 - v1 * p.y' = (px + py) * (qx + qy) - v0 - v1 * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * qx [in] A single precision integer - X ordinate of number of - * multiplier. - * qy [in] A single precision integer - Y ordinate of number of - * multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] qx A single precision integer - X ordinate of number of + * multiplier. + * @param [in] qy A single precision integer - Y ordinate of number of + * multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_42(sp_digit* px, sp_digit* py, const sp_digit* qx, const sp_digit* qy, sp_digit* t) @@ -52200,8 +53641,8 @@ static void sp_1024_proj_mul_42(sp_digit* px, sp_digit* py, /* * Convert point from projective to affine but keep in Montgomery form. * - * p [in,out] Point to convert. - * t [in] Temporary numbers: 2. + * @param [in, out] p Point to convert. + * @param [in] t Temporary numbers: 2. */ static void sp_1024_mont_map_42(sp_point_1024* p, sp_digit* t) { @@ -52230,11 +53671,11 @@ static void sp_1024_mont_map_42(sp_point_1024* p, sp_digit* t) * p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 * p'.z = 2 * p.y * p.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_42(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -52320,14 +53761,14 @@ static void sp_1024_accumulate_line_dbl_42(sp_digit* vx, sp_digit* vy, * c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 * c'.z = (c.x - p.x * c.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added * to. - * @param [in] p ECC point - point on E(F_p^2) to add. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] qx_px SP that is a constant value across adds. - * @param [in] t SP temporaries (6 used). + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] qx_px SP that is a constant value across adds. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_add_one_42(sp_digit* vx, sp_digit* vy, sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px, @@ -52404,10 +53845,10 @@ static void sp_1024_accumulate_line_add_one_42(sp_digit* vx, sp_digit* vy, * * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q. * - * @param [in] key SAKKE key. - * @param [in] p First point on E(F_p)[q]. - * @param [in] q Second point on E(F_p)[q]. - * @param [in] r Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -52541,14 +53982,14 @@ int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res) * c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 * c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added - * to. - * @param [in,out] p ECC point - point on E(F_p^2) to add. - * @param [in,out] q ECC point - second point on E(F_P^2). - * @param [in,out] t SP temporaries (6 used). - * @param [in,out] neg Indicates to use negative P. + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added to. + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in, out] t SP temporaries (6 used). + * @param [in] neg Indicates to use negative P. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -52662,12 +54103,12 @@ static void sp_1024_accumulate_line_add_n_42(sp_digit* vx, sp_digit* vy, * Finally: * p'.y = py' / 2 * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] n Number of times to double. - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] n Number of times to double. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_n_42(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t) @@ -52782,9 +54223,10 @@ static const signed char sp_1024_order_op[] = { * Subtract if top bit in window is one. * Width of 6 bits. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -52956,13 +54398,14 @@ int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res) * * Small implementation does not use a table - returns 0 length. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. */ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, word32* len) @@ -52989,11 +54432,12 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, * * Small implementation does not use a table - use the normal implementation. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -53012,11 +54456,11 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm, * l = 3 * (p.x^2 - 1) / (2 * p.y) * c = l * p.x - p.y * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to double. - * @param [in] py Y-ordinate of point to double. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to double. + * @param [in] py Y-ordinate of point to double. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_dbl_calc_lc_42(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, sp_digit* t) @@ -53053,13 +54497,13 @@ static void sp_1024_accum_dbl_calc_lc_42(sp_digit* lr, sp_digit* cr, * l = (c.y - p.y) / (c.x - p.x) * c = (p.x * c.y - cx * p.y) / (cx - p.x) * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to add. - * @param [in] py Y-ordinate of point to add. - * @param [in] cx X-ordinate of current point. - * @param [in] cy Y-ordinate of current point. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to add. + * @param [in] py Y-ordinate of point to add. + * @param [in] cx X-ordinate of current point. + * @param [in] cy Y-ordinate of current point. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_add_calc_lc_42(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, const sp_digit* cx, @@ -53103,13 +54547,13 @@ static void sp_1024_accum_add_calc_lc_42(sp_digit* lr, sp_digit* cr, * r.y = q->y * v* = v* * r* * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in] l Gradient to multiply with. - * @param [in] c Constant to add with. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (3 used). - * @param [in] dbl Indicates whether this is for doubling. Otherwise + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in] l Gradient to multiply with. + * @param [in] c Constant to add with. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (3 used). + * @param [in] dbl Indicates whether this is for doubling. Otherwise * adding. */ static void sp_1024_accumulate_line_lc_42(sp_digit* vx, sp_digit* vy, @@ -53165,14 +54609,15 @@ static const signed char sp_1024_order_op_pre[] = { * Subtract if top bit in window is one. * Width of 6 bits. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. - * MEMORY_E when dynamic memory allocation fauls. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. + * @return MEMORY_E when dynamic memory allocation fauls. */ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, word32* len) @@ -53326,11 +54771,12 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, * Pre-generate values in window (1, 3, ...) - only V. * Table contains all gradient l and a constant for each point on the path. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -53511,10 +54957,10 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm, #endif /* WOLFSSL_SP_SMALL */ /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -53546,10 +54992,12 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_1024_ecc_is_point_42(const sp_point_1024* point, void* heap) @@ -53595,10 +55043,12 @@ static int sp_1024_ecc_is_point_42(const sp_point_1024* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY) { @@ -53624,13 +55074,17 @@ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) diff --git a/wolfcrypt/src/sp_c64.c b/wolfcrypt/src/sp_c64.c index fe628261e2..06ddef7acc 100644 --- a/wolfcrypt/src/sp_c64.c +++ b/wolfcrypt/src/sp_c64.c @@ -173,10 +173,10 @@ static const size_t addr_mask[2] = { 0, (size_t)-1 }; #ifdef WOLFSSL_SP_SMALL /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -208,9 +208,9 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -297,8 +297,8 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 256 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_2048_to_bin_34(sp_digit* r, byte* a) { @@ -341,7 +341,7 @@ static void sp_2048_to_bin_34(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 61 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_2048_norm_17(sp_digit* a) { @@ -355,7 +355,7 @@ static void sp_2048_norm_17(sp_digit* a) #endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 61 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_2048_norm_34(sp_digit* a) { @@ -368,9 +368,9 @@ static void sp_2048_norm_34(sp_digit* a) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_34(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -423,8 +423,8 @@ SP_NOINLINE static void sp_2048_mul_34(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_34(sp_digit* r, const sp_digit* a) { @@ -487,8 +487,8 @@ SP_NOINLINE static void sp_2048_sqr_34(sp_digit* r, const sp_digit* a) /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -509,9 +509,9 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_2048_mul_d_34(sp_digit* r, const sp_digit* a, sp_digit b) @@ -531,9 +531,9 @@ SP_NOINLINE static void sp_2048_mul_d_34(sp_digit* r, const sp_digit* a, #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -550,8 +550,8 @@ SP_NOINLINE static int sp_2048_sub_17(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_17(sp_digit* r, const sp_digit* m) { @@ -572,10 +572,11 @@ static void sp_2048_mont_norm_17(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_2048_cmp_17(const sp_digit* a, const sp_digit* b) { @@ -592,10 +593,11 @@ static sp_digit sp_2048_cmp_17(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_2048_cond_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -609,9 +611,9 @@ static void sp_2048_cond_sub_17(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_2048_mul_add_17(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -642,8 +644,8 @@ SP_NOINLINE static void sp_2048_mul_add_17(sp_digit* r, const sp_digit* a, /* Shift the result in the high 1024 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_2048_mont_shift_17(sp_digit* r, const sp_digit* a) { @@ -662,9 +664,10 @@ static void sp_2048_mont_shift_17(sp_digit* r, const sp_digit* a) /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_2048_mont_reduce_17(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -691,9 +694,9 @@ static void sp_2048_mont_reduce_17(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_17(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -747,11 +750,11 @@ SP_NOINLINE static void sp_2048_mul_17(sp_digit* r, const sp_digit* a, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_17(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -762,8 +765,8 @@ SP_NOINLINE static void sp_2048_mont_mul_17(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_17(sp_digit* r, const sp_digit* a) { @@ -826,10 +829,10 @@ SP_NOINLINE static void sp_2048_sqr_17(sp_digit* r, const sp_digit* a) /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_17(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -840,9 +843,9 @@ SP_NOINLINE static void sp_2048_mont_sqr_17(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_2048_mul_d_17(sp_digit* r, const sp_digit* a, sp_digit b) @@ -863,10 +866,11 @@ SP_NOINLINE static void sp_2048_mul_d_17(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_2048_cond_add_17(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -881,9 +885,9 @@ static void sp_2048_cond_add_17(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_add_17(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -897,6 +901,13 @@ SP_NOINLINE static int sp_2048_add_17(sp_digit* r, const sp_digit* a, return 0; } +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_2048_rshift_17(sp_digit* r, const sp_digit* a, byte n) { @@ -908,6 +919,14 @@ SP_NOINLINE static void sp_2048_rshift_17(sp_digit* r, const sp_digit* a, r[16] = a[16] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_2048_div_word_17(sp_digit d1, sp_digit d0, sp_digit div) { @@ -989,6 +1008,13 @@ static WC_INLINE sp_digit sp_2048_div_word_17(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_2048_word_div_word_17(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -1003,11 +1029,13 @@ static WC_INLINE sp_digit sp_2048_word_div_word_17(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_2048_div_17(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -1072,10 +1100,12 @@ static int sp_2048_div_17(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_2048_mod_17(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -1084,17 +1114,20 @@ static int sp_2048_mod_17(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_2048_mod_exp_17(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_2048_mod_exp_17(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 34); @@ -1386,9 +1419,9 @@ static int sp_2048_mod_exp_17(sp_digit* r, const sp_digit* a, const sp_digit* e, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_sub_34(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -1405,8 +1438,8 @@ SP_NOINLINE static int sp_2048_sub_34(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_34(sp_digit* r, const sp_digit* m) { @@ -1427,10 +1460,11 @@ static void sp_2048_mont_norm_34(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_2048_cmp_34(const sp_digit* a, const sp_digit* b) { @@ -1447,10 +1481,11 @@ static sp_digit sp_2048_cmp_34(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_2048_cond_sub_34(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -1464,9 +1499,9 @@ static void sp_2048_cond_sub_34(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_2048_mul_add_34(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -1500,8 +1535,8 @@ SP_NOINLINE static void sp_2048_mul_add_34(sp_digit* r, const sp_digit* a, /* Shift the result in the high 2048 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_2048_mont_shift_34(sp_digit* r, const sp_digit* a) { @@ -1520,9 +1555,10 @@ static void sp_2048_mont_shift_34(sp_digit* r, const sp_digit* a) /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_2048_mont_reduce_34(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -1575,11 +1611,11 @@ static void sp_2048_mont_reduce_34(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_34(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -1590,10 +1626,10 @@ SP_NOINLINE static void sp_2048_mont_mul_34(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_34(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -1604,9 +1640,9 @@ SP_NOINLINE static void sp_2048_mont_sqr_34(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_2048_mul_d_68(sp_digit* r, const sp_digit* a, sp_digit b) @@ -1627,10 +1663,11 @@ SP_NOINLINE static void sp_2048_mul_d_68(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_2048_cond_add_34(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -1645,9 +1682,9 @@ static void sp_2048_cond_add_34(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_add_34(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -1661,6 +1698,13 @@ SP_NOINLINE static int sp_2048_add_34(sp_digit* r, const sp_digit* a, return 0; } +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_2048_rshift_34(sp_digit* r, const sp_digit* a, byte n) { @@ -1672,6 +1716,14 @@ SP_NOINLINE static void sp_2048_rshift_34(sp_digit* r, const sp_digit* a, r[33] = a[33] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_2048_div_word_34(sp_digit d1, sp_digit d0, sp_digit div) { @@ -1753,6 +1805,13 @@ static WC_INLINE sp_digit sp_2048_div_word_34(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_2048_word_div_word_34(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -1767,11 +1826,13 @@ static WC_INLINE sp_digit sp_2048_word_div_word_34(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_2048_div_34(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -1836,10 +1897,12 @@ static int sp_2048_div_34(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_2048_mod_34(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -1849,17 +1912,20 @@ static int sp_2048_mod_34(sp_digit* r, const sp_digit* a, const sp_digit* m) #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_2048_mod_exp_34(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_2048_mod_exp_34(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 68); @@ -2149,6 +2215,24 @@ typedef struct sp_2048_mod_exp_34_ctx { int bits; } sp_2048_mod_exp_34_ctx; +/* Modular exponentiate a to the e mod m. (r = a^e mod m) + * + * Non-blocking version. Call repeatedly with the same context until it does + * not return MP_WOULDBLOCK. State is saved and restored through ctx. + * + * @param [in, out] ctx Context saving state for the non-blocking + * operation. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + */ static int sp_2048_mod_exp_34_nb(sp_2048_mod_exp_34_ctx* ctx, sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -2269,15 +2353,19 @@ static int sp_2048_mod_exp_34_nb(sp_2048_mod_exp_34_ctx* ctx, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -2488,18 +2576,23 @@ typedef struct sp_2048_RsaPublic_nb_ctx { * sub-state of the inner modular exponentiation, returning MP_WOULDBLOCK * until the operation completes. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_TO_E when outLen is too small, MP_READ_E on input size errors, - * MP_VAL when the modulus is even, or MP_EXPTMOD_E when the exponent - * is zero. + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_TO_E when outLen is too small. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even. + * @return MP_EXPTMOD_E when the exponent is zero. */ int sp_RsaPublic_2048_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -2579,20 +2672,24 @@ int sp_RsaPublic_2048_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -2883,17 +2980,22 @@ typedef struct sp_2048_RsaPrivate_nb_ctx { * The CRT path is not supported in non-blocking mode; configure with * RSA_LOW_MEM or SP_RSA_PRIVATE_EXP_D to enable this entry point. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_TO_E when outLen is too small, MP_READ_E on input size errors, or - * MP_VAL when the modulus is even. + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_TO_E when outLen is too small. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even. */ int sp_RsaPrivate_2048_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, const mp_int* dm, const mp_int* mm, byte* out, word32* outLen) @@ -2969,8 +3071,8 @@ int sp_RsaPrivate_2048_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) { @@ -3037,12 +3139,14 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -3148,14 +3252,18 @@ typedef struct sp_2048_ModExp_nb_ctx { /* Non-blocking modular exponentiation for Diffie-Hellman (mp_int form). * Drives sp_2048_mod_exp_34_nb one sub-state per call. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_READ_E on input size errors, or MP_VAL when the modulus is even or - * the exponent is zero (the latter rejected inside sp_mod_exp_nb). + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even or the exponent is zero (the latterx + * rejected inside sp_mod_exp_nb). */ int sp_ModExp_2048_nb(sp_dh_ctx_t* sp_ctx, const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -3223,6 +3331,12 @@ int sp_ModExp_2048_nb(sp_dh_ctx_t* sp_ctx, const mp_int* base, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_2048 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_2048_lshift_34(sp_digit* r, const sp_digit* a, byte n) { @@ -3237,15 +3351,18 @@ SP_NOINLINE static void sp_2048_lshift_34(sp_digit* r, const sp_digit* a, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ -static int sp_2048_mod_exp_2_34(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) +static int sp_2048_mod_exp_2_34(sp_digit* r, const sp_digit* e, int bits, + const sp_digit* m) { SP_DECL_VAR(sp_digit, td, 103); sp_digit* norm = NULL; @@ -3343,15 +3460,17 @@ static int sp_2048_mod_exp_2_34(sp_digit* r, const sp_digit* e, int bits, const /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -3432,19 +3551,24 @@ typedef struct sp_2048_DhExp_nb_ctx { * Computes base^exp mod mod where base and exp are byte strings; suitable * for the TLS path where otherPub is already a byte buffer. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * base Base bytes (other party's public key). - * baseSz Length, in bytes, of base (max 256). - * exp Exponent bytes (our private key). - * expLen Length, in bytes, of exp (max 256). - * mod Modulus. MP integer (must remain valid until first call returns). - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_READ_E when baseSz, expLen, or the modulus bit length is out of - * range, or MP_VAL when the modulus is even or expLen is zero (the - * latter rejected inside sp_mod_exp_nb). + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] base Base bytes (other party's public key). + * @param [in] baseSz Length, in bytes, of base (max 256). + * @param [in] exp Exponent bytes (our private key). + * @param [in] expLen Length, in bytes, of exp (max 256). + * @param [in] mod Modulus. MP integer (must remain valid until first + * call returns). + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_READ_E when baseSz, expLen, or the modulus bit length is out of + * range. + * @return MP_VAL when the modulus is even or expLen is zero (the latterx + * rejected inside sp_mod_exp_nb). */ int sp_DhExp_2048_nb(sp_dh_ctx_t* sp_ctx, const byte* base, word32 baseSz, const byte* exp, word32 expLen, const mp_int* mod, byte* out, @@ -3520,12 +3644,14 @@ int sp_DhExp_2048_nb(sp_dh_ctx_t* sp_ctx, const byte* base, word32 baseSz, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -3624,10 +3750,10 @@ int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod, #else /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -3659,9 +3785,9 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -3748,8 +3874,8 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 256 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_2048_to_bin_36(sp_digit* r, byte* a) { @@ -3792,7 +3918,7 @@ static void sp_2048_to_bin_36(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 57 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_2048_norm_18(sp_digit* a) { @@ -3813,7 +3939,7 @@ static void sp_2048_norm_18(sp_digit* a) #endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 57 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_2048_norm_36(sp_digit* a) { @@ -3836,9 +3962,9 @@ static void sp_2048_norm_36(sp_digit* a) #ifndef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -3951,9 +4077,9 @@ SP_NOINLINE static void sp_2048_mul_9(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -3973,9 +4099,9 @@ SP_NOINLINE static int sp_2048_add_9(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_add_18(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -4000,9 +4126,9 @@ SP_NOINLINE static int sp_2048_add_18(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_sub_18(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -4027,9 +4153,9 @@ SP_NOINLINE static int sp_2048_sub_18(sp_digit* r, const sp_digit* a, /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_18(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -4051,9 +4177,9 @@ SP_NOINLINE static void sp_2048_mul_18(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_add_36(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -4080,9 +4206,9 @@ SP_NOINLINE static int sp_2048_add_36(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_2048_sub_36(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -4109,9 +4235,9 @@ SP_NOINLINE static int sp_2048_sub_36(sp_digit* r, const sp_digit* a, /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_36(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -4133,8 +4259,8 @@ SP_NOINLINE static void sp_2048_mul_36(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_9(sp_digit* r, const sp_digit* a) { @@ -4210,8 +4336,8 @@ SP_NOINLINE static void sp_2048_sqr_9(sp_digit* r, const sp_digit* a) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_18(sp_digit* r, const sp_digit* a) { @@ -4230,8 +4356,8 @@ SP_NOINLINE static void sp_2048_sqr_18(sp_digit* r, const sp_digit* a) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_36(sp_digit* r, const sp_digit* a) { @@ -4251,8 +4377,8 @@ SP_NOINLINE static void sp_2048_sqr_36(sp_digit* r, const sp_digit* a) #endif /* !WOLFSSL_SP_SMALL */ /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -4273,9 +4399,9 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_2048_mul_d_36(sp_digit* r, const sp_digit* a, sp_digit b) @@ -4315,8 +4441,8 @@ SP_NOINLINE static void sp_2048_mul_d_36(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_18(sp_digit* r, const sp_digit* m) { @@ -4345,10 +4471,11 @@ static void sp_2048_mont_norm_18(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_2048_cmp_18(const sp_digit* a, const sp_digit* b) { @@ -4374,10 +4501,11 @@ static sp_digit sp_2048_cmp_18(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_2048_cond_sub_18(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -4400,9 +4528,9 @@ static void sp_2048_cond_sub_18(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_2048_mul_add_18(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -4437,8 +4565,8 @@ SP_NOINLINE static void sp_2048_mul_add_18(sp_digit* r, const sp_digit* a, /* Shift the result in the high 1024 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_2048_mont_shift_18(sp_digit* r, const sp_digit* a) { @@ -4464,9 +4592,10 @@ static void sp_2048_mont_shift_18(sp_digit* r, const sp_digit* a) /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_2048_mont_reduce_18(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -4494,11 +4623,11 @@ static void sp_2048_mont_reduce_18(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_18(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -4509,10 +4638,10 @@ SP_NOINLINE static void sp_2048_mont_mul_18(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_18(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -4523,9 +4652,9 @@ SP_NOINLINE static void sp_2048_mont_sqr_18(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_2048_mul_d_18(sp_digit* r, const sp_digit* a, sp_digit b) @@ -4571,10 +4700,11 @@ SP_NOINLINE static void sp_2048_mul_d_18(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_2048_cond_add_18(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -4596,6 +4726,13 @@ static void sp_2048_cond_add_18(sp_digit* r, const sp_digit* a, } #endif /* !WOLFSSL_SP_SMALL */ +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_2048_rshift_18(sp_digit* r, const sp_digit* a, byte n) { @@ -4615,6 +4752,14 @@ SP_NOINLINE static void sp_2048_rshift_18(sp_digit* r, const sp_digit* a, r[17] = a[17] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_2048_div_word_18(sp_digit d1, sp_digit d0, sp_digit div) { @@ -4696,6 +4841,13 @@ static WC_INLINE sp_digit sp_2048_div_word_18(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_2048_word_div_word_18(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -4710,11 +4862,13 @@ static WC_INLINE sp_digit sp_2048_word_div_word_18(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_2048_div_18(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -4779,10 +4933,12 @@ static int sp_2048_div_18(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_2048_mod_18(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -4791,17 +4947,20 @@ static int sp_2048_mod_18(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_2048_mod_exp_18(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_2048_mod_exp_18(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 36); @@ -5094,8 +5253,8 @@ static int sp_2048_mod_exp_18(sp_digit* r, const sp_digit* a, const sp_digit* e, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_36(sp_digit* r, const sp_digit* m) { @@ -5126,10 +5285,11 @@ static void sp_2048_mont_norm_36(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_2048_cmp_36(const sp_digit* a, const sp_digit* b) { @@ -5157,10 +5317,11 @@ static sp_digit sp_2048_cmp_36(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_2048_cond_sub_36(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -5185,9 +5346,9 @@ static void sp_2048_cond_sub_36(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_2048_mul_add_36(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -5226,8 +5387,8 @@ SP_NOINLINE static void sp_2048_mul_add_36(sp_digit* r, const sp_digit* a, /* Shift the result in the high 2048 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_2048_mont_shift_36(sp_digit* r, const sp_digit* a) { @@ -5266,9 +5427,10 @@ static void sp_2048_mont_shift_36(sp_digit* r, const sp_digit* a) /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_2048_mont_reduce_36(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -5321,11 +5483,11 @@ static void sp_2048_mont_reduce_36(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_36(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -5336,10 +5498,10 @@ SP_NOINLINE static void sp_2048_mont_mul_36(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_36(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -5350,9 +5512,9 @@ SP_NOINLINE static void sp_2048_mont_sqr_36(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_2048_mul_d_72(sp_digit* r, const sp_digit* a, sp_digit b) @@ -5392,10 +5554,11 @@ SP_NOINLINE static void sp_2048_mul_d_72(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_2048_cond_add_36(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -5419,6 +5582,13 @@ static void sp_2048_cond_add_36(sp_digit* r, const sp_digit* a, } #endif /* !WOLFSSL_SP_SMALL */ +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_2048_rshift_36(sp_digit* r, const sp_digit* a, byte n) { @@ -5440,6 +5610,14 @@ SP_NOINLINE static void sp_2048_rshift_36(sp_digit* r, const sp_digit* a, r[35] = a[35] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_2048_div_word_36(sp_digit d1, sp_digit d0, sp_digit div) { @@ -5521,6 +5699,13 @@ static WC_INLINE sp_digit sp_2048_div_word_36(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_2048_word_div_word_36(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -5535,11 +5720,13 @@ static WC_INLINE sp_digit sp_2048_word_div_word_36(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_2048_div_36(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -5604,10 +5791,12 @@ static int sp_2048_div_36(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_2048_mod_36(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -5619,17 +5808,20 @@ static int sp_2048_mod_36(sp_digit* r, const sp_digit* a, const sp_digit* m) defined(WOLFSSL_HAVE_SP_DH) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 72); @@ -5919,6 +6111,24 @@ typedef struct sp_2048_mod_exp_36_ctx { int bits; } sp_2048_mod_exp_36_ctx; +/* Modular exponentiate a to the e mod m. (r = a^e mod m) + * + * Non-blocking version. Call repeatedly with the same context until it does + * not return MP_WOULDBLOCK. State is saved and restored through ctx. + * + * @param [in, out] ctx Context saving state for the non-blocking + * operation. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + */ static int sp_2048_mod_exp_36_nb(sp_2048_mod_exp_36_ctx* ctx, sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -6041,15 +6251,19 @@ static int sp_2048_mod_exp_36_nb(sp_2048_mod_exp_36_ctx* ctx, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -6244,20 +6458,24 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -6539,8 +6757,8 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) { @@ -6607,12 +6825,14 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -6707,6 +6927,12 @@ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_2048 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_2048_lshift_36(sp_digit* r, const sp_digit* a, byte n) { @@ -6790,15 +7016,18 @@ SP_NOINLINE static void sp_2048_lshift_36(sp_digit* r, const sp_digit* a, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ -static int sp_2048_mod_exp_2_36(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) +static int sp_2048_mod_exp_2_36(sp_digit* r, const sp_digit* e, int bits, + const sp_digit* m) { SP_DECL_VAR(sp_digit, td, 109); sp_digit* norm = NULL; @@ -6896,15 +7125,17 @@ static int sp_2048_mod_exp_2_36(sp_digit* r, const sp_digit* e, int bits, const /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -6971,12 +7202,14 @@ int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -7079,10 +7312,10 @@ int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_SP_SMALL /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -7114,9 +7347,9 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -7203,8 +7436,8 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 384 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_3072_to_bin_52(sp_digit* r, byte* a) { @@ -7247,7 +7480,7 @@ static void sp_3072_to_bin_52(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 60 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_3072_norm_26(sp_digit* a) { @@ -7261,7 +7494,7 @@ static void sp_3072_norm_26(sp_digit* a) #endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 60 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_3072_norm_52(sp_digit* a) { @@ -7274,9 +7507,9 @@ static void sp_3072_norm_52(sp_digit* a) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_52(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -7313,8 +7546,8 @@ SP_NOINLINE static void sp_3072_mul_52(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_52(sp_digit* r, const sp_digit* a) { @@ -7354,8 +7587,8 @@ SP_NOINLINE static void sp_3072_sqr_52(sp_digit* r, const sp_digit* a) /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -7376,9 +7609,9 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_d_52(sp_digit* r, const sp_digit* a, sp_digit b) @@ -7398,9 +7631,9 @@ SP_NOINLINE static void sp_3072_mul_d_52(sp_digit* r, const sp_digit* a, #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_sub_26(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -7417,8 +7650,8 @@ SP_NOINLINE static int sp_3072_sub_26(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_26(sp_digit* r, const sp_digit* m) { @@ -7439,10 +7672,11 @@ static void sp_3072_mont_norm_26(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_3072_cmp_26(const sp_digit* a, const sp_digit* b) { @@ -7459,10 +7693,11 @@ static sp_digit sp_3072_cmp_26(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_sub_26(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -7476,9 +7711,9 @@ static void sp_3072_cond_sub_26(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_add_26(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -7512,8 +7747,8 @@ SP_NOINLINE static void sp_3072_mul_add_26(sp_digit* r, const sp_digit* a, /* Shift the result in the high 1536 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_3072_mont_shift_26(sp_digit* r, const sp_digit* a) { @@ -7532,9 +7767,10 @@ static void sp_3072_mont_shift_26(sp_digit* r, const sp_digit* a) /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_3072_mont_reduce_26(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -7561,9 +7797,9 @@ static void sp_3072_mont_reduce_26(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_26(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -7601,11 +7837,11 @@ SP_NOINLINE static void sp_3072_mul_26(sp_digit* r, const sp_digit* a, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_26(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -7616,8 +7852,8 @@ SP_NOINLINE static void sp_3072_mont_mul_26(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_26(sp_digit* r, const sp_digit* a) { @@ -7657,10 +7893,10 @@ SP_NOINLINE static void sp_3072_sqr_26(sp_digit* r, const sp_digit* a) /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_26(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -7671,9 +7907,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_26(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_d_26(sp_digit* r, const sp_digit* a, sp_digit b) @@ -7694,10 +7930,11 @@ SP_NOINLINE static void sp_3072_mul_d_26(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_add_26(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -7712,9 +7949,9 @@ static void sp_3072_cond_add_26(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_add_26(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -7728,6 +7965,13 @@ SP_NOINLINE static int sp_3072_add_26(sp_digit* r, const sp_digit* a, return 0; } +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_3072_rshift_26(sp_digit* r, const sp_digit* a, byte n) { @@ -7739,6 +7983,14 @@ SP_NOINLINE static void sp_3072_rshift_26(sp_digit* r, const sp_digit* a, r[25] = a[25] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_div_word_26(sp_digit d1, sp_digit d0, sp_digit div) { @@ -7820,6 +8072,13 @@ static WC_INLINE sp_digit sp_3072_div_word_26(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_word_div_word_26(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -7834,11 +8093,13 @@ static WC_INLINE sp_digit sp_3072_word_div_word_26(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_div_26(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -7903,10 +8164,12 @@ static int sp_3072_div_26(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_mod_26(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -7915,17 +8178,20 @@ static int sp_3072_mod_26(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_3072_mod_exp_26(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_3072_mod_exp_26(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 52); @@ -8217,9 +8483,9 @@ static int sp_3072_mod_exp_26(sp_digit* r, const sp_digit* a, const sp_digit* e, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_sub_52(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -8236,8 +8502,8 @@ SP_NOINLINE static int sp_3072_sub_52(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_52(sp_digit* r, const sp_digit* m) { @@ -8258,10 +8524,11 @@ static void sp_3072_mont_norm_52(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_3072_cmp_52(const sp_digit* a, const sp_digit* b) { @@ -8278,10 +8545,11 @@ static sp_digit sp_3072_cmp_52(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_sub_52(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -8295,9 +8563,9 @@ static void sp_3072_cond_sub_52(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_add_52(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -8337,8 +8605,8 @@ SP_NOINLINE static void sp_3072_mul_add_52(sp_digit* r, const sp_digit* a, /* Shift the result in the high 3072 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_3072_mont_shift_52(sp_digit* r, const sp_digit* a) { @@ -8357,9 +8625,10 @@ static void sp_3072_mont_shift_52(sp_digit* r, const sp_digit* a) /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_3072_mont_reduce_52(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -8412,11 +8681,11 @@ static void sp_3072_mont_reduce_52(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_52(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -8427,10 +8696,10 @@ SP_NOINLINE static void sp_3072_mont_mul_52(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_52(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -8441,9 +8710,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_52(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_d_104(sp_digit* r, const sp_digit* a, sp_digit b) @@ -8464,10 +8733,11 @@ SP_NOINLINE static void sp_3072_mul_d_104(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_add_52(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -8482,9 +8752,9 @@ static void sp_3072_cond_add_52(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_add_52(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -8498,6 +8768,13 @@ SP_NOINLINE static int sp_3072_add_52(sp_digit* r, const sp_digit* a, return 0; } +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_3072_rshift_52(sp_digit* r, const sp_digit* a, byte n) { @@ -8509,6 +8786,14 @@ SP_NOINLINE static void sp_3072_rshift_52(sp_digit* r, const sp_digit* a, r[51] = a[51] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_div_word_52(sp_digit d1, sp_digit d0, sp_digit div) { @@ -8590,6 +8875,13 @@ static WC_INLINE sp_digit sp_3072_div_word_52(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_word_div_word_52(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -8604,11 +8896,13 @@ static WC_INLINE sp_digit sp_3072_word_div_word_52(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_div_52(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -8673,10 +8967,12 @@ static int sp_3072_div_52(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_mod_52(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -8686,17 +8982,20 @@ static int sp_3072_mod_52(sp_digit* r, const sp_digit* a, const sp_digit* m) #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_3072_mod_exp_52(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_3072_mod_exp_52(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 104); @@ -8986,6 +9285,24 @@ typedef struct sp_3072_mod_exp_52_ctx { int bits; } sp_3072_mod_exp_52_ctx; +/* Modular exponentiate a to the e mod m. (r = a^e mod m) + * + * Non-blocking version. Call repeatedly with the same context until it does + * not return MP_WOULDBLOCK. State is saved and restored through ctx. + * + * @param [in, out] ctx Context saving state for the non-blocking + * operation. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + */ static int sp_3072_mod_exp_52_nb(sp_3072_mod_exp_52_ctx* ctx, sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -9106,15 +9423,19 @@ static int sp_3072_mod_exp_52_nb(sp_3072_mod_exp_52_ctx* ctx, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -9325,18 +9646,23 @@ typedef struct sp_3072_RsaPublic_nb_ctx { * sub-state of the inner modular exponentiation, returning MP_WOULDBLOCK * until the operation completes. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_TO_E when outLen is too small, MP_READ_E on input size errors, - * MP_VAL when the modulus is even, or MP_EXPTMOD_E when the exponent - * is zero. + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_TO_E when outLen is too small. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even. + * @return MP_EXPTMOD_E when the exponent is zero. */ int sp_RsaPublic_3072_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -9416,20 +9742,24 @@ int sp_RsaPublic_3072_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -9720,17 +10050,22 @@ typedef struct sp_3072_RsaPrivate_nb_ctx { * The CRT path is not supported in non-blocking mode; configure with * RSA_LOW_MEM or SP_RSA_PRIVATE_EXP_D to enable this entry point. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_TO_E when outLen is too small, MP_READ_E on input size errors, or - * MP_VAL when the modulus is even. + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_TO_E when outLen is too small. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even. */ int sp_RsaPrivate_3072_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, const mp_int* dm, const mp_int* mm, byte* out, word32* outLen) @@ -9806,8 +10141,8 @@ int sp_RsaPrivate_3072_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) { @@ -9874,12 +10209,14 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -9985,14 +10322,18 @@ typedef struct sp_3072_ModExp_nb_ctx { /* Non-blocking modular exponentiation for Diffie-Hellman (mp_int form). * Drives sp_3072_mod_exp_52_nb one sub-state per call. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_READ_E on input size errors, or MP_VAL when the modulus is even or - * the exponent is zero (the latter rejected inside sp_mod_exp_nb). + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even or the exponent is zero (the latterx + * rejected inside sp_mod_exp_nb). */ int sp_ModExp_3072_nb(sp_dh_ctx_t* sp_ctx, const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -10060,6 +10401,12 @@ int sp_ModExp_3072_nb(sp_dh_ctx_t* sp_ctx, const mp_int* base, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_3072 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_3072_lshift_52(sp_digit* r, const sp_digit* a, byte n) { @@ -10074,15 +10421,18 @@ SP_NOINLINE static void sp_3072_lshift_52(sp_digit* r, const sp_digit* a, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ -static int sp_3072_mod_exp_2_52(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) +static int sp_3072_mod_exp_2_52(sp_digit* r, const sp_digit* e, int bits, + const sp_digit* m) { SP_DECL_VAR(sp_digit, td, 157); sp_digit* norm = NULL; @@ -10180,15 +10530,17 @@ static int sp_3072_mod_exp_2_52(sp_digit* r, const sp_digit* e, int bits, const /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -10269,19 +10621,24 @@ typedef struct sp_3072_DhExp_nb_ctx { * Computes base^exp mod mod where base and exp are byte strings; suitable * for the TLS path where otherPub is already a byte buffer. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * base Base bytes (other party's public key). - * baseSz Length, in bytes, of base (max 384). - * exp Exponent bytes (our private key). - * expLen Length, in bytes, of exp (max 384). - * mod Modulus. MP integer (must remain valid until first call returns). - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_READ_E when baseSz, expLen, or the modulus bit length is out of - * range, or MP_VAL when the modulus is even or expLen is zero (the - * latter rejected inside sp_mod_exp_nb). + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] base Base bytes (other party's public key). + * @param [in] baseSz Length, in bytes, of base (max 384). + * @param [in] exp Exponent bytes (our private key). + * @param [in] expLen Length, in bytes, of exp (max 384). + * @param [in] mod Modulus. MP integer (must remain valid until first + * call returns). + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_READ_E when baseSz, expLen, or the modulus bit length is out of + * range. + * @return MP_VAL when the modulus is even or expLen is zero (the latterx + * rejected inside sp_mod_exp_nb). */ int sp_DhExp_3072_nb(sp_dh_ctx_t* sp_ctx, const byte* base, word32 baseSz, const byte* exp, word32 expLen, const mp_int* mod, byte* out, @@ -10357,12 +10714,14 @@ int sp_DhExp_3072_nb(sp_dh_ctx_t* sp_ctx, const byte* base, word32 baseSz, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -10461,10 +10820,10 @@ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, #else /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -10496,9 +10855,9 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -10585,8 +10944,8 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 384 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_3072_to_bin_54(sp_digit* r, byte* a) { @@ -10629,7 +10988,7 @@ static void sp_3072_to_bin_54(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 57 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_3072_norm_27(sp_digit* a) { @@ -10651,7 +11010,7 @@ static void sp_3072_norm_27(sp_digit* a) #endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 57 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_3072_norm_54(sp_digit* a) { @@ -10676,9 +11035,9 @@ static void sp_3072_norm_54(sp_digit* a) #ifndef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -10791,9 +11150,9 @@ SP_NOINLINE static void sp_3072_mul_9(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -10813,9 +11172,9 @@ SP_NOINLINE static int sp_3072_add_9(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_sub_18(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -10840,9 +11199,9 @@ SP_NOINLINE static int sp_3072_sub_18(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_add_18(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -10867,9 +11226,9 @@ SP_NOINLINE static int sp_3072_add_18(sp_digit* r, const sp_digit* a, /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_27(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -10917,9 +11276,9 @@ SP_NOINLINE static void sp_3072_mul_27(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_add_27(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -10945,9 +11304,9 @@ SP_NOINLINE static int sp_3072_add_27(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_add_54(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -10976,9 +11335,9 @@ SP_NOINLINE static int sp_3072_add_54(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_sub_54(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -11007,9 +11366,9 @@ SP_NOINLINE static int sp_3072_sub_54(sp_digit* r, const sp_digit* a, /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_54(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -11031,8 +11390,8 @@ SP_NOINLINE static void sp_3072_mul_54(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_9(sp_digit* r, const sp_digit* a) { @@ -11108,8 +11467,8 @@ SP_NOINLINE static void sp_3072_sqr_9(sp_digit* r, const sp_digit* a) /* Square a into r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_27(sp_digit* r, const sp_digit* a) { @@ -11150,8 +11509,8 @@ SP_NOINLINE static void sp_3072_sqr_27(sp_digit* r, const sp_digit* a) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_54(sp_digit* r, const sp_digit* a) { @@ -11171,8 +11530,8 @@ SP_NOINLINE static void sp_3072_sqr_54(sp_digit* r, const sp_digit* a) #endif /* !WOLFSSL_SP_SMALL */ /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -11193,9 +11552,9 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_d_54(sp_digit* r, const sp_digit* a, sp_digit b) @@ -11240,9 +11599,9 @@ SP_NOINLINE static void sp_3072_mul_d_54(sp_digit* r, const sp_digit* a, #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_3072_sub_27(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -11269,8 +11628,8 @@ SP_NOINLINE static int sp_3072_sub_27(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_27(sp_digit* r, const sp_digit* m) { @@ -11300,10 +11659,11 @@ static void sp_3072_mont_norm_27(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_3072_cmp_27(const sp_digit* a, const sp_digit* b) { @@ -11330,10 +11690,11 @@ static sp_digit sp_3072_cmp_27(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_sub_27(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -11357,9 +11718,9 @@ static void sp_3072_cond_sub_27(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_add_27(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -11396,8 +11757,8 @@ SP_NOINLINE static void sp_3072_mul_add_27(sp_digit* r, const sp_digit* a, /* Shift the result in the high 1536 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_3072_mont_shift_27(sp_digit* r, const sp_digit* a) { @@ -11434,9 +11795,10 @@ static void sp_3072_mont_shift_27(sp_digit* r, const sp_digit* a) /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_3072_mont_reduce_27(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -11464,11 +11826,11 @@ static void sp_3072_mont_reduce_27(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_27(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -11479,10 +11841,10 @@ SP_NOINLINE static void sp_3072_mont_mul_27(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_27(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -11493,9 +11855,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_27(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_d_27(sp_digit* r, const sp_digit* a, sp_digit b) @@ -11544,10 +11906,11 @@ SP_NOINLINE static void sp_3072_mul_d_27(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_add_27(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -11570,6 +11933,13 @@ static void sp_3072_cond_add_27(sp_digit* r, const sp_digit* a, } #endif /* !WOLFSSL_SP_SMALL */ +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_3072_rshift_27(sp_digit* r, const sp_digit* a, byte n) { @@ -11590,6 +11960,14 @@ SP_NOINLINE static void sp_3072_rshift_27(sp_digit* r, const sp_digit* a, r[26] = a[26] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_div_word_27(sp_digit d1, sp_digit d0, sp_digit div) { @@ -11671,6 +12049,13 @@ static WC_INLINE sp_digit sp_3072_div_word_27(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_word_div_word_27(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -11685,11 +12070,13 @@ static WC_INLINE sp_digit sp_3072_word_div_word_27(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_div_27(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -11754,10 +12141,12 @@ static int sp_3072_div_27(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_mod_27(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -11766,17 +12155,20 @@ static int sp_3072_mod_27(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_3072_mod_exp_27(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_3072_mod_exp_27(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 54); @@ -12069,8 +12461,8 @@ static int sp_3072_mod_exp_27(sp_digit* r, const sp_digit* a, const sp_digit* e, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_54(sp_digit* r, const sp_digit* m) { @@ -12103,10 +12495,11 @@ static void sp_3072_mont_norm_54(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_3072_cmp_54(const sp_digit* a, const sp_digit* b) { @@ -12136,10 +12529,11 @@ static sp_digit sp_3072_cmp_54(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_sub_54(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -12166,9 +12560,9 @@ static void sp_3072_cond_sub_54(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_add_54(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -12211,8 +12605,8 @@ SP_NOINLINE static void sp_3072_mul_add_54(sp_digit* r, const sp_digit* a, /* Shift the result in the high 3072 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_3072_mont_shift_54(sp_digit* r, const sp_digit* a) { @@ -12248,9 +12642,10 @@ static void sp_3072_mont_shift_54(sp_digit* r, const sp_digit* a) /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_3072_mont_reduce_54(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -12303,11 +12698,11 @@ static void sp_3072_mont_reduce_54(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_54(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -12318,10 +12713,10 @@ SP_NOINLINE static void sp_3072_mont_mul_54(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_54(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -12332,9 +12727,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_54(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_3072_mul_d_108(sp_digit* r, const sp_digit* a, sp_digit b) @@ -12374,10 +12769,11 @@ SP_NOINLINE static void sp_3072_mul_d_108(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_3072_cond_add_54(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -12403,6 +12799,13 @@ static void sp_3072_cond_add_54(sp_digit* r, const sp_digit* a, } #endif /* !WOLFSSL_SP_SMALL */ +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_3072_rshift_54(sp_digit* r, const sp_digit* a, byte n) { @@ -12426,6 +12829,14 @@ SP_NOINLINE static void sp_3072_rshift_54(sp_digit* r, const sp_digit* a, r[53] = a[53] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_div_word_54(sp_digit d1, sp_digit d0, sp_digit div) { @@ -12507,6 +12918,13 @@ static WC_INLINE sp_digit sp_3072_div_word_54(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_3072_word_div_word_54(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -12521,11 +12939,13 @@ static WC_INLINE sp_digit sp_3072_word_div_word_54(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_div_54(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -12590,10 +13010,12 @@ static int sp_3072_div_54(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_3072_mod_54(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -12605,17 +13027,20 @@ static int sp_3072_mod_54(sp_digit* r, const sp_digit* a, const sp_digit* m) defined(WOLFSSL_HAVE_SP_DH) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_3072_mod_exp_54(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_3072_mod_exp_54(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 108); @@ -12905,6 +13330,24 @@ typedef struct sp_3072_mod_exp_54_ctx { int bits; } sp_3072_mod_exp_54_ctx; +/* Modular exponentiate a to the e mod m. (r = a^e mod m) + * + * Non-blocking version. Call repeatedly with the same context until it does + * not return MP_WOULDBLOCK. State is saved and restored through ctx. + * + * @param [in, out] ctx Context saving state for the non-blocking + * operation. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + */ static int sp_3072_mod_exp_54_nb(sp_3072_mod_exp_54_ctx* ctx, sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -13027,15 +13470,19 @@ static int sp_3072_mod_exp_54_nb(sp_3072_mod_exp_54_ctx* ctx, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -13230,20 +13677,24 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -13525,8 +13976,8 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) { @@ -13593,12 +14044,14 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -13693,6 +14146,12 @@ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_3072 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_3072_lshift_54(sp_digit* r, const sp_digit* a, byte n) { @@ -13812,15 +14271,18 @@ SP_NOINLINE static void sp_3072_lshift_54(sp_digit* r, const sp_digit* a, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ -static int sp_3072_mod_exp_2_54(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) +static int sp_3072_mod_exp_2_54(sp_digit* r, const sp_digit* e, int bits, + const sp_digit* m) { SP_DECL_VAR(sp_digit, td, 163); sp_digit* norm = NULL; @@ -13918,15 +14380,17 @@ static int sp_3072_mod_exp_2_54(sp_digit* r, const sp_digit* e, int bits, const /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -13993,12 +14457,14 @@ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -14101,10 +14567,10 @@ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_SP_SMALL /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -14136,9 +14602,9 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -14225,8 +14691,8 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 512 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_4096_to_bin_70(sp_digit* r, byte* a) { @@ -14270,7 +14736,7 @@ static void sp_4096_to_bin_70(sp_digit* r, byte* a) #if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D) /* Normalize the values in each word to 59 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_4096_norm_35(sp_digit* a) { @@ -14285,7 +14751,7 @@ static void sp_4096_norm_35(sp_digit* a) #endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 59 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_4096_norm_70(sp_digit* a) { @@ -14298,9 +14764,9 @@ static void sp_4096_norm_70(sp_digit* a) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_4096_mul_70(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -14337,8 +14803,8 @@ SP_NOINLINE static void sp_4096_mul_70(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_4096_sqr_70(sp_digit* r, const sp_digit* a) { @@ -14378,8 +14844,8 @@ SP_NOINLINE static void sp_4096_sqr_70(sp_digit* r, const sp_digit* a) /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -14400,9 +14866,9 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_d_70(sp_digit* r, const sp_digit* a, sp_digit b) @@ -14423,9 +14889,9 @@ SP_NOINLINE static void sp_4096_mul_d_70(sp_digit* r, const sp_digit* a, #if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_sub_35(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -14442,8 +14908,8 @@ SP_NOINLINE static int sp_4096_sub_35(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 4096 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_4096_mont_norm_35(sp_digit* r, const sp_digit* m) { @@ -14464,10 +14930,11 @@ static void sp_4096_mont_norm_35(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_4096_cmp_35(const sp_digit* a, const sp_digit* b) { @@ -14484,10 +14951,11 @@ static sp_digit sp_4096_cmp_35(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_sub_35(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -14501,9 +14969,9 @@ static void sp_4096_cond_sub_35(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_add_35(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -14540,8 +15008,8 @@ SP_NOINLINE static void sp_4096_mul_add_35(sp_digit* r, const sp_digit* a, /* Shift the result in the high 2048 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_4096_mont_shift_35(sp_digit* r, const sp_digit* a) { @@ -14560,9 +15028,10 @@ static void sp_4096_mont_shift_35(sp_digit* r, const sp_digit* a) /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_4096_mont_reduce_35(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -14589,9 +15058,9 @@ static void sp_4096_mont_reduce_35(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_4096_mul_35(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -14629,11 +15098,11 @@ SP_NOINLINE static void sp_4096_mul_35(sp_digit* r, const sp_digit* a, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_mul_35(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -14644,8 +15113,8 @@ SP_NOINLINE static void sp_4096_mont_mul_35(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_4096_sqr_35(sp_digit* r, const sp_digit* a) { @@ -14685,10 +15154,10 @@ SP_NOINLINE static void sp_4096_sqr_35(sp_digit* r, const sp_digit* a) /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_sqr_35(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -14699,9 +15168,9 @@ SP_NOINLINE static void sp_4096_mont_sqr_35(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_d_35(sp_digit* r, const sp_digit* a, sp_digit b) @@ -14722,10 +15191,11 @@ SP_NOINLINE static void sp_4096_mul_d_35(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_add_35(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -14740,9 +15210,9 @@ static void sp_4096_cond_add_35(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_add_35(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -14756,6 +15226,13 @@ SP_NOINLINE static int sp_4096_add_35(sp_digit* r, const sp_digit* a, return 0; } +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_4096_rshift_35(sp_digit* r, const sp_digit* a, byte n) { @@ -14767,6 +15244,14 @@ SP_NOINLINE static void sp_4096_rshift_35(sp_digit* r, const sp_digit* a, r[34] = a[34] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_div_word_35(sp_digit d1, sp_digit d0, sp_digit div) { @@ -14848,6 +15333,13 @@ static WC_INLINE sp_digit sp_4096_div_word_35(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_word_div_word_35(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -14862,11 +15354,13 @@ static WC_INLINE sp_digit sp_4096_word_div_word_35(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_div_35(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -14931,10 +15425,12 @@ static int sp_4096_div_35(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_mod_35(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -14943,17 +15439,20 @@ static int sp_4096_mod_35(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_4096_mod_exp_35(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_4096_mod_exp_35(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 70); @@ -15246,9 +15745,9 @@ static int sp_4096_mod_exp_35(sp_digit* r, const sp_digit* a, const sp_digit* e, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_sub_70(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -15265,8 +15764,8 @@ SP_NOINLINE static int sp_4096_sub_70(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 4096 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_4096_mont_norm_70(sp_digit* r, const sp_digit* m) { @@ -15287,10 +15786,11 @@ static void sp_4096_mont_norm_70(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_4096_cmp_70(const sp_digit* a, const sp_digit* b) { @@ -15307,10 +15807,11 @@ static sp_digit sp_4096_cmp_70(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_sub_70(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -15324,9 +15825,9 @@ static void sp_4096_cond_sub_70(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_add_70(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -15360,8 +15861,8 @@ SP_NOINLINE static void sp_4096_mul_add_70(sp_digit* r, const sp_digit* a, /* Shift the result in the high 4096 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_4096_mont_shift_70(sp_digit* r, const sp_digit* a) { @@ -15380,9 +15881,10 @@ static void sp_4096_mont_shift_70(sp_digit* r, const sp_digit* a) /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_4096_mont_reduce_70(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -15435,11 +15937,11 @@ static void sp_4096_mont_reduce_70(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_mul_70(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -15450,10 +15952,10 @@ SP_NOINLINE static void sp_4096_mont_mul_70(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_sqr_70(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -15464,9 +15966,9 @@ SP_NOINLINE static void sp_4096_mont_sqr_70(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_d_140(sp_digit* r, const sp_digit* a, sp_digit b) @@ -15487,10 +15989,11 @@ SP_NOINLINE static void sp_4096_mul_d_140(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_add_70(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -15505,9 +16008,9 @@ static void sp_4096_cond_add_70(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_add_70(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -15521,6 +16024,13 @@ SP_NOINLINE static int sp_4096_add_70(sp_digit* r, const sp_digit* a, return 0; } +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_4096_rshift_70(sp_digit* r, const sp_digit* a, byte n) { @@ -15532,6 +16042,14 @@ SP_NOINLINE static void sp_4096_rshift_70(sp_digit* r, const sp_digit* a, r[69] = a[69] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_div_word_70(sp_digit d1, sp_digit d0, sp_digit div) { @@ -15613,6 +16131,13 @@ static WC_INLINE sp_digit sp_4096_div_word_70(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_word_div_word_70(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -15627,11 +16152,13 @@ static WC_INLINE sp_digit sp_4096_word_div_word_70(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_div_70(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -15696,10 +16223,12 @@ static int sp_4096_div_70(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_mod_70(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -15709,17 +16238,20 @@ static int sp_4096_mod_70(sp_digit* r, const sp_digit* a, const sp_digit* m) #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_4096_mod_exp_70(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_4096_mod_exp_70(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 140); @@ -16009,6 +16541,24 @@ typedef struct sp_4096_mod_exp_70_ctx { int bits; } sp_4096_mod_exp_70_ctx; +/* Modular exponentiate a to the e mod m. (r = a^e mod m) + * + * Non-blocking version. Call repeatedly with the same context until it does + * not return MP_WOULDBLOCK. State is saved and restored through ctx. + * + * @param [in, out] ctx Context saving state for the non-blocking + * operation. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + */ static int sp_4096_mod_exp_70_nb(sp_4096_mod_exp_70_ctx* ctx, sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -16129,15 +16679,19 @@ static int sp_4096_mod_exp_70_nb(sp_4096_mod_exp_70_ctx* ctx, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -16348,18 +16902,23 @@ typedef struct sp_4096_RsaPublic_nb_ctx { * sub-state of the inner modular exponentiation, returning MP_WOULDBLOCK * until the operation completes. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_TO_E when outLen is too small, MP_READ_E on input size errors, - * MP_VAL when the modulus is even, or MP_EXPTMOD_E when the exponent - * is zero. + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_TO_E when outLen is too small. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even. + * @return MP_EXPTMOD_E when the exponent is zero. */ int sp_RsaPublic_4096_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -16439,20 +16998,24 @@ int sp_RsaPublic_4096_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -16743,17 +17306,22 @@ typedef struct sp_4096_RsaPrivate_nb_ctx { * The CRT path is not supported in non-blocking mode; configure with * RSA_LOW_MEM or SP_RSA_PRIVATE_EXP_D to enable this entry point. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_TO_E when outLen is too small, MP_READ_E on input size errors, or - * MP_VAL when the modulus is even. + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_TO_E when outLen is too small. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even. */ int sp_RsaPrivate_4096_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, const mp_int* dm, const mp_int* mm, byte* out, word32* outLen) @@ -16829,8 +17397,8 @@ int sp_RsaPrivate_4096_nb(sp_rsa_ctx_t* sp_ctx, const byte* in, word32 inLen, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) { @@ -16897,12 +17465,14 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -17008,14 +17578,18 @@ typedef struct sp_4096_ModExp_nb_ctx { /* Non-blocking modular exponentiation for Diffie-Hellman (mp_int form). * Drives sp_4096_mod_exp_70_nb one sub-state per call. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_READ_E on input size errors, or MP_VAL when the modulus is even or - * the exponent is zero (the latter rejected inside sp_mod_exp_nb). + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_READ_E on input size errors. + * @return MP_VAL when the modulus is even or the exponent is zero (the latterx + * rejected inside sp_mod_exp_nb). */ int sp_ModExp_4096_nb(sp_dh_ctx_t* sp_ctx, const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -17083,6 +17657,12 @@ int sp_ModExp_4096_nb(sp_dh_ctx_t* sp_ctx, const mp_int* base, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_4096 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_4096_lshift_70(sp_digit* r, const sp_digit* a, byte n) { @@ -17097,15 +17677,18 @@ SP_NOINLINE static void sp_4096_lshift_70(sp_digit* r, const sp_digit* a, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ -static int sp_4096_mod_exp_2_70(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) +static int sp_4096_mod_exp_2_70(sp_digit* r, const sp_digit* e, int bits, + const sp_digit* m) { SP_DECL_VAR(sp_digit, td, 211); sp_digit* norm = NULL; @@ -17203,15 +17786,17 @@ static int sp_4096_mod_exp_2_70(sp_digit* r, const sp_digit* e, int bits, const /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -17292,19 +17877,24 @@ typedef struct sp_4096_DhExp_nb_ctx { * Computes base^exp mod mod where base and exp are byte strings; suitable * for the TLS path where otherPub is already a byte buffer. * - * sp_ctx Persistent state buffer; first call must have all bytes zero. - * base Base bytes (other party's public key). - * baseSz Length, in bytes, of base (max 512). - * exp Exponent bytes (our private key). - * expLen Length, in bytes, of exp (max 512). - * mod Modulus. MP integer (must remain valid until first call returns). - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns MP_WOULDBLOCK while more work remains, MP_OKAY on completion, - * MP_READ_E when baseSz, expLen, or the modulus bit length is out of - * range, or MP_VAL when the modulus is even or expLen is zero (the - * latter rejected inside sp_mod_exp_nb). + * @param [in, out] sp_ctx Persistent state buffer; first call must have all + * bytes zero. + * @param [in] base Base bytes (other party's public key). + * @param [in] baseSz Length, in bytes, of base (max 512). + * @param [in] exp Exponent bytes (our private key). + * @param [in] expLen Length, in bytes, of exp (max 512). + * @param [in] mod Modulus. MP integer (must remain valid until first + * call returns). + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + * @return MP_READ_E when baseSz, expLen, or the modulus bit length is out of + * range. + * @return MP_VAL when the modulus is even or expLen is zero (the latterx + * rejected inside sp_mod_exp_nb). */ int sp_DhExp_4096_nb(sp_dh_ctx_t* sp_ctx, const byte* base, word32 baseSz, const byte* exp, word32 expLen, const mp_int* mod, byte* out, @@ -17383,10 +17973,10 @@ int sp_DhExp_4096_nb(sp_dh_ctx_t* sp_ctx, const byte* base, word32 baseSz, #else /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -17418,9 +18008,9 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -17507,8 +18097,8 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 512 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_4096_to_bin_78(sp_digit* r, byte* a) { @@ -17552,7 +18142,7 @@ static void sp_4096_to_bin_78(sp_digit* r, byte* a) #if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D) /* Normalize the values in each word to 53 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_4096_norm_39(sp_digit* a) { @@ -17583,7 +18173,7 @@ static void sp_4096_norm_39(sp_digit* a) #endif /* (WOLFSSL_HAVE_SP_RSA || WOLFSSL_HAVE_SP_DH) && !WOLFSSL_RSA_PUBLIC_ONLY */ /* Normalize the values in each word to 53 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_4096_norm_78(sp_digit* a) { @@ -17608,9 +18198,9 @@ static void sp_4096_norm_78(sp_digit* a) #ifndef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_4096_mul_13(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -17819,9 +18409,9 @@ SP_NOINLINE static void sp_4096_mul_13(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_add_13(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -17845,9 +18435,9 @@ SP_NOINLINE static int sp_4096_add_13(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_sub_26(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -17872,9 +18462,9 @@ SP_NOINLINE static int sp_4096_sub_26(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_add_26(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -17899,9 +18489,9 @@ SP_NOINLINE static int sp_4096_add_26(sp_digit* r, const sp_digit* a, /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_4096_mul_39(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -17949,9 +18539,9 @@ SP_NOINLINE static void sp_4096_mul_39(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_add_39(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -17981,9 +18571,9 @@ SP_NOINLINE static int sp_4096_add_39(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_add_78(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -18012,9 +18602,9 @@ SP_NOINLINE static int sp_4096_add_78(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_sub_78(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -18043,9 +18633,9 @@ SP_NOINLINE static int sp_4096_sub_78(sp_digit* r, const sp_digit* a, /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_4096_mul_78(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -18067,8 +18657,8 @@ SP_NOINLINE static void sp_4096_mul_78(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_4096_sqr_13(sp_digit* r, const sp_digit* a) { @@ -18198,8 +18788,8 @@ SP_NOINLINE static void sp_4096_sqr_13(sp_digit* r, const sp_digit* a) /* Square a into r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_4096_sqr_39(sp_digit* r, const sp_digit* a) { @@ -18240,8 +18830,8 @@ SP_NOINLINE static void sp_4096_sqr_39(sp_digit* r, const sp_digit* a) /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_4096_sqr_78(sp_digit* r, const sp_digit* a) { @@ -18261,8 +18851,8 @@ SP_NOINLINE static void sp_4096_sqr_78(sp_digit* r, const sp_digit* a) #endif /* !WOLFSSL_SP_SMALL */ /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -18283,9 +18873,9 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_d_78(sp_digit* r, const sp_digit* a, sp_digit b) @@ -18331,9 +18921,9 @@ SP_NOINLINE static void sp_4096_mul_d_78(sp_digit* r, const sp_digit* a, #if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_4096_sub_39(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -18364,8 +18954,8 @@ SP_NOINLINE static int sp_4096_sub_39(sp_digit* r, const sp_digit* a, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 4096 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_4096_mont_norm_39(sp_digit* r, const sp_digit* m) { @@ -18399,10 +18989,11 @@ static void sp_4096_mont_norm_39(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_4096_cmp_39(const sp_digit* a, const sp_digit* b) { @@ -18433,10 +19024,11 @@ static sp_digit sp_4096_cmp_39(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_sub_39(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -18464,9 +19056,9 @@ static void sp_4096_cond_sub_39(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_add_39(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -18511,8 +19103,8 @@ SP_NOINLINE static void sp_4096_mul_add_39(sp_digit* r, const sp_digit* a, /* Shift the result in the high 2048 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_4096_mont_shift_39(sp_digit* r, const sp_digit* a) { @@ -18549,9 +19141,10 @@ static void sp_4096_mont_shift_39(sp_digit* r, const sp_digit* a) /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_4096_mont_reduce_39(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -18579,11 +19172,11 @@ static void sp_4096_mont_reduce_39(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_mul_39(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -18594,10 +19187,10 @@ SP_NOINLINE static void sp_4096_mont_mul_39(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_sqr_39(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -18608,9 +19201,9 @@ SP_NOINLINE static void sp_4096_mont_sqr_39(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_d_39(sp_digit* r, const sp_digit* a, sp_digit b) @@ -18659,10 +19252,11 @@ SP_NOINLINE static void sp_4096_mul_d_39(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_add_39(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -18689,6 +19283,13 @@ static void sp_4096_cond_add_39(sp_digit* r, const sp_digit* a, } #endif /* !WOLFSSL_SP_SMALL */ +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_4096_rshift_39(sp_digit* r, const sp_digit* a, byte n) { @@ -18713,6 +19314,14 @@ SP_NOINLINE static void sp_4096_rshift_39(sp_digit* r, const sp_digit* a, r[38] = a[38] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_div_word_39(sp_digit d1, sp_digit d0, sp_digit div) { @@ -18794,6 +19403,13 @@ static WC_INLINE sp_digit sp_4096_div_word_39(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_word_div_word_39(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -18808,11 +19424,13 @@ static WC_INLINE sp_digit sp_4096_word_div_word_39(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_div_39(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -18877,10 +19495,12 @@ static int sp_4096_div_39(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_mod_39(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -18889,17 +19509,20 @@ static int sp_4096_mod_39(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_4096_mod_exp_39(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_4096_mod_exp_39(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 78); @@ -19193,8 +19816,8 @@ static int sp_4096_mod_exp_39(sp_digit* r, const sp_digit* a, const sp_digit* e, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 4096 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_4096_mont_norm_78(sp_digit* r, const sp_digit* m) { @@ -19227,10 +19850,11 @@ static void sp_4096_mont_norm_78(sp_digit* r, const sp_digit* m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_4096_cmp_78(const sp_digit* a, const sp_digit* b) { @@ -19260,10 +19884,11 @@ static sp_digit sp_4096_cmp_78(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_sub_78(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -19290,9 +19915,9 @@ static void sp_4096_cond_sub_78(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_add_78(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -19335,8 +19960,8 @@ SP_NOINLINE static void sp_4096_mul_add_78(sp_digit* r, const sp_digit* a, /* Shift the result in the high 4096 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_4096_mont_shift_78(sp_digit* r, const sp_digit* a) { @@ -19372,9 +19997,10 @@ static void sp_4096_mont_shift_78(sp_digit* r, const sp_digit* a) /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_4096_mont_reduce_78(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -19427,11 +20053,11 @@ static void sp_4096_mont_reduce_78(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_mul_78(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -19442,10 +20068,10 @@ SP_NOINLINE static void sp_4096_mont_mul_78(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_sqr_78(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -19456,9 +20082,9 @@ SP_NOINLINE static void sp_4096_mont_sqr_78(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_4096_mul_d_156(sp_digit* r, const sp_digit* a, sp_digit b) @@ -19498,10 +20124,11 @@ SP_NOINLINE static void sp_4096_mul_d_156(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_4096_cond_add_78(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -19527,6 +20154,13 @@ static void sp_4096_cond_add_78(sp_digit* r, const sp_digit* a, } #endif /* !WOLFSSL_SP_SMALL */ +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_4096_rshift_78(sp_digit* r, const sp_digit* a, byte n) { @@ -19550,6 +20184,14 @@ SP_NOINLINE static void sp_4096_rshift_78(sp_digit* r, const sp_digit* a, r[77] = a[77] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_div_word_78(sp_digit d1, sp_digit d0, sp_digit div) { @@ -19631,6 +20273,13 @@ static WC_INLINE sp_digit sp_4096_div_word_78(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_4096_word_div_word_78(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -19645,11 +20294,13 @@ static WC_INLINE sp_digit sp_4096_word_div_word_78(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_div_78(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -19714,10 +20365,12 @@ static int sp_4096_div_78(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_4096_mod_78(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -19729,17 +20382,20 @@ static int sp_4096_mod_78(sp_digit* r, const sp_digit* a, const sp_digit* m) defined(WOLFSSL_HAVE_SP_DH) /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ -static int sp_4096_mod_exp_78(sp_digit* r, const sp_digit* a, const sp_digit* e, - int bits, const sp_digit* m, int reduceA) +static int sp_4096_mod_exp_78(sp_digit* r, const sp_digit* a, + const sp_digit* e, int bits, const sp_digit* m, int reduceA) { #if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP) SP_DECL_VAR(sp_digit, td, 3 * 156); @@ -20029,6 +20685,24 @@ typedef struct sp_4096_mod_exp_78_ctx { int bits; } sp_4096_mod_exp_78_ctx; +/* Modular exponentiate a to the e mod m. (r = a^e mod m) + * + * Non-blocking version. Call repeatedly with the same context until it does + * not return MP_WOULDBLOCK. State is saved and restored through ctx. + * + * @param [in, out] ctx Context saving state for the non-blocking + * operation. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return MP_OKAY on completion. + * @return MP_WOULDBLOCK while more work remains. + */ static int sp_4096_mod_exp_78_nb(sp_4096_mod_exp_78_ctx* ctx, sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -20151,15 +20825,19 @@ static int sp_4096_mod_exp_78_nb(sp_4096_mod_exp_78_ctx* ctx, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -20354,20 +21032,24 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -20649,8 +21331,8 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) { @@ -20717,12 +21399,14 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -20817,6 +21501,12 @@ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_4096 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_4096_lshift_78(sp_digit* r, const sp_digit* a, byte n) { @@ -20984,15 +21674,18 @@ SP_NOINLINE static void sp_4096_lshift_78(sp_digit* r, const sp_digit* a, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ -static int sp_4096_mod_exp_2_78(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) +static int sp_4096_mod_exp_2_78(sp_digit* r, const sp_digit* e, int bits, + const sp_digit* m) { SP_DECL_VAR(sp_digit, td, 235); sp_digit* norm = NULL; @@ -21090,15 +21783,17 @@ static int sp_4096_mod_exp_2_78(sp_digit* r, const sp_digit* e, int bits, const /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -21253,9 +21948,9 @@ static const sp_digit p256_b[5] = { #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_256_mul_5(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -21293,9 +21988,9 @@ SP_NOINLINE static void sp_256_mul_5(sp_digit* r, const sp_digit* a, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_256_mul_5(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -21342,8 +22037,8 @@ SP_NOINLINE static void sp_256_mul_5(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_256_sqr_5(sp_digit* r, const sp_digit* a) { @@ -21384,8 +22079,8 @@ SP_NOINLINE static void sp_256_sqr_5(sp_digit* r, const sp_digit* a) #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_256_sqr_5(sp_digit* r, const sp_digit* a) { @@ -21421,9 +22116,9 @@ SP_NOINLINE static void sp_256_sqr_5(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_256_add_5(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -21439,9 +22134,9 @@ SP_NOINLINE static int sp_256_add_5(sp_digit* r, const sp_digit* a, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_256_add_5(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -21459,9 +22154,9 @@ SP_NOINLINE static int sp_256_add_5(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_256_sub_5(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -21478,9 +22173,9 @@ SP_NOINLINE static int sp_256_sub_5(sp_digit* r, const sp_digit* a, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_256_sub_5(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -21497,9 +22192,9 @@ SP_NOINLINE static int sp_256_sub_5(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -21585,8 +22280,8 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_256. * - * p Point of type sp_point_256 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_256 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_256_point_from_ecc_point_5(sp_point_256* p, const ecc_point* pm) @@ -21602,8 +22297,8 @@ static void sp_256_point_from_ecc_point_5(sp_point_256* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_256_to_mp(const sp_digit* a, mp_int* r) { @@ -21670,10 +22365,11 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_256 to type ecc_point. * - * p Point of type sp_point_256. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_256. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_256_point_to_ecc_point_5(const sp_point_256* p, ecc_point* pm) { @@ -21692,10 +22388,11 @@ static int sp_256_point_to_ecc_point_5(const sp_point_256* p, ecc_point* pm) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_256_cmp_5(const sp_digit* a, const sp_digit* b) { @@ -21720,10 +22417,11 @@ static sp_digit sp_256_cmp_5(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_256_cond_sub_5(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -21745,9 +22443,9 @@ static void sp_256_cond_sub_5(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_256_mul_add_5(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -21795,7 +22493,7 @@ SP_NOINLINE static void sp_256_mul_add_5(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 52 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_256_norm_5(sp_digit* a) { @@ -21815,8 +22513,8 @@ static void sp_256_norm_5(sp_digit* a) /* Shift the result in the high 256 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_256_mont_shift_5(sp_digit* r, const sp_digit* a) { @@ -21847,9 +22545,10 @@ static void sp_256_mont_shift_5(sp_digit* r, const sp_digit* a) /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_256_mont_reduce_order_5(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -21876,9 +22575,10 @@ static void sp_256_mont_reduce_order_5(sp_digit* a, const sp_digit* m, sp_digit /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_256_mont_reduce_5(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -21943,11 +22643,11 @@ static void sp_256_mont_reduce_5(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_mul_5(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -21958,10 +22658,10 @@ SP_NOINLINE static void sp_256_mont_mul_5(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_sqr_5(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -21973,11 +22673,11 @@ SP_NOINLINE static void sp_256_mont_sqr_5(sp_digit* r, const sp_digit* a, #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_sqr_n_5(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -22000,9 +22700,9 @@ static const word64 p256_mod_minus_2[4] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P256 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_256_mont_inv_5(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -22068,9 +22768,9 @@ static void sp_256_mont_inv_5(sp_digit* r, const sp_digit* a, sp_digit* td) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_256_map_5(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -22108,10 +22808,10 @@ static void sp_256_map_5(sp_point_256* r, const sp_point_256* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_256_mont_add_5(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -22126,9 +22826,9 @@ static void sp_256_mont_add_5(sp_digit* r, const sp_digit* a, const sp_digit* b, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_256_mont_dbl_5(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -22142,9 +22842,9 @@ static void sp_256_mont_dbl_5(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_256_mont_tpl_5(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -22165,10 +22865,11 @@ static void sp_256_mont_tpl_5(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_256_cond_add_5(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -22185,10 +22886,11 @@ static void sp_256_cond_add_5(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_256_cond_add_5(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -22203,10 +22905,10 @@ static void sp_256_cond_add_5(sp_digit* r, const sp_digit* a, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_256_mont_sub_5(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -22217,11 +22919,11 @@ static void sp_256_mont_sub_5(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_256_norm_5(r); } -/* Shift number left one bit. +/* Shift number right one bit. * Bottom bit is lost. * - * r Result of shift. - * a Number to shift. + * @param [out] r Result of shift. + * @param [in] a Number to shift. */ SP_NOINLINE static void sp_256_rshift1_5(sp_digit* r, const sp_digit* a) { @@ -22242,9 +22944,9 @@ SP_NOINLINE static void sp_256_rshift1_5(sp_digit* r, const sp_digit* a) /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ static void sp_256_mont_div2_5(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -22256,9 +22958,9 @@ static void sp_256_mont_div2_5(sp_digit* r, const sp_digit* a, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_5(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -22327,9 +23029,13 @@ typedef struct sp_256_proj_point_dbl_5_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_dbl_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -22459,9 +23165,10 @@ static int sp_256_proj_point_dbl_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_256_cmp_equal_5(const sp_digit* a, const sp_digit* b) { @@ -22472,8 +23179,9 @@ static int sp_256_cmp_equal_5(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_256_iszero_5(const sp_digit* a) { @@ -22483,10 +23191,10 @@ static int sp_256_iszero_5(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_5(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -22586,10 +23294,14 @@ typedef struct sp_256_proj_point_add_5_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_add_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -22773,10 +23485,12 @@ static int sp_256_proj_point_add_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_mod_mul_norm_5(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -22876,13 +23590,15 @@ static int sp_256_mod_mul_norm_5(sp_digit* r, const sp_digit* a, const sp_digit* * allocates memory rather than use large stacks. * 256 adds and doubles. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_5(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -22971,6 +23687,24 @@ typedef struct sp_256_ecc_mulmod_5_ctx { int y; } sp_256_ecc_mulmod_5_ctx; +/* Multiply the point by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_256_ecc_mulmod_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) { @@ -23080,9 +23814,9 @@ typedef struct sp_table_entry_256 { /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ static void sp_256_cond_copy_5(sp_digit* r, const sp_digit* a, const sp_digit m) { @@ -23112,10 +23846,9 @@ static void sp_256_cond_copy_5(sp_digit* r, const sp_digit* a, const sp_digit m) /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_n_5(sp_point_256* p, int i, sp_digit* t) @@ -23204,10 +23937,11 @@ static void sp_256_proj_point_dbl_n_5(sp_point_256* p, int i, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_n_store_5(sp_point_256* r, const sp_point_256* p, int n, int m, sp_digit* t) @@ -23277,11 +24011,11 @@ static void sp_256_proj_point_dbl_n_store_5(sp_point_256* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_sub_5(sp_point_256* ra, sp_point_256* rs, const sp_point_256* p, const sp_point_256* q, @@ -23383,8 +24117,8 @@ static const word8 recode_neg_5_6[66] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_256_ecc_recode_6_5(const sp_digit* k, ecc_recode_256* v) { @@ -23428,9 +24162,9 @@ static void sp_256_ecc_recode_6_5(const sp_digit* k, ecc_recode_256* v) #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_256_get_point_33_5(sp_point_256* r, const sp_point_256* table, int idx) @@ -23483,13 +24217,15 @@ static void sp_256_get_point_33_5(sp_point_256* r, const sp_point_256* table, * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_win_add_sub_5(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -23604,10 +24340,10 @@ static int sp_256_ecc_mulmod_win_add_sub_5(sp_point_256* r, const sp_point_256* * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_qz1_5(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -23685,8 +24421,8 @@ static void sp_256_proj_point_add_qz1_5(sp_point_256* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_256_proj_to_affine_5(sp_point_256* a, sp_digit* t) { @@ -23710,10 +24446,10 @@ static void sp_256_proj_to_affine_5(sp_point_256* a, sp_digit* t) * 256 entries * 32 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_256_gen_stripe_table_5(const sp_point_256* a, sp_table_entry_256* table, sp_digit* tmp, void* heap) @@ -23785,9 +24521,9 @@ static int sp_256_gen_stripe_table_5(const sp_point_256* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_256_get_entry_256_5(sp_point_256* r, const sp_table_entry_256* table, int idx) @@ -23830,13 +24566,16 @@ static void sp_256_get_entry_256_5(sp_point_256* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_stripe_5(sp_point_256* r, const sp_point_256* g, const sp_table_entry_256* table, const sp_digit* k, int map, @@ -23953,8 +24692,8 @@ static THREAD_LS_T int sp_cache_256_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) { @@ -24017,13 +24756,15 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_5(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -24099,12 +24840,14 @@ static int sp_256_ecc_mulmod_5(sp_point_256* r, const sp_point_256* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -24134,14 +24877,16 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -24194,11 +24939,14 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm, /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_5(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -24208,6 +24956,23 @@ static int sp_256_ecc_mulmod_base_5(sp_point_256* r, const sp_digit* k, } #ifdef WOLFSSL_SP_NONBLOCK +/* Multiply the base point of P256 by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_256_ecc_mulmod_base_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) { @@ -25511,12 +26276,14 @@ static const sp_table_entry_256 p256_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_5(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -25530,11 +26297,13 @@ static int sp_256_ecc_mulmod_base_5(sp_point_256* r, const sp_digit* k, /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -25562,13 +26331,15 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P256 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -25622,8 +26393,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * r A single precision integer. - * a A single precision integer. + * @param [in, out] a A single precision integer. */ SP_NOINLINE static void sp_256_add_one_5(sp_digit* a) { @@ -25634,10 +26404,10 @@ SP_NOINLINE static void sp_256_add_one_5(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -25669,10 +26439,12 @@ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_gen_k_5(WC_RNG* rng, sp_digit* k) { @@ -25702,12 +26474,15 @@ static int sp_256_ecc_gen_k_5(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -25779,6 +26554,23 @@ typedef struct sp_ecc_key_gen_256_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_256_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -25849,8 +26641,8 @@ int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 32 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_256_to_bin_5(sp_digit* r, byte* a) { @@ -25893,14 +26685,16 @@ static void sp_256_to_bin_5(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -25941,6 +26735,25 @@ typedef struct sp_ecc_sec_gen_256_ctx { sp_point_256 point; } sp_ecc_sec_gen_256_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -25985,6 +26798,13 @@ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_256_rshift_5(sp_digit* r, const sp_digit* a, byte n) { @@ -26015,9 +26835,9 @@ SP_NOINLINE static void sp_256_rshift_5(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_256_mul_d_5(sp_digit* r, const sp_digit* a, sp_digit b) @@ -26051,6 +26871,12 @@ SP_NOINLINE static void sp_256_mul_d_5(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_256_lshift_10(sp_digit* r, const sp_digit* a, byte n) { @@ -26094,11 +26920,13 @@ SP_NOINLINE static void sp_256_lshift_10(sp_digit* r, const sp_digit* a, * * Simplified based on top word of divisor being very large. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_256_div_5(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -26150,10 +26978,12 @@ static int sp_256_div_5(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_256_mod_5(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -26164,9 +26994,9 @@ static int sp_256_mod_5(sp_digit* r, const sp_digit* a, const sp_digit* m) #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P256 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_256_mont_mul_order_5(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -26190,8 +27020,8 @@ static const sp_int_digit p256_order_low[2] = { /* Square number mod the order of P256 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_256_mont_sqr_order_5(sp_digit* r, const sp_digit* a) { @@ -26203,8 +27033,9 @@ static void sp_256_mont_sqr_order_5(sp_digit* r, const sp_digit* a) /* Square number mod the order of P256 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_256_mont_sqr_n_order_5(sp_digit* r, const sp_digit* a, int n) { @@ -26217,19 +27048,24 @@ static void sp_256_mont_sqr_n_order_5(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_256_mont_inv_order_5_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_256_mont_inv_order_5_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P256 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_256_mont_inv_order_5_ctx { - int state; - int i; -} sp_256_mont_inv_order_5_ctx; static int sp_256_mont_inv_order_5_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -26265,6 +27101,13 @@ static int sp_256_mont_inv_order_5_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const s } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P256 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_256_mont_inv_order_5(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -26373,13 +27216,15 @@ static void sp_256_mont_inv_order_5(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_calc_s_5(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -26427,15 +27272,18 @@ static int sp_256_calc_s_5(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 256 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -26543,6 +27391,30 @@ typedef struct sp_ecc_sign_256_ctx { int i; } sp_ecc_sign_256_ctx; +/* Sign the hash using the private key. + * e = [hash, 256 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 256 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -26700,6 +27572,12 @@ static const char sp_256_tab64_5[64] = { 57, 46, 26, 32, 36, 17, 10, 13, 45, 25, 16, 9, 24, 8, 7, 6}; +/* Get the number of bits in the value. (Position of the highest set bit + 1.) + * + * @param [in] v Value to count bits in. + * + * @return The number of bits. + */ static int sp_256_num_bits_52_5(sp_digit v) { v |= v >> 1; @@ -26711,6 +27589,12 @@ static int sp_256_num_bits_52_5(sp_digit v) return sp_256_tab64_5[((word64)((v - (v >> 1))*0x07EDD5E59A4E28C2)) >> 58]; } +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ static int sp_256_num_bits_5(const sp_digit* a) { int i; @@ -26729,11 +27613,12 @@ static int sp_256_num_bits_5(const sp_digit* a) /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. - * @return MEMEORY_E when dynamic memory allocation fails. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_256_mod_inv_5(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -26836,9 +27721,9 @@ static int sp_256_mod_inv_5(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_256_add_points_5(sp_point_256* p1, const sp_point_256* p2, sp_digit* tmp) @@ -26863,13 +27748,16 @@ static void sp_256_add_points_5(sp_point_256* p1, const sp_point_256* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_calc_vfy_point_5(sp_point_256* p1, sp_point_256* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -26930,14 +27818,18 @@ static int sp_256_calc_vfy_point_5(sp_point_256* p1, sp_point_256* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 256 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -27033,6 +27925,32 @@ typedef struct sp_ecc_verify_256_ctx { sp_point_256 p2; } sp_ecc_verify_256_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 256) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 256 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -27169,10 +28087,12 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_256_ecc_is_point_5(const sp_point_256* point, void* heap) @@ -27214,10 +28134,12 @@ static int sp_256_ecc_is_point_5(const sp_point_256* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY) { @@ -27243,13 +28165,17 @@ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -27333,16 +28259,18 @@ int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -27391,13 +28319,15 @@ int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -27437,10 +28367,12 @@ int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -27480,8 +28412,10 @@ int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ) #ifdef HAVE_COMP_KEY /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_256_mont_sqrt_5(sp_digit* y) { @@ -27534,10 +28468,12 @@ static int sp_256_mont_sqrt_5(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym) { @@ -27672,9 +28608,9 @@ static const sp_digit p384_b[7] = { #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_384_mul_7(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -27712,9 +28648,9 @@ SP_NOINLINE static void sp_384_mul_7(sp_digit* r, const sp_digit* a, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_384_mul_7(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -27789,8 +28725,8 @@ SP_NOINLINE static void sp_384_mul_7(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_384_sqr_7(sp_digit* r, const sp_digit* a) { @@ -27831,8 +28767,8 @@ SP_NOINLINE static void sp_384_sqr_7(sp_digit* r, const sp_digit* a) #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_384_sqr_7(sp_digit* r, const sp_digit* a) { @@ -27885,9 +28821,9 @@ SP_NOINLINE static void sp_384_sqr_7(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_384_add_7(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -27903,9 +28839,9 @@ SP_NOINLINE static int sp_384_add_7(sp_digit* r, const sp_digit* a, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_384_add_7(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -27925,9 +28861,9 @@ SP_NOINLINE static int sp_384_add_7(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_384_sub_7(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -27944,9 +28880,9 @@ SP_NOINLINE static int sp_384_sub_7(sp_digit* r, const sp_digit* a, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_384_sub_7(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -27965,9 +28901,9 @@ SP_NOINLINE static int sp_384_sub_7(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -28053,8 +28989,8 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_384. * - * p Point of type sp_point_384 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_384 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_384_point_from_ecc_point_7(sp_point_384* p, const ecc_point* pm) @@ -28070,8 +29006,8 @@ static void sp_384_point_from_ecc_point_7(sp_point_384* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_384_to_mp(const sp_digit* a, mp_int* r) { @@ -28138,10 +29074,11 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_384 to type ecc_point. * - * p Point of type sp_point_384. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_384. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_384_point_to_ecc_point_7(const sp_point_384* p, ecc_point* pm) { @@ -28160,10 +29097,11 @@ static int sp_384_point_to_ecc_point_7(const sp_point_384* p, ecc_point* pm) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_384_cmp_7(const sp_digit* a, const sp_digit* b) { @@ -28190,10 +29128,11 @@ static sp_digit sp_384_cmp_7(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_384_cond_sub_7(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -28217,9 +29156,9 @@ static void sp_384_cond_sub_7(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_384_mul_add_7(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -28277,7 +29216,7 @@ SP_NOINLINE static void sp_384_mul_add_7(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 55 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_384_norm_7(sp_digit* a) { @@ -28299,8 +29238,8 @@ static void sp_384_norm_7(sp_digit* a) /* Shift the result in the high 384 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_384_mont_shift_7(sp_digit* r, const sp_digit* a) { @@ -28333,9 +29272,10 @@ static void sp_384_mont_shift_7(sp_digit* r, const sp_digit* a) /* Reduce the number back to 384 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_384_mont_reduce_order_7(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -28362,9 +29302,10 @@ static void sp_384_mont_reduce_order_7(sp_digit* a, const sp_digit* m, sp_digit /* Reduce the number back to 384 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_384_mont_reduce_7(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -28432,11 +29373,11 @@ static void sp_384_mont_reduce_7(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_mul_7(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -28447,10 +29388,10 @@ SP_NOINLINE static void sp_384_mont_mul_7(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_7(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -28462,11 +29403,11 @@ SP_NOINLINE static void sp_384_mont_sqr_7(sp_digit* r, const sp_digit* a, #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_n_7(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -28489,9 +29430,9 @@ static const word64 p384_mod_minus_2[6] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P384 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_384_mont_inv_7(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -28573,9 +29514,9 @@ static void sp_384_mont_inv_7(sp_digit* r, const sp_digit* a, sp_digit* td) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_384_map_7(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -28613,10 +29554,10 @@ static void sp_384_map_7(sp_point_384* r, const sp_point_384* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_384_mont_add_7(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -28631,9 +29572,9 @@ static void sp_384_mont_add_7(sp_digit* r, const sp_digit* a, const sp_digit* b, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_384_mont_dbl_7(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -28647,9 +29588,9 @@ static void sp_384_mont_dbl_7(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_384_mont_tpl_7(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -28670,10 +29611,11 @@ static void sp_384_mont_tpl_7(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_384_cond_add_7(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -28690,10 +29632,11 @@ static void sp_384_cond_add_7(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_384_cond_add_7(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -28710,10 +29653,10 @@ static void sp_384_cond_add_7(sp_digit* r, const sp_digit* a, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_384_mont_sub_7(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -28724,11 +29667,11 @@ static void sp_384_mont_sub_7(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_384_norm_7(r); } -/* Shift number left one bit. +/* Shift number right one bit. * Bottom bit is lost. * - * r Result of shift. - * a Number to shift. + * @param [out] r Result of shift. + * @param [in] a Number to shift. */ SP_NOINLINE static void sp_384_rshift1_7(sp_digit* r, const sp_digit* a) { @@ -28751,9 +29694,9 @@ SP_NOINLINE static void sp_384_rshift1_7(sp_digit* r, const sp_digit* a) /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ static void sp_384_mont_div2_7(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -28765,9 +29708,9 @@ static void sp_384_mont_div2_7(sp_digit* r, const sp_digit* a, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_7(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -28836,9 +29779,13 @@ typedef struct sp_384_proj_point_dbl_7_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_dbl_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -28968,9 +29915,10 @@ static int sp_384_proj_point_dbl_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_384_cmp_equal_7(const sp_digit* a, const sp_digit* b) { @@ -28982,8 +29930,9 @@ static int sp_384_cmp_equal_7(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_384_iszero_7(const sp_digit* a) { @@ -28993,10 +29942,10 @@ static int sp_384_iszero_7(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_7(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -29096,10 +30045,14 @@ typedef struct sp_384_proj_point_add_7_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_add_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -29283,10 +30236,12 @@ static int sp_384_proj_point_add_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_mod_mul_norm_7(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -29418,13 +30373,15 @@ static int sp_384_mod_mul_norm_7(sp_digit* r, const sp_digit* a, const sp_digit* * allocates memory rather than use large stacks. * 384 adds and doubles. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_7(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -29513,6 +30470,24 @@ typedef struct sp_384_ecc_mulmod_7_ctx { int y; } sp_384_ecc_mulmod_7_ctx; +/* Multiply the point by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_384_ecc_mulmod_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) { @@ -29622,9 +30597,9 @@ typedef struct sp_table_entry_384 { /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ static void sp_384_cond_copy_7(sp_digit* r, const sp_digit* a, const sp_digit m) { @@ -29658,10 +30633,9 @@ static void sp_384_cond_copy_7(sp_digit* r, const sp_digit* a, const sp_digit m) /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_n_7(sp_point_384* p, int i, sp_digit* t) @@ -29750,10 +30724,11 @@ static void sp_384_proj_point_dbl_n_7(sp_point_384* p, int i, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_n_store_7(sp_point_384* r, const sp_point_384* p, int n, int m, sp_digit* t) @@ -29823,11 +30798,11 @@ static void sp_384_proj_point_dbl_n_store_7(sp_point_384* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_sub_7(sp_point_384* ra, sp_point_384* rs, const sp_point_384* p, const sp_point_384* q, @@ -29929,8 +30904,8 @@ static const word8 recode_neg_7_6[66] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_384_ecc_recode_6_7(const sp_digit* k, ecc_recode_384* v) { @@ -29974,9 +30949,9 @@ static void sp_384_ecc_recode_6_7(const sp_digit* k, ecc_recode_384* v) #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_point_33_7(sp_point_384* r, const sp_point_384* table, int idx) @@ -30041,13 +31016,15 @@ static void sp_384_get_point_33_7(sp_point_384* r, const sp_point_384* table, * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_win_add_sub_7(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -30162,10 +31139,10 @@ static int sp_384_ecc_mulmod_win_add_sub_7(sp_point_384* r, const sp_point_384* * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_qz1_7(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -30243,8 +31220,8 @@ static void sp_384_proj_point_add_qz1_7(sp_point_384* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_384_proj_to_affine_7(sp_point_384* a, sp_digit* t) { @@ -30268,10 +31245,10 @@ static void sp_384_proj_to_affine_7(sp_point_384* a, sp_digit* t) * 256 entries * 48 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_384_gen_stripe_table_7(const sp_point_384* a, sp_table_entry_384* table, sp_digit* tmp, void* heap) @@ -30343,9 +31320,9 @@ static int sp_384_gen_stripe_table_7(const sp_point_384* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_entry_256_7(sp_point_384* r, const sp_table_entry_384* table, int idx) @@ -30396,13 +31373,16 @@ static void sp_384_get_entry_256_7(sp_point_384* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_stripe_7(sp_point_384* r, const sp_point_384* g, const sp_table_entry_384* table, const sp_digit* k, int map, @@ -30519,8 +31499,8 @@ static THREAD_LS_T int sp_cache_384_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) { @@ -30583,13 +31563,15 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_7(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -30665,12 +31647,14 @@ static int sp_384_ecc_mulmod_7(sp_point_384* r, const sp_point_384* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -30700,14 +31684,16 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -30760,11 +31746,14 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm, /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_7(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -30774,6 +31763,23 @@ static int sp_384_ecc_mulmod_base_7(sp_point_384* r, const sp_digit* k, } #ifdef WOLFSSL_SP_NONBLOCK +/* Multiply the base point of P384 by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_384_ecc_mulmod_base_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) { @@ -32587,12 +33593,14 @@ static const sp_table_entry_384 p384_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_7(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -32606,11 +33614,13 @@ static int sp_384_ecc_mulmod_base_7(sp_point_384* r, const sp_digit* k, /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -32638,13 +33648,15 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P384 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -32698,8 +33710,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * r A single precision integer. - * a A single precision integer. + * @param [in, out] a A single precision integer. */ SP_NOINLINE static void sp_384_add_one_7(sp_digit* a) { @@ -32710,10 +33721,10 @@ SP_NOINLINE static void sp_384_add_one_7(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -32745,10 +33756,12 @@ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_gen_k_7(WC_RNG* rng, sp_digit* k) { @@ -32778,12 +33791,15 @@ static int sp_384_ecc_gen_k_7(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -32855,6 +33871,23 @@ typedef struct sp_ecc_key_gen_384_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_384_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -32925,8 +33958,8 @@ int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 48 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_384_to_bin_7(sp_digit* r, byte* a) { @@ -32969,14 +34002,16 @@ static void sp_384_to_bin_7(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -33017,6 +34052,25 @@ typedef struct sp_ecc_sec_gen_384_ctx { sp_point_384 point; } sp_ecc_sec_gen_384_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -33061,6 +34115,13 @@ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_384_rshift_7(sp_digit* r, const sp_digit* a, byte n) { @@ -33093,9 +34154,9 @@ SP_NOINLINE static void sp_384_rshift_7(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_384_mul_d_7(sp_digit* r, const sp_digit* a, sp_digit b) @@ -33133,6 +34194,12 @@ SP_NOINLINE static void sp_384_mul_d_7(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_384_lshift_14(sp_digit* r, const sp_digit* a, byte n) { @@ -33184,11 +34251,13 @@ SP_NOINLINE static void sp_384_lshift_14(sp_digit* r, const sp_digit* a, * * Simplified based on top word of divisor being (1 << 55) - 1 * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_384_div_7(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -33234,10 +34303,12 @@ static int sp_384_div_7(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_384_mod_7(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -33248,9 +34319,9 @@ static int sp_384_mod_7(sp_digit* r, const sp_digit* a, const sp_digit* m) #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P384 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_384_mont_mul_order_7(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -33274,8 +34345,8 @@ static const word64 p384_order_low[3] = { /* Square number mod the order of P384 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_384_mont_sqr_order_7(sp_digit* r, const sp_digit* a) { @@ -33287,8 +34358,9 @@ static void sp_384_mont_sqr_order_7(sp_digit* r, const sp_digit* a) /* Square number mod the order of P384 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_384_mont_sqr_n_order_7(sp_digit* r, const sp_digit* a, int n) { @@ -33301,19 +34373,24 @@ static void sp_384_mont_sqr_n_order_7(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_384_mont_inv_order_7_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_384_mont_inv_order_7_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P384 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_384_mont_inv_order_7_ctx { - int state; - int i; -} sp_384_mont_inv_order_7_ctx; static int sp_384_mont_inv_order_7_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -33349,6 +34426,13 @@ static int sp_384_mont_inv_order_7_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const s } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P384 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_384_mont_inv_order_7(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -33424,13 +34508,15 @@ static void sp_384_mont_inv_order_7(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_calc_s_7(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -33478,15 +34564,18 @@ static int sp_384_calc_s_7(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 384 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -33594,6 +34683,30 @@ typedef struct sp_ecc_sign_384_ctx { int i; } sp_ecc_sign_384_ctx; +/* Sign the hash using the private key. + * e = [hash, 384 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 384 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -33751,6 +34864,12 @@ static const char sp_384_tab64_7[64] = { 57, 46, 26, 32, 36, 17, 10, 13, 45, 25, 16, 9, 24, 8, 7, 6}; +/* Get the number of bits in the value. (Position of the highest set bit + 1.) + * + * @param [in] v Value to count bits in. + * + * @return The number of bits. + */ static int sp_384_num_bits_55_7(sp_digit v) { v |= v >> 1; @@ -33762,6 +34881,12 @@ static int sp_384_num_bits_55_7(sp_digit v) return sp_384_tab64_7[((word64)((v - (v >> 1))*0x07EDD5E59A4E28C2)) >> 58]; } +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ static int sp_384_num_bits_7(const sp_digit* a) { int i; @@ -33780,11 +34905,12 @@ static int sp_384_num_bits_7(const sp_digit* a) /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. - * @return MEMEORY_E when dynamic memory allocation fails. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_384_mod_inv_7(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -33887,9 +35013,9 @@ static int sp_384_mod_inv_7(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_384_add_points_7(sp_point_384* p1, const sp_point_384* p2, sp_digit* tmp) @@ -33916,13 +35042,16 @@ static void sp_384_add_points_7(sp_point_384* p1, const sp_point_384* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_calc_vfy_point_7(sp_point_384* p1, sp_point_384* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -33983,14 +35112,18 @@ static int sp_384_calc_vfy_point_7(sp_point_384* p1, sp_point_384* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 384 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -34086,6 +35219,32 @@ typedef struct sp_ecc_verify_384_ctx { sp_point_384 p2; } sp_ecc_verify_384_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 384) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 384 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -34222,10 +35381,12 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_384_ecc_is_point_7(const sp_point_384* point, void* heap) @@ -34267,10 +35428,12 @@ static int sp_384_ecc_is_point_7(const sp_point_384* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY) { @@ -34296,13 +35459,17 @@ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -34386,16 +35553,18 @@ int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -34444,13 +35613,15 @@ int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -34490,10 +35661,12 @@ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -34533,8 +35706,10 @@ int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ) #ifdef HAVE_COMP_KEY /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_384_mont_sqrt_7(sp_digit* y) { @@ -34618,10 +35793,12 @@ static int sp_384_mont_sqrt_7(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym) { @@ -34765,9 +35942,9 @@ static const sp_digit p521_b[9] = { #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_521_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -34805,9 +35982,9 @@ SP_NOINLINE static void sp_521_mul_9(sp_digit* r, const sp_digit* a, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_521_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -34922,8 +36099,8 @@ SP_NOINLINE static void sp_521_mul_9(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_521_sqr_9(sp_digit* r, const sp_digit* a) { @@ -34964,8 +36141,8 @@ SP_NOINLINE static void sp_521_sqr_9(sp_digit* r, const sp_digit* a) #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_521_sqr_9(sp_digit* r, const sp_digit* a) { @@ -35043,9 +36220,9 @@ SP_NOINLINE static void sp_521_sqr_9(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_521_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -35061,9 +36238,9 @@ SP_NOINLINE static int sp_521_add_9(sp_digit* r, const sp_digit* a, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_521_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -35085,9 +36262,9 @@ SP_NOINLINE static int sp_521_add_9(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_521_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -35104,9 +36281,9 @@ SP_NOINLINE static int sp_521_sub_9(sp_digit* r, const sp_digit* a, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_521_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -35127,9 +36304,9 @@ SP_NOINLINE static int sp_521_sub_9(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -35215,8 +36392,8 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_521. * - * p Point of type sp_point_521 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_521 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_521_point_from_ecc_point_9(sp_point_521* p, const ecc_point* pm) @@ -35232,8 +36409,8 @@ static void sp_521_point_from_ecc_point_9(sp_point_521* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_521_to_mp(const sp_digit* a, mp_int* r) { @@ -35300,10 +36477,11 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_521 to type ecc_point. * - * p Point of type sp_point_521. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_521. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_521_point_to_ecc_point_9(const sp_point_521* p, ecc_point* pm) { @@ -35322,7 +36500,7 @@ static int sp_521_point_to_ecc_point_9(const sp_point_521* p, ecc_point* pm) /* Normalize the values in each word to 58 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_521_norm_9(sp_digit* a) { @@ -35346,9 +36524,10 @@ static void sp_521_norm_9(sp_digit* a) /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_521_mont_reduce_9(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -35371,10 +36550,11 @@ static void sp_521_mont_reduce_9(sp_digit* a, const sp_digit* m, sp_digit mp) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_521_cmp_9(const sp_digit* a, const sp_digit* b) { @@ -35403,10 +36583,11 @@ static sp_digit sp_521_cmp_9(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_521_cond_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -35432,9 +36613,9 @@ static void sp_521_cond_sub_9(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_521_mul_add_9(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -35490,8 +36671,8 @@ SP_NOINLINE static void sp_521_mul_add_9(sp_digit* r, const sp_digit* a, /* Shift the result in the high 521 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_521_mont_shift_9(sp_digit* r, const sp_digit* a) { @@ -35526,9 +36707,10 @@ static void sp_521_mont_shift_9(sp_digit* r, const sp_digit* a) /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_521_mont_reduce_order_9(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -35556,11 +36738,11 @@ static void sp_521_mont_reduce_order_9(sp_digit* a, const sp_digit* m, sp_digit /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -35571,10 +36753,10 @@ SP_NOINLINE static void sp_521_mont_mul_9(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -35586,11 +36768,11 @@ SP_NOINLINE static void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a, #ifndef WOLFSSL_SP_SMALL /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_sqr_n_9(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -35614,9 +36796,9 @@ static const word64 p521_mod_minus_2[9] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P521 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_521_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -35694,9 +36876,9 @@ static void sp_521_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_521_map_9(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -35734,10 +36916,10 @@ static void sp_521_map_9(sp_point_521* r, const sp_point_521* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_521_mont_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -35752,9 +36934,9 @@ static void sp_521_mont_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_521_mont_dbl_9(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -35768,9 +36950,9 @@ static void sp_521_mont_dbl_9(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_521_mont_tpl_9(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -35791,10 +36973,11 @@ static void sp_521_mont_tpl_9(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_521_cond_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -35811,10 +36994,11 @@ static void sp_521_cond_add_9(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_521_cond_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -35833,10 +37017,10 @@ static void sp_521_cond_add_9(sp_digit* r, const sp_digit* a, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -35847,11 +37031,11 @@ static void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_521_norm_9(r); } -/* Shift number left one bit. +/* Shift number right one bit. * Bottom bit is lost. * - * r Result of shift. - * a Number to shift. + * @param [out] r Result of shift. + * @param [in] a Number to shift. */ SP_NOINLINE static void sp_521_rshift1_9(sp_digit* r, const sp_digit* a) { @@ -35876,9 +37060,9 @@ SP_NOINLINE static void sp_521_rshift1_9(sp_digit* r, const sp_digit* a) /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ static void sp_521_mont_div2_9(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -35890,9 +37074,9 @@ static void sp_521_mont_div2_9(sp_digit* r, const sp_digit* a, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -35961,9 +37145,13 @@ typedef struct sp_521_proj_point_dbl_9_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -36093,9 +37281,10 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_521_cmp_equal_9(const sp_digit* a, const sp_digit* b) { @@ -36107,8 +37296,9 @@ static int sp_521_cmp_equal_9(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_521_iszero_9(const sp_digit* a) { @@ -36119,10 +37309,10 @@ static int sp_521_iszero_9(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_9(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -36222,10 +37412,14 @@ typedef struct sp_521_proj_point_add_9_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -36409,10 +37603,12 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_mod_mul_norm_9(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -36433,13 +37629,15 @@ static int sp_521_mod_mul_norm_9(sp_digit* r, const sp_digit* a, const sp_digit* * allocates memory rather than use large stacks. * 521 adds and doubles. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -36528,6 +37726,24 @@ typedef struct sp_521_ecc_mulmod_9_ctx { int y; } sp_521_ecc_mulmod_9_ctx; +/* Multiply the point by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_521_ecc_mulmod_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) { @@ -36637,9 +37853,9 @@ typedef struct sp_table_entry_521 { /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ static void sp_521_cond_copy_9(sp_digit* r, const sp_digit* a, const sp_digit m) { @@ -36677,10 +37893,9 @@ static void sp_521_cond_copy_9(sp_digit* r, const sp_digit* a, const sp_digit m) /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i, sp_digit* t) @@ -36769,10 +37984,11 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r, const sp_point_521* p, int n, int m, sp_digit* t) @@ -36842,11 +38058,11 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_sub_9(sp_point_521* ra, sp_point_521* rs, const sp_point_521* p, const sp_point_521* q, @@ -36948,8 +38164,8 @@ static const word8 recode_neg_9_6[66] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v) { @@ -36993,9 +38209,9 @@ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v) #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_point_33_9(sp_point_521* r, const sp_point_521* table, int idx) @@ -37072,13 +38288,15 @@ static void sp_521_get_point_33_9(sp_point_521* r, const sp_point_521* table, * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -37193,10 +38411,10 @@ static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521* * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_qz1_9(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -37274,8 +38492,8 @@ static void sp_521_proj_point_add_qz1_9(sp_point_521* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_521_proj_to_affine_9(sp_point_521* a, sp_digit* t) { @@ -37299,10 +38517,10 @@ static void sp_521_proj_to_affine_9(sp_point_521* a, sp_digit* t) * 256 entries * 65 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_521_gen_stripe_table_9(const sp_point_521* a, sp_table_entry_521* table, sp_digit* tmp, void* heap) @@ -37374,9 +38592,9 @@ static int sp_521_gen_stripe_table_9(const sp_point_521* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_entry_256_9(sp_point_521* r, const sp_table_entry_521* table, int idx) @@ -37435,13 +38653,16 @@ static void sp_521_get_entry_256_9(sp_point_521* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_stripe_9(sp_point_521* r, const sp_point_521* g, const sp_table_entry_521* table, const sp_digit* k, int map, @@ -37558,8 +38779,8 @@ static THREAD_LS_T int sp_cache_521_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) { @@ -37622,13 +38843,15 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -37704,12 +38927,14 @@ static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -37739,14 +38964,16 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -37799,11 +39026,14 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm, /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -37813,6 +39043,23 @@ static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k, } #ifdef WOLFSSL_SP_NONBLOCK +/* Multiply the base point of P521 by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_521_ecc_mulmod_base_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) { @@ -39626,12 +40873,14 @@ static const sp_table_entry_521 p521_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -39645,11 +40894,13 @@ static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k, /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -39677,13 +40928,15 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P521 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -39737,8 +40990,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * r A single precision integer. - * a A single precision integer. + * @param [in, out] a A single precision integer. */ SP_NOINLINE static void sp_521_add_one_9(sp_digit* a) { @@ -39749,10 +41001,10 @@ SP_NOINLINE static void sp_521_add_one_9(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -39784,10 +41036,12 @@ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_gen_k_9(WC_RNG* rng, sp_digit* k) { @@ -39818,12 +41072,15 @@ static int sp_521_ecc_gen_k_9(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -39895,6 +41152,23 @@ typedef struct sp_ecc_key_gen_521_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_521_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -39965,8 +41239,8 @@ int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 66 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_521_to_bin_9(sp_digit* r, byte* a) { @@ -40009,14 +41283,16 @@ static void sp_521_to_bin_9(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_521(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -40057,6 +41333,25 @@ typedef struct sp_ecc_sec_gen_521_ctx { sp_point_521 point; } sp_ecc_sec_gen_521_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -40099,6 +41394,13 @@ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #endif /* HAVE_ECC_DHE */ #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_521_rshift_9(sp_digit* r, const sp_digit* a, byte n) { @@ -40127,9 +41429,9 @@ SP_NOINLINE static void sp_521_rshift_9(sp_digit* r, const sp_digit* a, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_521_mul_d_9(sp_digit* r, const sp_digit* a, sp_digit b) @@ -40171,6 +41473,12 @@ SP_NOINLINE static void sp_521_mul_d_9(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_521_lshift_18(sp_digit* r, const sp_digit* a, byte n) { @@ -40230,11 +41538,13 @@ SP_NOINLINE static void sp_521_lshift_18(sp_digit* r, const sp_digit* a, * * Simplified based on top word of divisor being (1 << 58) - 1 * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_521_div_9(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -40280,10 +41590,12 @@ static int sp_521_div_9(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_521_mod_9(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -40294,9 +41606,9 @@ static int sp_521_mod_9(sp_digit* r, const sp_digit* a, const sp_digit* m) #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P521 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_521_mont_mul_order_9(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -40322,8 +41634,8 @@ static const word64 p521_order_low[5] = { /* Square number mod the order of P521 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_521_mont_sqr_order_9(sp_digit* r, const sp_digit* a) { @@ -40335,8 +41647,9 @@ static void sp_521_mont_sqr_order_9(sp_digit* r, const sp_digit* a) /* Square number mod the order of P521 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_521_mont_sqr_n_order_9(sp_digit* r, const sp_digit* a, int n) { @@ -40349,19 +41662,24 @@ static void sp_521_mont_sqr_n_order_9(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_521_mont_inv_order_9_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_521_mont_inv_order_9_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P521 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_521_mont_inv_order_9_ctx { - int state; - int i; -} sp_521_mont_inv_order_9_ctx; static int sp_521_mont_inv_order_9_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -40397,6 +41715,13 @@ static int sp_521_mont_inv_order_9_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const s } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P521 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_521_mont_inv_order_9(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -40485,13 +41810,15 @@ static void sp_521_mont_inv_order_9(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_calc_s_9(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -40539,15 +41866,18 @@ static int sp_521_calc_s_9(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 521 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_521(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -40661,6 +41991,30 @@ typedef struct sp_ecc_sign_521_ctx { int i; } sp_ecc_sign_521_ctx; +/* Sign the hash using the private key. + * e = [hash, 521 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 521 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -40822,6 +42176,12 @@ static const char sp_521_tab64_9[64] = { 57, 46, 26, 32, 36, 17, 10, 13, 45, 25, 16, 9, 24, 8, 7, 6}; +/* Get the number of bits in the value. (Position of the highest set bit + 1.) + * + * @param [in] v Value to count bits in. + * + * @return The number of bits. + */ static int sp_521_num_bits_58_9(sp_digit v) { v |= v >> 1; @@ -40833,6 +42193,12 @@ static int sp_521_num_bits_58_9(sp_digit v) return sp_521_tab64_9[((word64)((v - (v >> 1))*0x07EDD5E59A4E28C2)) >> 58]; } +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ static int sp_521_num_bits_9(const sp_digit* a) { int i; @@ -40851,11 +42217,12 @@ static int sp_521_num_bits_9(const sp_digit* a) /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. - * @return MEMEORY_E when dynamic memory allocation fails. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_521_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -40958,9 +42325,9 @@ static int sp_521_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_521_add_points_9(sp_point_521* p1, const sp_point_521* p2, sp_digit* tmp) @@ -40989,13 +42356,16 @@ static void sp_521_add_points_9(sp_point_521* p1, const sp_point_521* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_calc_vfy_point_9(sp_point_521* p1, sp_point_521* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -41056,14 +42426,18 @@ static int sp_521_calc_vfy_point_9(sp_point_521* p1, sp_point_521* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 521 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_521(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -41164,6 +42538,32 @@ typedef struct sp_ecc_verify_521_ctx { sp_point_521 p2; } sp_ecc_verify_521_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 521) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 521 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -41304,10 +42704,12 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_521_ecc_is_point_9(const sp_point_521* point, void* heap) @@ -41349,10 +42751,12 @@ static int sp_521_ecc_is_point_9(const sp_point_521* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY) { @@ -41378,13 +42782,17 @@ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -41468,16 +42876,18 @@ int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -41526,13 +42936,15 @@ int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -41572,10 +42984,12 @@ int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_521(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -41622,8 +43036,10 @@ static const word64 p521_sqrt_power[9] = { /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_521_mont_sqrt_9(sp_digit* y) { @@ -41654,10 +43070,12 @@ static int sp_521_mont_sqrt_9(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_521(mp_int* xm, int odd, mp_int* ym) { @@ -41724,9 +43142,9 @@ typedef struct sp_point_1024 { #ifndef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_1024_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -41839,8 +43257,8 @@ SP_NOINLINE static void sp_1024_mul_9(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_1024_sqr_9(sp_digit* r, const sp_digit* a) { @@ -41916,9 +43334,9 @@ SP_NOINLINE static void sp_1024_sqr_9(sp_digit* r, const sp_digit* a) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_1024_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -41938,9 +43356,9 @@ SP_NOINLINE static int sp_1024_add_9(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_1024_add_18(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -41965,9 +43383,9 @@ SP_NOINLINE static int sp_1024_add_18(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_1024_sub_18(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -41992,9 +43410,9 @@ SP_NOINLINE static int sp_1024_sub_18(sp_digit* r, const sp_digit* a, /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_1024_mul_18(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42016,8 +43434,8 @@ SP_NOINLINE static void sp_1024_mul_18(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_1024_sqr_18(sp_digit* r, const sp_digit* a) { @@ -42037,9 +43455,9 @@ SP_NOINLINE static void sp_1024_sqr_18(sp_digit* r, const sp_digit* a) #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_1024_mul_18(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42076,8 +43494,8 @@ SP_NOINLINE static void sp_1024_mul_18(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_1024_sqr_18(sp_digit* r, const sp_digit* a) { @@ -42191,7 +43609,7 @@ static const sp_point_1024 p1024_base = { /* Normalize the values in each word to 57 bits. * - * a Array of sp_digit to normalize. + * @param [in, out] a Array of sp_digit to normalize. */ static void sp_1024_norm_18(sp_digit* a) { @@ -42219,9 +43637,9 @@ static void sp_1024_norm_18(sp_digit* a) /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_1024_mul_d_18(sp_digit* r, const sp_digit* a, sp_digit b) @@ -42278,9 +43696,9 @@ SP_NOINLINE static void sp_1024_mul_d_18(sp_digit* r, const sp_digit* a, /* Multiply a by scalar b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_1024_mul_d_36(sp_digit* r, const sp_digit* a, sp_digit b) @@ -42333,10 +43751,11 @@ SP_NOINLINE static void sp_1024_mul_d_36(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_1024_cond_add_18(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -42353,10 +43772,11 @@ static void sp_1024_cond_add_18(sp_digit* r, const sp_digit* a, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ static void sp_1024_cond_add_18(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -42381,9 +43801,9 @@ static void sp_1024_cond_add_18(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_1024_sub_18(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42401,9 +43821,9 @@ SP_NOINLINE static int sp_1024_sub_18(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static int sp_1024_add_18(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -42418,6 +43838,13 @@ SP_NOINLINE static int sp_1024_add_18(sp_digit* r, const sp_digit* a, } #endif /* WOLFSSL_SP_SMALL */ +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ SP_NOINLINE static void sp_1024_rshift_18(sp_digit* r, const sp_digit* a, byte n) { @@ -42443,6 +43870,14 @@ SP_NOINLINE static void sp_1024_rshift_18(sp_digit* r, const sp_digit* a, r[17] = a[17] >> n; } +/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) + * + * @param [in] d1 The high word of the number to divide. + * @param [in] d0 The low word of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_1024_div_word_18(sp_digit d1, sp_digit d0, sp_digit div) { @@ -42524,6 +43959,13 @@ static WC_INLINE sp_digit sp_1024_div_word_18(sp_digit d1, sp_digit d0, return r; #endif } +/* Divide a word by a word. (d / div) + * + * @param [in] d The number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. + */ static WC_INLINE sp_digit sp_1024_word_div_word_18(sp_digit d, sp_digit div) { #if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \ @@ -42538,11 +43980,13 @@ static WC_INLINE sp_digit sp_1024_word_div_word_18(sp_digit d, sp_digit div) * * Full implementation. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_1024_div_18(const sp_digit* a, const sp_digit* d, const sp_digit* m, sp_digit* r) @@ -42607,10 +44051,12 @@ static int sp_1024_div_18(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when unable to allocate memory. */ static int sp_1024_mod_18(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -42619,10 +44065,12 @@ static int sp_1024_mod_18(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_mod_mul_norm_18(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -42635,10 +44083,12 @@ static int sp_1024_mod_mul_norm_18(sp_digit* r, const sp_digit* a, #ifdef WOLFCRYPT_HAVE_SAKKE /* Create a new point. * - * heap [in] Buffer to allocate dynamic memory from. - * sp [in] Data for point - only if not allocating. - * p [out] New point. - * returns MEMORY_E when dynamic memory allocation fails and 0 otherwise. + * @param [in] heap Buffer to allocate dynamic memory from. + * @param [in] sp Data for point - only if not allocating. + * @param [out] p New point. + * + * @return 0 otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_1024_point_new_ex_18(void* heap, sp_point_1024* sp, sp_point_1024** p) @@ -42670,9 +44120,9 @@ static int sp_1024_point_new_ex_18(void* heap, sp_point_1024* sp, #ifdef WOLFCRYPT_HAVE_SAKKE /* Free the point. * - * p [in,out] Point to free. - * clear [in] Indicates whether to zeroize point. - * heap [in] Buffer from which dynamic memory was allocate from. + * @param [in, out] p Point to free. + * @param [in] clear Indicates whether to zeroize point. + * @param [in] heap Buffer from which dynamic memory was allocate from. */ static void sp_1024_point_free_18(sp_point_1024* p, int clear, void* heap) { @@ -42697,9 +44147,9 @@ static void sp_1024_point_free_18(sp_point_1024* p, int clear, void* heap) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -42785,8 +44235,8 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_1024. * - * p Point of type sp_point_1024 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_1024 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_1024_point_from_ecc_point_18(sp_point_1024* p, const ecc_point* pm) @@ -42802,8 +44252,8 @@ static void sp_1024_point_from_ecc_point_18(sp_point_1024* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) { @@ -42870,10 +44320,11 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_1024 to type ecc_point. * - * p Point of type sp_point_1024. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_1024. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_1024_point_to_ecc_point_18(const sp_point_1024* p, ecc_point* pm) { @@ -42892,10 +44343,11 @@ static int sp_1024_point_to_ecc_point_18(const sp_point_1024* p, ecc_point* pm) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ static sp_digit sp_1024_cmp_18(const sp_digit* a, const sp_digit* b) { @@ -42929,10 +44381,11 @@ static sp_digit sp_1024_cmp_18(const sp_digit* a, const sp_digit* b) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ static void sp_1024_cond_sub_18(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit m) @@ -42963,9 +44416,9 @@ static void sp_1024_cond_sub_18(sp_digit* r, const sp_digit* a, /* Mul a by scalar b and add into r. (r += a * b) * - * r A single precision integer. - * a A single precision integer. - * b A scalar. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A scalar. */ SP_NOINLINE static void sp_1024_mul_add_18(sp_digit* r, const sp_digit* a, const sp_digit b) @@ -43028,8 +44481,8 @@ SP_NOINLINE static void sp_1024_mul_add_18(sp_digit* r, const sp_digit* a, /* Shift the result in the high 1024 bits down to the bottom. * - * r A single precision number. - * a A single precision number. + * @param [out] r A single precision number. + * @param [in] a A single precision number. */ static void sp_1024_mont_shift_18(sp_digit* r, const sp_digit* a) { @@ -43069,9 +44522,10 @@ static void sp_1024_mont_shift_18(sp_digit* r, const sp_digit* a) /* Reduce the number back to 1024 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ static void sp_1024_mont_reduce_18(sp_digit* a, const sp_digit* m, sp_digit mp) { @@ -43112,11 +44566,11 @@ static void sp_1024_mont_reduce_18(sp_digit* a, const sp_digit* m, sp_digit mp) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_mul_18(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -43127,10 +44581,10 @@ SP_NOINLINE static void sp_1024_mont_mul_18(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_sqr_18(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -43165,9 +44619,9 @@ static const word8 p1024_mod_minus_2[] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P1024 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_1024_mont_inv_18(sp_digit* r, const sp_digit* a, sp_digit* td) @@ -43202,9 +44656,9 @@ static void sp_1024_mont_inv_18(sp_digit* r, const sp_digit* a, /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_1024_map_18(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -43242,10 +44696,10 @@ static void sp_1024_map_18(sp_point_1024* r, const sp_point_1024* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_1024_mont_add_18(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -43260,9 +44714,9 @@ static void sp_1024_mont_add_18(sp_digit* r, const sp_digit* a, const sp_digit* /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_1024_mont_dbl_18(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -43276,9 +44730,9 @@ static void sp_1024_mont_dbl_18(sp_digit* r, const sp_digit* a, const sp_digit* /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_1024_mont_tpl_18(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -43297,10 +44751,10 @@ static void sp_1024_mont_tpl_18(sp_digit* r, const sp_digit* a, const sp_digit* /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ static void sp_1024_mont_sub_18(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m) @@ -43311,11 +44765,11 @@ static void sp_1024_mont_sub_18(sp_digit* r, const sp_digit* a, const sp_digit* sp_1024_norm_18(r); } -/* Shift number left one bit. +/* Shift number right one bit. * Bottom bit is lost. * - * r Result of shift. - * a Number to shift. + * @param [out] r Result of shift. + * @param [in] a Number to shift. */ SP_NOINLINE static void sp_1024_rshift1_18(sp_digit* r, const sp_digit* a) { @@ -43349,9 +44803,9 @@ SP_NOINLINE static void sp_1024_rshift1_18(sp_digit* r, const sp_digit* a) /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ static void sp_1024_mont_div2_18(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -43363,9 +44817,9 @@ static void sp_1024_mont_div2_18(sp_digit* r, const sp_digit* a, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_18(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -43434,9 +44888,13 @@ typedef struct sp_1024_proj_point_dbl_18_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_dbl_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -43566,9 +45024,10 @@ static int sp_1024_proj_point_dbl_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_1024_cmp_equal_18(const sp_digit* a, const sp_digit* b) { @@ -43583,8 +45042,9 @@ static int sp_1024_cmp_equal_18(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_1024_iszero_18(const sp_digit* a) { @@ -43596,10 +45056,10 @@ static int sp_1024_iszero_18(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_18(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -43699,10 +45159,14 @@ typedef struct sp_1024_proj_point_add_18_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_add_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -43892,13 +45356,15 @@ static int sp_1024_proj_point_add_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, * allocates memory rather than use large stacks. * 1024 adds and doubles. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_18(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -43987,6 +45453,24 @@ typedef struct sp_1024_ecc_mulmod_18_ctx { int y; } sp_1024_ecc_mulmod_18_ctx; +/* Multiply the point by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_1024_ecc_mulmod_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) { @@ -44096,9 +45580,9 @@ typedef struct sp_table_entry_1024 { /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ static void sp_1024_cond_copy_18(sp_digit* r, const sp_digit* a, const sp_digit m) { @@ -44154,10 +45638,9 @@ static void sp_1024_cond_copy_18(sp_digit* r, const sp_digit* a, const sp_digit /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_n_18(sp_point_1024* p, int i, sp_digit* t) @@ -44246,10 +45729,11 @@ static void sp_1024_proj_point_dbl_n_18(sp_point_1024* p, int i, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_n_store_18(sp_point_1024* r, const sp_point_1024* p, int n, int m, sp_digit* t) @@ -44319,11 +45803,11 @@ static void sp_1024_proj_point_dbl_n_store_18(sp_point_1024* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_sub_18(sp_point_1024* ra, sp_point_1024* rs, const sp_point_1024* p, const sp_point_1024* q, @@ -44433,8 +45917,8 @@ static const word8 recode_neg_18_7[130] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_1024_ecc_recode_7_18(const sp_digit* k, ecc_recode_1024* v) { @@ -44485,13 +45969,15 @@ static void sp_1024_ecc_recode_7_18(const sp_digit* k, ecc_recode_1024* v) * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_win_add_sub_18(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -44610,10 +46096,10 @@ static int sp_1024_ecc_mulmod_win_add_sub_18(sp_point_1024* r, const sp_point_10 * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_qz1_18(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -44691,8 +46177,8 @@ static void sp_1024_proj_point_add_qz1_18(sp_point_1024* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_1024_proj_to_affine_18(sp_point_1024* a, sp_digit* t) { @@ -44716,10 +46202,10 @@ static void sp_1024_proj_to_affine_18(sp_point_1024* a, sp_digit* t) * 256 entries * 128 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_1024_gen_stripe_table_18(const sp_point_1024* a, sp_table_entry_1024* table, sp_digit* tmp, void* heap) @@ -44796,13 +46282,16 @@ static int sp_1024_gen_stripe_table_18(const sp_point_1024* a, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_stripe_18(sp_point_1024* r, const sp_point_1024* g, const sp_table_entry_1024* table, const sp_digit* k, int map, @@ -44904,8 +46393,8 @@ static THREAD_LS_T int sp_cache_1024_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache) { @@ -44968,13 +46457,15 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_18(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -45050,12 +46541,14 @@ static int sp_1024_ecc_mulmod_18(sp_point_1024* r, const sp_point_1024* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -45086,11 +46579,14 @@ int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_base_18(sp_point_1024* r, const sp_digit* k, int map, int ct, void* heap) @@ -45100,6 +46596,23 @@ static int sp_1024_ecc_mulmod_base_18(sp_point_1024* r, const sp_digit* k, } #ifdef WOLFSSL_SP_NONBLOCK +/* Multiply the base point of P1024 by the scalar and return the result. + * If map is true then convert result to affine coordinates. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ static int sp_1024_ecc_mulmod_base_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_digit* k, int map, int ct, void* heap) { @@ -48445,12 +49958,14 @@ static const sp_table_entry_1024 p1024_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_base_18(sp_point_1024* r, const sp_digit* k, int map, int ct, void* heap) @@ -48464,11 +49979,13 @@ static int sp_1024_ecc_mulmod_base_18(sp_point_1024* r, const sp_digit* k, /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -48496,13 +50013,15 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P1024 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -48553,12 +50072,15 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, #ifndef WOLFSSL_SP_SMALL /* Generate a pre-computation table for the point. * - * gm Point to generate table for. - * table Buffer to hold pre-computed points table. - * len Length of table. - * heap Heap to use for allocation. - * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is - * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise. + * @param [in] gm Point to generate table for. + * @param [out] table Buffer to hold pre-computed points table. + * @param [in, out] len Length of table. + * @param [in] heap Heap to use for allocation. + * + * @return 0 otherwise. + * @return BAD_FUNC_ARG when gm or len is NULL. + * @return LENGTH_ONLY_E when table is NULL and length is returned. + * @return BUFFER_E when length is too small. */ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, void* heap) @@ -48598,12 +50120,15 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, #else /* Generate a pre-computation table for the point. * - * gm Point to generate table for. - * table Buffer to hold pre-computed points table. - * len Length of table. - * heap Heap to use for allocation. - * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is - * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise. + * @param [in] gm Point to generate table for. + * @param [out] table Buffer to hold pre-computed points table. + * @param [in, out] len Length of table. + * @param [in] heap Heap to use for allocation. + * + * @return 0 otherwise. + * @return BAD_FUNC_ARG when gm or len is NULL. + * @return LENGTH_ONLY_E when table is NULL and length is returned. + * @return BUFFER_E when length is too small. */ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, void* heap) @@ -48633,13 +50158,15 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * gm Point to multiply. - * table Pre-computed points. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] table Pre-computed points. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, ecc_point* r, int map, void* heap) @@ -48677,10 +50204,12 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, * r.x = p.x - (p.y * q.y) * r.y = (p.x * q.y) + p.y * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * q [in] A single precision integer - multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] q A single precision integer - multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_qx1_18(sp_digit* px, sp_digit* py, const sp_digit* q, sp_digit* t) @@ -48703,9 +50232,11 @@ static void sp_1024_proj_mul_qx1_18(sp_digit* px, sp_digit* py, * px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2 * py' = 2 * p.x * p.y * - * px [in,out] A single precision integer - X ordinate of number to square. - * py [in,out] A single precision integer - Y ordinate of number to square. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_sqr_18(sp_digit* px, sp_digit* py, sp_digit* t) { @@ -48730,10 +50261,12 @@ static void sp_1024_proj_sqr_18(sp_digit* px, sp_digit* py, sp_digit* t) * Simple square and multiply when expontent bit is one algorithm. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -50370,11 +51903,13 @@ static const sp_digit sp_1024_g_table[256][18] = { * Total of 256 points in table. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -50469,13 +52004,15 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) * p.x' = v0 - v1 * p.y' = (px + py) * (qx + qy) - v0 - v1 * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * qx [in] A single precision integer - X ordinate of number of - * multiplier. - * qy [in] A single precision integer - Y ordinate of number of - * multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] qx A single precision integer - X ordinate of number of + * multiplier. + * @param [in] qy A single precision integer - Y ordinate of number of + * multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_18(sp_digit* px, sp_digit* py, const sp_digit* qx, const sp_digit* qy, sp_digit* t) @@ -50505,8 +52042,8 @@ static void sp_1024_proj_mul_18(sp_digit* px, sp_digit* py, /* * Convert point from projective to affine but keep in Montgomery form. * - * p [in,out] Point to convert. - * t [in] Temporary numbers: 2. + * @param [in, out] p Point to convert. + * @param [in] t Temporary numbers: 2. */ static void sp_1024_mont_map_18(sp_point_1024* p, sp_digit* t) { @@ -50535,11 +52072,11 @@ static void sp_1024_mont_map_18(sp_point_1024* p, sp_digit* t) * p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 * p'.z = 2 * p.y * p.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_18(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -50625,14 +52162,14 @@ static void sp_1024_accumulate_line_dbl_18(sp_digit* vx, sp_digit* vy, * c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 * c'.z = (c.x - p.x * c.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added * to. - * @param [in] p ECC point - point on E(F_p^2) to add. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] qx_px SP that is a constant value across adds. - * @param [in] t SP temporaries (6 used). + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] qx_px SP that is a constant value across adds. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_add_one_18(sp_digit* vx, sp_digit* vy, sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px, @@ -50709,10 +52246,10 @@ static void sp_1024_accumulate_line_add_one_18(sp_digit* vx, sp_digit* vy, * * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q. * - * @param [in] key SAKKE key. - * @param [in] p First point on E(F_p)[q]. - * @param [in] q Second point on E(F_p)[q]. - * @param [in] r Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -50846,14 +52383,14 @@ int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res) * c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 * c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added - * to. - * @param [in,out] p ECC point - point on E(F_p^2) to add. - * @param [in,out] q ECC point - second point on E(F_P^2). - * @param [in,out] t SP temporaries (6 used). - * @param [in,out] neg Indicates to use negative P. + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added to. + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in, out] t SP temporaries (6 used). + * @param [in] neg Indicates to use negative P. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -50967,12 +52504,12 @@ static void sp_1024_accumulate_line_add_n_18(sp_digit* vx, sp_digit* vy, * Finally: * p'.y = py' / 2 * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] n Number of times to double. - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] n Number of times to double. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_n_18(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t) @@ -51087,9 +52624,10 @@ static const signed char sp_1024_order_op[] = { * Subtract if top bit in window is one. * Width of 6 bits. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -51261,13 +52799,14 @@ int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res) * * Small implementation does not use a table - returns 0 length. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. */ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, word32* len) @@ -51294,11 +52833,12 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, * * Small implementation does not use a table - use the normal implementation. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -51317,11 +52857,11 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm, * l = 3 * (p.x^2 - 1) / (2 * p.y) * c = l * p.x - p.y * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to double. - * @param [in] py Y-ordinate of point to double. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to double. + * @param [in] py Y-ordinate of point to double. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_dbl_calc_lc_18(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, sp_digit* t) @@ -51358,13 +52898,13 @@ static void sp_1024_accum_dbl_calc_lc_18(sp_digit* lr, sp_digit* cr, * l = (c.y - p.y) / (c.x - p.x) * c = (p.x * c.y - cx * p.y) / (cx - p.x) * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to add. - * @param [in] py Y-ordinate of point to add. - * @param [in] cx X-ordinate of current point. - * @param [in] cy Y-ordinate of current point. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to add. + * @param [in] py Y-ordinate of point to add. + * @param [in] cx X-ordinate of current point. + * @param [in] cy Y-ordinate of current point. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_add_calc_lc_18(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, const sp_digit* cx, @@ -51408,13 +52948,13 @@ static void sp_1024_accum_add_calc_lc_18(sp_digit* lr, sp_digit* cr, * r.y = q->y * v* = v* * r* * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in] l Gradient to multiply with. - * @param [in] c Constant to add with. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (3 used). - * @param [in] dbl Indicates whether this is for doubling. Otherwise + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in] l Gradient to multiply with. + * @param [in] c Constant to add with. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (3 used). + * @param [in] dbl Indicates whether this is for doubling. Otherwise * adding. */ static void sp_1024_accumulate_line_lc_18(sp_digit* vx, sp_digit* vy, @@ -51470,14 +53010,15 @@ static const signed char sp_1024_order_op_pre[] = { * Subtract if top bit in window is one. * Width of 6 bits. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. - * MEMORY_E when dynamic memory allocation fauls. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. + * @return MEMORY_E when dynamic memory allocation fauls. */ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, word32* len) @@ -51631,11 +53172,12 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, * Pre-generate values in window (1, 3, ...) - only V. * Table contains all gradient l and a constant for each point on the path. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -51816,10 +53358,10 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm, #endif /* WOLFSSL_SP_SMALL */ /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -51851,10 +53393,12 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_1024_ecc_is_point_18(const sp_point_1024* point, void* heap) @@ -51900,10 +53444,12 @@ static int sp_1024_ecc_is_point_18(const sp_point_1024* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY) { @@ -51929,13 +53475,17 @@ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) diff --git a/wolfcrypt/src/sp_cortexm.c b/wolfcrypt/src/sp_cortexm.c index 6755a9d594..e315322f7c 100644 --- a/wolfcrypt/src/sp_cortexm.c +++ b/wolfcrypt/src/sp_cortexm.c @@ -139,10 +139,10 @@ #ifndef WOLFSSL_SP_NO_2048 /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -186,9 +186,9 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -275,8 +275,8 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 256 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_2048_to_bin_64(sp_digit* r, byte* a) { @@ -294,14 +294,14 @@ static void sp_2048_to_bin_64(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_2048_norm_64(a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_2048_norm_64(a) @@ -309,9 +309,9 @@ static void sp_2048_to_bin_64(sp_digit* r, byte* a) #ifdef WOLFSSL_ARM_ARCH_7M /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_8(sp_digit* r_p, @@ -328,9 +328,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "SUB sp, sp, #0x24\n\t" + "SUB sp, sp, #36\n\t" "STR %[r], [sp, #32]\n\t" - "MOV %[r], #0x0\n\t" + "MOV %[r], #0\n\t" "LDR r12, [%[a]]\n\t" /* A[0] * B[0] */ "LDR lr, [%[b]]\n\t" @@ -352,315 +352,315 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_8(sp_digit* r, "ADDS r5, r5, r11\n\t" /* A[0] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADCS r6, r6, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r6, r6, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[0] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADCS r8, r8, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r8, r8, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[0] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADCS r10, r10, #0x0\n\t" - "ADC r3, %[r], #0x0\n\t" + "ADCS r10, r10, #0\n\t" + "ADC r3, %[r], #0\n\t" "UMLAL r10, r3, r12, lr\n\t" /* A[1] * B[0] */ "LDR r12, [%[a], #4]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "STR r4, [sp, #4]\n\t" "ADDS r5, r5, r11\n\t" /* A[1] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[1] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[1] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[1] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[1] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[1] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[1] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r4, %[r], #0x0\n\t" + "ADC r4, %[r], #0\n\t" "UMLAL r3, r4, r12, lr\n\t" /* A[2] * B[0] */ "LDR r12, [%[a], #8]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "STR r5, [sp, #8]\n\t" "ADDS r6, r6, r11\n\t" /* A[2] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[2] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[2] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[2] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[2] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[2] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[2] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r5, %[r], #0x0\n\t" + "ADC r5, %[r], #0\n\t" "UMLAL r4, r5, r12, lr\n\t" /* A[3] * B[0] */ "LDR r12, [%[a], #12]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "STR r6, [sp, #12]\n\t" "ADDS r7, r7, r11\n\t" /* A[3] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[3] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[3] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[3] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[3] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[3] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[3] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r6, %[r], #0x0\n\t" + "ADC r6, %[r], #0\n\t" "UMLAL r5, r6, r12, lr\n\t" /* A[4] * B[0] */ "LDR r12, [%[a], #16]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "STR r7, [sp, #16]\n\t" "ADDS r8, r8, r11\n\t" /* A[4] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[4] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[4] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[4] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[4] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[4] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[4] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r7, %[r], #0x0\n\t" + "ADC r7, %[r], #0\n\t" "UMLAL r6, r7, r12, lr\n\t" /* A[5] * B[0] */ "LDR r12, [%[a], #20]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "STR r8, [sp, #20]\n\t" "ADDS r9, r9, r11\n\t" /* A[5] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[5] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[5] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[5] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[5] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[5] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[5] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r8, %[r], #0x0\n\t" + "ADC r8, %[r], #0\n\t" "UMLAL r7, r8, r12, lr\n\t" /* A[6] * B[0] */ "LDR r12, [%[a], #24]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "STR r9, [sp, #24]\n\t" "ADDS r10, r10, r11\n\t" /* A[6] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[6] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[6] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[6] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[6] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[6] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[6] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r9, %[r], #0x0\n\t" + "ADC r9, %[r], #0\n\t" "UMLAL r8, r9, r12, lr\n\t" /* A[7] * B[0] */ "LDR r12, [%[a], #28]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "STR r10, [sp, #28]\n\t" "ADDS r3, r3, r11\n\t" /* A[7] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[7] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[7] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[7] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[7] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[7] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[7] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r10, %[r], #0x0\n\t" + "ADC r10, %[r], #0\n\t" "UMLAL r9, r10, r12, lr\n\t" "LDR %[r], [sp, #32]\n\t" - "ADD %[r], %[r], #0x20\n\t" + "ADD %[r], %[r], #32\n\t" "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" "LDM sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" - "SUB %[r], %[r], #0x20\n\t" + "SUB %[r], %[r], #32\n\t" "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" - "ADD sp, sp, #0x24\n\t" + "ADD sp, sp, #36\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -676,9 +676,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_8(sp_digit* r, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_8(sp_digit* r_p, @@ -695,7 +695,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "SUB sp, sp, #0x2c\n\t" + "SUB sp, sp, #44\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG "STRD %[r], %[a], [sp, #36]\n\t" #else @@ -725,54 +725,54 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_8(sp_digit* r, "UMAAL r9, r10, r2, r4\n\t" "UMAAL r10, r11, r3, r4\n\t" "LDM lr, {r4, r5, r6, r7}\n\t" - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "UMLAL r8, r12, r0, r4\n\t" "UMAAL r9, r12, r1, r4\n\t" "UMAAL r10, r12, r2, r4\n\t" "UMAAL r11, r12, r3, r4\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "UMLAL r9, r4, r0, r5\n\t" "UMAAL r10, r4, r1, r5\n\t" "UMAAL r11, r4, r2, r5\n\t" "UMAAL r12, r4, r3, r5\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r0, r6\n\t" "UMAAL r11, r5, r1, r6\n\t" "UMAAL r12, r5, r2, r6\n\t" "UMAAL r4, r5, r3, r6\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r11, r6, r0, r7\n\t" "LDR r0, [sp, #40]\n\t" "UMAAL r12, r6, r1, r7\n\t" - "ADD r0, r0, #0x10\n\t" + "ADD r0, r0, #16\n\t" "UMAAL r4, r6, r2, r7\n\t" - "SUB lr, lr, #0x10\n\t" + "SUB lr, lr, #16\n\t" "UMAAL r5, r6, r3, r7\n\t" "LDM r0, {r0, r1, r2, r3}\n\t" "STR r6, [sp, #32]\n\t" "LDM lr!, {r6}\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r8, r7, r0, r6\n\t" "UMAAL r9, r7, r1, r6\n\t" "STR r8, [sp, #16]\n\t" "UMAAL r10, r7, r2, r6\n\t" "UMAAL r11, r7, r3, r6\n\t" "LDM lr!, {r6}\n\t" - "MOV r8, #0x0\n\t" + "MOV r8, #0\n\t" "UMLAL r9, r8, r0, r6\n\t" "UMAAL r10, r8, r1, r6\n\t" "STR r9, [sp, #20]\n\t" "UMAAL r11, r8, r2, r6\n\t" "UMAAL r12, r8, r3, r6\n\t" "LDM lr!, {r6}\n\t" - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" "UMLAL r10, r9, r0, r6\n\t" "UMAAL r11, r9, r1, r6\n\t" "STR r10, [sp, #24]\n\t" "UMAAL r12, r9, r2, r6\n\t" "UMAAL r4, r9, r3, r6\n\t" "LDM lr!, {r6}\n\t" - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "UMLAL r11, r10, r0, r6\n\t" "UMAAL r12, r10, r1, r6\n\t" "STR r11, [sp, #28]\n\t" @@ -800,12 +800,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_8(sp_digit* r, "UMAAL r9, r10, r3, lr\n\t" "MOV r3, r12\n\t" "LDR lr, [sp, #36]\n\t" - "ADD lr, lr, #0x20\n\t" + "ADD lr, lr, #32\n\t" "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" - "SUB lr, lr, #0x20\n\t" + "SUB lr, lr, #32\n\t" "LDM sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" - "ADD sp, sp, #0x2c\n\t" + "ADD sp, sp, #44\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -821,9 +821,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mul_8(sp_digit* r, #endif /* WOLFSSL_ARM_ARCH_7M */ /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_8(sp_digit* r_p, @@ -854,8 +854,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_8(sp_digit* r, "ADCS r5, r5, r9\n\t" "ADCS r6, r6, r10\n\t" "STM %[r]!, {r3, r4, r5, r6}\n\t" - "MOV %[r], #0x0\n\t" - "ADC %[r], %[r], #0x0\n\t" + "MOV %[r], #0\n\t" + "ADC %[r], %[r], #0\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -870,8 +870,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_8(sp_digit* r, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_16(sp_digit* a_p, @@ -930,9 +930,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_16(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_16(sp_digit* r_p, @@ -977,8 +977,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_16(sp_digit* r, "ADCS r5, r5, r9\n\t" "ADCS r6, r6, r10\n\t" "STM %[r]!, {r3, r4, r5, r6}\n\t" - "MOV %[r], #0x0\n\t" - "ADC %[r], %[r], #0x0\n\t" + "MOV %[r], #0\n\t" + "ADC %[r], %[r], #0\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -993,9 +993,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_16(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_8(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -1019,9 +1019,9 @@ static void sp_2048_mask_8(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -1058,8 +1058,8 @@ SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, @@ -1146,9 +1146,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r_p, @@ -1221,8 +1221,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r, "ADCS r5, r5, r9\n\t" "ADCS r6, r6, r10\n\t" "STM %[r]!, {r3, r4, r5, r6}\n\t" - "MOV %[r], #0x0\n\t" - "ADC %[r], %[r], #0x0\n\t" + "MOV %[r], #0\n\t" + "ADC %[r], %[r], #0\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -1237,9 +1237,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -1267,9 +1267,9 @@ static void sp_2048_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -1306,8 +1306,8 @@ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, @@ -1450,9 +1450,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r_p, @@ -1581,8 +1581,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r, "ADCS r5, r5, r9\n\t" "ADCS r6, r6, r10\n\t" "STM %[r]!, {r3, r4, r5, r6}\n\t" - "MOV %[r], #0x0\n\t" - "ADC %[r], %[r], #0x0\n\t" + "MOV %[r], #0\n\t" + "ADC %[r], %[r], #0\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -1597,9 +1597,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -1627,9 +1627,9 @@ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -1667,8 +1667,8 @@ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_ARM_ARCH_7M /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_8(sp_digit* r_p, @@ -1686,7 +1686,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_8(sp_digit* r, __asm__ __volatile__ ( "SUB sp, sp, #0x44\n\t" "STR %[r], [sp, #64]\n\t" - "MOV %[r], #0x0\n\t" + "MOV %[r], #0\n\t" "LDR r12, [%[a]]\n\t" /* A[0] * A[1] */ "LDR lr, [%[a], #4]\n\t" @@ -1702,137 +1702,137 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_8(sp_digit* r, "UMULL r10, r3, r12, lr\n\t" /* A[0] * A[2] */ "LDR lr, [%[a], #8]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[0] * A[4] */ "LDR lr, [%[a], #16]\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r7, r7, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[0] * A[6] */ "LDR lr, [%[a], #24]\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r9, r9, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" - "ADCS r3, r3, #0x0\n\t" + "ADCS r3, r3, #0\n\t" "STR r4, [sp, #4]\n\t" "STR r5, [sp, #8]\n\t" /* A[1] * A[2] */ "LDR r12, [%[a], #4]\n\t" "LDR lr, [%[a], #8]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "STR r6, [sp, #12]\n\t" "ADDS r7, r7, r11\n\t" /* A[1] * A[3] */ "LDR lr, [%[a], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "STR r7, [sp, #16]\n\t" "ADDS r8, r8, r11\n\t" /* A[1] * A[4] */ "LDR lr, [%[a], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[1] * A[5] */ "LDR lr, [%[a], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[1] * A[6] */ "LDR lr, [%[a], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[1] * A[7] */ "LDR lr, [%[a], #28]\n\t" - "ADC r4, %[r], #0x0\n\t" + "ADC r4, %[r], #0\n\t" "UMLAL r3, r4, r12, lr\n\t" /* A[2] * A[3] */ "LDR r12, [%[a], #8]\n\t" "LDR lr, [%[a], #12]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "STR r8, [sp, #20]\n\t" "ADDS r9, r9, r11\n\t" /* A[2] * A[4] */ "LDR lr, [%[a], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "STR r9, [sp, #24]\n\t" "ADDS r10, r10, r11\n\t" /* A[2] * A[5] */ "LDR lr, [%[a], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[2] * A[6] */ "LDR lr, [%[a], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[2] * A[7] */ "LDR lr, [%[a], #28]\n\t" - "ADC r5, %[r], #0x0\n\t" + "ADC r5, %[r], #0\n\t" "UMLAL r4, r5, r12, lr\n\t" /* A[3] * A[4] */ "LDR r12, [%[a], #12]\n\t" "LDR lr, [%[a], #16]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "STR r10, [sp, #28]\n\t" "ADDS r3, r3, r11\n\t" /* A[3] * A[5] */ "LDR lr, [%[a], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[3] * A[6] */ "LDR lr, [%[a], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[3] * A[7] */ "LDR lr, [%[a], #28]\n\t" - "ADC r6, %[r], #0x0\n\t" + "ADC r6, %[r], #0\n\t" "UMLAL r5, r6, r12, lr\n\t" /* A[4] * A[5] */ "LDR r12, [%[a], #16]\n\t" "LDR lr, [%[a], #20]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[4] * A[6] */ "LDR lr, [%[a], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[4] * A[7] */ "LDR lr, [%[a], #28]\n\t" - "ADC r7, %[r], #0x0\n\t" + "ADC r7, %[r], #0\n\t" "UMLAL r6, r7, r12, lr\n\t" /* A[5] * A[6] */ "LDR r12, [%[a], #20]\n\t" "LDR lr, [%[a], #24]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[5] * A[7] */ "LDR lr, [%[a], #28]\n\t" - "ADC r8, %[r], #0x0\n\t" + "ADC r8, %[r], #0\n\t" "UMLAL r7, r8, r12, lr\n\t" /* A[6] * A[7] */ "LDR r12, [%[a], #24]\n\t" "LDR lr, [%[a], #28]\n\t" - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" "UMLAL r8, r9, r12, lr\n\t" - "ADD lr, sp, #0x20\n\t" + "ADD lr, sp, #32\n\t" "STM lr, {r3, r4, r5, r6, r7, r8, r9}\n\t" - "ADD lr, sp, #0x4\n\t" + "ADD lr, sp, #4\n\t" "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t" "ADDS r4, r4, r4\n\t" "ADCS r5, r5, r5\n\t" @@ -1850,9 +1850,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_8(sp_digit* r, "ADCS r7, r7, r7\n\t" "ADCS r8, r8, r8\n\t" "ADCS r9, r9, r9\n\t" - "ADC r10, %[r], #0x0\n\t" + "ADC r10, %[r], #0\n\t" "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" - "ADD lr, sp, #0x4\n\t" + "ADD lr, sp, #4\n\t" "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t" "MOV lr, sp\n\t" /* A[0] * A[0] */ @@ -1861,52 +1861,52 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_8(sp_digit* r, "ADDS r4, r4, r11\n\t" /* A[1] * A[1] */ "LDR r12, [%[a], #4]\n\t" - "ADCS r5, r5, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r5, r5, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, r12\n\t" "ADDS r6, r6, r11\n\t" /* A[2] * A[2] */ "LDR r12, [%[a], #8]\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r7, r7, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, r12\n\t" "ADDS r8, r8, r11\n\t" /* A[3] * A[3] */ "LDR r12, [%[a], #12]\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r9, r9, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, r12\n\t" "ADDS r10, r10, r11\n\t" "STM lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" "LDM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" /* A[4] * A[4] */ "LDR r12, [%[a], #16]\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r3, r3, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, r12\n\t" "ADDS r4, r4, r11\n\t" /* A[5] * A[5] */ "LDR r12, [%[a], #20]\n\t" - "ADCS r5, r5, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r5, r5, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, r12\n\t" "ADDS r6, r6, r11\n\t" /* A[6] * A[6] */ "LDR r12, [%[a], #24]\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r7, r7, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, r12\n\t" "ADDS r8, r8, r11\n\t" /* A[7] * A[7] */ "LDR r12, [%[a], #28]\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADC r10, r10, #0x0\n\t" + "ADCS r9, r9, #0\n\t" + "ADC r10, r10, #0\n\t" "UMLAL r9, r10, r12, r12\n\t" "LDR %[r], [sp, #64]\n\t" - "ADD %[r], %[r], #0x20\n\t" + "ADD %[r], %[r], #32\n\t" "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" "LDM sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" - "SUB %[r], %[r], #0x20\n\t" + "SUB %[r], %[r], #32\n\t" "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" "ADD sp, sp, #0x44\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG @@ -1924,8 +1924,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_8(sp_digit* r, #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_8(sp_digit* r_p, @@ -1941,13 +1941,13 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "SUB sp, sp, #0x20\n\t" + "SUB sp, sp, #32\n\t" "STR %[r], [sp, #28]\n\t" "LDM %[a], {r0, r1, r2, r3, r4, r5, r6, r7}\n\t" "UMULL r9, r10, r0, r0\n\t" "UMULL r11, r12, r0, r1\n\t" "ADDS r11, r11, r11\n\t" - "MOV lr, #0x0\n\t" + "MOV lr, #0\n\t" "UMAAL r10, r11, lr, lr\n\t" "STM sp, {r9, r10}\n\t" "MOV r8, lr\n\t" @@ -2024,7 +2024,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_8(sp_digit* r, /* R[14] = r9 */ /* R[15] = r7 */ "LDR lr, [sp, #28]\n\t" - "ADD lr, lr, #0x1c\n\t" + "ADD lr, lr, #28\n\t" "STM lr!, {r0, r12}\n\t" "STM lr!, {r11}\n\t" "STM lr!, {r10}\n\t" @@ -2033,7 +2033,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_8(sp_digit* r, "SUB lr, lr, #0x40\n\t" "LDM sp, {r0, r1, r2, r3, r4, r5, r6}\n\t" "STM lr, {r0, r1, r2, r3, r4, r5, r6}\n\t" - "ADD sp, sp, #0x20\n\t" + "ADD sp, sp, #32\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a) : @@ -2049,9 +2049,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_sqr_8(sp_digit* r, #endif /* WOLFSSL_ARM_ARCH_7M */ /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_8(sp_digit* r_p, @@ -2097,8 +2097,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_8(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a) { @@ -2133,9 +2133,9 @@ SP_NOINLINE static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_16(sp_digit* r_p, @@ -2195,8 +2195,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_16(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) { @@ -2231,9 +2231,9 @@ SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_32(sp_digit* r_p, @@ -2321,8 +2321,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_32(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a) { @@ -2359,9 +2359,9 @@ SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r_p, @@ -2378,7 +2378,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADD r12, %[a], #0x100\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -2394,8 +2394,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r, "ADCS r6, r6, r10\n\t" "ADCS r7, r7, r11\n\t" "STM %[r]!, {r4, r5, r6, r7}\n\t" - "MOV r4, #0x0\n\t" - "ADC r3, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r3, r4, #0\n\t" "CMP %[a], r12\n\t" #if defined(__GNUC__) "BNE L_sp_2048_add_64_word_%=\n\t" @@ -2422,8 +2422,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, @@ -2439,7 +2439,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "ADD r11, %[a], #0x100\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -2447,7 +2447,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a, #else "L_sp_2048_sub_in_place_64_word_%=:\n\t" #endif - "RSBS r10, r10, #0x0\n\t" + "RSBS r10, r10, #0\n\t" "LDM %[a], {r2, r3, r4, r5}\n\t" "LDM %[b]!, {r6, r7, r8, r9}\n\t" "SBCS r2, r2, r6\n\t" @@ -2482,9 +2482,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_mul_64(sp_digit* r_p, @@ -2506,9 +2506,9 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, "LDR r11, [%[b]]\n\t" "UMULL r8, r6, lr, r11\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_mul_64_outer:\n\t" @@ -2530,15 +2530,15 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "LDR lr, [%[a], r4]\n\t" "LDR r11, [%[b], r3]\n\t" "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_2048_mul_64_inner_done_%=\n\t" @@ -2559,7 +2559,7 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_mul_64_inner_done:\n\t" @@ -2569,8 +2569,8 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x1f4\n\t" #if defined(__GNUC__) "BLE L_sp_2048_mul_64_outer_%=\n\t" @@ -2583,7 +2583,7 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, "LDR r11, [%[b], #252]\n\t" "UMLAL r6, r7, lr, r11\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -2593,7 +2593,7 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_2048_mul_64_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -2615,8 +2615,8 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_sqr_64(sp_digit* r_p, @@ -2635,9 +2635,9 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a) "LDR lr, [%[a]]\n\t" "UMULL r8, r6, lr, lr\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_sqr_64_outer:\n\t" @@ -2659,12 +2659,12 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_2048_sqr_64_inner_done_%=\n\t" @@ -2684,7 +2684,7 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, lr\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_sqr_64_inner_done:\n\t" @@ -2694,8 +2694,8 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a) "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x1f4\n\t" #if defined(__GNUC__) "BLE L_sp_2048_sqr_64_outer_%=\n\t" @@ -2707,7 +2707,7 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a) "LDR lr, [%[a], #252]\n\t" "UMLAL r6, r7, lr, lr\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -2717,7 +2717,7 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a) #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_2048_sqr_64_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -2742,9 +2742,9 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -2759,9 +2759,9 @@ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r_p, @@ -2778,7 +2778,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADD r12, %[a], #0x80\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -2794,8 +2794,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r, "ADCS r6, r6, r10\n\t" "ADCS r7, r7, r11\n\t" "STM %[r]!, {r4, r5, r6, r7}\n\t" - "MOV r4, #0x0\n\t" - "ADC r3, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r3, r4, #0\n\t" "CMP %[a], r12\n\t" #if defined(__GNUC__) "BNE L_sp_2048_add_32_word_%=\n\t" @@ -2822,8 +2822,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, @@ -2839,7 +2839,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "ADD r11, %[a], #0x80\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -2847,7 +2847,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a, #else "L_sp_2048_sub_in_place_32_word_%=:\n\t" #endif - "RSBS r10, r10, #0x0\n\t" + "RSBS r10, r10, #0\n\t" "LDM %[a], {r2, r3, r4, r5}\n\t" "LDM %[b]!, {r6, r7, r8, r9}\n\t" "SBCS r2, r2, r6\n\t" @@ -2882,9 +2882,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_mul_32(sp_digit* r_p, @@ -2906,9 +2906,9 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, "LDR r11, [%[b]]\n\t" "UMULL r8, r6, lr, r11\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_mul_32_outer:\n\t" @@ -2930,15 +2930,15 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "LDR lr, [%[a], r4]\n\t" "LDR r11, [%[b], r3]\n\t" "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_2048_mul_32_inner_done_%=\n\t" @@ -2959,7 +2959,7 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_mul_32_inner_done:\n\t" @@ -2969,8 +2969,8 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0xf4\n\t" #if defined(__GNUC__) "BLE L_sp_2048_mul_32_outer_%=\n\t" @@ -2983,7 +2983,7 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, "LDR r11, [%[b], #124]\n\t" "UMLAL r6, r7, lr, r11\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -2993,7 +2993,7 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_2048_mul_32_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -3015,8 +3015,8 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r_p, @@ -3035,9 +3035,9 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) "LDR lr, [%[a]]\n\t" "UMULL r8, r6, lr, lr\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_sqr_32_outer:\n\t" @@ -3059,12 +3059,12 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_2048_sqr_32_inner_done_%=\n\t" @@ -3084,7 +3084,7 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, lr\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_sqr_32_inner_done:\n\t" @@ -3094,8 +3094,8 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0xf4\n\t" #if defined(__GNUC__) "BLE L_sp_2048_sqr_32_outer_%=\n\t" @@ -3107,7 +3107,7 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) "LDR lr, [%[a], #124]\n\t" "UMLAL r6, r7, lr, lr\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -3117,7 +3117,7 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_2048_sqr_32_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -3142,8 +3142,8 @@ WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a) /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -3163,9 +3163,9 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r_p, @@ -3185,10 +3185,10 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r, /* A[0] * B */ "LDR r8, [%[a]]\n\t" "UMULL r5, r3, %[b], r8\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "STR r5, [%[r]]\n\t" - "MOV r5, #0x0\n\t" - "MOV r9, #0x4\n\t" + "MOV r5, #0\n\t" + "MOV r9, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_mul_d_64_word:\n\t" @@ -3200,12 +3200,12 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r, "UMULL r6, r7, %[b], r8\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], r9]\n\t" "MOV r3, r4\n\t" "MOV r4, r5\n\t" - "MOV r5, #0x0\n\t" - "ADD r9, r9, #0x4\n\t" + "MOV r5, #0\n\t" + "ADD r9, r9, #4\n\t" "CMP r9, #0x100\n\t" #if defined(__GNUC__) "BLT L_sp_2048_mul_d_64_word_%=\n\t" @@ -3229,9 +3229,9 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r_p, @@ -3252,317 +3252,317 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r, "LDM %[a]!, {r8}\n\t" "UMULL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[1] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[2] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[3] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[4] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[5] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[6] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[7] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[8] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[9] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[10] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[11] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[12] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[13] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[14] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[15] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[16] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[17] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[18] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[19] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[20] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[21] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[22] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[23] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[24] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[25] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[26] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[27] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[28] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[29] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[30] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[31] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[32] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[33] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[34] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[35] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[36] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[37] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[38] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[39] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[40] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[41] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[42] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[43] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[44] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[45] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[46] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[47] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[48] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[49] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[50] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[51] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[52] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[53] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[54] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[55] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[56] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[57] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[58] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[59] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[60] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[61] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[62] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[63] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" @@ -3584,8 +3584,8 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m) { @@ -3599,10 +3599,11 @@ static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, @@ -3620,9 +3621,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r8, #0x0\n\t" - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r8, #0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_cond_sub_32_words:\n\t" @@ -3636,7 +3637,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r, "SBCS r6, r6, r7\n\t" "SBC r4, r8, r8\n\t" "STR r6, [%[r], r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x80\n\t" #if defined(__GNUC__) "BLT L_sp_2048_cond_sub_32_words_%=\n\t" @@ -3662,10 +3663,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, @@ -3683,7 +3685,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "LDM %[a]!, {r6, r7}\n\t" "LDM %[b]!, {r8, r9}\n\t" "AND r8, r8, %[m]\n\t" @@ -3814,9 +3816,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r, #ifndef WOLFSSL_SP_SMALL /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( @@ -3835,8 +3838,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( __asm__ __volatile__ ( "LDR lr, [%[m]]\n\t" /* i = 0 */ - "MOV r11, #0x0\n\t" - "MOV r3, #0x0\n\t" + "MOV r11, #0\n\t" + "MOV r3, #0\n\t" "LDR r4, [%[a]]\n\t" "LDR r5, [%[a], #4]\n\t" "\n" @@ -3848,263 +3851,263 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( /* mu = a[i] * mp */ "MUL r10, %[mp], r4\n\t" /* a[i+0] += m[0] * mu */ - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r4, r7, r10, lr\n\t" /* a[i+1] += m[1] * mu */ "LDR r9, [%[m], #4]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r5, r6, r10, r9\n\t" "MOV r4, r5\n\t" "ADDS r4, r4, r7\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+2] += m[2] * mu */ "LDR r9, [%[m], #8]\n\t" "LDR r5, [%[a], #8]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r5, r7, r10, r9\n\t" "ADDS r5, r5, r6\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+3] += m[3] * mu */ "LDR r9, [%[m], #12]\n\t" "LDR r12, [%[a], #12]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #12]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+4] += m[4] * mu */ "LDR r9, [%[m], #16]\n\t" "LDR r12, [%[a], #16]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #16]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+5] += m[5] * mu */ "LDR r9, [%[m], #20]\n\t" "LDR r12, [%[a], #20]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #20]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+6] += m[6] * mu */ "LDR r9, [%[m], #24]\n\t" "LDR r12, [%[a], #24]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #24]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+7] += m[7] * mu */ "LDR r9, [%[m], #28]\n\t" "LDR r12, [%[a], #28]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #28]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+8] += m[8] * mu */ "LDR r9, [%[m], #32]\n\t" "LDR r12, [%[a], #32]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #32]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+9] += m[9] * mu */ "LDR r9, [%[m], #36]\n\t" "LDR r12, [%[a], #36]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #36]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+10] += m[10] * mu */ "LDR r9, [%[m], #40]\n\t" "LDR r12, [%[a], #40]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #40]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+11] += m[11] * mu */ "LDR r9, [%[m], #44]\n\t" "LDR r12, [%[a], #44]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #44]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+12] += m[12] * mu */ "LDR r9, [%[m], #48]\n\t" "LDR r12, [%[a], #48]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #48]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+13] += m[13] * mu */ "LDR r9, [%[m], #52]\n\t" "LDR r12, [%[a], #52]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #52]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+14] += m[14] * mu */ "LDR r9, [%[m], #56]\n\t" "LDR r12, [%[a], #56]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #56]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+15] += m[15] * mu */ "LDR r9, [%[m], #60]\n\t" "LDR r12, [%[a], #60]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #60]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+16] += m[16] * mu */ "LDR r9, [%[m], #64]\n\t" "LDR r12, [%[a], #64]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #64]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+17] += m[17] * mu */ "LDR r9, [%[m], #68]\n\t" "LDR r12, [%[a], #68]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #68]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+18] += m[18] * mu */ "LDR r9, [%[m], #72]\n\t" "LDR r12, [%[a], #72]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #72]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+19] += m[19] * mu */ "LDR r9, [%[m], #76]\n\t" "LDR r12, [%[a], #76]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #76]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+20] += m[20] * mu */ "LDR r9, [%[m], #80]\n\t" "LDR r12, [%[a], #80]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #80]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+21] += m[21] * mu */ "LDR r9, [%[m], #84]\n\t" "LDR r12, [%[a], #84]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #84]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+22] += m[22] * mu */ "LDR r9, [%[m], #88]\n\t" "LDR r12, [%[a], #88]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #88]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+23] += m[23] * mu */ "LDR r9, [%[m], #92]\n\t" "LDR r12, [%[a], #92]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #92]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+24] += m[24] * mu */ "LDR r9, [%[m], #96]\n\t" "LDR r12, [%[a], #96]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #96]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+25] += m[25] * mu */ "LDR r9, [%[m], #100]\n\t" "LDR r12, [%[a], #100]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #100]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+26] += m[26] * mu */ "LDR r9, [%[m], #104]\n\t" "LDR r12, [%[a], #104]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #104]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+27] += m[27] * mu */ "LDR r9, [%[m], #108]\n\t" "LDR r12, [%[a], #108]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #108]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+28] += m[28] * mu */ "LDR r9, [%[m], #112]\n\t" "LDR r12, [%[a], #112]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #112]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+29] += m[29] * mu */ "LDR r9, [%[m], #116]\n\t" "LDR r12, [%[a], #116]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #116]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+30] += m[30] * mu */ "LDR r9, [%[m], #120]\n\t" "LDR r12, [%[a], #120]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #120]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+31] += m[31] * mu */ "LDR r9, [%[m], #124]\n\t" "LDR r12, [%[a], #124]\n\t" "UMULL r8, r9, r10, r9\n\t" "ADDS r7, r7, r8\n\t" "ADCS r6, r9, r3\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADC r3, r3, r3\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #124]\n\t" "LDR r12, [%[a], #128]\n\t" "ADCS r12, r12, r6\n\t" "STR r12, [%[a], #128]\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* i += 1 */ - "ADD r11, r11, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r11, r11, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r11, #0x80\n\t" #if defined(__GNUC__) "BLT L_sp_2048_mont_reduce_32_word_%=\n\t" @@ -4133,9 +4136,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( #else /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( @@ -4154,9 +4158,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( __asm__ __volatile__ ( "LDR r11, [%[m]]\n\t" /* i = 0 */ - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" /* ca = 0 */ - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_mont_reduce_32_word:\n\t" @@ -4167,8 +4171,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( "LDR r10, [%[a]]\n\t" "MUL r8, %[mp], r10\n\t" /* j = 0 */ - "MOV r12, #0x0\n\t" - "MOV r4, #0x0\n\t" + "MOV r12, #0\n\t" + "MOV r4, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_mont_reduce_32_mul:\n\t" @@ -4178,43 +4182,43 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( /* a[i+j+0] += m[j+0] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+1] += m[j+1] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+2] += m[j+2] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+3] += m[j+3] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" "CMP r12, #0x80\n\t" #if defined(__GNUC__) "BLT L_sp_2048_mont_reduce_32_mul_%=\n\t" @@ -4225,14 +4229,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( #endif "LDR r10, [%[a], #128]\n\t" "ADDS r4, r4, r3\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r10, r10, r4\n\t" "ADC r3, r3, r3\n\t" "STR r10, [%[a], #128]\n\t" /* i += 1 */ - "ADD r9, r9, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r9, r9, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r9, #0x80\n\t" #if defined(__GNUC__) "BLT L_sp_2048_mont_reduce_32_word_%=\n\t" @@ -4261,9 +4265,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( #ifndef WOLFSSL_SP_SMALL /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( @@ -4281,8 +4286,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( __asm__ __volatile__ ( /* i = 0 */ - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "LDR r6, [%[a]]\n\t" "LDR r7, [%[a], #4]\n\t" "LDR r8, [%[a], #8]\n\t" @@ -4298,7 +4303,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( "MUL lr, %[mp], r6\n\t" /* a[i+0] += m[0] * mu */ "LDR r12, [%[m]]\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "UMAAL r6, r3, lr, r12\n\t" /* a[i+1] += m[1] * mu */ "LDR r12, [%[m], #4]\n\t" @@ -4450,15 +4455,15 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( "LDR r11, [%[a], #124]\n\t" "UMAAL r11, r3, lr, r12\n\t" "LDR lr, [%[a], #128]\n\t" - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "UMAAL r3, lr, r12, r12\n\t" "STR r11, [%[a], #124]\n\t" "ADDS r3, r3, r5\n\t" - "ADC r5, lr, #0x0\n\t" + "ADC r5, lr, #0\n\t" "STR r3, [%[a], #128]\n\t" /* i += 1 */ - "ADD r4, r4, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r4, r4, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r4, #0x80\n\t" #if defined(__GNUC__) "BLT L_sp_2048_mont_reduce_32_word_%=\n\t" @@ -4490,9 +4495,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( #else /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( @@ -4511,9 +4517,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( __asm__ __volatile__ ( "LDR r11, [%[m]]\n\t" /* i = 0 */ - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" /* ca = 0 */ - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_mont_reduce_32_word:\n\t" @@ -4524,8 +4530,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( "LDR r10, [%[a]]\n\t" "MUL r8, %[mp], r10\n\t" /* j = 0 */ - "MOV r12, #0x0\n\t" - "MOV r4, #0x0\n\t" + "MOV r12, #0\n\t" + "MOV r4, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_mont_reduce_32_mul:\n\t" @@ -4538,28 +4544,28 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+1] += m[j+1] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+2] += m[j+2] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+3] += m[j+3] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" "CMP r12, #0x80\n\t" #if defined(__GNUC__) "BLT L_sp_2048_mont_reduce_32_mul_%=\n\t" @@ -4570,14 +4576,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( #endif "LDR r10, [%[a], #128]\n\t" "ADDS r4, r4, r3\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r10, r10, r4\n\t" "ADC r3, r3, r3\n\t" "STR r10, [%[a], #128]\n\t" /* i += 1 */ - "ADD r9, r9, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r9, r9, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r9, #0x80\n\t" #if defined(__GNUC__) "BLT L_sp_2048_mont_reduce_32_word_%=\n\t" @@ -4606,11 +4612,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -4621,10 +4627,10 @@ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -4636,9 +4642,9 @@ SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r_p, @@ -4658,10 +4664,10 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r, /* A[0] * B */ "LDR r8, [%[a]]\n\t" "UMULL r5, r3, %[b], r8\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "STR r5, [%[r]]\n\t" - "MOV r5, #0x0\n\t" - "MOV r9, #0x4\n\t" + "MOV r5, #0\n\t" + "MOV r9, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_mul_d_32_word:\n\t" @@ -4673,12 +4679,12 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r, "UMULL r6, r7, %[b], r8\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], r9]\n\t" "MOV r3, r4\n\t" "MOV r4, r5\n\t" - "MOV r5, #0x0\n\t" - "ADD r9, r9, #0x4\n\t" + "MOV r5, #0\n\t" + "ADD r9, r9, #4\n\t" "CMP r9, #0x80\n\t" #if defined(__GNUC__) "BLT L_sp_2048_mul_d_32_word_%=\n\t" @@ -4702,9 +4708,9 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r_p, @@ -4725,157 +4731,157 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r, "LDM %[a]!, {r8}\n\t" "UMULL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[1] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[2] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[3] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[4] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[5] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[6] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[7] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[8] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[9] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[10] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[11] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[12] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[13] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[14] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[15] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[16] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[17] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[18] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[19] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[20] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[21] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[22] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[23] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[24] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[25] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[26] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[27] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[28] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[29] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[30] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[31] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" @@ -4896,10 +4902,11 @@ WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -4919,7 +4926,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_32(sp_digit d1, __asm__ __volatile__ ( "LSR r8, %[div], #16\n\t" - "ADD r5, r8, #0x1\n\t" + "ADD r5, r8, #1\n\t" "UDIV r6, %[d1], r5\n\t" "LSL r7, %[div], #16\n\t" "LSL r6, r6, #16\n\t" @@ -4928,8 +4935,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_32(sp_digit d1, "SBC %[d1], %[d1], r4\n\t" "SUBS r3, %[d1], r5\n\t" "SBC r9, r9, r9\n\t" - "ADD r9, r9, #0x1\n\t" - "RSB r10, r9, #0x0\n\t" + "ADD r9, r9, #1\n\t" + "RSB r10, r9, #0\n\t" "LSL r9, r9, #16\n\t" "AND r7, r7, r10\n\t" "AND r8, r8, r10\n\t" @@ -4968,10 +4975,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_32(sp_digit d1, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -4991,18 +4999,18 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_32(sp_digit d1, __asm__ __volatile__ ( "LSR r5, %[div], #1\n\t" - "ADD r5, r5, #0x1\n\t" + "ADD r5, r5, #1\n\t" "MOV r6, %[d0]\n\t" "MOV r7, %[d1]\n\t" /* Do top 32 */ "SUBS r8, r5, r7\n\t" "SBC r8, r8, r8\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" /* Next 30 bits */ - "MOV r4, #0x1d\n\t" + "MOV r4, #29\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_div_2048_word_32_bit:\n\t" @@ -5017,7 +5025,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_32(sp_digit d1, "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" - "SUBS r4, r4, #0x1\n\t" + "SUBS r4, r4, #1\n\t" #if defined(__GNUC__) "BPL L_div_2048_word_32_bit_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -5026,7 +5034,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_32(sp_digit d1, "BPL.N L_div_2048_word_32_bit_%=\n\t" #endif "ADD r3, r3, r3\n\t" - "ADD r3, r3, #0x1\n\t" + "ADD r3, r3, #1\n\t" "UMULL r6, r7, r3, %[div]\n\t" "SUBS r9, %[d0], r6\n\t" "SBC r10, %[d1], r7\n\t" @@ -5057,10 +5065,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_32(sp_digit d1, #endif /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_32(const sp_digit* a_p, @@ -5077,8 +5086,8 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_32(const sp_digit* a, __asm__ __volatile__ ( "MOV r2, #0xffffffff\n\t" - "MOV r8, #0x1\n\t" - "MOV r7, #0x0\n\t" + "MOV r8, #1\n\t" + "MOV r7, #0\n\t" "MOV r3, #0xffffffff\n\t" #ifdef WOLFSSL_SP_SMALL "MOV r6, #0x7c\n\t" @@ -5099,7 +5108,7 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_32(const sp_digit* a, "movlo r2, r3\n\t" "IT ne\n\t" "movne r3, r7\n\t" - "SUBS r6, r6, #0x4\n\t" + "SUBS r6, r6, #4\n\t" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "bcs L_sp_2048_cmp_32_words\n\t" #else @@ -5477,11 +5486,12 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_32(const sp_digit* a, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -5519,10 +5529,11 @@ static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -5532,14 +5543,17 @@ static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a, const sp_dig #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -5669,14 +5683,17 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -5828,8 +5845,8 @@ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_64(sp_digit* r, const sp_digit* m) { @@ -5844,10 +5861,11 @@ static void sp_2048_mont_norm_64(sp_digit* r, const sp_digit* m) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, @@ -5865,9 +5883,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r8, #0x0\n\t" - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r8, #0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_cond_sub_64_words:\n\t" @@ -5881,7 +5899,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r, "SBCS r6, r6, r7\n\t" "SBC r4, r8, r8\n\t" "STR r6, [%[r], r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x100\n\t" #if defined(__GNUC__) "BLT L_sp_2048_cond_sub_64_words_%=\n\t" @@ -5907,10 +5925,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, @@ -5928,7 +5947,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "LDM %[a]!, {r6, r7}\n\t" "LDM %[b]!, {r8, r9}\n\t" "AND r8, r8, %[m]\n\t" @@ -6171,9 +6190,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r, #ifndef WOLFSSL_SP_SMALL /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( @@ -6192,8 +6212,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( __asm__ __volatile__ ( "LDR lr, [%[m]]\n\t" /* i = 0 */ - "MOV r11, #0x0\n\t" - "MOV r3, #0x0\n\t" + "MOV r11, #0\n\t" + "MOV r3, #0\n\t" "LDR r4, [%[a]]\n\t" "LDR r5, [%[a], #4]\n\t" "\n" @@ -6205,519 +6225,519 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( /* mu = a[i] * mp */ "MUL r10, %[mp], r4\n\t" /* a[i+0] += m[0] * mu */ - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r4, r7, r10, lr\n\t" /* a[i+1] += m[1] * mu */ "LDR r9, [%[m], #4]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r5, r6, r10, r9\n\t" "MOV r4, r5\n\t" "ADDS r4, r4, r7\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+2] += m[2] * mu */ "LDR r9, [%[m], #8]\n\t" "LDR r5, [%[a], #8]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r5, r7, r10, r9\n\t" "ADDS r5, r5, r6\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+3] += m[3] * mu */ "LDR r9, [%[m], #12]\n\t" "LDR r12, [%[a], #12]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #12]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+4] += m[4] * mu */ "LDR r9, [%[m], #16]\n\t" "LDR r12, [%[a], #16]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #16]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+5] += m[5] * mu */ "LDR r9, [%[m], #20]\n\t" "LDR r12, [%[a], #20]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #20]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+6] += m[6] * mu */ "LDR r9, [%[m], #24]\n\t" "LDR r12, [%[a], #24]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #24]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+7] += m[7] * mu */ "LDR r9, [%[m], #28]\n\t" "LDR r12, [%[a], #28]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #28]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+8] += m[8] * mu */ "LDR r9, [%[m], #32]\n\t" "LDR r12, [%[a], #32]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #32]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+9] += m[9] * mu */ "LDR r9, [%[m], #36]\n\t" "LDR r12, [%[a], #36]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #36]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+10] += m[10] * mu */ "LDR r9, [%[m], #40]\n\t" "LDR r12, [%[a], #40]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #40]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+11] += m[11] * mu */ "LDR r9, [%[m], #44]\n\t" "LDR r12, [%[a], #44]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #44]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+12] += m[12] * mu */ "LDR r9, [%[m], #48]\n\t" "LDR r12, [%[a], #48]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #48]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+13] += m[13] * mu */ "LDR r9, [%[m], #52]\n\t" "LDR r12, [%[a], #52]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #52]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+14] += m[14] * mu */ "LDR r9, [%[m], #56]\n\t" "LDR r12, [%[a], #56]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #56]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+15] += m[15] * mu */ "LDR r9, [%[m], #60]\n\t" "LDR r12, [%[a], #60]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #60]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+16] += m[16] * mu */ "LDR r9, [%[m], #64]\n\t" "LDR r12, [%[a], #64]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #64]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+17] += m[17] * mu */ "LDR r9, [%[m], #68]\n\t" "LDR r12, [%[a], #68]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #68]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+18] += m[18] * mu */ "LDR r9, [%[m], #72]\n\t" "LDR r12, [%[a], #72]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #72]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+19] += m[19] * mu */ "LDR r9, [%[m], #76]\n\t" "LDR r12, [%[a], #76]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #76]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+20] += m[20] * mu */ "LDR r9, [%[m], #80]\n\t" "LDR r12, [%[a], #80]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #80]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+21] += m[21] * mu */ "LDR r9, [%[m], #84]\n\t" "LDR r12, [%[a], #84]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #84]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+22] += m[22] * mu */ "LDR r9, [%[m], #88]\n\t" "LDR r12, [%[a], #88]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #88]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+23] += m[23] * mu */ "LDR r9, [%[m], #92]\n\t" "LDR r12, [%[a], #92]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #92]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+24] += m[24] * mu */ "LDR r9, [%[m], #96]\n\t" "LDR r12, [%[a], #96]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #96]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+25] += m[25] * mu */ "LDR r9, [%[m], #100]\n\t" "LDR r12, [%[a], #100]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #100]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+26] += m[26] * mu */ "LDR r9, [%[m], #104]\n\t" "LDR r12, [%[a], #104]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #104]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+27] += m[27] * mu */ "LDR r9, [%[m], #108]\n\t" "LDR r12, [%[a], #108]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #108]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+28] += m[28] * mu */ "LDR r9, [%[m], #112]\n\t" "LDR r12, [%[a], #112]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #112]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+29] += m[29] * mu */ "LDR r9, [%[m], #116]\n\t" "LDR r12, [%[a], #116]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #116]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+30] += m[30] * mu */ "LDR r9, [%[m], #120]\n\t" "LDR r12, [%[a], #120]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #120]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+31] += m[31] * mu */ "LDR r9, [%[m], #124]\n\t" "LDR r12, [%[a], #124]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #124]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+32] += m[32] * mu */ "LDR r9, [%[m], #128]\n\t" "LDR r12, [%[a], #128]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #128]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+33] += m[33] * mu */ "LDR r9, [%[m], #132]\n\t" "LDR r12, [%[a], #132]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #132]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+34] += m[34] * mu */ "LDR r9, [%[m], #136]\n\t" "LDR r12, [%[a], #136]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #136]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+35] += m[35] * mu */ "LDR r9, [%[m], #140]\n\t" "LDR r12, [%[a], #140]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #140]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+36] += m[36] * mu */ "LDR r9, [%[m], #144]\n\t" "LDR r12, [%[a], #144]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #144]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+37] += m[37] * mu */ "LDR r9, [%[m], #148]\n\t" "LDR r12, [%[a], #148]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #148]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+38] += m[38] * mu */ "LDR r9, [%[m], #152]\n\t" "LDR r12, [%[a], #152]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #152]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+39] += m[39] * mu */ "LDR r9, [%[m], #156]\n\t" "LDR r12, [%[a], #156]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #156]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+40] += m[40] * mu */ "LDR r9, [%[m], #160]\n\t" "LDR r12, [%[a], #160]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #160]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+41] += m[41] * mu */ "LDR r9, [%[m], #164]\n\t" "LDR r12, [%[a], #164]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #164]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+42] += m[42] * mu */ "LDR r9, [%[m], #168]\n\t" "LDR r12, [%[a], #168]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #168]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+43] += m[43] * mu */ "LDR r9, [%[m], #172]\n\t" "LDR r12, [%[a], #172]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #172]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+44] += m[44] * mu */ "LDR r9, [%[m], #176]\n\t" "LDR r12, [%[a], #176]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #176]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+45] += m[45] * mu */ "LDR r9, [%[m], #180]\n\t" "LDR r12, [%[a], #180]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #180]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+46] += m[46] * mu */ "LDR r9, [%[m], #184]\n\t" "LDR r12, [%[a], #184]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #184]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+47] += m[47] * mu */ "LDR r9, [%[m], #188]\n\t" "LDR r12, [%[a], #188]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #188]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+48] += m[48] * mu */ "LDR r9, [%[m], #192]\n\t" "LDR r12, [%[a], #192]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #192]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+49] += m[49] * mu */ "LDR r9, [%[m], #196]\n\t" "LDR r12, [%[a], #196]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #196]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+50] += m[50] * mu */ "LDR r9, [%[m], #200]\n\t" "LDR r12, [%[a], #200]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #200]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+51] += m[51] * mu */ "LDR r9, [%[m], #204]\n\t" "LDR r12, [%[a], #204]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #204]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+52] += m[52] * mu */ "LDR r9, [%[m], #208]\n\t" "LDR r12, [%[a], #208]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #208]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+53] += m[53] * mu */ "LDR r9, [%[m], #212]\n\t" "LDR r12, [%[a], #212]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #212]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+54] += m[54] * mu */ "LDR r9, [%[m], #216]\n\t" "LDR r12, [%[a], #216]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #216]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+55] += m[55] * mu */ "LDR r9, [%[m], #220]\n\t" "LDR r12, [%[a], #220]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #220]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+56] += m[56] * mu */ "LDR r9, [%[m], #224]\n\t" "LDR r12, [%[a], #224]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #224]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+57] += m[57] * mu */ "LDR r9, [%[m], #228]\n\t" "LDR r12, [%[a], #228]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #228]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+58] += m[58] * mu */ "LDR r9, [%[m], #232]\n\t" "LDR r12, [%[a], #232]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #232]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+59] += m[59] * mu */ "LDR r9, [%[m], #236]\n\t" "LDR r12, [%[a], #236]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #236]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+60] += m[60] * mu */ "LDR r9, [%[m], #240]\n\t" "LDR r12, [%[a], #240]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #240]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+61] += m[61] * mu */ "LDR r9, [%[m], #244]\n\t" "LDR r12, [%[a], #244]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #244]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+62] += m[62] * mu */ "LDR r9, [%[m], #248]\n\t" "LDR r12, [%[a], #248]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #248]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+63] += m[63] * mu */ "LDR r9, [%[m], #252]\n\t" "LDR r12, [%[a], #252]\n\t" "UMULL r8, r9, r10, r9\n\t" "ADDS r7, r7, r8\n\t" "ADCS r6, r9, r3\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADC r3, r3, r3\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #252]\n\t" "LDR r12, [%[a], #256]\n\t" "ADCS r12, r12, r6\n\t" "STR r12, [%[a], #256]\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* i += 1 */ - "ADD r11, r11, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r11, r11, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r11, #0x100\n\t" #if defined(__GNUC__) "BLT L_sp_2048_mont_reduce_64_word_%=\n\t" @@ -6746,9 +6766,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( #else /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( @@ -6767,9 +6788,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( __asm__ __volatile__ ( "LDR r11, [%[m]]\n\t" /* i = 0 */ - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" /* ca = 0 */ - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_mont_reduce_64_word:\n\t" @@ -6780,8 +6801,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( "LDR r10, [%[a]]\n\t" "MUL r8, %[mp], r10\n\t" /* j = 0 */ - "MOV r12, #0x0\n\t" - "MOV r4, #0x0\n\t" + "MOV r12, #0\n\t" + "MOV r4, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_mont_reduce_64_mul:\n\t" @@ -6791,43 +6812,43 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( /* a[i+j+0] += m[j+0] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+1] += m[j+1] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+2] += m[j+2] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+3] += m[j+3] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" "CMP r12, #0x100\n\t" #if defined(__GNUC__) "BLT L_sp_2048_mont_reduce_64_mul_%=\n\t" @@ -6838,14 +6859,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( #endif "LDR r10, [%[a], #256]\n\t" "ADDS r4, r4, r3\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r10, r10, r4\n\t" "ADC r3, r3, r3\n\t" "STR r10, [%[a], #256]\n\t" /* i += 1 */ - "ADD r9, r9, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r9, r9, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r9, #0x100\n\t" #if defined(__GNUC__) "BLT L_sp_2048_mont_reduce_64_word_%=\n\t" @@ -6874,9 +6895,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( #ifndef WOLFSSL_SP_SMALL /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( @@ -6894,8 +6916,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( __asm__ __volatile__ ( /* i = 0 */ - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "LDR r6, [%[a]]\n\t" "LDR r7, [%[a], #4]\n\t" "LDR r8, [%[a], #8]\n\t" @@ -6911,7 +6933,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( "MUL lr, %[mp], r6\n\t" /* a[i+0] += m[0] * mu */ "LDR r12, [%[m]]\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "UMAAL r6, r3, lr, r12\n\t" /* a[i+1] += m[1] * mu */ "LDR r12, [%[m], #4]\n\t" @@ -7223,15 +7245,15 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( "LDR r11, [%[a], #252]\n\t" "UMAAL r11, r3, lr, r12\n\t" "LDR lr, [%[a], #256]\n\t" - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "UMAAL r3, lr, r12, r12\n\t" "STR r11, [%[a], #252]\n\t" "ADDS r3, r3, r5\n\t" - "ADC r5, lr, #0x0\n\t" + "ADC r5, lr, #0\n\t" "STR r3, [%[a], #256]\n\t" /* i += 1 */ - "ADD r4, r4, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r4, r4, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r4, #0x100\n\t" #if defined(__GNUC__) "BLT L_sp_2048_mont_reduce_64_word_%=\n\t" @@ -7263,9 +7285,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( #else /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( @@ -7284,9 +7307,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( __asm__ __volatile__ ( "LDR r11, [%[m]]\n\t" /* i = 0 */ - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" /* ca = 0 */ - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_mont_reduce_64_word:\n\t" @@ -7297,8 +7320,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( "LDR r10, [%[a]]\n\t" "MUL r8, %[mp], r10\n\t" /* j = 0 */ - "MOV r12, #0x0\n\t" - "MOV r4, #0x0\n\t" + "MOV r12, #0\n\t" + "MOV r4, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_mont_reduce_64_mul:\n\t" @@ -7311,28 +7334,28 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+1] += m[j+1] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+2] += m[j+2] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+3] += m[j+3] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" "CMP r12, #0x100\n\t" #if defined(__GNUC__) "BLT L_sp_2048_mont_reduce_64_mul_%=\n\t" @@ -7343,14 +7366,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( #endif "LDR r10, [%[a], #256]\n\t" "ADDS r4, r4, r3\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r10, r10, r4\n\t" "ADC r3, r3, r3\n\t" "STR r10, [%[a], #256]\n\t" /* i += 1 */ - "ADD