void pp_map_tatep_k2(fp2_t r, ep_t p, ep_t q) {
ep_t _p[1], _q[1], t[1];
bn_t n;
ep_null(_p[0]);
ep_null(_q[0]);
ep_null(t[0]);
bn_null(n);
TRY {
ep_new(t[0]);
bn_new(n);
ep_norm(_p[0], p);
ep_norm(_q[0], q);
ep_curve_get_ord(n);
/* Since p has order n, we do not have to perform last iteration. */
bn_sub_dig(n, n, 1);
fp2_set_dig(r, 1);
if (!ep_is_infty(p) && !ep_is_infty(q)) {
pp_mil_k2(r, t, _p, _q, 1, n);
pp_exp_k2(r, r);
}
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
ep_free(_p[0]);
ep_free(_q[0]);
ep_free(t[0]);
bn_free(n);
}
}
void pp_map_weilp_k12(fp12_t r, ep_t p, ep2_t q) {
ep_t _p[1], t0[1];
ep2_t _q[1], t1[1];
fp12_t r0, r1;
bn_t n;
ep_null(_p[0]);
ep_null(t0[1]);
ep2_null(_q[0]);
ep2_null(t1[1]);
fp12_null(r0);
fp12_null(r1);
bn_null(n);
TRY {
ep_new(_p[0]);
ep_new(t0[0]);
ep2_new(_q[0]);
ep2_new(t1[0]);
fp12_new(r0);
fp12_new(r1);
bn_new(n);
ep_norm(_p[0], p);
ep2_norm(_q[0], q);
ep_curve_get_ord(n);
bn_sub_dig(n, n, 1);
fp12_set_dig(r0, 1);
fp12_set_dig(r1, 1);
if (!ep_is_infty(_p[0]) && !ep2_is_infty(_q[0])) {
pp_mil_lit_k12(r0, t0, _p, _q, 1, n);
pp_mil_k12(r1, t1, _q, _p, 1, n);
fp12_inv(r1, r1);
fp12_mul(r0, r0, r1);
fp12_inv(r1, r0);
fp12_inv_uni(r0, r0);
}
fp12_mul(r, r0, r1);
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
ep_free(_p[0]);
ep_free(t0[0]);
ep2_free(_q[0]);
ep2_free(t1[0]);
fp12_free(r0);
fp12_free(r1);
bn_free(n);
}
}
int ep_size_bin(const ep_t a, int pack) {
ep_t t;
int size = 0;
ep_null(t);
if (ep_is_infty(a)) {
return 1;
}
TRY {
ep_new(t);
ep_norm(t, a);
size = 1 + FP_BYTES;
if (!pack) {
size += FP_BYTES;
}
} CATCH_ANY {
THROW(ERR_CAUGHT);
} FINALLY {
ep_free(t);
}
return size;
}
effect_t gs_create_effect(const char *effect_string, const char *filename,
char **error_string)
{
if (!thread_graphics || !effect_string)
return NULL;
struct gs_effect *effect = bzalloc(sizeof(struct gs_effect));
struct effect_parser parser;
bool success;
effect->graphics = thread_graphics;
ep_init(&parser);
success = ep_parse(&parser, effect, effect_string, filename);
if (!success) {
if (error_string)
*error_string = error_data_buildstring(
&parser.cfp.error_list);
effect_destroy(effect);
effect = NULL;
}
ep_free(&parser);
return effect;
}
/**
* Compute the Miller loop for pairings of type G_2 x G_1 over the bits of a
* given parameter.
*
* @param[out] r - the result.
* @param[out] t - the resulting point.
* @param[in] q - the first pairing argument in affine coordinates.
* @param[in] p - the second pairing argument in affine coordinates.
* @param[in] n - the number of pairings to evaluate.
* @param[in] a - the loop parameter.
*/
static void pp_mil_k12(fp12_t r, ep2_t *t, ep2_t *q, ep_t *p, int m, bn_t a) {
fp12_t l;
ep_t _p[m];
int i, j;
if (m == 0) {
return;
}
fp12_null(l);
TRY {
fp12_new(l);
for (j = 0; j < m; j++) {
ep_null(_p[j]);
ep_new(_p[j]);
#if EP_ADD == BASIC
ep_neg(_p[j], p[i]);
#else
fp_add(_p[j]->x, p[j]->x, p[j]->x);
fp_add(_p[j]->x, _p[j]->x, p[j]->x);
fp_neg(_p[j]->y, p[j]->y);
#endif
ep2_copy(t[j], q[j]);
}
fp12_zero(l);
/* Precomputing. */
pp_dbl_k12(r, t[0], t[0], _p[0]);
if (bn_get_bit(a, bn_bits(a) - 2)) {
for (j = 0; j < m; j++) {
pp_add_k12(l, t[j], q[j], p[j]);
fp12_mul_dxs(r, r, l);
}
}
for (i = bn_bits(a) - 3; i >= 0; i--) {
fp12_sqr(r, r);
for (j = 0; j < m; j++) {
pp_dbl_k12(l, t[j], t[j], _p[j]);
fp12_mul_dxs(r, r, l);
if (bn_get_bit(a, i)) {
pp_add_k12(l, t[j], q[j], p[j]);
fp12_mul_dxs(r, r, l);
}
}
}
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fp12_free(l);
for (j = 0; j < m; j++) {
ep_free(_p[j]);
}
}
}
static int
ep_mca_attach(device_t dev)
{
struct ep_softc *sc = device_get_softc(dev);
int error = 0;
if ((error = ep_alloc(dev)))
goto bad;
sc->stat = F_ACCESS_32_BITS;
ep_get_media(sc);
GO_WINDOW(sc, 0);
SET_IRQ(sc, rman_get_start(sc->irq));
if ((error = ep_attach(sc)))
goto bad;
if ((error = bus_setup_intr(dev, sc->irq, INTR_TYPE_NET | INTR_MPSAFE, NULL, ep_intr,
sc, &sc->ep_intrhand))) {
device_printf(dev, "bus_setup_intr() failed! (%d)\n", error);
goto bad;
}
return (0);
bad:
ep_free(dev);
return (error);
}
void ep_sub_basic(ep_t r, const ep_t p, const ep_t q) {
ep_t t;
ep_null(t);
if (p == q) {
ep_set_infty(r);
return;
}
TRY {
ep_new(t);
ep_neg_basic(t, q);
ep_add_basic(r, p, t);
r->norm = 1;
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
ep_free(t);
}
}
void pp_map_sim_tatep_k12(fp12_t r, ep_t *p, ep2_t *q, int m) {
ep_t _p[m], t[m];
ep2_t _q[m];
bn_t n;
int i, j;
bn_null(n);
TRY {
bn_new(n);
for (i = 0; i < m; i++) {
ep_null(_p[i]);
ep_null(t[i]);
ep2_null(_q[i]);
ep_new(_p[i]);
ep_new(t[i]);
ep2_new(_q[i]);
}
j = 0;
for (i = 0; i < m; i++) {
if (!ep_is_infty(p[i]) && !ep2_is_infty(q[i])) {
ep_norm(_p[j], p[i]);
ep2_norm(_q[j++], q[i]);
}
}
ep_curve_get_ord(n);
fp12_set_dig(r, 1);
if (j > 0) {
pp_mil_lit_k12(r, t, _p, _q, j, n);
pp_exp_k12(r, r);
}
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
bn_free(n);
for (i = 0; i < m; i++) {
ep_free(_p[i]);
ep_free(t[i]);
ep2_free(_q[i]);
}
}
}
/*
* Initialize the device - called from Slot manager.