r9, r9, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r9, r9, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r9, #0x100\n\t" #if defined(__GNUC__) "BLT L_sp_2048_mont_reduce_64_word_%=\n\t" @@ -7379,11 +7402,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -7394,10 +7417,10 @@ SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -7409,9 +7432,9 @@ SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r_p, @@ -7428,7 +7451,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "ADD r12, %[a], #0x100\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -7436,7 +7459,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r, #else "L_sp_2048_sub_64_word_%=:\n\t" #endif - "RSBS r11, r11, #0x0\n\t" + "RSBS r11, r11, #0\n\t" "LDM %[a]!, {r3, r4, r5, r6}\n\t" "LDM %[b]!, {r7, r8, r9, r10}\n\t" "SBCS r3, r3, r7\n\t" @@ -7470,9 +7493,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r_p, @@ -7618,10 +7641,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -7641,7 +7665,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_64(sp_digit d1, __asm__ __volatile__ ( "LSR r8, %[div], #16\n\t" - "ADD r5, r8, #0x1\n\t" + "ADD r5, r8, #1\n\t" "UDIV r6, %[d1], r5\n\t" "LSL r7, %[div], #16\n\t" "LSL r6, r6, #16\n\t" @@ -7650,8 +7674,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_64(sp_digit d1, "SBC %[d1], %[d1], r4\n\t" "SUBS r3, %[d1], r5\n\t" "SBC r9, r9, r9\n\t" - "ADD r9, r9, #0x1\n\t" - "RSB r10, r9, #0x0\n\t" + "ADD r9, r9, #1\n\t" + "RSB r10, r9, #0\n\t" "LSL r9, r9, #16\n\t" "AND r7, r7, r10\n\t" "AND r8, r8, r10\n\t" @@ -7690,10 +7714,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_64(sp_digit d1, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -7713,18 +7738,18 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_64(sp_digit d1, __asm__ __volatile__ ( "LSR r5, %[div], #1\n\t" - "ADD r5, r5, #0x1\n\t" + "ADD r5, r5, #1\n\t" "MOV r6, %[d0]\n\t" "MOV r7, %[d1]\n\t" /* Do top 32 */ "SUBS r8, r5, r7\n\t" "SBC r8, r8, r8\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" /* Next 30 bits */ - "MOV r4, #0x1d\n\t" + "MOV r4, #29\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_div_2048_word_64_bit:\n\t" @@ -7739,7 +7764,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_64(sp_digit d1, "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" - "SUBS r4, r4, #0x1\n\t" + "SUBS r4, r4, #1\n\t" #if defined(__GNUC__) "BPL L_div_2048_word_64_bit_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -7748,7 +7773,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_64(sp_digit d1, "BPL.N L_div_2048_word_64_bit_%=\n\t" #endif "ADD r3, r3, r3\n\t" - "ADD r3, r3, #0x1\n\t" + "ADD r3, r3, #1\n\t" "UMULL r6, r7, r3, %[div]\n\t" "SUBS r9, %[d0], r6\n\t" "SBC r10, %[d1], r7\n\t" @@ -7780,11 +7805,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_2048_word_64(sp_digit d1, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -7838,10 +7864,11 @@ static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_mod_64_cond(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -7852,9 +7879,9 @@ static WC_INLINE int sp_2048_mod_64_cond(sp_digit* r, const sp_digit* a, const s #if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_64(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -7882,10 +7909,11 @@ static void sp_2048_mask_64(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_64(const sp_digit* a_p, @@ -7902,8 +7930,8 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_64(const sp_digit* a, __asm__ __volatile__ ( "MOV r2, #0xffffffff\n\t" - "MOV r8, #0x1\n\t" - "MOV r7, #0x0\n\t" + "MOV r8, #1\n\t" + "MOV r7, #0\n\t" "MOV r3, #0xffffffff\n\t" #ifdef WOLFSSL_SP_SMALL "MOV r6, #0xfc\n\t" @@ -7924,7 +7952,7 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_64(const sp_digit* a, "movlo r2, r3\n\t" "IT ne\n\t" "movne r3, r7\n\t" - "SUBS r6, r6, #0x4\n\t" + "SUBS r6, r6, #4\n\t" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "bcs L_sp_2048_cmp_64_words\n\t" #else @@ -8654,11 +8682,12 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_64(const sp_digit* a, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -8696,10 +8725,11 @@ static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_mod_64(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -8712,14 +8742,17 @@ static WC_INLINE int sp_2048_mod_64(sp_digit* r, const sp_digit* a, const sp_dig #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -8840,14 +8873,17 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -8981,15 +9017,19 @@ static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -9130,10 +9170,11 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r_p, @@ -9151,9 +9192,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r5, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r4, #0x0\n\t" + "MOV r5, #0\n\t" + "MOV r8, #0\n\t" + "MOV r4, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_2048_cond_add_32_words:\n\t" @@ -9167,7 +9208,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r, "ADCS r6, r6, r7\n\t" "ADC r5, r8, r8\n\t" "STR r6, [%[r], r4]\n\t" - "ADD r4, r4, #0x4\n\t" + "ADD r4, r4, #4\n\t" "CMP r4, #0x80\n\t" #if defined(__GNUC__) "BLT L_sp_2048_cond_add_32_words_%=\n\t" @@ -9193,10 +9234,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r_p, @@ -9214,7 +9256,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "LDM %[a]!, {r6, r7}\n\t" "LDM %[b]!, {r8, r9}\n\t" "AND r8, r8, %[m]\n\t" @@ -9344,20 +9386,24 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -9496,8 +9542,8 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) { @@ -9564,12 +9610,14 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -9614,6 +9662,12 @@ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_2048 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_2048_lshift_64(sp_digit* r_p, const sp_digit* a_p, byte n_p) @@ -9629,7 +9683,7 @@ WC_OMIT_FRAME_POINTER static void sp_2048_lshift_64(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "RSB r7, %[n], #0x1f\n\t" + "RSB r7, %[n], #31\n\t" "LDR r5, [%[a], #252]\n\t" "LSR r6, r5, #1\n\t" "LSL r5, r5, %[n]\n\t" @@ -10027,13 +10081,15 @@ WC_OMIT_FRAME_POINTER static void sp_2048_lshift_64(sp_digit* r, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -10139,15 +10195,17 @@ static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -10205,12 +10263,14 @@ int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -10262,10 +10322,10 @@ int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifndef WOLFSSL_SP_NO_3072 /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -10309,9 +10369,9 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -10398,8 +10458,8 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 384 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_3072_to_bin_96(sp_digit* r, byte* a) { @@ -10417,23 +10477,23 @@ static void sp_3072_to_bin_96(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_3072_norm_96(a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_3072_norm_96(a) #ifndef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_mul_12(sp_digit* r_p, @@ -10450,997 +10510,997 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_12(sp_digit* r, const sp_digit* a, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "SUB sp, sp, #0x30\n\t" + "SUB sp, sp, #48\n\t" /* A[0] * B[0] */ "LDR r11, [%[a]]\n\t" "LDR r12, [%[b]]\n\t" "UMULL r3, r4, r11, r12\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "STR r3, [sp]\n\t" /* A[0] * B[1] */ "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[0] */ "LDR r8, [%[a], #4]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #4]\n\t" /* A[2] * B[0] */ "LDR r8, [%[a], #8]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[1] */ "LDR r11, [%[a], #4]\n\t" "LDR r12, [%[b], #4]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[0] * B[2] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #8]\n\t" /* A[0] * B[3] */ "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[2] */ "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[1] */ "LDR r8, [%[a], #8]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[0] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #12]\n\t" /* A[4] * B[0] */ "LDR r8, [%[a], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[1] */ "LDR r8, [%[a], #12]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[2] */ "LDR r11, [%[a], #8]\n\t" "LDR r12, [%[b], #8]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[3] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[0] * B[4] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #16]\n\t" /* A[0] * B[5] */ "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[4] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[2] * B[3] */ "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[2] */ "LDR r8, [%[a], #12]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[1] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[0] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #20]\n\t" /* A[6] * B[0] */ "LDR r8, [%[a], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[1] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[2] */ "LDR r8, [%[a], #16]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[3] */ "LDR r11, [%[a], #12]\n\t" "LDR r12, [%[b], #12]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[4] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[5] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[0] * B[6] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #24]\n\t" /* A[0] * B[7] */ "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[6] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[5] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[4] */ "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[4] * B[3] */ "LDR r8, [%[a], #16]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[2] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[1] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[0] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #28]\n\t" /* A[8] * B[0] */ "LDR r8, [%[a], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[1] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[2] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[3] */ "LDR r8, [%[a], #20]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[4] */ "LDR r11, [%[a], #16]\n\t" "LDR r12, [%[b], #16]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[5] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[2] * B[6] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[7] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[0] * B[8] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #32]\n\t" /* A[0] * B[9] */ "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[8] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[7] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[6] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[5] */ "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[4] */ "LDR r8, [%[a], #20]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[6] * B[3] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[2] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[1] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[0] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #36]\n\t" /* A[10] * B[0] */ "LDR r8, [%[a], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[1] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[2] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[3] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[4] */ "LDR r8, [%[a], #24]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[5] */ "LDR r11, [%[a], #20]\n\t" "LDR r12, [%[b], #20]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[4] * B[6] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[7] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[8] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[9] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[0] * B[10] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #40]\n\t" /* A[0] * B[11] */ "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[10] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[2] * B[9] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[8] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[7] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[6] */ "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[5] */ "LDR r8, [%[a], #24]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[4] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * B[3] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[2] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[1] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[0] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #44]\n\t" /* A[11] * B[1] */ "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[2] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[3] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[4] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[5] */ "LDR r8, [%[a], #28]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[6] * B[6] */ "LDR r11, [%[a], #24]\n\t" "LDR r12, [%[b], #24]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[7] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[8] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[9] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[10] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[11] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #48]\n\t" /* A[2] * B[11] */ "LDR r8, [%[a], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[10] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[4] * B[9] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[8] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[7] */ "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[6] */ "LDR r8, [%[a], #28]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[5] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[4] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * B[3] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[11] * B[2] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #52]\n\t" /* A[11] * B[3] */ "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[4] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[5] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * B[6] */ "LDR r8, [%[a], #32]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[7] */ "LDR r11, [%[a], #28]\n\t" "LDR r12, [%[b], #28]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[8] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[9] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[10] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[11] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #56]\n\t" /* A[4] * B[11] */ "LDR r8, [%[a], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[10] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[6] * B[9] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[8] */ "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[7] */ "LDR r8, [%[a], #32]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[6] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[5] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[11] * B[4] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #60]\n\t" /* A[11] * B[5] */ "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * B[6] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[7] */ "LDR r8, [%[a], #36]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[8] */ "LDR r11, [%[a], #32]\n\t" "LDR r12, [%[b], #32]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[9] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[10] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[11] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #64]\n\t" /* A[6] * B[11] */ "LDR r8, [%[a], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[10] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * B[9] */ "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[8] */ "LDR r8, [%[a], #36]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[7] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[6] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #68]\n\t" /* A[11] * B[7] */ "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[8] */ "LDR r8, [%[a], #40]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[9] */ "LDR r11, [%[a], #36]\n\t" "LDR r12, [%[b], #36]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[10] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[11] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #72]\n\t" /* A[8] * B[11] */ "LDR r8, [%[a], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[10] */ "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * B[9] */ "LDR r8, [%[a], #40]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[11] * B[8] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #76]\n\t" /* A[11] * B[9] */ "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[10] */ "LDR r11, [%[a], #40]\n\t" "LDR r12, [%[b], #40]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[11] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #80]\n\t" /* A[10] * B[11] */ "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[11] * B[10] */ "LDR r8, [%[a], #44]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #84]\n\t" /* A[11] * B[11] */ "UMLAL r4, r5, r8, r9\n\t" @@ -11466,9 +11526,9 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_12(sp_digit* r, const sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_12(sp_digit* r_p, @@ -11506,8 +11566,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_12(sp_digit* r, "ADCS r5, r5, r9\n\t" "ADCS r6, r6, r10\n\t" "STM %[r]!, {r3, r4, r5, r6}\n\t" - "MOV %[r], #0x0\n\t" - "ADC %[r], %[r], #0x0\n\t" + "MOV %[r], #0\n\t" + "ADC %[r], %[r], #0\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -11522,8 +11582,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_12(sp_digit* r, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_24(sp_digit* a_p, @@ -11596,9 +11656,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_24(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_24(sp_digit* r_p, @@ -11657,8 +11717,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_24(sp_digit* r, "ADCS r5, r5, r9\n\t" "ADCS r6, r6, r10\n\t" "STM %[r]!, {r3, r4, r5, r6}\n\t" - "MOV %[r], #0x0\n\t" - "ADC %[r], %[r], #0x0\n\t" + "MOV %[r], #0\n\t" + "ADC %[r], %[r], #0\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -11673,9 +11733,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_24(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_12(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -11703,9 +11763,9 @@ static void sp_3072_mask_12(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -11742,8 +11802,8 @@ SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, @@ -11858,9 +11918,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r_p, @@ -11961,8 +12021,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r, "ADCS r5, r5, r9\n\t" "ADCS r6, r6, r10\n\t" "STM %[r]!, {r3, r4, r5, r6}\n\t" - "MOV %[r], #0x0\n\t" - "ADC %[r], %[r], #0x0\n\t" + "MOV %[r], #0\n\t" + "ADC %[r], %[r], #0\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -11977,9 +12037,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_24(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -12007,9 +12067,9 @@ static void sp_3072_mask_24(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -12046,8 +12106,8 @@ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, @@ -12246,9 +12306,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r_p, @@ -12433,8 +12493,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r, "ADCS r5, r5, r9\n\t" "ADCS r6, r6, r10\n\t" "STM %[r]!, {r3, r4, r5, r6}\n\t" - "MOV %[r], #0x0\n\t" - "ADC %[r], %[r], #0x0\n\t" + "MOV %[r], #0\n\t" + "ADC %[r], %[r], #0\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -12449,9 +12509,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -12479,9 +12539,9 @@ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -12518,8 +12578,8 @@ SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r_p, @@ -12534,11 +12594,11 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "SUB sp, sp, #0x30\n\t" + "SUB sp, sp, #48\n\t" /* A[0] * A[0] */ "LDR r10, [%[a]]\n\t" "UMULL r8, r3, r10, r10\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "STR r8, [sp]\n\t" /* A[0] * A[1] */ "LDR r10, [%[a], #4]\n\t" @@ -12546,12 +12606,12 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "STR r3, [sp, #4]\n\t" /* A[0] * A[2] */ "LDR r10, [%[a], #8]\n\t" @@ -12559,18 +12619,18 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * A[1] */ "LDR r10, [%[a], #4]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #8]\n\t" /* A[0] * A[3] */ "LDR r10, [%[a], #12]\n\t" @@ -12578,22 +12638,22 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * A[2] */ "LDR r10, [%[a], #8]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r2, [sp, #12]\n\t" /* A[0] * A[4] */ "LDR r10, [%[a], #16]\n\t" @@ -12601,49 +12661,49 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" /* A[1] * A[3] */ "LDR r10, [%[a], #12]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" /* A[2] * A[2] */ "LDR r10, [%[a], #8]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "STR r3, [sp, #16]\n\t" /* A[0] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[4] */ "LDR r10, [%[a], #16]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[3] */ "LDR r10, [%[a], #12]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -12655,22 +12715,22 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[4] */ "LDR r10, [%[a], #16]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[3] */ "LDR r10, [%[a], #12]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -12679,7 +12739,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADC r4, r4, r7\n\t" @@ -12688,29 +12748,29 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[4] */ "LDR r10, [%[a], #16]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -12722,29 +12782,29 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[4] */ "LDR r10, [%[a], #16]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -12753,7 +12813,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r5\n\t" "ADCS r2, r2, r6\n\t" "ADC r3, r3, r7\n\t" @@ -12762,36 +12822,36 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -12803,36 +12863,36 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[5] */ "LDR r10, [%[a], #20]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -12841,7 +12901,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r5\n\t" "ADCS r4, r4, r6\n\t" "ADC r2, r2, r7\n\t" @@ -12850,43 +12910,43 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -12898,36 +12958,36 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[2] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[6] */ "LDR r10, [%[a], #24]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -12936,7 +12996,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADC r4, r4, r7\n\t" @@ -12945,36 +13005,36 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[3] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -12986,29 +13046,29 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[4] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[7] */ "LDR r10, [%[a], #28]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -13017,7 +13077,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r5\n\t" "ADCS r2, r2, r6\n\t" "ADC r3, r3, r7\n\t" @@ -13026,29 +13086,29 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[5] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -13060,22 +13120,22 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[6] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[8] */ "LDR r10, [%[a], #32]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -13084,7 +13144,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r5\n\t" "ADCS r4, r4, r6\n\t" "ADC r2, r2, r7\n\t" @@ -13093,22 +13153,22 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[7] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -13122,28 +13182,28 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * A[9] */ "LDR r10, [%[a], #36]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r2, [%[r], #72]\n\t" /* A[8] * A[11] */ "LDR r10, [%[a], #44]\n\t" @@ -13151,22 +13211,22 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" /* A[9] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #36]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "STR r3, [%[r], #76]\n\t" /* A[9] * A[11] */ "LDR r10, [%[a], #44]\n\t" @@ -13174,18 +13234,18 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * A[10] */ "LDR r10, [%[a], #40]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #80]\n\t" /* A[10] * A[11] */ "LDR r10, [%[a], #44]\n\t" @@ -13193,12 +13253,12 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" "STR r2, [%[r], #84]\n\t" /* A[11] * A[11] */ "LDR r10, [%[a], #44]\n\t" @@ -13225,9 +13285,9 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_12(sp_digit* r_p, @@ -13280,8 +13340,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_12(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a) { @@ -13316,9 +13376,9 @@ SP_NOINLINE static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_24(sp_digit* r_p, @@ -13392,8 +13452,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_24(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) { @@ -13428,9 +13488,9 @@ SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_48(sp_digit* r_p, @@ -13546,8 +13606,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_48(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a) { @@ -13584,9 +13644,9 @@ SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r_p, @@ -13603,7 +13663,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADD r12, %[a], #0x180\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -13619,8 +13679,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r, "ADCS r6, r6, r10\n\t" "ADCS r7, r7, r11\n\t" "STM %[r]!, {r4, r5, r6, r7}\n\t" - "MOV r4, #0x0\n\t" - "ADC r3, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r3, r4, #0\n\t" "CMP %[a], r12\n\t" #if defined(__GNUC__) "BNE L_sp_3072_add_96_word_%=\n\t" @@ -13647,8 +13707,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, @@ -13664,7 +13724,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "ADD r11, %[a], #0x180\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -13672,7 +13732,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a, #else "L_sp_3072_sub_in_place_96_word_%=:\n\t" #endif - "RSBS r10, r10, #0x0\n\t" + "RSBS r10, r10, #0\n\t" "LDM %[a], {r2, r3, r4, r5}\n\t" "LDM %[b]!, {r6, r7, r8, r9}\n\t" "SBCS r2, r2, r6\n\t" @@ -13707,9 +13767,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_mul_96(sp_digit* r_p, @@ -13731,9 +13791,9 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, "LDR r11, [%[b]]\n\t" "UMULL r8, r6, lr, r11\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_mul_96_outer:\n\t" @@ -13755,15 +13815,15 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "LDR lr, [%[a], r4]\n\t" "LDR r11, [%[b], r3]\n\t" "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_3072_mul_96_inner_done_%=\n\t" @@ -13784,7 +13844,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_mul_96_inner_done:\n\t" @@ -13794,8 +13854,8 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x2f4\n\t" #if defined(__GNUC__) "BLE L_sp_3072_mul_96_outer_%=\n\t" @@ -13808,7 +13868,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, "LDR r11, [%[b], #380]\n\t" "UMLAL r6, r7, lr, r11\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -13818,7 +13878,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_3072_mul_96_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -13840,8 +13900,8 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_sqr_96(sp_digit* r_p, @@ -13860,9 +13920,9 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a) "LDR lr, [%[a]]\n\t" "UMULL r8, r6, lr, lr\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_sqr_96_outer:\n\t" @@ -13884,12 +13944,12 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_3072_sqr_96_inner_done_%=\n\t" @@ -13909,7 +13969,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, lr\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_sqr_96_inner_done:\n\t" @@ -13919,8 +13979,8 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a) "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x2f4\n\t" #if defined(__GNUC__) "BLE L_sp_3072_sqr_96_outer_%=\n\t" @@ -13932,7 +13992,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a) "LDR lr, [%[a], #380]\n\t" "UMLAL r6, r7, lr, lr\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -13942,7 +14002,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a) #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_3072_sqr_96_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -13967,9 +14027,9 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -13984,9 +14044,9 @@ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r_p, @@ -14003,7 +14063,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADD r12, %[a], #0xc0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -14019,8 +14079,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r, "ADCS r6, r6, r10\n\t" "ADCS r7, r7, r11\n\t" "STM %[r]!, {r4, r5, r6, r7}\n\t" - "MOV r4, #0x0\n\t" - "ADC r3, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r3, r4, #0\n\t" "CMP %[a], r12\n\t" #if defined(__GNUC__) "BNE L_sp_3072_add_48_word_%=\n\t" @@ -14047,8 +14107,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, @@ -14064,7 +14124,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "ADD r11, %[a], #0xc0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -14072,7 +14132,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a, #else "L_sp_3072_sub_in_place_48_word_%=:\n\t" #endif - "RSBS r10, r10, #0x0\n\t" + "RSBS r10, r10, #0\n\t" "LDM %[a], {r2, r3, r4, r5}\n\t" "LDM %[b]!, {r6, r7, r8, r9}\n\t" "SBCS r2, r2, r6\n\t" @@ -14107,9 +14167,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_mul_48(sp_digit* r_p, @@ -14131,9 +14191,9 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, "LDR r11, [%[b]]\n\t" "UMULL r8, r6, lr, r11\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_mul_48_outer:\n\t" @@ -14155,15 +14215,15 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "LDR lr, [%[a], r4]\n\t" "LDR r11, [%[b], r3]\n\t" "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_3072_mul_48_inner_done_%=\n\t" @@ -14184,7 +14244,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_mul_48_inner_done:\n\t" @@ -14194,8 +14254,8 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x174\n\t" #if defined(__GNUC__) "BLE L_sp_3072_mul_48_outer_%=\n\t" @@ -14208,7 +14268,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, "LDR r11, [%[b], #188]\n\t" "UMLAL r6, r7, lr, r11\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -14218,7 +14278,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_3072_mul_48_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -14240,8 +14300,8 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r_p, @@ -14260,9 +14320,9 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) "LDR lr, [%[a]]\n\t" "UMULL r8, r6, lr, lr\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_sqr_48_outer:\n\t" @@ -14284,12 +14344,12 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_3072_sqr_48_inner_done_%=\n\t" @@ -14309,7 +14369,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, lr\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_sqr_48_inner_done:\n\t" @@ -14319,8 +14379,8 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x174\n\t" #if defined(__GNUC__) "BLE L_sp_3072_sqr_48_outer_%=\n\t" @@ -14332,7 +14392,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) "LDR lr, [%[a], #188]\n\t" "UMLAL r6, r7, lr, lr\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -14342,7 +14402,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_3072_sqr_48_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -14367,8 +14427,8 @@ WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a) /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -14388,9 +14448,9 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r_p, @@ -14410,10 +14470,10 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r, /* A[0] * B */ "LDR r8, [%[a]]\n\t" "UMULL r5, r3, %[b], r8\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "STR r5, [%[r]]\n\t" - "MOV r5, #0x0\n\t" - "MOV r9, #0x4\n\t" + "MOV r5, #0\n\t" + "MOV r9, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_mul_d_96_word:\n\t" @@ -14425,12 +14485,12 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r, "UMULL r6, r7, %[b], r8\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], r9]\n\t" "MOV r3, r4\n\t" "MOV r4, r5\n\t" - "MOV r5, #0x0\n\t" - "ADD r9, r9, #0x4\n\t" + "MOV r5, #0\n\t" + "ADD r9, r9, #4\n\t" "CMP r9, #0x180\n\t" #if defined(__GNUC__) "BLT L_sp_3072_mul_d_96_word_%=\n\t" @@ -14454,9 +14514,9 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r_p, @@ -14477,477 +14537,477 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r, "LDM %[a]!, {r8}\n\t" "UMULL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[1] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[2] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[3] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[4] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[5] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[6] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[7] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[8] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[9] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[10] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[11] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[12] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[13] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[14] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[15] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[16] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[17] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[18] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[19] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[20] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[21] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[22] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[23] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[24] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[25] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[26] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[27] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[28] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[29] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[30] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[31] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[32] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[33] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[34] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[35] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[36] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[37] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[38] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[39] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[40] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[41] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[42] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[43] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[44] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[45] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[46] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[47] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[48] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[49] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[50] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[51] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[52] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[53] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[54] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[55] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[56] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[57] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[58] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[59] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[60] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[61] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[62] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[63] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[64] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[65] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[66] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[67] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[68] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[69] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[70] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[71] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[72] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[73] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[74] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[75] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[76] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[77] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[78] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[79] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[80] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[81] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[82] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[83] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[84] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[85] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[86] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[87] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[88] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[89] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[90] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[91] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[92] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[93] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[94] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[95] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" @@ -14969,8 +15029,8 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m) { @@ -14984,10 +15044,11 @@ static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, @@ -15005,9 +15066,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r8, #0x0\n\t" - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r8, #0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_cond_sub_48_words:\n\t" @@ -15021,7 +15082,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r, "SBCS r6, r6, r7\n\t" "SBC r4, r8, r8\n\t" "STR r6, [%[r], r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0xc0\n\t" #if defined(__GNUC__) "BLT L_sp_3072_cond_sub_48_words_%=\n\t" @@ -15047,10 +15108,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, @@ -15068,7 +15130,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "LDM %[a]!, {r6, r7}\n\t" "LDM %[b]!, {r8, r9}\n\t" "AND r8, r8, %[m]\n\t" @@ -15255,9 +15317,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r, #ifndef WOLFSSL_SP_SMALL /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( @@ -15276,8 +15339,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( __asm__ __volatile__ ( "LDR lr, [%[m]]\n\t" /* i = 0 */ - "MOV r11, #0x0\n\t" - "MOV r3, #0x0\n\t" + "MOV r11, #0\n\t" + "MOV r3, #0\n\t" "LDR r4, [%[a]]\n\t" "LDR r5, [%[a], #4]\n\t" "\n" @@ -15289,391 +15352,391 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( /* mu = a[i] * mp */ "MUL r10, %[mp], r4\n\t" /* a[i+0] += m[0] * mu */ - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r4, r7, r10, lr\n\t" /* a[i+1] += m[1] * mu */ "LDR r9, [%[m], #4]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r5, r6, r10, r9\n\t" "MOV r4, r5\n\t" "ADDS r4, r4, r7\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+2] += m[2] * mu */ "LDR r9, [%[m], #8]\n\t" "LDR r5, [%[a], #8]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r5, r7, r10, r9\n\t" "ADDS r5, r5, r6\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+3] += m[3] * mu */ "LDR r9, [%[m], #12]\n\t" "LDR r12, [%[a], #12]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #12]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+4] += m[4] * mu */ "LDR r9, [%[m], #16]\n\t" "LDR r12, [%[a], #16]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #16]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+5] += m[5] * mu */ "LDR r9, [%[m], #20]\n\t" "LDR r12, [%[a], #20]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #20]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+6] += m[6] * mu */ "LDR r9, [%[m], #24]\n\t" "LDR r12, [%[a], #24]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #24]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+7] += m[7] * mu */ "LDR r9, [%[m], #28]\n\t" "LDR r12, [%[a], #28]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #28]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+8] += m[8] * mu */ "LDR r9, [%[m], #32]\n\t" "LDR r12, [%[a], #32]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #32]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+9] += m[9] * mu */ "LDR r9, [%[m], #36]\n\t" "LDR r12, [%[a], #36]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #36]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+10] += m[10] * mu */ "LDR r9, [%[m], #40]\n\t" "LDR r12, [%[a], #40]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #40]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+11] += m[11] * mu */ "LDR r9, [%[m], #44]\n\t" "LDR r12, [%[a], #44]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #44]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+12] += m[12] * mu */ "LDR r9, [%[m], #48]\n\t" "LDR r12, [%[a], #48]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #48]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+13] += m[13] * mu */ "LDR r9, [%[m], #52]\n\t" "LDR r12, [%[a], #52]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #52]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+14] += m[14] * mu */ "LDR r9, [%[m], #56]\n\t" "LDR r12, [%[a], #56]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #56]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+15] += m[15] * mu */ "LDR r9, [%[m], #60]\n\t" "LDR r12, [%[a], #60]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #60]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+16] += m[16] * mu */ "LDR r9, [%[m], #64]\n\t" "LDR r12, [%[a], #64]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #64]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+17] += m[17] * mu */ "LDR r9, [%[m], #68]\n\t" "LDR r12, [%[a], #68]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #68]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+18] += m[18] * mu */ "LDR r9, [%[m], #72]\n\t" "LDR r12, [%[a], #72]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #72]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+19] += m[19] * mu */ "LDR r9, [%[m], #76]\n\t" "LDR r12, [%[a], #76]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #76]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+20] += m[20] * mu */ "LDR r9, [%[m], #80]\n\t" "LDR r12, [%[a], #80]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #80]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+21] += m[21] * mu */ "LDR r9, [%[m], #84]\n\t" "LDR r12, [%[a], #84]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #84]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+22] += m[22] * mu */ "LDR r9, [%[m], #88]\n\t" "LDR r12, [%[a], #88]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #88]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+23] += m[23] * mu */ "LDR r9, [%[m], #92]\n\t" "LDR r12, [%[a], #92]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #92]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+24] += m[24] * mu */ "LDR r9, [%[m], #96]\n\t" "LDR r12, [%[a], #96]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #96]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+25] += m[25] * mu */ "LDR r9, [%[m], #100]\n\t" "LDR r12, [%[a], #100]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #100]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+26] += m[26] * mu */ "LDR r9, [%[m], #104]\n\t" "LDR r12, [%[a], #104]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #104]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+27] += m[27] * mu */ "LDR r9, [%[m], #108]\n\t" "LDR r12, [%[a], #108]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #108]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+28] += m[28] * mu */ "LDR r9, [%[m], #112]\n\t" "LDR r12, [%[a], #112]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #112]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+29] += m[29] * mu */ "LDR r9, [%[m], #116]\n\t" "LDR r12, [%[a], #116]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #116]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+30] += m[30] * mu */ "LDR r9, [%[m], #120]\n\t" "LDR r12, [%[a], #120]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #120]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+31] += m[31] * mu */ "LDR r9, [%[m], #124]\n\t" "LDR r12, [%[a], #124]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #124]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+32] += m[32] * mu */ "LDR r9, [%[m], #128]\n\t" "LDR r12, [%[a], #128]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #128]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+33] += m[33] * mu */ "LDR r9, [%[m], #132]\n\t" "LDR r12, [%[a], #132]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #132]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+34] += m[34] * mu */ "LDR r9, [%[m], #136]\n\t" "LDR r12, [%[a], #136]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #136]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+35] += m[35] * mu */ "LDR r9, [%[m], #140]\n\t" "LDR r12, [%[a], #140]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #140]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+36] += m[36] * mu */ "LDR r9, [%[m], #144]\n\t" "LDR r12, [%[a], #144]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #144]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+37] += m[37] * mu */ "LDR r9, [%[m], #148]\n\t" "LDR r12, [%[a], #148]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #148]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+38] += m[38] * mu */ "LDR r9, [%[m], #152]\n\t" "LDR r12, [%[a], #152]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #152]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+39] += m[39] * mu */ "LDR r9, [%[m], #156]\n\t" "LDR r12, [%[a], #156]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #156]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+40] += m[40] * mu */ "LDR r9, [%[m], #160]\n\t" "LDR r12, [%[a], #160]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #160]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+41] += m[41] * mu */ "LDR r9, [%[m], #164]\n\t" "LDR r12, [%[a], #164]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #164]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+42] += m[42] * mu */ "LDR r9, [%[m], #168]\n\t" "LDR r12, [%[a], #168]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #168]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+43] += m[43] * mu */ "LDR r9, [%[m], #172]\n\t" "LDR r12, [%[a], #172]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #172]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+44] += m[44] * mu */ "LDR r9, [%[m], #176]\n\t" "LDR r12, [%[a], #176]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #176]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+45] += m[45] * mu */ "LDR r9, [%[m], #180]\n\t" "LDR r12, [%[a], #180]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #180]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+46] += m[46] * mu */ "LDR r9, [%[m], #184]\n\t" "LDR r12, [%[a], #184]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #184]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+47] += m[47] * mu */ "LDR r9, [%[m], #188]\n\t" "LDR r12, [%[a], #188]\n\t" "UMULL r8, r9, r10, r9\n\t" "ADDS r7, r7, r8\n\t" "ADCS r6, r9, r3\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADC r3, r3, r3\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #188]\n\t" "LDR r12, [%[a], #192]\n\t" "ADCS r12, r12, r6\n\t" "STR r12, [%[a], #192]\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* i += 1 */ - "ADD r11, r11, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r11, r11, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r11, #0xc0\n\t" #if defined(__GNUC__) "BLT L_sp_3072_mont_reduce_48_word_%=\n\t" @@ -15702,9 +15765,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( #else /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( @@ -15723,9 +15787,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( __asm__ __volatile__ ( "LDR r11, [%[m]]\n\t" /* i = 0 */ - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" /* ca = 0 */ - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_mont_reduce_48_word:\n\t" @@ -15736,8 +15800,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( "LDR r10, [%[a]]\n\t" "MUL r8, %[mp], r10\n\t" /* j = 0 */ - "MOV r12, #0x0\n\t" - "MOV r4, #0x0\n\t" + "MOV r12, #0\n\t" + "MOV r4, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_mont_reduce_48_mul:\n\t" @@ -15747,43 +15811,43 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( /* a[i+j+0] += m[j+0] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+1] += m[j+1] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+2] += m[j+2] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+3] += m[j+3] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" "CMP r12, #0xc0\n\t" #if defined(__GNUC__) "BLT L_sp_3072_mont_reduce_48_mul_%=\n\t" @@ -15794,14 +15858,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( #endif "LDR r10, [%[a], #192]\n\t" "ADDS r4, r4, r3\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r10, r10, r4\n\t" "ADC r3, r3, r3\n\t" "STR r10, [%[a], #192]\n\t" /* i += 1 */ - "ADD r9, r9, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r9, r9, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r9, #0xc0\n\t" #if defined(__GNUC__) "BLT L_sp_3072_mont_reduce_48_word_%=\n\t" @@ -15830,9 +15894,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( #ifndef WOLFSSL_SP_SMALL /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( @@ -15850,8 +15915,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( __asm__ __volatile__ ( /* i = 0 */ - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "LDR r6, [%[a]]\n\t" "LDR r7, [%[a], #4]\n\t" "LDR r8, [%[a], #8]\n\t" @@ -15867,7 +15932,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( "MUL lr, %[mp], r6\n\t" /* a[i+0] += m[0] * mu */ "LDR r12, [%[m]]\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "UMAAL r6, r3, lr, r12\n\t" /* a[i+1] += m[1] * mu */ "LDR r12, [%[m], #4]\n\t" @@ -16099,15 +16164,15 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( "LDR r11, [%[a], #188]\n\t" "UMAAL r11, r3, lr, r12\n\t" "LDR lr, [%[a], #192]\n\t" - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "UMAAL r3, lr, r12, r12\n\t" "STR r11, [%[a], #188]\n\t" "ADDS r3, r3, r5\n\t" - "ADC r5, lr, #0x0\n\t" + "ADC r5, lr, #0\n\t" "STR r3, [%[a], #192]\n\t" /* i += 1 */ - "ADD r4, r4, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r4, r4, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r4, #0xc0\n\t" #if defined(__GNUC__) "BLT L_sp_3072_mont_reduce_48_word_%=\n\t" @@ -16139,9 +16204,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( #else /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( @@ -16160,9 +16226,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( __asm__ __volatile__ ( "LDR r11, [%[m]]\n\t" /* i = 0 */ - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" /* ca = 0 */ - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_mont_reduce_48_word:\n\t" @@ -16173,8 +16239,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( "LDR r10, [%[a]]\n\t" "MUL r8, %[mp], r10\n\t" /* j = 0 */ - "MOV r12, #0x0\n\t" - "MOV r4, #0x0\n\t" + "MOV r12, #0\n\t" + "MOV r4, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_mont_reduce_48_mul:\n\t" @@ -16187,28 +16253,28 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+1] += m[j+1] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+2] += m[j+2] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+3] += m[j+3] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" "CMP r12, #0xc0\n\t" #if defined(__GNUC__) "BLT L_sp_3072_mont_reduce_48_mul_%=\n\t" @@ -16219,14 +16285,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( #endif "LDR r10, [%[a], #192]\n\t" "ADDS r4, r4, r3\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r10, r10, r4\n\t" "ADC r3, r3, r3\n\t" "STR r10, [%[a], #192]\n\t" /* i += 1 */ - "ADD r9, r9, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r9, r9, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r9, #0xc0\n\t" #if defined(__GNUC__) "BLT L_sp_3072_mont_reduce_48_word_%=\n\t" @@ -16255,11 +16321,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -16270,10 +16336,10 @@ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -16285,9 +16351,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r_p, @@ -16307,10 +16373,10 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r, /* A[0] * B */ "LDR r8, [%[a]]\n\t" "UMULL r5, r3, %[b], r8\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "STR r5, [%[r]]\n\t" - "MOV r5, #0x0\n\t" - "MOV r9, #0x4\n\t" + "MOV r5, #0\n\t" + "MOV r9, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_mul_d_48_word:\n\t" @@ -16322,12 +16388,12 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r, "UMULL r6, r7, %[b], r8\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], r9]\n\t" "MOV r3, r4\n\t" "MOV r4, r5\n\t" - "MOV r5, #0x0\n\t" - "ADD r9, r9, #0x4\n\t" + "MOV r5, #0\n\t" + "ADD r9, r9, #4\n\t" "CMP r9, #0xc0\n\t" #if defined(__GNUC__) "BLT L_sp_3072_mul_d_48_word_%=\n\t" @@ -16351,9 +16417,9 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r_p, @@ -16374,237 +16440,237 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r, "LDM %[a]!, {r8}\n\t" "UMULL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[1] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[2] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[3] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[4] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[5] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[6] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[7] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[8] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[9] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[10] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[11] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[12] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[13] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[14] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[15] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[16] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[17] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[18] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[19] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[20] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[21] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[22] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[23] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[24] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[25] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[26] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[27] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[28] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[29] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[30] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[31] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[32] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[33] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[34] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[35] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[36] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[37] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[38] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[39] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[40] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[41] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[42] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[43] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[44] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[45] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[46] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[47] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" @@ -16625,10 +16691,11 @@ WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -16648,7 +16715,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_48(sp_digit d1, __asm__ __volatile__ ( "LSR r8, %[div], #16\n\t" - "ADD r5, r8, #0x1\n\t" + "ADD r5, r8, #1\n\t" "UDIV r6, %[d1], r5\n\t" "LSL r7, %[div], #16\n\t" "LSL r6, r6, #16\n\t" @@ -16657,8 +16724,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_48(sp_digit d1, "SBC %[d1], %[d1], r4\n\t" "SUBS r3, %[d1], r5\n\t" "SBC r9, r9, r9\n\t" - "ADD r9, r9, #0x1\n\t" - "RSB r10, r9, #0x0\n\t" + "ADD r9, r9, #1\n\t" + "RSB r10, r9, #0\n\t" "LSL r9, r9, #16\n\t" "AND r7, r7, r10\n\t" "AND r8, r8, r10\n\t" @@ -16697,10 +16764,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_48(sp_digit d1, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -16720,18 +16788,18 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_48(sp_digit d1, __asm__ __volatile__ ( "LSR r5, %[div], #1\n\t" - "ADD r5, r5, #0x1\n\t" + "ADD r5, r5, #1\n\t" "MOV r6, %[d0]\n\t" "MOV r7, %[d1]\n\t" /* Do top 32 */ "SUBS r8, r5, r7\n\t" "SBC r8, r8, r8\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" /* Next 30 bits */ - "MOV r4, #0x1d\n\t" + "MOV r4, #29\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_div_3072_word_48_bit:\n\t" @@ -16746,7 +16814,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_48(sp_digit d1, "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" - "SUBS r4, r4, #0x1\n\t" + "SUBS r4, r4, #1\n\t" #if defined(__GNUC__) "BPL L_div_3072_word_48_bit_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -16755,7 +16823,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_48(sp_digit d1, "BPL.N L_div_3072_word_48_bit_%=\n\t" #endif "ADD r3, r3, r3\n\t" - "ADD r3, r3, #0x1\n\t" + "ADD r3, r3, #1\n\t" "UMULL r6, r7, r3, %[div]\n\t" "SUBS r9, %[d0], r6\n\t" "SBC r10, %[d1], r7\n\t" @@ -16786,10 +16854,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_48(sp_digit d1, #endif /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_48(const sp_digit* a_p, @@ -16806,8 +16875,8 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_48(const sp_digit* a, __asm__ __volatile__ ( "MOV r2, #0xffffffff\n\t" - "MOV r8, #0x1\n\t" - "MOV r7, #0x0\n\t" + "MOV r8, #1\n\t" + "MOV r7, #0\n\t" "MOV r3, #0xffffffff\n\t" #ifdef WOLFSSL_SP_SMALL "MOV r6, #0xbc\n\t" @@ -16828,7 +16897,7 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_48(const sp_digit* a, "movlo r2, r3\n\t" "IT ne\n\t" "movne r3, r7\n\t" - "SUBS r6, r6, #0x4\n\t" + "SUBS r6, r6, #4\n\t" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "bcs L_sp_3072_cmp_48_words\n\t" #else @@ -17382,11 +17451,12 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_48(const sp_digit* a, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -17424,10 +17494,11 @@ static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -17437,14 +17508,17 @@ static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a, const sp_dig #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -17574,14 +17648,17 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -17733,8 +17810,8 @@ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_96(sp_digit* r, const sp_digit* m) { @@ -17749,10 +17826,11 @@ static void sp_3072_mont_norm_96(sp_digit* r, const sp_digit* m) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, @@ -17770,9 +17848,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r8, #0x0\n\t" - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r8, #0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_cond_sub_96_words:\n\t" @@ -17786,7 +17864,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r, "SBCS r6, r6, r7\n\t" "SBC r4, r8, r8\n\t" "STR r6, [%[r], r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x180\n\t" #if defined(__GNUC__) "BLT L_sp_3072_cond_sub_96_words_%=\n\t" @@ -17812,10 +17890,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, @@ -17833,7 +17912,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "LDM %[a]!, {r6, r7}\n\t" "LDM %[b]!, {r8, r9}\n\t" "AND r8, r8, %[m]\n\t" @@ -18188,9 +18267,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r, #ifndef WOLFSSL_SP_SMALL /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( @@ -18209,8 +18289,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( __asm__ __volatile__ ( "LDR lr, [%[m]]\n\t" /* i = 0 */ - "MOV r11, #0x0\n\t" - "MOV r3, #0x0\n\t" + "MOV r11, #0\n\t" + "MOV r3, #0\n\t" "LDR r4, [%[a]]\n\t" "LDR r5, [%[a], #4]\n\t" "\n" @@ -18222,775 +18302,775 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( /* mu = a[i] * mp */ "MUL r10, %[mp], r4\n\t" /* a[i+0] += m[0] * mu */ - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r4, r7, r10, lr\n\t" /* a[i+1] += m[1] * mu */ "LDR r9, [%[m], #4]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r5, r6, r10, r9\n\t" "MOV r4, r5\n\t" "ADDS r4, r4, r7\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+2] += m[2] * mu */ "LDR r9, [%[m], #8]\n\t" "LDR r5, [%[a], #8]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r5, r7, r10, r9\n\t" "ADDS r5, r5, r6\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+3] += m[3] * mu */ "LDR r9, [%[m], #12]\n\t" "LDR r12, [%[a], #12]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #12]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+4] += m[4] * mu */ "LDR r9, [%[m], #16]\n\t" "LDR r12, [%[a], #16]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #16]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+5] += m[5] * mu */ "LDR r9, [%[m], #20]\n\t" "LDR r12, [%[a], #20]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #20]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+6] += m[6] * mu */ "LDR r9, [%[m], #24]\n\t" "LDR r12, [%[a], #24]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #24]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+7] += m[7] * mu */ "LDR r9, [%[m], #28]\n\t" "LDR r12, [%[a], #28]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #28]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+8] += m[8] * mu */ "LDR r9, [%[m], #32]\n\t" "LDR r12, [%[a], #32]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #32]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+9] += m[9] * mu */ "LDR r9, [%[m], #36]\n\t" "LDR r12, [%[a], #36]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #36]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+10] += m[10] * mu */ "LDR r9, [%[m], #40]\n\t" "LDR r12, [%[a], #40]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #40]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+11] += m[11] * mu */ "LDR r9, [%[m], #44]\n\t" "LDR r12, [%[a], #44]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #44]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+12] += m[12] * mu */ "LDR r9, [%[m], #48]\n\t" "LDR r12, [%[a], #48]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #48]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+13] += m[13] * mu */ "LDR r9, [%[m], #52]\n\t" "LDR r12, [%[a], #52]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #52]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+14] += m[14] * mu */ "LDR r9, [%[m], #56]\n\t" "LDR r12, [%[a], #56]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #56]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+15] += m[15] * mu */ "LDR r9, [%[m], #60]\n\t" "LDR r12, [%[a], #60]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #60]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+16] += m[16] * mu */ "LDR r9, [%[m], #64]\n\t" "LDR r12, [%[a], #64]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #64]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+17] += m[17] * mu */ "LDR r9, [%[m], #68]\n\t" "LDR r12, [%[a], #68]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #68]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+18] += m[18] * mu */ "LDR r9, [%[m], #72]\n\t" "LDR r12, [%[a], #72]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #72]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+19] += m[19] * mu */ "LDR r9, [%[m], #76]\n\t" "LDR r12, [%[a], #76]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #76]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+20] += m[20] * mu */ "LDR r9, [%[m], #80]\n\t" "LDR r12, [%[a], #80]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #80]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+21] += m[21] * mu */ "LDR r9, [%[m], #84]\n\t" "LDR r12, [%[a], #84]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #84]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+22] += m[22] * mu */ "LDR r9, [%[m], #88]\n\t" "LDR r12, [%[a], #88]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #88]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+23] += m[23] * mu */ "LDR r9, [%[m], #92]\n\t" "LDR r12, [%[a], #92]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #92]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+24] += m[24] * mu */ "LDR r9, [%[m], #96]\n\t" "LDR r12, [%[a], #96]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #96]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+25] += m[25] * mu */ "LDR r9, [%[m], #100]\n\t" "LDR r12, [%[a], #100]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #100]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+26] += m[26] * mu */ "LDR r9, [%[m], #104]\n\t" "LDR r12, [%[a], #104]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #104]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+27] += m[27] * mu */ "LDR r9, [%[m], #108]\n\t" "LDR r12, [%[a], #108]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #108]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+28] += m[28] * mu */ "LDR r9, [%[m], #112]\n\t" "LDR r12, [%[a], #112]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #112]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+29] += m[29] * mu */ "LDR r9, [%[m], #116]\n\t" "LDR r12, [%[a], #116]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #116]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+30] += m[30] * mu */ "LDR r9, [%[m], #120]\n\t" "LDR r12, [%[a], #120]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #120]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+31] += m[31] * mu */ "LDR r9, [%[m], #124]\n\t" "LDR r12, [%[a], #124]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #124]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+32] += m[32] * mu */ "LDR r9, [%[m], #128]\n\t" "LDR r12, [%[a], #128]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #128]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+33] += m[33] * mu */ "LDR r9, [%[m], #132]\n\t" "LDR r12, [%[a], #132]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #132]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+34] += m[34] * mu */ "LDR r9, [%[m], #136]\n\t" "LDR r12, [%[a], #136]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #136]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+35] += m[35] * mu */ "LDR r9, [%[m], #140]\n\t" "LDR r12, [%[a], #140]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #140]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+36] += m[36] * mu */ "LDR r9, [%[m], #144]\n\t" "LDR r12, [%[a], #144]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #144]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+37] += m[37] * mu */ "LDR r9, [%[m], #148]\n\t" "LDR r12, [%[a], #148]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #148]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+38] += m[38] * mu */ "LDR r9, [%[m], #152]\n\t" "LDR r12, [%[a], #152]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #152]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+39] += m[39] * mu */ "LDR r9, [%[m], #156]\n\t" "LDR r12, [%[a], #156]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #156]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+40] += m[40] * mu */ "LDR r9, [%[m], #160]\n\t" "LDR r12, [%[a], #160]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #160]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+41] += m[41] * mu */ "LDR r9, [%[m], #164]\n\t" "LDR r12, [%[a], #164]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #164]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+42] += m[42] * mu */ "LDR r9, [%[m], #168]\n\t" "LDR r12, [%[a], #168]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #168]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+43] += m[43] * mu */ "LDR r9, [%[m], #172]\n\t" "LDR r12, [%[a], #172]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #172]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+44] += m[44] * mu */ "LDR r9, [%[m], #176]\n\t" "LDR r12, [%[a], #176]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #176]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+45] += m[45] * mu */ "LDR r9, [%[m], #180]\n\t" "LDR r12, [%[a], #180]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #180]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+46] += m[46] * mu */ "LDR r9, [%[m], #184]\n\t" "LDR r12, [%[a], #184]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #184]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+47] += m[47] * mu */ "LDR r9, [%[m], #188]\n\t" "LDR r12, [%[a], #188]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #188]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+48] += m[48] * mu */ "LDR r9, [%[m], #192]\n\t" "LDR r12, [%[a], #192]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #192]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+49] += m[49] * mu */ "LDR r9, [%[m], #196]\n\t" "LDR r12, [%[a], #196]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #196]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+50] += m[50] * mu */ "LDR r9, [%[m], #200]\n\t" "LDR r12, [%[a], #200]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #200]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+51] += m[51] * mu */ "LDR r9, [%[m], #204]\n\t" "LDR r12, [%[a], #204]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #204]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+52] += m[52] * mu */ "LDR r9, [%[m], #208]\n\t" "LDR r12, [%[a], #208]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #208]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+53] += m[53] * mu */ "LDR r9, [%[m], #212]\n\t" "LDR r12, [%[a], #212]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #212]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+54] += m[54] * mu */ "LDR r9, [%[m], #216]\n\t" "LDR r12, [%[a], #216]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #216]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+55] += m[55] * mu */ "LDR r9, [%[m], #220]\n\t" "LDR r12, [%[a], #220]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #220]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+56] += m[56] * mu */ "LDR r9, [%[m], #224]\n\t" "LDR r12, [%[a], #224]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #224]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+57] += m[57] * mu */ "LDR r9, [%[m], #228]\n\t" "LDR r12, [%[a], #228]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #228]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+58] += m[58] * mu */ "LDR r9, [%[m], #232]\n\t" "LDR r12, [%[a], #232]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #232]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+59] += m[59] * mu */ "LDR r9, [%[m], #236]\n\t" "LDR r12, [%[a], #236]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #236]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+60] += m[60] * mu */ "LDR r9, [%[m], #240]\n\t" "LDR r12, [%[a], #240]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #240]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+61] += m[61] * mu */ "LDR r9, [%[m], #244]\n\t" "LDR r12, [%[a], #244]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #244]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+62] += m[62] * mu */ "LDR r9, [%[m], #248]\n\t" "LDR r12, [%[a], #248]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #248]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+63] += m[63] * mu */ "LDR r9, [%[m], #252]\n\t" "LDR r12, [%[a], #252]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #252]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+64] += m[64] * mu */ "LDR r9, [%[m], #256]\n\t" "LDR r12, [%[a], #256]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #256]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+65] += m[65] * mu */ "LDR r9, [%[m], #260]\n\t" "LDR r12, [%[a], #260]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #260]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+66] += m[66] * mu */ "LDR r9, [%[m], #264]\n\t" "LDR r12, [%[a], #264]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #264]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+67] += m[67] * mu */ "LDR r9, [%[m], #268]\n\t" "LDR r12, [%[a], #268]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #268]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+68] += m[68] * mu */ "LDR r9, [%[m], #272]\n\t" "LDR r12, [%[a], #272]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #272]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+69] += m[69] * mu */ "LDR r9, [%[m], #276]\n\t" "LDR r12, [%[a], #276]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #276]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+70] += m[70] * mu */ "LDR r9, [%[m], #280]\n\t" "LDR r12, [%[a], #280]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #280]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+71] += m[71] * mu */ "LDR r9, [%[m], #284]\n\t" "LDR r12, [%[a], #284]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #284]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+72] += m[72] * mu */ "LDR r9, [%[m], #288]\n\t" "LDR r12, [%[a], #288]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #288]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+73] += m[73] * mu */ "LDR r9, [%[m], #292]\n\t" "LDR r12, [%[a], #292]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #292]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+74] += m[74] * mu */ "LDR r9, [%[m], #296]\n\t" "LDR r12, [%[a], #296]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #296]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+75] += m[75] * mu */ "LDR r9, [%[m], #300]\n\t" "LDR r12, [%[a], #300]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #300]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+76] += m[76] * mu */ "LDR r9, [%[m], #304]\n\t" "LDR r12, [%[a], #304]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #304]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+77] += m[77] * mu */ "LDR r9, [%[m], #308]\n\t" "LDR r12, [%[a], #308]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #308]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+78] += m[78] * mu */ "LDR r9, [%[m], #312]\n\t" "LDR r12, [%[a], #312]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #312]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+79] += m[79] * mu */ "LDR r9, [%[m], #316]\n\t" "LDR r12, [%[a], #316]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #316]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+80] += m[80] * mu */ "LDR r9, [%[m], #320]\n\t" "LDR r12, [%[a], #320]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #320]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+81] += m[81] * mu */ "LDR r9, [%[m], #324]\n\t" "LDR r12, [%[a], #324]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #324]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+82] += m[82] * mu */ "LDR r9, [%[m], #328]\n\t" "LDR r12, [%[a], #328]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #328]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+83] += m[83] * mu */ "LDR r9, [%[m], #332]\n\t" "LDR r12, [%[a], #332]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #332]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+84] += m[84] * mu */ "LDR r9, [%[m], #336]\n\t" "LDR r12, [%[a], #336]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #336]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+85] += m[85] * mu */ "LDR r9, [%[m], #340]\n\t" "LDR r12, [%[a], #340]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #340]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+86] += m[86] * mu */ "LDR r9, [%[m], #344]\n\t" "LDR r12, [%[a], #344]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #344]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+87] += m[87] * mu */ "LDR r9, [%[m], #348]\n\t" "LDR r12, [%[a], #348]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #348]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+88] += m[88] * mu */ "LDR r9, [%[m], #352]\n\t" "LDR r12, [%[a], #352]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #352]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+89] += m[89] * mu */ "LDR r9, [%[m], #356]\n\t" "LDR r12, [%[a], #356]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #356]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+90] += m[90] * mu */ "LDR r9, [%[m], #360]\n\t" "LDR r12, [%[a], #360]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #360]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+91] += m[91] * mu */ "LDR r9, [%[m], #364]\n\t" "LDR r12, [%[a], #364]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #364]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+92] += m[92] * mu */ "LDR r9, [%[m], #368]\n\t" "LDR r12, [%[a], #368]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #368]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+93] += m[93] * mu */ "LDR r9, [%[m], #372]\n\t" "LDR r12, [%[a], #372]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #372]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+94] += m[94] * mu */ "LDR r9, [%[m], #376]\n\t" "LDR r12, [%[a], #376]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #376]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+95] += m[95] * mu */ "LDR r9, [%[m], #380]\n\t" "LDR r12, [%[a], #380]\n\t" "UMULL r8, r9, r10, r9\n\t" "ADDS r7, r7, r8\n\t" "ADCS r6, r9, r3\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADC r3, r3, r3\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #380]\n\t" "LDR r12, [%[a], #384]\n\t" "ADCS r12, r12, r6\n\t" "STR r12, [%[a], #384]\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* i += 1 */ - "ADD r11, r11, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r11, r11, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r11, #0x180\n\t" #if defined(__GNUC__) "BLT L_sp_3072_mont_reduce_96_word_%=\n\t" @@ -19019,9 +19099,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( #else /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( @@ -19040,9 +19121,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( __asm__ __volatile__ ( "LDR r11, [%[m]]\n\t" /* i = 0 */ - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" /* ca = 0 */ - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_mont_reduce_96_word:\n\t" @@ -19053,8 +19134,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( "LDR r10, [%[a]]\n\t" "MUL r8, %[mp], r10\n\t" /* j = 0 */ - "MOV r12, #0x0\n\t" - "MOV r4, #0x0\n\t" + "MOV r12, #0\n\t" + "MOV r4, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_mont_reduce_96_mul:\n\t" @@ -19064,43 +19145,43 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( /* a[i+j+0] += m[j+0] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+1] += m[j+1] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+2] += m[j+2] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+3] += m[j+3] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" "CMP r12, #0x180\n\t" #if defined(__GNUC__) "BLT L_sp_3072_mont_reduce_96_mul_%=\n\t" @@ -19111,14 +19192,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( #endif "LDR r10, [%[a], #384]\n\t" "ADDS r4, r4, r3\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r10, r10, r4\n\t" "ADC r3, r3, r3\n\t" "STR r10, [%[a], #384]\n\t" /* i += 1 */ - "ADD r9, r9, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r9, r9, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r9, #0x180\n\t" #if defined(__GNUC__) "BLT L_sp_3072_mont_reduce_96_word_%=\n\t" @@ -19147,9 +19228,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( #ifndef WOLFSSL_SP_SMALL /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( @@ -19167,8 +19249,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( __asm__ __volatile__ ( /* i = 0 */ - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "LDR r6, [%[a]]\n\t" "LDR r7, [%[a], #4]\n\t" "LDR r8, [%[a], #8]\n\t" @@ -19184,7 +19266,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( "MUL lr, %[mp], r6\n\t" /* a[i+0] += m[0] * mu */ "LDR r12, [%[m]]\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "UMAAL r6, r3, lr, r12\n\t" /* a[i+1] += m[1] * mu */ "LDR r12, [%[m], #4]\n\t" @@ -19656,15 +19738,15 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( "LDR r11, [%[a], #380]\n\t" "UMAAL r11, r3, lr, r12\n\t" "LDR lr, [%[a], #384]\n\t" - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "UMAAL r3, lr, r12, r12\n\t" "STR r11, [%[a], #380]\n\t" "ADDS r3, r3, r5\n\t" - "ADC r5, lr, #0x0\n\t" + "ADC r5, lr, #0\n\t" "STR r3, [%[a], #384]\n\t" /* i += 1 */ - "ADD r4, r4, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r4, r4, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r4, #0x180\n\t" #if defined(__GNUC__) "BLT L_sp_3072_mont_reduce_96_word_%=\n\t" @@ -19696,9 +19778,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( #else /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( @@ -19717,9 +19800,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( __asm__ __volatile__ ( "LDR r11, [%[m]]\n\t" /* i = 0 */ - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" /* ca = 0 */ - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_mont_reduce_96_word:\n\t" @@ -19730,8 +19813,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( "LDR r10, [%[a]]\n\t" "MUL r8, %[mp], r10\n\t" /* j = 0 */ - "MOV r12, #0x0\n\t" - "MOV r4, #0x0\n\t" + "MOV r12, #0\n\t" + "MOV r4, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_mont_reduce_96_mul:\n\t" @@ -19744,28 +19827,28 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+1] += m[j+1] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+2] += m[j+2] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+3] += m[j+3] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" "CMP r12, #0x180\n\t" #if defined(__GNUC__) "BLT L_sp_3072_mont_reduce_96_mul_%=\n\t" @@ -19776,14 +19859,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( #endif "LDR r10, [%[a], #384]\n\t" "ADDS r4, r4, r3\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r10, r10, r4\n\t" "ADC r3, r3, r3\n\t" "STR r10, [%[a], #384]\n\t" /* i += 1 */ - "ADD r9, r9, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r9, r9, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r9, #0x180\n\t" #if defined(__GNUC__) "BLT L_sp_3072_mont_reduce_96_word_%=\n\t" @@ -19812,11 +19895,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -19827,10 +19910,10 @@ SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -19842,9 +19925,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r_p, @@ -19861,7 +19944,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "ADD r12, %[a], #0x180\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -19869,7 +19952,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r, #else "L_sp_3072_sub_96_word_%=:\n\t" #endif - "RSBS r11, r11, #0x0\n\t" + "RSBS r11, r11, #0\n\t" "LDM %[a]!, {r3, r4, r5, r6}\n\t" "LDM %[b]!, {r7, r8, r9, r10}\n\t" "SBCS r3, r3, r7\n\t" @@ -19903,9 +19986,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r_p, @@ -20107,10 +20190,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -20130,7 +20214,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_96(sp_digit d1, __asm__ __volatile__ ( "LSR r8, %[div], #16\n\t" - "ADD r5, r8, #0x1\n\t" + "ADD r5, r8, #1\n\t" "UDIV r6, %[d1], r5\n\t" "LSL r7, %[div], #16\n\t" "LSL r6, r6, #16\n\t" @@ -20139,8 +20223,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_96(sp_digit d1, "SBC %[d1], %[d1], r4\n\t" "SUBS r3, %[d1], r5\n\t" "SBC r9, r9, r9\n\t" - "ADD r9, r9, #0x1\n\t" - "RSB r10, r9, #0x0\n\t" + "ADD r9, r9, #1\n\t" + "RSB r10, r9, #0\n\t" "LSL r9, r9, #16\n\t" "AND r7, r7, r10\n\t" "AND r8, r8, r10\n\t" @@ -20179,10 +20263,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_96(sp_digit d1, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -20202,18 +20287,18 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_96(sp_digit d1, __asm__ __volatile__ ( "LSR r5, %[div], #1\n\t" - "ADD r5, r5, #0x1\n\t" + "ADD r5, r5, #1\n\t" "MOV r6, %[d0]\n\t" "MOV r7, %[d1]\n\t" /* Do top 32 */ "SUBS r8, r5, r7\n\t" "SBC r8, r8, r8\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" /* Next 30 bits */ - "MOV r4, #0x1d\n\t" + "MOV r4, #29\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_div_3072_word_96_bit:\n\t" @@ -20228,7 +20313,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_96(sp_digit d1, "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" - "SUBS r4, r4, #0x1\n\t" + "SUBS r4, r4, #1\n\t" #if defined(__GNUC__) "BPL L_div_3072_word_96_bit_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -20237,7 +20322,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_96(sp_digit d1, "BPL.N L_div_3072_word_96_bit_%=\n\t" #endif "ADD r3, r3, r3\n\t" - "ADD r3, r3, #0x1\n\t" + "ADD r3, r3, #1\n\t" "UMULL r6, r7, r3, %[div]\n\t" "SUBS r9, %[d0], r6\n\t" "SBC r10, %[d1], r7\n\t" @@ -20269,11 +20354,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_3072_word_96(sp_digit d1, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -20327,10 +20413,11 @@ static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_mod_96_cond(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -20341,9 +20428,9 @@ static WC_INLINE int sp_3072_mod_96_cond(sp_digit* r, const sp_digit* a, const s #if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_96(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -20371,10 +20458,11 @@ static void sp_3072_mask_96(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_96(const sp_digit* a_p, @@ -20391,8 +20479,8 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_96(const sp_digit* a, __asm__ __volatile__ ( "MOV r2, #0xffffffff\n\t" - "MOV r8, #0x1\n\t" - "MOV r7, #0x0\n\t" + "MOV r8, #1\n\t" + "MOV r7, #0\n\t" "MOV r3, #0xffffffff\n\t" #ifdef WOLFSSL_SP_SMALL "MOV r6, #0x17c\n\t" @@ -20413,7 +20501,7 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_96(const sp_digit* a, "movlo r2, r3\n\t" "IT ne\n\t" "movne r3, r7\n\t" - "SUBS r6, r6, #0x4\n\t" + "SUBS r6, r6, #4\n\t" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "bcs L_sp_3072_cmp_96_words\n\t" #else @@ -21495,11 +21583,12 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_96(const sp_digit* a, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -21537,10 +21626,11 @@ static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_mod_96(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -21553,14 +21643,17 @@ static WC_INLINE int sp_3072_mod_96(sp_digit* r, const sp_digit* a, const sp_dig #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -21681,14 +21774,17 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -21822,15 +21918,19 @@ static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e, #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -21971,10 +22071,11 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r_p, @@ -21992,9 +22093,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r5, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r4, #0x0\n\t" + "MOV r5, #0\n\t" + "MOV r8, #0\n\t" + "MOV r4, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_3072_cond_add_48_words:\n\t" @@ -22008,7 +22109,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r, "ADCS r6, r6, r7\n\t" "ADC r5, r8, r8\n\t" "STR r6, [%[r], r4]\n\t" - "ADD r4, r4, #0x4\n\t" + "ADD r4, r4, #4\n\t" "CMP r4, #0xc0\n\t" #if defined(__GNUC__) "BLT L_sp_3072_cond_add_48_words_%=\n\t" @@ -22034,10 +22135,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r_p, @@ -22055,7 +22157,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "LDM %[a]!, {r6, r7}\n\t" "LDM %[b]!, {r8, r9}\n\t" "AND r8, r8, %[m]\n\t" @@ -22241,20 +22343,24 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -22393,8 +22499,8 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) { @@ -22461,12 +22567,14 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -22511,6 +22619,12 @@ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_3072 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_3072_lshift_96(sp_digit* r_p, const sp_digit* a_p, byte n_p) @@ -22526,7 +22640,7 @@ WC_OMIT_FRAME_POINTER static void sp_3072_lshift_96(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "RSB r7, %[n], #0x1f\n\t" + "RSB r7, %[n], #31\n\t" "LDR r5, [%[a], #380]\n\t" "LSR r6, r5, #1\n\t" "LSL r5, r5, %[n]\n\t" @@ -23116,13 +23230,15 @@ WC_OMIT_FRAME_POINTER static void sp_3072_lshift_96(sp_digit* r, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -23228,15 +23344,17 @@ static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -23294,12 +23412,14 @@ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -23351,10 +23471,10 @@ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_SP_4096 /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -23398,9 +23518,9 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -23487,8 +23607,8 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) /* Write r as big endian to byte array. * Fixed length number of bytes written: 512 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_4096_to_bin_128(sp_digit* r, byte* a) { @@ -23506,22 +23626,22 @@ static void sp_4096_to_bin_128(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_4096_norm_128(a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_4096_norm_128(a) #ifndef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, @@ -23776,9 +23896,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r_p, @@ -24019,8 +24139,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r, "ADCS r5, r5, r9\n\t" "ADCS r6, r6, r10\n\t" "STM %[r]!, {r3, r4, r5, r6}\n\t" - "MOV %[r], #0x0\n\t" - "ADC %[r], %[r], #0x0\n\t" + "MOV %[r], #0\n\t" + "ADC %[r], %[r], #0\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -24035,9 +24155,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r, /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -24074,8 +24194,8 @@ SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a) { @@ -24112,9 +24232,9 @@ SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r_p, @@ -24131,7 +24251,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADD r12, %[a], #0x200\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -24147,8 +24267,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r, "ADCS r6, r6, r10\n\t" "ADCS r7, r7, r11\n\t" "STM %[r]!, {r4, r5, r6, r7}\n\t" - "MOV r4, #0x0\n\t" - "ADC r3, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r3, r4, #0\n\t" "CMP %[a], r12\n\t" #if defined(__GNUC__) "BNE L_sp_4096_add_128_word_%=\n\t" @@ -24175,8 +24295,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, @@ -24192,7 +24312,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "ADD r11, %[a], #0x200\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -24200,7 +24320,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a, #else "L_sp_4096_sub_in_place_128_word_%=:\n\t" #endif - "RSBS r10, r10, #0x0\n\t" + "RSBS r10, r10, #0\n\t" "LDM %[a], {r2, r3, r4, r5}\n\t" "LDM %[b]!, {r6, r7, r8, r9}\n\t" "SBCS r2, r2, r6\n\t" @@ -24235,9 +24355,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_4096_mul_128(sp_digit* r_p, @@ -24259,9 +24379,9 @@ WC_OMIT_FRAME_POINTER static void sp_4096_mul_128(sp_digit* r, "LDR r11, [%[b]]\n\t" "UMULL r8, r6, lr, r11\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_4096_mul_128_outer:\n\t" @@ -24283,15 +24403,15 @@ WC_OMIT_FRAME_POINTER static void sp_4096_mul_128(sp_digit* r, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "LDR lr, [%[a], r4]\n\t" "LDR r11, [%[b], r3]\n\t" "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_4096_mul_128_inner_done_%=\n\t" @@ -24312,7 +24432,7 @@ WC_OMIT_FRAME_POINTER static void sp_4096_mul_128(sp_digit* r, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_4096_mul_128_inner_done:\n\t" @@ -24322,8 +24442,8 @@ WC_OMIT_FRAME_POINTER static void sp_4096_mul_128(sp_digit* r, "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x3f4\n\t" #if defined(__GNUC__) "BLE L_sp_4096_mul_128_outer_%=\n\t" @@ -24336,7 +24456,7 @@ WC_OMIT_FRAME_POINTER static void sp_4096_mul_128(sp_digit* r, "LDR r11, [%[b], #508]\n\t" "UMLAL r6, r7, lr, r11\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -24346,7 +24466,7 @@ WC_OMIT_FRAME_POINTER static void sp_4096_mul_128(sp_digit* r, #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_4096_mul_128_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -24368,8 +24488,8 @@ WC_OMIT_FRAME_POINTER static void sp_4096_mul_128(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r_p, @@ -24389,9 +24509,9 @@ WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r, "LDR lr, [%[a]]\n\t" "UMULL r8, r6, lr, lr\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_4096_sqr_128_outer:\n\t" @@ -24413,12 +24533,12 @@ WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_4096_sqr_128_inner_done_%=\n\t" @@ -24438,7 +24558,7 @@ WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r, "UMULL r9, r10, lr, lr\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_4096_sqr_128_inner_done:\n\t" @@ -24448,8 +24568,8 @@ WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r, "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x3f4\n\t" #if defined(__GNUC__) "BLE L_sp_4096_sqr_128_outer_%=\n\t" @@ -24461,7 +24581,7 @@ WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r, "LDR lr, [%[a], #508]\n\t" "UMLAL r6, r7, lr, lr\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -24471,7 +24591,7 @@ WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r, #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_4096_sqr_128_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -24494,8 +24614,8 @@ WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -24515,9 +24635,9 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r_p, @@ -24537,10 +24657,10 @@ WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r, /* A[0] * B */ "LDR r8, [%[a]]\n\t" "UMULL r5, r3, %[b], r8\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "STR r5, [%[r]]\n\t" - "MOV r5, #0x0\n\t" - "MOV r9, #0x4\n\t" + "MOV r5, #0\n\t" + "MOV r9, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_4096_mul_d_128_word:\n\t" @@ -24552,12 +24672,12 @@ WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r, "UMULL r6, r7, %[b], r8\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], r9]\n\t" "MOV r3, r4\n\t" "MOV r4, r5\n\t" - "MOV r5, #0x0\n\t" - "ADD r9, r9, #0x4\n\t" + "MOV r5, #0\n\t" + "ADD r9, r9, #4\n\t" "CMP r9, #0x200\n\t" #if defined(__GNUC__) "BLT L_sp_4096_mul_d_128_word_%=\n\t" @@ -24581,9 +24701,9 @@ WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r_p, @@ -24604,637 +24724,637 @@ WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r, "LDM %[a]!, {r8}\n\t" "UMULL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[1] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[2] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[3] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[4] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[5] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[6] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[7] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[8] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[9] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[10] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[11] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[12] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[13] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[14] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[15] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[16] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[17] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[18] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[19] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[20] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[21] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[22] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[23] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[24] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[25] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[26] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[27] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[28] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[29] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[30] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[31] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[32] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[33] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[34] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[35] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[36] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[37] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[38] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[39] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[40] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[41] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[42] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[43] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[44] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[45] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[46] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[47] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[48] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[49] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[50] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[51] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[52] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[53] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[54] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[55] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[56] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[57] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[58] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[59] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[60] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[61] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[62] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[63] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[64] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[65] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[66] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[67] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[68] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[69] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[70] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[71] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[72] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[73] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[74] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[75] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[76] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[77] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[78] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[79] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[80] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[81] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[82] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[83] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[84] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[85] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[86] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[87] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[88] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[89] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[90] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[91] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[92] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[93] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[94] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[95] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[96] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[97] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[98] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[99] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[100] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[101] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[102] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[103] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[104] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[105] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[106] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[107] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[108] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[109] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[110] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[111] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[112] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[113] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[114] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[115] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[116] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[117] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[118] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[119] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[120] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[121] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[122] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[123] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[124] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[125] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[126] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[127] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" @@ -25256,8 +25376,8 @@ WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r, /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 4096 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_4096_mont_norm_128(sp_digit* r, const sp_digit* m) { @@ -25272,10 +25392,11 @@ static void sp_4096_mont_norm_128(sp_digit* r, const sp_digit* m) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, @@ -25293,9 +25414,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r8, #0x0\n\t" - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r8, #0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_4096_cond_sub_128_words:\n\t" @@ -25309,7 +25430,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r, "SBCS r6, r6, r7\n\t" "SBC r4, r8, r8\n\t" "STR r6, [%[r], r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x200\n\t" #if defined(__GNUC__) "BLT L_sp_4096_cond_sub_128_words_%=\n\t" @@ -25335,10 +25456,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, @@ -25356,7 +25478,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "LDM %[a]!, {r6, r7}\n\t" "LDM %[b]!, {r8, r9}\n\t" "AND r8, r8, %[m]\n\t" @@ -25823,9 +25945,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r, #ifndef WOLFSSL_SP_SMALL /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( @@ -25844,8 +25967,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( __asm__ __volatile__ ( "LDR lr, [%[m]]\n\t" /* i = 0 */ - "MOV r11, #0x0\n\t" - "MOV r3, #0x0\n\t" + "MOV r11, #0\n\t" + "MOV r3, #0\n\t" "LDR r4, [%[a]]\n\t" "LDR r5, [%[a], #4]\n\t" "\n" @@ -25857,1031 +25980,1031 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( /* mu = a[i] * mp */ "MUL r10, %[mp], r4\n\t" /* a[i+0] += m[0] * mu */ - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r4, r7, r10, lr\n\t" /* a[i+1] += m[1] * mu */ "LDR r9, [%[m], #4]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r5, r6, r10, r9\n\t" "MOV r4, r5\n\t" "ADDS r4, r4, r7\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+2] += m[2] * mu */ "LDR r9, [%[m], #8]\n\t" "LDR r5, [%[a], #8]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r5, r7, r10, r9\n\t" "ADDS r5, r5, r6\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+3] += m[3] * mu */ "LDR r9, [%[m], #12]\n\t" "LDR r12, [%[a], #12]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #12]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+4] += m[4] * mu */ "LDR r9, [%[m], #16]\n\t" "LDR r12, [%[a], #16]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #16]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+5] += m[5] * mu */ "LDR r9, [%[m], #20]\n\t" "LDR r12, [%[a], #20]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #20]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+6] += m[6] * mu */ "LDR r9, [%[m], #24]\n\t" "LDR r12, [%[a], #24]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #24]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+7] += m[7] * mu */ "LDR r9, [%[m], #28]\n\t" "LDR r12, [%[a], #28]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #28]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+8] += m[8] * mu */ "LDR r9, [%[m], #32]\n\t" "LDR r12, [%[a], #32]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #32]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+9] += m[9] * mu */ "LDR r9, [%[m], #36]\n\t" "LDR r12, [%[a], #36]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #36]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+10] += m[10] * mu */ "LDR r9, [%[m], #40]\n\t" "LDR r12, [%[a], #40]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #40]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+11] += m[11] * mu */ "LDR r9, [%[m], #44]\n\t" "LDR r12, [%[a], #44]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #44]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+12] += m[12] * mu */ "LDR r9, [%[m], #48]\n\t" "LDR r12, [%[a], #48]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #48]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+13] += m[13] * mu */ "LDR r9, [%[m], #52]\n\t" "LDR r12, [%[a], #52]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #52]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+14] += m[14] * mu */ "LDR r9, [%[m], #56]\n\t" "LDR r12, [%[a], #56]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #56]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+15] += m[15] * mu */ "LDR r9, [%[m], #60]\n\t" "LDR r12, [%[a], #60]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #60]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+16] += m[16] * mu */ "LDR r9, [%[m], #64]\n\t" "LDR r12, [%[a], #64]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #64]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+17] += m[17] * mu */ "LDR r9, [%[m], #68]\n\t" "LDR r12, [%[a], #68]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #68]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+18] += m[18] * mu */ "LDR r9, [%[m], #72]\n\t" "LDR r12, [%[a], #72]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #72]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+19] += m[19] * mu */ "LDR r9, [%[m], #76]\n\t" "LDR r12, [%[a], #76]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #76]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+20] += m[20] * mu */ "LDR r9, [%[m], #80]\n\t" "LDR r12, [%[a], #80]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #80]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+21] += m[21] * mu */ "LDR r9, [%[m], #84]\n\t" "LDR r12, [%[a], #84]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #84]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+22] += m[22] * mu */ "LDR r9, [%[m], #88]\n\t" "LDR r12, [%[a], #88]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #88]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+23] += m[23] * mu */ "LDR r9, [%[m], #92]\n\t" "LDR r12, [%[a], #92]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #92]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+24] += m[24] * mu */ "LDR r9, [%[m], #96]\n\t" "LDR r12, [%[a], #96]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #96]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+25] += m[25] * mu */ "LDR r9, [%[m], #100]\n\t" "LDR r12, [%[a], #100]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #100]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+26] += m[26] * mu */ "LDR r9, [%[m], #104]\n\t" "LDR r12, [%[a], #104]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #104]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+27] += m[27] * mu */ "LDR r9, [%[m], #108]\n\t" "LDR r12, [%[a], #108]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #108]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+28] += m[28] * mu */ "LDR r9, [%[m], #112]\n\t" "LDR r12, [%[a], #112]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #112]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+29] += m[29] * mu */ "LDR r9, [%[m], #116]\n\t" "LDR r12, [%[a], #116]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #116]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+30] += m[30] * mu */ "LDR r9, [%[m], #120]\n\t" "LDR r12, [%[a], #120]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #120]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+31] += m[31] * mu */ "LDR r9, [%[m], #124]\n\t" "LDR r12, [%[a], #124]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #124]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+32] += m[32] * mu */ "LDR r9, [%[m], #128]\n\t" "LDR r12, [%[a], #128]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #128]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+33] += m[33] * mu */ "LDR r9, [%[m], #132]\n\t" "LDR r12, [%[a], #132]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #132]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+34] += m[34] * mu */ "LDR r9, [%[m], #136]\n\t" "LDR r12, [%[a], #136]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #136]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+35] += m[35] * mu */ "LDR r9, [%[m], #140]\n\t" "LDR r12, [%[a], #140]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #140]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+36] += m[36] * mu */ "LDR r9, [%[m], #144]\n\t" "LDR r12, [%[a], #144]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #144]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+37] += m[37] * mu */ "LDR r9, [%[m], #148]\n\t" "LDR r12, [%[a], #148]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #148]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+38] += m[38] * mu */ "LDR r9, [%[m], #152]\n\t" "LDR r12, [%[a], #152]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #152]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+39] += m[39] * mu */ "LDR r9, [%[m], #156]\n\t" "LDR r12, [%[a], #156]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #156]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+40] += m[40] * mu */ "LDR r9, [%[m], #160]\n\t" "LDR r12, [%[a], #160]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #160]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+41] += m[41] * mu */ "LDR r9, [%[m], #164]\n\t" "LDR r12, [%[a], #164]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #164]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+42] += m[42] * mu */ "LDR r9, [%[m], #168]\n\t" "LDR r12, [%[a], #168]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #168]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+43] += m[43] * mu */ "LDR r9, [%[m], #172]\n\t" "LDR r12, [%[a], #172]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #172]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+44] += m[44] * mu */ "LDR r9, [%[m], #176]\n\t" "LDR r12, [%[a], #176]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #176]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+45] += m[45] * mu */ "LDR r9, [%[m], #180]\n\t" "LDR r12, [%[a], #180]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #180]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+46] += m[46] * mu */ "LDR r9, [%[m], #184]\n\t" "LDR r12, [%[a], #184]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #184]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+47] += m[47] * mu */ "LDR r9, [%[m], #188]\n\t" "LDR r12, [%[a], #188]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #188]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+48] += m[48] * mu */ "LDR r9, [%[m], #192]\n\t" "LDR r12, [%[a], #192]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #192]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+49] += m[49] * mu */ "LDR r9, [%[m], #196]\n\t" "LDR r12, [%[a], #196]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #196]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+50] += m[50] * mu */ "LDR r9, [%[m], #200]\n\t" "LDR r12, [%[a], #200]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #200]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+51] += m[51] * mu */ "LDR r9, [%[m], #204]\n\t" "LDR r12, [%[a], #204]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #204]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+52] += m[52] * mu */ "LDR r9, [%[m], #208]\n\t" "LDR r12, [%[a], #208]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #208]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+53] += m[53] * mu */ "LDR r9, [%[m], #212]\n\t" "LDR r12, [%[a], #212]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #212]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+54] += m[54] * mu */ "LDR r9, [%[m], #216]\n\t" "LDR r12, [%[a], #216]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #216]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+55] += m[55] * mu */ "LDR r9, [%[m], #220]\n\t" "LDR r12, [%[a], #220]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #220]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+56] += m[56] * mu */ "LDR r9, [%[m], #224]\n\t" "LDR r12, [%[a], #224]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #224]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+57] += m[57] * mu */ "LDR r9, [%[m], #228]\n\t" "LDR r12, [%[a], #228]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #228]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+58] += m[58] * mu */ "LDR r9, [%[m], #232]\n\t" "LDR r12, [%[a], #232]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #232]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+59] += m[59] * mu */ "LDR r9, [%[m], #236]\n\t" "LDR r12, [%[a], #236]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #236]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+60] += m[60] * mu */ "LDR r9, [%[m], #240]\n\t" "LDR r12, [%[a], #240]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #240]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+61] += m[61] * mu */ "LDR r9, [%[m], #244]\n\t" "LDR r12, [%[a], #244]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #244]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+62] += m[62] * mu */ "LDR r9, [%[m], #248]\n\t" "LDR r12, [%[a], #248]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #248]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+63] += m[63] * mu */ "LDR r9, [%[m], #252]\n\t" "LDR