*/
static int
ep_pccard_probe(device_t dev)
{
struct ep_softc * sc = device_get_softc(dev);
struct ep_board * epb = &sc->epb;
const char * desc;
int error;
error = ep_alloc(dev);
if (error)
return error;
/*
* XXX - Certain (newer?) 3Com cards need epb->cmd_off ==
* 2. Sadly, you need to have a correct cmd_off in order to
* identify the card. So we have to hit it with both and
* cross our virtual fingers. There's got to be a better way
* to do this. [email protected] 09/11/1999
*/
epb->cmd_off = 0;
epb->prod_id = get_e(sc, EEPROM_PROD_ID);
if ((desc = ep_pccard_identify(epb->prod_id)) == NULL) {
if (bootverbose)
device_printf(dev, "Pass 1 of 2 detection "
"failed (nonfatal)\n");
epb->cmd_off = 2;
epb->prod_id = get_e(sc, EEPROM_PROD_ID);
if ((desc = ep_pccard_identify(epb->prod_id)) == NULL) {
device_printf(dev, "Unit failed to come ready or "
"product ID unknown! (id 0x%x)\n", epb->prod_id);
ep_free(dev);
return (ENXIO);
}
}
device_set_desc(dev, desc);
/*
* For some reason the 3c574 needs this.
*/
ep_get_macaddr(sc, (u_char *)&sc->arpcom.ac_enaddr);
ep_free(dev);
return (0);
}
void ep_mul_sim_gen(ep_t r, const bn_t k, const ep_t q, const bn_t m) {
ep_t g;
ep_null(g);
if (bn_is_zero(k)) {
ep_mul(r, q, m);
return;
}
if (bn_is_zero(m) || ep_is_infty(q)) {
ep_mul_gen(r, k);
return;
}
TRY {
ep_new(g);
ep_curve_get_gen(g);
#if defined(EP_ENDOM)
#if EP_SIM == INTER && EP_FIX == LWNAF && defined(EP_PRECO)
if (ep_curve_is_endom()) {
ep_mul_sim_endom(r, g, k, q, m, ep_curve_get_tab());
}
#else
if (ep_curve_is_endom()) {
ep_mul_sim(r, g, k, q, m);
}
#endif
#endif
#if defined(EP_PLAIN) || defined(EP_SUPER)
#if EP_SIM == INTER && EP_FIX == LWNAF && defined(EP_PRECO)
if (!ep_curve_is_endom()) {
ep_mul_sim_plain(r, g, k, q, m, ep_curve_get_tab());
}
#else
if (!ep_curve_is_endom()) {
ep_mul_sim(r, g, k, q, m);
}
#endif
#endif
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
ep_free(g);
}
}
void pp_map_tatep_k12(fp12_t r, ep_t p, ep2_t q) {
ep_t _p[1], t[1];
ep2_t _q[1];
bn_t n;
ep_null(_p[0]);
ep_null(t[0]);
ep2_null(_q[0]);
bn_null(n);
TRY {
ep_new(_p[0]);
ep_new(t[0]);
ep2_new(_q[0]);
bn_new(n);
ep_norm(_p[0], p);
ep2_norm(_q[0], q);
ep_curve_get_ord(n);
fp12_set_dig(r, 1);
if (!ep_is_infty(p) && !ep2_is_infty(q)) {
pp_mil_lit_k12(r, t, _p, _q, 1, n);
pp_exp_k12(r, r);
}
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
ep_free(_p[0]);
ep_free(t[0]);
ep2_free(_q[0]);
bn_free(n);
}
}
void ep_write_bin(uint8_t *bin, int len, const ep_t a, int pack) {
ep_t t;
ep_null(t);
if (ep_is_infty(a)) {
if (len != 1) {
THROW(ERR_NO_BUFFER);
} else {
bin[0] = 0;
return;
}
}
TRY {
ep_new(t);
ep_norm(t, a);
if (pack) {
if (len != FP_BYTES + 1) {
THROW(ERR_NO_BUFFER);
} else {
ep_pck(t, t);
bin[0] = 2 | fp_get_bit(t->y, 0);
fp_write_bin(bin + 1, FP_BYTES, t->x);
}
} else {
if (len != 2 * FP_BYTES + 1) {
THROW(ERR_NO_BUFFER);
} else {
bin[0] = 4;
fp_write_bin(bin + 1, FP_BYTES, t->x);
fp_write_bin(bin + FP_BYTES + 1, FP_BYTES, t->y);
}
}
} CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
ep_free(t);
}
}
/**
* Compute the Miller loop for pairings of type G_1 x G_2 over the bits of a
* given parameter.
*
* @param[out] r - the result.
* @param[out] t - the resulting point.
* @param[in] p - the first pairing argument in affine coordinates.
* @param[in] q - the second pairing argument in affine coordinates.
* @param[in] a - the loop parameter.
*/
static void pp_mil_lit_k2(fp2_t r, ep_t *t, ep_t *p, ep_t *q, int m, bn_t a) {
fp2_t l, _l;
ep_t _q[m];
int i, j;
fp2_null(_l);
ep_null(_q);
TRY {
fp2_new(_l);
for (j = 0; j < m; j++) {
ep_null(_q[j]);
ep_new(_q[j]);
ep_copy(t[j], p[j]);
ep_neg(_q[j], q[j]);
}
for (i = bn_bits(a) - 2; i >= 0; i--) {
fp2_sqr(r, r);
for (j = 0; j < m; j++) {
pp_dbl_k2(l, t[j], t[j], _q[j]);
fp_copy(_l[0], l[1]);
fp_copy(_l[1], l[0]);
fp2_mul(r, r, _l);
if (bn_get_bit(a, i)) {
pp_add_k2(l, t[j], p[j], q[j]);
fp_copy(_l[0], l[1]);
fp_copy(_l[1], l[0]);
fp2_mul(r, r, _l);
}
}
}
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fp2_free(_l);
fp2_free(m);
ep_free(_q);
}
}
/* 这才是真正的epoll_create啊~~ */
SYSCALL_DEFINE1(epoll_create1, int, flags)
{
int error;
struct eventpoll *ep = NULL;
/* Check the EPOLL_* constant for consistency. */
/* 这句没啥用处... */
BUILD_BUG_ON(EPOLL_CLOEXEC != O_CLOEXEC);
/* 对于epoll来讲, 目前唯一有效的FLAG就是CLOEXEC */
if (flags & ~EPOLL_CLOEXEC)
return -EINVAL;
/*
* Create the internal data structure ("struct eventpoll").
*/
/* 分配一个struct eventpoll, 分配和初始化细节我们随后深聊~ */
error = ep_alloc(&ep);
if (error < 0)
return error;
/*
* Creates all the items needed to setup an eventpoll file. That is,
* a file structure and a free file descriptor.
*/
/* 这里是创建一个匿名fd, 说起来就话长了...长话短说:
* epollfd本身并不存在一个真正的文件与之对应, 所以内核需要创建一个
* "虚拟"的文件, 并为之分配真正的struct file结构, 而且有真正的fd.
* 这里2个参数比较关键:
* eventpoll_fops, fops就是file operations, 就是当你对这个文件(这里是虚拟的)进行操作(比如读)时,
* fops里面的函数指针指向真正的操作实现, 类似C++里面虚函数和子类的概念.
* epoll只实现了poll和release(就是close)操作, 其它文件系统操作都有VFS全权处理了.
* ep, ep就是struct epollevent, 它会作为一个私有数据保存在struct file的private指针里面.
* 其实说白了, 就是为了能通过fd找到struct file, 通过struct file能找到eventpoll结构.