r12, [%[a], #252]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #252]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+64] += m[64] * mu */ "LDR r9, [%[m], #256]\n\t" "LDR r12, [%[a], #256]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #256]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+65] += m[65] * mu */ "LDR r9, [%[m], #260]\n\t" "LDR r12, [%[a], #260]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #260]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+66] += m[66] * mu */ "LDR r9, [%[m], #264]\n\t" "LDR r12, [%[a], #264]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #264]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+67] += m[67] * mu */ "LDR r9, [%[m], #268]\n\t" "LDR r12, [%[a], #268]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #268]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+68] += m[68] * mu */ "LDR r9, [%[m], #272]\n\t" "LDR r12, [%[a], #272]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #272]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+69] += m[69] * mu */ "LDR r9, [%[m], #276]\n\t" "LDR r12, [%[a], #276]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #276]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+70] += m[70] * mu */ "LDR r9, [%[m], #280]\n\t" "LDR r12, [%[a], #280]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #280]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+71] += m[71] * mu */ "LDR r9, [%[m], #284]\n\t" "LDR r12, [%[a], #284]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #284]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+72] += m[72] * mu */ "LDR r9, [%[m], #288]\n\t" "LDR r12, [%[a], #288]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #288]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+73] += m[73] * mu */ "LDR r9, [%[m], #292]\n\t" "LDR r12, [%[a], #292]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #292]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+74] += m[74] * mu */ "LDR r9, [%[m], #296]\n\t" "LDR r12, [%[a], #296]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #296]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+75] += m[75] * mu */ "LDR r9, [%[m], #300]\n\t" "LDR r12, [%[a], #300]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #300]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+76] += m[76] * mu */ "LDR r9, [%[m], #304]\n\t" "LDR r12, [%[a], #304]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #304]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+77] += m[77] * mu */ "LDR r9, [%[m], #308]\n\t" "LDR r12, [%[a], #308]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #308]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+78] += m[78] * mu */ "LDR r9, [%[m], #312]\n\t" "LDR r12, [%[a], #312]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #312]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+79] += m[79] * mu */ "LDR r9, [%[m], #316]\n\t" "LDR r12, [%[a], #316]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #316]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+80] += m[80] * mu */ "LDR r9, [%[m], #320]\n\t" "LDR r12, [%[a], #320]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #320]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+81] += m[81] * mu */ "LDR r9, [%[m], #324]\n\t" "LDR r12, [%[a], #324]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #324]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+82] += m[82] * mu */ "LDR r9, [%[m], #328]\n\t" "LDR r12, [%[a], #328]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #328]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+83] += m[83] * mu */ "LDR r9, [%[m], #332]\n\t" "LDR r12, [%[a], #332]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #332]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+84] += m[84] * mu */ "LDR r9, [%[m], #336]\n\t" "LDR r12, [%[a], #336]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #336]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+85] += m[85] * mu */ "LDR r9, [%[m], #340]\n\t" "LDR r12, [%[a], #340]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #340]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+86] += m[86] * mu */ "LDR r9, [%[m], #344]\n\t" "LDR r12, [%[a], #344]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #344]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+87] += m[87] * mu */ "LDR r9, [%[m], #348]\n\t" "LDR r12, [%[a], #348]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #348]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+88] += m[88] * mu */ "LDR r9, [%[m], #352]\n\t" "LDR r12, [%[a], #352]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #352]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+89] += m[89] * mu */ "LDR r9, [%[m], #356]\n\t" "LDR r12, [%[a], #356]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #356]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+90] += m[90] * mu */ "LDR r9, [%[m], #360]\n\t" "LDR r12, [%[a], #360]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #360]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+91] += m[91] * mu */ "LDR r9, [%[m], #364]\n\t" "LDR r12, [%[a], #364]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #364]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+92] += m[92] * mu */ "LDR r9, [%[m], #368]\n\t" "LDR r12, [%[a], #368]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #368]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+93] += m[93] * mu */ "LDR r9, [%[m], #372]\n\t" "LDR r12, [%[a], #372]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #372]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+94] += m[94] * mu */ "LDR r9, [%[m], #376]\n\t" "LDR r12, [%[a], #376]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #376]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+95] += m[95] * mu */ "LDR r9, [%[m], #380]\n\t" "LDR r12, [%[a], #380]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #380]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+96] += m[96] * mu */ "LDR r9, [%[m], #384]\n\t" "LDR r12, [%[a], #384]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #384]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+97] += m[97] * mu */ "LDR r9, [%[m], #388]\n\t" "LDR r12, [%[a], #388]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #388]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+98] += m[98] * mu */ "LDR r9, [%[m], #392]\n\t" "LDR r12, [%[a], #392]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #392]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+99] += m[99] * mu */ "LDR r9, [%[m], #396]\n\t" "LDR r12, [%[a], #396]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #396]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+100] += m[100] * mu */ "LDR r9, [%[m], #400]\n\t" "LDR r12, [%[a], #400]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #400]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+101] += m[101] * mu */ "LDR r9, [%[m], #404]\n\t" "LDR r12, [%[a], #404]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #404]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+102] += m[102] * mu */ "LDR r9, [%[m], #408]\n\t" "LDR r12, [%[a], #408]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #408]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+103] += m[103] * mu */ "LDR r9, [%[m], #412]\n\t" "LDR r12, [%[a], #412]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #412]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+104] += m[104] * mu */ "LDR r9, [%[m], #416]\n\t" "LDR r12, [%[a], #416]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #416]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+105] += m[105] * mu */ "LDR r9, [%[m], #420]\n\t" "LDR r12, [%[a], #420]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #420]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+106] += m[106] * mu */ "LDR r9, [%[m], #424]\n\t" "LDR r12, [%[a], #424]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #424]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+107] += m[107] * mu */ "LDR r9, [%[m], #428]\n\t" "LDR r12, [%[a], #428]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #428]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+108] += m[108] * mu */ "LDR r9, [%[m], #432]\n\t" "LDR r12, [%[a], #432]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #432]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+109] += m[109] * mu */ "LDR r9, [%[m], #436]\n\t" "LDR r12, [%[a], #436]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #436]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+110] += m[110] * mu */ "LDR r9, [%[m], #440]\n\t" "LDR r12, [%[a], #440]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #440]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+111] += m[111] * mu */ "LDR r9, [%[m], #444]\n\t" "LDR r12, [%[a], #444]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #444]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+112] += m[112] * mu */ "LDR r9, [%[m], #448]\n\t" "LDR r12, [%[a], #448]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #448]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+113] += m[113] * mu */ "LDR r9, [%[m], #452]\n\t" "LDR r12, [%[a], #452]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #452]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+114] += m[114] * mu */ "LDR r9, [%[m], #456]\n\t" "LDR r12, [%[a], #456]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #456]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+115] += m[115] * mu */ "LDR r9, [%[m], #460]\n\t" "LDR r12, [%[a], #460]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #460]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+116] += m[116] * mu */ "LDR r9, [%[m], #464]\n\t" "LDR r12, [%[a], #464]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #464]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+117] += m[117] * mu */ "LDR r9, [%[m], #468]\n\t" "LDR r12, [%[a], #468]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #468]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+118] += m[118] * mu */ "LDR r9, [%[m], #472]\n\t" "LDR r12, [%[a], #472]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #472]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+119] += m[119] * mu */ "LDR r9, [%[m], #476]\n\t" "LDR r12, [%[a], #476]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #476]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+120] += m[120] * mu */ "LDR r9, [%[m], #480]\n\t" "LDR r12, [%[a], #480]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #480]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+121] += m[121] * mu */ "LDR r9, [%[m], #484]\n\t" "LDR r12, [%[a], #484]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #484]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+122] += m[122] * mu */ "LDR r9, [%[m], #488]\n\t" "LDR r12, [%[a], #488]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #488]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+123] += m[123] * mu */ "LDR r9, [%[m], #492]\n\t" "LDR r12, [%[a], #492]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #492]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+124] += m[124] * mu */ "LDR r9, [%[m], #496]\n\t" "LDR r12, [%[a], #496]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #496]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+125] += m[125] * mu */ "LDR r9, [%[m], #500]\n\t" "LDR r12, [%[a], #500]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #500]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+126] += m[126] * mu */ "LDR r9, [%[m], #504]\n\t" "LDR r12, [%[a], #504]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #504]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+127] += m[127] * mu */ "LDR r9, [%[m], #508]\n\t" "LDR r12, [%[a], #508]\n\t" "UMULL r8, r9, r10, r9\n\t" "ADDS r7, r7, r8\n\t" "ADCS r6, r9, r3\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADC r3, r3, r3\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #508]\n\t" "LDR r12, [%[a], #512]\n\t" "ADCS r12, r12, r6\n\t" "STR r12, [%[a], #512]\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* i += 1 */ - "ADD r11, r11, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r11, r11, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r11, #0x200\n\t" #if defined(__GNUC__) "BLT L_sp_4096_mont_reduce_128_word_%=\n\t" @@ -26910,9 +27033,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( #else /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( @@ -26931,9 +27055,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( __asm__ __volatile__ ( "LDR r11, [%[m]]\n\t" /* i = 0 */ - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" /* ca = 0 */ - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_4096_mont_reduce_128_word:\n\t" @@ -26944,8 +27068,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( "LDR r10, [%[a]]\n\t" "MUL r8, %[mp], r10\n\t" /* j = 0 */ - "MOV r12, #0x0\n\t" - "MOV r4, #0x0\n\t" + "MOV r12, #0\n\t" + "MOV r4, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_4096_mont_reduce_128_mul:\n\t" @@ -26955,43 +27079,43 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( /* a[i+j+0] += m[j+0] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+1] += m[j+1] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+2] += m[j+2] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+3] += m[j+3] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r8, r7\n\t" "ADDS r10, r10, r4\n\t" "STR r10, [%[a], r12]\n\t" - "ADC r4, r5, #0x0\n\t" + "ADC r4, r5, #0\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" "CMP r12, #0x200\n\t" #if defined(__GNUC__) "BLT L_sp_4096_mont_reduce_128_mul_%=\n\t" @@ -27002,14 +27126,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( #endif "LDR r10, [%[a], #512]\n\t" "ADDS r4, r4, r3\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r10, r10, r4\n\t" "ADC r3, r3, r3\n\t" "STR r10, [%[a], #512]\n\t" /* i += 1 */ - "ADD r9, r9, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r9, r9, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r9, #0x200\n\t" #if defined(__GNUC__) "BLT L_sp_4096_mont_reduce_128_word_%=\n\t" @@ -27038,9 +27162,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( #ifndef WOLFSSL_SP_SMALL /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( @@ -27058,8 +27183,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( __asm__ __volatile__ ( /* i = 0 */ - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "LDR r6, [%[a]]\n\t" "LDR r7, [%[a], #4]\n\t" "LDR r8, [%[a], #8]\n\t" @@ -27075,7 +27200,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( "MUL lr, %[mp], r6\n\t" /* a[i+0] += m[0] * mu */ "LDR r12, [%[m]]\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "UMAAL r6, r3, lr, r12\n\t" /* a[i+1] += m[1] * mu */ "LDR r12, [%[m], #4]\n\t" @@ -27707,15 +27832,15 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( "LDR r11, [%[a], #508]\n\t" "UMAAL r11, r3, lr, r12\n\t" "LDR lr, [%[a], #512]\n\t" - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "UMAAL r3, lr, r12, r12\n\t" "STR r11, [%[a], #508]\n\t" "ADDS r3, r3, r5\n\t" - "ADC r5, lr, #0x0\n\t" + "ADC r5, lr, #0\n\t" "STR r3, [%[a], #512]\n\t" /* i += 1 */ - "ADD r4, r4, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r4, r4, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r4, #0x200\n\t" #if defined(__GNUC__) "BLT L_sp_4096_mont_reduce_128_word_%=\n\t" @@ -27747,9 +27872,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( #else /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( @@ -27768,9 +27894,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( __asm__ __volatile__ ( "LDR r11, [%[m]]\n\t" /* i = 0 */ - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" /* ca = 0 */ - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_4096_mont_reduce_128_word:\n\t" @@ -27781,8 +27907,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( "LDR r10, [%[a]]\n\t" "MUL r8, %[mp], r10\n\t" /* j = 0 */ - "MOV r12, #0x0\n\t" - "MOV r4, #0x0\n\t" + "MOV r12, #0\n\t" + "MOV r4, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_4096_mont_reduce_128_mul:\n\t" @@ -27795,28 +27921,28 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+1] += m[j+1] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+2] += m[j+2] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" /* a[i+j+3] += m[j+3] * mu */ "LDR r7, [%[m], r12]\n\t" "LDR r10, [%[a], r12]\n\t" "UMAAL r10, r4, r8, r7\n\t" "STR r10, [%[a], r12]\n\t" /* j += 1 */ - "ADD r12, r12, #0x4\n\t" + "ADD r12, r12, #4\n\t" "CMP r12, #0x200\n\t" #if defined(__GNUC__) "BLT L_sp_4096_mont_reduce_128_mul_%=\n\t" @@ -27827,14 +27953,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( #endif "LDR r10, [%[a], #512]\n\t" "ADDS r4, r4, r3\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r10, r10, r4\n\t" "ADC r3, r3, r3\n\t" "STR r10, [%[a], #512]\n\t" /* i += 1 */ - "ADD r9, r9, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r9, r9, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r9, #0x200\n\t" #if defined(__GNUC__) "BLT L_sp_4096_mont_reduce_128_word_%=\n\t" @@ -27863,11 +27989,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -27878,10 +28004,10 @@ SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -27893,9 +28019,9 @@ SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r_p, @@ -27912,7 +28038,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "ADD r12, %[a], #0x200\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -27920,7 +28046,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r, #else "L_sp_4096_sub_128_word_%=:\n\t" #endif - "RSBS r11, r11, #0x0\n\t" + "RSBS r11, r11, #0\n\t" "LDM %[a]!, {r3, r4, r5, r6}\n\t" "LDM %[b]!, {r7, r8, r9, r10}\n\t" "SBCS r3, r3, r7\n\t" @@ -27954,9 +28080,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r_p, @@ -28214,10 +28340,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -28237,7 +28364,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_4096_word_128(sp_digit d1, __asm__ __volatile__ ( "LSR r8, %[div], #16\n\t" - "ADD r5, r8, #0x1\n\t" + "ADD r5, r8, #1\n\t" "UDIV r6, %[d1], r5\n\t" "LSL r7, %[div], #16\n\t" "LSL r6, r6, #16\n\t" @@ -28246,8 +28373,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_4096_word_128(sp_digit d1, "SBC %[d1], %[d1], r4\n\t" "SUBS r3, %[d1], r5\n\t" "SBC r9, r9, r9\n\t" - "ADD r9, r9, #0x1\n\t" - "RSB r10, r9, #0x0\n\t" + "ADD r9, r9, #1\n\t" + "RSB r10, r9, #0\n\t" "LSL r9, r9, #16\n\t" "AND r7, r7, r10\n\t" "AND r8, r8, r10\n\t" @@ -28286,10 +28413,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_4096_word_128(sp_digit d1, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -28309,18 +28437,18 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_4096_word_128(sp_digit d1, __asm__ __volatile__ ( "LSR r5, %[div], #1\n\t" - "ADD r5, r5, #0x1\n\t" + "ADD r5, r5, #1\n\t" "MOV r6, %[d0]\n\t" "MOV r7, %[d1]\n\t" /* Do top 32 */ "SUBS r8, r5, r7\n\t" "SBC r8, r8, r8\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" /* Next 30 bits */ - "MOV r4, #0x1d\n\t" + "MOV r4, #29\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_div_4096_word_128_bit:\n\t" @@ -28335,7 +28463,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_4096_word_128(sp_digit d1, "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" - "SUBS r4, r4, #0x1\n\t" + "SUBS r4, r4, #1\n\t" #if defined(__GNUC__) "BPL L_div_4096_word_128_bit_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -28344,7 +28472,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_4096_word_128(sp_digit d1, "BPL.N L_div_4096_word_128_bit_%=\n\t" #endif "ADD r3, r3, r3\n\t" - "ADD r3, r3, #0x1\n\t" + "ADD r3, r3, #1\n\t" "UMULL r6, r7, r3, %[div]\n\t" "SUBS r9, %[d0], r6\n\t" "SBC r10, %[d1], r7\n\t" @@ -28376,11 +28504,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_4096_word_128(sp_digit d1, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -28434,10 +28563,11 @@ static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_mod_128_cond(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -28448,9 +28578,9 @@ static WC_INLINE int sp_4096_mod_128_cond(sp_digit* r, const sp_digit* a, const #if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY) /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_4096_mask_128(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -28478,10 +28608,11 @@ static void sp_4096_mask_128(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_4096_cmp_128(const sp_digit* a_p, @@ -28498,8 +28629,8 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_4096_cmp_128(const sp_digit* a, __asm__ __volatile__ ( "MOV r2, #0xffffffff\n\t" - "MOV r8, #0x1\n\t" - "MOV r7, #0x0\n\t" + "MOV r8, #1\n\t" + "MOV r7, #0\n\t" "MOV r3, #0xffffffff\n\t" #ifdef WOLFSSL_SP_SMALL "MOV r6, #0x1fc\n\t" @@ -28520,7 +28651,7 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_4096_cmp_128(const sp_digit* a, "movlo r2, r3\n\t" "IT ne\n\t" "movne r3, r7\n\t" - "SUBS r6, r6, #0x4\n\t" + "SUBS r6, r6, #4\n\t" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "bcs L_sp_4096_cmp_128_words\n\t" #else @@ -29954,11 +30085,12 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_4096_cmp_128(const sp_digit* a, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -29996,10 +30128,11 @@ static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_mod_128(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -30012,14 +30145,17 @@ static WC_INLINE int sp_4096_mod_128(sp_digit* r, const sp_digit* a, const sp_di #ifdef WOLFSSL_SP_SMALL /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -30140,14 +30276,17 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e #else /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -30281,15 +30420,19 @@ static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -30430,10 +30573,11 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r_p, @@ -30451,9 +30595,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r5, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r4, #0x0\n\t" + "MOV r5, #0\n\t" + "MOV r8, #0\n\t" + "MOV r4, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_4096_cond_add_64_words:\n\t" @@ -30467,7 +30611,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r, "ADCS r6, r6, r7\n\t" "ADC r5, r8, r8\n\t" "STR r6, [%[r], r4]\n\t" - "ADD r4, r4, #0x4\n\t" + "ADD r4, r4, #4\n\t" "CMP r4, #0x100\n\t" #if defined(__GNUC__) "BLT L_sp_4096_cond_add_64_words_%=\n\t" @@ -30493,10 +30637,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r_p, @@ -30514,7 +30659,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "LDM %[a]!, {r6, r7}\n\t" "LDM %[b]!, {r8, r9}\n\t" "AND r8, r8, %[m]\n\t" @@ -30756,20 +30901,24 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r, #endif /* !SP_RSA_PRIVATE_EXP_D && !RSA_LOW_MEM */ /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to + * exponentiate, base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -30908,8 +31057,8 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) { @@ -30976,12 +31125,14 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -31026,6 +31177,12 @@ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod, #ifdef WOLFSSL_HAVE_SP_DH #ifdef HAVE_FFDHE_4096 +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_4096_lshift_128(sp_digit* r_p, const sp_digit* a_p, byte n_p) @@ -31041,7 +31198,7 @@ WC_OMIT_FRAME_POINTER static void sp_4096_lshift_128(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "RSB r7, %[n], #0x1f\n\t" + "RSB r7, %[n], #31\n\t" "LDR r5, [%[a], #508]\n\t" "LSR r6, r5, #1\n\t" "LSL r5, r5, %[n]\n\t" @@ -31823,13 +31980,15 @@ WC_OMIT_FRAME_POINTER static void sp_4096_lshift_128(sp_digit* r, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -31935,15 +32094,17 @@ static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in, out] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -32091,9 +32252,9 @@ static const sp_digit p256_b[8] = { #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r_p, @@ -32115,16 +32276,16 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a, "LDR r11, [%[b]]\n\t" "UMULL r8, r6, lr, r11\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_256_mul_8_outer:\n\t" #else "L_sp_256_mul_8_outer_%=:\n\t" #endif - "SUBS r3, r5, #0x1c\n\t" + "SUBS r3, r5, #28\n\t" "IT cc\n\t" "MOVCC r3, #0x0\n\t" "SUB r4, r5, r3\n\t" @@ -32139,15 +32300,15 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "LDR lr, [%[a], r4]\n\t" "LDR r11, [%[b], r3]\n\t" "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_256_mul_8_inner_done_%=\n\t" @@ -32168,7 +32329,7 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_256_mul_8_inner_done:\n\t" @@ -32178,9 +32339,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a, "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" - "CMP r5, #0x34\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" + "CMP r5, #52\n\t" #if defined(__GNUC__) "BLE L_sp_256_mul_8_outer_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -32192,7 +32353,7 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a, "LDR r11, [%[b], #28]\n\t" "UMLAL r6, r7, lr, r11\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -32202,7 +32363,7 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a, #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_256_mul_8_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -32226,9 +32387,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_ARM_ARCH_7M /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mul_8(sp_digit* r_p, @@ -32245,9 +32406,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mul_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "SUB sp, sp, #0x24\n\t" + "SUB sp, sp, #36\n\t" "STR %[r], [sp, #32]\n\t" - "MOV %[r], #0x0\n\t" + "MOV %[r], #0\n\t" "LDR r12, [%[a]]\n\t" /* A[0] * B[0] */ "LDR lr, [%[b]]\n\t" @@ -32269,315 +32430,315 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mul_8(sp_digit* r, "ADDS r5, r5, r11\n\t" /* A[0] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADCS r6, r6, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r6, r6, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[0] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADCS r8, r8, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r8, r8, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[0] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADCS r10, r10, #0x0\n\t" - "ADC r3, %[r], #0x0\n\t" + "ADCS r10, r10, #0\n\t" + "ADC r3, %[r], #0\n\t" "UMLAL r10, r3, r12, lr\n\t" /* A[1] * B[0] */ "LDR r12, [%[a], #4]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "STR r4, [sp, #4]\n\t" "ADDS r5, r5, r11\n\t" /* A[1] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[1] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[1] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[1] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[1] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[1] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[1] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r4, %[r], #0x0\n\t" + "ADC r4, %[r], #0\n\t" "UMLAL r3, r4, r12, lr\n\t" /* A[2] * B[0] */ "LDR r12, [%[a], #8]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "STR r5, [sp, #8]\n\t" "ADDS r6, r6, r11\n\t" /* A[2] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[2] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[2] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[2] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[2] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[2] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[2] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r5, %[r], #0x0\n\t" + "ADC r5, %[r], #0\n\t" "UMLAL r4, r5, r12, lr\n\t" /* A[3] * B[0] */ "LDR r12, [%[a], #12]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "STR r6, [sp, #12]\n\t" "ADDS r7, r7, r11\n\t" /* A[3] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[3] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[3] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[3] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[3] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[3] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[3] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r6, %[r], #0x0\n\t" + "ADC r6, %[r], #0\n\t" "UMLAL r5, r6, r12, lr\n\t" /* A[4] * B[0] */ "LDR r12, [%[a], #16]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "STR r7, [sp, #16]\n\t" "ADDS r8, r8, r11\n\t" /* A[4] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[4] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[4] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[4] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[4] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[4] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[4] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r7, %[r], #0x0\n\t" + "ADC r7, %[r], #0\n\t" "UMLAL r6, r7, r12, lr\n\t" /* A[5] * B[0] */ "LDR r12, [%[a], #20]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "STR r8, [sp, #20]\n\t" "ADDS r9, r9, r11\n\t" /* A[5] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[5] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[5] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[5] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[5] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[5] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[5] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r8, %[r], #0x0\n\t" + "ADC r8, %[r], #0\n\t" "UMLAL r7, r8, r12, lr\n\t" /* A[6] * B[0] */ "LDR r12, [%[a], #24]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "STR r9, [sp, #24]\n\t" "ADDS r10, r10, r11\n\t" /* A[6] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[6] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[6] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[6] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[6] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[6] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[6] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r9, %[r], #0x0\n\t" + "ADC r9, %[r], #0\n\t" "UMLAL r8, r9, r12, lr\n\t" /* A[7] * B[0] */ "LDR r12, [%[a], #28]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "STR r10, [sp, #28]\n\t" "ADDS r3, r3, r11\n\t" /* A[7] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[7] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[7] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[7] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[7] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[7] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[7] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r10, %[r], #0x0\n\t" + "ADC r10, %[r], #0\n\t" "UMLAL r9, r10, r12, lr\n\t" "LDR %[r], [sp, #32]\n\t" - "ADD %[r], %[r], #0x20\n\t" + "ADD %[r], %[r], #32\n\t" "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" "LDM sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" - "SUB %[r], %[r], #0x20\n\t" + "SUB %[r], %[r], #32\n\t" "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" - "ADD sp, sp, #0x24\n\t" + "ADD sp, sp, #36\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -32593,9 +32754,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mul_8(sp_digit* r, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mul_8(sp_digit* r_p, @@ -32612,7 +32773,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mul_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "SUB sp, sp, #0x2c\n\t" + "SUB sp, sp, #44\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG "STRD %[r], %[a], [sp, #36]\n\t" #else @@ -32642,54 +32803,54 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mul_8(sp_digit* r, "UMAAL r9, r10, r2, r4\n\t" "UMAAL r10, r11, r3, r4\n\t" "LDM lr, {r4, r5, r6, r7}\n\t" - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "UMLAL r8, r12, r0, r4\n\t" "UMAAL r9, r12, r1, r4\n\t" "UMAAL r10, r12, r2, r4\n\t" "UMAAL r11, r12, r3, r4\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "UMLAL r9, r4, r0, r5\n\t" "UMAAL r10, r4, r1, r5\n\t" "UMAAL r11, r4, r2, r5\n\t" "UMAAL r12, r4, r3, r5\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r0, r6\n\t" "UMAAL r11, r5, r1, r6\n\t" "UMAAL r12, r5, r2, r6\n\t" "UMAAL r4, r5, r3, r6\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r11, r6, r0, r7\n\t" "LDR r0, [sp, #40]\n\t" "UMAAL r12, r6, r1, r7\n\t" - "ADD r0, r0, #0x10\n\t" + "ADD r0, r0, #16\n\t" "UMAAL r4, r6, r2, r7\n\t" - "SUB lr, lr, #0x10\n\t" + "SUB lr, lr, #16\n\t" "UMAAL r5, r6, r3, r7\n\t" "LDM r0, {r0, r1, r2, r3}\n\t" "STR r6, [sp, #32]\n\t" "LDM lr!, {r6}\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r8, r7, r0, r6\n\t" "UMAAL r9, r7, r1, r6\n\t" "STR r8, [sp, #16]\n\t" "UMAAL r10, r7, r2, r6\n\t" "UMAAL r11, r7, r3, r6\n\t" "LDM lr!, {r6}\n\t" - "MOV r8, #0x0\n\t" + "MOV r8, #0\n\t" "UMLAL r9, r8, r0, r6\n\t" "UMAAL r10, r8, r1, r6\n\t" "STR r9, [sp, #20]\n\t" "UMAAL r11, r8, r2, r6\n\t" "UMAAL r12, r8, r3, r6\n\t" "LDM lr!, {r6}\n\t" - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" "UMLAL r10, r9, r0, r6\n\t" "UMAAL r11, r9, r1, r6\n\t" "STR r10, [sp, #24]\n\t" "UMAAL r12, r9, r2, r6\n\t" "UMAAL r4, r9, r3, r6\n\t" "LDM lr!, {r6}\n\t" - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "UMLAL r11, r10, r0, r6\n\t" "UMAAL r12, r10, r1, r6\n\t" "STR r11, [sp, #28]\n\t" @@ -32717,12 +32878,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mul_8(sp_digit* r, "UMAAL r9, r10, r3, lr\n\t" "MOV r3, r12\n\t" "LDR lr, [sp, #36]\n\t" - "ADD lr, lr, #0x20\n\t" + "ADD lr, lr, #32\n\t" "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" - "SUB lr, lr, #0x20\n\t" + "SUB lr, lr, #32\n\t" "LDM sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" - "ADD sp, sp, #0x2c\n\t" + "ADD sp, sp, #44\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -32740,8 +32901,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mul_8(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r_p, @@ -32760,16 +32921,16 @@ WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a) "LDR lr, [%[a]]\n\t" "UMULL r8, r6, lr, lr\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_256_sqr_8_outer:\n\t" #else "L_sp_256_sqr_8_outer_%=:\n\t" #endif - "SUBS r3, r5, #0x1c\n\t" + "SUBS r3, r5, #28\n\t" "IT cc\n\t" "MOVCC r3, #0x0\n\t" "SUB r4, r5, r3\n\t" @@ -32784,12 +32945,12 @@ WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_256_sqr_8_inner_done_%=\n\t" @@ -32809,7 +32970,7 @@ WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, lr\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_256_sqr_8_inner_done:\n\t" @@ -32819,9 +32980,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a) "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" - "CMP r5, #0x34\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" + "CMP r5, #52\n\t" #if defined(__GNUC__) "BLE L_sp_256_sqr_8_outer_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -32832,7 +32993,7 @@ WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a) "LDR lr, [%[a], #28]\n\t" "UMLAL r6, r7, lr, lr\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -32842,7 +33003,7 @@ WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a) #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_256_sqr_8_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -32866,8 +33027,8 @@ WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_ARM_ARCH_7M /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_sqr_8(sp_digit* r_p, @@ -32885,7 +33046,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_sqr_8(sp_digit* r, __asm__ __volatile__ ( "SUB sp, sp, #0x44\n\t" "STR %[r], [sp, #64]\n\t" - "MOV %[r], #0x0\n\t" + "MOV %[r], #0\n\t" "LDR r12, [%[a]]\n\t" /* A[0] * A[1] */ "LDR lr, [%[a], #4]\n\t" @@ -32901,137 +33062,137 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_sqr_8(sp_digit* r, "UMULL r10, r3, r12, lr\n\t" /* A[0] * A[2] */ "LDR lr, [%[a], #8]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[0] * A[4] */ "LDR lr, [%[a], #16]\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r7, r7, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[0] * A[6] */ "LDR lr, [%[a], #24]\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r9, r9, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" - "ADCS r3, r3, #0x0\n\t" + "ADCS r3, r3, #0\n\t" "STR r4, [sp, #4]\n\t" "STR r5, [sp, #8]\n\t" /* A[1] * A[2] */ "LDR r12, [%[a], #4]\n\t" "LDR lr, [%[a], #8]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "STR r6, [sp, #12]\n\t" "ADDS r7, r7, r11\n\t" /* A[1] * A[3] */ "LDR lr, [%[a], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "STR r7, [sp, #16]\n\t" "ADDS r8, r8, r11\n\t" /* A[1] * A[4] */ "LDR lr, [%[a], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[1] * A[5] */ "LDR lr, [%[a], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[1] * A[6] */ "LDR lr, [%[a], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[1] * A[7] */ "LDR lr, [%[a], #28]\n\t" - "ADC r4, %[r], #0x0\n\t" + "ADC r4, %[r], #0\n\t" "UMLAL r3, r4, r12, lr\n\t" /* A[2] * A[3] */ "LDR r12, [%[a], #8]\n\t" "LDR lr, [%[a], #12]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "STR r8, [sp, #20]\n\t" "ADDS r9, r9, r11\n\t" /* A[2] * A[4] */ "LDR lr, [%[a], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "STR r9, [sp, #24]\n\t" "ADDS r10, r10, r11\n\t" /* A[2] * A[5] */ "LDR lr, [%[a], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[2] * A[6] */ "LDR lr, [%[a], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[2] * A[7] */ "LDR lr, [%[a], #28]\n\t" - "ADC r5, %[r], #0x0\n\t" + "ADC r5, %[r], #0\n\t" "UMLAL r4, r5, r12, lr\n\t" /* A[3] * A[4] */ "LDR r12, [%[a], #12]\n\t" "LDR lr, [%[a], #16]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "STR r10, [sp, #28]\n\t" "ADDS r3, r3, r11\n\t" /* A[3] * A[5] */ "LDR lr, [%[a], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[3] * A[6] */ "LDR lr, [%[a], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[3] * A[7] */ "LDR lr, [%[a], #28]\n\t" - "ADC r6, %[r], #0x0\n\t" + "ADC r6, %[r], #0\n\t" "UMLAL r5, r6, r12, lr\n\t" /* A[4] * A[5] */ "LDR r12, [%[a], #16]\n\t" "LDR lr, [%[a], #20]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[4] * A[6] */ "LDR lr, [%[a], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[4] * A[7] */ "LDR lr, [%[a], #28]\n\t" - "ADC r7, %[r], #0x0\n\t" + "ADC r7, %[r], #0\n\t" "UMLAL r6, r7, r12, lr\n\t" /* A[5] * A[6] */ "LDR r12, [%[a], #20]\n\t" "LDR lr, [%[a], #24]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[5] * A[7] */ "LDR lr, [%[a], #28]\n\t" - "ADC r8, %[r], #0x0\n\t" + "ADC r8, %[r], #0\n\t" "UMLAL r7, r8, r12, lr\n\t" /* A[6] * A[7] */ "LDR r12, [%[a], #24]\n\t" "LDR lr, [%[a], #28]\n\t" - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" "UMLAL r8, r9, r12, lr\n\t" - "ADD lr, sp, #0x20\n\t" + "ADD lr, sp, #32\n\t" "STM lr, {r3, r4, r5, r6, r7, r8, r9}\n\t" - "ADD lr, sp, #0x4\n\t" + "ADD lr, sp, #4\n\t" "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t" "ADDS r4, r4, r4\n\t" "ADCS r5, r5, r5\n\t" @@ -33049,9 +33210,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_sqr_8(sp_digit* r, "ADCS r7, r7, r7\n\t" "ADCS r8, r8, r8\n\t" "ADCS r9, r9, r9\n\t" - "ADC r10, %[r], #0x0\n\t" + "ADC r10, %[r], #0\n\t" "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" - "ADD lr, sp, #0x4\n\t" + "ADD lr, sp, #4\n\t" "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t" "MOV lr, sp\n\t" /* A[0] * A[0] */ @@ -33060,52 +33221,52 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_sqr_8(sp_digit* r, "ADDS r4, r4, r11\n\t" /* A[1] * A[1] */ "LDR r12, [%[a], #4]\n\t" - "ADCS r5, r5, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r5, r5, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, r12\n\t" "ADDS r6, r6, r11\n\t" /* A[2] * A[2] */ "LDR r12, [%[a], #8]\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r7, r7, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, r12\n\t" "ADDS r8, r8, r11\n\t" /* A[3] * A[3] */ "LDR r12, [%[a], #12]\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r9, r9, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, r12\n\t" "ADDS r10, r10, r11\n\t" "STM lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" "LDM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" /* A[4] * A[4] */ "LDR r12, [%[a], #16]\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r3, r3, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, r12\n\t" "ADDS r4, r4, r11\n\t" /* A[5] * A[5] */ "LDR r12, [%[a], #20]\n\t" - "ADCS r5, r5, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r5, r5, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, r12\n\t" "ADDS r6, r6, r11\n\t" /* A[6] * A[6] */ "LDR r12, [%[a], #24]\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r7, r7, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, r12\n\t" "ADDS r8, r8, r11\n\t" /* A[7] * A[7] */ "LDR r12, [%[a], #28]\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADC r10, r10, #0x0\n\t" + "ADCS r9, r9, #0\n\t" + "ADC r10, r10, #0\n\t" "UMLAL r9, r10, r12, r12\n\t" "LDR %[r], [sp, #64]\n\t" - "ADD %[r], %[r], #0x20\n\t" + "ADD %[r], %[r], #32\n\t" "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" "LDM sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" - "SUB %[r], %[r], #0x20\n\t" + "SUB %[r], %[r], #32\n\t" "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" "ADD sp, sp, #0x44\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG @@ -33123,8 +33284,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_sqr_8(sp_digit* r, #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_sqr_8(sp_digit* r_p, @@ -33140,13 +33301,13 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_sqr_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "SUB sp, sp, #0x20\n\t" + "SUB sp, sp, #32\n\t" "STR %[r], [sp, #28]\n\t" "LDM %[a], {r0, r1, r2, r3, r4, r5, r6, r7}\n\t" "UMULL r9, r10, r0, r0\n\t" "UMULL r11, r12, r0, r1\n\t" "ADDS r11, r11, r11\n\t" - "MOV lr, #0x0\n\t" + "MOV lr, #0\n\t" "UMAAL r10, r11, lr, lr\n\t" "STM sp, {r9, r10}\n\t" "MOV r8, lr\n\t" @@ -33223,7 +33384,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_sqr_8(sp_digit* r, /* R[14] = r9 */ /* R[15] = r7 */ "LDR lr, [sp, #28]\n\t" - "ADD lr, lr, #0x1c\n\t" + "ADD lr, lr, #28\n\t" "STM lr!, {r0, r12}\n\t" "STM lr!, {r11}\n\t" "STM lr!, {r10}\n\t" @@ -33232,7 +33393,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_sqr_8(sp_digit* r, "SUB lr, lr, #0x40\n\t" "LDM sp, {r0, r1, r2, r3, r4, r5, r6}\n\t" "STM lr, {r0, r1, r2, r3, r4, r5, r6}\n\t" - "ADD sp, sp, #0x20\n\t" + "ADD sp, sp, #32\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a) : @@ -33250,9 +33411,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_sqr_8(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r_p, @@ -33269,8 +33430,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r3, #0x0\n\t" - "ADD r12, %[a], #0x20\n\t" + "MOV r3, #0\n\t" + "ADD r12, %[a], #32\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_256_add_8_word:\n\t" @@ -33285,8 +33446,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r, "ADCS r6, r6, r10\n\t" "ADCS r7, r7, r11\n\t" "STM %[r]!, {r4, r5, r6, r7}\n\t" - "MOV r4, #0x0\n\t" - "ADC r3, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r3, r4, #0\n\t" "CMP %[a], r12\n\t" #if defined(__GNUC__) "BNE L_sp_256_add_8_word_%=\n\t" @@ -33312,9 +33473,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r_p, @@ -33345,8 +33506,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r, "ADCS r5, r5, r9\n\t" "ADCS r6, r6, r10\n\t" "STM %[r]!, {r3, r4, r5, r6}\n\t" - "MOV %[r], #0x0\n\t" - "ADC %[r], %[r], #0x0\n\t" + "MOV %[r], #0\n\t" + "ADC %[r], %[r], #0\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -33362,9 +33523,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static int sp_256_mod_mul_norm_8(sp_digit* r_p, @@ -33380,169 +33541,169 @@ WC_OMIT_FRAME_POINTER static int sp_256_mod_mul_norm_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "SUB sp, sp, #0x18\n\t" + "SUB sp, sp, #24\n\t" "LDM %[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t" /* Clear overflow and underflow */ - "MOV r11, #0x0\n\t" - "MOV r12, #0x0\n\t" + "MOV r11, #0\n\t" + "MOV r12, #0\n\t" /* t[0] = 1 1 0 -1 -1 -1 -1 0 */ "ADDS r10, r2, r3\n\t" - "ADC r11, r11, #0x0\n\t" + "ADC r11, r11, #0\n\t" "SUBS r10, r10, r5\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r10, r10, r6\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r10, r10, r7\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r10, r10, r8\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" /* Store t[0] */ "STR r10, [sp]\n\t" "neg r12, r12\n\t" - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" /* t[1] = 0 1 1 0 -1 -1 -1 -1 */ "ADDS r11, r11, r3\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "ADDS r11, r11, r4\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "SUBS r11, r11, r12\n\t" "SBC r12, r12, r12\n\t" "SUBS r11, r11, r6\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r11, r11, r7\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r11, r11, r8\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r11, r11, r9\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" /* Store t[1] */ "STR r11, [sp, #4]\n\t" "neg r12, r12\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" /* t[2] = 0 0 1 1 0 -1 -1 -1 */ "ADDS r10, r10, r4\n\t" - "ADC r11, r11, #0x0\n\t" + "ADC r11, r11, #0\n\t" "ADDS r10, r10, r5\n\t" - "ADC r11, r11, #0x0\n\t" + "ADC r11, r11, #0\n\t" "SUBS r10, r10, r12\n\t" "SBC r12, r12, r12\n\t" "SUBS r10, r10, r7\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r10, r10, r8\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r10, r10, r9\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" /* Store t[2] */ "STR r10, [sp, #8]\n\t" "neg r12, r12\n\t" - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" /* t[3] = -1 -1 0 2 2 1 0 -1 */ "ADDS r11, r11, r5\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "ADDS r11, r11, r5\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "ADDS r11, r11, r6\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "ADDS r11, r11, r6\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "ADDS r11, r11, r7\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "SUBS r11, r11, r12\n\t" "SBC r12, r12, r12\n\t" "SUBS r11, r11, r2\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r11, r11, r3\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r11, r11, r9\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" /* Store t[3] */ "STR r11, [sp, #12]\n\t" "neg r12, r12\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" /* t[4] = 0 -1 -1 0 2 2 1 0 */ "ADDS r10, r10, r6\n\t" - "ADC r11, r11, #0x0\n\t" + "ADC r11, r11, #0\n\t" "ADDS r10, r10, r6\n\t" - "ADC r11, r11, #0x0\n\t" + "ADC r11, r11, #0\n\t" "ADDS r10, r10, r7\n\t" - "ADC r11, r11, #0x0\n\t" + "ADC r11, r11, #0\n\t" "ADDS r10, r10, r7\n\t" - "ADC r11, r11, #0x0\n\t" + "ADC r11, r11, #0\n\t" "ADDS r10, r10, r8\n\t" - "ADC r11, r11, #0x0\n\t" + "ADC r11, r11, #0\n\t" "SUBS r10, r10, r12\n\t" "SBC r12, r12, r12\n\t" "SUBS r10, r10, r3\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r10, r10, r4\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" /* Store t[4] */ "STR r10, [sp, #16]\n\t" "neg r12, r12\n\t" - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" /* t[5] = 0 0 -1 -1 0 2 2 1 */ "ADDS r11, r11, r7\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "ADDS r11, r11, r7\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "ADDS r11, r11, r8\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "ADDS r11, r11, r8\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "ADDS r11, r11, r9\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "SUBS r11, r11, r12\n\t" "SBC r12, r12, r12\n\t" "SUBS r11, r11, r4\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r11, r11, r5\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" /* Store t[5] */ "STR r11, [sp, #20]\n\t" "neg r12, r12\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" /* t[6] = -1 -1 0 0 0 1 3 2 */ "ADDS r10, r10, r7\n\t" - "ADC r11, r11, #0x0\n\t" + "ADC r11, r11, #0\n\t" "ADDS r10, r10, r8\n\t" - "ADC r11, r11, #0x0\n\t" + "ADC r11, r11, #0\n\t" "ADDS r10, r10, r8\n\t" - "ADC r11, r11, #0x0\n\t" + "ADC r11, r11, #0\n\t" "ADDS r10, r10, r8\n\t" - "ADC r11, r11, #0x0\n\t" + "ADC r11, r11, #0\n\t" "ADDS r10, r10, r9\n\t" - "ADC r11, r11, #0x0\n\t" + "ADC r11, r11, #0\n\t" "ADDS r10, r10, r9\n\t" - "ADC r11, r11, #0x0\n\t" + "ADC r11, r11, #0\n\t" "SUBS r10, r10, r12\n\t" "SBC r12, r12, r12\n\t" "SUBS r10, r10, r2\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r10, r10, r3\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" /* Store t[6] */ "MOV r8, r10\n\t" "neg r12, r12\n\t" - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" /* t[7] = 1 0 -1 -1 -1 -1 0 3 */ "ADDS r11, r11, r2\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "ADDS r11, r11, r9\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "ADDS r11, r11, r9\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "ADDS r11, r11, r9\n\t" - "ADC r10, r10, #0x0\n\t" + "ADC r10, r10, #0\n\t" "SUBS r11, r11, r12\n\t" "SBC r12, r12, r12\n\t" "SUBS r11, r11, r4\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r11, r11, r5\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r11, r11, r6\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" "SUBS r11, r11, r7\n\t" - "SBC r12, r12, #0x0\n\t" + "SBC r12, r12, #0\n\t" /* Store t[7] */ /* Load intermediate */ "LDM sp, {r2, r3, r4, r5, r6, r7}\n\t" @@ -33550,52 +33711,52 @@ WC_OMIT_FRAME_POINTER static int sp_256_mod_mul_norm_8(sp_digit* r, /* Add overflow */ /* Subtract underflow - add neg underflow */ "ADDS r2, r2, r10\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" "ADCS r5, r5, r12\n\t" - "ADCS r6, r6, #0x0\n\t" - "ADCS r7, r7, #0x0\n\t" + "ADCS r6, r6, #0\n\t" + "ADCS r7, r7, #0\n\t" "ADCS r8, r8, r12\n\t" "ADCS r11, r11, r10\n\t" - "MOV r9, #0x0\n\t" - "ADC r9, r9, #0x0\n\t" + "MOV r9, #0\n\t" + "ADC r9, r9, #0\n\t" /* Subtract overflow */ /* Add underflow - subtract neg underflow */ "SUBS r2, r2, r12\n\t" - "SBCS r3, r3, #0x0\n\t" - "SBCS r4, r4, #0x0\n\t" + "SBCS r3, r3, #0\n\t" + "SBCS r4, r4, #0\n\t" "SBCS r5, r5, r10\n\t" - "SBCS r6, r6, #0x0\n\t" - "SBCS r7, r7, #0x0\n\t" + "SBCS r6, r6, #0\n\t" + "SBCS r7, r7, #0\n\t" "SBCS r8, r8, r10\n\t" "SBCS r11, r11, r12\n\t" - "MOV r12, #0x0\n\t" - "SBC r12, r12, #0x0\n\t" + "MOV r12, #0\n\t" + "SBC r12, r12, #0\n\t" "neg r12, r12\n\t" /* Add overflow */ /* Subtract underflow - add neg underflow */ "ADDS r2, r2, r9\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" "ADCS r5, r5, r12\n\t" - "ADCS r6, r6, #0x0\n\t" - "ADCS r7, r7, #0x0\n\t" + "ADCS r6, r6, #0\n\t" + "ADCS r7, r7, #0\n\t" "ADCS r8, r8, r12\n\t" "ADC r11, r11, r9\n\t" /* Subtract overflow */ /* Add underflow - subtract neg underflow */ "SUBS r2, r2, r12\n\t" - "SBCS r3, r3, #0x0\n\t" - "SBCS r4, r4, #0x0\n\t" + "SBCS r3, r3, #0\n\t" + "SBCS r4, r4, #0\n\t" "SBCS r5, r5, r9\n\t" - "SBCS r6, r6, #0x0\n\t" - "SBCS r7, r7, #0x0\n\t" + "SBCS r6, r6, #0\n\t" + "SBCS r7, r7, #0\n\t" "SBCS r8, r8, r9\n\t" "SBC r11, r11, r12\n\t" /* Store result */ "STM %[r], {r2, r3, r4, r5, r6, r7, r8, r11}\n\t" - "MOV %[r], #0x0\n\t" - "ADD sp, sp, #0x18\n\t" + "MOV %[r], #0\n\t" + "ADD sp, sp, #24\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a) : @@ -33616,9 +33777,9 @@ WC_OMIT_FRAME_POINTER static int sp_256_mod_mul_norm_8(sp_digit* r, /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -33704,8 +33865,8 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_256. * - * p Point of type sp_point_256 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_256 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_256_point_from_ecc_point_8(sp_point_256* p, const ecc_point* pm) @@ -33721,8 +33882,8 @@ static void sp_256_point_from_ecc_point_8(sp_point_256* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_256_to_mp(const sp_digit* a, mp_int* r) { @@ -33789,10 +33950,11 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_256 to type ecc_point. * - * p Point of type sp_point_256. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_256. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm) { @@ -33813,11 +33975,11 @@ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm) /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, @@ -33837,7 +33999,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r, __asm__ __volatile__ ( "SUB sp, sp, #0x44\n\t" "STR %[r], [sp, #64]\n\t" - "MOV %[r], #0x0\n\t" + "MOV %[r], #0\n\t" "LDR r12, [%[a]]\n\t" /* A[0] * B[0] */ "LDR lr, [%[b]]\n\t" @@ -33859,309 +34021,309 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r, "ADDS r5, r5, r11\n\t" /* A[0] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADCS r6, r6, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r6, r6, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[0] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADCS r8, r8, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r8, r8, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[0] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADCS r10, r10, #0x0\n\t" - "ADC r3, %[r], #0x0\n\t" + "ADCS r10, r10, #0\n\t" + "ADC r3, %[r], #0\n\t" "UMLAL r10, r3, r12, lr\n\t" /* A[1] * B[0] */ "LDR r12, [%[a], #4]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "STR r4, [sp, #4]\n\t" "ADDS r5, r5, r11\n\t" /* A[1] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[1] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[1] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[1] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[1] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[1] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[1] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r4, %[r], #0x0\n\t" + "ADC r4, %[r], #0\n\t" "UMLAL r3, r4, r12, lr\n\t" /* A[2] * B[0] */ "LDR r12, [%[a], #8]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "STR r5, [sp, #8]\n\t" "ADDS r6, r6, r11\n\t" /* A[2] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[2] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[2] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[2] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[2] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[2] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[2] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r5, %[r], #0x0\n\t" + "ADC r5, %[r], #0\n\t" "UMLAL r4, r5, r12, lr\n\t" /* A[3] * B[0] */ "LDR r12, [%[a], #12]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "STR r6, [sp, #12]\n\t" "ADDS r7, r7, r11\n\t" /* A[3] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[3] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[3] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[3] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[3] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[3] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[3] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r6, %[r], #0x0\n\t" + "ADC r6, %[r], #0\n\t" "UMLAL r5, r6, r12, lr\n\t" /* A[4] * B[0] */ "LDR r12, [%[a], #16]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "STR r7, [sp, #16]\n\t" "ADDS r8, r8, r11\n\t" /* A[4] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[4] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[4] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[4] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[4] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[4] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[4] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r7, %[r], #0x0\n\t" + "ADC r7, %[r], #0\n\t" "UMLAL r6, r7, r12, lr\n\t" /* A[5] * B[0] */ "LDR r12, [%[a], #20]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "STR r8, [sp, #20]\n\t" "ADDS r9, r9, r11\n\t" /* A[5] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[5] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[5] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[5] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[5] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[5] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[5] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r8, %[r], #0x0\n\t" + "ADC r8, %[r], #0\n\t" "UMLAL r7, r8, r12, lr\n\t" /* A[6] * B[0] */ "LDR r12, [%[a], #24]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "STR r9, [sp, #24]\n\t" "ADDS r10, r10, r11\n\t" /* A[6] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[6] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[6] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[6] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[6] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[6] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[6] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r9, %[r], #0x0\n\t" + "ADC r9, %[r], #0\n\t" "UMLAL r8, r9, r12, lr\n\t" /* A[7] * B[0] */ "LDR r12, [%[a], #28]\n\t" "LDR lr, [%[b]]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "STR r10, [sp, #28]\n\t" "ADDS r3, r3, r11\n\t" /* A[7] * B[1] */ "LDR lr, [%[b], #4]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[7] * B[2] */ "LDR lr, [%[b], #8]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[7] * B[3] */ "LDR lr, [%[b], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[7] * B[4] */ "LDR lr, [%[b], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[7] * B[5] */ "LDR lr, [%[b], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[7] * B[6] */ "LDR lr, [%[b], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[7] * B[7] */ "LDR lr, [%[b], #28]\n\t" - "ADC r10, %[r], #0x0\n\t" + "ADC r10, %[r], #0\n\t" "UMLAL r9, r10, r12, lr\n\t" - "ADD lr, sp, #0x20\n\t" + "ADD lr, sp, #32\n\t" "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" /* Start Reduction */ "LDM sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t" @@ -34200,34 +34362,34 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r, "ADCS r2, r2, r7\n\t" "ADCS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV lr, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "MOV lr, #0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r3, r3, r5\n\t" "ADCS r4, r4, r6\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "STR r4, [sp, #28]\n\t" /* a[8] += t[0] + t[2] + t[5] */ /* a[9] += t[1] + t[3] + t[6] */ /* a[10] += t[2] + t[4] + t[7] */ - "ADD r0, sp, #0x20\n\t" + "ADD r0, sp, #32\n\t" "LDM r0, {r2, r3, r4}\n\t" "ADDS r2, r2, lr\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "MOV lr, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "MOV lr, #0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r2, r2, r7\n\t" "ADCS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r2, r2, r10\n\t" "ADCS r3, r3, r11\n\t" "ADCS r4, r4, r12\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "STM r0!, {r2, r3, r4}\n\t" /* a[11] += t[3] + t[5] + carry */ /* a[12] += t[4] + t[6] */ @@ -34236,52 +34398,52 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r, /* a[15] += t[7] */ "LDM r0, {r0, r1, r2, r3, r4}\n\t" "ADDS r0, r0, lr\n\t" - "ADCS r1, r1, #0x0\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "MOV lr, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "ADCS r1, r1, #0\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "MOV lr, #0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r0, r0, r8\n\t" "ADCS r1, r1, r9\n\t" "ADCS r2, r2, r10\n\t" "ADCS r3, r3, r11\n\t" "ADCS r4, r4, r12\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r0, r0, r10\n\t" "ADCS r1, r1, r11\n\t" "ADCS r2, r2, r12\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "ADC lr, lr, #0\n\t" "STR r0, [sp, #44]\n\t" "STR r1, [sp, #48]\n\t" "STR r2, [sp, #52]\n\t" "STR r3, [sp, #56]\n\t" /* a[7..15] - t[0..7] */ - "ADD r0, sp, #0x1c\n\t" + "ADD r0, sp, #28\n\t" "LDM r0, {r0, r1, r2, r3}\n\t" "SUBS r0, r0, r5\n\t" "SBCS r1, r1, r6\n\t" "SBCS r2, r2, r7\n\t" "SBCS r3, r3, r8\n\t" - "ADD r0, sp, #0x2c\n\t" + "ADD r0, sp, #44\n\t" "MOV r8, r4\n\t" "LDM r0, {r4, r5, r6, r7}\n\t" "SBCS r4, r4, r9\n\t" "SBCS r5, r5, r10\n\t" "SBCS r6, r6, r11\n\t" "SBCS r7, r7, r12\n\t" - "SBCS r8, r8, #0x0\n\t" - "SBC lr, lr, #0x0\n\t" + "SBCS r8, r8, #0\n\t" + "SBC lr, lr, #0\n\t" /* mask m and sub from result if overflow */ - "RSB lr, lr, #0x0\n\t" + "RSB lr, lr, #0\n\t" "SUBS r1, r1, lr\n\t" "SBCS r2, r2, lr\n\t" "SBCS r3, r3, lr\n\t" - "SBCS r4, r4, #0x0\n\t" - "SBCS r5, r5, #0x0\n\t" - "SBCS r6, r6, #0x0\n\t" + "SBCS r4, r4, #0\n\t" + "SBCS r5, r5, #0\n\t" + "SBCS r6, r6, #0\n\t" "SBCS r7, r7, lr, LSR #31\n\t" "SBC r8, r8, lr\n\t" "LDR %[r], [sp, #64]\n\t" @@ -34313,11 +34475,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, @@ -34365,54 +34527,54 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r, "UMAAL r9, r10, r2, r4\n\t" "UMAAL r10, r11, r3, r4\n\t" "LDM lr, {r4, r5, r6, r7}\n\t" - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "UMLAL r8, r12, r0, r4\n\t" "UMAAL r9, r12, r1, r4\n\t" "UMAAL r10, r12, r2, r4\n\t" "UMAAL r11, r12, r3, r4\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "UMLAL r9, r4, r0, r5\n\t" "UMAAL r10, r4, r1, r5\n\t" "UMAAL r11, r4, r2, r5\n\t" "UMAAL r12, r4, r3, r5\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "UMLAL r10, r5, r0, r6\n\t" "UMAAL r11, r5, r1, r6\n\t" "UMAAL r12, r5, r2, r6\n\t" "UMAAL r4, r5, r3, r6\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r11, r6, r0, r7\n\t" "LDR r0, [sp, #72]\n\t" "UMAAL r12, r6, r1, r7\n\t" - "ADD r0, r0, #0x10\n\t" + "ADD r0, r0, #16\n\t" "UMAAL r4, r6, r2, r7\n\t" - "SUB lr, lr, #0x10\n\t" + "SUB lr, lr, #16\n\t" "UMAAL r5, r6, r3, r7\n\t" "LDM r0, {r0, r1, r2, r3}\n\t" "STR r6, [sp, #64]\n\t" "LDM lr!, {r6}\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r8, r7, r0, r6\n\t" "UMAAL r9, r7, r1, r6\n\t" "STR r8, [sp, #16]\n\t" "UMAAL r10, r7, r2, r6\n\t" "UMAAL r11, r7, r3, r6\n\t" "LDM lr!, {r6}\n\t" - "MOV r8, #0x0\n\t" + "MOV r8, #0\n\t" "UMLAL r9, r8, r0, r6\n\t" "UMAAL r10, r8, r1, r6\n\t" "STR r9, [sp, #20]\n\t" "UMAAL r11, r8, r2, r6\n\t" "UMAAL r12, r8, r3, r6\n\t" "LDM lr!, {r6}\n\t" - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" "UMLAL r10, r9, r0, r6\n\t" "UMAAL r11, r9, r1, r6\n\t" "STR r10, [sp, #24]\n\t" "UMAAL r12, r9, r2, r6\n\t" "UMAAL r4, r9, r3, r6\n\t" "LDM lr!, {r6}\n\t" - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "UMLAL r11, r10, r0, r6\n\t" "UMAAL r12, r10, r1, r6\n\t" "STR r11, [sp, #28]\n\t" @@ -34439,7 +34601,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r, "UMAAL r8, r9, r3, r11\n\t" "UMAAL r9, r10, r3, lr\n\t" "MOV r3, r12\n\t" - "ADD lr, sp, #0x20\n\t" + "ADD lr, sp, #32\n\t" "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" /* Start Reduction */ "LDM sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t" @@ -34478,34 +34640,34 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r, "ADCS r2, r2, r7\n\t" "ADCS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV lr, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "MOV lr, #0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r3, r3, r5\n\t" "ADCS r4, r4, r6\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "STR r4, [sp, #28]\n\t" /* a[8] += t[0] + t[2] + t[5] */ /* a[9] += t[1] + t[3] + t[6] */ /* a[10] += t[2] + t[4] + t[7] */ - "ADD r0, sp, #0x20\n\t" + "ADD r0, sp, #32\n\t" "LDM r0, {r2, r3, r4}\n\t" "ADDS r2, r2, lr\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "MOV lr, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "MOV lr, #0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r2, r2, r7\n\t" "ADCS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r2, r2, r10\n\t" "ADCS r3, r3, r11\n\t" "ADCS r4, r4, r12\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "STM r0!, {r2, r3, r4}\n\t" /* a[11] += t[3] + t[5] + carry */ /* a[12] += t[4] + t[6] */ @@ -34514,52 +34676,52 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r, /* a[15] += t[7] */ "LDM r0, {r0, r1, r2, r3, r4}\n\t" "ADDS r0, r0, lr\n\t" - "ADCS r1, r1, #0x0\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "MOV lr, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "ADCS r1, r1, #0\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "MOV lr, #0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r0, r0, r8\n\t" "ADCS r1, r1, r9\n\t" "ADCS r2, r2, r10\n\t" "ADCS r3, r3, r11\n\t" "ADCS r4, r4, r12\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r0, r0, r10\n\t" "ADCS r1, r1, r11\n\t" "ADCS r2, r2, r12\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "ADC lr, lr, #0\n\t" "STR r0, [sp, #44]\n\t" "STR r1, [sp, #48]\n\t" "STR r2, [sp, #52]\n\t" "STR r3, [sp, #56]\n\t" /* a[7..15] - t[0..7] */ - "ADD r0, sp, #0x1c\n\t" + "ADD r0, sp, #28\n\t" "LDM r0, {r0, r1, r2, r3}\n\t" "SUBS r0, r0, r5\n\t" "SBCS r1, r1, r6\n\t" "SBCS r2, r2, r7\n\t" "SBCS r3, r3, r8\n\t" - "ADD r0, sp, #0x2c\n\t" + "ADD r0, sp, #44\n\t" "MOV r8, r4\n\t" "LDM r0, {r4, r5, r6, r7}\n\t" "SBCS r4, r4, r9\n\t" "SBCS r5, r5, r10\n\t" "SBCS r6, r6, r11\n\t" "SBCS r7, r7, r12\n\t" - "SBCS r8, r8, #0x0\n\t" - "SBC lr, lr, #0x0\n\t" + "SBCS r8, r8, #0\n\t" + "SBC lr, lr, #0\n\t" /* mask m and sub from result if overflow */ - "RSB lr, lr, #0x0\n\t" + "RSB lr, lr, #0\n\t" "SUBS r1, r1, lr\n\t" "SBCS r2, r2, lr\n\t" "SBCS r3, r3, lr\n\t" - "SBCS r4, r4, #0x0\n\t" - "SBCS r5, r5, #0x0\n\t" - "SBCS r6, r6, #0x0\n\t" + "SBCS r4, r4, #0\n\t" + "SBCS r5, r5, #0\n\t" + "SBCS r6, r6, #0\n\t" "SBCS r7, r7, lr, LSR #31\n\t" "SBC r8, r8, lr\n\t" "LDR %[r], [sp, #68]\n\t" @@ -34591,10 +34753,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r, #ifdef WOLFSSL_SP_NO_UMAAL /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, @@ -34612,7 +34774,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r, __asm__ __volatile__ ( "SUB sp, sp, #0x44\n\t" "STR %[r], [sp, #64]\n\t" - "MOV %[r], #0x0\n\t" + "MOV %[r], #0\n\t" "LDR r12, [%[a]]\n\t" /* A[0] * A[1] */ "LDR lr, [%[a], #4]\n\t" @@ -34628,137 +34790,137 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r, "UMULL r10, r3, r12, lr\n\t" /* A[0] * A[2] */ "LDR lr, [%[a], #8]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[0] * A[4] */ "LDR lr, [%[a], #16]\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r7, r7, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "ADDS r8, r8, r11\n\t" /* A[0] * A[6] */ "LDR lr, [%[a], #24]\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r9, r9, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" - "ADCS r3, r3, #0x0\n\t" + "ADCS r3, r3, #0\n\t" "STR r4, [sp, #4]\n\t" "STR r5, [sp, #8]\n\t" /* A[1] * A[2] */ "LDR r12, [%[a], #4]\n\t" "LDR lr, [%[a], #8]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "STR r6, [sp, #12]\n\t" "ADDS r7, r7, r11\n\t" /* A[1] * A[3] */ "LDR lr, [%[a], #12]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, lr\n\t" "STR r7, [sp, #16]\n\t" "ADDS r8, r8, r11\n\t" /* A[1] * A[4] */ "LDR lr, [%[a], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "ADDS r9, r9, r11\n\t" /* A[1] * A[5] */ "LDR lr, [%[a], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "ADDS r10, r10, r11\n\t" /* A[1] * A[6] */ "LDR lr, [%[a], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[1] * A[7] */ "LDR lr, [%[a], #28]\n\t" - "ADC r4, %[r], #0x0\n\t" + "ADC r4, %[r], #0\n\t" "UMLAL r3, r4, r12, lr\n\t" /* A[2] * A[3] */ "LDR r12, [%[a], #8]\n\t" "LDR lr, [%[a], #12]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r8, r11, r12, lr\n\t" "STR r8, [sp, #20]\n\t" "ADDS r9, r9, r11\n\t" /* A[2] * A[4] */ "LDR lr, [%[a], #16]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, lr\n\t" "STR r9, [sp, #24]\n\t" "ADDS r10, r10, r11\n\t" /* A[2] * A[5] */ "LDR lr, [%[a], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "ADDS r3, r3, r11\n\t" /* A[2] * A[6] */ "LDR lr, [%[a], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[2] * A[7] */ "LDR lr, [%[a], #28]\n\t" - "ADC r5, %[r], #0x0\n\t" + "ADC r5, %[r], #0\n\t" "UMLAL r4, r5, r12, lr\n\t" /* A[3] * A[4] */ "LDR r12, [%[a], #12]\n\t" "LDR lr, [%[a], #16]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r10, r11, r12, lr\n\t" "STR r10, [sp, #28]\n\t" "ADDS r3, r3, r11\n\t" /* A[3] * A[5] */ "LDR lr, [%[a], #20]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, lr\n\t" "ADDS r4, r4, r11\n\t" /* A[3] * A[6] */ "LDR lr, [%[a], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[3] * A[7] */ "LDR lr, [%[a], #28]\n\t" - "ADC r6, %[r], #0x0\n\t" + "ADC r6, %[r], #0\n\t" "UMLAL r5, r6, r12, lr\n\t" /* A[4] * A[5] */ "LDR r12, [%[a], #16]\n\t" "LDR lr, [%[a], #20]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r4, r11, r12, lr\n\t" "ADDS r5, r5, r11\n\t" /* A[4] * A[6] */ "LDR lr, [%[a], #24]\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, lr\n\t" "ADDS r6, r6, r11\n\t" /* A[4] * A[7] */ "LDR lr, [%[a], #28]\n\t" - "ADC r7, %[r], #0x0\n\t" + "ADC r7, %[r], #0\n\t" "UMLAL r6, r7, r12, lr\n\t" /* A[5] * A[6] */ "LDR r12, [%[a], #20]\n\t" "LDR lr, [%[a], #24]\n\t" - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "UMLAL r6, r11, r12, lr\n\t" "ADDS r7, r7, r11\n\t" /* A[5] * A[7] */ "LDR lr, [%[a], #28]\n\t" - "ADC r8, %[r], #0x0\n\t" + "ADC r8, %[r], #0\n\t" "UMLAL r7, r8, r12, lr\n\t" /* A[6] * A[7] */ "LDR r12, [%[a], #24]\n\t" "LDR lr, [%[a], #28]\n\t" - "MOV r9, #0x0\n\t" + "MOV r9, #0\n\t" "UMLAL r8, r9, r12, lr\n\t" - "ADD lr, sp, #0x20\n\t" + "ADD lr, sp, #32\n\t" "STM lr, {r3, r4, r5, r6, r7, r8, r9}\n\t" - "ADD lr, sp, #0x4\n\t" + "ADD lr, sp, #4\n\t" "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t" "ADDS r4, r4, r4\n\t" "ADCS r5, r5, r5\n\t" @@ -34776,9 +34938,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r, "ADCS r7, r7, r7\n\t" "ADCS r8, r8, r8\n\t" "ADCS r9, r9, r9\n\t" - "ADC r10, %[r], #0x0\n\t" + "ADC r10, %[r], #0\n\t" "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" - "ADD lr, sp, #0x4\n\t" + "ADD lr, sp, #4\n\t" "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t" "MOV lr, sp\n\t" /* A[0] * A[0] */ @@ -34787,48 +34949,48 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r, "ADDS r4, r4, r11\n\t" /* A[1] * A[1] */ "LDR r12, [%[a], #4]\n\t" - "ADCS r5, r5, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r5, r5, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, r12\n\t" "ADDS r6, r6, r11\n\t" /* A[2] * A[2] */ "LDR r12, [%[a], #8]\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r7, r7, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, r12\n\t" "ADDS r8, r8, r11\n\t" /* A[3] * A[3] */ "LDR r12, [%[a], #12]\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r9, r9, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r9, r11, r12, r12\n\t" "ADDS r10, r10, r11\n\t" "STM lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" "LDM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" /* A[4] * A[4] */ "LDR r12, [%[a], #16]\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r3, r3, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r3, r11, r12, r12\n\t" "ADDS r4, r4, r11\n\t" /* A[5] * A[5] */ "LDR r12, [%[a], #20]\n\t" - "ADCS r5, r5, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r5, r5, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r5, r11, r12, r12\n\t" "ADDS r6, r6, r11\n\t" /* A[6] * A[6] */ "LDR r12, [%[a], #24]\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADC r11, %[r], #0x0\n\t" + "ADCS r7, r7, #0\n\t" + "ADC r11, %[r], #0\n\t" "UMLAL r7, r11, r12, r12\n\t" "ADDS r8, r8, r11\n\t" /* A[7] * A[7] */ "LDR r12, [%[a], #28]\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADC r10, r10, #0x0\n\t" + "ADCS r9, r9, #0\n\t" + "ADC r10, r10, #0\n\t" "UMLAL r9, r10, r12, r12\n\t" - "ADD lr, sp, #0x20\n\t" + "ADD lr, sp, #32\n\t" "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t" /* Start Reduction */ "LDM sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t" @@ -34867,34 +35029,34 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r, "ADCS r2, r2, r7\n\t" "ADCS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV lr, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "MOV lr, #0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r3, r3, r5\n\t" "ADCS r4, r4, r6\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "STR r4, [sp, #28]\n\t" /* a[8] += t[0] + t[2] + t[5] */ /* a[9] += t[1] + t[3] + t[6] */ /* a[10] += t[2] + t[4] + t[7] */ - "ADD r0, sp, #0x20\n\t" + "ADD r0, sp, #32\n\t" "LDM r0, {r2, r3, r4}\n\t" "ADDS r2, r2, lr\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "MOV lr, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "MOV lr, #0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r2, r2, r7\n\t" "ADCS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r2, r2, r10\n\t" "ADCS r3, r3, r11\n\t" "ADCS r4, r4, r12\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "STM r0!, {r2, r3, r4}\n\t" /* a[11] += t[3] + t[5] + carry */ /* a[12] += t[4] + t[6] */ @@ -34903,52 +35065,52 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r, /* a[15] += t[7] */ "LDM r0, {r0, r1, r2, r3, r4}\n\t" "ADDS r0, r0, lr\n\t" - "ADCS r1, r1, #0x0\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "MOV lr, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "ADCS r1, r1, #0\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "MOV lr, #0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r0, r0, r8\n\t" "ADCS r1, r1, r9\n\t" "ADCS r2, r2, r10\n\t" "ADCS r3, r3, r11\n\t" "ADCS r4, r4, r12\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r0, r0, r10\n\t" "ADCS r1, r1, r11\n\t" "ADCS r2, r2, r12\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "ADC lr, lr, #0\n\t" "STR r0, [sp, #44]\n\t" "STR r1, [sp, #48]\n\t" "STR r2, [sp, #52]\n\t" "STR r3, [sp, #56]\n\t" /* a[7..15] - t[0..7] */ - "ADD r0, sp, #0x1c\n\t" + "ADD r0, sp, #28\n\t" "LDM r0, {r0, r1, r2, r3}\n\t" "SUBS r0, r0, r5\n\t" "SBCS r1, r1, r6\n\t" "SBCS r2, r2, r7\n\t" "SBCS r3, r3, r8\n\t" - "ADD r0, sp, #0x2c\n\t" + "ADD r0, sp, #44\n\t" "MOV r8, r4\n\t" "LDM r0, {r4, r5, r6, r7}\n\t" "SBCS r4, r4, r9\n\t" "SBCS r5, r5, r10\n\t" "SBCS r6, r6, r11\n\t" "SBCS r7, r7, r12\n\t" - "SBCS r8, r8, #0x0\n\t" - "SBC lr, lr, #0x0\n\t" + "SBCS r8, r8, #0\n\t" + "SBC lr, lr, #0\n\t" /* mask m and sub from result if overflow */ - "RSB lr, lr, #0x0\n\t" + "RSB lr, lr, #0\n\t" "SUBS r1, r1, lr\n\t" "SBCS r2, r2, lr\n\t" "SBCS r3, r3, lr\n\t" - "SBCS r4, r4, #0x0\n\t" - "SBCS r5, r5, #0x0\n\t" - "SBCS r6, r6, #0x0\n\t" + "SBCS r4, r4, #0\n\t" + "SBCS r5, r5, #0\n\t" + "SBCS r6, r6, #0\n\t" "SBCS r7, r7, lr, LSR #31\n\t" "SBC r8, r8, lr\n\t" "LDR %[r], [sp, #64]\n\t" @@ -34979,10 +35141,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r, #else /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, @@ -35004,7 +35166,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r, "UMULL r9, r10, r0, r0\n\t" "UMULL r11, r12, r0, r1\n\t" "ADDS r11, r11, r11\n\t" - "MOV lr, #0x0\n\t" + "MOV lr, #0\n\t" "UMAAL r10, r11, lr, lr\n\t" "STM sp, {r9, r10}\n\t" "MOV r8, lr\n\t" @@ -35081,7 +35243,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r, /* R[14] = r9 */ /* R[15] = r7 */ "MOV lr, sp\n\t" - "ADD lr, lr, #0x1c\n\t" + "ADD lr, lr, #28\n\t" "STM lr!, {r0, r12}\n\t" "STM lr!, {r11}\n\t" "STM lr!, {r10}\n\t" @@ -35124,34 +35286,34 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r, "ADCS r2, r2, r7\n\t" "ADCS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV lr, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "MOV lr, #0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r3, r3, r5\n\t" "ADCS r4, r4, r6\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "STR r4, [sp, #28]\n\t" /* a[8] += t[0] + t[2] + t[5] */ /* a[9] += t[1] + t[3] + t[6] */ /* a[10] += t[2] + t[4] + t[7] */ - "ADD r0, sp, #0x20\n\t" + "ADD r0, sp, #32\n\t" "LDM r0, {r2, r3, r4}\n\t" "ADDS r2, r2, lr\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "MOV lr, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "MOV lr, #0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r2, r2, r7\n\t" "ADCS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r2, r2, r10\n\t" "ADCS r3, r3, r11\n\t" "ADCS r4, r4, r12\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "STM r0!, {r2, r3, r4}\n\t" /* a[11] += t[3] + t[5] + carry */ /* a[12] += t[4] + t[6] */ @@ -35160,52 +35322,52 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r, /* a[15] += t[7] */ "LDM r0, {r0, r1, r2, r3, r4}\n\t" "ADDS r0, r0, lr\n\t" - "ADCS r1, r1, #0x0\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "MOV lr, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "ADCS r1, r1, #0\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "MOV lr, #0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r0, r0, r8\n\t" "ADCS r1, r1, r9\n\t" "ADCS r2, r2, r10\n\t" "ADCS r3, r3, r11\n\t" "ADCS r4, r4, r12\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r0, r0, r10\n\t" "ADCS r1, r1, r11\n\t" "ADCS r2, r2, r12\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "ADC lr, lr, #0\n\t" "STR r0, [sp, #44]\n\t" "STR r1, [sp, #48]\n\t" "STR r2, [sp, #52]\n\t" "STR r3, [sp, #56]\n\t" /* a[7..15] - t[0..7] */ - "ADD r0, sp, #0x1c\n\t" + "ADD r0, sp, #28\n\t" "LDM r0, {r0, r1, r2, r3}\n\t" "SUBS r0, r0, r5\n\t" "SBCS r1, r1, r6\n\t" "SBCS r2, r2, r7\n\t" "SBCS r3, r3, r8\n\t" - "ADD r0, sp, #0x2c\n\t" + "ADD r0, sp, #44\n\t" "MOV r8, r4\n\t" "LDM r0, {r4, r5, r6, r7}\n\t" "SBCS r4, r4, r9\n\t" "SBCS r5, r5, r10\n\t" "SBCS r6, r6, r11\n\t" "SBCS r7, r7, r12\n\t" - "SBCS r8, r8, #0x0\n\t" - "SBC lr, lr, #0x0\n\t" + "SBCS r8, r8, #0\n\t" + "SBC lr, lr, #0\n\t" /* mask m and sub from result if overflow */ - "RSB lr, lr, #0x0\n\t" + "RSB lr, lr, #0\n\t" "SUBS r1, r1, lr\n\t" "SBCS r2, r2, lr\n\t" "SBCS r3, r3, lr\n\t" - "SBCS r4, r4, #0x0\n\t" - "SBCS r5, r5, #0x0\n\t" - "SBCS r6, r6, #0x0\n\t" + "SBCS r4, r4, #0\n\t" + "SBCS r5, r5, #0\n\t" + "SBCS r6, r6, #0\n\t" "SBCS r7, r7, lr, LSR #31\n\t" "SBC r8, r8, lr\n\t" "LDR %[r], [sp, #64]\n\t" @@ -35237,11 +35399,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r, #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_sqr_n_8(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -35264,9 +35426,9 @@ static const word32 p256_mod_minus_2[8] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P256 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -35332,10 +35494,11 @@ static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_256_cmp_8(const sp_digit* a_p, @@ -35352,11 +35515,11 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_256_cmp_8(const sp_digit* a, __asm__ __volatile__ ( "MOV r2, #0xffffffff\n\t" - "MOV r8, #0x1\n\t" - "MOV r7, #0x0\n\t" + "MOV r8, #1\n\t" + "MOV r7, #0\n\t" "MOV r3, #0xffffffff\n\t" #ifdef WOLFSSL_SP_SMALL - "MOV r6, #0x1c\n\t" + "MOV r6, #28\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_256_cmp_8_words:\n\t" @@ -35374,7 +35537,7 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_256_cmp_8(const sp_digit* a, "movlo r2, r3\n\t" "IT ne\n\t" "movne r3, r7\n\t" - "SUBS r6, r6, #0x4\n\t" + "SUBS r6, r6, #4\n\t" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "bcs L_sp_256_cmp_8_words\n\t" #else @@ -35487,7 +35650,7 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_256_cmp_8(const sp_digit* a, /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_256_norm_8(a) @@ -35495,10 +35658,11 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_256_cmp_8(const sp_digit* a, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r_p, @@ -35516,9 +35680,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r8, #0x0\n\t" - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r8, #0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_256_cond_sub_8_words:\n\t" @@ -35532,8 +35696,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r, "SBCS r6, r6, r7\n\t" "SBC r4, r8, r8\n\t" "STR r6, [%[r], r5]\n\t" - "ADD r5, r5, #0x4\n\t" - "CMP r5, #0x20\n\t" + "ADD r5, r5, #4\n\t" + "CMP r5, #32\n\t" #if defined(__GNUC__) "BLT L_sp_256_cond_sub_8_words_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -35558,10 +35722,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r_p, @@ -35579,7 +35744,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "LDM %[a]!, {r6, r7}\n\t" "LDM %[b]!, {r8, r9}\n\t" "AND r8, r8, %[m]\n\t" @@ -35628,9 +35793,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r, #ifdef WOLFSSL_SP_NO_UMAAL /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8( @@ -35649,8 +35815,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, __asm__ __volatile__ ( "LDR lr, [%[m]]\n\t" /* i = 0 */ - "MOV r11, #0x0\n\t" - "MOV r3, #0x0\n\t" + "MOV r11, #0\n\t" + "MOV r3, #0\n\t" "LDR r4, [%[a]]\n\t" "LDR r5, [%[a], #4]\n\t" "\n" @@ -35662,72 +35828,72 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, /* mu = a[i] * mp */ "MUL r10, %[mp], r4\n\t" /* a[i+0] += m[0] * mu */ - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r4, r7, r10, lr\n\t" /* a[i+1] += m[1] * mu */ "LDR r9, [%[m], #4]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r5, r6, r10, r9\n\t" "MOV r4, r5\n\t" "ADDS r4, r4, r7\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+2] += m[2] * mu */ "LDR r9, [%[m], #8]\n\t" "LDR r5, [%[a], #8]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r5, r7, r10, r9\n\t" "ADDS r5, r5, r6\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+3] += m[3] * mu */ "LDR r9, [%[m], #12]\n\t" "LDR r12, [%[a], #12]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #12]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+4] += m[4] * mu */ "LDR r9, [%[m], #16]\n\t" "LDR r12, [%[a], #16]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #16]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+5] += m[5] * mu */ "LDR r9, [%[m], #20]\n\t" "LDR r12, [%[a], #20]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #20]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+6] += m[6] * mu */ "LDR r9, [%[m], #24]\n\t" "LDR r12, [%[a], #24]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #24]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+7] += m[7] * mu */ "LDR r9, [%[m], #28]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r9\n\t" "ADDS r7, r7, r8\n\t" "ADCS r6, r9, r3\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADC r3, r3, r3\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #28]\n\t" "LDR r12, [%[a], #32]\n\t" "ADCS r12, r12, r6\n\t" "STR r12, [%[a], #32]\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* i += 1 */ - "ADD r11, r11, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" - "CMP r11, #0x20\n\t" + "ADD r11, r11, #4\n\t" + "ADD %[a], %[a], #4\n\t" + "CMP r11, #32\n\t" #if defined(__GNUC__) "BLT L_sp_256_mont_reduce_8_word_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -35755,9 +35921,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, #else /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8( @@ -35775,8 +35942,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, __asm__ __volatile__ ( /* i = 0 */ - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "LDR r6, [%[a]]\n\t" "LDR r7, [%[a], #4]\n\t" "LDR r8, [%[a], #8]\n\t" @@ -35792,7 +35959,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, "MUL lr, %[mp], r6\n\t" /* a[i+0] += m[0] * mu */ "LDR r12, [%[m]]\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "UMAAL r6, r3, lr, r12\n\t" /* a[i+1] += m[1] * mu */ "LDR r12, [%[m], #4]\n\t" @@ -35824,16 +35991,16 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, "LDR r11, [%[a], #28]\n\t" "UMAAL r11, r3, lr, r12\n\t" "LDR lr, [%[a], #32]\n\t" - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "UMAAL r3, lr, r12, r12\n\t" "STR r11, [%[a], #28]\n\t" "ADDS r3, r3, r5\n\t" - "ADC r5, lr, #0x0\n\t" + "ADC r5, lr, #0\n\t" "STR r3, [%[a], #32]\n\t" /* i += 1 */ - "ADD r4, r4, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" - "CMP r4, #0x20\n\t" + "ADD r4, r4, #4\n\t" + "ADD %[a], %[a], #4\n\t" + "CMP r4, #32\n\t" #if defined(__GNUC__) "BLT L_sp_256_mont_reduce_8_word_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -35865,9 +36032,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, #else /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8( @@ -35926,34 +36094,34 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, "ADCS r2, r2, r7\n\t" "ADCS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV lr, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "MOV lr, #0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r3, r3, r5\n\t" "ADCS r4, r4, r6\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "STR r4, [sp, #28]\n\t" /* a[8] += t[0] + t[2] + t[5] */ /* a[9] += t[1] + t[3] + t[6] */ /* a[10] += t[2] + t[4] + t[7] */ - "ADD r0, sp, #0x20\n\t" + "ADD r0, sp, #32\n\t" "LDM r0, {r2, r3, r4}\n\t" "ADDS r2, r2, lr\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "MOV lr, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "MOV lr, #0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r2, r2, r7\n\t" "ADCS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r2, r2, r10\n\t" "ADCS r3, r3, r11\n\t" "ADCS r4, r4, r12\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "STM r0!, {r2, r3, r4}\n\t" /* a[11] += t[3] + t[5] + carry */ /* a[12] += t[4] + t[6] */ @@ -35962,52 +36130,52 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, /* a[15] += t[7] */ "LDM r0, {r0, r1, r2, r3, r4}\n\t" "ADDS r0, r0, lr\n\t" - "ADCS r1, r1, #0x0\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "MOV lr, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "ADCS r1, r1, #0\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "MOV lr, #0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r0, r0, r8\n\t" "ADCS r1, r1, r9\n\t" "ADCS r2, r2, r10\n\t" "ADCS r3, r3, r11\n\t" "ADCS r4, r4, r12\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r0, r0, r10\n\t" "ADCS r1, r1, r11\n\t" "ADCS r2, r2, r12\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "ADC lr, lr, #0x0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "ADC lr, lr, #0\n\t" "STR r0, [sp, #44]\n\t" "STR r1, [sp, #48]\n\t" "STR r2, [sp, #52]\n\t" "STR r3, [sp, #56]\n\t" /* a[7..15] - t[0..7] */ - "ADD r0, sp, #0x1c\n\t" + "ADD r0, sp, #28\n\t" "LDM r0, {r0, r1, r2, r3}\n\t" "SUBS r0, r0, r5\n\t" "SBCS r1, r1, r6\n\t" "SBCS r2, r2, r7\n\t" "SBCS r3, r3, r8\n\t" - "ADD r0, sp, #0x2c\n\t" + "ADD r0, sp, #44\n\t" "MOV r8, r4\n\t" "LDM r0, {r4, r5, r6, r7}\n\t" "SBCS r4, r4, r9\n\t" "SBCS r5, r5, r10\n\t" "SBCS r6, r6, r11\n\t" "SBCS r7, r7, r12\n\t" - "SBCS r8, r8, #0x0\n\t" - "SBC lr, lr, #0x0\n\t" + "SBCS r8, r8, #0\n\t" + "SBC lr, lr, #0\n\t" /* mask m and sub from result if overflow */ - "RSB lr, lr, #0x0\n\t" + "RSB lr, lr, #0\n\t" "SUBS r1, r1, lr\n\t" "SBCS r2, r2, lr\n\t" "SBCS r3, r3, lr\n\t" - "SBCS r4, r4, #0x0\n\t" - "SBCS r5, r5, #0x0\n\t" - "SBCS r6, r6, #0x0\n\t" + "SBCS r4, r4, #0\n\t" + "SBCS r5, r5, #0\n\t" + "SBCS r6, r6, #0\n\t" "SBCS r7, r7, lr, LSR #31\n\t" "SBC r8, r8, lr\n\t" "LDR %[a], [sp, #64]\n\t" @@ -36038,9 +36206,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a, #ifdef WOLFSSL_SP_NO_UMAAL /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( @@ -36059,8 +36228,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( __asm__ __volatile__ ( "LDR lr, [%[m]]\n\t" /* i = 0 */ - "MOV r11, #0x0\n\t" - "MOV r3, #0x0\n\t" + "MOV r11, #0\n\t" + "MOV r3, #0\n\t" "LDR r4, [%[a]]\n\t" "LDR r5, [%[a], #4]\n\t" "\n" @@ -36072,72 +36241,72 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( /* mu = a[i] * mp */ "MUL r10, %[mp], r4\n\t" /* a[i+0] += m[0] * mu */ - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r4, r7, r10, lr\n\t" /* a[i+1] += m[1] * mu */ "LDR r9, [%[m], #4]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r5, r6, r10, r9\n\t" "MOV r4, r5\n\t" "ADDS r4, r4, r7\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+2] += m[2] * mu */ "LDR r9, [%[m], #8]\n\t" "LDR r5, [%[a], #8]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r5, r7, r10, r9\n\t" "ADDS r5, r5, r6\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+3] += m[3] * mu */ "LDR r9, [%[m], #12]\n\t" "LDR r12, [%[a], #12]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #12]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+4] += m[4] * mu */ "LDR r9, [%[m], #16]\n\t" "LDR r12, [%[a], #16]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #16]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+5] += m[5] * mu */ "LDR r9, [%[m], #20]\n\t" "LDR r12, [%[a], #20]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #20]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+6] += m[6] * mu */ "LDR r9, [%[m], #24]\n\t" "LDR r12, [%[a], #24]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #24]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+7] += m[7] * mu */ "LDR r9, [%[m], #28]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r9\n\t" "ADDS r7, r7, r8\n\t" "ADCS r6, r9, r3\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADC r3, r3, r3\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #28]\n\t" "LDR r12, [%[a], #32]\n\t" "ADCS r12, r12, r6\n\t" "STR r12, [%[a], #32]\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* i += 1 */ - "ADD r11, r11, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" - "CMP r11, #0x20\n\t" + "ADD r11, r11, #4\n\t" + "ADD %[a], %[a], #4\n\t" + "CMP r11, #32\n\t" #if defined(__GNUC__) "BLT L_sp_256_mont_reduce_order_8_word_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -36165,9 +36334,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( #else /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( @@ -36185,8 +36355,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( __asm__ __volatile__ ( /* i = 0 */ - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "LDR r6, [%[a]]\n\t" "LDR r7, [%[a], #4]\n\t" "LDR r8, [%[a], #8]\n\t" @@ -36202,7 +36372,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( "MUL lr, %[mp], r6\n\t" /* a[i+0] += m[0] * mu */ "LDR r12, [%[m]]\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "UMAAL r6, r3, lr, r12\n\t" /* a[i+1] += m[1] * mu */ "LDR r12, [%[m], #4]\n\t" @@ -36234,16 +36404,16 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( "LDR r11, [%[a], #28]\n\t" "UMAAL r11, r3, lr, r12\n\t" "LDR lr, [%[a], #32]\n\t" - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "UMAAL r3, lr, r12, r12\n\t" "STR r11, [%[a], #28]\n\t" "ADDS r3, r3, r5\n\t" - "ADC r5, lr, #0x0\n\t" + "ADC r5, lr, #0\n\t" "STR r3, [%[a], #32]\n\t" /* i += 1 */ - "ADD r4, r4, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" - "CMP r4, #0x20\n\t" + "ADD r4, r4, #4\n\t" + "ADD %[a], %[a], #4\n\t" + "CMP r4, #32\n\t" #if defined(__GNUC__) "BLT L_sp_256_mont_reduce_order_8_word_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -36275,9 +36445,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8( #endif /* WOLFSSL_SP_SMALL */ /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_256_map_8(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -36315,10 +36485,10 @@ static void sp_256_map_8(sp_point_256* r, const sp_point_256* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_add_8(sp_digit* r_p, @@ -36335,7 +36505,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_add_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV lr, #0x0\n\t" + "MOV lr, #0\n\t" "LDM %[a], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t" "LDM %[b]!, {r3, r4}\n\t" "ADDS r5, r5, r3\n\t" @@ -36349,14 +36519,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_add_8(sp_digit* r, "LDM %[b]!, {r3, r4}\n\t" "ADCS r11, r11, r3\n\t" "ADCS r12, r12, r4\n\t" - "ADC lr, lr, #0x0\n\t" - "RSB lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" + "RSB lr, lr, #0\n\t" "SUBS r5, r5, lr\n\t" "SBCS r6, r6, lr\n\t" "SBCS r7, r7, lr\n\t" - "SBCS r8, r8, #0x0\n\t" - "SBCS r9, r9, #0x0\n\t" - "SBCS r10, r10, #0x0\n\t" + "SBCS r8, r8, #0\n\t" + "SBCS r9, r9, #0\n\t" + "SBCS r10, r10, #0\n\t" "SBCS r11, r11, lr, LSR #31\n\t" "SBCS r12, r12, lr\n\t" "SBC %[b], %[b], %[b]\n\t" @@ -36364,9 +36534,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_add_8(sp_digit* r, "SUBS r5, r5, lr\n\t" "SBCS r6, r6, lr\n\t" "SBCS r7, r7, lr\n\t" - "SBCS r8, r8, #0x0\n\t" - "SBCS r9, r9, #0x0\n\t" - "SBCS r10, r10, #0x0\n\t" + "SBCS r8, r8, #0\n\t" + "SBCS r9, r9, #0\n\t" + "SBCS r10, r10, #0\n\t" "SBCS r11, r11, lr, LSR #31\n\t" "SBC r12, r12, lr\n\t" "STM %[r], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t" @@ -36389,9 +36559,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_add_8(sp_digit* r, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_dbl_8(sp_digit* r_p, @@ -36407,7 +36577,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_dbl_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r2, #0x0\n\t" + "MOV r2, #0\n\t" "LDM %[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "ADDS r4, r4, r4\n\t" "ADCS r5, r5, r5\n\t" @@ -36417,14 +36587,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_dbl_8(sp_digit* r, "ADCS r9, r9, r9\n\t" "ADCS r10, r10, r10\n\t" "ADCS r11, r11, r11\n\t" - "ADC r2, r2, #0x0\n\t" - "RSB r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" + "RSB r2, r2, #0\n\t" "SUBS r4, r4, r2\n\t" "SBCS r5, r5, r2\n\t" "SBCS r6, r6, r2\n\t" - "SBCS r7, r7, #0x0\n\t" - "SBCS r8, r8, #0x0\n\t" - "SBCS r9, r9, #0x0\n\t" + "SBCS r7, r7, #0\n\t" + "SBCS r8, r8, #0\n\t" + "SBCS r9, r9, #0\n\t" "SBCS r10, r10, r2, LSR #31\n\t" "SBCS r11, r11, r2\n\t" "SBC %[a], %[a], %[a]\n\t" @@ -36432,9 +36602,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_dbl_8(sp_digit* r, "SUBS r4, r4, r2\n\t" "SBCS r5, r5, r2\n\t" "SBCS r6, r6, r2\n\t" - "SBCS r7, r7, #0x0\n\t" - "SBCS r8, r8, #0x0\n\t" - "SBCS r9, r9, #0x0\n\t" + "SBCS r7, r7, #0\n\t" + "SBCS r8, r8, #0\n\t" + "SBCS r9, r9, #0\n\t" "SBCS r10, r10, r2, LSR #31\n\t" "SBC r11, r11, r2\n\t" "STM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" @@ -36457,9 +36627,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_dbl_8(sp_digit* r, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_tpl_8(sp_digit* r_p, @@ -36475,7 +36645,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_tpl_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "LDM %[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "ADDS r4, r4, r4\n\t" "ADCS r5, r5, r5\n\t" @@ -36485,14 +36655,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_tpl_8(sp_digit* r, "ADCS r9, r9, r9\n\t" "ADCS r10, r10, r10\n\t" "ADCS r11, r11, r11\n\t" - "ADC r12, r12, #0x0\n\t" - "RSB r12, r12, #0x0\n\t" + "ADC r12, r12, #0\n\t" + "RSB r12, r12, #0\n\t" "SUBS r4, r4, r12\n\t" "SBCS r5, r5, r12\n\t" "SBCS r6, r6, r12\n\t" - "SBCS r7, r7, #0x0\n\t" - "SBCS r8, r8, #0x0\n\t" - "SBCS r9, r9, #0x0\n\t" + "SBCS r7, r7, #0\n\t" + "SBCS r8, r8, #0\n\t" + "SBCS r9, r9, #0\n\t" "SBCS r10, r10, r12, LSR #31\n\t" "SBCS r11, r11, r12\n\t" "SBC r2, r2, r2\n\t" @@ -36500,9 +36670,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_tpl_8(sp_digit* r, "SUBS r4, r4, r12\n\t" "SBCS r5, r5, r12\n\t" "SBCS r6, r6, r12\n\t" - "SBCS r7, r7, #0x0\n\t" - "SBCS r8, r8, #0x0\n\t" - "SBCS r9, r9, #0x0\n\t" + "SBCS r7, r7, #0\n\t" + "SBCS r8, r8, #0\n\t" + "SBCS r9, r9, #0\n\t" "SBCS r10, r10, r12, LSR #31\n\t" "SBC r11, r11, r12\n\t" "LDM %[a]!, {r2, r3}\n\t" @@ -36517,14 +36687,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_tpl_8(sp_digit* r, "LDM %[a]!, {r2, r3}\n\t" "ADCS r10, r10, r2\n\t" "ADCS r11, r11, r3\n\t" - "ADC r12, r12, #0x0\n\t" - "RSB r12, r12, #0x0\n\t" + "ADC r12, r12, #0\n\t" + "RSB r12, r12, #0\n\t" "SUBS r4, r4, r12\n\t" "SBCS r5, r5, r12\n\t" "SBCS r6, r6, r12\n\t" - "SBCS r7, r7, #0x0\n\t" - "SBCS r8, r8, #0x0\n\t" - "SBCS r9, r9, #0x0\n\t" + "SBCS r7, r7, #0\n\t" + "SBCS r8, r8, #0\n\t" + "SBCS r9, r9, #0\n\t" "SBCS r10, r10, r12, LSR #31\n\t" "SBCS r11, r11, r12\n\t" "SBC r2, r2, r2\n\t" @@ -36532,9 +36702,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_tpl_8(sp_digit* r, "SUBS r4, r4, r12\n\t" "SBCS r5, r5, r12\n\t" "SBCS r6, r6, r12\n\t" - "SBCS r7, r7, #0x0\n\t" - "SBCS r8, r8, #0x0\n\t" - "SBCS r9, r9, #0x0\n\t" + "SBCS r7, r7, #0\n\t" + "SBCS r8, r8, #0\n\t" + "SBCS r9, r9, #0\n\t" "SBCS r10, r10, r12, LSR #31\n\t" "SBC r11, r11, r12\n\t" "STM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" @@ -36557,10 +36727,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_tpl_8(sp_digit* r, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sub_8(sp_digit* r_p, @@ -36578,7 +36748,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sub_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV lr, #0x0\n\t" + "MOV lr, #0\n\t" "LDM %[a], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t" "LDM %[b]!, {r3, r4}\n\t" "SUBS r5, r5, %[m]\n\t" @@ -36592,22 +36762,22 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sub_8(sp_digit* r, "LDM %[b]!, {r3, r4}\n\t" "SBCS r11, r11, %[m]\n\t" "SBCS r12, r12, r4\n\t" - "SBC lr, lr, #0x0\n\t" + "SBC lr, lr, #0\n\t" "ADDS r5, r5, lr\n\t" "ADCS r6, r6, lr\n\t" "ADCS r7, r7, lr\n\t" - "ADCS r8, r8, #0x0\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADCS r10, r10, #0x0\n\t" + "ADCS r8, r8, #0\n\t" + "ADCS r9, r9, #0\n\t" + "ADCS r10, r10, #0\n\t" "ADCS r11, r11, lr, LSR #31\n\t" "ADCS r12, r12, lr\n\t" - "ADC lr, lr, #0x0\n\t" + "ADC lr, lr, #0\n\t" "ADDS r5, r5, lr\n\t" "ADCS r6, r6, lr\n\t" "ADCS r7, r7, lr\n\t" - "ADCS r8, r8, #0x0\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADCS r10, r10, #0x0\n\t" + "ADCS r8, r8, #0\n\t" + "ADCS r9, r9, #0\n\t" + "ADCS r10, r10, #0\n\t" "ADCS r11, r11, lr, LSR #31\n\t" "ADC r12, r12, lr\n\t" "STM %[r], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t" @@ -36625,9 +36795,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sub_8(sp_digit* r, /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_div2_8(sp_digit* r_p, @@ -36645,21 +36815,21 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_div2_8(sp_digit* r, __asm__ __volatile__ ( "LDM %[a], {r4, r5, r6, r7}\n\t" - "AND r3, r4, #0x1\n\t" - "RSB r8, r3, #0x0\n\t" + "AND r3, r4, #1\n\t" + "RSB r8, r3, #0\n\t" "ADDS r4, r4, r8\n\t" "ADCS r5, r5, r8\n\t" "ADCS r6, r6, r8\n\t" - "ADCS r7, r7, #0x0\n\t" + "ADCS r7, r7, #0\n\t" "STM %[r], {r4, r5, r6, r7}\n\t" "LDRD r4, r5, [%[a], #16]\n\t" "LDRD r6, r7, [%[a], #24]\n\t" - "ADCS r4, r4, #0x0\n\t" - "ADCS r5, r5, #0x0\n\t" + "ADCS r4, r4, #0\n\t" + "ADCS r5, r5, #0\n\t" "ADCS r6, r6, r8, LSR #31\n\t" "ADCS r7, r7, r8\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "LSR r8, r4, #1\n\t" "LSR r9, r5, #1\n\t" "LSR r10, r6, #1\n\t" @@ -36695,9 +36865,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_div2_8(sp_digit* r, /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -36766,9 +36936,13 @@ typedef struct sp_256_proj_point_dbl_8_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -36898,9 +37072,10 @@ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_256_cmp_equal_8(const sp_digit* a, const sp_digit* b) { @@ -36912,8 +37087,9 @@ static int sp_256_cmp_equal_8(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_256_iszero_8(const sp_digit* a) { @@ -36923,10 +37099,10 @@ static int sp_256_iszero_8(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_8(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -37026,10 +37202,14 @@ typedef struct sp_256_proj_point_add_8_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -37214,9 +37394,9 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_256_get_point_16_8(sp_point_256* r, const sp_point_256* table, int idx) @@ -37286,13 +37466,15 @@ static void sp_256_get_point_16_8(sp_point_256* r, const sp_point_256* table, * 256 doubles. * 76 adds. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -37422,10 +37604,9 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons #ifdef FP_ECC /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i, sp_digit* t) @@ -37515,8 +37696,8 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_256_proj_to_affine_8(sp_point_256* a, sp_digit* t) { @@ -37547,10 +37728,10 @@ typedef struct sp_table_entry_256 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_qz1_8(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -37632,10 +37813,10 @@ static void sp_256_proj_point_add_qz1_8(sp_point_256* r, * 16 entries * 64 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_256_gen_stripe_table_8(const sp_point_256* a, sp_table_entry_256* table, sp_digit* tmp, void* heap) @@ -37707,9 +37888,9 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_256_get_entry_16_8(sp_point_256* r, const sp_table_entry_256* table, int idx) @@ -37764,13 +37945,16 @@ static void sp_256_get_entry_16_8(sp_point_256* r, * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_stripe_8(sp_point_256* r, const sp_point_256* g, const sp_table_entry_256* table, const sp_digit* k, int map, @@ -37887,8 +38071,8 @@ static THREAD_LS_T int sp_cache_256_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) { @@ -37951,13 +38135,15 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -38037,10 +38223,10 @@ static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, * 256 entries * 32 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_256_gen_stripe_table_8(const sp_point_256* a, sp_table_entry_256* table, sp_digit* tmp, void* heap) @@ -38112,9 +38298,9 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_256_get_entry_256_8(sp_point_256* r, const sp_table_entry_256* table, int idx) @@ -38169,13 +38355,16 @@ static void sp_256_get_entry_256_8(sp_point_256* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_stripe_8(sp_point_256* r, const sp_point_256* g, const sp_table_entry_256* table, const sp_digit* k, int map, @@ -38292,8 +38481,8 @@ static THREAD_LS_T int sp_cache_256_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) { @@ -38356,13 +38545,15 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -38438,12 +38629,14 @@ static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -38473,14 +38666,16 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -38623,12 +38818,14 @@ static const sp_table_entry_256 p256_table[16] = { * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_8(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -39931,12 +40128,14 @@ static const sp_table_entry_256 p256_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_8(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -39950,11 +40149,13 @@ static int sp_256_ecc_mulmod_base_8(sp_point_256* r, const sp_digit* k, /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -39982,13 +40183,15 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P256 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -40042,7 +40245,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * a A single precision integer. + * @param [in, out] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_add_one_8(sp_digit* a_p) @@ -40056,16 +40259,16 @@ WC_OMIT_FRAME_POINTER static void sp_256_add_one_8(sp_digit* a) __asm__ __volatile__ ( "LDM %[a], {r1, r2, r3, r4}\n\t" - "ADDS r1, r1, #0x1\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" + "ADDS r1, r1, #1\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" "STM %[a]!, {r1, r2, r3, r4}\n\t" "LDM %[a], {r1, r2, r3, r4}\n\t" - "ADCS r1, r1, #0x0\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" + "ADCS r1, r1, #0\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" "STM %[a]!, {r1, r2, r3, r4}\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [a] "+r" (a) @@ -40081,10 +40284,10 @@ WC_OMIT_FRAME_POINTER static void sp_256_add_one_8(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -40128,10 +40331,12 @@ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_gen_k_8(WC_RNG* rng, sp_digit* k) { @@ -40161,12 +40366,15 @@ static int sp_256_ecc_gen_k_8(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -40238,6 +40446,23 @@ typedef struct sp_ecc_key_gen_256_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_256_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -40308,8 +40533,8 @@ int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 32 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_256_to_bin_8(sp_digit* r, byte* a) { @@ -40327,14 +40552,16 @@ static void sp_256_to_bin_8(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -40375,6 +40602,25 @@ typedef struct sp_ecc_sec_gen_256_ctx { sp_point_256 point; } sp_ecc_sec_gen_256_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -40424,8 +40670,8 @@ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, @@ -40441,15 +40687,15 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r10, #0x0\n\t" - "ADD r11, %[a], #0x20\n\t" + "MOV r10, #0\n\t" + "ADD r11, %[a], #32\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_256_sub_in_place_8_word:\n\t" #else "L_sp_256_sub_in_place_8_word_%=:\n\t" #endif - "RSBS r10, r10, #0x0\n\t" + "RSBS r10, r10, #0\n\t" "LDM %[a], {r2, r3, r4, r5}\n\t" "LDM %[b]!, {r6, r7, r8, r9}\n\t" "SBCS r2, r2, r6\n\t" @@ -40483,8 +40729,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a, #else /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, @@ -40531,9 +40777,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r_p, @@ -40553,10 +40799,10 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a, /* A[0] * B */ "LDR r8, [%[a]]\n\t" "UMULL r5, r3, %[b], r8\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "STR r5, [%[r]]\n\t" - "MOV r5, #0x0\n\t" - "MOV r9, #0x4\n\t" + "MOV r5, #0\n\t" + "MOV r9, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_256_mul_d_8_word:\n\t" @@ -40568,13 +40814,13 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a, "UMULL r6, r7, %[b], r8\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], r9]\n\t" "MOV r3, r4\n\t" "MOV r4, r5\n\t" - "MOV r5, #0x0\n\t" - "ADD r9, r9, #0x4\n\t" - "CMP r9, #0x20\n\t" + "MOV r5, #0\n\t" + "ADD r9, r9, #4\n\t" + "CMP r9, #32\n\t" #if defined(__GNUC__) "BLT L_sp_256_mul_d_8_word_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -40597,9 +40843,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r_p, @@ -40620,37 +40866,37 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a, "LDM %[a]!, {r8}\n\t" "UMULL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[1] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[2] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[3] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[4] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[5] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[6] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[7] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" @@ -40671,10 +40917,11 @@ WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -40694,7 +40941,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_256_word_8(sp_digit d1, __asm__ __volatile__ ( "LSR r8, %[div], #16\n\t" - "ADD r5, r8, #0x1\n\t" + "ADD r5, r8, #1\n\t" "UDIV r6, %[d1], r5\n\t" "LSL r7, %[div], #16\n\t" "LSL r6, r6, #16\n\t" @@ -40703,8 +40950,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_256_word_8(sp_digit d1, "SBC %[d1], %[d1], r4\n\t" "SUBS r3, %[d1], r5\n\t" "SBC r9, r9, r9\n\t" - "ADD r9, r9, #0x1\n\t" - "RSB r10, r9, #0x0\n\t" + "ADD r9, r9, #1\n\t" + "RSB r10, r9, #0\n\t" "LSL r9, r9, #16\n\t" "AND r7, r7, r10\n\t" "AND r8, r8, r10\n\t" @@ -40743,10 +40990,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_256_word_8(sp_digit d1, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -40766,18 +41014,18 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_256_word_8(sp_digit d1, __asm__ __volatile__ ( "LSR r5, %[div], #1\n\t" - "ADD r5, r5, #0x1\n\t" + "ADD r5, r5, #1\n\t" "MOV r6, %[d0]\n\t" "MOV r7, %[d1]\n\t" /* Do top 32 */ "SUBS r8, r5, r7\n\t" "SBC r8, r8, r8\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" /* Next 30 bits */ - "MOV r4, #0x1d\n\t" + "MOV r4, #29\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_div_256_word_8_bit:\n\t" @@ -40792,7 +41040,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_256_word_8(sp_digit d1, "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" - "SUBS r4, r4, #0x1\n\t" + "SUBS r4, r4, #1\n\t" #if defined(__GNUC__) "BPL L_div_256_word_8_bit_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -40801,7 +41049,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_256_word_8(sp_digit d1, "BPL.N L_div_256_word_8_bit_%=\n\t" #endif "ADD r3, r3, r3\n\t" - "ADD r3, r3, #0x1\n\t" + "ADD r3, r3, #1\n\t" "UMULL r6, r7, r3, %[div]\n\t" "SUBS r9, %[d0], r6\n\t" "SBC r10, %[d1], r7\n\t" @@ -40832,9 +41080,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_256_word_8(sp_digit d1, #endif /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_256_mask_8(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -40859,11 +41107,12 @@ static void sp_256_mask_8(sp_digit* r, const sp_digit* a, sp_digit m) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -40901,10 +41150,11 @@ static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -40915,9 +41165,9 @@ static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a, const sp_digit #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P256 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_256_mont_mul_order_8(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -40941,8 +41191,8 @@ static const sp_int_digit p256_order_low[4] = { /* Square number mod the order of P256 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_256_mont_sqr_order_8(sp_digit* r, const sp_digit* a) { @@ -40954,8 +41204,9 @@ static void sp_256_mont_sqr_order_8(sp_digit* r, const sp_digit* a) /* Square number mod the order of P256 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_256_mont_sqr_n_order_8(sp_digit* r, const sp_digit* a, int n) { @@ -40968,19 +41219,24 @@ static void sp_256_mont_sqr_n_order_8(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_256_mont_inv_order_8_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_256_mont_inv_order_8_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P256 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_256_mont_inv_order_8_ctx { - int state; - int i; -} sp_256_mont_inv_order_8_ctx; static int sp_256_mont_inv_order_8_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -41016,6 +41272,13 @@ static int sp_256_mont_inv_order_8_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const s } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P256 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -41124,13 +41387,15 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_calc_s_8(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -41178,15 +41443,18 @@ static int sp_256_calc_s_8(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 256 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -41294,6 +41562,30 @@ typedef struct sp_ecc_sign_256_ctx { int i; } sp_ecc_sign_256_ctx; +/* Sign the hash using the private key. + * e = [hash, 256 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 256 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -41444,9 +41736,9 @@ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r_p, @@ -41463,15 +41755,15 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r11, #0x0\n\t" - "ADD r12, %[a], #0x20\n\t" + "MOV r11, #0\n\t" + "ADD r12, %[a], #32\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_256_sub_8_word:\n\t" #else "L_sp_256_sub_8_word_%=:\n\t" #endif - "RSBS r11, r11, #0x0\n\t" + "RSBS r11, r11, #0\n\t" "LDM %[a]!, {r3, r4, r5, r6}\n\t" "LDM %[b]!, {r7, r8, r9, r10}\n\t" "SBCS r3, r3, r7\n\t" @@ -41505,9 +41797,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r_p, @@ -41552,6 +41844,12 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r, } #endif /* WOLFSSL_SP_SMALL */ +/* Shift number right one bit. + * Bottom bit is lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_rshift1_8(sp_digit* r_p, const sp_digit* a_p) @@ -41566,7 +41864,7 @@ WC_OMIT_FRAME_POINTER static void sp_256_rshift1_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "LDRD r2, r3, [%[a], #16]\n\t" "LDRD r4, r5, [%[a], #24]\n\t" "LSR r6, r2, #1\n\t" @@ -41606,9 +41904,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_rshift1_8(sp_digit* r, /* Divide the number by 2 mod the modulus. (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus. + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_256_div2_mod_8(sp_digit* r_p, @@ -41625,9 +41923,9 @@ WC_OMIT_FRAME_POINTER static void sp_256_div2_mod_8(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "LDM %[a]!, {r4}\n\t" - "ANDS r3, r4, #0x1\n\t" + "ANDS r3, r4, #1\n\t" #if defined(__GNUC__) "BEQ L_sp_256_div2_mod_8_even_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -41671,7 +41969,7 @@ WC_OMIT_FRAME_POINTER static void sp_256_div2_mod_8(sp_digit* r, "L_sp_256_div2_mod_8_div2_%=:\n\t" #endif "LSR r8, r4, #1\n\t" - "AND r4, r4, #0x1\n\t" + "AND r4, r4, #1\n\t" "LSR r9, r5, #1\n\t" "LSR r10, r6, #1\n\t" "LSR r11, r7, #1\n\t" @@ -41704,6 +42002,12 @@ WC_OMIT_FRAME_POINTER static void sp_256_div2_mod_8(sp_digit* r, ); } +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a_p) #else @@ -41716,7 +42020,7 @@ WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a) __asm__ __volatile__ ( "LDR r1, [%[a], #28]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_256_num_bits_8_7_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -41741,7 +42045,7 @@ WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a) "L_sp_256_num_bits_8_7_%=:\n\t" #endif "LDR r1, [%[a], #24]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_256_num_bits_8_6_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -41766,7 +42070,7 @@ WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a) "L_sp_256_num_bits_8_6_%=:\n\t" #endif "LDR r1, [%[a], #20]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_256_num_bits_8_5_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -41791,7 +42095,7 @@ WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a) "L_sp_256_num_bits_8_5_%=:\n\t" #endif "LDR r1, [%[a], #16]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_256_num_bits_8_4_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -41816,7 +42120,7 @@ WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a) "L_sp_256_num_bits_8_4_%=:\n\t" #endif "LDR r1, [%[a], #12]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_256_num_bits_8_3_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -41841,7 +42145,7 @@ WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a) "L_sp_256_num_bits_8_3_%=:\n\t" #endif "LDR r1, [%[a], #8]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_256_num_bits_8_2_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -41866,7 +42170,7 @@ WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a) "L_sp_256_num_bits_8_2_%=:\n\t" #endif "LDR r1, [%[a], #4]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_256_num_bits_8_1_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -41891,7 +42195,7 @@ WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a) "L_sp_256_num_bits_8_1_%=:\n\t" #endif "LDR r1, [%[a]]\n\t" - "MOV r2, #0x20\n\t" + "MOV r2, #32\n\t" "CLZ r4, r1\n\t" "SUB r4, r2, r4\n\t" "\n" @@ -41915,9 +42219,10 @@ WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a) /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ static int sp_256_mod_inv_8(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -41999,9 +42304,9 @@ static int sp_256_mod_inv_8(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_256_add_points_8(sp_point_256* p1, const sp_point_256* p2, sp_digit* tmp) @@ -42029,13 +42334,16 @@ static void sp_256_add_points_8(sp_point_256* p1, const sp_point_256* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_calc_vfy_point_8(sp_point_256* p1, sp_point_256* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -42096,14 +42404,18 @@ static int sp_256_calc_vfy_point_8(sp_point_256* p1, sp_point_256* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 256 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -42199,6 +42511,32 @@ typedef struct sp_ecc_verify_256_ctx { sp_point_256 p2; } sp_ecc_verify_256_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 256) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 256 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -42335,10 +42673,12 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_256_ecc_is_point_8(const sp_point_256* point, void* heap) @@ -42380,10 +42720,12 @@ static int sp_256_ecc_is_point_8(const sp_point_256* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY) { @@ -42409,13 +42751,17 @@ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -42499,16 +42845,18 @@ int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -42557,13 +42905,15 @@ int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -42603,10 +42953,12 @@ int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -42646,8 +42998,10 @@ int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ) #ifdef HAVE_COMP_KEY /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_256_mont_sqrt_8(sp_digit* y) { @@ -42700,10 +43054,12 @@ static int sp_256_mont_sqrt_8(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym) { @@ -42841,9 +43197,9 @@ static const sp_digit p384_b[12] = { #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r_p, @@ -42865,16 +43221,16 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r, const sp_digit* a, "LDR r11, [%[b]]\n\t" "UMULL r8, r6, lr, r11\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_384_mul_12_outer:\n\t" #else "L_sp_384_mul_12_outer_%=:\n\t" #endif - "SUBS r3, r5, #0x2c\n\t" + "SUBS r3, r5, #44\n\t" "IT cc\n\t" "MOVCC r3, #0x0\n\t" "SUB r4, r5, r3\n\t" @@ -42889,15 +43245,15 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "LDR lr, [%[a], r4]\n\t" "LDR r11, [%[b], r3]\n\t" "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_384_mul_12_inner_done_%=\n\t" @@ -42918,7 +43274,7 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_384_mul_12_inner_done:\n\t" @@ -42928,8 +43284,8 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r, const sp_digit* a, "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x54\n\t" #if defined(__GNUC__) "BLE L_sp_384_mul_12_outer_%=\n\t" @@ -42942,7 +43298,7 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r, const sp_digit* a, "LDR r11, [%[b], #44]\n\t" "UMLAL r6, r7, lr, r11\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -42952,7 +43308,7 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r, const sp_digit* a, #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_384_mul_12_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -42975,9 +43331,9 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r, const sp_digit* a, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r_p, @@ -42994,997 +43350,997 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r, const sp_digit* a, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "SUB sp, sp, #0x30\n\t" + "SUB sp, sp, #48\n\t" /* A[0] * B[0] */ "LDR r11, [%[a]]\n\t" "LDR r12, [%[b]]\n\t" "UMULL r3, r4, r11, r12\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "STR r3, [sp]\n\t" /* A[0] * B[1] */ "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[0] */ "LDR r8, [%[a], #4]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #4]\n\t" /* A[2] * B[0] */ "LDR r8, [%[a], #8]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[1] */ "LDR r11, [%[a], #4]\n\t" "LDR r12, [%[b], #4]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[0] * B[2] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #8]\n\t" /* A[0] * B[3] */ "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[2] */ "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[1] */ "LDR r8, [%[a], #8]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[0] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #12]\n\t" /* A[4] * B[0] */ "LDR r8, [%[a], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[1] */ "LDR r8, [%[a], #12]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[2] */ "LDR r11, [%[a], #8]\n\t" "LDR r12, [%[b], #8]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[3] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[0] * B[4] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #16]\n\t" /* A[0] * B[5] */ "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[4] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[2] * B[3] */ "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[2] */ "LDR r8, [%[a], #12]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[1] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[0] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #20]\n\t" /* A[6] * B[0] */ "LDR r8, [%[a], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[1] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[2] */ "LDR r8, [%[a], #16]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[3] */ "LDR r11, [%[a], #12]\n\t" "LDR r12, [%[b], #12]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[4] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[5] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[0] * B[6] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #24]\n\t" /* A[0] * B[7] */ "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[6] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[5] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[4] */ "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[4] * B[3] */ "LDR r8, [%[a], #16]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[2] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[1] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[0] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #28]\n\t" /* A[8] * B[0] */ "LDR r8, [%[a], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[1] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[2] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[3] */ "LDR r8, [%[a], #20]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[4] */ "LDR r11, [%[a], #16]\n\t" "LDR r12, [%[b], #16]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[5] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[2] * B[6] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[7] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[0] * B[8] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #32]\n\t" /* A[0] * B[9] */ "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[8] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[7] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[6] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[5] */ "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[4] */ "LDR r8, [%[a], #20]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[6] * B[3] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[2] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[1] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[0] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #36]\n\t" /* A[10] * B[0] */ "LDR r8, [%[a], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[1] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[2] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[3] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[4] */ "LDR r8, [%[a], #24]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[5] */ "LDR r11, [%[a], #20]\n\t" "LDR r12, [%[b], #20]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[4] * B[6] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[7] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[8] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[9] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[0] * B[10] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #40]\n\t" /* A[0] * B[11] */ "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[10] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[2] * B[9] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[8] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[7] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[6] */ "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[5] */ "LDR r8, [%[a], #24]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[4] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * B[3] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[2] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[1] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[0] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #44]\n\t" /* A[11] * B[1] */ "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[2] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[3] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[4] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[5] */ "LDR r8, [%[a], #28]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[6] * B[6] */ "LDR r11, [%[a], #24]\n\t" "LDR r12, [%[b], #24]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[7] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[8] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[9] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[10] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[11] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #48]\n\t" /* A[2] * B[11] */ "LDR r8, [%[a], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[10] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[4] * B[9] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[8] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[7] */ "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[6] */ "LDR r8, [%[a], #28]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[5] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[4] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * B[3] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[11] * B[2] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #52]\n\t" /* A[11] * B[3] */ "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[4] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[5] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * B[6] */ "LDR r8, [%[a], #32]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[7] */ "LDR r11, [%[a], #28]\n\t" "LDR r12, [%[b], #28]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[8] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[9] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[10] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[11] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #56]\n\t" /* A[4] * B[11] */ "LDR r8, [%[a], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[10] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[6] * B[9] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[8] */ "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[7] */ "LDR r8, [%[a], #32]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[6] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[5] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[11] * B[4] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #60]\n\t" /* A[11] * B[5] */ "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * B[6] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[7] */ "LDR r8, [%[a], #36]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[8] */ "LDR r11, [%[a], #32]\n\t" "LDR r12, [%[b], #32]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[9] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[10] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[11] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #64]\n\t" /* A[6] * B[11] */ "LDR r8, [%[a], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[10] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * B[9] */ "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[8] */ "LDR r8, [%[a], #36]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[7] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[6] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #68]\n\t" /* A[11] * B[7] */ "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[8] */ "LDR r8, [%[a], #40]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[9] */ "LDR r11, [%[a], #36]\n\t" "LDR r12, [%[b], #36]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[10] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[11] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #72]\n\t" /* A[8] * B[11] */ "LDR r8, [%[a], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[10] */ "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * B[9] */ "LDR r8, [%[a], #40]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[11] * B[8] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #76]\n\t" /* A[11] * B[9] */ "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[10] */ "LDR r11, [%[a], #40]\n\t" "LDR r12, [%[b], #40]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[11] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #80]\n\t" /* A[10] * B[11] */ "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[11] * B[10] */ "LDR r8, [%[a], #44]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #84]\n\t" /* A[11] * B[11] */ "UMLAL r4, r5, r8, r9\n\t" @@ -44012,8 +44368,8 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r_p, @@ -44032,16 +44388,16 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "LDR lr, [%[a]]\n\t" "UMULL r8, r6, lr, lr\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_384_sqr_12_outer:\n\t" #else "L_sp_384_sqr_12_outer_%=:\n\t" #endif - "SUBS r3, r5, #0x2c\n\t" + "SUBS r3, r5, #44\n\t" "IT cc\n\t" "MOVCC r3, #0x0\n\t" "SUB r4, r5, r3\n\t" @@ -44056,12 +44412,12 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_384_sqr_12_inner_done_%=\n\t" @@ -44081,7 +44437,7 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, lr\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_384_sqr_12_inner_done:\n\t" @@ -44091,8 +44447,8 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x54\n\t" #if defined(__GNUC__) "BLE L_sp_384_sqr_12_outer_%=\n\t" @@ -44104,7 +44460,7 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "LDR lr, [%[a], #44]\n\t" "UMLAL r6, r7, lr, lr\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -44114,7 +44470,7 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_384_sqr_12_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -44137,8 +44493,8 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r_p, @@ -44153,11 +44509,11 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "SUB sp, sp, #0x30\n\t" + "SUB sp, sp, #48\n\t" /* A[0] * A[0] */ "LDR r10, [%[a]]\n\t" "UMULL r8, r3, r10, r10\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "STR r8, [sp]\n\t" /* A[0] * A[1] */ "LDR r10, [%[a], #4]\n\t" @@ -44165,12 +44521,12 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "STR r3, [sp, #4]\n\t" /* A[0] * A[2] */ "LDR r10, [%[a], #8]\n\t" @@ -44178,18 +44534,18 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * A[1] */ "LDR r10, [%[a], #4]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #8]\n\t" /* A[0] * A[3] */ "LDR r10, [%[a], #12]\n\t" @@ -44197,22 +44553,22 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * A[2] */ "LDR r10, [%[a], #8]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r2, [sp, #12]\n\t" /* A[0] * A[4] */ "LDR r10, [%[a], #16]\n\t" @@ -44220,49 +44576,49 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" /* A[1] * A[3] */ "LDR r10, [%[a], #12]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" /* A[2] * A[2] */ "LDR r10, [%[a], #8]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "STR r3, [sp, #16]\n\t" /* A[0] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[4] */ "LDR r10, [%[a], #16]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[3] */ "LDR r10, [%[a], #12]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -44274,22 +44630,22 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[4] */ "LDR r10, [%[a], #16]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[3] */ "LDR r10, [%[a], #12]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -44298,7 +44654,7 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADC r4, r4, r7\n\t" @@ -44307,29 +44663,29 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[4] */ "LDR r10, [%[a], #16]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -44341,29 +44697,29 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[4] */ "LDR r10, [%[a], #16]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -44372,7 +44728,7 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r5\n\t" "ADCS r2, r2, r6\n\t" "ADC r3, r3, r7\n\t" @@ -44381,36 +44737,36 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -44422,36 +44778,36 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[5] */ "LDR r10, [%[a], #20]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -44460,7 +44816,7 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r5\n\t" "ADCS r4, r4, r6\n\t" "ADC r2, r2, r7\n\t" @@ -44469,43 +44825,43 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -44517,36 +44873,36 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[2] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[6] */ "LDR r10, [%[a], #24]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -44555,7 +44911,7 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADC r4, r4, r7\n\t" @@ -44564,36 +44920,36 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[3] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -44605,29 +44961,29 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[4] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[7] */ "LDR r10, [%[a], #28]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -44636,7 +44992,7 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r5\n\t" "ADCS r2, r2, r6\n\t" "ADC r3, r3, r7\n\t" @@ -44645,29 +45001,29 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[5] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -44679,22 +45035,22 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[6] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[8] */ "LDR r10, [%[a], #32]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -44703,7 +45059,7 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r5\n\t" "ADCS r4, r4, r6\n\t" "ADC r2, r2, r7\n\t" @@ -44712,22 +45068,22 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[7] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -44741,28 +45097,28 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * A[9] */ "LDR r10, [%[a], #36]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r2, [%[r], #72]\n\t" /* A[8] * A[11] */ "LDR r10, [%[a], #44]\n\t" @@ -44770,22 +45126,22 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" /* A[9] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #36]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "STR r3, [%[r], #76]\n\t" /* A[9] * A[11] */ "LDR r10, [%[a], #44]\n\t" @@ -44793,18 +45149,18 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * A[10] */ "LDR r10, [%[a], #40]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #80]\n\t" /* A[10] * A[11] */ "LDR r10, [%[a], #44]\n\t" @@ -44812,12 +45168,12 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" "STR r2, [%[r], #84]\n\t" /* A[11] * A[11] */ "LDR r10, [%[a], #44]\n\t" @@ -44846,9 +45202,9 @@ WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r_p, @@ -44865,8 +45221,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r3, #0x0\n\t" - "ADD r12, %[a], #0x30\n\t" + "MOV r3, #0\n\t" + "ADD r12, %[a], #48\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_384_add_12_word:\n\t" @@ -44881,8 +45237,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r, "ADCS r6, r6, r10\n\t" "ADCS r7, r7, r11\n\t" "STM %[r]!, {r4, r5, r6, r7}\n\t" - "MOV r4, #0x0\n\t" - "ADC r3, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r3, r4, #0\n\t" "CMP %[a], r12\n\t" #if defined(__GNUC__) "BNE L_sp_384_add_12_word_%=\n\t" @@ -44908,9 +45264,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r_p, @@ -44948,8 +45304,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r, "ADCS r5, r5, r9\n\t" "ADCS r6, r6, r10\n\t" "STM %[r]!, {r3, r4, r5, r6}\n\t" - "MOV %[r], #0x0\n\t" - "ADC %[r], %[r], #0x0\n\t" + "MOV %[r], #0\n\t" + "ADC %[r], %[r], #0\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -44965,10 +45321,12 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_mod_mul_norm_12(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -45054,9 +45412,9 @@ static int sp_384_mod_mul_norm_12(sp_digit* r, const sp_digit* a, const sp_digit /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -45142,8 +45500,8 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_384. * - * p Point of type sp_point_384 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_384 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_384_point_from_ecc_point_12(sp_point_384* p, const ecc_point* pm) @@ -45159,8 +45517,8 @@ static void sp_384_point_from_ecc_point_12(sp_point_384* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_384_to_mp(const sp_digit* a, mp_int* r) { @@ -45227,10 +45585,11 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_384 to type ecc_point. * - * p Point of type sp_point_384. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_384. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_384_point_to_ecc_point_12(const sp_point_384* p, ecc_point* pm) { @@ -45251,10 +45610,11 @@ static int sp_384_point_to_ecc_point_12(const sp_point_384* p, ecc_point* pm) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r_p, @@ -45272,9 +45632,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r8, #0x0\n\t" - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r8, #0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_384_cond_sub_12_words:\n\t" @@ -45288,8 +45648,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r, "SBCS r6, r6, r7\n\t" "SBC r4, r8, r8\n\t" "STR r6, [%[r], r5]\n\t" - "ADD r5, r5, #0x4\n\t" - "CMP r5, #0x30\n\t" + "ADD r5, r5, #4\n\t" + "CMP r5, #48\n\t" #if defined(__GNUC__) "BLT L_sp_384_cond_sub_12_words_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -45314,10 +45674,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r_p, @@ -45335,7 +45696,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "LDM %[a]!, {r6, r7}\n\t" "LDM %[b]!, {r8, r9}\n\t" "AND r8, r8, %[m]\n\t" @@ -45397,9 +45758,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r, #ifdef WOLFSSL_SP_NO_UMAAL /* Reduce the number back to 384 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12( @@ -45418,8 +45780,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a, __asm__ __volatile__ ( "LDR lr, [%[m]]\n\t" /* i = 0 */ - "MOV r11, #0x0\n\t" - "MOV r3, #0x0\n\t" + "MOV r11, #0\n\t" + "MOV r3, #0\n\t" "LDR r4, [%[a]]\n\t" "LDR r5, [%[a], #4]\n\t" "\n" @@ -45431,104 +45793,104 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a, /* mu = a[i] * mp */ "MUL r10, %[mp], r4\n\t" /* a[i+0] += m[0] * mu */ - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r4, r7, r10, lr\n\t" /* a[i+1] += m[1] * mu */ "LDR r9, [%[m], #4]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r5, r6, r10, r9\n\t" "MOV r4, r5\n\t" "ADDS r4, r4, r7\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+2] += m[2] * mu */ "LDR r9, [%[m], #8]\n\t" "LDR r5, [%[a], #8]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r5, r7, r10, r9\n\t" "ADDS r5, r5, r6\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+3] += m[3] * mu */ "LDR r9, [%[m], #12]\n\t" "LDR r12, [%[a], #12]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #12]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+4] += m[4] * mu */ "LDR r9, [%[m], #16]\n\t" "LDR r12, [%[a], #16]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #16]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+5] += m[5] * mu */ "LDR r9, [%[m], #20]\n\t" "LDR r12, [%[a], #20]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #20]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+6] += m[6] * mu */ "LDR r9, [%[m], #24]\n\t" "LDR r12, [%[a], #24]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #24]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+7] += m[7] * mu */ "LDR r9, [%[m], #28]\n\t" "LDR r12, [%[a], #28]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #28]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+8] += m[8] * mu */ "LDR r9, [%[m], #32]\n\t" "LDR r12, [%[a], #32]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #32]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+9] += m[9] * mu */ "LDR r9, [%[m], #36]\n\t" "LDR r12, [%[a], #36]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #36]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+10] += m[10] * mu */ "LDR r9, [%[m], #40]\n\t" "LDR r12, [%[a], #40]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #40]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+11] += m[11] * mu */ "LDR r9, [%[m], #44]\n\t" "LDR r12, [%[a], #44]\n\t" "UMULL r8, r9, r10, r9\n\t" "ADDS r7, r7, r8\n\t" "ADCS r6, r9, r3\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADC r3, r3, r3\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #44]\n\t" "LDR r12, [%[a], #48]\n\t" "ADCS r12, r12, r6\n\t" "STR r12, [%[a], #48]\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* i += 1 */ - "ADD r11, r11, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" - "CMP r11, #0x30\n\t" + "ADD r11, r11, #4\n\t" + "ADD %[a], %[a], #4\n\t" + "CMP r11, #48\n\t" #if defined(__GNUC__) "BLT L_sp_384_mont_reduce_12_word_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -45556,9 +45918,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a, #else /* Reduce the number back to 384 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12( @@ -45576,8 +45939,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a, __asm__ __volatile__ ( /* i = 0 */ - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "LDR r6, [%[a]]\n\t" "LDR r7, [%[a], #4]\n\t" "LDR r8, [%[a], #8]\n\t" @@ -45593,7 +45956,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a, "MUL lr, %[mp], r6\n\t" /* a[i+0] += m[0] * mu */ "LDR r12, [%[m]]\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "UMAAL r6, r3, lr, r12\n\t" /* a[i+1] += m[1] * mu */ "LDR r12, [%[m], #4]\n\t" @@ -45645,16 +46008,16 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a, "LDR r11, [%[a], #44]\n\t" "UMAAL r11, r3, lr, r12\n\t" "LDR lr, [%[a], #48]\n\t" - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "UMAAL r3, lr, r12, r12\n\t" "STR r11, [%[a], #44]\n\t" "ADDS r3, r3, r5\n\t" - "ADC r5, lr, #0x0\n\t" + "ADC r5, lr, #0\n\t" "STR r3, [%[a], #48]\n\t" /* i += 1 */ - "ADD r4, r4, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" - "CMP r4, #0x30\n\t" + "ADD r4, r4, #4\n\t" + "ADD %[a], %[a], #4\n\t" + "CMP r4, #48\n\t" #if defined(__GNUC__) "BLT L_sp_384_mont_reduce_12_word_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -45686,11 +46049,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a, /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -45701,10 +46064,10 @@ SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -45716,11 +46079,11 @@ SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a, #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_n_12(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -45743,9 +46106,9 @@ static const word32 p384_mod_minus_2[12] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P384 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -45827,10 +46190,11 @@ static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_384_cmp_12(const sp_digit* a_p, @@ -45847,11 +46211,11 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_384_cmp_12(const sp_digit* a, __asm__ __volatile__ ( "MOV r2, #0xffffffff\n\t" - "MOV r8, #0x1\n\t" - "MOV r7, #0x0\n\t" + "MOV r8, #1\n\t" + "MOV r7, #0\n\t" "MOV r3, #0xffffffff\n\t" #ifdef WOLFSSL_SP_SMALL - "MOV r6, #0x2c\n\t" + "MOV r6, #44\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_384_cmp_12_words:\n\t" @@ -45869,7 +46233,7 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_384_cmp_12(const sp_digit* a, "movlo r2, r3\n\t" "IT ne\n\t" "movne r3, r7\n\t" - "SUBS r6, r6, #0x4\n\t" + "SUBS r6, r6, #4\n\t" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "bcs L_sp_384_cmp_12_words\n\t" #else @@ -46026,15 +46390,15 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_384_cmp_12(const sp_digit* a, /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_384_norm_12(a) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_384_map_12(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -46072,10 +46436,10 @@ static void sp_384_map_12(sp_point_384* r, const sp_point_384* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_add_12(sp_digit* r_p, @@ -46093,7 +46457,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_add_12(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "LDM %[a]!, {r8, r9, r10, r11}\n\t" "LDM %[b]!, {r4, r5, r6, r7}\n\t" "ADDS r8, r8, r4\n\t" @@ -46115,14 +46479,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_add_12(sp_digit* r, "ADCS r10, r10, r6\n\t" "ADCS r11, r11, r7\n\t" "STM %[r]!, {r8, r9, r10, r11}\n\t" - "ADC r3, r3, #0x0\n\t" - "SUB %[r], %[r], #0x30\n\t" - "RSB r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" + "SUB %[r], %[r], #48\n\t" + "RSB r3, r3, #0\n\t" "LSR r12, r3, #1\n\t" "LDM %[r], {r8, r9, r10, r11}\n\t" "SUBS r8, r8, r3\n\t" - "SBCS r9, r9, #0x0\n\t" - "SBCS r10, r10, #0x0\n\t" + "SBCS r9, r9, #0\n\t" + "SBCS r10, r10, #0\n\t" "SBCS r11, r11, r3\n\t" "STM %[r]!, {r8, r9, r10, r11}\n\t" "LDM %[r], {r8, r9, r10, r11}\n\t" @@ -46138,13 +46502,13 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_add_12(sp_digit* r, "SBCS r11, r11, r3\n\t" "STM %[r]!, {r8, r9, r10, r11}\n\t" "SBC %[b], %[b], %[b]\n\t" - "SUB %[r], %[r], #0x30\n\t" + "SUB %[r], %[r], #48\n\t" "SUB r3, r3, %[b]\n\t" "LSR r12, r3, #1\n\t" "LDM %[r], {r8, r9, r10, r11}\n\t" "SUBS r8, r8, r3\n\t" - "SBCS r9, r9, #0x0\n\t" - "SBCS r10, r10, #0x0\n\t" + "SBCS r9, r9, #0\n\t" + "SBCS r10, r10, #0\n\t" "SBCS r11, r11, r3\n\t" "STM %[r]!, {r8, r9, r10, r11}\n\t" "LDM %[r], {r8, r9, r10, r11}\n\t" @@ -46173,9 +46537,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_add_12(sp_digit* r, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_dbl_12(sp_digit* r_p, @@ -46192,7 +46556,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_dbl_12(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r2, #0x0\n\t" + "MOV r2, #0\n\t" "LDM %[a]!, {r4, r5, r6, r7, r8, r9}\n\t" "ADDS r4, r4, r4\n\t" "ADCS r5, r5, r5\n\t" @@ -46209,14 +46573,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_dbl_12(sp_digit* r, "ADCS r8, r8, r8\n\t" "ADCS r9, r9, r9\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9}\n\t" - "ADC r2, r2, #0x0\n\t" - "SUB %[r], %[r], #0x30\n\t" - "RSB r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" + "SUB %[r], %[r], #48\n\t" + "RSB r2, r2, #0\n\t" "LSR r3, r2, #1\n\t" "LDM %[r], {r4, r5, r6, r7, r8, r9}\n\t" "SUBS r4, r4, r2\n\t" - "SBCS r5, r5, #0x0\n\t" - "SBCS r6, r6, #0x0\n\t" + "SBCS r5, r5, #0\n\t" + "SBCS r6, r6, #0\n\t" "SBCS r7, r7, r2\n\t" "SBCS r8, r8, r3, LSL #1\n\t" "SBCS r9, r9, r2\n\t" @@ -46230,13 +46594,13 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_dbl_12(sp_digit* r, "SBCS r9, r9, r2\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9}\n\t" "SBC %[a], %[a], %[a]\n\t" - "SUB %[r], %[r], #0x30\n\t" + "SUB %[r], %[r], #48\n\t" "SUB r2, r2, %[a]\n\t" "LSR r3, r2, #1\n\t" "LDM %[r], {r4, r5, r6, r7, r8, r9}\n\t" "SUBS r4, r4, r2\n\t" - "SBCS r5, r5, #0x0\n\t" - "SBCS r6, r6, #0x0\n\t" + "SBCS r5, r5, #0\n\t" + "SBCS r6, r6, #0\n\t" "SBCS r7, r7, r2\n\t" "SBCS r8, r8, r3, LSL #1\n\t" "SBCS r9, r9, r2\n\t" @@ -46262,9 +46626,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_dbl_12(sp_digit* r, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_tpl_12(sp_digit* r_p, @@ -46281,7 +46645,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_tpl_12(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r2, #0x0\n\t" + "MOV r2, #0\n\t" "LDM %[a]!, {r4, r5, r6, r7, r8, r9}\n\t" "ADDS r4, r4, r4\n\t" "ADCS r5, r5, r5\n\t" @@ -46298,14 +46662,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_tpl_12(sp_digit* r, "ADCS r8, r8, r8\n\t" "ADCS r9, r9, r9\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9}\n\t" - "ADC r2, r2, #0x0\n\t" - "SUB %[r], %[r], #0x30\n\t" - "RSB r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" + "SUB %[r], %[r], #48\n\t" + "RSB r2, r2, #0\n\t" "LSR r3, r2, #1\n\t" "LDM %[r], {r4, r5, r6, r7, r8, r9}\n\t" "SUBS r4, r4, r2\n\t" - "SBCS r5, r5, #0x0\n\t" - "SBCS r6, r6, #0x0\n\t" + "SBCS r5, r5, #0\n\t" + "SBCS r6, r6, #0\n\t" "SBCS r7, r7, r2\n\t" "SBCS r8, r8, r3, LSL #1\n\t" "SBCS r9, r9, r2\n\t" @@ -46319,13 +46683,13 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_tpl_12(sp_digit* r, "SBCS r9, r9, r2\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9}\n\t" "SBC r12, r12, r12\n\t" - "SUB %[r], %[r], #0x30\n\t" + "SUB %[r], %[r], #48\n\t" "SUB r2, r2, r12\n\t" "LSR r3, r2, #1\n\t" "LDM %[r], {r4, r5, r6, r7, r8, r9}\n\t" "SUBS r4, r4, r2\n\t" - "SBCS r5, r5, #0x0\n\t" - "SBCS r6, r6, #0x0\n\t" + "SBCS r5, r5, #0\n\t" + "SBCS r6, r6, #0\n\t" "SBCS r7, r7, r2\n\t" "SBCS r8, r8, r3, LSL #1\n\t" "SBCS r9, r9, r2\n\t" @@ -46338,9 +46702,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_tpl_12(sp_digit* r, "SBCS r8, r8, r2\n\t" "SBC r9, r9, r2\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9}\n\t" - "SUB %[r], %[r], #0x30\n\t" - "SUB %[a], %[a], #0x30\n\t" - "MOV r2, #0x0\n\t" + "SUB %[r], %[r], #48\n\t" + "SUB %[a], %[a], #48\n\t" + "MOV r2, #0\n\t" "LDM %[a]!, {r4, r5, r6, r7}\n\t" "LDM %[r], {r8, r9, r10, r11}\n\t" "ADDS r8, r8, r4\n\t" @@ -46362,14 +46726,14 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_tpl_12(sp_digit* r, "ADCS r10, r10, r6\n\t" "ADCS r11, r11, r7\n\t" "STM %[r]!, {r8, r9, r10, r11}\n\t" - "ADC r2, r2, #0x0\n\t" - "SUB %[r], %[r], #0x30\n\t" - "RSB r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" + "SUB %[r], %[r], #48\n\t" + "RSB r2, r2, #0\n\t" "LSR r3, r2, #1\n\t" "LDM %[r], {r4, r5, r6, r7, r8, r9}\n\t" "SUBS r4, r4, r2\n\t" - "SBCS r5, r5, #0x0\n\t" - "SBCS r6, r6, #0x0\n\t" + "SBCS r5, r5, #0\n\t" + "SBCS r6, r6, #0\n\t" "SBCS r7, r7, r2\n\t" "SBCS r8, r8, r3, LSL #1\n\t" "SBCS r9, r9, r2\n\t" @@ -46383,13 +46747,13 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_tpl_12(sp_digit* r, "SBCS r9, r9, r2\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9}\n\t" "SBC r12, r12, r12\n\t" - "SUB %[r], %[r], #0x30\n\t" + "SUB %[r], %[r], #48\n\t" "SUB r2, r2, r12\n\t" "LSR r3, r2, #1\n\t" "LDM %[r], {r4, r5, r6, r7, r8, r9}\n\t" "SUBS r4, r4, r2\n\t" - "SBCS r5, r5, #0x0\n\t" - "SBCS r6, r6, #0x0\n\t" + "SBCS r5, r5, #0\n\t" + "SBCS r6, r6, #0\n\t" "SBCS r7, r7, r2\n\t" "SBCS r8, r8, r3, LSL #1\n\t" "SBCS r9, r9, r2\n\t" @@ -46417,9 +46781,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_tpl_12(sp_digit* r, #ifndef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_12(sp_digit* r_p, @@ -46475,10 +46839,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_12(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r_p, @@ -46496,9 +46861,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r5, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r4, #0x0\n\t" + "MOV r5, #0\n\t" + "MOV r8, #0\n\t" + "MOV r4, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_384_cond_add_12_words:\n\t" @@ -46512,8 +46877,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r, "ADCS r6, r6, r7\n\t" "ADC r5, r8, r8\n\t" "STR r6, [%[r], r4]\n\t" - "ADD r4, r4, #0x4\n\t" - "CMP r4, #0x30\n\t" + "ADD r4, r4, #4\n\t" + "CMP r4, #48\n\t" #if defined(__GNUC__) "BLT L_sp_384_cond_add_12_words_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -46538,10 +46903,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r_p, @@ -46559,7 +46925,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "LDM %[a]!, {r6, r7}\n\t" "LDM %[b]!, {r8, r9}\n\t" "AND r8, r8, %[m]\n\t" @@ -46618,10 +46984,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_sub_12(sp_digit* r_p, @@ -46639,7 +47005,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_sub_12(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV %[m], #0x0\n\t" + "MOV %[m], #0\n\t" "LDM %[a]!, {r8, r9, r10, r11}\n\t" "LDM %[b]!, {r4, r5, r6, r7}\n\t" "SUBS r8, r8, r4\n\t" @@ -46661,13 +47027,13 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_sub_12(sp_digit* r, "SBCS r10, r10, r6\n\t" "SBCS r11, r11, r7\n\t" "STM %[r]!, {r8, r9, r10, r11}\n\t" - "SBC %[m], %[m], #0x0\n\t" - "SUB %[r], %[r], #0x30\n\t" + "SBC %[m], %[m], #0\n\t" + "SUB %[r], %[r], #48\n\t" "LSR r12, %[m], #1\n\t" "LDM %[r], {r8, r9, r10, r11}\n\t" "ADDS r8, r8, %[m]\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADCS r10, r10, #0x0\n\t" + "ADCS r9, r9, #0\n\t" + "ADCS r10, r10, #0\n\t" "ADCS r11, r11, %[m]\n\t" "STM %[r]!, {r8, r9, r10, r11}\n\t" "LDM %[r], {r8, r9, r10, r11}\n\t" @@ -46682,13 +47048,13 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_sub_12(sp_digit* r, "ADCS r10, r10, %[m]\n\t" "ADCS r11, r11, %[m]\n\t" "STM %[r]!, {r8, r9, r10, r11}\n\t" - "ADC %[m], %[m], #0x0\n\t" - "SUB %[r], %[r], #0x30\n\t" + "ADC %[m], %[m], #0\n\t" + "SUB %[r], %[r], #48\n\t" "LSR r12, %[m], #1\n\t" "LDM %[r], {r8, r9, r10, r11}\n\t" "ADDS r8, r8, %[m]\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADCS r10, r10, #0x0\n\t" + "ADCS r9, r9, #0\n\t" + "ADCS r10, r10, #0\n\t" "ADCS r11, r11, %[m]\n\t" "STM %[r]!, {r8, r9, r10, r11}\n\t" "LDM %[r], {r8, r9, r10, r11}\n\t" @@ -46718,6 +47084,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_sub_12(sp_digit* r, #ifdef WOLFSSL_SP_SMALL #else #endif /* WOLFSSL_SP_SMALL */ +/* Shift number right one bit. + * Bottom bit is lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_rshift1_12(sp_digit* r_p, const sp_digit* a_p) @@ -46791,9 +47163,9 @@ WC_OMIT_FRAME_POINTER static void sp_384_rshift1_12(sp_digit* r, /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ static void sp_384_mont_div2_12(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -46806,9 +47178,9 @@ static void sp_384_mont_div2_12(sp_digit* r, const sp_digit* a, const sp_digit* /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -46877,9 +47249,13 @@ typedef struct sp_384_proj_point_dbl_12_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -47009,9 +47385,10 @@ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_384_cmp_equal_12(const sp_digit* a, const sp_digit* b) { @@ -47024,8 +47401,9 @@ static int sp_384_cmp_equal_12(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_384_iszero_12(const sp_digit* a) { @@ -47036,10 +47414,10 @@ static int sp_384_iszero_12(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_12(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -47139,10 +47517,14 @@ typedef struct sp_384_proj_point_add_12_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -47327,9 +47709,9 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_point_16_12(sp_point_384* r, const sp_point_384* table, int idx) @@ -47423,13 +47805,15 @@ static void sp_384_get_point_16_12(sp_point_384* r, const sp_point_384* table, * 384 doubles. * 108 adds. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -47559,10 +47943,9 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con #ifdef FP_ECC /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i, sp_digit* t) @@ -47652,8 +48035,8 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_384_proj_to_affine_12(sp_point_384* a, sp_digit* t) { @@ -47684,10 +48067,10 @@ typedef struct sp_table_entry_384 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_qz1_12(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -47769,10 +48152,10 @@ static void sp_384_proj_point_add_qz1_12(sp_point_384* r, * 16 entries * 96 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_384_gen_stripe_table_12(const sp_point_384* a, sp_table_entry_384* table, sp_digit* tmp, void* heap) @@ -47844,9 +48227,9 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_entry_16_12(sp_point_384* r, const sp_table_entry_384* table, int idx) @@ -47917,13 +48300,16 @@ static void sp_384_get_entry_16_12(sp_point_384* r, * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_stripe_12(sp_point_384* r, const sp_point_384* g, const sp_table_entry_384* table, const sp_digit* k, int map, @@ -48040,8 +48426,8 @@ static THREAD_LS_T int sp_cache_384_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) { @@ -48104,13 +48490,15 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -48190,10 +48578,10 @@ static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, * 256 entries * 48 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_384_gen_stripe_table_12(const sp_point_384* a, sp_table_entry_384* table, sp_digit* tmp, void* heap) @@ -48265,9 +48653,9 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_384_get_entry_256_12(sp_point_384* r, const sp_table_entry_384* table, int idx) @@ -48338,13 +48726,16 @@ static void sp_384_get_entry_256_12(sp_point_384* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_stripe_12(sp_point_384* r, const sp_point_384* g, const sp_table_entry_384* table, const sp_digit* k, int map, @@ -48461,8 +48852,8 @@ static THREAD_LS_T int sp_cache_384_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) { @@ -48525,13 +48916,15 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -48607,12 +49000,14 @@ static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -48642,14 +49037,16 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -48792,12 +49189,14 @@ static const sp_table_entry_384 p384_table[16] = { * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_12(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -50100,12 +50499,14 @@ static const sp_table_entry_384 p384_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_12(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -50119,11 +50520,13 @@ static int sp_384_ecc_mulmod_base_12(sp_point_384* r, const sp_digit* k, /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -50151,13 +50554,15 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P384 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -50211,7 +50616,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * a A single precision integer. + * @param [in, out] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_add_one_12(sp_digit* a_p) @@ -50225,22 +50630,22 @@ WC_OMIT_FRAME_POINTER static void sp_384_add_one_12(sp_digit* a) __asm__ __volatile__ ( "LDM %[a], {r1, r2, r3, r4}\n\t" - "ADDS r1, r1, #0x1\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" + "ADDS r1, r1, #1\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" "STM %[a]!, {r1, r2, r3, r4}\n\t" "LDM %[a], {r1, r2, r3, r4}\n\t" - "ADCS r1, r1, #0x0\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" + "ADCS r1, r1, #0\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" "STM %[a]!, {r1, r2, r3, r4}\n\t" "LDM %[a], {r1, r2, r3, r4}\n\t" - "ADCS r1, r1, #0x0\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" + "ADCS r1, r1, #0\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" "STM %[a]!, {r1, r2, r3, r4}\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [a] "+r" (a) @@ -50256,10 +50661,10 @@ WC_OMIT_FRAME_POINTER static void sp_384_add_one_12(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -50303,10 +50708,12 @@ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_gen_k_12(WC_RNG* rng, sp_digit* k) { @@ -50336,12 +50743,15 @@ static int sp_384_ecc_gen_k_12(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -50413,6 +50823,23 @@ typedef struct sp_ecc_key_gen_384_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_384_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -50483,8 +50910,8 @@ int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 48 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_384_to_bin_12(sp_digit* r, byte* a) { @@ -50502,14 +50929,16 @@ static void sp_384_to_bin_12(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -50550,6 +50979,25 @@ typedef struct sp_ecc_sec_gen_384_ctx { sp_point_384 point; } sp_ecc_sec_gen_384_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -50599,8 +51047,8 @@ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, @@ -50616,15 +51064,15 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r10, #0x0\n\t" - "ADD r11, %[a], #0x30\n\t" + "MOV r10, #0\n\t" + "ADD r11, %[a], #48\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_384_sub_in_place_12_word:\n\t" #else "L_sp_384_sub_in_place_12_word_%=:\n\t" #endif - "RSBS r10, r10, #0x0\n\t" + "RSBS r10, r10, #0\n\t" "LDM %[a], {r2, r3, r4, r5}\n\t" "LDM %[b]!, {r6, r7, r8, r9}\n\t" "SBCS r2, r2, r6\n\t" @@ -50658,8 +51106,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a, #else /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, @@ -50713,9 +51161,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r_p, @@ -50735,10 +51183,10 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r, /* A[0] * B */ "LDR r8, [%[a]]\n\t" "UMULL r5, r3, %[b], r8\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "STR r5, [%[r]]\n\t" - "MOV r5, #0x0\n\t" - "MOV r9, #0x4\n\t" + "MOV r5, #0\n\t" + "MOV r9, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_384_mul_d_12_word:\n\t" @@ -50750,13 +51198,13 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r, "UMULL r6, r7, %[b], r8\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], r9]\n\t" "MOV r3, r4\n\t" "MOV r4, r5\n\t" - "MOV r5, #0x0\n\t" - "ADD r9, r9, #0x4\n\t" - "CMP r9, #0x30\n\t" + "MOV r5, #0\n\t" + "ADD r9, r9, #4\n\t" + "CMP r9, #48\n\t" #if defined(__GNUC__) "BLT L_sp_384_mul_d_12_word_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -50779,9 +51227,9 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r_p, @@ -50802,57 +51250,57 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r, "LDM %[a]!, {r8}\n\t" "UMULL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[1] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[2] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[3] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[4] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[5] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[6] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[7] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[8] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[9] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[10] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[11] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" @@ -50873,10 +51321,11 @@ WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -50896,7 +51345,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_384_word_12(sp_digit d1, __asm__ __volatile__ ( "LSR r8, %[div], #16\n\t" - "ADD r5, r8, #0x1\n\t" + "ADD r5, r8, #1\n\t" "UDIV r6, %[d1], r5\n\t" "LSL r7, %[div], #16\n\t" "LSL r6, r6, #16\n\t" @@ -50905,8 +51354,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_384_word_12(sp_digit d1, "SBC %[d1], %[d1], r4\n\t" "SUBS r3, %[d1], r5\n\t" "SBC r9, r9, r9\n\t" - "ADD r9, r9, #0x1\n\t" - "RSB r10, r9, #0x0\n\t" + "ADD r9, r9, #1\n\t" + "RSB r10, r9, #0\n\t" "LSL r9, r9, #16\n\t" "AND r7, r7, r10\n\t" "AND r8, r8, r10\n\t" @@ -50945,10 +51394,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_384_word_12(sp_digit d1, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -50968,18 +51418,18 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_384_word_12(sp_digit d1, __asm__ __volatile__ ( "LSR r5, %[div], #1\n\t" - "ADD r5, r5, #0x1\n\t" + "ADD r5, r5, #1\n\t" "MOV r6, %[d0]\n\t" "MOV r7, %[d1]\n\t" /* Do top 32 */ "SUBS r8, r5, r7\n\t" "SBC r8, r8, r8\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" /* Next 30 bits */ - "MOV r4, #0x1d\n\t" + "MOV r4, #29\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_div_384_word_12_bit:\n\t" @@ -50994,7 +51444,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_384_word_12(sp_digit d1, "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" - "SUBS r4, r4, #0x1\n\t" + "SUBS r4, r4, #1\n\t" #if defined(__GNUC__) "BPL L_div_384_word_12_bit_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -51003,7 +51453,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_384_word_12(sp_digit d1, "BPL.N L_div_384_word_12_bit_%=\n\t" #endif "ADD r3, r3, r3\n\t" - "ADD r3, r3, #0x1\n\t" + "ADD r3, r3, #1\n\t" "UMULL r6, r7, r3, %[div]\n\t" "SUBS r9, %[d0], r6\n\t" "SBC r10, %[d1], r7\n\t" @@ -51034,9 +51484,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_384_word_12(sp_digit d1, #endif /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_384_mask_12(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -51065,11 +51515,12 @@ static void sp_384_mask_12(sp_digit* r, const sp_digit* a, sp_digit m) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -51107,10 +51558,11 @@ static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -51121,9 +51573,9 @@ static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a, const sp_digi #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P384 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_384_mont_mul_order_12(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -51147,8 +51599,8 @@ static const word32 p384_order_low[6] = { /* Square number mod the order of P384 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_384_mont_sqr_order_12(sp_digit* r, const sp_digit* a) { @@ -51160,8 +51612,9 @@ static void sp_384_mont_sqr_order_12(sp_digit* r, const sp_digit* a) /* Square number mod the order of P384 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_384_mont_sqr_n_order_12(sp_digit* r, const sp_digit* a, int n) { @@ -51174,19 +51627,24 @@ static void sp_384_mont_sqr_n_order_12(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_384_mont_inv_order_12_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_384_mont_inv_order_12_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P384 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_384_mont_inv_order_12_ctx { - int state; - int i; -} sp_384_mont_inv_order_12_ctx; static int sp_384_mont_inv_order_12_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -51222,6 +51680,13 @@ static int sp_384_mont_inv_order_12_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P384 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_384_mont_inv_order_12(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -51297,13 +51762,15 @@ static void sp_384_mont_inv_order_12(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_calc_s_12(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -51351,15 +51818,18 @@ static int sp_384_calc_s_12(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 384 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -51467,6 +51937,30 @@ typedef struct sp_ecc_sign_384_ctx { int i; } sp_ecc_sign_384_ctx; +/* Sign the hash using the private key. + * e = [hash, 384 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 384 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -51616,9 +52110,9 @@ int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W #ifndef WOLFSSL_SP_SMALL /* Divide the number by 2 mod the modulus. (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus. + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_384_div2_mod_12(sp_digit* r_p, @@ -51636,7 +52130,7 @@ WC_OMIT_FRAME_POINTER static void sp_384_div2_mod_12(sp_digit* r, __asm__ __volatile__ ( "LDM %[a]!, {r4}\n\t" - "ANDS r3, r4, #0x1\n\t" + "ANDS r3, r4, #1\n\t" #if defined(__GNUC__) "BEQ L_sp_384_div2_mod_12_even_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -51644,7 +52138,7 @@ WC_OMIT_FRAME_POINTER static void sp_384_div2_mod_12(sp_digit* r, #else "BEQ.N L_sp_384_div2_mod_12_even_%=\n\t" #endif - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "LDM %[a]!, {r5, r6, r7}\n\t" "LDM %[m]!, {r8, r9, r10, r11}\n\t" "ADDS r4, r4, r8\n\t" @@ -51692,7 +52186,7 @@ WC_OMIT_FRAME_POINTER static void sp_384_div2_mod_12(sp_digit* r, #else "L_sp_384_div2_mod_12_div2_%=:\n\t" #endif - "SUB %[r], %[r], #0x30\n\t" + "SUB %[r], %[r], #48\n\t" "LDRD r8, r9, [%[r]]\n\t" "LSR r8, r8, #1\n\t" "ORR r8, r8, r9, LSL #31\n\t" @@ -51752,6 +52246,12 @@ WC_OMIT_FRAME_POINTER static void sp_384_div2_mod_12(sp_digit* r, ); } +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a_p) #else @@ -51764,7 +52264,7 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a) __asm__ __volatile__ ( "LDR r1, [%[a], #44]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_384_num_bits_12_11_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -51789,7 +52289,7 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a) "L_sp_384_num_bits_12_11_%=:\n\t" #endif "LDR r1, [%[a], #40]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_384_num_bits_12_10_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -51814,7 +52314,7 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a) "L_sp_384_num_bits_12_10_%=:\n\t" #endif "LDR r1, [%[a], #36]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_384_num_bits_12_9_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -51839,7 +52339,7 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a) "L_sp_384_num_bits_12_9_%=:\n\t" #endif "LDR r1, [%[a], #32]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_384_num_bits_12_8_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -51864,7 +52364,7 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a) "L_sp_384_num_bits_12_8_%=:\n\t" #endif "LDR r1, [%[a], #28]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_384_num_bits_12_7_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -51889,7 +52389,7 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a) "L_sp_384_num_bits_12_7_%=:\n\t" #endif "LDR r1, [%[a], #24]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_384_num_bits_12_6_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -51914,7 +52414,7 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a) "L_sp_384_num_bits_12_6_%=:\n\t" #endif "LDR r1, [%[a], #20]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_384_num_bits_12_5_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -51939,7 +52439,7 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a) "L_sp_384_num_bits_12_5_%=:\n\t" #endif "LDR r1, [%[a], #16]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_384_num_bits_12_4_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -51964,7 +52464,7 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a) "L_sp_384_num_bits_12_4_%=:\n\t" #endif "LDR r1, [%[a], #12]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_384_num_bits_12_3_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -51989,7 +52489,7 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a) "L_sp_384_num_bits_12_3_%=:\n\t" #endif "LDR r1, [%[a], #8]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_384_num_bits_12_2_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -52014,7 +52514,7 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a) "L_sp_384_num_bits_12_2_%=:\n\t" #endif "LDR r1, [%[a], #4]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_384_num_bits_12_1_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -52039,7 +52539,7 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a) "L_sp_384_num_bits_12_1_%=:\n\t" #endif "LDR r1, [%[a]]\n\t" - "MOV r2, #0x20\n\t" + "MOV r2, #32\n\t" "CLZ r4, r1\n\t" "SUB r4, r2, r4\n\t" "\n" @@ -52063,9 +52563,10 @@ WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a) /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ static int sp_384_mod_inv_12(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -52147,9 +52648,9 @@ static int sp_384_mod_inv_12(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_384_add_points_12(sp_point_384* p1, const sp_point_384* p2, sp_digit* tmp) @@ -52181,13 +52682,16 @@ static void sp_384_add_points_12(sp_point_384* p1, const sp_point_384* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_calc_vfy_point_12(sp_point_384* p1, sp_point_384* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -52248,14 +52752,18 @@ static int sp_384_calc_vfy_point_12(sp_point_384* p1, sp_point_384* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 384 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -52351,6 +52859,32 @@ typedef struct sp_ecc_verify_384_ctx { sp_point_384 p2; } sp_ecc_verify_384_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 384) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 384 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -52487,10 +53021,12 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_384_ecc_is_point_12(const sp_point_384* point, void* heap) @@ -52532,10 +53068,12 @@ static int sp_384_ecc_is_point_12(const sp_point_384* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY) { @@ -52561,13 +53099,17 @@ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -52651,16 +53193,18 @@ int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -52709,13 +53253,15 @@ int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -52755,10 +53301,12 @@ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -52798,8 +53346,10 @@ int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ) #ifdef HAVE_COMP_KEY /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_384_mont_sqrt_12(sp_digit* y) { @@ -52883,10 +53433,12 @@ static int sp_384_mont_sqrt_12(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym) { @@ -53036,9 +53588,9 @@ static const sp_digit p521_b[17] = { #ifdef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r_p, @@ -53060,9 +53612,9 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r, const sp_digit* a, "LDR r11, [%[b]]\n\t" "UMULL r8, r6, lr, r11\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_521_mul_17_outer:\n\t" @@ -53084,15 +53636,15 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "LDR lr, [%[a], r4]\n\t" "LDR r11, [%[b], r3]\n\t" "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_521_mul_17_inner_done_%=\n\t" @@ -53113,7 +53665,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_521_mul_17_inner_done:\n\t" @@ -53123,8 +53675,8 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r, const sp_digit* a, "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x7c\n\t" #if defined(__GNUC__) "BLE L_sp_521_mul_17_outer_%=\n\t" @@ -53137,11 +53689,11 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r, const sp_digit* a, "LDR r11, [%[b], #64]\n\t" "UMLAL r6, r7, lr, r11\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "LDM sp!, {r6, r7}\n\t" "STM %[r]!, {r6, r7}\n\t" - "SUB r5, r5, #0x8\n\t" + "SUB r5, r5, #8\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_521_mul_17_store:\n\t" @@ -53150,7 +53702,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r, const sp_digit* a, #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_521_mul_17_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -53173,9 +53725,9 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r, const sp_digit* a, #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r_p, @@ -53197,2002 +53749,2002 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r, const sp_digit* a, "LDR r11, [%[a]]\n\t" "LDR r12, [%[b]]\n\t" "UMULL r3, r4, r11, r12\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "STR r3, [sp]\n\t" /* A[0] * B[1] */ "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[0] */ "LDR r8, [%[a], #4]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #4]\n\t" /* A[2] * B[0] */ "LDR r8, [%[a], #8]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[1] */ "LDR r11, [%[a], #4]\n\t" "LDR r12, [%[b], #4]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[0] * B[2] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #8]\n\t" /* A[0] * B[3] */ "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[2] */ "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[1] */ "LDR r8, [%[a], #8]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[0] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #12]\n\t" /* A[4] * B[0] */ "LDR r8, [%[a], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[1] */ "LDR r8, [%[a], #12]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[2] */ "LDR r11, [%[a], #8]\n\t" "LDR r12, [%[b], #8]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[3] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[0] * B[4] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #16]\n\t" /* A[0] * B[5] */ "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[4] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[2] * B[3] */ "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[2] */ "LDR r8, [%[a], #12]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[1] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[0] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #20]\n\t" /* A[6] * B[0] */ "LDR r8, [%[a], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[1] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[2] */ "LDR r8, [%[a], #16]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[3] */ "LDR r11, [%[a], #12]\n\t" "LDR r12, [%[b], #12]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[4] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[5] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[0] * B[6] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #24]\n\t" /* A[0] * B[7] */ "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[6] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[5] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[4] */ "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[4] * B[3] */ "LDR r8, [%[a], #16]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[2] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[1] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[0] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #28]\n\t" /* A[8] * B[0] */ "LDR r8, [%[a], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[1] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[2] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[3] */ "LDR r8, [%[a], #20]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[4] */ "LDR r11, [%[a], #16]\n\t" "LDR r12, [%[b], #16]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[5] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[2] * B[6] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[7] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[0] * B[8] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #32]\n\t" /* A[0] * B[9] */ "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[8] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[7] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[6] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[5] */ "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[4] */ "LDR r8, [%[a], #20]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[6] * B[3] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[2] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[1] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[0] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #36]\n\t" /* A[10] * B[0] */ "LDR r8, [%[a], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[1] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[2] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[3] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[4] */ "LDR r8, [%[a], #24]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[5] */ "LDR r11, [%[a], #20]\n\t" "LDR r12, [%[b], #20]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[4] * B[6] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[7] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[8] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[9] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[0] * B[10] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #40]\n\t" /* A[0] * B[11] */ "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[10] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[2] * B[9] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[8] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[7] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[6] */ "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[5] */ "LDR r8, [%[a], #24]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[4] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * B[3] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[2] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[1] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[0] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #44]\n\t" /* A[12] * B[0] */ "LDR r8, [%[a], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[11] * B[1] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[2] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[3] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[4] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[5] */ "LDR r8, [%[a], #28]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[6] * B[6] */ "LDR r11, [%[a], #24]\n\t" "LDR r12, [%[b], #24]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[7] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[8] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[9] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[10] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[11] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[0] * B[12] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #48]\n\t" /* A[0] * B[13] */ "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[12] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[11] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[10] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[4] * B[9] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[8] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[7] */ "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[6] */ "LDR r8, [%[a], #28]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[5] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[4] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * B[3] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[11] * B[2] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[12] * B[1] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[13] * B[0] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #52]\n\t" /* A[14] * B[0] */ "LDR r8, [%[a], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[13] * B[1] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[12] * B[2] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[3] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[4] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[5] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * B[6] */ "LDR r8, [%[a], #32]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[7] */ "LDR r11, [%[a], #28]\n\t" "LDR r12, [%[b], #28]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[8] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[9] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[10] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[11] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[2] * B[12] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[13] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[0] * B[14] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #56]\n\t" /* A[0] * B[15] */ "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[14] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[13] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[12] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[11] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[10] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[6] * B[9] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[8] */ "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[7] */ "LDR r8, [%[a], #32]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[6] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[5] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[11] * B[4] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[12] * B[3] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[13] * B[2] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[14] * B[1] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[15] * B[0] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #60]\n\t" /* A[16] * B[0] */ "LDR r8, [%[a], #64]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[15] * B[1] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[14] * B[2] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[13] * B[3] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[12] * B[4] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[11] * B[5] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * B[6] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[7] */ "LDR r8, [%[a], #36]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[8] */ "LDR r11, [%[a], #32]\n\t" "LDR r12, [%[b], #32]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[9] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[10] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[11] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[4] * B[12] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[13] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[14] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[15] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[0] * B[16] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #64]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #64]\n\t" /* A[1] * B[16] */ "LDR r8, [%[a], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[2] * B[15] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[14] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[13] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[12] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[11] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[10] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * B[9] */ "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[8] */ "LDR r8, [%[a], #36]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[7] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[6] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[12] * B[5] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[13] * B[4] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[14] * B[3] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[15] * B[2] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[16] * B[1] */ "LDR r8, [%[a], #64]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #68]\n\t" /* A[16] * B[2] */ "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[15] * B[3] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[14] * B[4] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[13] * B[5] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[12] * B[6] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[11] * B[7] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[8] */ "LDR r8, [%[a], #40]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[9] */ "LDR r11, [%[a], #36]\n\t" "LDR r12, [%[b], #36]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[10] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[11] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[6] * B[12] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[13] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[14] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[15] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[16] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #64]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #72]\n\t" /* A[3] * B[16] */ "LDR r8, [%[a], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[4] * B[15] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[14] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[13] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[12] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[11] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[10] */ "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * B[9] */ "LDR r8, [%[a], #40]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[11] * B[8] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[12] * B[7] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[13] * B[6] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[14] * B[5] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[15] * B[4] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[16] * B[3] */ "LDR r8, [%[a], #64]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #76]\n\t" /* A[16] * B[4] */ "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[15] * B[5] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[14] * B[6] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[13] * B[7] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[12] * B[8] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[9] */ "LDR r8, [%[a], #44]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[10] */ "LDR r11, [%[a], #40]\n\t" "LDR r12, [%[b], #40]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[11] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * B[12] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[13] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[14] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[15] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[16] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #64]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #80]\n\t" /* A[5] * B[16] */ "LDR r8, [%[a], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[6] * B[15] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[14] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[13] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[12] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[11] */ "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[11] * B[10] */ "LDR r8, [%[a], #44]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[12] * B[9] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[13] * B[8] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[14] * B[7] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[15] * B[6] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[16] * B[5] */ "LDR r8, [%[a], #64]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #84]\n\t" /* A[16] * B[6] */ "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[15] * B[7] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[14] * B[8] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[13] * B[9] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[12] * B[10] */ "LDR r8, [%[a], #48]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[11] * B[11] */ "LDR r11, [%[a], #44]\n\t" "LDR r12, [%[b], #44]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * B[12] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[13] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[14] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[15] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[16] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #64]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #88]\n\t" /* A[7] * B[16] */ "LDR r8, [%[a], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * B[15] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[14] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[13] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[12] */ "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[12] * B[11] */ "LDR r8, [%[a], #48]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[13] * B[10] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[14] * B[9] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[15] * B[8] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[16] * B[7] */ "LDR r8, [%[a], #64]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #92]\n\t" /* A[16] * B[8] */ "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[15] * B[9] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[14] * B[10] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[13] * B[11] */ "LDR r8, [%[a], #52]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[12] * B[12] */ "LDR r11, [%[a], #48]\n\t" "LDR r12, [%[b], #48]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[11] * B[13] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[14] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[15] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[16] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #64]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #96]\n\t" /* A[9] * B[16] */ "LDR r8, [%[a], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * B[15] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[11] * B[14] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[12] * B[13] */ "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[13] * B[12] */ "LDR r8, [%[a], #52]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[14] * B[11] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[15] * B[10] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[16] * B[9] */ "LDR r8, [%[a], #64]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #100]\n\t" /* A[16] * B[10] */ "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[15] * B[11] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[14] * B[12] */ "LDR r8, [%[a], #56]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[13] * B[13] */ "LDR r11, [%[a], #52]\n\t" "LDR r12, [%[b], #52]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[12] * B[14] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[15] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[16] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #64]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #104]\n\t" /* A[11] * B[16] */ "LDR r8, [%[a], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[12] * B[15] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[13] * B[14] */ "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[14] * B[13] */ "LDR r8, [%[a], #56]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[15] * B[12] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[16] * B[11] */ "LDR r8, [%[a], #64]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #108]\n\t" /* A[16] * B[12] */ "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[15] * B[13] */ "LDR r8, [%[a], #60]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[14] * B[14] */ "LDR r11, [%[a], #56]\n\t" "LDR r12, [%[b], #56]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[13] * B[15] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[12] * B[16] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #64]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #112]\n\t" /* A[13] * B[16] */ "LDR r8, [%[a], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[14] * B[15] */ "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[15] * B[14] */ "LDR r8, [%[a], #60]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[16] * B[13] */ "LDR r8, [%[a], #64]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #116]\n\t" /* A[16] * B[14] */ "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[15] * B[15] */ "LDR r11, [%[a], #60]\n\t" "LDR r12, [%[b], #60]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[14] * B[16] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #64]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #120]\n\t" /* A[15] * B[16] */ "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[16] * B[15] */ "LDR r8, [%[a], #64]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #124]\n\t" /* A[16] * B[16] */ "UMLAL r5, r3, r8, r9\n\t" @@ -55224,8 +55776,8 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r, const sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r_p, @@ -55244,9 +55796,9 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR lr, [%[a]]\n\t" "UMULL r8, r6, lr, lr\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_521_sqr_17_outer:\n\t" @@ -55268,12 +55820,12 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_521_sqr_17_inner_done_%=\n\t" @@ -55293,7 +55845,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, lr\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_521_sqr_17_inner_done:\n\t" @@ -55303,8 +55855,8 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x7c\n\t" #if defined(__GNUC__) "BLE L_sp_521_sqr_17_outer_%=\n\t" @@ -55316,11 +55868,11 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR lr, [%[a], #64]\n\t" "UMLAL r6, r7, lr, lr\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "LDM sp!, {r6, r7}\n\t" "STM %[r]!, {r6, r7}\n\t" - "SUB r5, r5, #0x8\n\t" + "SUB r5, r5, #8\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_521_sqr_17_store:\n\t" @@ -55329,7 +55881,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_521_sqr_17_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -55352,8 +55904,8 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) #else /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r_p, @@ -55372,7 +55924,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) /* A[0] * A[0] */ "LDR r10, [%[a]]\n\t" "UMULL r8, r3, r10, r10\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "STR r8, [sp]\n\t" /* A[0] * A[1] */ "LDR r10, [%[a], #4]\n\t" @@ -55380,12 +55932,12 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "STR r3, [sp, #4]\n\t" /* A[0] * A[2] */ "LDR r10, [%[a], #8]\n\t" @@ -55393,18 +55945,18 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * A[1] */ "LDR r10, [%[a], #4]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #8]\n\t" /* A[0] * A[3] */ "LDR r10, [%[a], #12]\n\t" @@ -55412,22 +55964,22 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * A[2] */ "LDR r10, [%[a], #8]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r2, [sp, #12]\n\t" /* A[0] * A[4] */ "LDR r10, [%[a], #16]\n\t" @@ -55435,49 +55987,49 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" /* A[1] * A[3] */ "LDR r10, [%[a], #12]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" /* A[2] * A[2] */ "LDR r10, [%[a], #8]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "STR r3, [sp, #16]\n\t" /* A[0] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[4] */ "LDR r10, [%[a], #16]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[3] */ "LDR r10, [%[a], #12]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -55489,22 +56041,22 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[4] */ "LDR r10, [%[a], #16]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[3] */ "LDR r10, [%[a], #12]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -55513,7 +56065,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADC r4, r4, r7\n\t" @@ -55522,29 +56074,29 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[4] */ "LDR r10, [%[a], #16]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -55556,29 +56108,29 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[4] */ "LDR r10, [%[a], #16]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -55587,7 +56139,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r5\n\t" "ADCS r2, r2, r6\n\t" "ADC r3, r3, r7\n\t" @@ -55596,36 +56148,36 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -55637,36 +56189,36 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[5] */ "LDR r10, [%[a], #20]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -55675,7 +56227,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r5\n\t" "ADCS r4, r4, r6\n\t" "ADC r2, r2, r7\n\t" @@ -55684,43 +56236,43 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -55732,43 +56284,43 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[6] */ "LDR r10, [%[a], #24]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -55777,7 +56329,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADC r4, r4, r7\n\t" @@ -55786,50 +56338,50 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -55841,50 +56393,50 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[7] */ "LDR r10, [%[a], #28]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -55893,7 +56445,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r5\n\t" "ADCS r2, r2, r6\n\t" "ADC r3, r3, r7\n\t" @@ -55902,57 +56454,57 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -55964,57 +56516,57 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #64]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[15] */ "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[8] */ "LDR r10, [%[a], #32]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -56023,7 +56575,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r5\n\t" "ADCS r4, r4, r6\n\t" "ADC r2, r2, r7\n\t" @@ -56032,57 +56584,57 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #64]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[2] * A[15] */ "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -56094,50 +56646,50 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #64]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[3] * A[15] */ "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[9] * A[9] */ "LDR r10, [%[a], #36]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -56146,7 +56698,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADC r4, r4, r7\n\t" @@ -56155,50 +56707,50 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #64]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[4] * A[15] */ "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[9] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #36]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -56210,43 +56762,43 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #64]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[5] * A[15] */ "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[9] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #36]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[10] * A[10] */ "LDR r10, [%[a], #40]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -56255,7 +56807,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r5\n\t" "ADCS r2, r2, r6\n\t" "ADC r3, r3, r7\n\t" @@ -56264,43 +56816,43 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #64]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[6] * A[15] */ "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[9] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #36]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[10] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #40]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -56312,36 +56864,36 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #64]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[7] * A[15] */ "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[9] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #36]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[10] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #40]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[11] * A[11] */ "LDR r10, [%[a], #44]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -56350,7 +56902,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r5\n\t" "ADCS r4, r4, r6\n\t" "ADC r2, r2, r7\n\t" @@ -56359,36 +56911,36 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #64]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[8] * A[15] */ "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[9] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #36]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[10] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #40]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[11] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #44]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -56400,29 +56952,29 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #64]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[9] * A[15] */ "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #36]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[10] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #40]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[11] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #44]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[12] * A[12] */ "LDR r10, [%[a], #48]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -56431,7 +56983,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADC r4, r4, r7\n\t" @@ -56440,29 +56992,29 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #64]\n\t" "LDR r12, [%[a], #36]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[10] * A[15] */ "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #40]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[11] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #44]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[12] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #48]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -56474,22 +57026,22 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #64]\n\t" "LDR r12, [%[a], #40]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[11] * A[15] */ "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #44]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[12] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #48]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[13] * A[13] */ "LDR r10, [%[a], #52]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -56498,7 +57050,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r5\n\t" "ADCS r2, r2, r6\n\t" "ADC r3, r3, r7\n\t" @@ -56507,22 +57059,22 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #64]\n\t" "LDR r12, [%[a], #44]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[12] * A[15] */ "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #48]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[13] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #52]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -56536,28 +57088,28 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" /* A[13] * A[15] */ "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #52]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" /* A[14] * A[14] */ "LDR r10, [%[a], #56]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "STR r3, [%[r], #112]\n\t" /* A[13] * A[16] */ "LDR r10, [%[a], #64]\n\t" @@ -56565,22 +57117,22 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[14] * A[15] */ "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #56]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #116]\n\t" /* A[14] * A[16] */ "LDR r10, [%[a], #64]\n\t" @@ -56588,18 +57140,18 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[15] * A[15] */ "LDR r10, [%[a], #60]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r2, [%[r], #120]\n\t" /* A[15] * A[16] */ "LDR r10, [%[a], #64]\n\t" @@ -56607,12 +57159,12 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "STR r3, [%[r], #124]\n\t" /* A[16] * A[16] */ "LDR r10, [%[a], #64]\n\t" @@ -56645,9 +57197,9 @@ WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a) #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r_p, @@ -56664,7 +57216,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADD r12, %[a], #0x40\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -56680,8 +57232,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r, "ADCS r6, r6, r10\n\t" "ADCS r7, r7, r11\n\t" "STM %[r]!, {r4, r5, r6, r7}\n\t" - "MOV r4, #0x0\n\t" - "ADC r3, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r3, r4, #0\n\t" "CMP %[a], r12\n\t" #if defined(__GNUC__) "BNE L_sp_521_add_17_word_%=\n\t" @@ -56695,8 +57247,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r, "LDM %[b], {r8}\n\t" "ADCS r4, r4, r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r4, #0x0\n\t" - "ADC %[r], r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC %[r], r4, #0\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -56713,9 +57265,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r, #else /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r_p, @@ -56764,8 +57316,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r, "LDM %[b]!, {r7}\n\t" "ADCS r3, r3, r7\n\t" "STM %[r]!, {r3}\n\t" - "MOV %[r], #0x0\n\t" - "ADC %[r], %[r], #0x0\n\t" + "MOV %[r], #0\n\t" + "ADC %[r], %[r], #0\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -56781,10 +57333,12 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_mod_mul_norm_17(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -56799,9 +57353,9 @@ static int sp_521_mod_mul_norm_17(sp_digit* r, const sp_digit* a, const sp_digit /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -56887,8 +57441,8 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_521. * - * p Point of type sp_point_521 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_521 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_521_point_from_ecc_point_17(sp_point_521* p, const ecc_point* pm) @@ -56904,8 +57458,8 @@ static void sp_521_point_from_ecc_point_17(sp_point_521* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_521_to_mp(const sp_digit* a, mp_int* r) { @@ -56972,10 +57526,11 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_521 to type ecc_point. * - * p Point of type sp_point_521. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_521. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_521_point_to_ecc_point_17(const sp_point_521* p, ecc_point* pm) { @@ -56996,10 +57551,11 @@ static int sp_521_point_to_ecc_point_17(const sp_point_521* p, ecc_point* pm) /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r_p, @@ -57017,9 +57573,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r8, #0x0\n\t" - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r8, #0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_521_cond_sub_17_words:\n\t" @@ -57033,7 +57589,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r, "SBCS r6, r6, r7\n\t" "SBC r4, r8, r8\n\t" "STR r6, [%[r], r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x44\n\t" #if defined(__GNUC__) "BLT L_sp_521_cond_sub_17_words_%=\n\t" @@ -57059,10 +57615,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r_p, @@ -57080,7 +57637,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "LDM %[a]!, {r6, r7}\n\t" "LDM %[b]!, {r8, r9}\n\t" "AND r8, r8, %[m]\n\t" @@ -57158,9 +57715,10 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_17( @@ -57258,25 +57816,25 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_17(sp_digit* a, /* 0-8 */ "LDM %[a], {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t" "ADDS r1, r1, r12\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "ADCS r5, r5, #0x0\n\t" - "ADCS r6, r6, #0x0\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADCS r8, r8, #0x0\n\t" - "ADCS r9, r9, #0x0\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "ADCS r5, r5, #0\n\t" + "ADCS r6, r6, #0\n\t" + "ADCS r7, r7, #0\n\t" + "ADCS r8, r8, #0\n\t" + "ADCS r9, r9, #0\n\t" "STM %[a]!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t" /* 9-16 */ "LDM %[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t" - "ADCS r1, r1, #0x0\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" - "ADCS r5, r5, #0x0\n\t" - "ADCS r6, r6, #0x0\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADCS r8, r8, #0x0\n\t" + "ADCS r1, r1, #0\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" + "ADCS r5, r5, #0\n\t" + "ADCS r6, r6, #0\n\t" + "ADCS r7, r7, #0\n\t" + "ADCS r8, r8, #0\n\t" "STM %[a]!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [a] "+r" (a) @@ -57303,9 +57861,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_17(sp_digit* a, #ifdef WOLFSSL_SP_NO_UMAAL /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( @@ -57324,8 +57883,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( __asm__ __volatile__ ( "LDR lr, [%[m]]\n\t" /* i = 0 */ - "MOV r11, #0x0\n\t" - "MOV r3, #0x0\n\t" + "MOV r11, #0\n\t" + "MOV r3, #0\n\t" "LDR r4, [%[a]]\n\t" "LDR r5, [%[a], #4]\n\t" "\n" @@ -57353,144 +57912,144 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( "L_sp_521_mont_reduce_order_17_nomask_%=:\n\t" #endif /* a[i+0] += m[0] * mu */ - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r4, r7, r10, lr\n\t" "STR r4, [%[a]]\n\t" /* a[i+1] += m[1] * mu */ "LDR r9, [%[m], #4]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r5, r6, r10, r9\n\t" "MOV r4, r5\n\t" "ADDS r4, r4, r7\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+2] += m[2] * mu */ "LDR r9, [%[m], #8]\n\t" "LDR r5, [%[a], #8]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r5, r7, r10, r9\n\t" "ADDS r5, r5, r6\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+3] += m[3] * mu */ "LDR r9, [%[m], #12]\n\t" "LDR r12, [%[a], #12]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #12]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+4] += m[4] * mu */ "LDR r9, [%[m], #16]\n\t" "LDR r12, [%[a], #16]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #16]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+5] += m[5] * mu */ "LDR r9, [%[m], #20]\n\t" "LDR r12, [%[a], #20]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #20]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+6] += m[6] * mu */ "LDR r9, [%[m], #24]\n\t" "LDR r12, [%[a], #24]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #24]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+7] += m[7] * mu */ "LDR r9, [%[m], #28]\n\t" "LDR r12, [%[a], #28]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #28]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+8] += m[8] * mu */ "LDR r9, [%[m], #32]\n\t" "LDR r12, [%[a], #32]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #32]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+9] += m[9] * mu */ "LDR r9, [%[m], #36]\n\t" "LDR r12, [%[a], #36]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #36]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+10] += m[10] * mu */ "LDR r9, [%[m], #40]\n\t" "LDR r12, [%[a], #40]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #40]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+11] += m[11] * mu */ "LDR r9, [%[m], #44]\n\t" "LDR r12, [%[a], #44]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #44]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+12] += m[12] * mu */ "LDR r9, [%[m], #48]\n\t" "LDR r12, [%[a], #48]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #48]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+13] += m[13] * mu */ "LDR r9, [%[m], #52]\n\t" "LDR r12, [%[a], #52]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #52]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+14] += m[14] * mu */ "LDR r9, [%[m], #56]\n\t" "LDR r12, [%[a], #56]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #56]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+15] += m[15] * mu */ "LDR r9, [%[m], #60]\n\t" "LDR r12, [%[a], #60]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #60]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+16] += m[16] * mu */ "LDR r9, [%[m], #64]\n\t" "LDR r12, [%[a], #64]\n\t" "UMULL r8, r9, r10, r9\n\t" "ADDS r6, r6, r8\n\t" "ADCS r7, r9, r3\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADC r3, r3, r3\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #64]\n\t" "LDR r12, [%[a], #68]\n\t" "ADCS r12, r12, r7\n\t" "STR r12, [%[a], #68]\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* i += 1 */ - "ADD r11, r11, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r11, r11, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r11, #0x44\n\t" #if defined(__GNUC__) "BLT L_sp_521_mont_reduce_order_17_word_%=\n\t" @@ -57502,7 +58061,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( /* Loop Done */ "STR r4, [%[a]]\n\t" "STR r5, [%[a], #4]\n\t" - "SUB %[a], %[a], #0x4\n\t" + "SUB %[a], %[a], #4\n\t" "LDR r6, [%[a]]\n\t" "LDR r7, [%[a], #4]\n\t" "LSR r6, r6, #9\n\t" @@ -57571,7 +58130,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( "LSR r6, r6, #9\n\t" "STR r6, [%[a], #68]\n\t" "LSR r3, r6, #9\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD %[a], %[a], #4\n\t" "MOV %[mp], r3\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp) @@ -57589,9 +58148,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( #else /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( @@ -57609,8 +58169,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( __asm__ __volatile__ ( /* i = 0 */ - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "LDR r6, [%[a]]\n\t" "LDR r7, [%[a], #4]\n\t" "LDR r8, [%[a], #8]\n\t" @@ -57642,7 +58202,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( #endif /* a[i+0] += m[0] * mu */ "LDR r12, [%[m]]\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "UMAAL r6, r3, lr, r12\n\t" "STR r6, [%[a]]\n\t" /* a[i+1] += m[1] * mu */ @@ -57720,15 +58280,15 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( "LDR r11, [%[a], #64]\n\t" "UMAAL r11, r3, lr, r12\n\t" "LDR lr, [%[a], #68]\n\t" - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "UMAAL r3, lr, r12, r12\n\t" "STR r11, [%[a], #64]\n\t" "ADDS r3, r3, r5\n\t" - "ADC r5, lr, #0x0\n\t" + "ADC r5, lr, #0\n\t" "STR r3, [%[a], #68]\n\t" /* i += 1 */ - "ADD r4, r4, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r4, r4, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r4, #0x44\n\t" #if defined(__GNUC__) "BLT L_sp_521_mont_reduce_order_17_word_%=\n\t" @@ -57743,7 +58303,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( "STR r8, [%[a], #8]\n\t" "STR r9, [%[a], #12]\n\t" "STR r10, [%[a], #16]\n\t" - "SUB %[a], %[a], #0x4\n\t" + "SUB %[a], %[a], #4\n\t" "LDR r12, [%[a]]\n\t" "LDR r3, [%[a], #4]\n\t" "LSR r12, r12, #9\n\t" @@ -57812,7 +58372,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( "LSR r12, r12, #9\n\t" "STR r12, [%[a], #68]\n\t" "LSR r5, r12, #9\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD %[a], %[a], #4\n\t" "MOV %[mp], r5\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp) @@ -57831,11 +58391,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -57846,10 +58406,10 @@ SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -57861,11 +58421,11 @@ SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a, #ifndef WOLFSSL_SP_SMALL /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_sqr_n_17(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -57889,9 +58449,9 @@ static const word32 p521_mod_minus_2[17] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P521 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -57969,10 +58529,11 @@ static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_521_cmp_17(const sp_digit* a_p, @@ -57989,8 +58550,8 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_521_cmp_17(const sp_digit* a, __asm__ __volatile__ ( "MOV r2, #0xffffffff\n\t" - "MOV r8, #0x1\n\t" - "MOV r7, #0x0\n\t" + "MOV r8, #1\n\t" + "MOV r7, #0\n\t" "MOV r3, #0xffffffff\n\t" #ifdef WOLFSSL_SP_SMALL "MOV r6, #0x40\n\t" @@ -58011,7 +58572,7 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_521_cmp_17(const sp_digit* a, "movlo r2, r3\n\t" "IT ne\n\t" "movne r3, r7\n\t" - "SUBS r6, r6, #0x4\n\t" + "SUBS r6, r6, #4\n\t" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "bcs L_sp_521_cmp_17_words\n\t" #else @@ -58223,15 +58784,15 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_521_cmp_17(const sp_digit* a, /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_521_norm_17(a) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_521_map_17(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -58269,10 +58830,10 @@ static void sp_521_map_17(sp_point_521* r, const sp_point_521* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_add_17(sp_digit* r_p, @@ -58289,7 +58850,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_add_17(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "LDM %[a]!, {r8, r9, r10, r11}\n\t" "LDM %[b]!, {r4, r5, r6, r7}\n\t" "ADDS r8, r8, r4\n\t" @@ -58328,26 +58889,26 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_add_17(sp_digit* r, "SUB %[r], %[r], #0x44\n\t" "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "ADDS r4, r4, r3\n\t" - "ADCS r5, r5, #0x0\n\t" - "ADCS r6, r6, #0x0\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADCS r8, r8, #0x0\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADCS r10, r10, #0x0\n\t" - "ADCS r11, r11, #0x0\n\t" + "ADCS r5, r5, #0\n\t" + "ADCS r6, r6, #0\n\t" + "ADCS r7, r7, #0\n\t" + "ADCS r8, r8, #0\n\t" + "ADCS r9, r9, #0\n\t" + "ADCS r10, r10, #0\n\t" + "ADCS r11, r11, #0\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" - "ADCS r4, r4, #0x0\n\t" - "ADCS r5, r5, #0x0\n\t" - "ADCS r6, r6, #0x0\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADCS r8, r8, #0x0\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADCS r10, r10, #0x0\n\t" - "ADCS r11, r11, #0x0\n\t" + "ADCS r4, r4, #0\n\t" + "ADCS r5, r5, #0\n\t" + "ADCS r6, r6, #0\n\t" + "ADCS r7, r7, #0\n\t" + "ADCS r8, r8, #0\n\t" + "ADCS r9, r9, #0\n\t" + "ADCS r10, r10, #0\n\t" + "ADCS r11, r11, #0\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "LDM %[r], {r4}\n\t" - "ADCS r4, r4, #0x0\n\t" + "ADCS r4, r4, #0\n\t" "STM %[r]!, {r4}\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) @@ -58368,9 +58929,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_add_17(sp_digit* r, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_dbl_17(sp_digit* r_p, @@ -58386,7 +58947,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_dbl_17(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r2, #0x0\n\t" + "MOV r2, #0\n\t" "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "ADDS r4, r4, r4\n\t" "ADCS r5, r5, r5\n\t" @@ -58416,26 +58977,26 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_dbl_17(sp_digit* r, "SUB %[r], %[r], #0x44\n\t" "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "ADDS r4, r4, r2\n\t" - "ADCS r5, r5, #0x0\n\t" - "ADCS r6, r6, #0x0\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADCS r8, r8, #0x0\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADCS r10, r10, #0x0\n\t" - "ADCS r11, r11, #0x0\n\t" + "ADCS r5, r5, #0\n\t" + "ADCS r6, r6, #0\n\t" + "ADCS r7, r7, #0\n\t" + "ADCS r8, r8, #0\n\t" + "ADCS r9, r9, #0\n\t" + "ADCS r10, r10, #0\n\t" + "ADCS r11, r11, #0\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" - "ADCS r4, r4, #0x0\n\t" - "ADCS r5, r5, #0x0\n\t" - "ADCS r6, r6, #0x0\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADCS r8, r8, #0x0\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADCS r10, r10, #0x0\n\t" - "ADCS r11, r11, #0x0\n\t" + "ADCS r4, r4, #0\n\t" + "ADCS r5, r5, #0\n\t" + "ADCS r6, r6, #0\n\t" + "ADCS r7, r7, #0\n\t" + "ADCS r8, r8, #0\n\t" + "ADCS r9, r9, #0\n\t" + "ADCS r10, r10, #0\n\t" + "ADCS r11, r11, #0\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "LDM %[r], {r4}\n\t" - "ADCS r4, r4, #0x0\n\t" + "ADCS r4, r4, #0\n\t" "STM %[r]!, {r4}\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a) @@ -58456,9 +59017,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_dbl_17(sp_digit* r, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_tpl_17(sp_digit* r_p, @@ -58474,7 +59035,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_tpl_17(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r2, #0x0\n\t" + "MOV r2, #0\n\t" "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "ADDS r4, r4, r4\n\t" "ADCS r5, r5, r5\n\t" @@ -58538,26 +59099,26 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_tpl_17(sp_digit* r, "SUB %[r], %[r], #0x44\n\t" "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "ADDS r4, r4, r2\n\t" - "ADCS r5, r5, #0x0\n\t" - "ADCS r6, r6, #0x0\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADCS r8, r8, #0x0\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADCS r10, r10, #0x0\n\t" - "ADCS r11, r11, #0x0\n\t" + "ADCS r5, r5, #0\n\t" + "ADCS r6, r6, #0\n\t" + "ADCS r7, r7, #0\n\t" + "ADCS r8, r8, #0\n\t" + "ADCS r9, r9, #0\n\t" + "ADCS r10, r10, #0\n\t" + "ADCS r11, r11, #0\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" - "ADCS r4, r4, #0x0\n\t" - "ADCS r5, r5, #0x0\n\t" - "ADCS r6, r6, #0x0\n\t" - "ADCS r7, r7, #0x0\n\t" - "ADCS r8, r8, #0x0\n\t" - "ADCS r9, r9, #0x0\n\t" - "ADCS r10, r10, #0x0\n\t" - "ADCS r11, r11, #0x0\n\t" + "ADCS r4, r4, #0\n\t" + "ADCS r5, r5, #0\n\t" + "ADCS r6, r6, #0\n\t" + "ADCS r7, r7, #0\n\t" + "ADCS r8, r8, #0\n\t" + "ADCS r9, r9, #0\n\t" + "ADCS r10, r10, #0\n\t" + "ADCS r11, r11, #0\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "LDM %[r], {r4}\n\t" - "ADCS r4, r4, #0x0\n\t" + "ADCS r4, r4, #0\n\t" "STM %[r]!, {r4}\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a) @@ -58578,10 +59139,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_tpl_17(sp_digit* r, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_sub_17(sp_digit* r_p, @@ -58599,7 +59160,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_sub_17(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV %[m], #0x0\n\t" + "MOV %[m], #0\n\t" "LDM %[a]!, {r8, r9, r10, r11}\n\t" "LDM %[b]!, {r4, r5, r6, r7}\n\t" "SUBS r8, r8, r4\n\t" @@ -58639,26 +59200,26 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_sub_17(sp_digit* r, "SUB %[r], %[r], #0x44\n\t" "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "SUBS r4, r4, %[m]\n\t" - "SBCS r5, r5, #0x0\n\t" - "SBCS r6, r6, #0x0\n\t" - "SBCS r7, r7, #0x0\n\t" - "SBCS r8, r8, #0x0\n\t" - "SBCS r9, r9, #0x0\n\t" - "SBCS r10, r10, #0x0\n\t" - "SBCS r11, r11, #0x0\n\t" + "SBCS r5, r5, #0\n\t" + "SBCS r6, r6, #0\n\t" + "SBCS r7, r7, #0\n\t" + "SBCS r8, r8, #0\n\t" + "SBCS r9, r9, #0\n\t" + "SBCS r10, r10, #0\n\t" + "SBCS r11, r11, #0\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" - "SBCS r4, r4, #0x0\n\t" - "SBCS r5, r5, #0x0\n\t" - "SBCS r6, r6, #0x0\n\t" - "SBCS r7, r7, #0x0\n\t" - "SBCS r8, r8, #0x0\n\t" - "SBCS r9, r9, #0x0\n\t" - "SBCS r10, r10, #0x0\n\t" - "SBCS r11, r11, #0x0\n\t" + "SBCS r4, r4, #0\n\t" + "SBCS r5, r5, #0\n\t" + "SBCS r6, r6, #0\n\t" + "SBCS r7, r7, #0\n\t" + "SBCS r8, r8, #0\n\t" + "SBCS r9, r9, #0\n\t" + "SBCS r10, r10, #0\n\t" + "SBCS r11, r11, #0\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "LDM %[r], {r4}\n\t" - "SBCS r4, r4, #0x0\n\t" + "SBCS r4, r4, #0\n\t" "STM %[r]!, {r4}\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m) @@ -58672,6 +59233,12 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_sub_17(sp_digit* r, ); } +/* Shift number right one bit. + * Bottom bit is lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_rshift1_17(sp_digit* r_p, const sp_digit* a_p) @@ -58765,9 +59332,9 @@ WC_OMIT_FRAME_POINTER static void sp_521_rshift1_17(sp_digit* r, /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ static void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -58781,9 +59348,9 @@ static void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -58852,9 +59419,13 @@ typedef struct sp_521_proj_point_dbl_17_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -58984,9 +59555,10 @@ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_521_cmp_equal_17(const sp_digit* a, const sp_digit* b) { @@ -59001,8 +59573,9 @@ static int sp_521_cmp_equal_17(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_521_iszero_17(const sp_digit* a) { @@ -59014,10 +59587,10 @@ static int sp_521_iszero_17(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_17(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -59117,10 +59690,14 @@ typedef struct sp_521_proj_point_add_17_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -59305,9 +59882,9 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_point_16_17(sp_point_521* r, const sp_point_521* table, int idx) @@ -59431,13 +60008,15 @@ static void sp_521_get_point_16_17(sp_point_521* r, const sp_point_521* table, * 521 doubles. * 143 adds. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -59581,10 +60160,9 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con #ifdef FP_ECC /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i, sp_digit* t) @@ -59674,8 +60252,8 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_521_proj_to_affine_17(sp_point_521* a, sp_digit* t) { @@ -59706,10 +60284,10 @@ typedef struct sp_table_entry_521 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_qz1_17(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -59791,10 +60369,10 @@ static void sp_521_proj_point_add_qz1_17(sp_point_521* r, * 16 entries * 130 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_521_gen_stripe_table_17(const sp_point_521* a, sp_table_entry_521* table, sp_digit* tmp, void* heap) @@ -59866,9 +60444,9 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_entry_16_17(sp_point_521* r, const sp_table_entry_521* table, int idx) @@ -59959,13 +60537,16 @@ static void sp_521_get_entry_16_17(sp_point_521* r, * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_stripe_17(sp_point_521* r, const sp_point_521* g, const sp_table_entry_521* table, const sp_digit* k, int map, @@ -60082,8 +60663,8 @@ static THREAD_LS_T int sp_cache_521_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) { @@ -60146,13 +60727,15 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -60232,10 +60815,10 @@ static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, * 256 entries * 65 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_521_gen_stripe_table_17(const sp_point_521* a, sp_table_entry_521* table, sp_digit* tmp, void* heap) @@ -60307,9 +60890,9 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a, #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ static void sp_521_get_entry_256_17(sp_point_521* r, const sp_table_entry_521* table, int idx) @@ -60400,13 +60983,16 @@ static void sp_521_get_entry_256_17(sp_point_521* r, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_stripe_17(sp_point_521* r, const sp_point_521* g, const sp_table_entry_521* table, const sp_digit* k, int map, @@ -60523,8 +61109,8 @@ static THREAD_LS_T int sp_cache_521_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) { @@ -60587,13 +61173,15 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -60669,12 +61257,14 @@ static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -60704,14 +61294,16 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -60886,12 +61478,14 @@ static const sp_table_entry_521 p521_table[16] = { * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_17(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -62706,12 +63300,14 @@ static const sp_table_entry_521 p521_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_17(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -62725,11 +63321,13 @@ static int sp_521_ecc_mulmod_base_17(sp_point_521* r, const sp_digit* k, /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -62757,13 +63355,15 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P521 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -62817,7 +63417,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am, #ifndef WC_NO_RNG /* Add 1 to a. (a = a + 1) * - * a A single precision integer. + * @param [in, out] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_add_one_17(sp_digit* a_p) @@ -62831,31 +63431,31 @@ WC_OMIT_FRAME_POINTER static void sp_521_add_one_17(sp_digit* a) __asm__ __volatile__ ( "LDM %[a], {r1, r2, r3, r4}\n\t" - "ADDS r1, r1, #0x1\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" + "ADDS r1, r1, #1\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" "STM %[a]!, {r1, r2, r3, r4}\n\t" "LDM %[a], {r1, r2, r3, r4}\n\t" - "ADCS r1, r1, #0x0\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" + "ADCS r1, r1, #0\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" "STM %[a]!, {r1, r2, r3, r4}\n\t" "LDM %[a], {r1, r2, r3, r4}\n\t" - "ADCS r1, r1, #0x0\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" + "ADCS r1, r1, #0\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" "STM %[a]!, {r1, r2, r3, r4}\n\t" "LDM %[a], {r1, r2, r3, r4}\n\t" - "ADCS r1, r1, #0x0\n\t" - "ADCS r2, r2, #0x0\n\t" - "ADCS r3, r3, #0x0\n\t" - "ADCS r4, r4, #0x0\n\t" + "ADCS r1, r1, #0\n\t" + "ADCS r2, r2, #0\n\t" + "ADCS r3, r3, #0\n\t" + "ADCS r4, r4, #0\n\t" "STM %[a]!, {r1, r2, r3, r4}\n\t" "LDM %[a], {r1}\n\t" - "ADCS r1, r1, #0x0\n\t" + "ADCS r1, r1, #0\n\t" "STM %[a]!, {r1}\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [a] "+r" (a) @@ -62871,10 +63471,10 @@ WC_OMIT_FRAME_POINTER static void sp_521_add_one_17(sp_digit* a) #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -62918,10 +63518,12 @@ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_gen_k_17(WC_RNG* rng, sp_digit* k) { @@ -62952,12 +63554,15 @@ static int sp_521_ecc_gen_k_17(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -63029,6 +63634,23 @@ typedef struct sp_ecc_key_gen_521_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_521_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -63099,8 +63721,8 @@ int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, /* Write r as big endian to byte array. * Fixed length number of bytes written: 66 * - * r A single precision integer. - * a Byte array. + * @param [in, out] r A single precision integer. + * @param [out] a Byte array. */ static void sp_521_to_bin_17(sp_digit* r, byte* a) { @@ -63120,14 +63742,16 @@ static void sp_521_to_bin_17(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_521(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -63168,6 +63792,25 @@ typedef struct sp_ecc_sec_gen_521_ctx { sp_point_521 point; } sp_ecc_sec_gen_521_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -63210,6 +63853,13 @@ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, #endif /* HAVE_ECC_DHE */ #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Shift number right by n bits. + * Bottom bits are lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_rshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p) @@ -63225,7 +63875,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_rshift_17(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "RSB r7, %[n], #0x20\n\t" + "RSB r7, %[n], #32\n\t" "LDRD r4, r5, [%[a]]\n\t" "LSR r4, r4, %[n]\n\t" "LSL r3, r5, r7\n\t" @@ -63322,6 +63972,12 @@ WC_OMIT_FRAME_POINTER static void sp_521_rshift_17(sp_digit* r, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_lshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p) @@ -63337,7 +63993,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_lshift_17(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "RSB r7, %[n], #0x1f\n\t" + "RSB r7, %[n], #31\n\t" "LDR r5, [%[a], #64]\n\t" "LSR r6, r5, #1\n\t" "LSL r5, r5, %[n]\n\t" @@ -63451,6 +64107,12 @@ WC_OMIT_FRAME_POINTER static void sp_521_lshift_17(sp_digit* r, ); } +/* Shift number left by n bits. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + * @param [in] n Number of bits to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_lshift_34(sp_digit* r_p, const sp_digit* a_p, byte n_p) @@ -63466,7 +64128,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_lshift_34(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "RSB r7, %[n], #0x1f\n\t" + "RSB r7, %[n], #31\n\t" "LDR r5, [%[a], #132]\n\t" "LSR r6, r5, #1\n\t" "LSL r5, r5, %[n]\n\t" @@ -63685,8 +64347,8 @@ WC_OMIT_FRAME_POINTER static void sp_521_lshift_34(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, @@ -63702,7 +64364,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "ADD r11, %[a], #0x40\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -63710,7 +64372,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a, #else "L_sp_521_sub_in_place_17_word_%=:\n\t" #endif - "RSBS r10, r10, #0x0\n\t" + "RSBS r10, r10, #0\n\t" "LDM %[a], {r2, r3, r4, r5}\n\t" "LDM %[b]!, {r6, r7, r8, r9}\n\t" "SBCS r2, r2, r6\n\t" @@ -63727,7 +64389,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a, #else "BNE.N L_sp_521_sub_in_place_17_word_%=\n\t" #endif - "RSBS r10, r10, #0x0\n\t" + "RSBS r10, r10, #0\n\t" "LDM %[a], {r2}\n\t" "LDM %[b]!, {r6}\n\t" "SBCS r2, r2, r6\n\t" @@ -63749,8 +64411,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a, #else /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, @@ -63815,9 +64477,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a, #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r_p, @@ -63837,10 +64499,10 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r, /* A[0] * B */ "LDR r8, [%[a]]\n\t" "UMULL r5, r3, %[b], r8\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "STR r5, [%[r]]\n\t" - "MOV r5, #0x0\n\t" - "MOV r9, #0x4\n\t" + "MOV r5, #0\n\t" + "MOV r9, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_521_mul_d_17_word:\n\t" @@ -63852,12 +64514,12 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r, "UMULL r6, r7, %[b], r8\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], r9]\n\t" "MOV r3, r4\n\t" "MOV r4, r5\n\t" - "MOV r5, #0x0\n\t" - "ADD r9, r9, #0x4\n\t" + "MOV r5, #0\n\t" + "ADD r9, r9, #4\n\t" "CMP r9, #0x44\n\t" #if defined(__GNUC__) "BLT L_sp_521_mul_d_17_word_%=\n\t" @@ -63881,9 +64543,9 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r_p, @@ -63904,82 +64566,82 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r, "LDM %[a]!, {r8}\n\t" "UMULL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[1] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[2] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[3] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[4] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[5] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[6] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[7] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[8] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[9] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[10] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[11] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[12] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[13] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[14] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[15] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[16] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" @@ -64000,10 +64662,11 @@ WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -64023,7 +64686,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_521_word_17(sp_digit d1, __asm__ __volatile__ ( "LSR r8, %[div], #16\n\t" - "ADD r5, r8, #0x1\n\t" + "ADD r5, r8, #1\n\t" "UDIV r6, %[d1], r5\n\t" "LSL r7, %[div], #16\n\t" "LSL r6, r6, #16\n\t" @@ -64032,8 +64695,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_521_word_17(sp_digit d1, "SBC %[d1], %[d1], r4\n\t" "SUBS r3, %[d1], r5\n\t" "SBC r9, r9, r9\n\t" - "ADD r9, r9, #0x1\n\t" - "RSB r10, r9, #0x0\n\t" + "ADD r9, r9, #1\n\t" + "RSB r10, r9, #0\n\t" "LSL r9, r9, #16\n\t" "AND r7, r7, r10\n\t" "AND r8, r8, r10\n\t" @@ -64072,10 +64735,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_521_word_17(sp_digit d1, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -64095,18 +64759,18 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_521_word_17(sp_digit d1, __asm__ __volatile__ ( "LSR r5, %[div], #1\n\t" - "ADD r5, r5, #0x1\n\t" + "ADD r5, r5, #1\n\t" "MOV r6, %[d0]\n\t" "MOV r7, %[d1]\n\t" /* Do top 32 */ "SUBS r8, r5, r7\n\t" "SBC r8, r8, r8\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" /* Next 30 bits */ - "MOV r4, #0x1d\n\t" + "MOV r4, #29\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_div_521_word_17_bit:\n\t" @@ -64121,7 +64785,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_521_word_17(sp_digit d1, "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" - "SUBS r4, r4, #0x1\n\t" + "SUBS r4, r4, #1\n\t" #if defined(__GNUC__) "BPL L_div_521_word_17_bit_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -64130,7 +64794,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_521_word_17(sp_digit d1, "BPL.N L_div_521_word_17_bit_%=\n\t" #endif "ADD r3, r3, r3\n\t" - "ADD r3, r3, #0x1\n\t" + "ADD r3, r3, #1\n\t" "UMULL r6, r7, r3, %[div]\n\t" "SUBS r9, %[d0], r6\n\t" "SBC r10, %[d1], r7\n\t" @@ -64161,9 +64825,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_521_word_17(sp_digit d1, #endif /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_521_mask_17(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -64193,11 +64857,12 @@ static void sp_521_mask_17(sp_digit* r, const sp_digit* a, sp_digit m) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -64239,10 +64904,11 @@ static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_521_mod_17(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -64253,9 +64919,9 @@ static WC_INLINE int sp_521_mod_17(sp_digit* r, const sp_digit* a, const sp_digi #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P521 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_521_mont_mul_order_17(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -64281,8 +64947,8 @@ static const word32 p521_order_low[9] = { /* Square number mod the order of P521 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_521_mont_sqr_order_17(sp_digit* r, const sp_digit* a) { @@ -64294,8 +64960,9 @@ static void sp_521_mont_sqr_order_17(sp_digit* r, const sp_digit* a) /* Square number mod the order of P521 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_521_mont_sqr_n_order_17(sp_digit* r, const sp_digit* a, int n) { @@ -64308,19 +64975,24 @@ static void sp_521_mont_sqr_n_order_17(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_521_mont_inv_order_17_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_521_mont_inv_order_17_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P521 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_521_mont_inv_order_17_ctx { - int state; - int i; -} sp_521_mont_inv_order_17_ctx; static int sp_521_mont_inv_order_17_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -64356,6 +65028,13 @@ static int sp_521_mont_inv_order_17_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P521 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_521_mont_inv_order_17(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -64444,13 +65123,15 @@ static void sp_521_mont_inv_order_17(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_calc_s_17(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -64498,15 +65179,18 @@ static int sp_521_calc_s_17(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 521 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_521(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -64619,6 +65303,30 @@ typedef struct sp_ecc_sign_521_ctx { int i; } sp_ecc_sign_521_ctx; +/* Sign the hash using the private key. + * e = [hash, 521 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 521 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -64772,9 +65480,9 @@ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W #ifdef WOLFSSL_SP_SMALL /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r_p, @@ -64791,7 +65499,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r11, #0x0\n\t" + "MOV r11, #0\n\t" "ADD r12, %[a], #0x40\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -64799,7 +65507,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r, #else "L_sp_521_sub_17_word_%=:\n\t" #endif - "RSBS r11, r11, #0x0\n\t" + "RSBS r11, r11, #0\n\t" "LDM %[a]!, {r3, r4, r5, r6}\n\t" "LDM %[b]!, {r7, r8, r9, r10}\n\t" "SBCS r3, r3, r7\n\t" @@ -64816,7 +65524,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r, #else "BNE.N L_sp_521_sub_17_word_%=\n\t" #endif - "RSBS r11, r11, #0x0\n\t" + "RSBS r11, r11, #0\n\t" "LDM %[a]!, {r3}\n\t" "LDM %[b]!, {r7}\n\t" "SBCS r3, r3, r7\n\t" @@ -64838,9 +65546,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r, #else /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r_p, @@ -64905,9 +65613,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r, #endif /* WOLFSSL_SP_SMALL */ /* Divide the number by 2 mod the modulus. (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus. + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_521_div2_mod_17(sp_digit* r_p, @@ -64925,7 +65633,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_div2_mod_17(sp_digit* r, __asm__ __volatile__ ( "LDM %[a]!, {r4}\n\t" - "ANDS r3, r4, #0x1\n\t" + "ANDS r3, r4, #1\n\t" #if defined(__GNUC__) "BEQ L_sp_521_div2_mod_17_even_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -64933,7 +65641,7 @@ WC_OMIT_FRAME_POINTER static void sp_521_div2_mod_17(sp_digit* r, #else "BEQ.N L_sp_521_div2_mod_17_even_%=\n\t" #endif - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "LDM %[a]!, {r5, r6, r7}\n\t" "LDM %[m]!, {r8, r9, r10, r11}\n\t" "ADDS r4, r4, r8\n\t" @@ -65076,6 +65784,12 @@ WC_OMIT_FRAME_POINTER static void sp_521_div2_mod_17(sp_digit* r, ); } +/* Get the number of bits in the number. + * + * @param [in] a Number to count bits in. + * + * @return The number of bits. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a_p) #else @@ -65088,7 +65802,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) __asm__ __volatile__ ( "LDR r1, [%[a], #64]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_16_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65113,7 +65827,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_16_%=:\n\t" #endif "LDR r1, [%[a], #60]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_15_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65138,7 +65852,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_15_%=:\n\t" #endif "LDR r1, [%[a], #56]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_14_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65163,7 +65877,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_14_%=:\n\t" #endif "LDR r1, [%[a], #52]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_13_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65188,7 +65902,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_13_%=:\n\t" #endif "LDR r1, [%[a], #48]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_12_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65213,7 +65927,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_12_%=:\n\t" #endif "LDR r1, [%[a], #44]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_11_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65238,7 +65952,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_11_%=:\n\t" #endif "LDR r1, [%[a], #40]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_10_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65263,7 +65977,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_10_%=:\n\t" #endif "LDR r1, [%[a], #36]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_9_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65288,7 +66002,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_9_%=:\n\t" #endif "LDR r1, [%[a], #32]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_8_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65313,7 +66027,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_8_%=:\n\t" #endif "LDR r1, [%[a], #28]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_7_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65338,7 +66052,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_7_%=:\n\t" #endif "LDR r1, [%[a], #24]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_6_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65363,7 +66077,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_6_%=:\n\t" #endif "LDR r1, [%[a], #20]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_5_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65388,7 +66102,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_5_%=:\n\t" #endif "LDR r1, [%[a], #16]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_4_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65413,7 +66127,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_4_%=:\n\t" #endif "LDR r1, [%[a], #12]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_3_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65438,7 +66152,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_3_%=:\n\t" #endif "LDR r1, [%[a], #8]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_2_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65463,7 +66177,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_2_%=:\n\t" #endif "LDR r1, [%[a], #4]\n\t" - "CMP r1, #0x0\n\t" + "CMP r1, #0\n\t" #if defined(__GNUC__) "BEQ L_sp_521_num_bits_17_1_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -65488,7 +66202,7 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) "L_sp_521_num_bits_17_1_%=:\n\t" #endif "LDR r1, [%[a]]\n\t" - "MOV r2, #0x20\n\t" + "MOV r2, #32\n\t" "CLZ r4, r1\n\t" "SUB r4, r2, r4\n\t" "\n" @@ -65512,9 +66226,10 @@ WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a) /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ static int sp_521_mod_inv_17(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -65596,9 +66311,9 @@ static int sp_521_mod_inv_17(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_521_add_points_17(sp_point_521* p1, const sp_point_521* p2, sp_digit* tmp) @@ -65635,13 +66350,16 @@ static void sp_521_add_points_17(sp_point_521* p1, const sp_point_521* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_calc_vfy_point_17(sp_point_521* p1, sp_point_521* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -65702,14 +66420,18 @@ static int sp_521_calc_vfy_point_17(sp_point_521* p1, sp_point_521* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 521 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_521(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -65809,6 +66531,32 @@ typedef struct sp_ecc_verify_521_ctx { sp_point_521 p2; } sp_ecc_verify_521_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 521) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 521 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -65948,10 +66696,12 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_521_ecc_is_point_17(const sp_point_521* point, void* heap) @@ -65993,10 +66743,12 @@ static int sp_521_ecc_is_point_17(const sp_point_521* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY) { @@ -66022,13 +66774,17 @@ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -66112,16 +66868,18 @@ int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -66170,13 +66928,15 @@ int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -66216,10 +66976,12 @@ int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_521(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -66266,8 +67028,10 @@ static const word32 p521_sqrt_power[17] = { /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_521_mont_sqrt_17(sp_digit* y) { @@ -66298,10 +67062,12 @@ static int sp_521_mont_sqrt_17(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_521(mp_int* xm, int odd, mp_int* ym) { @@ -66368,9 +67134,9 @@ typedef struct sp_point_1024 { #ifndef WOLFSSL_SP_SMALL /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_mul_16(sp_digit* r_p, @@ -66392,1772 +67158,1772 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_16(sp_digit* r, const sp_digit* a, "LDR r11, [%[a]]\n\t" "LDR r12, [%[b]]\n\t" "UMULL r3, r4, r11, r12\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "STR r3, [sp]\n\t" /* A[0] * B[1] */ "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[0] */ "LDR r8, [%[a], #4]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #4]\n\t" /* A[2] * B[0] */ "LDR r8, [%[a], #8]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[1] */ "LDR r11, [%[a], #4]\n\t" "LDR r12, [%[b], #4]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[0] * B[2] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #8]\n\t" /* A[0] * B[3] */ "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[2] */ "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[1] */ "LDR r8, [%[a], #8]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[0] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #12]\n\t" /* A[4] * B[0] */ "LDR r8, [%[a], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[1] */ "LDR r8, [%[a], #12]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[2] */ "LDR r11, [%[a], #8]\n\t" "LDR r12, [%[b], #8]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[3] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[0] * B[4] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #16]\n\t" /* A[0] * B[5] */ "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[4] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[2] * B[3] */ "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[2] */ "LDR r8, [%[a], #12]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[1] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[0] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #20]\n\t" /* A[6] * B[0] */ "LDR r8, [%[a], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[1] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[2] */ "LDR r8, [%[a], #16]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[3] */ "LDR r11, [%[a], #12]\n\t" "LDR r12, [%[b], #12]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[4] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[5] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[0] * B[6] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #24]\n\t" /* A[0] * B[7] */ "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[6] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[5] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[4] */ "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[4] * B[3] */ "LDR r8, [%[a], #16]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[2] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[1] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[0] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #28]\n\t" /* A[8] * B[0] */ "LDR r8, [%[a], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[1] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[2] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[3] */ "LDR r8, [%[a], #20]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[4] */ "LDR r11, [%[a], #16]\n\t" "LDR r12, [%[b], #16]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[5] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[2] * B[6] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[7] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[0] * B[8] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #32]\n\t" /* A[0] * B[9] */ "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[8] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[7] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[6] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[5] */ "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[4] */ "LDR r8, [%[a], #20]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[6] * B[3] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[2] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[1] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[0] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #36]\n\t" /* A[10] * B[0] */ "LDR r8, [%[a], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[1] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[2] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[3] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[4] */ "LDR r8, [%[a], #24]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[5] */ "LDR r11, [%[a], #20]\n\t" "LDR r12, [%[b], #20]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[4] * B[6] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[7] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[8] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[9] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[0] * B[10] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #40]\n\t" /* A[0] * B[11] */ "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[10] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[2] * B[9] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[8] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[7] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[6] */ "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[5] */ "LDR r8, [%[a], #24]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[4] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * B[3] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[2] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[1] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[0] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #44]\n\t" /* A[12] * B[0] */ "LDR r8, [%[a], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[11] * B[1] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[2] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[3] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[4] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[5] */ "LDR r8, [%[a], #28]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[6] * B[6] */ "LDR r11, [%[a], #24]\n\t" "LDR r12, [%[b], #24]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[7] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[8] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[9] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[10] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[11] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[0] * B[12] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #48]\n\t" /* A[0] * B[13] */ "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[12] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[11] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[10] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[4] * B[9] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[8] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[7] */ "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[6] */ "LDR r8, [%[a], #28]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[5] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[4] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * B[3] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[11] * B[2] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[12] * B[1] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[13] * B[0] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #52]\n\t" /* A[14] * B[0] */ "LDR r8, [%[a], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[13] * B[1] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[12] * B[2] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[3] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[4] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[5] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * B[6] */ "LDR r8, [%[a], #32]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[7] */ "LDR r11, [%[a], #28]\n\t" "LDR r12, [%[b], #28]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[8] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[9] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[10] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[11] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[2] * B[12] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * B[13] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[0] * B[14] */ "LDR r8, [%[a]]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [sp, #56]\n\t" /* A[0] * B[15] */ "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[1] * B[14] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[2] * B[13] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[12] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[11] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[10] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[6] * B[9] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[8] */ "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[7] */ "LDR r8, [%[a], #32]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[6] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[5] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[11] * B[4] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[12] * B[3] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[13] * B[2] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[14] * B[1] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[15] * B[0] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b]]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [sp, #60]\n\t" /* A[15] * B[1] */ "LDR r9, [%[b], #4]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[14] * B[2] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[13] * B[3] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[12] * B[4] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[11] * B[5] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * B[6] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[7] */ "LDR r8, [%[a], #36]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[8] */ "LDR r11, [%[a], #32]\n\t" "LDR r12, [%[b], #32]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[9] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[10] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[11] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[4] * B[12] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[3] * B[13] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[2] * B[14] */ "LDR r8, [%[a], #8]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * B[15] */ "LDR r8, [%[a], #4]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #64]\n\t" /* A[2] * B[15] */ "LDR r8, [%[a], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[3] * B[14] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[4] * B[13] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[12] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[11] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[10] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * B[9] */ "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[8] */ "LDR r8, [%[a], #36]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[7] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[6] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[12] * B[5] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[13] * B[4] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[14] * B[3] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[15] * B[2] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #8]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #68]\n\t" /* A[15] * B[3] */ "LDR r9, [%[b], #12]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[14] * B[4] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[13] * B[5] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[12] * B[6] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[11] * B[7] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[8] */ "LDR r8, [%[a], #40]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[9] */ "LDR r11, [%[a], #36]\n\t" "LDR r12, [%[b], #36]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[10] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[11] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[6] * B[12] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[5] * B[13] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[4] * B[14] */ "LDR r8, [%[a], #16]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[3] * B[15] */ "LDR r8, [%[a], #12]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #72]\n\t" /* A[4] * B[15] */ "LDR r8, [%[a], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[5] * B[14] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[6] * B[13] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[12] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[11] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[10] */ "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * B[9] */ "LDR r8, [%[a], #40]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[11] * B[8] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[12] * B[7] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[13] * B[6] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[14] * B[5] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[15] * B[4] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #16]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #76]\n\t" /* A[15] * B[5] */ "LDR r9, [%[b], #20]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[14] * B[6] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[13] * B[7] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[12] * B[8] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[9] */ "LDR r8, [%[a], #44]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[10] */ "LDR r11, [%[a], #40]\n\t" "LDR r12, [%[b], #40]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[11] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[8] * B[12] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[7] * B[13] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[6] * B[14] */ "LDR r8, [%[a], #24]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[5] * B[15] */ "LDR r8, [%[a], #20]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #80]\n\t" /* A[6] * B[15] */ "LDR r8, [%[a], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[7] * B[14] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[8] * B[13] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[12] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[11] */ "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[11] * B[10] */ "LDR r8, [%[a], #44]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[12] * B[9] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[13] * B[8] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[14] * B[7] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[15] * B[6] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #24]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #84]\n\t" /* A[15] * B[7] */ "LDR r9, [%[b], #28]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[14] * B[8] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[13] * B[9] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[12] * B[10] */ "LDR r8, [%[a], #48]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[11] * B[11] */ "LDR r11, [%[a], #44]\n\t" "LDR r12, [%[b], #44]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[10] * B[12] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[9] * B[13] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[8] * B[14] */ "LDR r8, [%[a], #32]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[7] * B[15] */ "LDR r8, [%[a], #28]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #88]\n\t" /* A[8] * B[15] */ "LDR r8, [%[a], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[9] * B[14] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[10] * B[13] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[12] */ "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[12] * B[11] */ "LDR r8, [%[a], #48]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[13] * B[10] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[14] * B[9] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[15] * B[8] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #32]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #92]\n\t" /* A[15] * B[9] */ "LDR r9, [%[b], #36]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[14] * B[10] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[13] * B[11] */ "LDR r8, [%[a], #52]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[12] * B[12] */ "LDR r11, [%[a], #48]\n\t" "LDR r12, [%[b], #48]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[11] * B[13] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[10] * B[14] */ "LDR r8, [%[a], #40]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[9] * B[15] */ "LDR r8, [%[a], #36]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #96]\n\t" /* A[10] * B[15] */ "LDR r8, [%[a], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[11] * B[14] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[12] * B[13] */ "LDR r9, [%[b], #52]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[13] * B[12] */ "LDR r8, [%[a], #52]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[14] * B[11] */ "LDR r8, [%[a], #56]\n\t" "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[15] * B[10] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #40]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #100]\n\t" /* A[15] * B[11] */ "LDR r9, [%[b], #44]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[14] * B[12] */ "LDR r8, [%[a], #56]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[13] * B[13] */ "LDR r11, [%[a], #52]\n\t" "LDR r12, [%[b], #52]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[12] * B[14] */ "LDR r8, [%[a], #48]\n\t" "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" /* A[11] * B[15] */ "LDR r8, [%[a], #44]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #104]\n\t" /* A[12] * B[15] */ "LDR r8, [%[a], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "MOV r5, #0x0\n\t" - "ADC r5, r5, #0x0\n\t" + "MOV r5, #0\n\t" + "ADC r5, r5, #0\n\t" /* A[13] * B[14] */ "LDR r9, [%[b], #56]\n\t" "UMULL r6, r7, r11, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[14] * B[13] */ "LDR r8, [%[a], #56]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" /* A[15] * B[12] */ "LDR r8, [%[a], #60]\n\t" "LDR r9, [%[b], #48]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], #108]\n\t" /* A[15] * B[13] */ "UMULL r6, r7, r8, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[14] * B[14] */ "LDR r11, [%[a], #56]\n\t" "LDR r12, [%[b], #56]\n\t" "UMULL r6, r7, r11, r12\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[13] * B[15] */ "LDR r8, [%[a], #52]\n\t" "LDR r9, [%[b], #60]\n\t" "UMULL r6, r7, r8, r9\n\t" "ADDS r4, r4, r6\n\t" "ADCS r5, r5, r7\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #112]\n\t" /* A[14] * B[15] */ "UMULL r6, r7, r11, r9\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[15] * B[14] */ "LDR r8, [%[a], #60]\n\t" "UMULL r6, r7, r8, r12\n\t" "ADDS r5, r5, r6\n\t" "ADCS r3, r3, r7\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r5, [%[r], #116]\n\t" /* A[15] * B[15] */ "UMLAL r3, r4, r8, r9\n\t" @@ -68185,8 +68951,8 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_16(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r_p, @@ -68205,7 +68971,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) /* A[0] * A[0] */ "LDR r10, [%[a]]\n\t" "UMULL r8, r3, r10, r10\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "STR r8, [sp]\n\t" /* A[0] * A[1] */ "LDR r10, [%[a], #4]\n\t" @@ -68213,12 +68979,12 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "STR r3, [sp, #4]\n\t" /* A[0] * A[2] */ "LDR r10, [%[a], #8]\n\t" @@ -68226,18 +68992,18 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[1] * A[1] */ "LDR r10, [%[a], #4]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [sp, #8]\n\t" /* A[0] * A[3] */ "LDR r10, [%[a], #12]\n\t" @@ -68245,22 +69011,22 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[1] * A[2] */ "LDR r10, [%[a], #8]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r2, [sp, #12]\n\t" /* A[0] * A[4] */ "LDR r10, [%[a], #16]\n\t" @@ -68268,49 +69034,49 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" /* A[1] * A[3] */ "LDR r10, [%[a], #12]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" /* A[2] * A[2] */ "LDR r10, [%[a], #8]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "STR r3, [sp, #16]\n\t" /* A[0] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[4] */ "LDR r10, [%[a], #16]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[3] */ "LDR r10, [%[a], #12]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -68322,22 +69088,22 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[4] */ "LDR r10, [%[a], #16]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[3] */ "LDR r10, [%[a], #12]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -68346,7 +69112,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADC r4, r4, r7\n\t" @@ -68355,29 +69121,29 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[4] */ "LDR r10, [%[a], #16]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -68389,29 +69155,29 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[4] */ "LDR r10, [%[a], #16]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -68420,7 +69186,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r5\n\t" "ADCS r2, r2, r6\n\t" "ADC r3, r3, r7\n\t" @@ -68429,36 +69195,36 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[5] */ "LDR r10, [%[a], #20]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -68470,36 +69236,36 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[5] */ "LDR r10, [%[a], #20]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -68508,7 +69274,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r5\n\t" "ADCS r4, r4, r6\n\t" "ADC r2, r2, r7\n\t" @@ -68517,43 +69283,43 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[6] */ "LDR r10, [%[a], #24]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -68565,43 +69331,43 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[6] */ "LDR r10, [%[a], #24]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -68610,7 +69376,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADC r4, r4, r7\n\t" @@ -68619,50 +69385,50 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[7] */ "LDR r10, [%[a], #28]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -68674,50 +69440,50 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[7] */ "LDR r10, [%[a], #28]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -68726,7 +69492,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r5\n\t" "ADCS r2, r2, r6\n\t" "ADC r3, r3, r7\n\t" @@ -68735,57 +69501,57 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a]]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[1] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[2] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[8] */ "LDR r10, [%[a], #32]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -68797,50 +69563,50 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #4]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[2] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[3] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[8] */ "LDR r10, [%[a], #32]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -68849,7 +69615,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r5\n\t" "ADCS r4, r4, r6\n\t" "ADC r2, r2, r7\n\t" @@ -68858,50 +69624,50 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #8]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[3] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[4] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[9] */ "LDR r10, [%[a], #36]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -68913,43 +69679,43 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #12]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[4] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[5] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[9] * A[9] */ "LDR r10, [%[a], #36]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -68958,7 +69724,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADC r4, r4, r7\n\t" @@ -68967,43 +69733,43 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #16]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[5] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[6] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[9] * A[10] */ "LDR r10, [%[a], #40]\n\t" "LDR r12, [%[a], #36]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -69015,36 +69781,36 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #20]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[6] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[7] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[9] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #36]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[10] * A[10] */ "LDR r10, [%[a], #40]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -69053,7 +69819,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r5\n\t" "ADCS r2, r2, r6\n\t" "ADC r3, r3, r7\n\t" @@ -69062,36 +69828,36 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #24]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[7] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[8] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[9] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #36]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[10] * A[11] */ "LDR r10, [%[a], #44]\n\t" "LDR r12, [%[a], #40]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -69103,29 +69869,29 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #28]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[8] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[9] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #36]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[10] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #40]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[11] * A[11] */ "LDR r10, [%[a], #44]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -69134,7 +69900,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r5\n\t" "ADCS r4, r4, r6\n\t" "ADC r2, r2, r7\n\t" @@ -69143,29 +69909,29 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #32]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r3, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r3, #0\n\t" + "MOV r7, #0\n\t" /* A[9] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #36]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[10] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #40]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[11] * A[12] */ "LDR r10, [%[a], #48]\n\t" "LDR r12, [%[a], #44]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -69177,22 +69943,22 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #36]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r4, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r7, #0\n\t" /* A[10] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #40]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[11] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #44]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[12] * A[12] */ "LDR r10, [%[a], #48]\n\t" "UMULL r8, r9, r10, r10\n\t" @@ -69201,7 +69967,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "ADC r7, r7, r7\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r5\n\t" "ADCS r3, r3, r6\n\t" "ADC r4, r4, r7\n\t" @@ -69210,22 +69976,22 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "LDR r10, [%[a], #60]\n\t" "LDR r12, [%[a], #40]\n\t" "UMULL r5, r6, r10, r12\n\t" - "MOV r2, #0x0\n\t" - "MOV r7, #0x0\n\t" + "MOV r2, #0\n\t" + "MOV r7, #0\n\t" /* A[11] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #44]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* A[12] * A[13] */ "LDR r10, [%[a], #52]\n\t" "LDR r12, [%[a], #48]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r5, r5, r8\n\t" "ADCS r6, r6, r9\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" "ADDS r5, r5, r5\n\t" "ADCS r6, r6, r6\n\t" "ADC r7, r7, r7\n\t" @@ -69239,28 +70005,28 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" /* A[12] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #48]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* A[13] * A[13] */ "LDR r10, [%[a], #52]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #104]\n\t" /* A[12] * A[15] */ "LDR r10, [%[a], #60]\n\t" @@ -69268,22 +70034,22 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "MOV r4, #0x0\n\t" - "ADC r4, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r4, r4, #0\n\t" /* A[13] * A[14] */ "LDR r10, [%[a], #56]\n\t" "LDR r12, [%[a], #52]\n\t" "UMULL r8, r9, r10, r12\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "ADDS r2, r2, r8\n\t" "ADCS r3, r3, r9\n\t" - "ADC r4, r4, #0x0\n\t" + "ADC r4, r4, #0\n\t" "STR r2, [%[r], #108]\n\t" /* A[13] * A[15] */ "LDR r10, [%[a], #60]\n\t" @@ -69291,18 +70057,18 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "MOV r2, #0x0\n\t" - "ADC r2, r2, #0x0\n\t" + "MOV r2, #0\n\t" + "ADC r2, r2, #0\n\t" /* A[14] * A[14] */ "LDR r10, [%[a], #56]\n\t" "UMULL r8, r9, r10, r10\n\t" "ADDS r3, r3, r8\n\t" "ADCS r4, r4, r9\n\t" - "ADC r2, r2, #0x0\n\t" + "ADC r2, r2, #0\n\t" "STR r3, [%[r], #112]\n\t" /* A[14] * A[15] */ "LDR r10, [%[a], #60]\n\t" @@ -69310,12 +70076,12 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) "UMULL r8, r9, r10, r12\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "ADDS r4, r4, r8\n\t" "ADCS r2, r2, r9\n\t" - "MOV r3, #0x0\n\t" - "ADC r3, r3, #0x0\n\t" + "MOV r3, #0\n\t" + "ADC r3, r3, #0\n\t" "STR r4, [%[r], #116]\n\t" /* A[15] * A[15] */ "LDR r10, [%[a], #60]\n\t" @@ -69344,9 +70110,9 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a) /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_16(sp_digit* r_p, @@ -69391,8 +70157,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_16(sp_digit* r, "ADCS r5, r5, r9\n\t" "ADCS r6, r6, r10\n\t" "STM %[r]!, {r3, r4, r5, r6}\n\t" - "MOV %[r], #0x0\n\t" - "ADC %[r], %[r], #0x0\n\t" + "MOV %[r], #0\n\t" + "ADC %[r], %[r], #0\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -69407,8 +70173,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_16(sp_digit* r, /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, @@ -69495,9 +70261,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a, /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r_p, @@ -69570,8 +70336,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r, "ADCS r5, r5, r9\n\t" "ADCS r6, r6, r10\n\t" "STM %[r]!, {r3, r4, r5, r6}\n\t" - "MOV %[r], #0x0\n\t" - "ADC %[r], %[r], #0x0\n\t" + "MOV %[r], #0\n\t" + "ADC %[r], %[r], #0\n\t" #ifndef WOLFSSL_NO_VAR_ASSIGN_REG : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b) : @@ -69586,9 +70352,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r, /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_1024_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -69616,9 +70382,9 @@ static void sp_1024_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b) @@ -69655,9 +70421,9 @@ SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_16(sp_digit* r_p, @@ -69717,8 +70483,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_16(sp_digit* r, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a) { @@ -69754,9 +70520,9 @@ SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a) #else /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_mul_32(sp_digit* r_p, @@ -69778,9 +70544,9 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, "LDR r11, [%[b]]\n\t" "UMULL r8, r6, lr, r11\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_1024_mul_32_outer:\n\t" @@ -69802,15 +70568,15 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "LDR lr, [%[a], r4]\n\t" "LDR r11, [%[b], r3]\n\t" "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_1024_mul_32_inner_done_%=\n\t" @@ -69831,7 +70597,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_1024_mul_32_inner_done:\n\t" @@ -69841,8 +70607,8 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0xf4\n\t" #if defined(__GNUC__) "BLE L_sp_1024_mul_32_outer_%=\n\t" @@ -69855,7 +70621,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, "LDR r11, [%[b], #124]\n\t" "UMLAL r6, r7, lr, r11\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -69865,7 +70631,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_1024_mul_32_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -69887,8 +70653,8 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_sqr_32(sp_digit* r_p, @@ -69907,9 +70673,9 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a) "LDR lr, [%[a]]\n\t" "UMULL r8, r6, lr, lr\n\t" "STR r8, [sp]\n\t" - "MOV r7, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r5, #0x4\n\t" + "MOV r7, #0\n\t" + "MOV r8, #0\n\t" + "MOV r5, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_1024_sqr_32_outer:\n\t" @@ -69931,12 +70697,12 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, r11\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" - "ADD r3, r3, #0x4\n\t" - "SUB r4, r4, #0x4\n\t" + "ADC r8, r8, #0\n\t" + "ADD r3, r3, #4\n\t" + "SUB r4, r4, #4\n\t" "CMP r3, r4\n\t" #if defined(__GNUC__) "BGT L_sp_1024_sqr_32_inner_done_%=\n\t" @@ -69956,7 +70722,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a) "UMULL r9, r10, lr, lr\n\t" "ADDS r6, r6, r9\n\t" "ADCS r7, r7, r10\n\t" - "ADC r8, r8, #0x0\n\t" + "ADC r8, r8, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_1024_sqr_32_inner_done:\n\t" @@ -69966,8 +70732,8 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a) "STR r6, [sp, r5]\n\t" "MOV r6, r7\n\t" "MOV r7, r8\n\t" - "MOV r8, #0x0\n\t" - "ADD r5, r5, #0x4\n\t" + "MOV r8, #0\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0xf4\n\t" #if defined(__GNUC__) "BLE L_sp_1024_sqr_32_outer_%=\n\t" @@ -69979,7 +70745,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a) "LDR lr, [%[a], #124]\n\t" "UMLAL r6, r7, lr, lr\n\t" "STR r6, [sp, r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "STR r7, [sp, r5]\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -69989,7 +70755,7 @@ WC_OMIT_FRAME_POINTER static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a) #endif "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t" - "SUBS r5, r5, #0x20\n\t" + "SUBS r5, r5, #32\n\t" #if defined(__GNUC__) "BGT L_sp_1024_sqr_32_store_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -70098,8 +70864,8 @@ static const sp_point_1024 p1024_base = { #ifdef WOLFSSL_SP_SMALL /* Sub b from a into a. (a -= b) * - * a A single precision integer. - * b A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, @@ -70115,7 +70881,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "ADD r11, %[a], #0x80\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -70123,7 +70889,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a, #else "L_sp_1024_sub_in_place_32_word_%=:\n\t" #endif - "RSBS r10, r10, #0x0\n\t" + "RSBS r10, r10, #0\n\t" "LDM %[a], {r2, r3, r4, r5}\n\t" "LDM %[b]!, {r6, r7, r8, r9}\n\t" "SBCS r2, r2, r6\n\t" @@ -70159,10 +70925,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, @@ -70180,9 +70947,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r8, #0x0\n\t" - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r8, #0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_1024_cond_sub_32_words:\n\t" @@ -70196,7 +70963,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r, "SBCS r6, r6, r7\n\t" "SBC r4, r8, r8\n\t" "STR r6, [%[r], r5]\n\t" - "ADD r5, r5, #0x4\n\t" + "ADD r5, r5, #4\n\t" "CMP r5, #0x80\n\t" #if defined(__GNUC__) "BLT L_sp_1024_cond_sub_32_words_%=\n\t" @@ -70222,10 +70989,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r, /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, @@ -70243,7 +71011,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" "LDM %[a]!, {r6, r7}\n\t" "LDM %[b]!, {r8, r9}\n\t" "AND r8, r8, %[m]\n\t" @@ -70373,9 +71141,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r_p, @@ -70392,7 +71160,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADD r12, %[a], #0x80\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -70408,8 +71176,8 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r, "ADCS r6, r6, r10\n\t" "ADCS r7, r7, r11\n\t" "STM %[r]!, {r4, r5, r6, r7}\n\t" - "MOV r4, #0x0\n\t" - "ADC r3, r4, #0x0\n\t" + "MOV r4, #0\n\t" + "ADC r3, r4, #0\n\t" "CMP %[a], r12\n\t" #if defined(__GNUC__) "BNE L_sp_1024_add_32_word_%=\n\t" @@ -70436,9 +71204,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r, #ifdef WOLFSSL_SP_SMALL /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r_p, @@ -70458,10 +71226,10 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r, /* A[0] * B */ "LDR r8, [%[a]]\n\t" "UMULL r5, r3, %[b], r8\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" "STR r5, [%[r]]\n\t" - "MOV r5, #0x0\n\t" - "MOV r9, #0x4\n\t" + "MOV r5, #0\n\t" + "MOV r9, #4\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_1024_mul_d_32_word:\n\t" @@ -70473,12 +71241,12 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r, "UMULL r6, r7, %[b], r8\n\t" "ADDS r3, r3, r6\n\t" "ADCS r4, r4, r7\n\t" - "ADC r5, r5, #0x0\n\t" + "ADC r5, r5, #0\n\t" "STR r3, [%[r], r9]\n\t" "MOV r3, r4\n\t" "MOV r4, r5\n\t" - "MOV r5, #0x0\n\t" - "ADD r9, r9, #0x4\n\t" + "MOV r5, #0\n\t" + "ADD r9, r9, #4\n\t" "CMP r9, #0x80\n\t" #if defined(__GNUC__) "BLT L_sp_1024_mul_d_32_word_%=\n\t" @@ -70502,9 +71270,9 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r, #else /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r_p, @@ -70525,157 +71293,157 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r, "LDM %[a]!, {r8}\n\t" "UMULL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[1] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[2] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[3] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[4] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[5] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[6] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[7] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[8] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[9] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[10] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[11] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[12] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[13] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[14] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[15] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[16] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[17] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[18] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[19] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[20] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[21] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[22] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[23] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[24] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[25] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[26] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[27] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[28] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" "STM %[r]!, {r4}\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" /* A[29] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r5, r3, %[b], r8\n\t" "STM %[r]!, {r5}\n\t" - "MOV r4, #0x0\n\t" + "MOV r4, #0\n\t" /* A[30] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r3, r4, %[b], r8\n\t" "STM %[r]!, {r3}\n\t" - "MOV r5, #0x0\n\t" + "MOV r5, #0\n\t" /* A[31] * B */ "LDM %[a]!, {r8}\n\t" "UMLAL r4, r5, %[b], r8\n\t" @@ -70696,10 +71464,11 @@ WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r, #ifdef WOLFSSL_SP_USE_UDIV /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -70719,7 +71488,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_1024_word_32(sp_digit d1, __asm__ __volatile__ ( "LSR r8, %[div], #16\n\t" - "ADD r5, r8, #0x1\n\t" + "ADD r5, r8, #1\n\t" "UDIV r6, %[d1], r5\n\t" "LSL r7, %[div], #16\n\t" "LSL r6, r6, #16\n\t" @@ -70728,8 +71497,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_1024_word_32(sp_digit d1, "SBC %[d1], %[d1], r4\n\t" "SUBS r3, %[d1], r5\n\t" "SBC r9, r9, r9\n\t" - "ADD r9, r9, #0x1\n\t" - "RSB r10, r9, #0x0\n\t" + "ADD r9, r9, #1\n\t" + "RSB r10, r9, #0\n\t" "LSL r9, r9, #16\n\t" "AND r7, r7, r10\n\t" "AND r8, r8, r10\n\t" @@ -70768,10 +71537,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_1024_word_32(sp_digit d1, #else /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The divisor. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The divisor. + * + * @return The result of the division. * * Note that this is an approximate div. It may give an answer 1 larger. */ @@ -70791,18 +71561,18 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_1024_word_32(sp_digit d1, __asm__ __volatile__ ( "LSR r5, %[div], #1\n\t" - "ADD r5, r5, #0x1\n\t" + "ADD r5, r5, #1\n\t" "MOV r6, %[d0]\n\t" "MOV r7, %[d1]\n\t" /* Do top 32 */ "SUBS r8, r5, r7\n\t" "SBC r8, r8, r8\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" /* Next 30 bits */ - "MOV r4, #0x1d\n\t" + "MOV r4, #29\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_div_1024_word_32_bit:\n\t" @@ -70817,7 +71587,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_1024_word_32(sp_digit d1, "SUB r3, r3, r8\n\t" "AND r8, r8, r5\n\t" "SUBS r7, r7, r8\n\t" - "SUBS r4, r4, #0x1\n\t" + "SUBS r4, r4, #1\n\t" #if defined(__GNUC__) "BPL L_div_1024_word_32_bit_%=\n\t" #elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) @@ -70826,7 +71596,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_1024_word_32(sp_digit d1, "BPL.N L_div_1024_word_32_bit_%=\n\t" #endif "ADD r3, r3, r3\n\t" - "ADD r3, r3, #0x1\n\t" + "ADD r3, r3, #1\n\t" "UMULL r6, r7, r3, %[div]\n\t" "SUBS r9, %[d0], r6\n\t" "SBC r10, %[d1], r7\n\t" @@ -70857,9 +71627,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE sp_digit div_1024_word_32(sp_digit d1, #endif /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_1024_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -70887,10 +71657,11 @@ static void sp_1024_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_int32 sp_1024_cmp_32(const sp_digit* a_p, @@ -70907,8 +71678,8 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_1024_cmp_32(const sp_digit* a, __asm__ __volatile__ ( "MOV r2, #0xffffffff\n\t" - "MOV r8, #0x1\n\t" - "MOV r7, #0x0\n\t" + "MOV r8, #1\n\t" + "MOV r7, #0\n\t" "MOV r3, #0xffffffff\n\t" #ifdef WOLFSSL_SP_SMALL "MOV r6, #0x7c\n\t" @@ -70929,7 +71700,7 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_1024_cmp_32(const sp_digit* a, "movlo r2, r3\n\t" "IT ne\n\t" "movne r3, r7\n\t" - "SUBS r6, r6, #0x4\n\t" + "SUBS r6, r6, #4\n\t" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "bcs L_sp_1024_cmp_32_words\n\t" #else @@ -71307,11 +72078,12 @@ WC_OMIT_FRAME_POINTER static sp_int32 sp_1024_cmp_32(const sp_digit* a, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -71349,10 +72121,11 @@ static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d, /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_1024_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -71361,10 +72134,12 @@ static WC_INLINE int sp_1024_mod_32(sp_digit* r, const sp_digit* a, const sp_dig /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_mod_mul_norm_32(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -71377,10 +72152,12 @@ static int sp_1024_mod_mul_norm_32(sp_digit* r, const sp_digit* a, #ifdef WOLFCRYPT_HAVE_SAKKE /* Create a new point. * - * heap [in] Buffer to allocate dynamic memory from. - * sp [in] Data for point - only if not allocating. - * p [out] New point. - * returns MEMORY_E when dynamic memory allocation fails and 0 otherwise. + * @param [in] heap Buffer to allocate dynamic memory from. + * @param [in] sp Data for point - only if not allocating. + * @param [out] p New point. + * + * @return 0 otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_1024_point_new_ex_32(void* heap, sp_point_1024* sp, sp_point_1024** p) @@ -71412,9 +72189,9 @@ static int sp_1024_point_new_ex_32(void* heap, sp_point_1024* sp, #ifdef WOLFCRYPT_HAVE_SAKKE /* Free the point. * - * p [in,out] Point to free. - * clear [in] Indicates whether to zeroize point. - * heap [in] Buffer from which dynamic memory was allocate from. + * @param [in, out] p Point to free. + * @param [in] clear Indicates whether to zeroize point. + * @param [in] heap Buffer from which dynamic memory was allocate from. */ static void sp_1024_point_free_32(sp_point_1024* p, int clear, void* heap) { @@ -71439,9 +72216,9 @@ static void sp_1024_point_free_32(sp_point_1024* p, int clear, void* heap) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -71527,8 +72304,8 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_1024. * - * p Point of type sp_point_1024 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_1024 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_1024_point_from_ecc_point_32(sp_point_1024* p, const ecc_point* pm) @@ -71544,8 +72321,8 @@ static void sp_1024_point_from_ecc_point_32(sp_point_1024* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) { @@ -71612,10 +72389,11 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_1024 to type ecc_point. * - * p Point of type sp_point_1024. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_1024. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm) { @@ -71635,9 +72413,10 @@ static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm) #ifdef WOLFSSL_SP_NO_UMAAL /* Reduce the number back to 1024 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( @@ -71656,8 +72435,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( __asm__ __volatile__ ( "LDR lr, [%[m]]\n\t" /* i = 0 */ - "MOV r11, #0x0\n\t" - "MOV r3, #0x0\n\t" + "MOV r11, #0\n\t" + "MOV r3, #0\n\t" "LDR r4, [%[a]]\n\t" "LDR r5, [%[a], #4]\n\t" "\n" @@ -71669,263 +72448,263 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( /* mu = a[i] * mp */ "MUL r10, %[mp], r4\n\t" /* a[i+0] += m[0] * mu */ - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r4, r7, r10, lr\n\t" /* a[i+1] += m[1] * mu */ "LDR r9, [%[m], #4]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r5, r6, r10, r9\n\t" "MOV r4, r5\n\t" "ADDS r4, r4, r7\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+2] += m[2] * mu */ "LDR r9, [%[m], #8]\n\t" "LDR r5, [%[a], #8]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r5, r7, r10, r9\n\t" "ADDS r5, r5, r6\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+3] += m[3] * mu */ "LDR r9, [%[m], #12]\n\t" "LDR r12, [%[a], #12]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #12]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+4] += m[4] * mu */ "LDR r9, [%[m], #16]\n\t" "LDR r12, [%[a], #16]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #16]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+5] += m[5] * mu */ "LDR r9, [%[m], #20]\n\t" "LDR r12, [%[a], #20]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #20]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+6] += m[6] * mu */ "LDR r9, [%[m], #24]\n\t" "LDR r12, [%[a], #24]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #24]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+7] += m[7] * mu */ "LDR r9, [%[m], #28]\n\t" "LDR r12, [%[a], #28]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #28]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+8] += m[8] * mu */ "LDR r9, [%[m], #32]\n\t" "LDR r12, [%[a], #32]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #32]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+9] += m[9] * mu */ "LDR r9, [%[m], #36]\n\t" "LDR r12, [%[a], #36]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #36]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+10] += m[10] * mu */ "LDR r9, [%[m], #40]\n\t" "LDR r12, [%[a], #40]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #40]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+11] += m[11] * mu */ "LDR r9, [%[m], #44]\n\t" "LDR r12, [%[a], #44]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #44]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+12] += m[12] * mu */ "LDR r9, [%[m], #48]\n\t" "LDR r12, [%[a], #48]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #48]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+13] += m[13] * mu */ "LDR r9, [%[m], #52]\n\t" "LDR r12, [%[a], #52]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #52]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+14] += m[14] * mu */ "LDR r9, [%[m], #56]\n\t" "LDR r12, [%[a], #56]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #56]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+15] += m[15] * mu */ "LDR r9, [%[m], #60]\n\t" "LDR r12, [%[a], #60]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #60]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+16] += m[16] * mu */ "LDR r9, [%[m], #64]\n\t" "LDR r12, [%[a], #64]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #64]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+17] += m[17] * mu */ "LDR r9, [%[m], #68]\n\t" "LDR r12, [%[a], #68]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #68]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+18] += m[18] * mu */ "LDR r9, [%[m], #72]\n\t" "LDR r12, [%[a], #72]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #72]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+19] += m[19] * mu */ "LDR r9, [%[m], #76]\n\t" "LDR r12, [%[a], #76]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #76]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+20] += m[20] * mu */ "LDR r9, [%[m], #80]\n\t" "LDR r12, [%[a], #80]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #80]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+21] += m[21] * mu */ "LDR r9, [%[m], #84]\n\t" "LDR r12, [%[a], #84]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #84]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+22] += m[22] * mu */ "LDR r9, [%[m], #88]\n\t" "LDR r12, [%[a], #88]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #88]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+23] += m[23] * mu */ "LDR r9, [%[m], #92]\n\t" "LDR r12, [%[a], #92]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #92]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+24] += m[24] * mu */ "LDR r9, [%[m], #96]\n\t" "LDR r12, [%[a], #96]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #96]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+25] += m[25] * mu */ "LDR r9, [%[m], #100]\n\t" "LDR r12, [%[a], #100]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #100]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+26] += m[26] * mu */ "LDR r9, [%[m], #104]\n\t" "LDR r12, [%[a], #104]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #104]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+27] += m[27] * mu */ "LDR r9, [%[m], #108]\n\t" "LDR r12, [%[a], #108]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #108]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+28] += m[28] * mu */ "LDR r9, [%[m], #112]\n\t" "LDR r12, [%[a], #112]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #112]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+29] += m[29] * mu */ "LDR r9, [%[m], #116]\n\t" "LDR r12, [%[a], #116]\n\t" - "MOV r6, #0x0\n\t" + "MOV r6, #0\n\t" "UMLAL r12, r6, r10, r9\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #116]\n\t" - "ADC r6, r6, #0x0\n\t" + "ADC r6, r6, #0\n\t" /* a[i+30] += m[30] * mu */ "LDR r9, [%[m], #120]\n\t" "LDR r12, [%[a], #120]\n\t" - "MOV r7, #0x0\n\t" + "MOV r7, #0\n\t" "UMLAL r12, r7, r10, r9\n\t" "ADDS r12, r12, r6\n\t" "STR r12, [%[a], #120]\n\t" - "ADC r7, r7, #0x0\n\t" + "ADC r7, r7, #0\n\t" /* a[i+31] += m[31] * mu */ "LDR r9, [%[m], #124]\n\t" "LDR r12, [%[a], #124]\n\t" "UMULL r8, r9, r10, r9\n\t" "ADDS r7, r7, r8\n\t" "ADCS r6, r9, r3\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "ADC r3, r3, r3\n\t" "ADDS r12, r12, r7\n\t" "STR r12, [%[a], #124]\n\t" "LDR r12, [%[a], #128]\n\t" "ADCS r12, r12, r6\n\t" "STR r12, [%[a], #128]\n\t" - "ADC r3, r3, #0x0\n\t" + "ADC r3, r3, #0\n\t" /* i += 1 */ - "ADD r11, r11, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r11, r11, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r11, #0x80\n\t" #if defined(__GNUC__) "BLT L_sp_1024_mont_reduce_32_word_%=\n\t" @@ -71959,9 +72738,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( #else /* Reduce the number back to 1024 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( @@ -71979,8 +72759,8 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( __asm__ __volatile__ ( /* i = 0 */ - "MOV r4, #0x0\n\t" - "MOV r5, #0x0\n\t" + "MOV r4, #0\n\t" + "MOV r5, #0\n\t" "LDR r6, [%[a]]\n\t" "LDR r7, [%[a], #4]\n\t" "LDR r8, [%[a], #8]\n\t" @@ -71996,7 +72776,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( "MUL lr, %[mp], r6\n\t" /* a[i+0] += m[0] * mu */ "LDR r12, [%[m]]\n\t" - "MOV r3, #0x0\n\t" + "MOV r3, #0\n\t" "UMAAL r6, r3, lr, r12\n\t" /* a[i+1] += m[1] * mu */ "LDR r12, [%[m], #4]\n\t" @@ -72148,15 +72928,15 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( "LDR r11, [%[a], #124]\n\t" "UMAAL r11, r3, lr, r12\n\t" "LDR lr, [%[a], #128]\n\t" - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "UMAAL r3, lr, r12, r12\n\t" "STR r11, [%[a], #124]\n\t" "ADDS r3, r3, r5\n\t" - "ADC r5, lr, #0x0\n\t" + "ADC r5, lr, #0\n\t" "STR r3, [%[a], #128]\n\t" /* i += 1 */ - "ADD r4, r4, #0x4\n\t" - "ADD %[a], %[a], #0x4\n\t" + "ADD r4, r4, #4\n\t" + "ADD %[a], %[a], #4\n\t" "CMP r4, #0x80\n\t" #if defined(__GNUC__) "BLT L_sp_1024_mont_reduce_32_word_%=\n\t" @@ -72194,11 +72974,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32( /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -72209,10 +72989,10 @@ SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_sqr_32(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -72247,9 +73027,9 @@ static const word8 p1024_mod_minus_2[] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P1024 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_1024_mont_inv_32(sp_digit* r, const sp_digit* a, sp_digit* td) @@ -72284,15 +73064,15 @@ static void sp_1024_mont_inv_32(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 32. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_1024_norm_32(a) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_1024_map_32(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -72330,10 +73110,10 @@ static void sp_1024_map_32(sp_point_1024* r, const sp_point_1024* p, /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_add_32(sp_digit* r_p, @@ -72351,7 +73131,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_add_32(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "LDM %[a]!, {r4, r5, r6, r7}\n\t" "LDM %[b]!, {r8, r9, r10, r11}\n\t" "ADDS r4, r4, r8\n\t" @@ -72409,7 +73189,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_add_32(sp_digit* r, "ADCS r7, r7, r11\n\t" "STM %[r]!, {r4, r5, r6, r7}\n\t" "LDR r11, [%[m], #124]\n\t" - "ADC r12, r12, #0x0\n\t" + "ADC r12, r12, #0\n\t" "SUBS r11, r11, r7\n\t" "neg r12, r12\n\t" "SBC r11, r11, r11\n\t" @@ -72517,9 +73297,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_add_32(sp_digit* r, /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_dbl_32(sp_digit* r_p, @@ -72536,7 +73316,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_dbl_32(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "ADDS r4, r4, r4\n\t" "ADCS r5, r5, r5\n\t" @@ -72578,7 +73358,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_dbl_32(sp_digit* r, "ADCS r11, r11, r11\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "LDR r4, [%[m], #124]\n\t" - "ADC r12, r12, #0x0\n\t" + "ADC r12, r12, #0\n\t" "SUBS r4, r4, r11\n\t" "neg r12, r12\n\t" "SBC r4, r4, r4\n\t" @@ -72686,9 +73466,9 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_dbl_32(sp_digit* r, /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_tpl_32(sp_digit* r_p, @@ -72705,7 +73485,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_tpl_32(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "ADDS r4, r4, r4\n\t" "ADCS r5, r5, r5\n\t" @@ -72747,7 +73527,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_tpl_32(sp_digit* r, "ADCS r11, r11, r11\n\t" "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t" "LDR r4, [%[m], #124]\n\t" - "ADC r12, r12, #0x0\n\t" + "ADC r12, r12, #0\n\t" "SUBS r4, r4, r11\n\t" "neg r12, r12\n\t" "SBC r4, r4, r4\n\t" @@ -72844,7 +73624,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_tpl_32(sp_digit* r, "SUB %[r], %[r], #0x80\n\t" "SUB %[m], %[m], #0x80\n\t" "SUB %[a], %[a], #0x80\n\t" - "MOV r12, #0x0\n\t" + "MOV r12, #0\n\t" "LDM %[a]!, {r4, r5, r6, r7}\n\t" "LDM %[r], {r8, r9, r10, r11}\n\t" "ADDS r8, r8, r4\n\t" @@ -72902,7 +73682,7 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_tpl_32(sp_digit* r, "ADCS r11, r11, r7\n\t" "STM %[r]!, {r8, r9, r10, r11}\n\t" "LDR r7, [%[m], #124]\n\t" - "ADC r12, r12, #0x0\n\t" + "ADC r12, r12, #0\n\t" "SUBS r7, r7, r11\n\t" "neg r12, r12\n\t" "SBC r7, r7, r7\n\t" @@ -73010,10 +73790,10 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_tpl_32(sp_digit* r, /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_sub_32(sp_digit* r_p, @@ -73193,10 +73973,11 @@ WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_sub_32(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r_p, @@ -73214,9 +73995,9 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r5, #0x0\n\t" - "MOV r8, #0x0\n\t" - "MOV r4, #0x0\n\t" + "MOV r5, #0\n\t" + "MOV r8, #0\n\t" + "MOV r4, #0\n\t" "\n" #if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000) "L_sp_1024_cond_add_32_words:\n\t" @@ -73230,7 +74011,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r, "ADCS r6, r6, r7\n\t" "ADC r5, r8, r8\n\t" "STR r6, [%[r], r4]\n\t" - "ADD r4, r4, #0x4\n\t" + "ADD r4, r4, #4\n\t" "CMP r4, #0x80\n\t" #if defined(__GNUC__) "BLT L_sp_1024_cond_add_32_words_%=\n\t" @@ -73256,10 +74037,11 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r, /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r_p, @@ -73277,7 +74059,7 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r, #endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */ __asm__ __volatile__ ( - "MOV r10, #0x0\n\t" + "MOV r10, #0\n\t" "LDM %[a]!, {r6, r7}\n\t" "LDM %[b]!, {r8, r9}\n\t" "AND r8, r8, %[m]\n\t" @@ -73404,6 +74186,12 @@ WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r, } #endif /* WOLFSSL_SP_SMALL */ +/* Shift number right one bit. + * Bottom bit is lost. + * + * @param [out] r Result of shift. + * @param [in] a Number to shift. + */ #ifndef WOLFSSL_NO_VAR_ASSIGN_REG WC_OMIT_FRAME_POINTER static void sp_1024_rshift1_32(sp_digit* r_p, const sp_digit* a_p) @@ -73557,9 +74345,9 @@ WC_OMIT_FRAME_POINTER static void sp_1024_rshift1_32(sp_digit* r, /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ static void sp_1024_mont_div2_32(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -73572,9 +74360,9 @@ static void sp_1024_mont_div2_32(sp_digit* r, const sp_digit* a, const sp_digit* /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -73643,9 +74431,13 @@ typedef struct sp_1024_proj_point_dbl_32_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -73775,9 +74567,10 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_1024_cmp_equal_32(const sp_digit* a, const sp_digit* b) { @@ -73797,8 +74590,9 @@ static int sp_1024_cmp_equal_32(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_1024_iszero_32(const sp_digit* a) { @@ -73811,10 +74605,10 @@ static int sp_1024_iszero_32(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_32(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -73914,10 +74708,14 @@ typedef struct sp_1024_proj_point_add_32_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -74108,13 +74906,15 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, * 1024 doubles. * 268 adds. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -74215,10 +75015,9 @@ static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g, #if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL) /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i, sp_digit* t) @@ -74308,8 +75107,8 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_1024_proj_to_affine_32(sp_point_1024* a, sp_digit* t) { @@ -74340,10 +75139,10 @@ typedef struct sp_table_entry_1024 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -74425,10 +75224,10 @@ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r, * 16 entries * 256 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_1024_gen_stripe_table_32(const sp_point_1024* a, sp_table_entry_1024* table, sp_digit* tmp, void* heap) @@ -74505,13 +75304,16 @@ static int sp_1024_gen_stripe_table_32(const sp_point_1024* a, * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_stripe_32(sp_point_1024* r, const sp_point_1024* g, const sp_table_entry_1024* table, const sp_digit* k, int map, @@ -74613,8 +75415,8 @@ static THREAD_LS_T int sp_cache_1024_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache) { @@ -74677,13 +75479,15 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -74763,10 +75567,10 @@ static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, * 256 entries * 128 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_1024_gen_stripe_table_32(const sp_point_1024* a, sp_table_entry_1024* table, sp_digit* tmp, void* heap) @@ -74843,13 +75647,16 @@ static int sp_1024_gen_stripe_table_32(const sp_point_1024* a, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_stripe_32(sp_point_1024* r, const sp_point_1024* g, const sp_table_entry_1024* table, const sp_digit* k, int map, @@ -74951,8 +75758,8 @@ static THREAD_LS_T int sp_cache_1024_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache) { @@ -75015,13 +75822,15 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -75097,12 +75906,14 @@ static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -75347,12 +76158,14 @@ static const sp_table_entry_1024 p1024_table[16] = { * Pre-generated: products of all combinations of above. * 4 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_base_32(sp_point_1024* r, const sp_digit* k, int map, int ct, void* heap) @@ -78699,12 +79512,14 @@ static const sp_table_entry_1024 p1024_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_base_32(sp_point_1024* r, const sp_digit* k, int map, int ct, void* heap) @@ -78718,11 +79533,13 @@ static int sp_1024_ecc_mulmod_base_32(sp_point_1024* r, const sp_digit* k, /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -78750,13 +79567,15 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P1024 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -78807,12 +79626,15 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, #ifndef WOLFSSL_SP_SMALL /* Generate a pre-computation table for the point. * - * gm Point to generate table for. - * table Buffer to hold pre-computed points table. - * len Length of table. - * heap Heap to use for allocation. - * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is - * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise. + * @param [in] gm Point to generate table for. + * @param [out] table Buffer to hold pre-computed points table. + * @param [in, out] len Length of table. + * @param [in] heap Heap to use for allocation. + * + * @return 0 otherwise. + * @return BAD_FUNC_ARG when gm or len is NULL. + * @return LENGTH_ONLY_E when table is NULL and length is returned. + * @return BUFFER_E when length is too small. */ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, void* heap) @@ -78852,12 +79674,15 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, #else /* Generate a pre-computation table for the point. * - * gm Point to generate table for. - * table Buffer to hold pre-computed points table. - * len Length of table. - * heap Heap to use for allocation. - * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is - * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise. + * @param [in] gm Point to generate table for. + * @param [out] table Buffer to hold pre-computed points table. + * @param [in, out] len Length of table. + * @param [in] heap Heap to use for allocation. + * + * @return 0 otherwise. + * @return BAD_FUNC_ARG when gm or len is NULL. + * @return LENGTH_ONLY_E when table is NULL and length is returned. + * @return BUFFER_E when length is too small. */ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, void* heap) @@ -78887,13 +79712,15 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * gm Point to multiply. - * table Pre-computed points. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] table Pre-computed points. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, ecc_point* r, int map, void* heap) @@ -78931,10 +79758,12 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, * r.x = p.x - (p.y * q.y) * r.y = (p.x * q.y) + p.y * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * q [in] A single precision integer - multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] q A single precision integer - multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_qx1_32(sp_digit* px, sp_digit* py, const sp_digit* q, sp_digit* t) @@ -78957,9 +79786,11 @@ static void sp_1024_proj_mul_qx1_32(sp_digit* px, sp_digit* py, * px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2 * py' = 2 * p.x * p.y * - * px [in,out] A single precision integer - X ordinate of number to square. - * py [in,out] A single precision integer - Y ordinate of number to square. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_sqr_32(sp_digit* px, sp_digit* py, sp_digit* t) { @@ -78984,10 +79815,12 @@ static void sp_1024_proj_sqr_32(sp_digit* px, sp_digit* py, sp_digit* t) * Simple square and multiply when expontent bit is one algorithm. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -80880,11 +81713,13 @@ static const sp_digit sp_1024_g_table[256][32] = { * Total of 256 points in table. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -80979,13 +81814,15 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) * p.x' = v0 - v1 * p.y' = (px + py) * (qx + qy) - v0 - v1 * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * qx [in] A single precision integer - X ordinate of number of - * multiplier. - * qy [in] A single precision integer - Y ordinate of number of - * multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] qx A single precision integer - X ordinate of number of + * multiplier. + * @param [in] qy A single precision integer - Y ordinate of number of + * multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_32(sp_digit* px, sp_digit* py, const sp_digit* qx, const sp_digit* qy, sp_digit* t) @@ -81015,8 +81852,8 @@ static void sp_1024_proj_mul_32(sp_digit* px, sp_digit* py, /* * Convert point from projective to affine but keep in Montgomery form. * - * p [in,out] Point to convert. - * t [in] Temporary numbers: 2. + * @param [in, out] p Point to convert. + * @param [in] t Temporary numbers: 2. */ static void sp_1024_mont_map_32(sp_point_1024* p, sp_digit* t) { @@ -81045,11 +81882,11 @@ static void sp_1024_mont_map_32(sp_point_1024* p, sp_digit* t) * p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 * p'.z = 2 * p.y * p.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -81135,14 +81972,14 @@ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy, * c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 * c'.z = (c.x - p.x * c.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added * to. - * @param [in] p ECC point - point on E(F_p^2) to add. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] qx_px SP that is a constant value across adds. - * @param [in] t SP temporaries (6 used). + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] qx_px SP that is a constant value across adds. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_add_one_32(sp_digit* vx, sp_digit* vy, sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px, @@ -81219,10 +82056,10 @@ static void sp_1024_accumulate_line_add_one_32(sp_digit* vx, sp_digit* vy, * * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q. * - * @param [in] key SAKKE key. - * @param [in] p First point on E(F_p)[q]. - * @param [in] q Second point on E(F_p)[q]. - * @param [in] r Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -81356,14 +82193,14 @@ int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res) * c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 * c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added - * to. - * @param [in,out] p ECC point - point on E(F_p^2) to add. - * @param [in,out] q ECC point - second point on E(F_P^2). - * @param [in,out] t SP temporaries (6 used). - * @param [in,out] neg Indicates to use negative P. + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added to. + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in, out] t SP temporaries (6 used). + * @param [in] neg Indicates to use negative P. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -81477,12 +82314,12 @@ static void sp_1024_accumulate_line_add_n_32(sp_digit* vx, sp_digit* vy, * Finally: * p'.y = py' / 2 * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] n Number of times to double. - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] n Number of times to double. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t) @@ -81597,9 +82434,10 @@ static const signed char sp_1024_order_op[] = { * Subtract if top bit in window is one. * Width of 6 bits. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -81771,13 +82609,14 @@ int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res) * * Small implementation does not use a table - returns 0 length. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. */ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, word32* len) @@ -81804,11 +82643,12 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, * * Small implementation does not use a table - use the normal implementation. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -81827,11 +82667,11 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm, * l = 3 * (p.x^2 - 1) / (2 * p.y) * c = l * p.x - p.y * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to double. - * @param [in] py Y-ordinate of point to double. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to double. + * @param [in] py Y-ordinate of point to double. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_dbl_calc_lc_32(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, sp_digit* t) @@ -81868,13 +82708,13 @@ static void sp_1024_accum_dbl_calc_lc_32(sp_digit* lr, sp_digit* cr, * l = (c.y - p.y) / (c.x - p.x) * c = (p.x * c.y - cx * p.y) / (cx - p.x) * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to add. - * @param [in] py Y-ordinate of point to add. - * @param [in] cx X-ordinate of current point. - * @param [in] cy Y-ordinate of current point. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to add. + * @param [in] py Y-ordinate of point to add. + * @param [in] cx X-ordinate of current point. + * @param [in] cy Y-ordinate of current point. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_add_calc_lc_32(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, const sp_digit* cx, @@ -81918,13 +82758,13 @@ static void sp_1024_accum_add_calc_lc_32(sp_digit* lr, sp_digit* cr, * r.y = q->y * v* = v* * r* * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in] l Gradient to multiply with. - * @param [in] c Constant to add with. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (3 used). - * @param [in] dbl Indicates whether this is for doubling. Otherwise + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in] l Gradient to multiply with. + * @param [in] c Constant to add with. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (3 used). + * @param [in] dbl Indicates whether this is for doubling. Otherwise * adding. */ static void sp_1024_accumulate_line_lc_32(sp_digit* vx, sp_digit* vy, @@ -81980,14 +82820,15 @@ static const signed char sp_1024_order_op_pre[] = { * Subtract if top bit in window is one. * Width of 6 bits. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. - * MEMORY_E when dynamic memory allocation fauls. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. + * @return MEMORY_E when dynamic memory allocation fauls. */ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, word32* len) @@ -82141,11 +82982,12 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, * Pre-generate values in window (1, 3, ...) - only V. * Table contains all gradient l and a constant for each point on the path. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -82326,10 +83168,10 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm, #endif /* WOLFSSL_SP_SMALL */ /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -82373,10 +83215,12 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_1024_ecc_is_point_32(const sp_point_1024* point, void* heap) @@ -82422,10 +83266,12 @@ static int sp_1024_ecc_is_point_32(const sp_point_1024* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY) { @@ -82451,13 +83297,17 @@ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) diff --git a/wolfcrypt/src/sp_x86_64.c b/wolfcrypt/src/sp_x86_64.c index 1a3c68fc88..b3a3132bba 100644 --- a/wolfcrypt/src/sp_x86_64.c +++ b/wolfcrypt/src/sp_x86_64.c @@ -153,10 +153,10 @@ extern void sp_2048_from_bin_movbe(sp_digit* r, int size, const byte* a, int n); #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -175,9 +175,9 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -278,8 +278,8 @@ extern void sp_2048_to_bin_movbe_32(sp_digit* r, byte* a); /* Write r as big endian to byte array. * Fixed length number of bytes written: 256 * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ static void sp_2048_to_bin_32(sp_digit* r, byte* a) { @@ -299,14 +299,14 @@ static void sp_2048_to_bin_32(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_2048_norm_32(a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_2048_norm_32(a) @@ -403,8 +403,8 @@ extern sp_digit sp_2048_sub_in_place_16(sp_digit* a, const sp_digit* b); /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -433,8 +433,8 @@ extern void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a, sp_digit b); /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_16(sp_digit* r, const sp_digit* m) { @@ -461,11 +461,11 @@ extern void sp_2048_mont_reduce_16(sp_digit* a, const sp_digit* m, sp_digit mp); /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -476,10 +476,10 @@ SP_NOINLINE static void sp_2048_mont_mul_16(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_16(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -521,10 +521,11 @@ extern sp_digit div_2048_word_asm_16(sp_digit d1, sp_digit d0, sp_digit div); #endif /* _MSC_VER < 1920 */ /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_2048_word_16(sp_digit d1, sp_digit d0, sp_digit div) @@ -538,10 +539,11 @@ static WC_INLINE sp_digit div_2048_word_16(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_2048_word_16(sp_digit d1, sp_digit d0, sp_digit div) @@ -558,9 +560,9 @@ static WC_INLINE sp_digit div_2048_word_16(sp_digit d1, sp_digit d0, #endif /* _WIN64 && !__clang__ */ /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -596,11 +598,12 @@ extern sp_int64 sp_2048_cmp_16(const sp_digit* a, const sp_digit* b); /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_div_16(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -658,10 +661,11 @@ static WC_INLINE int sp_2048_div_16(const sp_digit* a, const sp_digit* d, sp_dig /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_mod_16(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -670,6 +674,12 @@ static WC_INLINE int sp_2048_mod_16(sp_digit* r, const sp_digit* a, } #ifndef WC_NO_CACHE_RESISTANT +/* Get an entry from the table by index in a cache resistant manner. + * + * @param [out] r Entry retrieved from table. + * @param [in] table Table of entries to choose from. + * @param [in] idx Index of entry to retrieve. + */ static void sp_2048_get_from_table_16(sp_digit* r, sp_digit** table, int idx) { @@ -700,14 +710,17 @@ static void sp_2048_get_from_table_16(sp_digit* r, #endif /* !WC_NO_CACHE_RESISTANT */ /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_16(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -883,11 +896,11 @@ extern void sp_2048_mont_reduce_avx2_16(sp_digit* a, const sp_digit* m, sp_digit /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -901,10 +914,10 @@ SP_NOINLINE static void sp_2048_mont_mul_avx2_16(sp_digit* r, const sp_digit* a, #ifdef HAVE_INTEL_AVX2 /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -926,14 +939,17 @@ extern void sp_2048_get_from_table_avx2_16(sp_digit* r, sp_digit** table, int id #ifdef HAVE_INTEL_AVX2 /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -1106,8 +1122,8 @@ static int sp_2048_mod_exp_avx2_16(sp_digit* r, const sp_digit* a, const sp_digi /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 2048 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m) { @@ -1135,11 +1151,11 @@ extern void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp); /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -1150,10 +1166,10 @@ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -1188,10 +1204,11 @@ extern sp_digit div_2048_word_asm_32(sp_digit d1, sp_digit d0, sp_digit div); #endif /* _MSC_VER < 1920 */ /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_2048_word_32(sp_digit d1, sp_digit d0, sp_digit div) @@ -1205,10 +1222,11 @@ static WC_INLINE sp_digit div_2048_word_32(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_2048_word_32(sp_digit d1, sp_digit d0, sp_digit div) @@ -1226,11 +1244,12 @@ static WC_INLINE sp_digit div_2048_word_32(sp_digit d1, sp_digit d0, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_div_32_cond(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -1294,10 +1313,11 @@ static WC_INLINE int sp_2048_div_32_cond(const sp_digit* a, const sp_digit* d, s /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_mod_32_cond(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -1315,9 +1335,9 @@ extern sp_digit sp_2048_cond_sub_avx2_32(sp_digit* r, const sp_digit* a, const s #endif /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -1353,11 +1373,12 @@ extern sp_int64 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b); /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -1416,10 +1437,11 @@ static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_dig #if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY) /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -1429,6 +1451,12 @@ static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */ #ifndef WC_NO_CACHE_RESISTANT +/* Get an entry from the table by index in a cache resistant manner. + * + * @param [out] r Entry retrieved from table. + * @param [in] table Table of entries to choose from. + * @param [in] idx Index of entry to retrieve. + */ static void sp_2048_get_from_table_32(sp_digit* r, sp_digit** table, int idx) { @@ -1459,14 +1487,17 @@ static void sp_2048_get_from_table_32(sp_digit* r, #endif /* !WC_NO_CACHE_RESISTANT */ /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -1676,11 +1707,11 @@ extern void sp_2048_mont_reduce_avx2_32(sp_digit* a, const sp_digit* m, sp_digit /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_mul_avx2_32(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -1694,10 +1725,10 @@ SP_NOINLINE static void sp_2048_mont_mul_avx2_32(sp_digit* r, const sp_digit* a, #ifdef HAVE_INTEL_AVX2 /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_2048_mont_sqr_avx2_32(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -1720,14 +1751,17 @@ extern void sp_2048_get_from_table_avx2_32(sp_digit* r, sp_digit** table, int id #ifdef HAVE_INTEL_AVX2 /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_2048_mod_exp_avx2_32(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -1931,15 +1965,19 @@ static int sp_2048_mod_exp_avx2_32(sp_digit* r, const sp_digit* a, const sp_digi #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to exponentiate, + * base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -2132,20 +2170,24 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em, #if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to exponentiate, + * base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm,const mp_int* dpm, const mp_int* dqm, @@ -2222,20 +2264,24 @@ extern sp_digit sp_2048_cond_add_avx2_16(sp_digit* r, const sp_digit* a, const s #endif /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to exponentiate, + * base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -2366,8 +2412,8 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) { @@ -2434,12 +2480,14 @@ static int sp_2048_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -2511,13 +2559,15 @@ extern void sp_2048_lshift_32(sp_digit* r, const sp_digit* a, int n); #ifdef HAVE_INTEL_AVX2 /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_2048_mod_exp_2_avx2_32(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -2629,13 +2679,15 @@ static int sp_2048_mod_exp_2_avx2_32(sp_digit* r, const sp_digit* e, int bits, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_2048_mod_exp_2_32(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -2747,15 +2799,17 @@ static int sp_2048_mod_exp_2_32(sp_digit* r, const sp_digit* e, int bits, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 256 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 256 bytes long. + * @param [in] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -2841,12 +2895,14 @@ int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen, #endif /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -2928,10 +2984,10 @@ extern void sp_3072_from_bin_movbe(sp_digit* r, int size, const byte* a, int n); #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -2950,9 +3006,9 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -3053,8 +3109,8 @@ extern void sp_3072_to_bin_movbe_48(sp_digit* r, byte* a); /* Write r as big endian to byte array. * Fixed length number of bytes written: 384 * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ static void sp_3072_to_bin_48(sp_digit* r, byte* a) { @@ -3074,14 +3130,14 @@ static void sp_3072_to_bin_48(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_3072_norm_48(a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_3072_norm_48(a) @@ -3217,8 +3273,8 @@ extern void sp_3072_sqr_avx2_48(sp_digit* r, const sp_digit* a); /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -3247,8 +3303,8 @@ extern void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a, sp_digit b); /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_24(sp_digit* r, const sp_digit* m) { @@ -3275,11 +3331,11 @@ extern void sp_3072_mont_reduce_24(sp_digit* a, const sp_digit* m, sp_digit mp); /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_24(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -3290,10 +3346,10 @@ SP_NOINLINE static void sp_3072_mont_mul_24(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_24(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -3335,10 +3391,11 @@ extern sp_digit div_3072_word_asm_24(sp_digit d1, sp_digit d0, sp_digit div); #endif /* _MSC_VER < 1920 */ /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_3072_word_24(sp_digit d1, sp_digit d0, sp_digit div) @@ -3352,10 +3409,11 @@ static WC_INLINE sp_digit div_3072_word_24(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_3072_word_24(sp_digit d1, sp_digit d0, sp_digit div) @@ -3372,9 +3430,9 @@ static WC_INLINE sp_digit div_3072_word_24(sp_digit d1, sp_digit d0, #endif /* _WIN64 && !__clang__ */ /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_24(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -3410,11 +3468,12 @@ extern sp_int64 sp_3072_cmp_24(const sp_digit* a, const sp_digit* b); /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_div_24(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -3472,10 +3531,11 @@ static WC_INLINE int sp_3072_div_24(const sp_digit* a, const sp_digit* d, sp_dig /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_mod_24(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -3484,6 +3544,12 @@ static WC_INLINE int sp_3072_mod_24(sp_digit* r, const sp_digit* a, } #ifndef WC_NO_CACHE_RESISTANT +/* Get an entry from the table by index in a cache resistant manner. + * + * @param [out] r Entry retrieved from table. + * @param [in] table Table of entries to choose from. + * @param [in] idx Index of entry to retrieve. + */ static void sp_3072_get_from_table_24(sp_digit* r, sp_digit** table, int idx) { @@ -3514,14 +3580,17 @@ static void sp_3072_get_from_table_24(sp_digit* r, #endif /* !WC_NO_CACHE_RESISTANT */ /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_24(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -3697,11 +3766,11 @@ extern void sp_3072_mont_reduce_avx2_24(sp_digit* a, const sp_digit* m, sp_digit /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_avx2_24(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -3715,10 +3784,10 @@ SP_NOINLINE static void sp_3072_mont_mul_avx2_24(sp_digit* r, const sp_digit* a, #ifdef HAVE_INTEL_AVX2 /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_avx2_24(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -3740,14 +3809,17 @@ extern void sp_3072_get_from_table_avx2_24(sp_digit* r, sp_digit** table, int id #ifdef HAVE_INTEL_AVX2 /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_avx2_24(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -3920,8 +3992,8 @@ static int sp_3072_mod_exp_avx2_24(sp_digit* r, const sp_digit* a, const sp_digi /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 3072 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m) { @@ -3949,11 +4021,11 @@ extern void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m, sp_digit mp); /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -3964,10 +4036,10 @@ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -4002,10 +4074,11 @@ extern sp_digit div_3072_word_asm_48(sp_digit d1, sp_digit d0, sp_digit div); #endif /* _MSC_VER < 1920 */ /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_3072_word_48(sp_digit d1, sp_digit d0, sp_digit div) @@ -4019,10 +4092,11 @@ static WC_INLINE sp_digit div_3072_word_48(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_3072_word_48(sp_digit d1, sp_digit d0, sp_digit div) @@ -4040,11 +4114,12 @@ static WC_INLINE sp_digit div_3072_word_48(sp_digit d1, sp_digit d0, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_div_48_cond(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -4108,10 +4183,11 @@ static WC_INLINE int sp_3072_div_48_cond(const sp_digit* a, const sp_digit* d, s /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_mod_48_cond(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -4129,9 +4205,9 @@ extern sp_digit sp_3072_cond_sub_avx2_48(sp_digit* r, const sp_digit* a, const s #endif /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -4167,11 +4243,12 @@ extern sp_int64 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b); /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -4230,10 +4307,11 @@ static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_dig #if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY) /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -4243,6 +4321,12 @@ static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */ #ifndef WC_NO_CACHE_RESISTANT +/* Get an entry from the table by index in a cache resistant manner. + * + * @param [out] r Entry retrieved from table. + * @param [in] table Table of entries to choose from. + * @param [in] idx Index of entry to retrieve. + */ static void sp_3072_get_from_table_48(sp_digit* r, sp_digit** table, int idx) { @@ -4273,14 +4357,17 @@ static void sp_3072_get_from_table_48(sp_digit* r, #endif /* !WC_NO_CACHE_RESISTANT */ /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -4438,11 +4525,11 @@ extern void sp_3072_mont_reduce_avx2_48(sp_digit* a, const sp_digit* m, sp_digit /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_mul_avx2_48(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -4456,10 +4543,10 @@ SP_NOINLINE static void sp_3072_mont_mul_avx2_48(sp_digit* r, const sp_digit* a, #ifdef HAVE_INTEL_AVX2 /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_3072_mont_sqr_avx2_48(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -4482,14 +4569,17 @@ extern void sp_3072_get_from_table_avx2_48(sp_digit* r, sp_digit** table, int id #ifdef HAVE_INTEL_AVX2 /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_3072_mod_exp_avx2_48(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -4641,15 +4731,19 @@ static int sp_3072_mod_exp_avx2_48(sp_digit* r, const sp_digit* a, const sp_digi #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to exponentiate, + * base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -4842,20 +4936,24 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em, #if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to exponentiate, + * base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm,const mp_int* dpm, const mp_int* dqm, @@ -4932,20 +5030,24 @@ extern sp_digit sp_3072_cond_add_avx2_24(sp_digit* r, const sp_digit* a, const s #endif /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to exponentiate, + * base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -5076,8 +5178,8 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) { @@ -5144,12 +5246,14 @@ static int sp_3072_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -5221,13 +5325,15 @@ extern void sp_3072_lshift_48(sp_digit* r, const sp_digit* a, int n); #ifdef HAVE_INTEL_AVX2 /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_3072_mod_exp_2_avx2_48(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -5339,13 +5445,15 @@ static int sp_3072_mod_exp_2_avx2_48(sp_digit* r, const sp_digit* e, int bits, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_3072_mod_exp_2_48(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -5457,15 +5565,17 @@ static int sp_3072_mod_exp_2_48(sp_digit* r, const sp_digit* e, int bits, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 384 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 384 bytes long. + * @param [in] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -5551,12 +5661,14 @@ int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen, #endif /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -5638,10 +5750,10 @@ extern void sp_4096_from_bin_movbe(sp_digit* r, int size, const byte* a, int n); #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -5660,9 +5772,9 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -5763,8 +5875,8 @@ extern void sp_4096_to_bin_movbe_64(sp_digit* r, byte* a); /* Write r as big endian to byte array. * Fixed length number of bytes written: 512 * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ static void sp_4096_to_bin_64(sp_digit* r, byte* a) { @@ -5784,14 +5896,14 @@ static void sp_4096_to_bin_64(sp_digit* r, byte* a) #if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH) /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_4096_norm_64(a) #endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */ /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_4096_norm_64(a) @@ -5843,8 +5955,8 @@ extern void sp_4096_sqr_avx2_64(sp_digit* r, const sp_digit* a); /* Calculate the bottom digit of -1/a mod 2^n. * - * a A single precision number. - * rho Bottom word of inverse. + * @param [in] a A single precision number. + * @param [out] rho Bottom word of inverse. */ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho) { @@ -5873,8 +5985,8 @@ extern void sp_4096_mul_d_64(sp_digit* r, const sp_digit* a, sp_digit b); /* r = 2^n mod m where n is the number of bits to reduce by. * Given m must be 4096 bits, just need to subtract. * - * r A single precision number. - * m A single precision number. + * @param [out] r A single precision number. + * @param [in] m A single precision number. */ static void sp_4096_mont_norm_64(sp_digit* r, const sp_digit* m) { @@ -5902,11 +6014,11 @@ extern void sp_4096_mont_reduce_64(sp_digit* a, const sp_digit* m, sp_digit mp); /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -5917,10 +6029,10 @@ SP_NOINLINE static void sp_4096_mont_mul_64(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_sqr_64(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -5955,10 +6067,11 @@ extern sp_digit div_4096_word_asm_64(sp_digit d1, sp_digit d0, sp_digit div); #endif /* _MSC_VER < 1920 */ /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_4096_word_64(sp_digit d1, sp_digit d0, sp_digit div) @@ -5972,10 +6085,11 @@ static WC_INLINE sp_digit div_4096_word_64(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_4096_word_64(sp_digit d1, sp_digit d0, sp_digit div) @@ -5993,11 +6107,12 @@ static WC_INLINE sp_digit div_4096_word_64(sp_digit d1, sp_digit d0, /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_div_64_cond(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -6061,10 +6176,11 @@ static WC_INLINE int sp_4096_div_64_cond(const sp_digit* a, const sp_digit* d, s /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_mod_64_cond(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -6082,9 +6198,9 @@ extern sp_digit sp_4096_cond_sub_avx2_64(sp_digit* r, const sp_digit* a, const s #endif /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_4096_mask_64(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -6120,11 +6236,12 @@ extern sp_int64 sp_4096_cmp_64(const sp_digit* a, const sp_digit* b); /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_div_64(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -6183,10 +6300,11 @@ static WC_INLINE int sp_4096_div_64(const sp_digit* a, const sp_digit* d, sp_dig #if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY) /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_4096_mod_64(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -6196,6 +6314,12 @@ static WC_INLINE int sp_4096_mod_64(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */ #ifndef WC_NO_CACHE_RESISTANT +/* Get an entry from the table by index in a cache resistant manner. + * + * @param [out] r Entry retrieved from table. + * @param [in] table Table of entries to choose from. + * @param [in] idx Index of entry to retrieve. + */ static void sp_4096_get_from_table_64(sp_digit* r, sp_digit** table, int idx) { @@ -6226,14 +6350,17 @@ static void sp_4096_get_from_table_64(sp_digit* r, #endif /* !WC_NO_CACHE_RESISTANT */ /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_4096_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -6391,11 +6518,11 @@ extern void sp_4096_mont_reduce_avx2_64(sp_digit* a, const sp_digit* m, sp_digit /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_mul_avx2_64(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -6409,10 +6536,10 @@ SP_NOINLINE static void sp_4096_mont_mul_avx2_64(sp_digit* r, const sp_digit* a, #ifdef HAVE_INTEL_AVX2 /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_4096_mont_sqr_avx2_64(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -6435,14 +6562,17 @@ extern void sp_4096_get_from_table_avx2_64(sp_digit* r, sp_digit** table, int id #ifdef HAVE_INTEL_AVX2 /* Modular exponentiate a to the e mod m. (r = a^e mod m) * - * r A single precision number that is the result of the operation. - * a A single precision number being exponentiated. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even or exponent is 0. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] a A single precision number being exponentiated. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * @param [in] reduceA Whether to reduce a modulo m before the operation. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even or exponent is 0. */ static int sp_4096_mod_exp_avx2_64(sp_digit* r, const sp_digit* a, const sp_digit* e, int bits, const sp_digit* m, int reduceA) @@ -6594,15 +6724,19 @@ static int sp_4096_mod_exp_avx2_64(sp_digit* r, const sp_digit* a, const sp_digi #ifdef WOLFSSL_HAVE_SP_RSA /* RSA public key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * em Public exponent. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to exponentiate, + * base. + * @param [in] inLen Number of bytes in base. + * @param [in] em Public exponent. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, const mp_int* mm, byte* out, word32* outLen) @@ -6795,20 +6929,24 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em, #if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to exponentiate, + * base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm,const mp_int* dpm, const mp_int* dqm, @@ -6885,20 +7023,24 @@ extern sp_digit sp_4096_cond_add_avx2_32(sp_digit* r, const sp_digit* a, const s #endif /* RSA private key operation. * - * in Array of bytes representing the number to exponentiate, base. - * inLen Number of bytes in base. - * dm Private exponent. - * pm First prime. - * qm Second prime. - * dpm First prime's CRT exponent. - * dqm Second prime's CRT exponent. - * qim Inverse of second prime mod p. - * mm Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Number of bytes in result. - * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when - * an array is too long and MEMORY_E when dynamic memory allocation fails. + * @param [in] in Array of bytes representing the number to exponentiate, + * base. + * @param [in] inLen Number of bytes in base. + * @param [in] dm Private exponent. + * @param [in] pm First prime. + * @param [in] qm Second prime. + * @param [in] dpm First prime's CRT exponent. + * @param [in] dqm Second prime's CRT exponent. + * @param [in] qim Inverse of second prime mod p. + * @param [in] mm Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in] outLen Number of bytes in result. + * + * @return 0 on success. + * @return MP_TO_E when the outLen is too small. + * @return MP_READ_E when an array is too long. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm, @@ -7029,8 +7171,8 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm, !defined(WOLFSSL_RSA_PUBLIC_ONLY)) /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) { @@ -7097,12 +7239,14 @@ static int sp_4096_to_mp(const sp_digit* a, mp_int* r) /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. MP integer. - * exp Exponent. MP integer. - * mod Modulus. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [in] mod Modulus. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod, mp_int* res) @@ -7174,13 +7318,15 @@ extern void sp_4096_lshift_64(sp_digit* r, const sp_digit* a, int n); #ifdef HAVE_INTEL_AVX2 /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_4096_mod_exp_2_avx2_64(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -7292,13 +7438,15 @@ static int sp_4096_mod_exp_2_avx2_64(sp_digit* r, const sp_digit* e, int bits, /* Modular exponentiate 2 to the e mod m. (r = 2^e mod m) * - * r A single precision number that is the result of the operation. - * e A single precision number that is the exponent. - * bits The number of bits in the exponent. - * m A single precision number that is the modulus. - * returns 0 on success. - * returns MEMORY_E on dynamic memory allocation failure. - * returns MP_VAL when base is even. + * @param [out] r A single precision number that is the result of the + * operation. + * @param [in] e A single precision number that is the exponent. + * @param [in] bits The number of bits in the exponent. + * @param [in] m A single precision number that is the modulus. + * + * @return 0 on success. + * @return MEMORY_E on dynamic memory allocation failure. + * @return MP_VAL when base is even. */ static int sp_4096_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m) @@ -7410,15 +7558,17 @@ static int sp_4096_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits, /* Perform the modular exponentiation for Diffie-Hellman. * - * base Base. - * exp Array of bytes that is the exponent. - * expLen Length of data, in bytes, in exponent. - * mod Modulus. - * out Buffer to hold big-endian bytes of exponentiation result. - * Must be at least 512 bytes long. - * outLen Length, in bytes, of exponentiation result. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. + * @param [in] exp Array of bytes that is the exponent. + * @param [in] expLen Length of data, in bytes, in exponent. + * @param [in] mod Modulus. + * @param [out] out Buffer to hold big-endian bytes of exponentiation + * result. Must be at least 512 bytes long. + * @param [in] outLen Length, in bytes, of exponentiation result. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen, const mp_int* mod, byte* out, word32* outLen) @@ -7638,9 +7788,9 @@ extern sp_digit sp_256_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b); #endif /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). */ static int sp_256_mod_mul_norm_4(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -7717,9 +7867,9 @@ static int sp_256_mod_mul_norm_4(sp_digit* r, const sp_digit* a, const sp_digit* /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -7805,8 +7955,8 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_256. * - * p Point of type sp_point_256 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_256 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_256_point_from_ecc_point_4(sp_point_256* p, const ecc_point* pm) @@ -7822,8 +7972,8 @@ static void sp_256_point_from_ecc_point_4(sp_point_256* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_256_to_mp(const sp_digit* a, mp_int* r) { @@ -7890,10 +8040,11 @@ static int sp_256_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_256 to type ecc_point. * - * p Point of type sp_point_256. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_256. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_256_point_to_ecc_point_4(const sp_point_256* p, ecc_point* pm) { @@ -7934,11 +8085,11 @@ extern void sp_256_mont_sqr_4(sp_digit* r, const sp_digit* a, const sp_digit* m, #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_sqr_n_4(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -7961,9 +8112,9 @@ static const word64 p256_mod_minus_2[4] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P256 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_256_mont_inv_4(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -8036,7 +8187,7 @@ extern sp_int64 sp_256_cmp_4(const sp_digit* a, const sp_digit* b); #endif /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_256_norm_4(a) @@ -8063,9 +8214,9 @@ extern void sp_256_mont_reduce_order_4(sp_digit* a, const sp_digit* m, sp_digit #endif /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_256_map_4(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -8145,9 +8296,9 @@ extern void sp_256_mont_rsb_sub_dbl_4(sp_digit* r, const sp_digit* a, sp_digit* #endif /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_4(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -8213,9 +8364,13 @@ typedef struct sp_256_proj_point_dbl_4_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -8341,10 +8496,9 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, #endif /* WOLFSSL_SP_NONBLOCK */ /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i, sp_digit* t) @@ -8429,9 +8583,10 @@ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_256_cmp_equal_4(const sp_digit* a, const sp_digit* b) { @@ -8442,8 +8597,9 @@ static int sp_256_cmp_equal_4(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_256_iszero_4(const sp_digit* a) { @@ -8453,10 +8609,10 @@ static int sp_256_iszero_4(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_4(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -8554,10 +8710,14 @@ typedef struct sp_256_proj_point_add_4_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -8739,10 +8899,11 @@ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_n_store_4(sp_point_256* r, const sp_point_256* p, int n, int m, sp_digit* t) @@ -8809,11 +8970,11 @@ static void sp_256_proj_point_dbl_n_store_4(sp_point_256* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_sub_4(sp_point_256* ra, sp_point_256* rs, const sp_point_256* p, const sp_point_256* q, @@ -8915,8 +9076,8 @@ static const word8 recode_neg_4_6[66] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_256_ecc_recode_6_4(const sp_digit* k, ecc_recode_256* v) { @@ -8981,13 +9142,15 @@ extern void sp_256_get_point_33_avx2_4(sp_point_256* r, const sp_point_256* tabl * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_win_add_sub_4(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -9115,11 +9278,11 @@ extern void sp_256_mont_sqr_avx2_4(sp_digit* r, const sp_digit* a, const sp_digi #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_256_mont_sqr_n_avx2_4(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -9135,9 +9298,9 @@ SP_NOINLINE static void sp_256_mont_sqr_n_avx2_4(sp_digit* r, /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P256 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_256_mont_inv_avx2_4(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -9218,9 +9381,9 @@ extern void sp_256_mont_reduce_order_avx2_4(sp_digit* a, const sp_digit* m, sp_d #endif /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_256_map_avx2_4(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -9270,9 +9433,9 @@ extern void sp_256_mont_div2_avx2_4(sp_digit* r, const sp_digit* a, const sp_dig #define sp_256_mont_rsb_sub_dbl_avx2_4 sp_256_mont_rsb_sub_dbl_4 /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_avx2_4(sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -9338,9 +9501,13 @@ typedef struct sp_256_proj_point_dbl_avx2_4_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_dbl_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t) @@ -9466,10 +9633,9 @@ static int sp_256_proj_point_dbl_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r #endif /* WOLFSSL_SP_NONBLOCK */ /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_n_avx2_4(sp_point_256* p, int i, sp_digit* t) @@ -9554,10 +9720,10 @@ static void sp_256_proj_point_dbl_n_avx2_4(sp_point_256* p, int i, /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_avx2_4(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -9655,10 +9821,14 @@ typedef struct sp_256_proj_point_add_avx2_4_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_256_proj_point_add_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -9840,10 +10010,11 @@ static int sp_256_proj_point_add_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_dbl_n_store_avx2_4(sp_point_256* r, const sp_point_256* p, int n, int m, sp_digit* t) @@ -9910,11 +10081,11 @@ static void sp_256_proj_point_dbl_n_store_avx2_4(sp_point_256* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_sub_avx2_4(sp_point_256* ra, sp_point_256* rs, const sp_point_256* p, const sp_point_256* q, @@ -9997,13 +10168,15 @@ static void sp_256_proj_point_add_sub_avx2_4(sp_point_256* ra, * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_win_add_sub_avx2_4(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -10125,10 +10298,10 @@ typedef struct sp_table_entry_256 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_qz1_4(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -10203,8 +10376,8 @@ static void sp_256_proj_point_add_qz1_4(sp_point_256* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_256_proj_to_affine_4(sp_point_256* a, sp_digit* t) { @@ -10228,10 +10401,10 @@ static void sp_256_proj_to_affine_4(sp_point_256* a, sp_digit* t) * 64 entries * 42 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_256_gen_stripe_table_4(const sp_point_256* a, sp_table_entry_256* table, sp_digit* tmp, void* heap) @@ -10323,13 +10496,16 @@ extern void sp_256_get_entry_64_avx2_4(sp_point_256* r, const sp_table_entry_256 * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g, const sp_table_entry_256* table, const sp_digit* k, int map, @@ -10447,8 +10623,8 @@ static THREAD_LS_T int sp_cache_256_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) { @@ -10511,13 +10687,15 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache) /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -10596,10 +10774,10 @@ static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_256_proj_point_add_qz1_avx2_4(sp_point_256* r, const sp_point_256* p, const sp_point_256* q, sp_digit* t) @@ -10674,8 +10852,8 @@ static void sp_256_proj_point_add_qz1_avx2_4(sp_point_256* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_256_proj_to_affine_avx2_4(sp_point_256* a, sp_digit* t) { @@ -10699,10 +10877,10 @@ static void sp_256_proj_to_affine_avx2_4(sp_point_256* a, sp_digit* t) * 64 entries * 42 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_256_gen_stripe_table_avx2_4(const sp_point_256* a, sp_table_entry_256* table, sp_digit* tmp, void* heap) @@ -10780,13 +10958,16 @@ static int sp_256_gen_stripe_table_avx2_4(const sp_point_256* a, * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_stripe_avx2_4(sp_point_256* r, const sp_point_256* g, const sp_table_entry_256* table, const sp_digit* k, int map, @@ -10873,13 +11054,15 @@ static int sp_256_ecc_mulmod_stripe_avx2_4(sp_point_256* r, const sp_point_256* /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_avx2_4(sp_point_256* r, const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap) @@ -10955,12 +11138,14 @@ static int sp_256_ecc_mulmod_avx2_4(sp_point_256* r, const sp_point_256* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -11001,14 +11186,16 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -11418,12 +11605,14 @@ static const sp_table_entry_256 p256_table[64] = { * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_4(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -11441,12 +11630,14 @@ static int sp_256_ecc_mulmod_base_4(sp_point_256* r, const sp_digit* k, * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_avx2_4(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -11486,8 +11677,8 @@ static const word8 recode_neg_4_7[130] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_256_ecc_recode_7_4(const sp_digit* k, ecc_recode_256* v) { @@ -23503,14 +23694,16 @@ static const sp_table_entry_256 p256_table[2405] = { * Width between powers is 7 bits. * Accumulate into the result. * - * r Resulting point. - * g Point to scalar multiply. - * k Scalar to multiply by. - * table Pre-computed table of points. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to scalar multiply. + * @param [in] k Scalar to multiply by. + * @param [in] table Pre-computed table of points. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g, const sp_table_entry_256* table, const sp_digit* k, int map, @@ -23588,12 +23781,14 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g, /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_4(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -23610,14 +23805,16 @@ static int sp_256_ecc_mulmod_base_4(sp_point_256* r, const sp_digit* k, * Width between powers is 7 bits. * Accumulate into the result. * - * r Resulting point. - * g Point to scalar multiply. - * k Scalar to multiply by. - * table Pre-computed table of points. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to scalar multiply. + * @param [in] k Scalar to multiply by. + * @param [in] table Pre-computed table of points. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_add_only_avx2_4(sp_point_256* r, const sp_point_256* g, const sp_table_entry_256* table, const sp_digit* k, int map, @@ -23695,12 +23892,14 @@ static int sp_256_ecc_mulmod_add_only_avx2_4(sp_point_256* r, const sp_point_256 /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_mulmod_base_avx2_4(sp_point_256* r, const sp_digit* k, int map, int ct, void* heap) @@ -23714,11 +23913,13 @@ static int sp_256_ecc_mulmod_base_avx2_4(sp_point_256* r, const sp_digit* k, /* Multiply the base point of P256 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -23757,13 +23958,15 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P256 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -23866,10 +24069,10 @@ extern void sp_256_from_bin_movbe(sp_digit* r, int size, const byte* a, int n); #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -23888,10 +24091,12 @@ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_ecc_gen_k_4(WC_RNG* rng, sp_digit* k) { @@ -23921,12 +24126,15 @@ static int sp_256_ecc_gen_k_4(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -24023,6 +24231,23 @@ typedef struct sp_ecc_key_gen_256_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_256_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -24107,8 +24332,8 @@ extern void sp_256_to_bin_movbe_4(sp_digit* r, byte* a); /* Write r as big endian to byte array. * Fixed length number of bytes written: 32 * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ static void sp_256_to_bin_4(sp_digit* r, byte* a) { @@ -24128,14 +24353,16 @@ static void sp_256_to_bin_4(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -24187,6 +24414,25 @@ typedef struct sp_ecc_sec_gen_256_ctx { sp_point_256 point; } sp_ecc_sec_gen_256_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -24264,10 +24510,11 @@ extern sp_digit div_256_word_asm_4(sp_digit d1, sp_digit d0, sp_digit div); #endif /* _MSC_VER < 1920 */ /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_256_word_4(sp_digit d1, sp_digit d0, sp_digit div) @@ -24281,10 +24528,11 @@ static WC_INLINE sp_digit div_256_word_4(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_256_word_4(sp_digit d1, sp_digit d0, sp_digit div) @@ -24301,9 +24549,9 @@ static WC_INLINE sp_digit div_256_word_4(sp_digit d1, sp_digit d0, #endif /* _WIN64 && !__clang__ */ /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_256_mask_4(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -24324,11 +24572,12 @@ static void sp_256_mask_4(sp_digit* r, const sp_digit* a, sp_digit m) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_256_div_4(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -24386,10 +24635,11 @@ static WC_INLINE int sp_256_div_4(const sp_digit* a, const sp_digit* d, sp_digit /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_256_mod_4(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -24401,9 +24651,9 @@ static WC_INLINE int sp_256_mod_4(sp_digit* r, const sp_digit* a, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P256 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_256_mont_mul_order_4(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -24427,8 +24677,8 @@ static const word64 p256_order_low[2] = { /* Square number mod the order of P256 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_256_mont_sqr_order_4(sp_digit* r, const sp_digit* a) { @@ -24440,8 +24690,9 @@ static void sp_256_mont_sqr_order_4(sp_digit* r, const sp_digit* a) /* Square number mod the order of P256 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_256_mont_sqr_n_order_4(sp_digit* r, const sp_digit* a, int n) { @@ -24455,7 +24706,7 @@ static void sp_256_mont_sqr_n_order_4(sp_digit* r, const sp_digit* a, int n) #endif /* !WOLFSSL_SP_SMALL */ #ifdef WOLFSSL_SP_NONBLOCK -/* Context of non-blocking moduluar inversion with Montgomery form number. */ +/* Context of non-blocking modular inversion with Montgomery form number. */ typedef struct sp_256_mont_inv_order_4_ctx { int state; /* State of next operation. */ int i; /* Index of bit in order. */ @@ -24464,9 +24715,13 @@ typedef struct sp_256_mont_inv_order_4_ctx { /* Invert the number, in Montgomery form, modulo the order of the P256 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ static int sp_256_mont_inv_order_4_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) @@ -24507,9 +24762,9 @@ static int sp_256_mont_inv_order_4_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const s /* Invert the number, in Montgomery form, modulo the order of the P256 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_256_mont_inv_order_4(sp_digit* r, const sp_digit* a, sp_digit* td) @@ -24657,8 +24912,9 @@ extern void sp_256_mont_sqr_order_avx2_4(sp_digit* r, const sp_digit* a); /* Square number mod the order of P256 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_256_mont_sqr_n_order_avx2_4(sp_digit* r, const sp_digit* a, int n) { @@ -24673,7 +24929,7 @@ static void sp_256_mont_sqr_n_order_avx2_4(sp_digit* r, const sp_digit* a, int n #endif /* !WOLFSSL_SP_SMALL */ #ifdef WOLFSSL_SP_NONBLOCK -/* Context of non-blocking moduluar inversion with Montgomery form number. */ +/* Context of non-blocking modular inversion with Montgomery form number. */ typedef struct sp_256_mont_inv_order_avx2_4_ctx { int state; /* State of next operation. */ int i; /* Index of bit in order. */ @@ -24682,9 +24938,13 @@ typedef struct sp_256_mont_inv_order_avx2_4_ctx { /* Invert the number, in Montgomery form, modulo the order of the P256 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ static int sp_256_mont_inv_order_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) @@ -24726,9 +24986,9 @@ static int sp_256_mont_inv_order_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, co /* Invert the number, in Montgomery form, modulo the order of the P256 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_256_mont_inv_order_avx2_4(sp_digit* r, const sp_digit* a, sp_digit* td) @@ -24867,13 +25127,15 @@ static void sp_256_mont_inv_order_avx2_4(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_calc_s_4(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -24953,15 +25215,18 @@ static int sp_256_calc_s_4(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 256 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -25081,6 +25346,30 @@ typedef struct sp_ecc_sign_256_ctx { int i; } sp_ecc_sign_256_ctx; +/* Sign the hash using the private key. + * e = [hash, 256 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 256 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -25246,9 +25535,9 @@ extern void sp_256_mod_inv_avx2_4(sp_digit* r, const sp_digit* a, const sp_digit /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_256_add_points_4(sp_point_256* p1, const sp_point_256* p2, sp_digit* tmp) @@ -25292,13 +25581,16 @@ static void sp_256_add_points_4(sp_point_256* p1, const sp_point_256* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_256_calc_vfy_point_4(sp_point_256* p1, sp_point_256* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -25416,14 +25708,18 @@ static int sp_256_calc_vfy_point_4(sp_point_256* p1, sp_point_256* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 256 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -25548,6 +25844,32 @@ typedef struct sp_ecc_verify_256_ctx { sp_point_256 p2; } sp_ecc_verify_256_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 256) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 256 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -25684,10 +26006,12 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_256_ecc_is_point_4(const sp_point_256* point, void* heap) @@ -25729,10 +26053,12 @@ static int sp_256_ecc_is_point_4(const sp_point_256* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY) { @@ -25758,13 +26084,17 @@ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -25868,16 +26198,18 @@ int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -25937,13 +26269,15 @@ int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -25994,10 +26328,12 @@ int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -26048,8 +26384,10 @@ int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ) #ifdef HAVE_COMP_KEY /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_256_mont_sqrt_4(sp_digit* y) { @@ -26141,10 +26479,12 @@ static int sp_256_mont_sqrt_4(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym) { @@ -26338,10 +26678,12 @@ extern sp_digit sp_384_sub_6(sp_digit* r, const sp_digit* a, const sp_digit* b); #endif /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_mod_mul_norm_6(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -26437,9 +26779,9 @@ static int sp_384_mod_mul_norm_6(sp_digit* r, const sp_digit* a, const sp_digit* /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -26525,8 +26867,8 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_384. * - * p Point of type sp_point_384 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_384 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_384_point_from_ecc_point_6(sp_point_384* p, const ecc_point* pm) @@ -26542,8 +26884,8 @@ static void sp_384_point_from_ecc_point_6(sp_point_384* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_384_to_mp(const sp_digit* a, mp_int* r) { @@ -26610,10 +26952,11 @@ static int sp_384_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_384 to type ecc_point. * - * p Point of type sp_point_384. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_384. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_384_point_to_ecc_point_6(const sp_point_384* p, ecc_point* pm) { @@ -26661,11 +27004,11 @@ extern void sp_384_mont_reduce_order_6(sp_digit* a, const sp_digit* m, sp_digit /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_mul_6(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -26676,10 +27019,10 @@ SP_NOINLINE static void sp_384_mont_mul_6(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_6(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -26691,11 +27034,11 @@ SP_NOINLINE static void sp_384_mont_sqr_6(sp_digit* r, const sp_digit* a, #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_n_6(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -26718,9 +27061,9 @@ static const word64 p384_mod_minus_2[6] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P384 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_384_mont_inv_6(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -26809,15 +27152,15 @@ extern sp_int64 sp_384_cmp_6(const sp_digit* a, const sp_digit* b); #endif /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_384_norm_6(a) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_384_map_6(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -26890,9 +27233,9 @@ extern void sp_384_mont_div2_6(sp_digit* r, const sp_digit* a, const sp_digit* m #endif /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_6(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -26961,9 +27304,13 @@ typedef struct sp_384_proj_point_dbl_6_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -27092,10 +27439,9 @@ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, #endif /* WOLFSSL_SP_NONBLOCK */ /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i, sp_digit* t) @@ -27185,9 +27531,10 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_384_cmp_equal_6(const sp_digit* a, const sp_digit* b) { @@ -27198,8 +27545,9 @@ static int sp_384_cmp_equal_6(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_384_iszero_6(const sp_digit* a) { @@ -27209,10 +27557,10 @@ static int sp_384_iszero_6(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_6(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -27312,10 +27660,14 @@ typedef struct sp_384_proj_point_add_6_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -27499,10 +27851,11 @@ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r, const sp_point_384* p, int n, int m, sp_digit* t) @@ -27572,11 +27925,11 @@ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_sub_6(sp_point_384* ra, sp_point_384* rs, const sp_point_384* p, const sp_point_384* q, @@ -27678,8 +28031,8 @@ static const word8 recode_neg_6_6[66] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_384_ecc_recode_6_6(const sp_digit* k, ecc_recode_384* v) { @@ -27744,13 +28097,15 @@ extern void sp_384_get_point_33_avx2_6(sp_point_384* r, const sp_point_384* tabl * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_win_add_sub_6(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -27873,11 +28228,11 @@ extern void sp_384_mont_reduce_order_avx2_6(sp_digit* a, const sp_digit* m, sp_d /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_mul_avx2_6(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -27891,10 +28246,10 @@ SP_NOINLINE static void sp_384_mont_mul_avx2_6(sp_digit* r, const sp_digit* a, #ifdef HAVE_INTEL_AVX2 /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_avx2_6(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -27908,11 +28263,11 @@ SP_NOINLINE static void sp_384_mont_sqr_avx2_6(sp_digit* r, const sp_digit* a, #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY) /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_384_mont_sqr_n_avx2_6(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -27928,9 +28283,9 @@ SP_NOINLINE static void sp_384_mont_sqr_n_avx2_6(sp_digit* r, /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P384 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_384_mont_inv_avx2_6(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -28019,9 +28374,9 @@ extern sp_digit sp_384_cond_sub_avx2_6(sp_digit* r, const sp_digit* a, const sp_ #endif /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_384_map_avx2_6(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -28070,9 +28425,9 @@ extern void sp_384_mont_div2_avx2_6(sp_digit* r, const sp_digit* a, const sp_dig #endif /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_avx2_6(sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -28141,9 +28496,13 @@ typedef struct sp_384_proj_point_dbl_avx2_6_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_dbl_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t) @@ -28272,10 +28631,9 @@ static int sp_384_proj_point_dbl_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r #endif /* WOLFSSL_SP_NONBLOCK */ /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_n_avx2_6(sp_point_384* p, int i, sp_digit* t) @@ -28365,10 +28723,10 @@ static void sp_384_proj_point_dbl_n_avx2_6(sp_point_384* p, int i, /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_avx2_6(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -28468,10 +28826,14 @@ typedef struct sp_384_proj_point_add_avx2_6_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_384_proj_point_add_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -28655,10 +29017,11 @@ static int sp_384_proj_point_add_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_dbl_n_store_avx2_6(sp_point_384* r, const sp_point_384* p, int n, int m, sp_digit* t) @@ -28728,11 +29091,11 @@ static void sp_384_proj_point_dbl_n_store_avx2_6(sp_point_384* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_sub_avx2_6(sp_point_384* ra, sp_point_384* rs, const sp_point_384* p, const sp_point_384* q, @@ -28815,13 +29178,15 @@ static void sp_384_proj_point_add_sub_avx2_6(sp_point_384* ra, * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_win_add_sub_avx2_6(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -28943,10 +29308,10 @@ typedef struct sp_table_entry_384 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_qz1_6(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -29024,8 +29389,8 @@ static void sp_384_proj_point_add_qz1_6(sp_point_384* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_384_proj_to_affine_6(sp_point_384* a, sp_digit* t) { @@ -29049,10 +29414,10 @@ static void sp_384_proj_to_affine_6(sp_point_384* a, sp_digit* t) * 64 entries * 64 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_384_gen_stripe_table_6(const sp_point_384* a, sp_table_entry_384* table, sp_digit* tmp, void* heap) @@ -29144,13 +29509,16 @@ extern void sp_384_get_entry_64_avx2_6(sp_point_384* r, const sp_table_entry_384 * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_stripe_6(sp_point_384* r, const sp_point_384* g, const sp_table_entry_384* table, const sp_digit* k, int map, @@ -29268,8 +29636,8 @@ static THREAD_LS_T int sp_cache_384_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) { @@ -29332,13 +29700,15 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache) /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -29417,10 +29787,10 @@ static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g, * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_384_proj_point_add_qz1_avx2_6(sp_point_384* r, const sp_point_384* p, const sp_point_384* q, sp_digit* t) @@ -29498,8 +29868,8 @@ static void sp_384_proj_point_add_qz1_avx2_6(sp_point_384* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_384_proj_to_affine_avx2_6(sp_point_384* a, sp_digit* t) { @@ -29523,10 +29893,10 @@ static void sp_384_proj_to_affine_avx2_6(sp_point_384* a, sp_digit* t) * 64 entries * 64 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_384_gen_stripe_table_avx2_6(const sp_point_384* a, sp_table_entry_384* table, sp_digit* tmp, void* heap) @@ -29604,13 +29974,16 @@ static int sp_384_gen_stripe_table_avx2_6(const sp_point_384* a, * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_stripe_avx2_6(sp_point_384* r, const sp_point_384* g, const sp_table_entry_384* table, const sp_digit* k, int map, @@ -29697,13 +30070,15 @@ static int sp_384_ecc_mulmod_stripe_avx2_6(sp_point_384* r, const sp_point_384* /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_avx2_6(sp_point_384* r, const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap) @@ -29779,12 +30154,14 @@ static int sp_384_ecc_mulmod_avx2_6(sp_point_384* r, const sp_point_384* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -29825,14 +30202,16 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -30242,12 +30621,14 @@ static const sp_table_entry_384 p384_table[64] = { * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_6(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -30265,12 +30646,14 @@ static int sp_384_ecc_mulmod_base_6(sp_point_384* r, const sp_digit* k, * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_avx2_6(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -30310,8 +30693,8 @@ static const word8 recode_neg_6_7[130] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_384_ecc_recode_7_6(const sp_digit* k, ecc_recode_384* v) { @@ -48141,14 +48524,16 @@ static const sp_table_entry_384 p384_table[3575] = { * Width between powers is 7 bits. * Accumulate into the result. * - * r Resulting point. - * g Point to scalar multiply. - * k Scalar to multiply by. - * table Pre-computed table of points. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to scalar multiply. + * @param [in] k Scalar to multiply by. + * @param [in] table Pre-computed table of points. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_add_only_6(sp_point_384* r, const sp_point_384* g, const sp_table_entry_384* table, const sp_digit* k, int map, @@ -48226,12 +48611,14 @@ static int sp_384_ecc_mulmod_add_only_6(sp_point_384* r, const sp_point_384* g, /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_6(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -48248,14 +48635,16 @@ static int sp_384_ecc_mulmod_base_6(sp_point_384* r, const sp_digit* k, * Width between powers is 7 bits. * Accumulate into the result. * - * r Resulting point. - * g Point to scalar multiply. - * k Scalar to multiply by. - * table Pre-computed table of points. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to scalar multiply. + * @param [in] k Scalar to multiply by. + * @param [in] table Pre-computed table of points. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_add_only_avx2_6(sp_point_384* r, const sp_point_384* g, const sp_table_entry_384* table, const sp_digit* k, int map, @@ -48333,12 +48722,14 @@ static int sp_384_ecc_mulmod_add_only_avx2_6(sp_point_384* r, const sp_point_384 /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_mulmod_base_avx2_6(sp_point_384* r, const sp_digit* k, int map, int ct, void* heap) @@ -48352,11 +48743,13 @@ static int sp_384_ecc_mulmod_base_avx2_6(sp_point_384* r, const sp_digit* k, /* Multiply the base point of P384 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -48395,13 +48788,15 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P384 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -48504,10 +48899,10 @@ extern void sp_384_from_bin_movbe(sp_digit* r, int size, const byte* a, int n); #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -48526,10 +48921,12 @@ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_ecc_gen_k_6(WC_RNG* rng, sp_digit* k) { @@ -48559,12 +48956,15 @@ static int sp_384_ecc_gen_k_6(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -48661,6 +49061,23 @@ typedef struct sp_ecc_key_gen_384_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_384_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -48745,8 +49162,8 @@ extern void sp_384_to_bin_movbe_6(sp_digit* r, byte* a); /* Write r as big endian to byte array. * Fixed length number of bytes written: 48 * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ static void sp_384_to_bin_6(sp_digit* r, byte* a) { @@ -48766,14 +49183,16 @@ static void sp_384_to_bin_6(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -48825,6 +49244,25 @@ typedef struct sp_ecc_sec_gen_384_ctx { sp_point_384 point; } sp_ecc_sec_gen_384_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -48902,10 +49340,11 @@ extern sp_digit div_384_word_asm_6(sp_digit d1, sp_digit d0, sp_digit div); #endif /* _MSC_VER < 1920 */ /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_384_word_6(sp_digit d1, sp_digit d0, sp_digit div) @@ -48919,10 +49358,11 @@ static WC_INLINE sp_digit div_384_word_6(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_384_word_6(sp_digit d1, sp_digit d0, sp_digit div) @@ -48939,9 +49379,9 @@ static WC_INLINE sp_digit div_384_word_6(sp_digit d1, sp_digit d0, #endif /* _WIN64 && !__clang__ */ /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_384_mask_6(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -48964,11 +49404,12 @@ static void sp_384_mask_6(sp_digit* r, const sp_digit* a, sp_digit m) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_384_div_6(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -49026,10 +49467,11 @@ static WC_INLINE int sp_384_div_6(const sp_digit* a, const sp_digit* d, sp_digit /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_384_mod_6(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -49041,9 +49483,9 @@ static WC_INLINE int sp_384_mod_6(sp_digit* r, const sp_digit* a, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P384 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_384_mont_mul_order_6(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -49067,8 +49509,8 @@ static const word64 p384_order_low[3] = { /* Square number mod the order of P384 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_384_mont_sqr_order_6(sp_digit* r, const sp_digit* a) { @@ -49080,8 +49522,9 @@ static void sp_384_mont_sqr_order_6(sp_digit* r, const sp_digit* a) /* Square number mod the order of P384 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_384_mont_sqr_n_order_6(sp_digit* r, const sp_digit* a, int n) { @@ -49094,19 +49537,24 @@ static void sp_384_mont_sqr_n_order_6(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_384_mont_inv_order_6_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_384_mont_inv_order_6_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P384 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_384_mont_inv_order_6_ctx { - int state; - int i; -} sp_384_mont_inv_order_6_ctx; static int sp_384_mont_inv_order_6_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -49142,6 +49590,13 @@ static int sp_384_mont_inv_order_6_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const s } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P384 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_384_mont_inv_order_6(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -49210,9 +49665,9 @@ static void sp_384_mont_inv_order_6(sp_digit* r, const sp_digit* a, #ifdef HAVE_INTEL_AVX2 /* Multiply two number mod the order of P384 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_384_mont_mul_order_avx2_6(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -49223,8 +49678,8 @@ static void sp_384_mont_mul_order_avx2_6(sp_digit* r, const sp_digit* a, const s #if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) /* Square number mod the order of P384 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_384_mont_sqr_order_avx2_6(sp_digit* r, const sp_digit* a) { @@ -49236,8 +49691,9 @@ static void sp_384_mont_sqr_order_avx2_6(sp_digit* r, const sp_digit* a) /* Square number mod the order of P384 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_384_mont_sqr_n_order_avx2_6(sp_digit* r, const sp_digit* a, int n) { @@ -49250,19 +49706,24 @@ static void sp_384_mont_sqr_n_order_avx2_6(sp_digit* r, const sp_digit* a, int n } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_384_mont_inv_order_avx2_6_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_384_mont_inv_order_avx2_6_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P384 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_384_mont_inv_order_avx2_6_ctx { - int state; - int i; -} sp_384_mont_inv_order_avx2_6_ctx; static int sp_384_mont_inv_order_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -49298,6 +49759,13 @@ static int sp_384_mont_inv_order_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, co } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P384 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_384_mont_inv_order_avx2_6(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -49374,13 +49842,15 @@ static void sp_384_mont_inv_order_avx2_6(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_calc_s_6(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -49460,15 +49930,18 @@ static int sp_384_calc_s_6(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 384 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -49588,6 +50061,30 @@ typedef struct sp_ecc_sign_384_ctx { int i; } sp_ecc_sign_384_ctx; +/* Sign the hash using the private key. + * e = [hash, 384 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 384 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -49758,9 +50255,10 @@ extern int sp_384_num_bits_6(const sp_digit * a); #endif /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ static int sp_384_mod_inv_6(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -49842,9 +50340,9 @@ static int sp_384_mod_inv_6(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_384_add_points_6(sp_point_384* p1, const sp_point_384* p2, sp_digit* tmp) @@ -49890,13 +50388,16 @@ static void sp_384_add_points_6(sp_point_384* p1, const sp_point_384* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_384_calc_vfy_point_6(sp_point_384* p1, sp_point_384* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -50005,14 +50506,18 @@ static int sp_384_calc_vfy_point_6(sp_point_384* p1, sp_point_384* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 384 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -50137,6 +50642,32 @@ typedef struct sp_ecc_verify_384_ctx { sp_point_384 p2; } sp_ecc_verify_384_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 384) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 384 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -50273,10 +50804,12 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_384_ecc_is_point_6(const sp_point_384* point, void* heap) @@ -50318,10 +50851,12 @@ static int sp_384_ecc_is_point_6(const sp_point_384* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY) { @@ -50347,13 +50882,17 @@ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -50457,16 +50996,18 @@ int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -50526,13 +51067,15 @@ int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -50583,10 +51126,12 @@ int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -50637,8 +51182,10 @@ int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ) #ifdef HAVE_COMP_KEY /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_384_mont_sqrt_6(sp_digit* y) { @@ -50786,10 +51333,12 @@ static int sp_384_mont_sqrt_6(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym) { @@ -50992,10 +51541,12 @@ extern sp_digit sp_521_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b); #endif /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_mod_mul_norm_9(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -51010,9 +51561,9 @@ static int sp_521_mod_mul_norm_9(sp_digit* r, const sp_digit* a, const sp_digit* /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -51098,8 +51649,8 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_521. * - * p Point of type sp_point_521 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_521 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_521_point_from_ecc_point_9(sp_point_521* p, const ecc_point* pm) @@ -51115,8 +51666,8 @@ static void sp_521_point_from_ecc_point_9(sp_point_521* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_521_to_mp(const sp_digit* a, mp_int* r) { @@ -51183,10 +51734,11 @@ static int sp_521_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_521 to type ecc_point. * - * p Point of type sp_point_521. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_521. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_521_point_to_ecc_point_9(const sp_point_521* p, ecc_point* pm) { @@ -51227,11 +51779,11 @@ extern void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a, const sp_digit* m, #ifndef WOLFSSL_SP_SMALL /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_sqr_n_9(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -51255,9 +51807,9 @@ static const word64 p521_mod_minus_2[9] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P521 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_521_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -51342,7 +51894,7 @@ extern sp_int64 sp_521_cmp_9(const sp_digit* a, const sp_digit* b); #endif /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_521_norm_9(a) @@ -51369,9 +51921,9 @@ extern void sp_521_mont_reduce_order_9(sp_digit* a, const sp_digit* m, sp_digit #endif /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_521_map_9(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -51444,9 +51996,9 @@ extern void sp_521_mont_div2_9(sp_digit* r, const sp_digit* a, const sp_digit* m #endif /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -51515,9 +52067,13 @@ typedef struct sp_521_proj_point_dbl_9_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -51646,10 +52202,9 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, #endif /* WOLFSSL_SP_NONBLOCK */ /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i, sp_digit* t) @@ -51739,9 +52294,10 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_521_cmp_equal_9(const sp_digit* a, const sp_digit* b) { @@ -51753,8 +52309,9 @@ static int sp_521_cmp_equal_9(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_521_iszero_9(const sp_digit* a) { @@ -51765,10 +52322,10 @@ static int sp_521_iszero_9(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_9(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -51868,10 +52425,14 @@ typedef struct sp_521_proj_point_add_9_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -52055,10 +52616,11 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r, const sp_point_521* p, int n, int m, sp_digit* t) @@ -52128,11 +52690,11 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_sub_9(sp_point_521* ra, sp_point_521* rs, const sp_point_521* p, const sp_point_521* q, @@ -52234,8 +52796,8 @@ static const word8 recode_neg_9_6[66] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v) { @@ -52300,13 +52862,15 @@ extern void sp_521_get_point_33_avx2_9(sp_point_521* r, const sp_point_521* tabl * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -52434,11 +52998,11 @@ extern void sp_521_mont_sqr_avx2_9(sp_digit* r, const sp_digit* a, const sp_digi #ifndef WOLFSSL_SP_SMALL /* Square the Montgomery form number a number of times. (r = a ^ n mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * n Number of times to square. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] n Number of times to square. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_521_mont_sqr_n_avx2_9(sp_digit* r, const sp_digit* a, int n, const sp_digit* m, sp_digit mp) @@ -52454,9 +53018,9 @@ SP_NOINLINE static void sp_521_mont_sqr_n_avx2_9(sp_digit* r, /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P521 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_521_mont_inv_avx2_9(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -52550,9 +53114,9 @@ extern void sp_521_mont_reduce_order_avx2_9(sp_digit* a, const sp_digit* m, sp_d #endif /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_521_map_avx2_9(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -52601,9 +53165,9 @@ extern void sp_521_mont_div2_avx2_9(sp_digit* r, const sp_digit* a, const sp_dig #endif /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_avx2_9(sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -52672,9 +53236,13 @@ typedef struct sp_521_proj_point_dbl_avx2_9_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_dbl_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t) @@ -52803,10 +53371,9 @@ static int sp_521_proj_point_dbl_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r #endif /* WOLFSSL_SP_NONBLOCK */ /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_n_avx2_9(sp_point_521* p, int i, sp_digit* t) @@ -52896,10 +53463,10 @@ static void sp_521_proj_point_dbl_n_avx2_9(sp_point_521* p, int i, /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_avx2_9(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -52999,10 +53566,14 @@ typedef struct sp_521_proj_point_add_avx2_9_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_521_proj_point_add_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -53186,10 +53757,11 @@ static int sp_521_proj_point_add_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_dbl_n_store_avx2_9(sp_point_521* r, const sp_point_521* p, int n, int m, sp_digit* t) @@ -53259,11 +53831,11 @@ static void sp_521_proj_point_dbl_n_store_avx2_9(sp_point_521* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_sub_avx2_9(sp_point_521* ra, sp_point_521* rs, const sp_point_521* p, const sp_point_521* q, @@ -53346,13 +53918,15 @@ static void sp_521_proj_point_add_sub_avx2_9(sp_point_521* ra, * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_win_add_sub_avx2_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -53474,10 +54048,10 @@ typedef struct sp_table_entry_521 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_qz1_9(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -53555,8 +54129,8 @@ static void sp_521_proj_point_add_qz1_9(sp_point_521* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_521_proj_to_affine_9(sp_point_521* a, sp_digit* t) { @@ -53580,10 +54154,10 @@ static void sp_521_proj_to_affine_9(sp_point_521* a, sp_digit* t) * 64 entries * 86 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_521_gen_stripe_table_9(const sp_point_521* a, sp_table_entry_521* table, sp_digit* tmp, void* heap) @@ -53675,13 +54249,16 @@ extern void sp_521_get_entry_64_avx2_9(sp_point_521* r, const sp_table_entry_521 * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_stripe_9(sp_point_521* r, const sp_point_521* g, const sp_table_entry_521* table, const sp_digit* k, int map, @@ -53799,8 +54376,8 @@ static THREAD_LS_T int sp_cache_521_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) { @@ -53863,13 +54440,15 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache) /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -53948,10 +54527,10 @@ static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_521_proj_point_add_qz1_avx2_9(sp_point_521* r, const sp_point_521* p, const sp_point_521* q, sp_digit* t) @@ -54029,8 +54608,8 @@ static void sp_521_proj_point_add_qz1_avx2_9(sp_point_521* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_521_proj_to_affine_avx2_9(sp_point_521* a, sp_digit* t) { @@ -54054,10 +54633,10 @@ static void sp_521_proj_to_affine_avx2_9(sp_point_521* a, sp_digit* t) * 64 entries * 86 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_521_gen_stripe_table_avx2_9(const sp_point_521* a, sp_table_entry_521* table, sp_digit* tmp, void* heap) @@ -54135,13 +54714,16 @@ static int sp_521_gen_stripe_table_avx2_9(const sp_point_521* a, * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_stripe_avx2_9(sp_point_521* r, const sp_point_521* g, const sp_table_entry_521* table, const sp_digit* k, int map, @@ -54228,13 +54810,15 @@ static int sp_521_ecc_mulmod_stripe_avx2_9(sp_point_521* r, const sp_point_521* /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_avx2_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap) @@ -54310,12 +54894,14 @@ static int sp_521_ecc_mulmod_avx2_9(sp_point_521* r, const sp_point_521* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -54356,14 +54942,16 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r, /* Multiply the point by the scalar, add point a and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -54899,12 +55487,14 @@ static const sp_table_entry_521 p521_table[64] = { * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -54922,12 +55512,14 @@ static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k, * Pre-generated: products of all combinations of above. * 6 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_avx2_9(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -54967,8 +55559,8 @@ static const word8 recode_neg_9_7[130] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_521_ecc_recode_7_9(const sp_digit* k, ecc_recode_521* v) { @@ -88858,14 +89450,16 @@ static const sp_table_entry_521 p521_table[4875] = { * Width between powers is 7 bits. * Accumulate into the result. * - * r Resulting point. - * g Point to scalar multiply. - * k Scalar to multiply by. - * table Pre-computed table of points. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to scalar multiply. + * @param [in] k Scalar to multiply by. + * @param [in] table Pre-computed table of points. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_add_only_9(sp_point_521* r, const sp_point_521* g, const sp_table_entry_521* table, const sp_digit* k, int map, @@ -88943,12 +89537,14 @@ static int sp_521_ecc_mulmod_add_only_9(sp_point_521* r, const sp_point_521* g, /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -88965,14 +89561,16 @@ static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k, * Width between powers is 7 bits. * Accumulate into the result. * - * r Resulting point. - * g Point to scalar multiply. - * k Scalar to multiply by. - * table Pre-computed table of points. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to scalar multiply. + * @param [in] k Scalar to multiply by. + * @param [in] table Pre-computed table of points. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_add_only_avx2_9(sp_point_521* r, const sp_point_521* g, const sp_table_entry_521* table, const sp_digit* k, int map, @@ -89050,12 +89648,14 @@ static int sp_521_ecc_mulmod_add_only_avx2_9(sp_point_521* r, const sp_point_521 /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_mulmod_base_avx2_9(sp_point_521* r, const sp_digit* k, int map, int ct, void* heap) @@ -89069,11 +89669,13 @@ static int sp_521_ecc_mulmod_base_avx2_9(sp_point_521* r, const sp_digit* k, /* Multiply the base point of P521 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -89112,13 +89714,15 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P521 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -89221,10 +89825,10 @@ extern void sp_521_from_bin_movbe(sp_digit* r, int size, const byte* a, int n); #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -89243,10 +89847,12 @@ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n) /* Generates a scalar that is in the range 1..order-1. * - * rng Random number generator. - * k Scalar value. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [in] k Scalar value. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_ecc_gen_k_9(WC_RNG* rng, sp_digit* k) { @@ -89277,12 +89883,15 @@ static int sp_521_ecc_gen_k_9(WC_RNG* rng, sp_digit* k) /* Makes a random EC key pair. * - * rng Random number generator. - * priv Generated private value. - * pub Generated public point. - * heap Heap to use for allocation. - * returns ECC_INF_E when the point does not have the correct order, RNG - * failures, MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -89379,6 +89988,23 @@ typedef struct sp_ecc_key_gen_521_ctx { #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */ } sp_ecc_key_gen_521_ctx; +/* Makes a random EC key pair. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] rng Random number generator. + * @param [out] priv Generated private value. + * @param [out] pub Generated public point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return ECC_INF_E when the point does not have the correct order. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap) { @@ -89463,8 +90089,8 @@ extern void sp_521_to_bin_movbe_9(sp_digit* r, byte* a); /* Write r as big endian to byte array. * Fixed length number of bytes written: 66 * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ static void sp_521_to_bin_9(sp_digit* r, byte* a) { @@ -89484,14 +90110,16 @@ static void sp_521_to_bin_9(sp_digit* r, byte* a) /* Multiply the point by the scalar and serialize the X ordinate. * The number is 0 padded to maximum size on output. * - * priv Scalar to multiply the point by. - * pub Point to multiply. - * out Buffer to hold X ordinate. - * outLen On entry, size of the buffer in bytes. - * On exit, length of data in buffer in bytes. - * heap Heap to use for allocation. - * returns BUFFER_E if the buffer is to small for output size, - * MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_secret_gen_521(const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) @@ -89543,6 +90171,25 @@ typedef struct sp_ecc_sec_gen_521_ctx { sp_point_521 point; } sp_ecc_sec_gen_521_ctx; +/* Multiply the point by the scalar and serialize the X ordinate. + * The number is 0 padded to maximum size on output. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] priv Scalar to multiply the point by. + * @param [in] pub Point to multiply. + * @param [out] out Buffer to hold X ordinate. + * @param [in, out] outLen On entry, size of the buffer in bytes. + * On exit, length of data in buffer in bytes. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return BUFFER_E when the buffer is too small for output size. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen, void* heap) { @@ -89641,10 +90288,11 @@ extern sp_digit div_521_word_asm_9(sp_digit d1, sp_digit d0, sp_digit div); #endif /* _MSC_VER < 1920 */ /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_521_word_9(sp_digit d1, sp_digit d0, sp_digit div) @@ -89658,10 +90306,11 @@ static WC_INLINE sp_digit div_521_word_9(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_521_word_9(sp_digit d1, sp_digit d0, sp_digit div) @@ -89678,9 +90327,9 @@ static WC_INLINE sp_digit div_521_word_9(sp_digit d1, sp_digit d0, #endif /* _WIN64 && !__clang__ */ /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_521_mask_9(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -89706,11 +90355,12 @@ static void sp_521_mask_9(sp_digit* r, const sp_digit* a, sp_digit m) /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_521_div_9(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -89771,10 +90421,11 @@ static WC_INLINE int sp_521_div_9(const sp_digit* a, const sp_digit* d, sp_digit /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_521_mod_9(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -89786,9 +90437,9 @@ static WC_INLINE int sp_521_mod_9(sp_digit* r, const sp_digit* a, #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) /* Multiply two number mod the order of P521 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_521_mont_mul_order_9(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -89814,8 +90465,8 @@ static const word64 p521_order_low[5] = { /* Square number mod the order of P521 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_521_mont_sqr_order_9(sp_digit* r, const sp_digit* a) { @@ -89827,8 +90478,9 @@ static void sp_521_mont_sqr_order_9(sp_digit* r, const sp_digit* a) /* Square number mod the order of P521 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_521_mont_sqr_n_order_9(sp_digit* r, const sp_digit* a, int n) { @@ -89841,19 +90493,24 @@ static void sp_521_mont_sqr_n_order_9(sp_digit* r, const sp_digit* a, int n) } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_521_mont_inv_order_9_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_521_mont_inv_order_9_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P521 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_521_mont_inv_order_9_ctx { - int state; - int i; -} sp_521_mont_inv_order_9_ctx; static int sp_521_mont_inv_order_9_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -89889,6 +90546,13 @@ static int sp_521_mont_inv_order_9_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const s } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P521 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_521_mont_inv_order_9(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -89970,9 +90634,9 @@ static void sp_521_mont_inv_order_9(sp_digit* r, const sp_digit* a, #ifdef HAVE_INTEL_AVX2 /* Multiply two number mod the order of P521 curve. (r = a * b mod order) * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. + * @param [out] r Result of the multiplication. + * @param [in] a First operand of the multiplication. + * @param [in] b Second operand of the multiplication. */ static void sp_521_mont_mul_order_avx2_9(sp_digit* r, const sp_digit* a, const sp_digit* b) { @@ -89983,8 +90647,8 @@ static void sp_521_mont_mul_order_avx2_9(sp_digit* r, const sp_digit* a, const s #if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) /* Square number mod the order of P521 curve. (r = a * a mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. */ static void sp_521_mont_sqr_order_avx2_9(sp_digit* r, const sp_digit* a) { @@ -89996,8 +90660,9 @@ static void sp_521_mont_sqr_order_avx2_9(sp_digit* r, const sp_digit* a) /* Square number mod the order of P521 curve a number of times. * (r = a ^ n mod order) * - * r Result of the squaring. - * a Number to square. + * @param [out] r Result of the squaring. + * @param [in] a Number to square. + * @param [in] n Number of times to square. */ static void sp_521_mont_sqr_n_order_avx2_9(sp_digit* r, const sp_digit* a, int n) { @@ -90010,19 +90675,24 @@ static void sp_521_mont_sqr_n_order_avx2_9(sp_digit* r, const sp_digit* a, int n } #endif /* !WOLFSSL_SP_SMALL */ +#ifdef WOLFSSL_SP_NONBLOCK +/* Context of non-blocking modular inversion with Montgomery form number. */ +typedef struct sp_521_mont_inv_order_avx2_9_ctx { + int state; /* State of next operation. */ + int i; /* Index of bit in order. */ +} sp_521_mont_inv_order_avx2_9_ctx; + /* Invert the number, in Montgomery form, modulo the order of the P521 curve. * (r = 1 / a mod order) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] t Temporary data. */ - -#ifdef WOLFSSL_SP_NONBLOCK -typedef struct sp_521_mont_inv_order_avx2_9_ctx { - int state; - int i; -} sp_521_mont_inv_order_avx2_9_ctx; static int sp_521_mont_inv_order_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a, sp_digit* t) { @@ -90058,6 +90728,13 @@ static int sp_521_mont_inv_order_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, co } #endif /* WOLFSSL_SP_NONBLOCK */ +/* Invert the number, in Montgomery form, modulo the order of the P521 curve. + * (r = 1 / a mod order) + * + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. + */ static void sp_521_mont_inv_order_avx2_9(sp_digit* r, const sp_digit* a, sp_digit* td) { @@ -90147,13 +90824,15 @@ static void sp_521_mont_inv_order_avx2_9(sp_digit* r, const sp_digit* a, * * s = (r * x + e) / k * - * s Signature value. - * r First signature value. - * k Ephemeral private key. - * x Private key as a number. - * e Hash of message as a number. - * tmp Temporary storage for intermediate numbers. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] s Signature value. + * @param [in] r First signature value. + * @param [in] k Ephemeral private key. + * @param [in] x Private key as a number. + * @param [in] e Hash of message as a number. + * @param [out] tmp Temporary storage for intermediate numbers. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_calc_s_9(sp_digit* s, const sp_digit* r, sp_digit* k, sp_digit* x, const sp_digit* e, sp_digit* tmp) @@ -90233,15 +90912,18 @@ static int sp_521_calc_s_9(sp_digit* s, const sp_digit* r, sp_digit* k, * s = (r * x + e) / k mod order * The hash is truncated to the first 521 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns RNG failures, MEMORY_E when memory allocation fails and - * MP_OKAY on success. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_sign_521(const byte* hash, word32 hashLen, WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) @@ -90366,6 +91048,30 @@ typedef struct sp_ecc_sign_521_ctx { int i; } sp_ecc_sign_521_ctx; +/* Sign the hash using the private key. + * e = [hash, 521 bits] from binary + * r = (k.G)->x mod order + * s = (r * x + e) / k mod order + * The hash is truncated to the first 521 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to sign. + * @param [in] hashLen Length of the hash data. + * @param [in] rng Random number generator. + * @param [in] priv Private part of key - scalar. + * @param [out] rm First part of result as an mp_int. + * @param [out] sm Second part of result as an mp_int. + * @param [in, out] km Ephemeral key as an mp_int. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return RNG failures. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap) { @@ -90539,9 +91245,10 @@ extern int sp_521_num_bits_9(const sp_digit * a); #endif /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ static int sp_521_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -90623,9 +91330,9 @@ static int sp_521_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m) /* Add point p1 into point p2. Handles p1 == p2 and result at infinity. * - * p1 First point to add and holds result. - * p2 Second point to add. - * tmp Temporary storage for intermediate numbers. + * @param [in, out] p1 First point to add and holds result. + * @param [in] p2 Second point to add. + * @param [out] tmp Temporary storage for intermediate numbers. */ static void sp_521_add_points_9(sp_point_521* p1, const sp_point_521* p2, sp_digit* tmp) @@ -90674,13 +91381,16 @@ static void sp_521_add_points_9(sp_point_521* p1, const sp_point_521* p2, /* Calculate the verification point: [e/s]G + [r/s]Q * - * p1 Calculated point. - * p2 Public point and temporary. - * s Second part of signature as a number. - * u1 Temporary number. - * u2 Temporary number. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] p1 Calculated point. + * @param [in, out] p2 Public point and temporary. + * @param [in] s Second part of signature as a number. + * @param [out] u1 Temporary number. + * @param [out] u2 Temporary number. + * @param [out] tmp Temporary number. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_521_calc_vfy_point_9(sp_point_521* p1, sp_point_521* p2, sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap) @@ -90789,14 +91499,18 @@ static int sp_521_calc_vfy_point_9(sp_point_521* p1, sp_point_521* p2, * (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' * The hash is truncated to the first 521 bits. * - * hash Hash to sign. - * hashLen Length of the hash data. - * rng Random number generator. - * priv Private part of key - scalar. - * rm First part of result as an mp_int. - * sm Sirst part of result as an mp_int. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_verify_521(const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, @@ -90925,6 +91639,32 @@ typedef struct sp_ecc_verify_521_ctx { sp_point_521 p2; } sp_ecc_verify_521_ctx; +/* Verify the signature values with the hash and public key. + * e = Truncate(hash, 521) + * u1 = e/s mod order + * u2 = r/s mod order + * r == (u1.G + u2.Q)->x mod order + * The hash is truncated to the first 521 bits. + * + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [in] hash Hash to verify. + * @param [in] hashLen Length of the hash data. + * @param [in] pX X ordinate of public point. + * @param [in] pY Y ordinate of public point. + * @param [in] pZ Z ordinate of public point. + * @param [in] rm First part of signature as an mp_int. + * @param [in] sm Second part of signature as an mp_int. + * @param [out] res Result of the verification: 1 == valid, + * 0 == invalid. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return FP_WOULDBLOCK while more work remains. + * @return MEMORY_E when memory allocation fails. + */ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm, int* res, void* heap) @@ -91064,10 +91804,12 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_521_ecc_is_point_9(const sp_point_521* point, void* heap) @@ -91109,10 +91851,12 @@ static int sp_521_ecc_is_point_9(const sp_point_521* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY) { @@ -91138,13 +91882,17 @@ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) @@ -91248,16 +91996,18 @@ int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY, /* Add two projective EC points together. * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ) * - * pX First EC point's X ordinate. - * pY First EC point's Y ordinate. - * pZ First EC point's Z ordinate. - * qX Second EC point's X ordinate. - * qY Second EC point's Y ordinate. - * qZ Second EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX First EC point's X ordinate. + * @param [in] pY First EC point's Y ordinate. + * @param [in] pZ First EC point's Z ordinate. + * @param [in] qX Second EC point's X ordinate. + * @param [in] qY Second EC point's Y ordinate. + * @param [in] qZ Second EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, @@ -91317,13 +92067,15 @@ int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, /* Double a projective EC point. * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ) * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * rX Resultant EC point's X ordinate. - * rY Resultant EC point's Y ordinate. - * rZ Resultant EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * @param [out] rX Resultant EC point's X ordinate. + * @param [out] rY Resultant EC point's Y ordinate. + * @param [out] rZ Resultant EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ) @@ -91374,10 +92126,12 @@ int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ, /* Map a projective EC point to affine in place. * pZ will be one. * - * pX EC point's X ordinate. - * pY EC point's Y ordinate. - * pZ EC point's Z ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] pX EC point's X ordinate. + * @param [in] pY EC point's Y ordinate. + * @param [in] pZ EC point's Z ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_map_521(mp_int* pX, mp_int* pY, mp_int* pZ) { @@ -91435,8 +92189,10 @@ static const word64 p521_sqrt_power[9] = { /* Find the square root of a number mod the prime of the curve. * - * y The number to operate on and the result. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in, out] y The number to operate on and the result. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_521_mont_sqrt_9(sp_digit* y) { @@ -91486,10 +92242,12 @@ static int sp_521_mont_sqrt_9(sp_digit* y) /* Uncompress the point given the X ordinate. * - * xm X ordinate. - * odd Whether the Y ordinate is odd. - * ym Calculated Y ordinate. - * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise. + * @param [in] xm X ordinate. + * @param [in] odd Whether the Y ordinate is odd. + * @param [out] ym Calculated Y ordinate. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ int sp_ecc_uncompress_521(mp_int* xm, int odd, mp_int* ym) { @@ -91723,10 +92481,11 @@ extern sp_digit div_1024_word_asm_16(sp_digit d1, sp_digit d0, sp_digit div); #endif /* _MSC_VER < 1920 */ /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_1024_word_16(sp_digit d1, sp_digit d0, sp_digit div) @@ -91740,10 +92499,11 @@ static WC_INLINE sp_digit div_1024_word_16(sp_digit d1, sp_digit d0, #else /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ static WC_INLINE sp_digit div_1024_word_16(sp_digit d1, sp_digit d0, sp_digit div) @@ -91760,9 +92520,9 @@ static WC_INLINE sp_digit div_1024_word_16(sp_digit d1, sp_digit d0, #endif /* _WIN64 && !__clang__ */ /* AND m into each word of a and store in r. * - * r A single precision integer. - * a A single precision integer. - * m Mask to AND against each digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] m Mask to AND against each digit. */ static void sp_1024_mask_16(sp_digit* r, const sp_digit* a, sp_digit m) { @@ -91798,11 +92558,12 @@ extern sp_int64 sp_1024_cmp_16(const sp_digit* a, const sp_digit* b); /* Divide d in a and put remainder into r (m*d + r = a) * m is not calculated as it is not needed at this time. * - * a Number to be divided. - * d Number to divide with. - * m Multiplier result. - * r Remainder from the division. - * returns MP_OKAY indicating success. + * @param [in] a Number to be divided. + * @param [in] d Number to divide with. + * @param [in] m Multiplier result. + * @param [out] r Remainder from the division. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_1024_div_16(const sp_digit* a, const sp_digit* d, sp_digit* m, sp_digit* r) @@ -91860,10 +92621,11 @@ static WC_INLINE int sp_1024_div_16(const sp_digit* a, const sp_digit* d, sp_dig /* Reduce a modulo m into r. (r = a mod m) * - * r A single precision number that is the reduced result. - * a A single precision number that is to be reduced. - * m A single precision number that is the modulus to reduce with. - * returns MP_OKAY indicating success. + * @param [out] r A single precision number that is the reduced result. + * @param [in] a A single precision number that is to be reduced. + * @param [in] m A single precision number that is the modulus to reduce with. + * + * @return MP_OKAY indicating success. */ static WC_INLINE int sp_1024_mod_16(sp_digit* r, const sp_digit* a, const sp_digit* m) @@ -91873,10 +92635,12 @@ static WC_INLINE int sp_1024_mod_16(sp_digit* r, const sp_digit* a, /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_mod_mul_norm_16(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -91887,10 +92651,12 @@ static int sp_1024_mod_mul_norm_16(sp_digit* r, const sp_digit* a, const sp_digi #ifdef HAVE_INTEL_AVX2 /* Multiply a number by Montgomery normalizer mod modulus (prime). * - * r The resulting Montgomery form number. - * a The number to convert. - * m The modulus (prime). - * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise. + * @param [out] r The resulting Montgomery form number. + * @param [in] a The number to convert. + * @param [in] m The modulus (prime). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_mod_mul_norm_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* m) { @@ -91903,10 +92669,12 @@ static int sp_1024_mod_mul_norm_avx2_16(sp_digit* r, const sp_digit* a, const sp #ifdef WOLFCRYPT_HAVE_SAKKE /* Create a new point. * - * heap [in] Buffer to allocate dynamic memory from. - * sp [in] Data for point - only if not allocating. - * p [out] New point. - * returns MEMORY_E when dynamic memory allocation fails and 0 otherwise. + * @param [in] heap Buffer to allocate dynamic memory from. + * @param [in] sp Data for point - only if not allocating. + * @param [out] p New point. + * + * @return 0 otherwise. + * @return MEMORY_E when dynamic memory allocation fails. */ static int sp_1024_point_new_ex_16(void* heap, sp_point_1024* sp, sp_point_1024** p) @@ -91938,9 +92706,9 @@ static int sp_1024_point_new_ex_16(void* heap, sp_point_1024* sp, #ifdef WOLFCRYPT_HAVE_SAKKE /* Free the point. * - * p [in,out] Point to free. - * clear [in] Indicates whether to zeroize point. - * heap [in] Buffer from which dynamic memory was allocate from. + * @param [in, out] p Point to free. + * @param [in] clear Indicates whether to zeroize point. + * @param [in] heap Buffer from which dynamic memory was allocate from. */ static void sp_1024_point_free_16(sp_point_1024* p, int clear, void* heap) { @@ -91965,9 +92733,9 @@ static void sp_1024_point_free_16(sp_point_1024* p, int clear, void* heap) /* Convert an mp_int to an array of sp_digit. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a A multi-precision integer. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a A multi-precision integer. */ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) { @@ -92053,8 +92821,8 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a) /* Convert a point of type ecc_point to type sp_point_1024. * - * p Point of type sp_point_1024 (result). - * pm Point of type ecc_point. + * @param [out] p Point of type sp_point_1024 (result). + * @param [in] pm Point of type ecc_point. */ static void sp_1024_point_from_ecc_point_16(sp_point_1024* p, const ecc_point* pm) @@ -92070,8 +92838,8 @@ static void sp_1024_point_from_ecc_point_16(sp_point_1024* p, /* Convert an array of sp_digit to an mp_int. * - * a A single precision integer. - * r A multi-precision integer. + * @param [in] a A single precision integer. + * @param [out] r A multi-precision integer. */ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) { @@ -92138,10 +92906,11 @@ static int sp_1024_to_mp(const sp_digit* a, mp_int* r) /* Convert a point of type sp_point_1024 to type ecc_point. * - * p Point of type sp_point_1024. - * pm Point of type ecc_point (result). - * returns MEMORY_E when allocation of memory in ecc_point fails otherwise - * MP_OKAY. + * @param [in] p Point of type sp_point_1024. + * @param [in] pm Point of type ecc_point (result). + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when allocation of memory in ecc_point fails. */ static int sp_1024_point_to_ecc_point_16(const sp_point_1024* p, ecc_point* pm) { @@ -92175,11 +92944,11 @@ extern void sp_1024_mont_reduce_16(sp_digit* a, const sp_digit* m, sp_digit mp); /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -92190,10 +92959,10 @@ SP_NOINLINE static void sp_1024_mont_mul_16(sp_digit* r, const sp_digit* a, /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_sqr_16(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -92228,9 +92997,9 @@ static const word8 p1024_mod_minus_2[] = { /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P1024 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_1024_mont_inv_16(sp_digit* r, const sp_digit* a, sp_digit* td) @@ -92265,15 +93034,15 @@ static void sp_1024_mont_inv_16(sp_digit* r, const sp_digit* a, /* Normalize the values in each word to 64. * - * a Array of sp_digit to normalize. + * @param [in] a Array of sp_digit to normalize. */ #define sp_1024_norm_16(a) /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_1024_map_16(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -92346,9 +93115,9 @@ extern void sp_1024_mont_div2_16(sp_digit* r, const sp_digit* a, const sp_digit* #endif /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_16(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -92417,9 +93186,13 @@ typedef struct sp_1024_proj_point_dbl_16_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -92548,10 +93321,9 @@ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, #endif /* WOLFSSL_SP_NONBLOCK */ /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i, sp_digit* t) @@ -92641,9 +93413,10 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i, /* Compare two numbers to determine if they are equal. * Constant time implementation. * - * a First number to compare. - * b Second number to compare. - * returns 1 when equal and 0 otherwise. + * @param [in] a First number to compare. + * @param [in] b Second number to compare. + * + * @return 1 when equal and 0 otherwise. */ static int sp_1024_cmp_equal_16(const sp_digit* a, const sp_digit* b) { @@ -92658,8 +93431,9 @@ static int sp_1024_cmp_equal_16(const sp_digit* a, const sp_digit* b) /* Returns 1 if the number of zero. * Implementation is constant time. * - * a Number to check. - * returns 1 if the number is zero and 0 otherwise. + * @param [in] a Number to check. + * + * @return 1 when the number is zero and 0 otherwise. */ static int sp_1024_iszero_16(const sp_digit* a) { @@ -92670,10 +93444,10 @@ static int sp_1024_iszero_16(const sp_digit* a) /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_16(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -92773,10 +93547,14 @@ typedef struct sp_1024_proj_point_add_16_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -92960,10 +93738,11 @@ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r, const sp_point_1024* p, int n, int m, sp_digit* t) @@ -93033,11 +93812,11 @@ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_sub_16(sp_point_1024* ra, sp_point_1024* rs, const sp_point_1024* p, const sp_point_1024* q, @@ -93147,8 +93926,8 @@ static const word8 recode_neg_16_7[130] = { /* Recode the scalar for multiplication using pre-computed values and * subtraction. * - * k Scalar to multiply by. - * v Vector of operations to perform. + * @param [in] k Scalar to multiply by. + * @param [in] v Vector of operations to perform. */ static void sp_1024_ecc_recode_7_16(const sp_digit* k, ecc_recode_1024* v) { @@ -93199,13 +93978,15 @@ static void sp_1024_ecc_recode_7_16(const sp_digit* k, ecc_recode_1024* v) * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_win_add_sub_16(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -93330,11 +94111,11 @@ extern void sp_1024_mont_reduce_avx2_16(sp_digit* a, const sp_digit* m, sp_digit /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_mul_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp) @@ -93348,10 +94129,10 @@ SP_NOINLINE static void sp_1024_mont_mul_avx2_16(sp_digit* r, const sp_digit* a, #ifdef HAVE_INTEL_AVX2 /* Square the Montgomery form number. (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ SP_NOINLINE static void sp_1024_mont_sqr_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp) @@ -93366,9 +94147,9 @@ SP_NOINLINE static void sp_1024_mont_sqr_avx2_16(sp_digit* r, const sp_digit* a, /* Invert the number, in Montgomery form, modulo the modulus (prime) of the * P1024 curve. (r = 1 / a mod m) * - * r Inverse result. - * a Number to invert. - * td Temporary data. + * @param [out] r Inverse result. + * @param [in] a Number to invert. + * @param [out] td Temporary data. */ static void sp_1024_mont_inv_avx2_16(sp_digit* r, const sp_digit* a, sp_digit* td) @@ -93403,9 +94184,9 @@ static void sp_1024_mont_inv_avx2_16(sp_digit* r, const sp_digit* a, /* Map the Montgomery form projective coordinate point to an affine point. * - * r Resulting affine coordinate point. - * p Montgomery form projective coordinate point. - * t Temporary ordinate data. + * @param [out] r Resulting affine coordinate point. + * @param [in] p Montgomery form projective coordinate point. + * @param [out] t Temporary ordinate data. */ static void sp_1024_map_avx2_16(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -93478,9 +94259,9 @@ extern void sp_1024_mont_div2_avx2_16(sp_digit* r, const sp_digit* a, const sp_d #endif /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_avx2_16(sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -93549,9 +94330,13 @@ typedef struct sp_1024_proj_point_dbl_avx2_16_ctx { /* Double the Montgomery form projective point p. * - * r Result of doubling point. - * p Point to double. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of doubling point. + * @param [in] p Point to double. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_dbl_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t) @@ -93680,10 +94465,9 @@ static int sp_1024_proj_point_dbl_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024 #endif /* WOLFSSL_SP_NONBLOCK */ /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [in, out] p Point to double and result. + * @param [in] i Number of times to double. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_n_avx2_16(sp_point_1024* p, int i, sp_digit* t) @@ -93773,10 +94557,10 @@ static void sp_1024_proj_point_dbl_n_avx2_16(sp_point_1024* p, int i, /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_avx2_16(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -93876,10 +94660,14 @@ typedef struct sp_1024_proj_point_add_avx2_16_ctx { /* Add two Montgomery form projective points. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * Non-blocking version. Call repeatedly until it does not return + * FP_WOULDBLOCK. State is saved and restored through sp_ctx. + * + * @param [in, out] sp_ctx Context to save state in for non-blocking calls. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static int sp_1024_proj_point_add_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -94063,10 +94851,11 @@ static int sp_1024_proj_point_add_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024 /* Double the Montgomery form projective point p a number of times. * - * r Result of repeated doubling of point. - * p Point to double. - * n Number of times to double - * t Temporary ordinate data. + * @param [out] r Result of repeated doubling of point. + * @param [in] p Point to double. + * @param [in] n Number of times to double. + * @param [in] m Index multiplier into result array r. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_dbl_n_store_avx2_16(sp_point_1024* r, const sp_point_1024* p, int n, int m, sp_digit* t) @@ -94136,11 +94925,11 @@ static void sp_1024_proj_point_dbl_n_store_avx2_16(sp_point_1024* r, /* Add two Montgomery form projective points. * - * ra Result of addition. - * rs Result of subtraction. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] ra Result of addition. + * @param [out] rs Result of subtraction. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_sub_avx2_16(sp_point_1024* ra, sp_point_1024* rs, const sp_point_1024* p, const sp_point_1024* q, @@ -94223,13 +95012,15 @@ static void sp_1024_proj_point_add_sub_avx2_16(sp_point_1024* ra, * Double to push up. * NOT a sliding window. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_win_add_sub_avx2_16(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -94355,10 +95146,10 @@ typedef struct sp_table_entry_1024 { * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -94436,8 +95227,8 @@ static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_1024_proj_to_affine_16(sp_point_1024* a, sp_digit* t) { @@ -94461,10 +95252,10 @@ static void sp_1024_proj_to_affine_16(sp_point_1024* a, sp_digit* t) * 256 entries * 128 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_1024_gen_stripe_table_16(const sp_point_1024* a, sp_table_entry_1024* table, sp_digit* tmp, void* heap) @@ -94541,13 +95332,16 @@ static int sp_1024_gen_stripe_table_16(const sp_point_1024* a, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_stripe_16(sp_point_1024* r, const sp_point_1024* g, const sp_table_entry_1024* table, const sp_digit* k, int map, @@ -94649,8 +95443,8 @@ static THREAD_LS_T int sp_cache_1024_inited = 0; /* Get the cache entry for the point. * - * g [in] Point scalar multiplying. - * cache [out] Cache table to use. + * @param [in] g Point scalar multiplying. + * @param [out] cache Cache table to use. */ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache) { @@ -94713,13 +95507,15 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -94798,10 +95594,10 @@ static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g, * one. * Only the first point can be the same pointer as the result point. * - * r Result of addition. - * p First point to add. - * q Second point to add. - * t Temporary ordinate data. + * @param [out] r Result of addition. + * @param [in] p First point to add. + * @param [in] q Second point to add. + * @param [out] t Temporary ordinate data. */ static void sp_1024_proj_point_add_qz1_avx2_16(sp_point_1024* r, const sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -94879,8 +95675,8 @@ static void sp_1024_proj_point_add_qz1_avx2_16(sp_point_1024* r, /* Convert the projective point to affine. * Ordinates are in Montgomery form. * - * a Point to convert. - * t Temporary data. + * @param [in, out] a Point to convert. + * @param [out] t Temporary data. */ static void sp_1024_proj_to_affine_avx2_16(sp_point_1024* a, sp_digit* t) { @@ -94904,10 +95700,10 @@ static void sp_1024_proj_to_affine_avx2_16(sp_point_1024* a, sp_digit* t) * 256 entries * 128 bits between * - * a The base point. - * table Place to store generated point data. - * tmp Temporary data. - * heap Heap to use for allocation. + * @param [in] a The base point. + * @param [out] table Place to store generated point data. + * @param [out] tmp Temporary data. + * @param [in] heap Heap to use for allocation. */ static int sp_1024_gen_stripe_table_avx2_16(const sp_point_1024* a, sp_table_entry_1024* table, sp_digit* tmp, void* heap) @@ -94984,13 +95780,16 @@ static int sp_1024_gen_stripe_table_avx2_16(const sp_point_1024* a, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * table Pre-computed table. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] table Pre-computed table. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_stripe_avx2_16(sp_point_1024* r, const sp_point_1024* g, const sp_table_entry_1024* table, const sp_digit* k, int map, @@ -95061,13 +95860,15 @@ static int sp_1024_ecc_mulmod_stripe_avx2_16(sp_point_1024* r, const sp_point_10 /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * r Resulting point. - * g Point to multiply. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] g Point to multiply. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_avx2_16(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap) @@ -95143,12 +95944,14 @@ static int sp_1024_ecc_mulmod_avx2_16(sp_point_1024* r, const sp_point_1024* g, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * p Point to multiply. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r, int map, void* heap) @@ -98521,12 +99324,14 @@ static const sp_table_entry_1024 p1024_table[256] = { * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_base_16(sp_point_1024* r, const sp_digit* k, int map, int ct, void* heap) @@ -98544,12 +99349,14 @@ static int sp_1024_ecc_mulmod_base_16(sp_point_1024* r, const sp_digit* k, * Pre-generated: products of all combinations of above. * 8 doubles and adds (with qz=1) * - * r Resulting point. - * k Scalar to multiply by. - * map Indicates whether to convert result to affine. - * ct Constant time required. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [out] r Resulting point. + * @param [in] k Scalar to multiply by. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] ct Constant time required. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_1024_ecc_mulmod_base_avx2_16(sp_point_1024* r, const sp_digit* k, int map, int ct, void* heap) @@ -98562,11 +99369,13 @@ static int sp_1024_ecc_mulmod_base_avx2_16(sp_point_1024* r, const sp_digit* k, /* Multiply the base point of P1024 by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap) { @@ -98605,13 +99414,15 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap) /* Multiply the base point of P1024 by the scalar, add point a and return * the result. If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * am Point to add to scalar multiply result. - * inMont Point to add is in montgomery form. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] am Point to add to scalar multiply result. + * @param [in] inMont Point to add is in montgomery form. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, int inMont, ecc_point* r, int map, void* heap) @@ -98689,12 +99500,15 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am, #ifndef WOLFSSL_SP_SMALL /* Generate a pre-computation table for the point. * - * gm Point to generate table for. - * table Buffer to hold pre-computed points table. - * len Length of table. - * heap Heap to use for allocation. - * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is - * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise. + * @param [in] gm Point to generate table for. + * @param [out] table Buffer to hold pre-computed points table. + * @param [in, out] len Length of table. + * @param [in] heap Heap to use for allocation. + * + * @return 0 otherwise. + * @return BAD_FUNC_ARG when gm or len is NULL. + * @return LENGTH_ONLY_E when table is NULL and length is returned. + * @return BUFFER_E when length is too small. */ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, void* heap) @@ -98746,12 +99560,15 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, #else /* Generate a pre-computation table for the point. * - * gm Point to generate table for. - * table Buffer to hold pre-computed points table. - * len Length of table. - * heap Heap to use for allocation. - * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is - * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise. + * @param [in] gm Point to generate table for. + * @param [out] table Buffer to hold pre-computed points table. + * @param [in, out] len Length of table. + * @param [in] heap Heap to use for allocation. + * + * @return 0 otherwise. + * @return BAD_FUNC_ARG when gm or len is NULL. + * @return LENGTH_ONLY_E when table is NULL and length is returned. + * @return BUFFER_E when length is too small. */ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, void* heap) @@ -98781,13 +99598,15 @@ int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len, /* Multiply the point by the scalar and return the result. * If map is true then convert result to affine coordinates. * - * km Scalar to multiply by. - * gm Point to multiply. - * table Pre-computed points. - * r Resulting point. - * map Indicates whether to convert result to affine. - * heap Heap to use for allocation. - * returns MEMORY_E when memory allocation fails and MP_OKAY on success. + * @param [in] km Scalar to multiply by. + * @param [in] gm Point to multiply. + * @param [in] table Pre-computed points. + * @param [out] r Resulting point. + * @param [in] map Indicates whether to convert result to affine. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY on success. + * @return MEMORY_E when memory allocation fails. */ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, ecc_point* r, int map, void* heap) @@ -98837,10 +99656,12 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table, * r.x = p.x - (p.y * q.y) * r.y = (p.x * q.y) + p.y * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * q [in] A single precision integer - multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] q A single precision integer - multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_qx1_16(sp_digit* px, sp_digit* py, const sp_digit* q, sp_digit* t) @@ -98863,9 +99684,11 @@ static void sp_1024_proj_mul_qx1_16(sp_digit* px, sp_digit* py, * px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2 * py' = 2 * p.x * p.y * - * px [in,out] A single precision integer - X ordinate of number to square. - * py [in,out] A single precision integer - Y ordinate of number to square. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_sqr_16(sp_digit* px, sp_digit* py, sp_digit* t) { @@ -98890,10 +99713,12 @@ static void sp_1024_proj_sqr_16(sp_digit* px, sp_digit* py, sp_digit* t) * Simple square and multiply when expontent bit is one algorithm. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_ModExp_Fp_star_x64_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -100530,11 +101355,13 @@ static const sp_digit sp_1024_g_table[256][16] = { * Total of 256 points in table. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ static int sp_ModExp_Fp_star_x64_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -100625,10 +101452,12 @@ static int sp_ModExp_Fp_star_x64_1024(const mp_int* base, mp_int* exp, mp_int* r * r.x = p.x - (p.y * q.y) * r.y = (p.x * q.y) + p.y * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * q [in] A single precision integer - multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] q A single precision integer - multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_qx1_avx2_16(sp_digit* px, sp_digit* py, const sp_digit* q, sp_digit* t) @@ -100651,9 +101480,11 @@ static void sp_1024_proj_mul_qx1_avx2_16(sp_digit* px, sp_digit* py, * px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2 * py' = 2 * p.x * p.y * - * px [in,out] A single precision integer - X ordinate of number to square. - * py [in,out] A single precision integer - Y ordinate of number to square. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_sqr_avx2_16(sp_digit* px, sp_digit* py, sp_digit* t) { @@ -100678,10 +101509,12 @@ static void sp_1024_proj_sqr_avx2_16(sp_digit* px, sp_digit* py, sp_digit* t) * Simple square and multiply when expontent bit is one algorithm. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MEMORY_E when memory allocation fails. */ static int sp_ModExp_Fp_star_avx2_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -100775,11 +101608,13 @@ static int sp_ModExp_Fp_star_avx2_1024(const mp_int* base, mp_int* exp, mp_int* * Total of 256 points in table. * Square and multiply performed in Fp*. * - * base [in] Base. MP integer. - * exp [in] Exponent. MP integer. - * res [out] Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ static int sp_ModExp_Fp_star_avx2_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -100867,11 +101702,13 @@ static int sp_ModExp_Fp_star_avx2_1024(const mp_int* base, mp_int* exp, mp_int* #endif /* HAVE_INTEL_AVX2 */ /* Perform the modular exponentiation for SAKKE. * - * base Base. MP integer. - * exp Exponent. MP integer. - * res Result. MP integer. - * returns 0 on success, MP_READ_E if there are too many bytes in an array - * and MEMORY_E if memory allocation fails. + * @param [in] base Base. MP integer. + * @param [in] exp Exponent. MP integer. + * @param [out] res Result. MP integer. + * + * @return 0 on success. + * @return MP_READ_E when there are too many bytes in an array. + * @return MEMORY_E when memory allocation fails. */ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) { @@ -100905,13 +101742,15 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res) * p.x' = v0 - v1 * p.y' = (px + py) * (qx + qy) - v0 - v1 * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * qx [in] A single precision integer - X ordinate of number of - * multiplier. - * qy [in] A single precision integer - Y ordinate of number of - * multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] qx A single precision integer - X ordinate of number of + * multiplier. + * @param [in] qy A single precision integer - Y ordinate of number of + * multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_16(sp_digit* px, sp_digit* py, const sp_digit* qx, const sp_digit* qy, sp_digit* t) @@ -100941,8 +101780,8 @@ static void sp_1024_proj_mul_16(sp_digit* px, sp_digit* py, /* * Convert point from projective to affine but keep in Montgomery form. * - * p [in,out] Point to convert. - * t [in] Temporary numbers: 2. + * @param [in, out] p Point to convert. + * @param [in] t Temporary numbers: 2. */ static void sp_1024_mont_map_16(sp_point_1024* p, sp_digit* t) { @@ -100971,11 +101810,11 @@ static void sp_1024_mont_map_16(sp_point_1024* p, sp_digit* t) * p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 * p'.z = 2 * p.y * p.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_16(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -101061,14 +101900,14 @@ static void sp_1024_accumulate_line_dbl_16(sp_digit* vx, sp_digit* vy, * c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 * c'.z = (c.x - p.x * c.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added * to. - * @param [in] p ECC point - point on E(F_p^2) to add. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] qx_px SP that is a constant value across adds. - * @param [in] t SP temporaries (6 used). + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] qx_px SP that is a constant value across adds. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_add_one_16(sp_digit* vx, sp_digit* vy, sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px, @@ -101145,10 +101984,10 @@ static void sp_1024_accumulate_line_add_one_16(sp_digit* vx, sp_digit* vy, * * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q. * - * @param [in] key SAKKE key. - * @param [in] p First point on E(F_p)[q]. - * @param [in] q Second point on E(F_p)[q]. - * @param [in] r Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -101282,14 +102121,14 @@ static int sp_Pairing_x64_1024(const ecc_point* pm, const ecc_point* qm, mp_int* * c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 * c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added - * to. - * @param [in,out] p ECC point - point on E(F_p^2) to add. - * @param [in,out] q ECC point - second point on E(F_P^2). - * @param [in,out] t SP temporaries (6 used). - * @param [in,out] neg Indicates to use negative P. + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added to. + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in, out] t SP temporaries (6 used). + * @param [in] neg Indicates to use negative P. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -101403,12 +102242,12 @@ static void sp_1024_accumulate_line_add_n_16(sp_digit* vx, sp_digit* vy, * Finally: * p'.y = py' / 2 * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] n Number of times to double. - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] n Number of times to double. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_n_16(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t) @@ -101523,9 +102362,10 @@ static const signed char sp_1024_order_op[] = { * Subtract if top bit in window is one. * Width of 6 bits. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -101702,13 +102542,15 @@ static int sp_Pairing_x64_1024(const ecc_point* pm, const ecc_point* qm, mp_int* * p.x' = v0 - v1 * p.y' = (px + py) * (qx + qy) - v0 - v1 * - * px [in,out] A single precision integer - X ordinate of number to multiply. - * py [in,out] A single precision integer - Y ordinate of number to multiply. - * qx [in] A single precision integer - X ordinate of number of - * multiplier. - * qy [in] A single precision integer - Y ordinate of number of - * multiplier. - * t [in] Two single precision integers - temps. + * @param [in, out] px A single precision integer - X ordinate of number to + * multiply. + * @param [in, out] py A single precision integer - Y ordinate of number to + * multiply. + * @param [in] qx A single precision integer - X ordinate of number of + * multiplier. + * @param [in] qy A single precision integer - Y ordinate of number of + * multiplier. + * @param [in] t Two single precision integers - temps. */ static void sp_1024_proj_mul_avx2_16(sp_digit* px, sp_digit* py, const sp_digit* qx, const sp_digit* qy, sp_digit* t) @@ -101738,8 +102580,8 @@ static void sp_1024_proj_mul_avx2_16(sp_digit* px, sp_digit* py, /* * Convert point from projective to affine but keep in Montgomery form. * - * p [in,out] Point to convert. - * t [in] Temporary numbers: 2. + * @param [in, out] p Point to convert. + * @param [in] t Temporary numbers: 2. */ static void sp_1024_mont_map_avx2_16(sp_point_1024* p, sp_digit* t) { @@ -101768,11 +102610,11 @@ static void sp_1024_mont_map_avx2_16(sp_point_1024* p, sp_digit* t) * p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 * p'.z = 2 * p.y * p.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_avx2_16(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, sp_digit* t) @@ -101858,14 +102700,14 @@ static void sp_1024_accumulate_line_dbl_avx2_16(sp_digit* vx, sp_digit* vy, * c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 * c'.z = (c.x - p.x * c.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added * to. - * @param [in] p ECC point - point on E(F_p^2) to add. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] qx_px SP that is a constant value across adds. - * @param [in] t SP temporaries (6 used). + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] qx_px SP that is a constant value across adds. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_add_one_avx2_16(sp_digit* vx, sp_digit* vy, sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px, @@ -101942,10 +102784,10 @@ static void sp_1024_accumulate_line_add_one_avx2_16(sp_digit* vx, sp_digit* vy, * * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q. * - * @param [in] key SAKKE key. - * @param [in] p First point on E(F_p)[q]. - * @param [in] q Second point on E(F_p)[q]. - * @param [in] r Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -102079,14 +102921,14 @@ static int sp_Pairing_avx2_1024(const ecc_point* pm, const ecc_point* qm, mp_int * c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 * c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] c ECC point - current point on E(F_p^2) to be added - * to. - * @param [in,out] p ECC point - point on E(F_p^2) to add. - * @param [in,out] q ECC point - second point on E(F_P^2). - * @param [in,out] t SP temporaries (6 used). - * @param [in,out] neg Indicates to use negative P. + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] c ECC point - current point on E(F_p^2) to be added to. + * @param [in] p ECC point - point on E(F_p^2) to add. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in, out] t SP temporaries (6 used). + * @param [in] neg Indicates to use negative P. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -102200,12 +103042,12 @@ static void sp_1024_accumulate_line_add_n_avx2_16(sp_digit* vx, sp_digit* vy, * Finally: * p'.y = py' / 2 * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in,out] p ECC point - point on E(F_p^2) to double. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] n Number of times to double. - * @param [in] t SP temporaries (6 used). + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in, out] p ECC point - point on E(F_p^2) to double. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] n Number of times to double. + * @param [in] t SP temporaries (6 used). */ static void sp_1024_accumulate_line_dbl_n_avx2_16(sp_digit* vx, sp_digit* vy, sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t) @@ -102293,9 +103135,10 @@ static void sp_1024_accumulate_line_dbl_n_avx2_16(sp_digit* vx, sp_digit* vy, * Subtract if top bit in window is one. * Width of 6 bits. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -102467,10 +103310,10 @@ static int sp_Pairing_avx2_1024(const ecc_point* pm, const ecc_point* qm, mp_int * * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q. * - * @param [in] key SAKKE key. - * @param [in] p First point on E(F_p)[q]. - * @param [in] q Second point on E(F_p)[q]. - * @param [in] r Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -102503,13 +103346,14 @@ int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res) * * Small implementation does not use a table - returns 0 length. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. */ static int sp_Pairing_gen_precomp_x64_1024(const ecc_point* pm, byte* table, word32* len) @@ -102536,11 +103380,12 @@ static int sp_Pairing_gen_precomp_x64_1024(const ecc_point* pm, byte* table, * * Small implementation does not use a table - use the normal implementation. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -102559,11 +103404,11 @@ static int sp_Pairing_precomp_x64_1024(const ecc_point* pm, const ecc_point* qm, * l = 3 * (p.x^2 - 1) / (2 * p.y) * c = l * p.x - p.y * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to double. - * @param [in] py Y-ordinate of point to double. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to double. + * @param [in] py Y-ordinate of point to double. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_dbl_calc_lc_16(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, sp_digit* t) @@ -102600,13 +103445,13 @@ static void sp_1024_accum_dbl_calc_lc_16(sp_digit* lr, sp_digit* cr, * l = (c.y - p.y) / (c.x - p.x) * c = (p.x * c.y - cx * p.y) / (cx - p.x) * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to add. - * @param [in] py Y-ordinate of point to add. - * @param [in] cx X-ordinate of current point. - * @param [in] cy Y-ordinate of current point. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to add. + * @param [in] py Y-ordinate of point to add. + * @param [in] cx X-ordinate of current point. + * @param [in] cy Y-ordinate of current point. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_add_calc_lc_16(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, const sp_digit* cx, @@ -102650,13 +103495,13 @@ static void sp_1024_accum_add_calc_lc_16(sp_digit* lr, sp_digit* cr, * r.y = q->y * v* = v* * r* * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in] l Gradient to multiply with. - * @param [in] c Constant to add with. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (3 used). - * @param [in] dbl Indicates whether this is for doubling. Otherwise + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in] l Gradient to multiply with. + * @param [in] c Constant to add with. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (3 used). + * @param [in] dbl Indicates whether this is for doubling. Otherwise * adding. */ static void sp_1024_accumulate_line_lc_16(sp_digit* vx, sp_digit* vy, @@ -102712,14 +103557,15 @@ static const signed char sp_1024_order_op_pre[] = { * Subtract if top bit in window is one. * Width of 6 bits. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. - * MEMORY_E when dynamic memory allocation fauls. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. + * @return MEMORY_E when dynamic memory allocation fauls. */ static int sp_Pairing_gen_precomp_x64_1024(const ecc_point* pm, byte* table, word32* len) @@ -102873,11 +103719,12 @@ static int sp_Pairing_gen_precomp_x64_1024(const ecc_point* pm, byte* table, * Pre-generate values in window (1, 3, ...) - only V. * Table contains all gradient l and a constant for each point on the path. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -103063,13 +103910,14 @@ static int sp_Pairing_precomp_x64_1024(const ecc_point* pm, const ecc_point* qm, * * Small implementation does not use a table - returns 0 length. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. */ static int sp_Pairing_gen_precomp_avx2_1024(const ecc_point* pm, byte* table, word32* len) @@ -103096,11 +103944,12 @@ static int sp_Pairing_gen_precomp_avx2_1024(const ecc_point* pm, byte* table, * * Small implementation does not use a table - use the normal implementation. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -103119,11 +103968,11 @@ static int sp_Pairing_precomp_avx2_1024(const ecc_point* pm, const ecc_point* qm * l = 3 * (p.x^2 - 1) / (2 * p.y) * c = l * p.x - p.y * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to double. - * @param [in] py Y-ordinate of point to double. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to double. + * @param [in] py Y-ordinate of point to double. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_dbl_calc_lc_avx2_16(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, sp_digit* t) @@ -103160,13 +104009,13 @@ static void sp_1024_accum_dbl_calc_lc_avx2_16(sp_digit* lr, sp_digit* cr, * l = (c.y - p.y) / (c.x - p.x) * c = (p.x * c.y - cx * p.y) / (cx - p.x) * - * @param [out] lr Gradient result - table entry. - * @param [out] cr Constant result - table entry. - * @param [in] px X-ordinate of point to add. - * @param [in] py Y-ordinate of point to add. - * @param [in] cx X-ordinate of current point. - * @param [in] cy Y-ordinate of current point. - * @param [in] t SP temporaries (3 used). + * @param [out] lr Gradient result - table entry. + * @param [out] cr Constant result - table entry. + * @param [in] px X-ordinate of point to add. + * @param [in] py Y-ordinate of point to add. + * @param [in] cx X-ordinate of current point. + * @param [in] cy Y-ordinate of current point. + * @param [in] t SP temporaries (3 used). */ static void sp_1024_accum_add_calc_lc_avx2_16(sp_digit* lr, sp_digit* cr, const sp_digit* px, const sp_digit* py, const sp_digit* cx, @@ -103210,13 +104059,13 @@ static void sp_1024_accum_add_calc_lc_avx2_16(sp_digit* lr, sp_digit* cr, * r.y = q->y * v* = v* * r* * - * @param [in,out] vx X-ordinate of projective value in F*. - * @param [in,out] vy Y-ordinate of projective value in F*. - * @param [in] l Gradient to multiply with. - * @param [in] c Constant to add with. - * @param [in] q ECC point - second point on E(F_P^2). - * @param [in] t SP temporaries (3 used). - * @param [in] dbl Indicates whether this is for doubling. Otherwise + * @param [in, out] vx X-ordinate of projective value in F*. + * @param [in, out] vy Y-ordinate of projective value in F*. + * @param [in] l Gradient to multiply with. + * @param [in] c Constant to add with. + * @param [in] q ECC point - second point on E(F_P^2). + * @param [in] t SP temporaries (3 used). + * @param [in] dbl Indicates whether this is for doubling. Otherwise * adding. */ static void sp_1024_accumulate_line_lc_avx2_16(sp_digit* vx, sp_digit* vy, @@ -103245,14 +104094,15 @@ static void sp_1024_accumulate_line_lc_avx2_16(sp_digit* vx, sp_digit* vy, * Subtract if top bit in window is one. * Width of 6 bits. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * LENGTH_ONLY_E when table is NULL and only length returned. - * BUFFER_E when len is too small. - * MEMORY_E when dynamic memory allocation fauls. + * @return LENGTH_ONLY_E when table is NULL and only length returned. + * @return BUFFER_E when len is too small. + * @return MEMORY_E when dynamic memory allocation fauls. */ static int sp_Pairing_gen_precomp_avx2_1024(const ecc_point* pm, byte* table, word32* len) @@ -103406,11 +104256,12 @@ static int sp_Pairing_gen_precomp_avx2_1024(const ecc_point* pm, byte* table, * Pre-generate values in window (1, 3, ...) - only V. * Table contains all gradient l and a constant for each point on the path. * - * @param [in] pm First point on E(F_p)[q]. - * @param [in] qm Second point on E(F_p)[q]. - * @param [in] res Result of calculation. - * @param [in] table Precomputed table of values. - * @param [in] len Length of precomputed table of values in bytes. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. */ @@ -103593,12 +104444,13 @@ static int sp_Pairing_precomp_avx2_1024(const ecc_point* pm, const ecc_point* qm /* * Generate table for pairing. * - * pm [in] Point to generate table for. - * table [in] Generated table. - * len [in,out] On in, the size of the buffer. - * On out, length of table generated. + * @param [in] pm Point to generate table for. + * @param [out] table Generated table. + * @param [in, out] len On in, the size of the buffer. + * On out, length of table generated. + * * @return 0 on success. - * Otherwise failure. + * @return Otherwise failure. */ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, word32* len) { @@ -103627,10 +104479,12 @@ int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, word32* len) * * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q. * - * @param [in] key SAKKE key. - * @param [in] p First point on E(F_p)[q]. - * @param [in] q Second point on E(F_p)[q]. - * @param [in] r Result of calculation. + * @param [in] pm First point on E(F_p)[q]. + * @param [in] qm Second point on E(F_p)[q]. + * @param [out] res Result of calculation. + * @param [in] table Precomputed table of values. + * @param [in] len Length of precomputed table of values in bytes. + * * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return Other -ve value on internal failure. @@ -103674,10 +104528,10 @@ extern void sp_1024_from_bin_movbe(sp_digit* r, int size, const byte* a, int n); #endif /* Read big endian unsigned byte array into r. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) { @@ -103696,10 +104550,12 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n) /* Check that the x and y ordinates are a valid point on the curve. * - * point EC point. - * heap Heap to use if dynamically allocating. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] point EC point. + * @param [in] heap Heap to use if dynamically allocating. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ static int sp_1024_ecc_is_point_16(const sp_point_1024* point, void* heap) @@ -103745,10 +104601,12 @@ static int sp_1024_ecc_is_point_16(const sp_point_1024* point, /* Check that the x and y ordinates are a valid point on the curve. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve and MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. */ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY) { @@ -103774,13 +104632,17 @@ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY) /* Check that the private scalar generates the EC point (px, py), the point is * on the curve and the point has the correct order. * - * pX X ordinate of EC point. - * pY Y ordinate of EC point. - * privm Private scalar that generates EC point. - * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is - * not on the curve, ECC_INF_E if the point does not have the correct order, - * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and - * MP_OKAY otherwise. + * @param [in] pX X ordinate of EC point. + * @param [in] pY Y ordinate of EC point. + * @param [in] privm Private scalar that generates EC point. + * @param [in] heap Heap to use for allocation. + * + * @return MP_OKAY otherwise. + * @return MEMORY_E when dynamic memory allocation fails. + * @return MP_VAL when the point is not on the curve. + * @return ECC_INF_E when the point does not have the correct order. + * @return ECC_PRIV_KEY_E when the private scalar doesn't generate the EC + * point. */ int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY, const mp_int* privm, void* heap) diff --git a/wolfcrypt/src/sp_x86_64_asm.S b/wolfcrypt/src/sp_x86_64_asm.S index 5e72cd92ee..6c52a7bf46 100644 --- a/wolfcrypt/src/sp_x86_64_asm.S +++ b/wolfcrypt/src/sp_x86_64_asm.S @@ -46,6 +46,16 @@ #define HAVE_INTEL_AVX2 #endif /* HAVE_INTEL_AVX2 */ #endif /* NO_AVX2_SUPPORT */ +#ifndef NO_VAES_SUPPORT +#ifndef HAVE_INTEL_VAES +#define HAVE_INTEL_VAES +#endif /* HAVE_INTEL_VAES */ +#endif /* NO_VAES_SUPPORT */ +#ifndef NO_AVX512_SUPPORT +#ifndef HAVE_INTEL_AVX512 +#define HAVE_INTEL_AVX512 +#endif /* HAVE_INTEL_AVX512 */ +#endif /* NO_AVX512_SUPPORT */ #ifdef WOLFSSL_SP_X86_64_ASM #ifndef WOLFSSL_SP_NO_2048 @@ -53,10 +63,10 @@ /* Read big endian unsigned byte array into r. * Uses the bswap instruction. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ #ifndef __APPLE__ .text @@ -148,10 +158,10 @@ L_2048_from_bin_bswap_zero_end: /* Read big endian unsigned byte array into r. * Uses the movbe instruction which is an optional instruction. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ #ifndef __APPLE__ .text @@ -234,8 +244,8 @@ L_2048_from_bin_movbe_zero_end: * Fixed length number of bytes written: 256 * Uses the bswap instruction. * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ #ifndef __APPLE__ .text @@ -354,8 +364,8 @@ _sp_2048_to_bin_bswap_32: * Fixed length number of bytes written: 256 * Uses the movbe instruction which is optional. * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ #ifndef __APPLE__ .text @@ -440,9 +450,9 @@ _sp_2048_to_bin_movbe_32: #endif /* NO_MOVBE_SUPPORT */ /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -2093,9 +2103,9 @@ _sp_2048_mul_16: #ifdef HAVE_INTEL_AVX2 /* Multiply a and b into r. (r = a * b) * - * r Result of multiplication. - * a First number to multiply. - * b Second number to multiply. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply. + * @param [in] b Second number to multiply. */ #ifndef __APPLE__ .text @@ -3769,9 +3779,9 @@ L_end_2048_mul_avx2_16: #endif /* HAVE_INTEL_AVX2 */ /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -3842,8 +3852,8 @@ _sp_2048_add_16: #endif /* __APPLE__ */ /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -3960,9 +3970,9 @@ _sp_2048_sub_in_place_32: #endif /* __APPLE__ */ /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -4081,9 +4091,9 @@ _sp_2048_add_32: #endif /* __APPLE__ */ /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -4806,9 +4816,9 @@ _sp_2048_mul_32: #ifdef HAVE_INTEL_AVX2 /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -5483,8 +5493,8 @@ _sp_2048_mul_avx2_32: #endif /* HAVE_INTEL_AVX2 */ /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -6578,8 +6588,8 @@ _sp_2048_sqr_16: #ifdef HAVE_INTEL_AVX2 /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -7638,8 +7648,8 @@ L_end_2048_sqr_avx2_16: * * Karatsuba: ah^2, al^2, (al - ah)^2 * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -8179,8 +8189,8 @@ _sp_2048_sqr_32: * * Karatsuba: ah^2, al^2, (al - ah)^2 * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -8718,8 +8728,8 @@ _sp_2048_sqr_avx2_32: #endif /* HAVE_INTEL_AVX2 */ /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -8788,9 +8798,9 @@ _sp_2048_sub_in_place_16: #endif /* __APPLE__ */ /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -9066,10 +9076,11 @@ _sp_2048_mul_d_32: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -9204,9 +9215,10 @@ _sp_2048_cond_sub_16: #endif /* __APPLE__ */ /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -9423,10 +9435,11 @@ L_2048_mont_reduce_16_loop: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -9528,9 +9541,9 @@ _sp_2048_cond_sub_avx2_16: #endif /* HAVE_INTEL_AVX2 */ /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -9678,9 +9691,9 @@ _sp_2048_mul_d_16: #ifdef HAVE_INTEL_AVX2 /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -9800,10 +9813,11 @@ _sp_2048_mul_d_avx2_16: #ifdef _WIN64 /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ #ifndef __APPLE__ .text @@ -9828,10 +9842,11 @@ _div_2048_word_asm_16: #endif /* _WIN64 */ /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef __APPLE__ .text @@ -9985,9 +10000,10 @@ _sp_2048_cmp_16: #ifdef HAVE_INTEL_AVX2 /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -10869,10 +10885,11 @@ _sp_2048_get_from_table_avx2_16: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -11119,9 +11136,10 @@ _sp_2048_cond_sub_32: #endif /* __APPLE__ */ /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -11496,9 +11514,9 @@ L_2048_mont_reduce_32_loop: #endif /* __APPLE__ */ /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -11616,9 +11634,9 @@ _sp_2048_sub_32: #ifdef HAVE_INTEL_AVX2 /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -11834,10 +11852,11 @@ _sp_2048_mul_d_avx2_32: #ifdef _WIN64 /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ #ifndef __APPLE__ .text @@ -11864,10 +11883,11 @@ _div_2048_word_asm_32: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -12049,10 +12069,11 @@ _sp_2048_cond_sub_avx2_32: #endif /* HAVE_INTEL_AVX2 */ /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef __APPLE__ .text @@ -12334,9 +12355,10 @@ _sp_2048_cmp_32: #ifdef HAVE_INTEL_AVX2 /* Reduce the number back to 2048 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -14905,10 +14927,11 @@ _sp_2048_get_from_table_avx2_32: /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -15046,10 +15069,11 @@ _sp_2048_cond_add_16: /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -15152,9 +15176,9 @@ _sp_2048_cond_add_avx2_16: #endif /* HAVE_INTEL_AVX2 */ /* Shift number left by n bit. (r = a << n) * - * r Result of left shift by n. - * a Number to shift. - * n Amoutnt o shift. + * @param [out] r Result of left shift by n. + * @param [in] a Number to shift. + * @param [in] n Amoutnt o shift. */ #ifndef __APPLE__ .text @@ -15279,10 +15303,10 @@ _sp_2048_lshift_32: /* Read big endian unsigned byte array into r. * Uses the bswap instruction. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ #ifndef __APPLE__ .text @@ -15374,10 +15398,10 @@ L_3072_from_bin_bswap_zero_end: /* Read big endian unsigned byte array into r. * Uses the movbe instruction which is an optional instruction. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ #ifndef __APPLE__ .text @@ -15460,8 +15484,8 @@ L_3072_from_bin_movbe_zero_end: * Fixed length number of bytes written: 384 * Uses the bswap instruction. * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ #ifndef __APPLE__ .text @@ -15628,8 +15652,8 @@ _sp_3072_to_bin_bswap_48: * Fixed length number of bytes written: 384 * Uses the movbe instruction which is optional. * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ #ifndef __APPLE__ .text @@ -15746,9 +15770,9 @@ _sp_3072_to_bin_movbe_48: #endif /* NO_MOVBE_SUPPORT */ /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -16703,9 +16727,9 @@ _sp_3072_mul_12: #ifdef HAVE_INTEL_AVX2 /* Multiply a and b into r. (r = a * b) * - * r Result of multiplication. - * a First number to multiply. - * b Second number to multiply. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply. + * @param [in] b Second number to multiply. */ #ifndef __APPLE__ .text @@ -17679,9 +17703,9 @@ L_end_3072_mul_avx2_12: #endif /* HAVE_INTEL_AVX2 */ /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -17740,8 +17764,8 @@ _sp_3072_add_12: #endif /* __APPLE__ */ /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -17834,9 +17858,9 @@ _sp_3072_sub_in_place_24: #endif /* __APPLE__ */ /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -17931,9 +17955,9 @@ _sp_3072_add_24: #endif /* __APPLE__ */ /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -18500,9 +18524,9 @@ _sp_3072_mul_24: #ifdef HAVE_INTEL_AVX2 /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -19033,8 +19057,8 @@ _sp_3072_mul_avx2_24: #endif /* HAVE_INTEL_AVX2 */ /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -19199,9 +19223,9 @@ _sp_3072_sub_in_place_48: #endif /* __APPLE__ */ /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -19368,9 +19392,9 @@ _sp_3072_add_48: #endif /* __APPLE__ */ /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -20405,9 +20429,9 @@ _sp_3072_mul_48: #ifdef HAVE_INTEL_AVX2 /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -21370,8 +21394,8 @@ _sp_3072_mul_avx2_48: #endif /* HAVE_INTEL_AVX2 */ /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -22045,8 +22069,8 @@ _sp_3072_sqr_12: #ifdef HAVE_INTEL_AVX2 /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -22694,8 +22718,8 @@ L_end_3072_sqr_avx2_12: * * Karatsuba: ah^2, al^2, (al - ah)^2 * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -23119,8 +23143,8 @@ _sp_3072_sqr_24: * * Karatsuba: ah^2, al^2, (al - ah)^2 * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -23544,8 +23568,8 @@ _sp_3072_sqr_avx2_24: * * Karatsuba: ah^2, al^2, (al - ah)^2 * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -24317,8 +24341,8 @@ _sp_3072_sqr_48: * * Karatsuba: ah^2, al^2, (al - ah)^2 * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -25088,9 +25112,9 @@ _sp_3072_sqr_avx2_48: #endif /* HAVE_INTEL_AVX2 */ /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -25494,10 +25518,11 @@ _sp_3072_mul_d_48: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -25688,9 +25713,10 @@ _sp_3072_cond_sub_24: #endif /* __APPLE__ */ /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -25987,10 +26013,11 @@ L_3072_mont_reduce_24_loop: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -26132,9 +26159,9 @@ _sp_3072_cond_sub_avx2_24: #endif /* HAVE_INTEL_AVX2 */ /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -26346,9 +26373,9 @@ _sp_3072_mul_d_24: #ifdef HAVE_INTEL_AVX2 /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -26516,10 +26543,11 @@ _sp_3072_mul_d_avx2_24: #ifdef _WIN64 /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ #ifndef __APPLE__ .text @@ -26544,10 +26572,11 @@ _div_3072_word_asm_24: #endif /* _WIN64 */ /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef __APPLE__ .text @@ -26765,9 +26794,10 @@ _sp_3072_cmp_24: #ifdef HAVE_INTEL_AVX2 /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -27996,10 +28026,11 @@ _sp_3072_get_from_table_avx2_24: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -28358,9 +28389,10 @@ _sp_3072_cond_sub_48: #endif /* __APPLE__ */ /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -28895,9 +28927,9 @@ L_3072_mont_reduce_48_loop: #endif /* __APPLE__ */ /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -29063,9 +29095,9 @@ _sp_3072_sub_48: #ifdef HAVE_INTEL_AVX2 /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -29377,10 +29409,11 @@ _sp_3072_mul_d_avx2_48: #ifdef _WIN64 /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ #ifndef __APPLE__ .text @@ -29407,10 +29440,11 @@ _div_3072_word_asm_48: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -29672,10 +29706,11 @@ _sp_3072_cond_sub_avx2_48: #endif /* HAVE_INTEL_AVX2 */ /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef __APPLE__ .text @@ -30085,9 +30120,10 @@ _sp_3072_cmp_48: #ifdef HAVE_INTEL_AVX2 /* Reduce the number back to 3072 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -31532,10 +31568,11 @@ _sp_3072_get_from_table_avx2_48: /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -31729,10 +31766,11 @@ _sp_3072_cond_add_24: /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -31875,9 +31913,9 @@ _sp_3072_cond_add_avx2_24: #endif /* HAVE_INTEL_AVX2 */ /* Shift number left by n bit. (r = a << n) * - * r Result of left shift by n. - * a Number to shift. - * n Amoutnt o shift. + * @param [out] r Result of left shift by n. + * @param [in] a Number to shift. + * @param [in] n Amoutnt o shift. */ #ifndef __APPLE__ .text @@ -32050,10 +32088,10 @@ _sp_3072_lshift_48: /* Read big endian unsigned byte array into r. * Uses the bswap instruction. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ #ifndef __APPLE__ .text @@ -32145,10 +32183,10 @@ L_4096_from_bin_bswap_zero_end: /* Read big endian unsigned byte array into r. * Uses the movbe instruction which is an optional instruction. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ #ifndef __APPLE__ .text @@ -32231,8 +32269,8 @@ L_4096_from_bin_movbe_zero_end: * Fixed length number of bytes written: 512 * Uses the bswap instruction. * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ #ifndef __APPLE__ .text @@ -32447,8 +32485,8 @@ _sp_4096_to_bin_bswap_64: * Fixed length number of bytes written: 512 * Uses the movbe instruction which is optional. * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ #ifndef __APPLE__ .text @@ -32597,8 +32635,8 @@ _sp_4096_to_bin_movbe_64: #endif /* NO_MOVBE_SUPPORT */ /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -32811,9 +32849,9 @@ _sp_4096_sub_in_place_64: #endif /* __APPLE__ */ /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -33028,9 +33066,9 @@ _sp_4096_add_64: #endif /* __APPLE__ */ /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -34377,9 +34415,9 @@ _sp_4096_mul_64: #ifdef HAVE_INTEL_AVX2 /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -35632,8 +35670,8 @@ _sp_4096_mul_avx2_64: * * Karatsuba: ah^2, al^2, (al - ah)^2 * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -36637,8 +36675,8 @@ _sp_4096_sqr_64: * * Karatsuba: ah^2, al^2, (al - ah)^2 * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -37640,9 +37678,9 @@ _sp_4096_sqr_avx2_64: #endif /* HAVE_INTEL_AVX2 */ /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -38174,10 +38212,11 @@ _sp_4096_mul_d_64: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -38648,9 +38687,10 @@ _sp_4096_cond_sub_64: #endif /* __APPLE__ */ /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -39345,9 +39385,9 @@ L_4096_mont_reduce_64_loop: #endif /* __APPLE__ */ /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -39561,9 +39601,9 @@ _sp_4096_sub_64: #ifdef HAVE_INTEL_AVX2 /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -39971,10 +40011,11 @@ _sp_4096_mul_d_avx2_64: #ifdef _WIN64 /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ #ifndef __APPLE__ .text @@ -40001,10 +40042,11 @@ _div_4096_word_asm_64: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -40346,10 +40388,11 @@ _sp_4096_cond_sub_avx2_64: #endif /* HAVE_INTEL_AVX2 */ /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef __APPLE__ .text @@ -40887,9 +40930,10 @@ _sp_4096_cmp_64: #ifdef HAVE_INTEL_AVX2 /* Reduce the number back to 4096 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -42794,10 +42838,11 @@ _sp_4096_get_from_table_avx2_64: /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -43047,10 +43092,11 @@ _sp_4096_cond_add_32: /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. * - * r A single precision number representing conditional add result. - * a A single precision number to add with. - * b A single precision number to add. - * m Mask value to apply. + * @param [out] r A single precision number representing conditional add + * result. + * @param [in] a A single precision number to add with. + * @param [in] b A single precision number to add. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -43233,9 +43279,9 @@ _sp_4096_cond_add_avx2_32: #endif /* HAVE_INTEL_AVX2 */ /* Shift number left by n bit. (r = a << n) * - * r Result of left shift by n. - * a Number to shift. - * n Amoutnt o shift. + * @param [out] r Result of left shift by n. + * @param [in] a Number to shift. + * @param [in] n Amoutnt o shift. */ #ifndef __APPLE__ .text @@ -43454,9 +43500,9 @@ _sp_4096_lshift_64: #ifndef WOLFSSL_SP_NO_256 /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -43595,9 +43641,9 @@ _sp_256_mul_4: #ifdef HAVE_INTEL_AVX2 /* Multiply a and b into r. (r = a * b) * - * r Result of multiplication. - * a First number to multiply. - * b Second number to multiply. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply. + * @param [in] b Second number to multiply. */ #ifndef __APPLE__ .text @@ -43711,8 +43757,8 @@ _sp_256_mul_avx2_4: #endif /* HAVE_INTEL_AVX2 */ /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -43834,8 +43880,8 @@ _sp_256_sqr_4: #ifdef HAVE_INTEL_AVX2 /* Square a and put result in r. (r = a * a) * - * r Result of squaring. - * a Number to square in Montgomery form. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. */ #ifndef __APPLE__ .text @@ -43931,9 +43977,9 @@ _sp_256_sqr_avx2_4: #endif /* HAVE_INTEL_AVX2 */ /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -43967,9 +44013,9 @@ _sp_256_add_4: #endif /* __APPLE__ */ /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -44004,9 +44050,9 @@ _sp_256_sub_4: /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -44043,11 +44089,11 @@ _sp_256_cond_copy_4: /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef __APPLE__ .text @@ -44247,10 +44293,10 @@ _sp_256_mont_mul_4: #endif /* __APPLE__ */ /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef __APPLE__ .text @@ -44420,10 +44466,11 @@ _sp_256_mont_sqr_4: #endif /* __APPLE__ */ /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef __APPLE__ .text @@ -44481,10 +44528,11 @@ _sp_256_cmp_4: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -44533,9 +44581,10 @@ _sp_256_cond_sub_4: #endif /* __APPLE__ */ /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -44644,9 +44693,10 @@ _sp_256_mont_reduce_4: #endif /* __APPLE__ */ /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -44752,10 +44802,10 @@ L_mont_loop_4: #endif /* __APPLE__ */ /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -44802,9 +44852,9 @@ _sp_256_mont_add_4: #endif /* __APPLE__ */ /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -44852,9 +44902,9 @@ _sp_256_mont_dbl_4: #endif /* __APPLE__ */ /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -44920,10 +44970,10 @@ _sp_256_mont_tpl_4: #endif /* __APPLE__ */ /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -44970,9 +45020,9 @@ _sp_256_mont_sub_4: #endif /* __APPLE__ */ /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -45016,10 +45066,10 @@ _sp_256_mont_div2_4: #endif /* __APPLE__ */ /* Two Montgomery numbers, subtract double second from first (r = a - 2.b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to double and subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to double and subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -45125,9 +45175,9 @@ _sp_256_mont_rsb_sub_dbl_4: #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of point to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of point to retrieve. */ #ifndef __APPLE__ .text @@ -45194,9 +45244,9 @@ L_256_get_point_33_4_start_1: #ifdef HAVE_INTEL_AVX2 /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of point to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of point to retrieve. */ #ifndef __APPLE__ .text @@ -45250,11 +45300,11 @@ L_256_get_point_33_avx2_4_start: /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef __APPLE__ .text @@ -45432,10 +45482,10 @@ _sp_256_mont_mul_avx2_4: #ifdef HAVE_INTEL_AVX2 /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef __APPLE__ .text @@ -45596,10 +45646,11 @@ _sp_256_mont_sqr_avx2_4: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -45650,9 +45701,10 @@ _sp_256_cond_sub_avx2_4: #ifdef HAVE_INTEL_AVX2 /* Reduce the number back to 256 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -45814,9 +45866,9 @@ _sp_256_mont_reduce_order_avx2_4: #ifdef HAVE_INTEL_AVX2 /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -45862,9 +45914,9 @@ _sp_256_mont_div2_avx2_4: #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ #ifndef __APPLE__ .text @@ -45922,9 +45974,9 @@ L_256_get_entry_64_4_start_0: #ifdef HAVE_INTEL_AVX2 /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ #ifndef __APPLE__ .text @@ -45972,9 +46024,9 @@ L_256_get_entry_64_avx2_4_start: #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ #ifndef __APPLE__ .text @@ -46032,9 +46084,9 @@ L_256_get_entry_65_4_start_0: #ifdef HAVE_INTEL_AVX2 /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ #ifndef __APPLE__ .text @@ -46081,7 +46133,7 @@ L_256_get_entry_65_avx2_4_start: #endif /* !WC_NO_CACHE_RESISTANT */ /* Add 1 to a. (a = a + 1) * - * a A single precision integer. + * @param [in, out] a A single precision integer. */ #ifndef __APPLE__ .text @@ -46106,10 +46158,10 @@ _sp_256_add_one_4: /* Read big endian unsigned byte array into r. * Uses the bswap instruction. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ #ifndef __APPLE__ .text @@ -46201,10 +46253,10 @@ L_256_from_bin_bswap_zero_end: /* Read big endian unsigned byte array into r. * Uses the movbe instruction which is an optional instruction. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ #ifndef __APPLE__ .text @@ -46287,8 +46339,8 @@ L_256_from_bin_movbe_zero_end: * Fixed length number of bytes written: 32 * Uses the bswap instruction. * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ #ifndef __APPLE__ .text @@ -46323,8 +46375,8 @@ _sp_256_to_bin_bswap_4: * Fixed length number of bytes written: 32 * Uses the movbe instruction which is optional. * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ #ifndef __APPLE__ .text @@ -46353,8 +46405,8 @@ _sp_256_to_bin_movbe_4: #endif /* NO_MOVBE_SUPPORT */ /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -46383,9 +46435,9 @@ _sp_256_sub_in_place_4: #endif /* __APPLE__ */ /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -46437,9 +46489,9 @@ _sp_256_mul_d_4: #ifdef HAVE_INTEL_AVX2 /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -46487,10 +46539,11 @@ _sp_256_mul_d_avx2_4: #ifdef _WIN64 /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ #ifndef __APPLE__ .text @@ -46517,9 +46570,9 @@ _div_256_word_asm_4: /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. */ #ifndef __APPLE__ .text @@ -46743,8 +46796,8 @@ _sp_256_mont_mul_order_avx2_4: #ifdef HAVE_INTEL_AVX2 /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. */ #ifndef __APPLE__ .text @@ -46951,9 +47004,10 @@ _sp_256_mont_sqr_order_avx2_4: #endif /* HAVE_INTEL_AVX2 */ /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ #ifndef __APPLE__ @@ -47285,9 +47339,10 @@ L_sp256_mod_inv_avx2_4_mask26: .long 0x03ffffff,0x00000000,0x00000000,0x00000000 /* Non-constant time modular inversion. * - * @param [out] r Resulting number. - * @param [in] a Number to invert. - * @param [in] m Modulus. + * @param [out] r Resulting number. + * @param [in] a Number to invert. + * @param [in] m Modulus. + * * @return MP_OKAY on success. */ #ifndef __APPLE__ @@ -47595,9 +47650,9 @@ L_256_mod_inv_avx2_4_no_add_order: #ifdef WOLFSSL_SP_384 /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -47868,9 +47923,9 @@ _sp_384_mul_6: #ifdef HAVE_INTEL_AVX2 /* Multiply a and b into r. (r = a * b) * - * r Result of multiplication. - * a First number to multiply. - * b Second number to multiply. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply. + * @param [in] b Second number to multiply. */ #ifndef __APPLE__ .text @@ -48091,8 +48146,8 @@ _sp_384_mul_avx2_6: #endif /* HAVE_INTEL_AVX2 */ /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -48316,8 +48371,8 @@ _sp_384_sqr_6: #ifdef HAVE_INTEL_AVX2 /* Square a and put result in r. (r = a * a) * - * r Result of squaring. - * a Number to square in Montgomery form. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. */ #ifndef __APPLE__ .text @@ -48479,9 +48534,9 @@ _sp_384_sqr_avx2_6: #endif /* HAVE_INTEL_AVX2 */ /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -48523,9 +48578,9 @@ _sp_384_add_6: #endif /* __APPLE__ */ /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -48568,9 +48623,9 @@ _sp_384_sub_6: /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -48615,10 +48670,11 @@ _sp_384_cond_copy_6: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -48683,9 +48739,10 @@ _sp_384_cond_sub_6: #endif /* __APPLE__ */ /* Reduce the number back to 384 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -48862,9 +48919,10 @@ _sp_384_mont_reduce_6: #endif /* __APPLE__ */ /* Reduce the number back to 384 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -48979,10 +49037,11 @@ L_384_mont_reduce_order_6_loop: #endif /* __APPLE__ */ /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef __APPLE__ .text @@ -49055,10 +49114,10 @@ _sp_384_cmp_6: #endif /* __APPLE__ */ /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -49124,9 +49183,9 @@ _sp_384_mont_add_6: #endif /* __APPLE__ */ /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -49193,9 +49252,9 @@ _sp_384_mont_dbl_6: #endif /* __APPLE__ */ /* Double a Montgomery form number (r = a + a % m). * - * r Result of doubling. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of doubling. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -49290,10 +49349,10 @@ _sp_384_mont_tpl_6: #endif /* __APPLE__ */ /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of subtration. - * a Number to subtract from in Montgomery form. - * b Number to subtract with in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of subtration. + * @param [in] a Number to subtract from in Montgomery form. + * @param [in] b Number to subtract with in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -49359,9 +49418,9 @@ _sp_384_mont_sub_6: #endif /* __APPLE__ */ /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -49437,9 +49496,9 @@ _sp_384_mont_div2_6: #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of point to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of point to retrieve. */ #ifndef __APPLE__ .text @@ -49537,9 +49596,9 @@ L_384_get_point_33_6_start_2: #ifdef HAVE_INTEL_AVX2 /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of point to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of point to retrieve. */ #ifndef __APPLE__ .text @@ -49607,9 +49666,10 @@ L_384_get_point_33_avx2_6_start: #ifdef HAVE_INTEL_AVX2 /* Reduce the number back to 384 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -49938,10 +49998,11 @@ L_mont_loop_order_avx2_6: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -49994,9 +50055,9 @@ _sp_384_cond_sub_avx2_6: #ifdef HAVE_INTEL_AVX2 /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -50072,9 +50133,9 @@ _sp_384_mont_div2_avx2_6: #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ #ifndef __APPLE__ .text @@ -50142,9 +50203,9 @@ L_384_get_entry_64_6_start_0: #ifdef HAVE_INTEL_AVX2 /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ #ifndef __APPLE__ .text @@ -50202,9 +50263,9 @@ L_384_get_entry_64_avx2_6_start: #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ #ifndef __APPLE__ .text @@ -50272,9 +50333,9 @@ L_384_get_entry_65_6_start_0: #ifdef HAVE_INTEL_AVX2 /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ #ifndef __APPLE__ .text @@ -50331,7 +50392,7 @@ L_384_get_entry_65_avx2_6_start: #endif /* !WC_NO_CACHE_RESISTANT */ /* Add 1 to a. (a = a + 1) * - * a A single precision integer. + * @param [in, out] a A single precision integer. */ #ifndef __APPLE__ .text @@ -50358,10 +50419,10 @@ _sp_384_add_one_6: /* Read big endian unsigned byte array into r. * Uses the bswap instruction. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ #ifndef __APPLE__ .text @@ -50453,10 +50514,10 @@ L_384_from_bin_bswap_zero_end: /* Read big endian unsigned byte array into r. * Uses the movbe instruction which is an optional instruction. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ #ifndef __APPLE__ .text @@ -50539,8 +50600,8 @@ L_384_from_bin_movbe_zero_end: * Fixed length number of bytes written: 48 * Uses the bswap instruction. * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ #ifndef __APPLE__ .text @@ -50581,8 +50642,8 @@ _sp_384_to_bin_bswap_6: * Fixed length number of bytes written: 48 * Uses the movbe instruction which is optional. * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ #ifndef __APPLE__ .text @@ -50615,8 +50676,8 @@ _sp_384_to_bin_movbe_6: #endif /* NO_MOVBE_SUPPORT */ /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -50649,9 +50710,9 @@ _sp_384_sub_in_place_6: #endif /* __APPLE__ */ /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -50719,9 +50780,9 @@ _sp_384_mul_d_6: #ifdef HAVE_INTEL_AVX2 /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -50781,10 +50842,11 @@ _sp_384_mul_d_avx2_6: #ifdef _WIN64 /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ #ifndef __APPLE__ .text @@ -50809,8 +50871,8 @@ _div_384_word_asm_6: #endif /* _WIN64 */ /* Shift number right by 1 bit. (r = a >> 1) * - * r Result of right shift by 1. - * a Number to shift. + * @param [out] r Result of right shift by 1. + * @param [in] a Number to shift. */ #ifndef __APPLE__ .text @@ -50848,9 +50910,9 @@ _sp_384_rshift1_6: #endif /* __APPLE__ */ /* Divide the number by 2 mod the prime. (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus */ #ifndef __APPLE__ .text @@ -50986,9 +51048,9 @@ L_384_num_bits_6_done: #ifdef WOLFSSL_SP_521 /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -51547,9 +51609,9 @@ _sp_521_mul_9: #ifdef HAVE_INTEL_AVX2 /* Multiply a and b into r. (r = a * b) * - * r Result of multiplication. - * a First number to multiply. - * b Second number to multiply. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply. + * @param [in] b Second number to multiply. */ #ifndef __APPLE__ .text @@ -52130,8 +52192,8 @@ L_end_521_mul_avx2_9: #endif /* HAVE_INTEL_AVX2 */ /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -52553,8 +52615,8 @@ _sp_521_sqr_9: #ifdef HAVE_INTEL_AVX2 /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -52956,9 +53018,9 @@ L_end_521_sqr_avx2_9: #endif /* HAVE_INTEL_AVX2 */ /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -53008,9 +53070,9 @@ _sp_521_add_9: #endif /* __APPLE__ */ /* Sub b from a into r. (r = a - b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -53059,9 +53121,9 @@ _sp_521_sub_9: /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -53118,11 +53180,11 @@ _sp_521_cond_copy_9: /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef __APPLE__ .text @@ -53716,10 +53778,10 @@ _sp_521_mont_mul_9: #endif /* __APPLE__ */ /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef __APPLE__ .text @@ -54174,10 +54236,11 @@ _sp_521_mont_sqr_9: #endif /* __APPLE__ */ /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef __APPLE__ .text @@ -54275,10 +54338,11 @@ _sp_521_cmp_9: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -54364,9 +54428,10 @@ _sp_521_cond_sub_9: #endif /* __APPLE__ */ /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -54442,9 +54507,10 @@ _sp_521_mont_reduce_9: #endif /* __APPLE__ */ /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -54628,10 +54694,10 @@ L_521_mont_reduce_order_9_nomask: #endif /* __APPLE__ */ /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -54698,9 +54764,9 @@ _sp_521_mont_add_9: #endif /* __APPLE__ */ /* Double a Montgomery form number (r = a + a % m). * - * r Result of addition. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -54765,9 +54831,9 @@ _sp_521_mont_dbl_9: #endif /* __APPLE__ */ /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of Tripling. - * a Number to triple in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of Tripling. + * @param [in] a Number to triple in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -54841,10 +54907,10 @@ _sp_521_mont_tpl_9: #endif /* __APPLE__ */ /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -54912,9 +54978,9 @@ _sp_521_mont_sub_9: #endif /* __APPLE__ */ /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -54981,9 +55047,9 @@ _sp_521_mont_div2_9: #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of point to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of point to retrieve. */ #ifndef __APPLE__ .text @@ -55126,9 +55192,9 @@ L_521_get_point_33_9_start_2: #ifdef HAVE_INTEL_AVX2 /* Touch each possible point that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of point to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of point to retrieve. */ #ifndef __APPLE__ .text @@ -55224,11 +55290,11 @@ L_521_get_point_33_avx2_9_start: /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * - * r Result of multiplication. - * a First number to multiply in Montgomery form. - * b Second number to multiply in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply in Montgomery form. + * @param [in] b Second number to multiply in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef __APPLE__ .text @@ -55840,10 +55906,10 @@ _sp_521_mont_mul_avx2_9: #ifdef HAVE_INTEL_AVX2 /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) * - * r Result of squaring. - * a Number to square in Montgomery form. - * m Modulus (prime). - * mp Montgomery multiplier. + * @param [out] r Result of squaring. + * @param [in] a Number to square in Montgomery form. + * @param [in] m Modulus (prime). + * @param [in] mp Montgomery multiplier. */ #ifndef __APPLE__ .text @@ -56288,10 +56354,11 @@ _sp_521_mont_sqr_avx2_9: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -56359,9 +56426,10 @@ _sp_521_cond_sub_avx2_9: #ifdef HAVE_INTEL_AVX2 /* Reduce the number back to 521 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -56677,9 +56745,9 @@ L_521_mont_reduce_order_avx2_9_loop: #ifdef HAVE_INTEL_AVX2 /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -56747,9 +56815,9 @@ _sp_521_mont_div2_avx2_9: #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ #ifndef __APPLE__ .text @@ -56866,9 +56934,9 @@ L_521_get_entry_64_9_start_1: #ifdef HAVE_INTEL_AVX2 /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ #ifndef __APPLE__ .text @@ -56944,9 +57012,9 @@ L_521_get_entry_64_avx2_9_start: #ifndef WC_NO_CACHE_RESISTANT /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ #ifndef __APPLE__ .text @@ -57063,9 +57131,9 @@ L_521_get_entry_65_9_start_1: #ifdef HAVE_INTEL_AVX2 /* Touch each possible entry that could be being copied. * - * r Point to copy into. - * table Table - start of the entries to access - * idx Index of entry to retrieve. + * @param [out] r Point to copy into. + * @param [in] table Table - start of the entries to access + * @param [in] idx Index of entry to retrieve. */ #ifndef __APPLE__ .text @@ -57140,7 +57208,7 @@ L_521_get_entry_65_avx2_9_start: #endif /* !WC_NO_CACHE_RESISTANT */ /* Add 1 to a. (a = a + 1) * - * a A single precision integer. + * @param [in, out] a A single precision integer. */ #ifndef __APPLE__ .text @@ -57170,10 +57238,10 @@ _sp_521_add_one_9: /* Read big endian unsigned byte array into r. * Uses the bswap instruction. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ #ifndef __APPLE__ .text @@ -57265,10 +57333,10 @@ L_521_from_bin_bswap_zero_end: /* Read big endian unsigned byte array into r. * Uses the movbe instruction which is an optional instruction. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ #ifndef __APPLE__ .text @@ -57351,8 +57419,8 @@ L_521_from_bin_movbe_zero_end: * Fixed length number of bytes written: 65 * Uses the bswap instruction. * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ #ifndef __APPLE__ .text @@ -57403,8 +57471,8 @@ _sp_521_to_bin_bswap_9: * Fixed length number of bytes written: 65 * Uses the movbe instruction which is optional. * - * r A single precision integer. - * a Byte array. + * @param [out] r A single precision integer. + * @param [in] a Byte array. */ #ifndef __APPLE__ .text @@ -57445,8 +57513,8 @@ _sp_521_to_bin_movbe_9: #endif /* NO_MOVBE_SUPPORT */ /* Shift number right by 1 bit. (r = a >> 1) * - * r Result of right shift by 1. - * a Number to shift. + * @param [out] r Result of right shift by 1. + * @param [in] a Number to shift. */ #ifndef __APPLE__ .text @@ -57494,9 +57562,9 @@ _sp_521_rshift_9: #endif /* __APPLE__ */ /* Shift number left by n bit. (r = a << n) * - * r Result of left shift by n. - * a Number to shift. - * n Amoutnt o shift. + * @param [out] r Result of left shift by n. + * @param [in] a Number to shift. + * @param [in] n Amoutnt o shift. */ #ifndef __APPLE__ .text @@ -57547,9 +57615,9 @@ _sp_521_lshift_9: #endif /* __APPLE__ */ /* Shift number left by n bit. (r = a << n) * - * r Result of left shift by n. - * a Number to shift. - * n Amoutnt o shift. + * @param [out] r Result of left shift by n. + * @param [in] a Number to shift. + * @param [in] n Amoutnt o shift. */ #ifndef __APPLE__ .text @@ -57627,8 +57695,8 @@ _sp_521_lshift_18: #endif /* __APPLE__ */ /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -57676,9 +57744,9 @@ _sp_521_sub_in_place_9: #endif /* __APPLE__ */ /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -57770,9 +57838,9 @@ _sp_521_mul_d_9: #ifdef HAVE_INTEL_AVX2 /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -57850,10 +57918,11 @@ _sp_521_mul_d_avx2_9: #ifdef _WIN64 /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ #ifndef __APPLE__ .text @@ -57878,8 +57947,8 @@ _div_521_word_asm_9: #endif /* _WIN64 */ /* Shift number right by 1 bit. (r = a >> 1) * - * r Result of right shift by 1. - * a Number to shift. + * @param [out] r Result of right shift by 1. + * @param [in] a Number to shift. */ #ifndef __APPLE__ .text @@ -57926,9 +57995,9 @@ _sp_521_rshift1_9: #endif /* __APPLE__ */ /* Divide the number by 2 mod the prime. (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus */ #ifndef __APPLE__ .text @@ -58107,9 +58176,9 @@ L_521_num_bits_9_done: #ifdef WOLFSSL_SP_1024 /* Multiply a and b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -59759,8 +59828,8 @@ _sp_1024_mul_16: #endif /* __APPLE__ */ /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -60854,9 +60923,9 @@ _sp_1024_sqr_16: #ifdef HAVE_INTEL_AVX2 /* Multiply a and b into r. (r = a * b) * - * r Result of multiplication. - * a First number to multiply. - * b Second number to multiply. + * @param [out] r Result of multiplication. + * @param [in] a First number to multiply. + * @param [in] b Second number to multiply. */ #ifndef __APPLE__ .text @@ -62531,8 +62600,8 @@ L_end_1024_mul_avx2_16: #ifdef HAVE_INTEL_AVX2 /* Square a and put result in r. (r = a * a) * - * r A single precision integer. - * a A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. */ #ifndef __APPLE__ .text @@ -63589,9 +63658,9 @@ L_end_1024_sqr_avx2_16: #endif /* HAVE_INTEL_AVX2 */ /* Add b to a into r. (r = a + b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision integer. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -63662,8 +63731,8 @@ _sp_1024_add_16: #endif /* __APPLE__ */ /* Sub b from a into a. (a -= b) * - * a A single precision integer and result. - * b A single precision integer. + * @param [in, out] a A single precision integer and result. + * @param [in] b A single precision integer. */ #ifndef __APPLE__ .text @@ -63733,10 +63802,11 @@ _sp_1024_sub_in_place_16: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -63873,10 +63943,11 @@ _sp_1024_cond_sub_16: /* Conditionally subtract b from a using the mask m. * m is -1 to subtract and 0 when not copying. * - * r A single precision number representing condition subtract result. - * a A single precision number to subtract from. - * b A single precision number to subtract. - * m Mask value to apply. + * @param [out] r A single precision number representing condition subtract + * result. + * @param [in] a A single precision number to subtract from. + * @param [in] b A single precision number to subtract. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -63978,9 +64049,9 @@ _sp_1024_cond_sub_avx2_16: #endif /* HAVE_INTEL_AVX2 */ /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -64128,9 +64199,9 @@ _sp_1024_mul_d_16: #ifdef HAVE_INTEL_AVX2 /* Mul a by digit b into r. (r = a * b) * - * r A single precision integer. - * a A single precision integer. - * b A single precision digit. + * @param [out] r A single precision integer. + * @param [in] a A single precision integer. + * @param [in] b A single precision digit. */ #ifndef __APPLE__ .text @@ -64250,10 +64321,11 @@ _sp_1024_mul_d_avx2_16: #ifdef _WIN64 /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) * - * d1 The high order half of the number to divide. - * d0 The low order half of the number to divide. - * div The dividend. - * returns the result of the division. + * @param [in] d1 The high order half of the number to divide. + * @param [in] d0 The low order half of the number to divide. + * @param [in] div The dividend. + * + * @return The result of the division. */ #ifndef __APPLE__ .text @@ -64278,10 +64350,11 @@ _div_1024_word_asm_16: #endif /* _WIN64 */ /* Compare a with b in constant time. * - * a A single precision integer. - * b A single precision integer. - * return -ve, 0 or +ve if a is less than, equal to or greater than b - * respectively. + * @param [in] a A single precision integer. + * @param [in] b A single precision integer. + * + * @return -ve, 0 or +ve if a is less than, equal to or greater than b + * respectively. */ #ifndef __APPLE__ .text @@ -64435,9 +64508,9 @@ _sp_1024_cmp_16: /* Conditionally copy a into r using the mask m. * m is -1 to copy and 0 when not. * - * r A single precision number to copy over. - * a A single precision number to copy. - * m Mask value to apply. + * @param [out] r A single precision number to copy over. + * @param [in] a A single precision number to copy. + * @param [in] m Mask value to apply. */ #ifndef __APPLE__ .text @@ -64521,9 +64594,10 @@ _sp_1024_cond_copy_16: #endif /* __APPLE__ */ /* Reduce the number back to 1024 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -64743,10 +64817,10 @@ L_1024_mont_reduce_16_loop: #endif /* __APPLE__ */ /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -64918,9 +64992,9 @@ _sp_1024_mont_add_16: #endif /* __APPLE__ */ /* Double a Montgomery form number (r = a + a % m). * - * r Result of addition. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -65092,9 +65166,9 @@ _sp_1024_mont_dbl_16: #endif /* __APPLE__ */ /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of addition. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -65416,10 +65490,10 @@ _sp_1024_mont_tpl_16: #endif /* __APPLE__ */ /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -65587,9 +65661,9 @@ _sp_1024_mont_sub_16: #endif /* __APPLE__ */ /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -65745,9 +65819,10 @@ _sp_1024_mont_div2_16: #ifdef HAVE_INTEL_AVX2 /* Reduce the number back to 1024 bits using Montgomery reduction. * - * a A single precision number to reduce in place. - * m The single precision number representing the modulus. - * mp The digit representing the negative inverse of m mod 2^n. + * @param [in, out] a A single precision number to reduce in place. + * @param [in] m The single precision number representing the modulus. + * @param [in] mp The digit representing the negative inverse of + * m mod 2^n. */ #ifndef __APPLE__ .text @@ -66086,10 +66161,10 @@ L_1024_mont_reduce_avx2_16_loop: #ifdef HAVE_INTEL_AVX2 /* Add two Montgomery form numbers (r = a + b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -66245,9 +66320,9 @@ _sp_1024_mont_add_avx2_16: #ifdef HAVE_INTEL_AVX2 /* Double a Montgomery form number (r = a + a % m). * - * r Result of addition. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -66403,9 +66478,9 @@ _sp_1024_mont_dbl_avx2_16: #ifdef HAVE_INTEL_AVX2 /* Triple a Montgomery form number (r = a + a + a % m). * - * r Result of addition. - * a Number to double in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a Number to double in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -66695,10 +66770,10 @@ _sp_1024_mont_tpl_avx2_16: #ifdef HAVE_INTEL_AVX2 /* Subtract two Montgomery form numbers (r = a - b % m). * - * r Result of addition. - * a First number to add in Montgomery form. - * b Second number to add in Montgomery form. - * m Modulus (prime). + * @param [out] r Result of addition. + * @param [in] a First number to add in Montgomery form. + * @param [in] b Second number to add in Montgomery form. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -66850,9 +66925,9 @@ _sp_1024_mont_sub_avx2_16: #ifdef HAVE_INTEL_AVX2 /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) * - * r Result of division by 2. - * a Number to divide. - * m Modulus (prime). + * @param [out] r Result of division by 2. + * @param [in] a Number to divide. + * @param [in] m Modulus (prime). */ #ifndef __APPLE__ .text @@ -67008,10 +67083,10 @@ _sp_1024_mont_div2_avx2_16: /* Read big endian unsigned byte array into r. * Uses the bswap instruction. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ #ifndef __APPLE__ .text @@ -67103,10 +67178,10 @@ L_1024_from_bin_bswap_zero_end: /* Read big endian unsigned byte array into r. * Uses the movbe instruction which is an optional instruction. * - * r A single precision integer. - * size Maximum number of bytes to convert - * a Byte array. - * n Number of bytes in array to read. + * @param [out] r A single precision integer. + * @param [in] size Maximum number of bytes to convert + * @param [in] a Byte array. + * @param [in] n Number of bytes in array to read. */ #ifndef __APPLE__ .text diff --git a/wolfcrypt/src/sp_x86_64_asm.asm b/wolfcrypt/src/sp_x86_64_asm.asm index 603d0f2771..4fcf7b20a9 100644 --- a/wolfcrypt/src/sp_x86_64_asm.asm +++ b/wolfcrypt/src/sp_x86_64_asm.asm @@ -46,10 +46,10 @@ IFNDEF WOLFSSL_SP_NO_2048 ; /* Read big endian unsigned byte array into r. ; * Uses the bswap instruction. ; * -; * r A single precision integer. -; * size Maximum number of bytes to convert -; * a Byte array. -; * n Number of bytes in array to read. +; * @param [out] r A single precision integer. +; * @param [in] size Maximum number of bytes to convert +; * @param [in] a Byte array. +; * @param [in] n Number of bytes in array to read. ; */ _TEXT SEGMENT READONLY PARA sp_2048_from_bin_bswap PROC @@ -134,10 +134,10 @@ IFNDEF NO_MOVBE_SUPPORT ; /* Read big endian unsigned byte array into r. ; * Uses the movbe instruction which is an optional instruction. ; * -; * r A single precision integer. -; * size Maximum number of bytes to convert -; * a Byte array. -; * n Number of bytes in array to read. +; * @param [out] r A single precision integer. +; * @param [in] size Maximum number of bytes to convert +; * @param [in] a Byte array. +; * @param [in] n Number of bytes in array to read. ; */ _TEXT SEGMENT READONLY PARA sp_2048_from_bin_movbe PROC @@ -211,8 +211,8 @@ ENDIF ; * Fixed length number of bytes written: 256 ; * Uses the bswap instruction. ; * -; * r A single precision integer. -; * a Byte array. +; * @param [out] r A single precision integer. +; * @param [in] a Byte array. ; */ _TEXT SEGMENT READONLY PARA sp_2048_to_bin_bswap_32 PROC @@ -320,8 +320,8 @@ IFNDEF NO_MOVBE_SUPPORT ; * Fixed length number of bytes written: 256 ; * Uses the movbe instruction which is optional. ; * -; * r A single precision integer. -; * a Byte array. +; * @param [out] r A single precision integer. +; * @param [in] a Byte array. ; */ _TEXT SEGMENT READONLY PARA sp_2048_to_bin_movbe_32 PROC @@ -395,9 +395,9 @@ _TEXT ENDS ENDIF ; /* Multiply a and b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_2048_mul_16 PROC @@ -2039,9 +2039,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Multiply a and b into r. (r = a * b) ; * -; * r Result of multiplication. -; * a First number to multiply. -; * b Second number to multiply. +; * @param [out] r Result of multiplication. +; * @param [in] a First number to multiply. +; * @param [in] b Second number to multiply. ; */ _TEXT SEGMENT READONLY PARA sp_2048_mul_avx2_16 PROC @@ -3710,9 +3710,9 @@ _TEXT ENDS ENDIF ; /* Add b to a into r. (r = a + b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_2048_add_16 PROC @@ -3772,8 +3772,8 @@ sp_2048_add_16 ENDP _TEXT ENDS ; /* Sub b from a into a. (a -= b) ; * -; * a A single precision integer and result. -; * b A single precision integer. +; * @param [in, out] a A single precision integer and result. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_2048_sub_in_place_32 PROC @@ -3879,9 +3879,9 @@ sp_2048_sub_in_place_32 ENDP _TEXT ENDS ; /* Add b to a into r. (r = a + b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_2048_add_32 PROC @@ -3989,9 +3989,9 @@ sp_2048_add_32 ENDP _TEXT ENDS ; /* Multiply a and b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_2048_mul_32 PROC @@ -4695,9 +4695,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Multiply a and b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_2048_mul_avx2_32 PROC @@ -5353,8 +5353,8 @@ _TEXT ENDS ENDIF ; /* Square a and put result in r. (r = a * a) ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_2048_sqr_16 PROC @@ -6442,8 +6442,8 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Square a and put result in r. (r = a * a) ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_2048_sqr_avx2_16 PROC @@ -7497,8 +7497,8 @@ ENDIF ; * ; * Karatsuba: ah^2, al^2, (al - ah)^2 ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_2048_sqr_32 PROC @@ -8015,8 +8015,8 @@ IFDEF HAVE_INTEL_AVX2 ; * ; * Karatsuba: ah^2, al^2, (al - ah)^2 ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_2048_sqr_avx2_32 PROC @@ -8531,8 +8531,8 @@ _TEXT ENDS ENDIF ; /* Sub b from a into a. (a -= b) ; * -; * a A single precision integer and result. -; * b A single precision integer. +; * @param [in, out] a A single precision integer and result. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_2048_sub_in_place_16 PROC @@ -8590,9 +8590,9 @@ sp_2048_sub_in_place_16 ENDP _TEXT ENDS ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_2048_mul_d_32 PROC @@ -8859,10 +8859,11 @@ _TEXT ENDS ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_2048_cond_sub_16 PROC @@ -8986,9 +8987,10 @@ sp_2048_cond_sub_16 ENDP _TEXT ENDS ; /* Reduce the number back to 2048 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_2048_mont_reduce_16 PROC @@ -9194,10 +9196,11 @@ IFDEF HAVE_INTEL_AVX2 ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_2048_cond_sub_avx2_16 PROC @@ -9290,9 +9293,9 @@ _TEXT ENDS ENDIF ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_2048_mul_d_16 PROC @@ -9431,9 +9434,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_2048_mul_d_avx2_16 PROC @@ -9546,10 +9549,11 @@ ENDIF IFDEF _WIN64 ; /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) ; * -; * d1 The high order half of the number to divide. -; * d0 The low order half of the number to divide. -; * div The dividend. -; * returns the result of the division. +; * @param [in] d1 The high order half of the number to divide. +; * @param [in] d0 The low order half of the number to divide. +; * @param [in] div The dividend. +; * +; * @return The result of the division. ; */ _TEXT SEGMENT READONLY PARA div_2048_word_asm_16 PROC @@ -9563,10 +9567,11 @@ _TEXT ENDS ENDIF ; /* Compare a with b in constant time. ; * -; * a A single precision integer. -; * b A single precision integer. -; * return -ve, 0 or +ve if a is less than, equal to or greater than b -; * respectively. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. +; * +; * @return -ve, 0 or +ve if a is less than, equal to or greater than b +; * respectively. ; */ _TEXT SEGMENT READONLY PARA sp_2048_cmp_16 PROC @@ -9711,9 +9716,10 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Reduce the number back to 2048 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_2048_mont_reduce_avx2_16 PROC @@ -10596,10 +10602,11 @@ ENDIF ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_2048_cond_sub_32 PROC @@ -10835,9 +10842,10 @@ sp_2048_cond_sub_32 ENDP _TEXT ENDS ; /* Reduce the number back to 2048 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_2048_mont_reduce_32 PROC @@ -11201,9 +11209,9 @@ sp_2048_mont_reduce_32 ENDP _TEXT ENDS ; /* Sub b from a into r. (r = a - b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_2048_sub_32 PROC @@ -11310,9 +11318,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_2048_mul_d_avx2_32 PROC @@ -11521,10 +11529,11 @@ ENDIF IFDEF _WIN64 ; /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) ; * -; * d1 The high order half of the number to divide. -; * d0 The low order half of the number to divide. -; * div The dividend. -; * returns the result of the division. +; * @param [in] d1 The high order half of the number to divide. +; * @param [in] d0 The low order half of the number to divide. +; * @param [in] div The dividend. +; * +; * @return The result of the division. ; */ _TEXT SEGMENT READONLY PARA div_2048_word_asm_32 PROC @@ -11540,10 +11549,11 @@ IFDEF HAVE_INTEL_AVX2 ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_2048_cond_sub_avx2_32 PROC @@ -11716,10 +11726,11 @@ _TEXT ENDS ENDIF ; /* Compare a with b in constant time. ; * -; * a A single precision integer. -; * b A single precision integer. -; * return -ve, 0 or +ve if a is less than, equal to or greater than b -; * respectively. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. +; * +; * @return -ve, 0 or +ve if a is less than, equal to or greater than b +; * respectively. ; */ _TEXT SEGMENT READONLY PARA sp_2048_cmp_32 PROC @@ -11992,9 +12003,10 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Reduce the number back to 2048 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_2048_mont_reduce_avx2_32 PROC @@ -14564,10 +14576,11 @@ ENDIF ; /* Conditionally add a and b using the mask m. ; * m is -1 to add and 0 when not. ; * -; * r A single precision number representing conditional add result. -; * a A single precision number to add with. -; * b A single precision number to add. -; * m Mask value to apply. +; * @param [out] r A single precision number representing conditional add +; * result. +; * @param [in] a A single precision number to add with. +; * @param [in] b A single precision number to add. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_2048_cond_add_16 PROC @@ -14694,10 +14707,11 @@ IFDEF HAVE_INTEL_AVX2 ; /* Conditionally add a and b using the mask m. ; * m is -1 to add and 0 when not. ; * -; * r A single precision number representing conditional add result. -; * a A single precision number to add with. -; * b A single precision number to add. -; * m Mask value to apply. +; * @param [out] r A single precision number representing conditional add +; * result. +; * @param [in] a A single precision number to add with. +; * @param [in] b A single precision number to add. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_2048_cond_add_avx2_16 PROC @@ -14791,9 +14805,9 @@ _TEXT ENDS ENDIF ; /* Shift number left by n bit. (r = a << n) ; * -; * r Result of left shift by n. -; * a Number to shift. -; * n Amoutnt o shift. +; * @param [out] r Result of left shift by n. +; * @param [in] a Number to shift. +; * @param [in] n Amoutnt o shift. ; */ _TEXT SEGMENT READONLY PARA sp_2048_lshift_32 PROC @@ -14912,10 +14926,10 @@ IFNDEF WOLFSSL_SP_NO_3072 ; /* Read big endian unsigned byte array into r. ; * Uses the bswap instruction. ; * -; * r A single precision integer. -; * size Maximum number of bytes to convert -; * a Byte array. -; * n Number of bytes in array to read. +; * @param [out] r A single precision integer. +; * @param [in] size Maximum number of bytes to convert +; * @param [in] a Byte array. +; * @param [in] n Number of bytes in array to read. ; */ _TEXT SEGMENT READONLY PARA sp_3072_from_bin_bswap PROC @@ -15000,10 +15014,10 @@ IFNDEF NO_MOVBE_SUPPORT ; /* Read big endian unsigned byte array into r. ; * Uses the movbe instruction which is an optional instruction. ; * -; * r A single precision integer. -; * size Maximum number of bytes to convert -; * a Byte array. -; * n Number of bytes in array to read. +; * @param [out] r A single precision integer. +; * @param [in] size Maximum number of bytes to convert +; * @param [in] a Byte array. +; * @param [in] n Number of bytes in array to read. ; */ _TEXT SEGMENT READONLY PARA sp_3072_from_bin_movbe PROC @@ -15077,8 +15091,8 @@ ENDIF ; * Fixed length number of bytes written: 384 ; * Uses the bswap instruction. ; * -; * r A single precision integer. -; * a Byte array. +; * @param [out] r A single precision integer. +; * @param [in] a Byte array. ; */ _TEXT SEGMENT READONLY PARA sp_3072_to_bin_bswap_48 PROC @@ -15234,8 +15248,8 @@ IFNDEF NO_MOVBE_SUPPORT ; * Fixed length number of bytes written: 384 ; * Uses the movbe instruction which is optional. ; * -; * r A single precision integer. -; * a Byte array. +; * @param [out] r A single precision integer. +; * @param [in] a Byte array. ; */ _TEXT SEGMENT READONLY PARA sp_3072_to_bin_movbe_48 PROC @@ -15341,9 +15355,9 @@ _TEXT ENDS ENDIF ; /* Multiply a and b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_mul_12 PROC @@ -16289,9 +16303,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Multiply a and b into r. (r = a * b) ; * -; * r Result of multiplication. -; * a First number to multiply. -; * b Second number to multiply. +; * @param [out] r Result of multiplication. +; * @param [in] a First number to multiply. +; * @param [in] b Second number to multiply. ; */ _TEXT SEGMENT READONLY PARA sp_3072_mul_avx2_12 PROC @@ -17260,9 +17274,9 @@ _TEXT ENDS ENDIF ; /* Add b to a into r. (r = a + b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_add_12 PROC @@ -17310,8 +17324,8 @@ sp_3072_add_12 ENDP _TEXT ENDS ; /* Sub b from a into a. (a -= b) ; * -; * a A single precision integer and result. -; * b A single precision integer. +; * @param [in, out] a A single precision integer and result. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_sub_in_place_24 PROC @@ -17393,9 +17407,9 @@ sp_3072_sub_in_place_24 ENDP _TEXT ENDS ; /* Add b to a into r. (r = a + b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_add_24 PROC @@ -17479,9 +17493,9 @@ sp_3072_add_24 ENDP _TEXT ENDS ; /* Multiply a and b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_mul_24 PROC @@ -18029,9 +18043,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Multiply a and b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_mul_avx2_24 PROC @@ -18543,8 +18557,8 @@ _TEXT ENDS ENDIF ; /* Sub b from a into a. (a -= b) ; * -; * a A single precision integer and result. -; * b A single precision integer. +; * @param [in, out] a A single precision integer and result. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_sub_in_place_48 PROC @@ -18698,9 +18712,9 @@ sp_3072_sub_in_place_48 ENDP _TEXT ENDS ; /* Add b to a into r. (r = a + b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_add_48 PROC @@ -18856,9 +18870,9 @@ sp_3072_add_48 ENDP _TEXT ENDS ; /* Multiply a and b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_mul_48 PROC @@ -19874,9 +19888,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Multiply a and b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_mul_avx2_48 PROC @@ -20820,8 +20834,8 @@ _TEXT ENDS ENDIF ; /* Square a and put result in r. (r = a * a) ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_sqr_12 PROC @@ -21489,8 +21503,8 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Square a and put result in r. (r = a * a) ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_sqr_avx2_12 PROC @@ -22133,8 +22147,8 @@ ENDIF ; * ; * Karatsuba: ah^2, al^2, (al - ah)^2 ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_sqr_24 PROC @@ -22535,8 +22549,8 @@ IFDEF HAVE_INTEL_AVX2 ; * ; * Karatsuba: ah^2, al^2, (al - ah)^2 ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_sqr_avx2_24 PROC @@ -22937,8 +22951,8 @@ ENDIF ; * ; * Karatsuba: ah^2, al^2, (al - ah)^2 ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_sqr_48 PROC @@ -23687,8 +23701,8 @@ IFDEF HAVE_INTEL_AVX2 ; * ; * Karatsuba: ah^2, al^2, (al - ah)^2 ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_sqr_avx2_48 PROC @@ -24435,9 +24449,9 @@ _TEXT ENDS ENDIF ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_3072_mul_d_48 PROC @@ -24832,10 +24846,11 @@ _TEXT ENDS ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_3072_cond_sub_24 PROC @@ -25015,9 +25030,10 @@ sp_3072_cond_sub_24 ENDP _TEXT ENDS ; /* Reduce the number back to 3072 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_3072_mont_reduce_24 PROC @@ -25303,10 +25319,11 @@ IFDEF HAVE_INTEL_AVX2 ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_3072_cond_sub_avx2_24 PROC @@ -25439,9 +25456,9 @@ _TEXT ENDS ENDIF ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_3072_mul_d_24 PROC @@ -25644,9 +25661,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_3072_mul_d_avx2_24 PROC @@ -25807,10 +25824,11 @@ ENDIF IFDEF _WIN64 ; /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) ; * -; * d1 The high order half of the number to divide. -; * d0 The low order half of the number to divide. -; * div The dividend. -; * returns the result of the division. +; * @param [in] d1 The high order half of the number to divide. +; * @param [in] d0 The low order half of the number to divide. +; * @param [in] div The dividend. +; * +; * @return The result of the division. ; */ _TEXT SEGMENT READONLY PARA div_3072_word_asm_24 PROC @@ -25824,10 +25842,11 @@ _TEXT ENDS ENDIF ; /* Compare a with b in constant time. ; * -; * a A single precision integer. -; * b A single precision integer. -; * return -ve, 0 or +ve if a is less than, equal to or greater than b -; * respectively. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. +; * +; * @return -ve, 0 or +ve if a is less than, equal to or greater than b +; * respectively. ; */ _TEXT SEGMENT READONLY PARA sp_3072_cmp_24 PROC @@ -26036,9 +26055,10 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Reduce the number back to 3072 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_3072_mont_reduce_avx2_24 PROC @@ -27268,10 +27288,11 @@ ENDIF ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_3072_cond_sub_48 PROC @@ -27619,9 +27640,10 @@ sp_3072_cond_sub_48 ENDP _TEXT ENDS ; /* Reduce the number back to 3072 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_3072_mont_reduce_48 PROC @@ -28145,9 +28167,9 @@ sp_3072_mont_reduce_48 ENDP _TEXT ENDS ; /* Sub b from a into r. (r = a - b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_3072_sub_48 PROC @@ -28302,9 +28324,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_3072_mul_d_avx2_48 PROC @@ -28609,10 +28631,11 @@ ENDIF IFDEF _WIN64 ; /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) ; * -; * d1 The high order half of the number to divide. -; * d0 The low order half of the number to divide. -; * div The dividend. -; * returns the result of the division. +; * @param [in] d1 The high order half of the number to divide. +; * @param [in] d0 The low order half of the number to divide. +; * @param [in] div The dividend. +; * +; * @return The result of the division. ; */ _TEXT SEGMENT READONLY PARA div_3072_word_asm_48 PROC @@ -28628,10 +28651,11 @@ IFDEF HAVE_INTEL_AVX2 ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_3072_cond_sub_avx2_48 PROC @@ -28884,10 +28908,11 @@ _TEXT ENDS ENDIF ; /* Compare a with b in constant time. ; * -; * a A single precision integer. -; * b A single precision integer. -; * return -ve, 0 or +ve if a is less than, equal to or greater than b -; * respectively. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. +; * +; * @return -ve, 0 or +ve if a is less than, equal to or greater than b +; * respectively. ; */ _TEXT SEGMENT READONLY PARA sp_3072_cmp_48 PROC @@ -29288,9 +29313,10 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Reduce the number back to 3072 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_3072_mont_reduce_avx2_48 PROC @@ -30736,10 +30762,11 @@ ENDIF ; /* Conditionally add a and b using the mask m. ; * m is -1 to add and 0 when not. ; * -; * r A single precision number representing conditional add result. -; * a A single precision number to add with. -; * b A single precision number to add. -; * m Mask value to apply. +; * @param [out] r A single precision number representing conditional add +; * result. +; * @param [in] a A single precision number to add with. +; * @param [in] b A single precision number to add. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_3072_cond_add_24 PROC @@ -30922,10 +30949,11 @@ IFDEF HAVE_INTEL_AVX2 ; /* Conditionally add a and b using the mask m. ; * m is -1 to add and 0 when not. ; * -; * r A single precision number representing conditional add result. -; * a A single precision number to add with. -; * b A single precision number to add. -; * m Mask value to apply. +; * @param [out] r A single precision number representing conditional add +; * result. +; * @param [in] a A single precision number to add with. +; * @param [in] b A single precision number to add. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_3072_cond_add_avx2_24 PROC @@ -31059,9 +31087,9 @@ _TEXT ENDS ENDIF ; /* Shift number left by n bit. (r = a << n) ; * -; * r Result of left shift by n. -; * a Number to shift. -; * n Amoutnt o shift. +; * @param [out] r Result of left shift by n. +; * @param [in] a Number to shift. +; * @param [in] n Amoutnt o shift. ; */ _TEXT SEGMENT READONLY PARA sp_3072_lshift_48 PROC @@ -31228,10 +31256,10 @@ IFDEF WOLFSSL_SP_4096 ; /* Read big endian unsigned byte array into r. ; * Uses the bswap instruction. ; * -; * r A single precision integer. -; * size Maximum number of bytes to convert -; * a Byte array. -; * n Number of bytes in array to read. +; * @param [out] r A single precision integer. +; * @param [in] size Maximum number of bytes to convert +; * @param [in] a Byte array. +; * @param [in] n Number of bytes in array to read. ; */ _TEXT SEGMENT READONLY PARA sp_4096_from_bin_bswap PROC @@ -31316,10 +31344,10 @@ IFNDEF NO_MOVBE_SUPPORT ; /* Read big endian unsigned byte array into r. ; * Uses the movbe instruction which is an optional instruction. ; * -; * r A single precision integer. -; * size Maximum number of bytes to convert -; * a Byte array. -; * n Number of bytes in array to read. +; * @param [out] r A single precision integer. +; * @param [in] size Maximum number of bytes to convert +; * @param [in] a Byte array. +; * @param [in] n Number of bytes in array to read. ; */ _TEXT SEGMENT READONLY PARA sp_4096_from_bin_movbe PROC @@ -31393,8 +31421,8 @@ ENDIF ; * Fixed length number of bytes written: 512 ; * Uses the bswap instruction. ; * -; * r A single precision integer. -; * a Byte array. +; * @param [out] r A single precision integer. +; * @param [in] a Byte array. ; */ _TEXT SEGMENT READONLY PARA sp_4096_to_bin_bswap_64 PROC @@ -31598,8 +31626,8 @@ IFNDEF NO_MOVBE_SUPPORT ; * Fixed length number of bytes written: 512 ; * Uses the movbe instruction which is optional. ; * -; * r A single precision integer. -; * a Byte array. +; * @param [out] r A single precision integer. +; * @param [in] a Byte array. ; */ _TEXT SEGMENT READONLY PARA sp_4096_to_bin_movbe_64 PROC @@ -31737,8 +31765,8 @@ _TEXT ENDS ENDIF ; /* Sub b from a into a. (a -= b) ; * -; * a A single precision integer and result. -; * b A single precision integer. +; * @param [in, out] a A single precision integer and result. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_4096_sub_in_place_64 PROC @@ -31940,9 +31968,9 @@ sp_4096_sub_in_place_64 ENDP _TEXT ENDS ; /* Add b to a into r. (r = a + b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_4096_add_64 PROC @@ -32146,9 +32174,9 @@ sp_4096_add_64 ENDP _TEXT ENDS ; /* Multiply a and b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_4096_mul_64 PROC @@ -33476,9 +33504,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Multiply a and b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_4096_mul_avx2_64 PROC @@ -34712,8 +34740,8 @@ ENDIF ; * ; * Karatsuba: ah^2, al^2, (al - ah)^2 ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_4096_sqr_64 PROC @@ -35694,8 +35722,8 @@ IFDEF HAVE_INTEL_AVX2 ; * ; * Karatsuba: ah^2, al^2, (al - ah)^2 ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_4096_sqr_avx2_64 PROC @@ -36674,9 +36702,9 @@ _TEXT ENDS ENDIF ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_4096_mul_d_64 PROC @@ -37199,10 +37227,11 @@ _TEXT ENDS ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_4096_cond_sub_64 PROC @@ -37662,9 +37691,10 @@ sp_4096_cond_sub_64 ENDP _TEXT ENDS ; /* Reduce the number back to 4096 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_4096_mont_reduce_64 PROC @@ -38348,9 +38378,9 @@ sp_4096_mont_reduce_64 ENDP _TEXT ENDS ; /* Sub b from a into r. (r = a - b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_4096_sub_64 PROC @@ -38553,9 +38583,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_4096_mul_d_avx2_64 PROC @@ -38956,10 +38986,11 @@ ENDIF IFDEF _WIN64 ; /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) ; * -; * d1 The high order half of the number to divide. -; * d0 The low order half of the number to divide. -; * div The dividend. -; * returns the result of the division. +; * @param [in] d1 The high order half of the number to divide. +; * @param [in] d0 The low order half of the number to divide. +; * @param [in] div The dividend. +; * +; * @return The result of the division. ; */ _TEXT SEGMENT READONLY PARA div_4096_word_asm_64 PROC @@ -38975,10 +39006,11 @@ IFDEF HAVE_INTEL_AVX2 ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_4096_cond_sub_avx2_64 PROC @@ -39311,10 +39343,11 @@ _TEXT ENDS ENDIF ; /* Compare a with b in constant time. ; * -; * a A single precision integer. -; * b A single precision integer. -; * return -ve, 0 or +ve if a is less than, equal to or greater than b -; * respectively. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. +; * +; * @return -ve, 0 or +ve if a is less than, equal to or greater than b +; * respectively. ; */ _TEXT SEGMENT READONLY PARA sp_4096_cmp_64 PROC @@ -39843,9 +39876,10 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Reduce the number back to 4096 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_4096_mont_reduce_avx2_64 PROC @@ -41751,10 +41785,11 @@ ENDIF ; /* Conditionally add a and b using the mask m. ; * m is -1 to add and 0 when not. ; * -; * r A single precision number representing conditional add result. -; * a A single precision number to add with. -; * b A single precision number to add. -; * m Mask value to apply. +; * @param [out] r A single precision number representing conditional add +; * result. +; * @param [in] a A single precision number to add with. +; * @param [in] b A single precision number to add. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_4096_cond_add_32 PROC @@ -41993,10 +42028,11 @@ IFDEF HAVE_INTEL_AVX2 ; /* Conditionally add a and b using the mask m. ; * m is -1 to add and 0 when not. ; * -; * r A single precision number representing conditional add result. -; * a A single precision number to add with. -; * b A single precision number to add. -; * m Mask value to apply. +; * @param [out] r A single precision number representing conditional add +; * result. +; * @param [in] a A single precision number to add with. +; * @param [in] b A single precision number to add. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_4096_cond_add_avx2_32 PROC @@ -42170,9 +42206,9 @@ _TEXT ENDS ENDIF ; /* Shift number left by n bit. (r = a << n) ; * -; * r Result of left shift by n. -; * a Number to shift. -; * n Amoutnt o shift. +; * @param [out] r Result of left shift by n. +; * @param [in] a Number to shift. +; * @param [in] n Amoutnt o shift. ; */ _TEXT SEGMENT READONLY PARA sp_4096_lshift_64 PROC @@ -42385,9 +42421,9 @@ ENDIF IFNDEF WOLFSSL_SP_NO_256 ; /* Multiply a and b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_256_mul_4 PROC @@ -42517,9 +42553,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Multiply a and b into r. (r = a * b) ; * -; * r Result of multiplication. -; * a First number to multiply. -; * b Second number to multiply. +; * @param [out] r Result of multiplication. +; * @param [in] a First number to multiply. +; * @param [in] b Second number to multiply. ; */ _TEXT SEGMENT READONLY PARA sp_256_mul_avx2_4 PROC @@ -42627,8 +42663,8 @@ _TEXT ENDS ENDIF ; /* Square a and put result in r. (r = a * a) ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_256_sqr_4 PROC @@ -42744,8 +42780,8 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Square a and put result in r. (r = a * a) ; * -; * r Result of squaring. -; * a Number to square in Montgomery form. +; * @param [out] r Result of squaring. +; * @param [in] a Number to square in Montgomery form. ; */ _TEXT SEGMENT READONLY PARA sp_256_sqr_avx2_4 PROC @@ -42835,9 +42871,9 @@ _TEXT ENDS ENDIF ; /* Add b to a into r. (r = a + b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_256_add_4 PROC @@ -42862,9 +42898,9 @@ sp_256_add_4 ENDP _TEXT ENDS ; /* Sub b from a into r. (r = a - b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_256_sub_4 PROC @@ -42890,9 +42926,9 @@ _TEXT ENDS ; /* Conditionally copy a into r using the mask m. ; * m is -1 to copy and 0 when not. ; * -; * r A single precision number to copy over. -; * a A single precision number to copy. -; * m Mask value to apply. +; * @param [out] r A single precision number to copy over. +; * @param [in] a A single precision number to copy. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_256_cond_copy_4 PROC @@ -42918,11 +42954,11 @@ _TEXT ENDS ; /* Multiply two Montgomery form numbers mod the modulus (prime). ; * (r = a * b mod m) ; * -; * r Result of multiplication. -; * a First number to multiply in Montgomery form. -; * b Second number to multiply in Montgomery form. -; * m Modulus (prime). -; * mp Montgomery multiplier. +; * @param [out] r Result of multiplication. +; * @param [in] a First number to multiply in Montgomery form. +; * @param [in] b Second number to multiply in Montgomery form. +; * @param [in] m Modulus (prime). +; * @param [in] mp Montgomery multiplier. ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_mul_4 PROC @@ -43115,10 +43151,10 @@ sp_256_mont_mul_4 ENDP _TEXT ENDS ; /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) ; * -; * r Result of squaring. -; * a Number to square in Montgomery form. -; * m Modulus (prime). -; * mp Montgomery multiplier. +; * @param [out] r Result of squaring. +; * @param [in] a Number to square in Montgomery form. +; * @param [in] m Modulus (prime). +; * @param [in] mp Montgomery multiplier. ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_sqr_4 PROC @@ -43282,10 +43318,11 @@ sp_256_mont_sqr_4 ENDP _TEXT ENDS ; /* Compare a with b in constant time. ; * -; * a A single precision integer. -; * b A single precision integer. -; * return -ve, 0 or +ve if a is less than, equal to or greater than b -; * respectively. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. +; * +; * @return -ve, 0 or +ve if a is less than, equal to or greater than b +; * respectively. ; */ _TEXT SEGMENT READONLY PARA sp_256_cmp_4 PROC @@ -43334,10 +43371,11 @@ _TEXT ENDS ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_256_cond_sub_4 PROC @@ -43379,9 +43417,10 @@ sp_256_cond_sub_4 ENDP _TEXT ENDS ; /* Reduce the number back to 256 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_reduce_4 PROC @@ -43484,9 +43523,10 @@ sp_256_mont_reduce_4 ENDP _TEXT ENDS ; /* Reduce the number back to 256 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_reduce_order_4 PROC @@ -43585,10 +43625,10 @@ sp_256_mont_reduce_order_4 ENDP _TEXT ENDS ; /* Add two Montgomery form numbers (r = a + b % m). ; * -; * r Result of addition. -; * a First number to add in Montgomery form. -; * b Second number to add in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of addition. +; * @param [in] a First number to add in Montgomery form. +; * @param [in] b Second number to add in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_add_4 PROC @@ -43628,9 +43668,9 @@ sp_256_mont_add_4 ENDP _TEXT ENDS ; /* Double a Montgomery form number (r = a + a % m). ; * -; * r Result of doubling. -; * a Number to double in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of doubling. +; * @param [in] a Number to double in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_dbl_4 PROC @@ -43671,9 +43711,9 @@ sp_256_mont_dbl_4 ENDP _TEXT ENDS ; /* Triple a Montgomery form number (r = a + a + a % m). ; * -; * r Result of Tripling. -; * a Number to triple in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of Tripling. +; * @param [in] a Number to triple in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_tpl_4 PROC @@ -43732,10 +43772,10 @@ sp_256_mont_tpl_4 ENDP _TEXT ENDS ; /* Subtract two Montgomery form numbers (r = a - b % m). ; * -; * r Result of subtration. -; * a Number to subtract from in Montgomery form. -; * b Number to subtract with in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of subtration. +; * @param [in] a Number to subtract from in Montgomery form. +; * @param [in] b Number to subtract with in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_sub_4 PROC @@ -43775,9 +43815,9 @@ sp_256_mont_sub_4 ENDP _TEXT ENDS ; /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) ; * -; * r Result of division by 2. -; * a Number to divide. -; * m Modulus (prime). +; * @param [out] r Result of division by 2. +; * @param [in] a Number to divide. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_div2_4 PROC @@ -43814,10 +43854,10 @@ sp_256_mont_div2_4 ENDP _TEXT ENDS ; /* Two Montgomery numbers, subtract double second from first (r = a - 2.b % m). ; * -; * r Result of subtration. -; * a Number to subtract from in Montgomery form. -; * b Number to double and subtract with in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of subtration. +; * @param [in] a Number to subtract from in Montgomery form. +; * @param [in] b Number to double and subtract with in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_rsb_sub_dbl_4 PROC @@ -43916,9 +43956,9 @@ _TEXT ENDS IFNDEF WC_NO_CACHE_RESISTANT ; /* Touch each possible point that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of point to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of point to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_256_get_point_33_4 PROC @@ -43996,9 +44036,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Touch each possible point that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of point to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of point to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_256_get_point_33_avx2_4 PROC @@ -44051,11 +44091,11 @@ IFDEF HAVE_INTEL_AVX2 ; /* Multiply two Montgomery form numbers mod the modulus (prime). ; * (r = a * b mod m) ; * -; * r Result of multiplication. -; * a First number to multiply in Montgomery form. -; * b Second number to multiply in Montgomery form. -; * m Modulus (prime). -; * mp Montgomery multiplier. +; * @param [out] r Result of multiplication. +; * @param [in] a First number to multiply in Montgomery form. +; * @param [in] b Second number to multiply in Montgomery form. +; * @param [in] m Modulus (prime). +; * @param [in] mp Montgomery multiplier. ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_mul_avx2_4 PROC @@ -44227,10 +44267,10 @@ ENDIF IFDEF HAVE_INTEL_AVX2 ; /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) ; * -; * r Result of squaring. -; * a Number to square in Montgomery form. -; * m Modulus (prime). -; * mp Montgomery multiplier. +; * @param [out] r Result of squaring. +; * @param [in] a Number to square in Montgomery form. +; * @param [in] m Modulus (prime). +; * @param [in] mp Montgomery multiplier. ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_sqr_avx2_4 PROC @@ -44385,10 +44425,11 @@ IFDEF HAVE_INTEL_AVX2 ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_256_cond_sub_avx2_4 PROC @@ -44432,9 +44473,10 @@ ENDIF IFDEF HAVE_INTEL_AVX2 ; /* Reduce the number back to 256 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_reduce_order_avx2_4 PROC @@ -44591,9 +44633,9 @@ ENDIF IFDEF HAVE_INTEL_AVX2 ; /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) ; * -; * r Result of division by 2. -; * a Number to divide. -; * m Modulus (prime). +; * @param [out] r Result of division by 2. +; * @param [in] a Number to divide. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_div2_avx2_4 PROC @@ -44632,9 +44674,9 @@ ENDIF IFNDEF WC_NO_CACHE_RESISTANT ; /* Touch each possible entry that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of entry to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of entry to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_256_get_entry_64_4 PROC @@ -44695,9 +44737,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Touch each possible entry that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of entry to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of entry to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_256_get_entry_64_avx2_4 PROC @@ -44740,9 +44782,9 @@ ENDIF IFNDEF WC_NO_CACHE_RESISTANT ; /* Touch each possible entry that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of entry to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of entry to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_256_get_entry_65_4 PROC @@ -44803,9 +44845,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Touch each possible entry that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of entry to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of entry to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_256_get_entry_65_avx2_4 PROC @@ -44847,7 +44889,7 @@ ENDIF ENDIF ; /* Add 1 to a. (a = a + 1) ; * -; * a A single precision integer. +; * @param [in, out] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_256_add_one_4 PROC @@ -44861,10 +44903,10 @@ _TEXT ENDS ; /* Read big endian unsigned byte array into r. ; * Uses the bswap instruction. ; * -; * r A single precision integer. -; * size Maximum number of bytes to convert -; * a Byte array. -; * n Number of bytes in array to read. +; * @param [out] r A single precision integer. +; * @param [in] size Maximum number of bytes to convert +; * @param [in] a Byte array. +; * @param [in] n Number of bytes in array to read. ; */ _TEXT SEGMENT READONLY PARA sp_256_from_bin_bswap PROC @@ -44949,10 +44991,10 @@ IFNDEF NO_MOVBE_SUPPORT ; /* Read big endian unsigned byte array into r. ; * Uses the movbe instruction which is an optional instruction. ; * -; * r A single precision integer. -; * size Maximum number of bytes to convert -; * a Byte array. -; * n Number of bytes in array to read. +; * @param [out] r A single precision integer. +; * @param [in] size Maximum number of bytes to convert +; * @param [in] a Byte array. +; * @param [in] n Number of bytes in array to read. ; */ _TEXT SEGMENT READONLY PARA sp_256_from_bin_movbe PROC @@ -45026,8 +45068,8 @@ ENDIF ; * Fixed length number of bytes written: 32 ; * Uses the bswap instruction. ; * -; * r A single precision integer. -; * a Byte array. +; * @param [out] r A single precision integer. +; * @param [in] a Byte array. ; */ _TEXT SEGMENT READONLY PARA sp_256_to_bin_bswap_4 PROC @@ -45051,8 +45093,8 @@ IFNDEF NO_MOVBE_SUPPORT ; * Fixed length number of bytes written: 32 ; * Uses the movbe instruction which is optional. ; * -; * r A single precision integer. -; * a Byte array. +; * @param [out] r A single precision integer. +; * @param [in] a Byte array. ; */ _TEXT SEGMENT READONLY PARA sp_256_to_bin_movbe_4 PROC @@ -45070,8 +45112,8 @@ _TEXT ENDS ENDIF ; /* Sub b from a into a. (a -= b) ; * -; * a A single precision integer and result. -; * b A single precision integer. +; * @param [in, out] a A single precision integer and result. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_256_sub_in_place_4 PROC @@ -45089,9 +45131,9 @@ sp_256_sub_in_place_4 ENDP _TEXT ENDS ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_256_mul_d_4 PROC @@ -45134,9 +45176,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_256_mul_d_avx2_4 PROC @@ -45177,10 +45219,11 @@ ENDIF IFDEF _WIN64 ; /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) ; * -; * d1 The high order half of the number to divide. -; * d0 The low order half of the number to divide. -; * div The dividend. -; * returns the result of the division. +; * @param [in] d1 The high order half of the number to divide. +; * @param [in] d0 The low order half of the number to divide. +; * @param [in] div The dividend. +; * +; * @return The result of the division. ; */ _TEXT SEGMENT READONLY PARA div_256_word_asm_4 PROC @@ -45196,9 +45239,9 @@ IFDEF HAVE_INTEL_AVX2 ; /* Multiply two Montgomery form numbers mod the modulus (prime). ; * (r = a * b mod m) ; * -; * r Result of multiplication. -; * a First number to multiply in Montgomery form. -; * b Second number to multiply in Montgomery form. +; * @param [out] r Result of multiplication. +; * @param [in] a First number to multiply in Montgomery form. +; * @param [in] b Second number to multiply in Montgomery form. ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_mul_order_avx2_4 PROC @@ -45416,8 +45459,8 @@ ENDIF IFDEF HAVE_INTEL_AVX2 ; /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) ; * -; * r Result of squaring. -; * a Number to square in Montgomery form. +; * @param [out] r Result of squaring. +; * @param [in] a Number to square in Montgomery form. ; */ _TEXT SEGMENT READONLY PARA sp_256_mont_sqr_order_avx2_4 PROC @@ -45618,9 +45661,10 @@ _TEXT ENDS ENDIF ; /* Non-constant time modular inversion. ; * -; * @param [out] r Resulting number. -; * @param [in] a Number to invert. -; * @param [in] m Modulus. +; * @param [out] r Resulting number. +; * @param [in] a Number to invert. +; * @param [in] m Modulus. +; * ; * @return MP_OKAY on success. ; */ _TEXT SEGMENT READONLY PARA @@ -45897,9 +45941,10 @@ ptr_L_sp256_mod_inv_avx2_4_mask26 QWORD L_sp256_mod_inv_avx2_4_mask26 _DATA ENDS ; /* Non-constant time modular inversion. ; * -; * @param [out] r Resulting number. -; * @param [in] a Number to invert. -; * @param [in] m Modulus. +; * @param [out] r Resulting number. +; * @param [in] a Number to invert. +; * @param [in] m Modulus. +; * ; * @return MP_OKAY on success. ; */ _TEXT SEGMENT READONLY PARA @@ -46220,9 +46265,9 @@ ENDIF IFDEF WOLFSSL_SP_384 ; /* Multiply a and b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_384_mul_6 PROC @@ -46484,9 +46529,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Multiply a and b into r. (r = a * b) ; * -; * r Result of multiplication. -; * a First number to multiply. -; * b Second number to multiply. +; * @param [out] r Result of multiplication. +; * @param [in] a First number to multiply. +; * @param [in] b Second number to multiply. ; */ _TEXT SEGMENT READONLY PARA sp_384_mul_avx2_6 PROC @@ -46700,8 +46745,8 @@ _TEXT ENDS ENDIF ; /* Square a and put result in r. (r = a * a) ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_384_sqr_6 PROC @@ -46919,8 +46964,8 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Square a and put result in r. (r = a * a) ; * -; * r Result of squaring. -; * a Number to square in Montgomery form. +; * @param [out] r Result of squaring. +; * @param [in] a Number to square in Montgomery form. ; */ _TEXT SEGMENT READONLY PARA sp_384_sqr_avx2_6 PROC @@ -47076,9 +47121,9 @@ _TEXT ENDS ENDIF ; /* Add b to a into r. (r = a + b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_384_add_6 PROC @@ -47113,9 +47158,9 @@ sp_384_add_6 ENDP _TEXT ENDS ; /* Sub b from a into r. (r = a - b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_384_sub_6 PROC @@ -47151,9 +47196,9 @@ _TEXT ENDS ; /* Conditionally copy a into r using the mask m. ; * m is -1 to copy and 0 when not. ; * -; * r A single precision number to copy over. -; * a A single precision number to copy. -; * m Mask value to apply. +; * @param [out] r A single precision number to copy over. +; * @param [in] a A single precision number to copy. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_384_cond_copy_6 PROC @@ -47191,10 +47236,11 @@ _TEXT ENDS ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_384_cond_sub_6 PROC @@ -47248,9 +47294,10 @@ sp_384_cond_sub_6 ENDP _TEXT ENDS ; /* Reduce the number back to 384 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_384_mont_reduce_6 PROC @@ -47420,9 +47467,10 @@ sp_384_mont_reduce_6 ENDP _TEXT ENDS ; /* Reduce the number back to 384 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_384_mont_reduce_order_6 PROC @@ -47526,10 +47574,11 @@ sp_384_mont_reduce_order_6 ENDP _TEXT ENDS ; /* Compare a with b in constant time. ; * -; * a A single precision integer. -; * b A single precision integer. -; * return -ve, 0 or +ve if a is less than, equal to or greater than b -; * respectively. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. +; * +; * @return -ve, 0 or +ve if a is less than, equal to or greater than b +; * respectively. ; */ _TEXT SEGMENT READONLY PARA sp_384_cmp_6 PROC @@ -47593,10 +47642,10 @@ sp_384_cmp_6 ENDP _TEXT ENDS ; /* Add two Montgomery form numbers (r = a + b % m). ; * -; * r Result of addition. -; * a First number to add in Montgomery form. -; * b Second number to add in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of addition. +; * @param [in] a First number to add in Montgomery form. +; * @param [in] b Second number to add in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_384_mont_add_6 PROC @@ -47655,9 +47704,9 @@ sp_384_mont_add_6 ENDP _TEXT ENDS ; /* Double a Montgomery form number (r = a + a % m). ; * -; * r Result of doubling. -; * a Number to double in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of doubling. +; * @param [in] a Number to double in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_384_mont_dbl_6 PROC @@ -47717,9 +47766,9 @@ sp_384_mont_dbl_6 ENDP _TEXT ENDS ; /* Double a Montgomery form number (r = a + a % m). ; * -; * r Result of doubling. -; * a Number to double in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of doubling. +; * @param [in] a Number to double in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_384_mont_tpl_6 PROC @@ -47807,10 +47856,10 @@ sp_384_mont_tpl_6 ENDP _TEXT ENDS ; /* Subtract two Montgomery form numbers (r = a - b % m). ; * -; * r Result of subtration. -; * a Number to subtract from in Montgomery form. -; * b Number to subtract with in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of subtration. +; * @param [in] a Number to subtract from in Montgomery form. +; * @param [in] b Number to subtract with in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_384_mont_sub_6 PROC @@ -47869,9 +47918,9 @@ sp_384_mont_sub_6 ENDP _TEXT ENDS ; /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) ; * -; * r Result of division by 2. -; * a Number to divide. -; * m Modulus (prime). +; * @param [out] r Result of division by 2. +; * @param [in] a Number to divide. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_384_mont_div2_6 PROC @@ -47940,9 +47989,9 @@ _TEXT ENDS IFNDEF WC_NO_CACHE_RESISTANT ; /* Touch each possible point that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of point to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of point to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_384_get_point_33_6 PROC @@ -48051,9 +48100,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Touch each possible point that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of point to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of point to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_384_get_point_33_avx2_6 PROC @@ -48132,9 +48181,10 @@ ENDIF IFDEF HAVE_INTEL_AVX2 ; /* Reduce the number back to 384 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_384_mont_reduce_order_avx2_6 PROC @@ -48456,10 +48506,11 @@ IFDEF HAVE_INTEL_AVX2 ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_384_cond_sub_avx2_6 PROC @@ -48503,9 +48554,9 @@ ENDIF IFDEF HAVE_INTEL_AVX2 ; /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) ; * -; * r Result of division by 2. -; * a Number to divide. -; * m Modulus (prime). +; * @param [out] r Result of division by 2. +; * @param [in] a Number to divide. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_384_mont_div2_avx2_6 PROC @@ -48574,9 +48625,9 @@ ENDIF IFNDEF WC_NO_CACHE_RESISTANT ; /* Touch each possible entry that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of entry to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of entry to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_384_get_entry_64_6 PROC @@ -48655,9 +48706,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Touch each possible entry that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of entry to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of entry to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_384_get_entry_64_avx2_6 PROC @@ -48718,9 +48769,9 @@ ENDIF IFNDEF WC_NO_CACHE_RESISTANT ; /* Touch each possible entry that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of entry to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of entry to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_384_get_entry_65_6 PROC @@ -48799,9 +48850,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Touch each possible entry that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of entry to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of entry to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_384_get_entry_65_avx2_6 PROC @@ -48861,7 +48912,7 @@ ENDIF ENDIF ; /* Add 1 to a. (a = a + 1) ; * -; * a A single precision integer. +; * @param [in, out] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_384_add_one_6 PROC @@ -48877,10 +48928,10 @@ _TEXT ENDS ; /* Read big endian unsigned byte array into r. ; * Uses the bswap instruction. ; * -; * r A single precision integer. -; * size Maximum number of bytes to convert -; * a Byte array. -; * n Number of bytes in array to read. +; * @param [out] r A single precision integer. +; * @param [in] size Maximum number of bytes to convert +; * @param [in] a Byte array. +; * @param [in] n Number of bytes in array to read. ; */ _TEXT SEGMENT READONLY PARA sp_384_from_bin_bswap PROC @@ -48965,10 +49016,10 @@ IFNDEF NO_MOVBE_SUPPORT ; /* Read big endian unsigned byte array into r. ; * Uses the movbe instruction which is an optional instruction. ; * -; * r A single precision integer. -; * size Maximum number of bytes to convert -; * a Byte array. -; * n Number of bytes in array to read. +; * @param [out] r A single precision integer. +; * @param [in] size Maximum number of bytes to convert +; * @param [in] a Byte array. +; * @param [in] n Number of bytes in array to read. ; */ _TEXT SEGMENT READONLY PARA sp_384_from_bin_movbe PROC @@ -49042,8 +49093,8 @@ ENDIF ; * Fixed length number of bytes written: 48 ; * Uses the bswap instruction. ; * -; * r A single precision integer. -; * a Byte array. +; * @param [out] r A single precision integer. +; * @param [in] a Byte array. ; */ _TEXT SEGMENT READONLY PARA sp_384_to_bin_bswap_6 PROC @@ -49073,8 +49124,8 @@ IFNDEF NO_MOVBE_SUPPORT ; * Fixed length number of bytes written: 48 ; * Uses the movbe instruction which is optional. ; * -; * r A single precision integer. -; * a Byte array. +; * @param [out] r A single precision integer. +; * @param [in] a Byte array. ; */ _TEXT SEGMENT READONLY PARA sp_384_to_bin_movbe_6 PROC @@ -49096,8 +49147,8 @@ _TEXT ENDS ENDIF ; /* Sub b from a into a. (a -= b) ; * -; * a A single precision integer and result. -; * b A single precision integer. +; * @param [in, out] a A single precision integer and result. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_384_sub_in_place_6 PROC @@ -49123,9 +49174,9 @@ sp_384_sub_in_place_6 ENDP _TEXT ENDS ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_384_mul_d_6 PROC @@ -49184,9 +49235,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_384_mul_d_avx2_6 PROC @@ -49239,10 +49290,11 @@ ENDIF IFDEF _WIN64 ; /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) ; * -; * d1 The high order half of the number to divide. -; * d0 The low order half of the number to divide. -; * div The dividend. -; * returns the result of the division. +; * @param [in] d1 The high order half of the number to divide. +; * @param [in] d0 The low order half of the number to divide. +; * @param [in] div The dividend. +; * +; * @return The result of the division. ; */ _TEXT SEGMENT READONLY PARA div_384_word_asm_6 PROC @@ -49256,8 +49308,8 @@ _TEXT ENDS ENDIF ; /* Shift number right by 1 bit. (r = a >> 1) ; * -; * r Result of right shift by 1. -; * a Number to shift. +; * @param [out] r Result of right shift by 1. +; * @param [in] a Number to shift. ; */ _TEXT SEGMENT READONLY PARA sp_384_rshift1_6 PROC @@ -49286,9 +49338,9 @@ sp_384_rshift1_6 ENDP _TEXT ENDS ; /* Divide the number by 2 mod the prime. (r = a / 2 % m) ; * -; * r Result of division by 2. -; * a Number to divide. -; * m Modulus +; * @param [out] r Result of division by 2. +; * @param [in] a Number to divide. +; * @param [in] m Modulus ; */ _TEXT SEGMENT READONLY PARA sp_384_div2_mod_6 PROC @@ -49406,9 +49458,9 @@ ENDIF IFDEF WOLFSSL_SP_521 ; /* Multiply a and b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_521_mul_9 PROC @@ -49958,9 +50010,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Multiply a and b into r. (r = a * b) ; * -; * r Result of multiplication. -; * a First number to multiply. -; * b Second number to multiply. +; * @param [out] r Result of multiplication. +; * @param [in] a First number to multiply. +; * @param [in] b Second number to multiply. ; */ _TEXT SEGMENT READONLY PARA sp_521_mul_avx2_9 PROC @@ -50536,8 +50588,8 @@ _TEXT ENDS ENDIF ; /* Square a and put result in r. (r = a * a) ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_521_sqr_9 PROC @@ -50953,8 +51005,8 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Square a and put result in r. (r = a * a) ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_521_sqr_avx2_9 PROC @@ -51351,9 +51403,9 @@ _TEXT ENDS ENDIF ; /* Add b to a into r. (r = a + b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_521_add_9 PROC @@ -51392,9 +51444,9 @@ sp_521_add_9 ENDP _TEXT ENDS ; /* Sub b from a into r. (r = a - b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_521_sub_9 PROC @@ -51432,9 +51484,9 @@ _TEXT ENDS ; /* Conditionally copy a into r using the mask m. ; * m is -1 to copy and 0 when not. ; * -; * r A single precision number to copy over. -; * a A single precision number to copy. -; * m Mask value to apply. +; * @param [out] r A single precision number to copy over. +; * @param [in] a A single precision number to copy. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_521_cond_copy_9 PROC @@ -51482,11 +51534,11 @@ _TEXT ENDS ; /* Multiply two Montgomery form numbers mod the modulus (prime). ; * (r = a * b mod m) ; * -; * r Result of multiplication. -; * a First number to multiply in Montgomery form. -; * b Second number to multiply in Montgomery form. -; * m Modulus (prime). -; * mp Montgomery multiplier. +; * @param [out] r Result of multiplication. +; * @param [in] a First number to multiply in Montgomery form. +; * @param [in] b Second number to multiply in Montgomery form. +; * @param [in] m Modulus (prime). +; * @param [in] mp Montgomery multiplier. ; */ _TEXT SEGMENT READONLY PARA sp_521_mont_mul_9 PROC @@ -52073,10 +52125,10 @@ sp_521_mont_mul_9 ENDP _TEXT ENDS ; /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) ; * -; * r Result of squaring. -; * a Number to square in Montgomery form. -; * m Modulus (prime). -; * mp Montgomery multiplier. +; * @param [out] r Result of squaring. +; * @param [in] a Number to square in Montgomery form. +; * @param [in] m Modulus (prime). +; * @param [in] mp Montgomery multiplier. ; */ _TEXT SEGMENT READONLY PARA sp_521_mont_sqr_9 PROC @@ -52525,10 +52577,11 @@ sp_521_mont_sqr_9 ENDP _TEXT ENDS ; /* Compare a with b in constant time. ; * -; * a A single precision integer. -; * b A single precision integer. -; * return -ve, 0 or +ve if a is less than, equal to or greater than b -; * respectively. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. +; * +; * @return -ve, 0 or +ve if a is less than, equal to or greater than b +; * respectively. ; */ _TEXT SEGMENT READONLY PARA sp_521_cmp_9 PROC @@ -52617,10 +52670,11 @@ _TEXT ENDS ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_521_cond_sub_9 PROC @@ -52695,9 +52749,10 @@ sp_521_cond_sub_9 ENDP _TEXT ENDS ; /* Reduce the number back to 521 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_521_mont_reduce_9 PROC @@ -52764,9 +52819,10 @@ sp_521_mont_reduce_9 ENDP _TEXT ENDS ; /* Reduce the number back to 521 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_521_mont_reduce_order_9 PROC @@ -52939,10 +52995,10 @@ sp_521_mont_reduce_order_9 ENDP _TEXT ENDS ; /* Add two Montgomery form numbers (r = a + b % m). ; * -; * r Result of addition. -; * a First number to add in Montgomery form. -; * b Second number to add in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of addition. +; * @param [in] a First number to add in Montgomery form. +; * @param [in] b Second number to add in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_521_mont_add_9 PROC @@ -53002,9 +53058,9 @@ sp_521_mont_add_9 ENDP _TEXT ENDS ; /* Double a Montgomery form number (r = a + a % m). ; * -; * r Result of addition. -; * a Number to double in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of addition. +; * @param [in] a Number to double in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_521_mont_dbl_9 PROC @@ -53062,9 +53118,9 @@ sp_521_mont_dbl_9 ENDP _TEXT ENDS ; /* Triple a Montgomery form number (r = a + a + a % m). ; * -; * r Result of Tripling. -; * a Number to triple in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of Tripling. +; * @param [in] a Number to triple in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_521_mont_tpl_9 PROC @@ -53131,10 +53187,10 @@ sp_521_mont_tpl_9 ENDP _TEXT ENDS ; /* Subtract two Montgomery form numbers (r = a - b % m). ; * -; * r Result of addition. -; * a First number to add in Montgomery form. -; * b Second number to add in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of addition. +; * @param [in] a First number to add in Montgomery form. +; * @param [in] b Second number to add in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_521_mont_sub_9 PROC @@ -53195,9 +53251,9 @@ sp_521_mont_sub_9 ENDP _TEXT ENDS ; /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) ; * -; * r Result of division by 2. -; * a Number to divide. -; * m Modulus (prime). +; * @param [out] r Result of division by 2. +; * @param [in] a Number to divide. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_521_mont_div2_9 PROC @@ -53257,9 +53313,9 @@ _TEXT ENDS IFNDEF WC_NO_CACHE_RESISTANT ; /* Touch each possible point that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of point to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of point to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_521_get_point_33_9 PROC @@ -53417,9 +53473,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Touch each possible point that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of point to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of point to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_521_get_point_33_avx2_9 PROC @@ -53530,11 +53586,11 @@ IFDEF HAVE_INTEL_AVX2 ; /* Multiply two Montgomery form numbers mod the modulus (prime). ; * (r = a * b mod m) ; * -; * r Result of multiplication. -; * a First number to multiply in Montgomery form. -; * b Second number to multiply in Montgomery form. -; * m Modulus (prime). -; * mp Montgomery multiplier. +; * @param [out] r Result of multiplication. +; * @param [in] a First number to multiply in Montgomery form. +; * @param [in] b Second number to multiply in Montgomery form. +; * @param [in] m Modulus (prime). +; * @param [in] mp Montgomery multiplier. ; */ _TEXT SEGMENT READONLY PARA sp_521_mont_mul_avx2_9 PROC @@ -54141,10 +54197,10 @@ ENDIF IFDEF HAVE_INTEL_AVX2 ; /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m) ; * -; * r Result of squaring. -; * a Number to square in Montgomery form. -; * m Modulus (prime). -; * mp Montgomery multiplier. +; * @param [out] r Result of squaring. +; * @param [in] a Number to square in Montgomery form. +; * @param [in] m Modulus (prime). +; * @param [in] mp Montgomery multiplier. ; */ _TEXT SEGMENT READONLY PARA sp_521_mont_sqr_avx2_9 PROC @@ -54584,10 +54640,11 @@ IFDEF HAVE_INTEL_AVX2 ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_521_cond_sub_avx2_9 PROC @@ -54646,9 +54703,10 @@ ENDIF IFDEF HAVE_INTEL_AVX2 ; /* Reduce the number back to 521 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_521_mont_reduce_order_avx2_9 PROC @@ -54958,9 +55016,9 @@ ENDIF IFDEF HAVE_INTEL_AVX2 ; /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) ; * -; * r Result of division by 2. -; * a Number to divide. -; * m Modulus (prime). +; * @param [out] r Result of division by 2. +; * @param [in] a Number to divide. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_521_mont_div2_avx2_9 PROC @@ -55021,9 +55079,9 @@ ENDIF IFNDEF WC_NO_CACHE_RESISTANT ; /* Touch each possible entry that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of entry to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of entry to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_521_get_entry_64_9 PROC @@ -55153,9 +55211,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Touch each possible entry that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of entry to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of entry to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_521_get_entry_64_avx2_9 PROC @@ -55238,9 +55296,9 @@ ENDIF IFNDEF WC_NO_CACHE_RESISTANT ; /* Touch each possible entry that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of entry to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of entry to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_521_get_entry_65_9 PROC @@ -55370,9 +55428,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Touch each possible entry that could be being copied. ; * -; * r Point to copy into. -; * table Table - start of the entries to access -; * idx Index of entry to retrieve. +; * @param [out] r Point to copy into. +; * @param [in] table Table - start of the entries to access +; * @param [in] idx Index of entry to retrieve. ; */ _TEXT SEGMENT READONLY PARA sp_521_get_entry_65_avx2_9 PROC @@ -55454,7 +55512,7 @@ ENDIF ENDIF ; /* Add 1 to a. (a = a + 1) ; * -; * a A single precision integer. +; * @param [in, out] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_521_add_one_9 PROC @@ -55473,10 +55531,10 @@ _TEXT ENDS ; /* Read big endian unsigned byte array into r. ; * Uses the bswap instruction. ; * -; * r A single precision integer. -; * size Maximum number of bytes to convert -; * a Byte array. -; * n Number of bytes in array to read. +; * @param [out] r A single precision integer. +; * @param [in] size Maximum number of bytes to convert +; * @param [in] a Byte array. +; * @param [in] n Number of bytes in array to read. ; */ _TEXT SEGMENT READONLY PARA sp_521_from_bin_bswap PROC @@ -55561,10 +55619,10 @@ IFNDEF NO_MOVBE_SUPPORT ; /* Read big endian unsigned byte array into r. ; * Uses the movbe instruction which is an optional instruction. ; * -; * r A single precision integer. -; * size Maximum number of bytes to convert -; * a Byte array. -; * n Number of bytes in array to read. +; * @param [out] r A single precision integer. +; * @param [in] size Maximum number of bytes to convert +; * @param [in] a Byte array. +; * @param [in] n Number of bytes in array to read. ; */ _TEXT SEGMENT READONLY PARA sp_521_from_bin_movbe PROC @@ -55638,8 +55696,8 @@ ENDIF ; * Fixed length number of bytes written: 65 ; * Uses the bswap instruction. ; * -; * r A single precision integer. -; * a Byte array. +; * @param [out] r A single precision integer. +; * @param [in] a Byte array. ; */ _TEXT SEGMENT READONLY PARA sp_521_to_bin_bswap_9 PROC @@ -55679,8 +55737,8 @@ IFNDEF NO_MOVBE_SUPPORT ; * Fixed length number of bytes written: 65 ; * Uses the movbe instruction which is optional. ; * -; * r A single precision integer. -; * a Byte array. +; * @param [out] r A single precision integer. +; * @param [in] a Byte array. ; */ _TEXT SEGMENT READONLY PARA sp_521_to_bin_movbe_9 PROC @@ -55710,8 +55768,8 @@ _TEXT ENDS ENDIF ; /* Shift number right by 1 bit. (r = a >> 1) ; * -; * r Result of right shift by 1. -; * a Number to shift. +; * @param [out] r Result of right shift by 1. +; * @param [in] a Number to shift. ; */ _TEXT SEGMENT READONLY PARA sp_521_rshift_9 PROC @@ -55751,9 +55809,9 @@ sp_521_rshift_9 ENDP _TEXT ENDS ; /* Shift number left by n bit. (r = a << n) ; * -; * r Result of left shift by n. -; * a Number to shift. -; * n Amoutnt o shift. +; * @param [out] r Result of left shift by n. +; * @param [in] a Number to shift. +; * @param [in] n Amoutnt o shift. ; */ _TEXT SEGMENT READONLY PARA sp_521_lshift_9 PROC @@ -55798,9 +55856,9 @@ sp_521_lshift_9 ENDP _TEXT ENDS ; /* Shift number left by n bit. (r = a << n) ; * -; * r Result of left shift by n. -; * a Number to shift. -; * n Amoutnt o shift. +; * @param [out] r Result of left shift by n. +; * @param [in] a Number to shift. +; * @param [in] n Amoutnt o shift. ; */ _TEXT SEGMENT READONLY PARA sp_521_lshift_18 PROC @@ -55872,8 +55930,8 @@ sp_521_lshift_18 ENDP _TEXT ENDS ; /* Sub b from a into a. (a -= b) ; * -; * a A single precision integer and result. -; * b A single precision integer. +; * @param [in, out] a A single precision integer and result. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_521_sub_in_place_9 PROC @@ -55910,9 +55968,9 @@ sp_521_sub_in_place_9 ENDP _TEXT ENDS ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_521_mul_d_9 PROC @@ -55995,9 +56053,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_521_mul_d_avx2_9 PROC @@ -56068,10 +56126,11 @@ ENDIF IFDEF _WIN64 ; /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) ; * -; * d1 The high order half of the number to divide. -; * d0 The low order half of the number to divide. -; * div The dividend. -; * returns the result of the division. +; * @param [in] d1 The high order half of the number to divide. +; * @param [in] d0 The low order half of the number to divide. +; * @param [in] div The dividend. +; * +; * @return The result of the division. ; */ _TEXT SEGMENT READONLY PARA div_521_word_asm_9 PROC @@ -56085,8 +56144,8 @@ _TEXT ENDS ENDIF ; /* Shift number right by 1 bit. (r = a >> 1) ; * -; * r Result of right shift by 1. -; * a Number to shift. +; * @param [out] r Result of right shift by 1. +; * @param [in] a Number to shift. ; */ _TEXT SEGMENT READONLY PARA sp_521_rshift1_9 PROC @@ -56124,9 +56183,9 @@ sp_521_rshift1_9 ENDP _TEXT ENDS ; /* Divide the number by 2 mod the prime. (r = a / 2 % m) ; * -; * r Result of division by 2. -; * a Number to divide. -; * m Modulus +; * @param [out] r Result of division by 2. +; * @param [in] a Number to divide. +; * @param [in] m Modulus ; */ _TEXT SEGMENT READONLY PARA sp_521_div2_mod_9 PROC @@ -56285,9 +56344,9 @@ ENDIF IFDEF WOLFSSL_SP_1024 ; /* Multiply a and b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_1024_mul_16 PROC @@ -57928,8 +57987,8 @@ sp_1024_mul_16 ENDP _TEXT ENDS ; /* Square a and put result in r. (r = a * a) ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_1024_sqr_16 PROC @@ -59017,9 +59076,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Multiply a and b into r. (r = a * b) ; * -; * r Result of multiplication. -; * a First number to multiply. -; * b Second number to multiply. +; * @param [out] r Result of multiplication. +; * @param [in] a First number to multiply. +; * @param [in] b Second number to multiply. ; */ _TEXT SEGMENT READONLY PARA sp_1024_mul_avx2_16 PROC @@ -60689,8 +60748,8 @@ ENDIF IFDEF HAVE_INTEL_AVX2 ; /* Square a and put result in r. (r = a * a) ; * -; * r A single precision integer. -; * a A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_1024_sqr_avx2_16 PROC @@ -61742,9 +61801,9 @@ _TEXT ENDS ENDIF ; /* Add b to a into r. (r = a + b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision integer. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_1024_add_16 PROC @@ -61804,8 +61863,8 @@ sp_1024_add_16 ENDP _TEXT ENDS ; /* Sub b from a into a. (a -= b) ; * -; * a A single precision integer and result. -; * b A single precision integer. +; * @param [in, out] a A single precision integer and result. +; * @param [in] b A single precision integer. ; */ _TEXT SEGMENT READONLY PARA sp_1024_sub_in_place_16 PROC @@ -61864,10 +61923,11 @@ _TEXT ENDS ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_1024_cond_sub_16 PROC @@ -61993,10 +62053,11 @@ IFDEF HAVE_INTEL_AVX2 ; /* Conditionally subtract b from a using the mask m. ; * m is -1 to subtract and 0 when not copying. ; * -; * r A single precision number representing condition subtract result. -; * a A single precision number to subtract from. -; * b A single precision number to subtract. -; * m Mask value to apply. +; * @param [out] r A single precision number representing condition subtract +; * result. +; * @param [in] a A single precision number to subtract from. +; * @param [in] b A single precision number to subtract. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_1024_cond_sub_avx2_16 PROC @@ -62089,9 +62150,9 @@ _TEXT ENDS ENDIF ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_1024_mul_d_16 PROC @@ -62230,9 +62291,9 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Mul a by digit b into r. (r = a * b) ; * -; * r A single precision integer. -; * a A single precision integer. -; * b A single precision digit. +; * @param [out] r A single precision integer. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision digit. ; */ _TEXT SEGMENT READONLY PARA sp_1024_mul_d_avx2_16 PROC @@ -62345,10 +62406,11 @@ ENDIF IFDEF _WIN64 ; /* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div) ; * -; * d1 The high order half of the number to divide. -; * d0 The low order half of the number to divide. -; * div The dividend. -; * returns the result of the division. +; * @param [in] d1 The high order half of the number to divide. +; * @param [in] d0 The low order half of the number to divide. +; * @param [in] div The dividend. +; * +; * @return The result of the division. ; */ _TEXT SEGMENT READONLY PARA div_1024_word_asm_16 PROC @@ -62362,10 +62424,11 @@ _TEXT ENDS ENDIF ; /* Compare a with b in constant time. ; * -; * a A single precision integer. -; * b A single precision integer. -; * return -ve, 0 or +ve if a is less than, equal to or greater than b -; * respectively. +; * @param [in] a A single precision integer. +; * @param [in] b A single precision integer. +; * +; * @return -ve, 0 or +ve if a is less than, equal to or greater than b +; * respectively. ; */ _TEXT SEGMENT READONLY PARA sp_1024_cmp_16 PROC @@ -62510,9 +62573,9 @@ _TEXT ENDS ; /* Conditionally copy a into r using the mask m. ; * m is -1 to copy and 0 when not. ; * -; * r A single precision number to copy over. -; * a A single precision number to copy. -; * m Mask value to apply. +; * @param [out] r A single precision number to copy over. +; * @param [in] a A single precision number to copy. +; * @param [in] m Mask value to apply. ; */ _TEXT SEGMENT READONLY PARA sp_1024_cond_copy_16 PROC @@ -62585,9 +62648,10 @@ sp_1024_cond_copy_16 ENDP _TEXT ENDS ; /* Reduce the number back to 1024 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_1024_mont_reduce_16 PROC @@ -62796,10 +62860,10 @@ sp_1024_mont_reduce_16 ENDP _TEXT ENDS ; /* Add two Montgomery form numbers (r = a + b % m). ; * -; * r Result of addition. -; * a First number to add in Montgomery form. -; * b Second number to add in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of addition. +; * @param [in] a First number to add in Montgomery form. +; * @param [in] b Second number to add in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_1024_mont_add_16 PROC @@ -62964,9 +63028,9 @@ sp_1024_mont_add_16 ENDP _TEXT ENDS ; /* Double a Montgomery form number (r = a + a % m). ; * -; * r Result of addition. -; * a Number to double in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of addition. +; * @param [in] a Number to double in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_1024_mont_dbl_16 PROC @@ -63129,9 +63193,9 @@ sp_1024_mont_dbl_16 ENDP _TEXT ENDS ; /* Triple a Montgomery form number (r = a + a + a % m). ; * -; * r Result of addition. -; * a Number to double in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of addition. +; * @param [in] a Number to double in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_1024_mont_tpl_16 PROC @@ -63444,10 +63508,10 @@ sp_1024_mont_tpl_16 ENDP _TEXT ENDS ; /* Subtract two Montgomery form numbers (r = a - b % m). ; * -; * r Result of addition. -; * a First number to add in Montgomery form. -; * b Second number to add in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of addition. +; * @param [in] a First number to add in Montgomery form. +; * @param [in] b Second number to add in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_1024_mont_sub_16 PROC @@ -63608,9 +63672,9 @@ sp_1024_mont_sub_16 ENDP _TEXT ENDS ; /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) ; * -; * r Result of division by 2. -; * a Number to divide. -; * m Modulus (prime). +; * @param [out] r Result of division by 2. +; * @param [in] a Number to divide. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_1024_mont_div2_16 PROC @@ -63759,9 +63823,10 @@ _TEXT ENDS IFDEF HAVE_INTEL_AVX2 ; /* Reduce the number back to 1024 bits using Montgomery reduction. ; * -; * a A single precision number to reduce in place. -; * m The single precision number representing the modulus. -; * mp The digit representing the negative inverse of m mod 2^n. +; * @param [in, out] a A single precision number to reduce in place. +; * @param [in] m The single precision number representing the modulus. +; * @param [in] mp The digit representing the negative inverse of +; * m mod 2^n. ; */ _TEXT SEGMENT READONLY PARA sp_1024_mont_reduce_avx2_16 PROC @@ -64094,10 +64159,10 @@ ENDIF IFDEF HAVE_INTEL_AVX2 ; /* Add two Montgomery form numbers (r = a + b % m). ; * -; * r Result of addition. -; * a First number to add in Montgomery form. -; * b Second number to add in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of addition. +; * @param [in] a First number to add in Montgomery form. +; * @param [in] b Second number to add in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_1024_mont_add_avx2_16 PROC @@ -64246,9 +64311,9 @@ ENDIF IFDEF HAVE_INTEL_AVX2 ; /* Double a Montgomery form number (r = a + a % m). ; * -; * r Result of addition. -; * a Number to double in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of addition. +; * @param [in] a Number to double in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_1024_mont_dbl_avx2_16 PROC @@ -64395,9 +64460,9 @@ ENDIF IFDEF HAVE_INTEL_AVX2 ; /* Triple a Montgomery form number (r = a + a + a % m). ; * -; * r Result of addition. -; * a Number to double in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of addition. +; * @param [in] a Number to double in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_1024_mont_tpl_avx2_16 PROC @@ -64678,10 +64743,10 @@ ENDIF IFDEF HAVE_INTEL_AVX2 ; /* Subtract two Montgomery form numbers (r = a - b % m). ; * -; * r Result of addition. -; * a First number to add in Montgomery form. -; * b Second number to add in Montgomery form. -; * m Modulus (prime). +; * @param [out] r Result of addition. +; * @param [in] a First number to add in Montgomery form. +; * @param [in] b Second number to add in Montgomery form. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_1024_mont_sub_avx2_16 PROC @@ -64826,9 +64891,9 @@ ENDIF IFDEF HAVE_INTEL_AVX2 ; /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) ; * -; * r Result of division by 2. -; * a Number to divide. -; * m Modulus (prime). +; * @param [out] r Result of division by 2. +; * @param [in] a Number to divide. +; * @param [in] m Modulus (prime). ; */ _TEXT SEGMENT READONLY PARA sp_1024_mont_div2_avx2_16 PROC @@ -64977,10 +65042,10 @@ ENDIF ; /* Read big endian unsigned byte array into r. ; * Uses the bswap instruction. ; * -; * r A single precision integer. -; * size Maximum number of bytes to convert -; * a Byte array. -; * n Number of bytes in array to read. +; * @param [out] r A single precision integer. +; * @param [in] size Maximum number of bytes to convert +; * @param [in] a Byte array. +; * @param [in] n Number of bytes in array to read. ; */ _TEXT SEGMENT READONLY PARA sp_1024_from_bin_bswap PROC @@ -65065,10 +65130,10 @@ IFNDEF NO_MOVBE_SUPPORT ; /* Read big endian unsigned byte array into r. ; * Uses the movbe instruction which is an optional instruction. ; * -; * r A single precision integer. -; * size Maximum number of bytes to convert -; * a Byte array. -; * n Number of bytes in array to read. +; * @param [out] r A single precision integer. +; * @param [in] size Maximum number of bytes to convert +; * @param [in] a Byte array. +; * @param [in] n Number of bytes in array to read. ; */ _TEXT SEGMENT READONLY PARA sp_1024_from_bin_movbe PROC