* 如果懂一点Linux下字符设备驱动开发, 这里应该是很好理解的,
* 推荐阅读 <Linux device driver 3rd>
*/
error = anon_inode_getfd("[eventpoll]", &eventpoll_fops, ep,
O_RDWR | (flags & O_CLOEXEC));
if (error < 0)
ep_free(ep);
return error;
}
void ep_mul_sim_basic(ep_t r, const ep_t p, const bn_t k, const ep_t q,
const bn_t m) {
ep_t t;
ep_null(t);
TRY {
ep_new(t);
ep_mul(t, q, m);
ep_mul(r, p, k);
ep_add(t, t, r);
ep_norm(r, t);
} CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
ep_free(t);
}
}
int ep_is_valid(const ep_t p) {
ep_t t;
int r = 0;
ep_null(t);
TRY {
ep_new(t);
ep_norm(t, p);
ep_rhs(t->x, t);
fp_sqr(t->y, t->y);
r = (fp_cmp(t->x, t->y) == CMP_EQ) || ep_is_infty(p);
} CATCH_ANY {
THROW(ERR_CAUGHT);
} FINALLY {
ep_free(t);
}
return r;
}
int main(void)
{
struct eltpool *ep = ep_new(sizeof(struct argh), 64);
clist l;
clist_init(&l);
for (uns i=0; i<65536; i++)
{
struct argh *a = ep_alloc(ep);
if (i % 3)
clist_add_tail(&l, &a->n);
else
clist_add_head(&l, &a->n);
if (!(i % 5))
{
a = clist_head(&l);
clist_remove(&a->n);
ep_free(ep, a);
}
}
ep_delete(ep);
puts("OK");
return 0;
}
static int
ep_pccard_detach(device_t dev)
{
struct ep_softc *sc = device_get_softc(dev);
struct ifnet *ifp = &sc->arpcom.ac_if;
lwkt_serialize_enter(ifp->if_serializer);
if (sc->gone) {
device_printf(dev, "already unloaded\n");
lwkt_serialize_exit(ifp->if_serializer);
return (0);
}
ifp->if_flags &= ~IFF_RUNNING;
sc->gone = 1;
bus_teardown_intr(dev, sc->irq, sc->ep_intrhand);
lwkt_serialize_exit(ifp->if_serializer);
ether_ifdetach(&sc->arpcom.ac_if);
ep_free(dev);
return (0);
}
void pp_dbl_k2_basic(fp2_t l, ep_t r, ep_t p, ep_t q) {
fp_t s;
ep_t t;
fp_null(s);
ep_null(t);
TRY {
fp_new(s);
ep_new(t);
ep_copy(t, p);
ep_dbl_slp_basic(r, s, p);
fp_add(l[0], t->x, q->x);
fp_mul(l[0], l[0], s);
fp_sub(l[0], t->y, l[0]);
fp_copy(l[1], q->y);
} CATCH_ANY {
THROW(ERR_CAUGHT);
} FINALLY {
fp_free(s);
ep_free(t);
}
}
void pp_map_sim_weilp_k12(fp12_t r, ep_t *p, ep2_t *q, int m) {
ep_t _p[m], t0[m];
ep2_t _q[m], t1[m];
fp12_t r0, r1;
bn_t n;
int i, j;
fp12_null(r0);
fp12_null(r1);
bn_null(r);
TRY {
fp12_new(r0);
fp12_new(r1);
bn_new(n);
for (i = 0; i < m; i++) {
ep_null(_p[i]);
ep_null(t0[i]);
ep2_null(_q[i]);
ep2_null(t1[i]);
ep_new(_p[i]);
ep_new(t0[i]);
ep2_new(_q[i]);
ep2_new(t1[i]);
}
j = 0;
for (i = 0; i < m; i++) {
if (!ep_is_infty(p[i]) && !ep2_is_infty(q[i])) {
ep_norm(_p[j], p[i]);
ep2_norm(_q[j++], q[i]);
}
}
ep_curve_get_ord(n);
bn_sub_dig(n, n, 1);
fp12_set_dig(r0, 1);
fp12_set_dig(r1, 1);
if (j > 0) {
pp_mil_lit_k12(r0, t0, _p, _q, j, n);
pp_mil_k12(r1, t1, _q, _p, j, n);
fp12_inv(r1, r1);
fp12_mul(r0, r0, r1);
fp12_inv(r1, r0);
fp12_inv_uni(r0, r0);
}
fp12_mul(r, r0, r1);
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fp12_free(r0);
fp12_free(r1);
bn_free(n);
for (i = 0; i < m; i++) {
ep_free(_p[i]);
ep_free(t0[i]);
ep2_free(_q[i]);
ep2_free(t1[i]);
}
}
}
static int
ep_pccard_attach(device_t dev)
{
struct ep_softc * sc = device_get_softc(dev);
struct ifnet * ifp = &sc->arpcom.ac_if;
int error = 0;
if ((error = ep_alloc(dev))) {
device_printf(dev, "ep_alloc() failed! (%d)\n", error);
goto bad;
}
sc->epb.cmd_off = 0;
sc->epb.prod_id = get_e(sc, EEPROM_PROD_ID);
if (!ep_pccard_card_attach(&sc->epb)) {
sc->epb.cmd_off = 2;
sc->epb.prod_id = get_e(sc, EEPROM_PROD_ID);
sc->epb.res_cfg = get_e(sc, EEPROM_RESOURCE_CFG);
if (!ep_pccard_card_attach(&sc->epb)) {
device_printf(dev,
"Probe found ID, attach failed so ignore card!\n");
error = ENXIO;
goto bad;
}
}
/* ROM size = 0, ROM base = 0 */
/* For now, ignore AUTO SELECT feature of 3C589B and later. */
outw(BASE + EP_W0_ADDRESS_CFG, get_e(sc, EEPROM_ADDR_CFG) & 0xc000);
/* Fake IRQ must be 3 */
outw(BASE + EP_W0_RESOURCE_CFG, (sc->epb.res_cfg & 0x0fff) | 0x3000);
outw(BASE + EP_W0_PRODUCT_ID, sc->epb.prod_id);
if (sc->epb.mii_trans) {
/*
* turn on the MII transciever
*/
GO_WINDOW(3);
outw(BASE + EP_W3_OPTIONS, 0x8040);
DELAY(1000);
outw(BASE + EP_W3_OPTIONS, 0xc040);
outw(BASE + EP_COMMAND, RX_RESET);
outw(BASE + EP_COMMAND, TX_RESET);
while (inw(BASE + EP_STATUS) & S_COMMAND_IN_PROGRESS);
DELAY(1000);
outw(BASE + EP_W3_OPTIONS, 0x8040);
} else {
ep_get_media(sc);
}
if ((error = ep_attach(sc))) {
device_printf(dev, "ep_attach() failed! (%d)\n", error);
goto bad;
}
error = bus_setup_intr(dev, sc->irq, INTR_MPSAFE, ep_intr,
sc, &sc->ep_intrhand,
sc->arpcom.ac_if.if_serializer);
if (error) {
device_printf(dev, "bus_setup_intr() failed! (%d)\n", error);
goto bad;
}
ifp->if_cpuid = ithread_cpuid(rman_get_start(sc->irq));
KKASSERT(ifp->if_cpuid >= 0 && ifp->if_cpuid < ncpus);
return (0);
bad:
ep_free(dev);
return (error);
}
void pp_map_oatep_k12(fp12_t r, ep_t p, ep2_t q) {
ep_t _p[1];
ep2_t t[1], _q[1];
bn_t a;
int len = FP_BITS, s[FP_BITS];
ep_null(_p[0]);
ep2_null(_q[0]);
ep2_null(t[0]);
bn_null(a);
TRY {
ep_new(_p[0]);
ep2_new(_q[0]);
ep2_new(t[0]);
bn_new(a);
fp_param_get_var(a);
bn_mul_dig(a, a, 6);
bn_add_dig(a, a, 2);
fp_param_get_map(s, &len);
fp12_set_dig(r, 1);
ep_norm(_p[0], p);
ep2_norm(_q[0], q);
if (!ep_is_infty(_p[0]) && !ep2_is_infty(_q[0])) {
switch (ep_param_get()) {
case BN_P158:
case BN_P254:
case BN_P256:
case BN_P638:
/* r = f_{|a|,Q}(P). */
pp_mil_sps_k12(r, t, _q, _p, 1, s, len);
if (bn_sign(a) == BN_NEG) {
/* f_{-a,Q}(P) = 1/f_{a,Q}(P). */
fp12_inv_uni(r, r);
ep2_neg(t[0], t[0]);
}
pp_fin_k12_oatep(r, t[0], _q[0], _p[0]);
pp_exp_k12(r, r);
break;
case B12_P638:
/* r = f_{|a|,Q}(P). */
pp_mil_sps_k12(r, t, _q, _p, 1, s, len);
if (bn_sign(a) == BN_NEG) {
fp12_inv_uni(r, r);
ep2_neg(t[0], t[0]);
}
pp_exp_k12(r, r);
break;
}
}
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
ep_free(_p[0]);
ep2_free(_q[0]);
ep2_free(t[0]);
bn_free(a);
}
}
static int
ep_eisa_attach(device_t dev)
{
struct ep_softc *sc = device_get_softc(dev);
struct resource *eisa_io = NULL;
uint32_t eisa_iobase;
int irq;
int error = 0;
int rid;
rid = 1;
eisa_io = bus_alloc_resource_any(dev, SYS_RES_IOPORT, &rid, RF_ACTIVE);
if (!eisa_io) {
device_printf(dev, "No I/O space?!\n");
error = ENXIO;
goto bad;
}
eisa_iobase = rman_get_start(eisa_io);
/* Reset and Enable the card */
outb(eisa_iobase + EP_W0_CONFIG_CTRL, W0_P4_CMD_RESET_ADAPTER);
DELAY(1000); /* we must wait at least 1 ms */
outb(eisa_iobase + EP_W0_CONFIG_CTRL, W0_P4_CMD_ENABLE_ADAPTER);
/* Now the registers are availible through the lower ioport */
if ((error = ep_alloc(dev))) {
device_printf(dev, "ep_alloc() failed! (%d)\n", error);
goto bad;
}
switch (eisa_get_id(dev)) {
case EISA_DEVICE_ID_3COM_3C579_BNC:
case EISA_DEVICE_ID_3COM_3C579_TP:
sc->stat = F_ACCESS_32_BITS;
break;
}
ep_get_media(sc);
irq = rman_get_start(sc->irq);
if (irq == 9)
irq = 2;
GO_WINDOW(sc, 0);
SET_IRQ(sc, irq);
if ((error = ep_attach(sc))) {
device_printf(dev, "ep_attach() failed! (%d)\n", error);
goto bad;
}
if ((error = bus_setup_intr(dev, sc->irq, INTR_TYPE_NET | INTR_MPSAFE,
NULL, ep_intr, sc, &sc->ep_intrhand))) {
device_printf(dev, "bus_setup_intr() failed! (%d)\n", error);
goto bad;
}
return (0);
bad:
if (eisa_io)
bus_release_resource(dev, SYS_RES_IOPORT, 0, eisa_io);
ep_free(dev);
return (error);
}
static int
ep_pccard_attach(device_t dev)
{
struct ep_softc *sc = device_get_softc(dev);
uint16_t result;
int error = 0;
const struct ep_pccard_product *pp;
if ((pp = ep_pccard_lookup(dev)) == NULL)
panic("ep_pccard_attach: can't find product in attach.");
if (pp->chipset == EP_CHIP_574) {
sc->epb.mii_trans = 1;
sc->epb.cmd_off = 2;
} else {
sc->epb.mii_trans = 0;
sc->epb.cmd_off = 0;
}
if ((error = ep_alloc(dev))) {
device_printf(dev, "ep_alloc() failed! (%d)\n", error);
goto bad;
}
if (pp->chipset == EP_CHIP_C1)
sc->stat |= F_HAS_TX_PLL;
/* ROM size = 0, ROM base = 0 */
/* For now, ignore AUTO SELECT feature of 3C589B and later. */
error = ep_get_e(sc, EEPROM_ADDR_CFG, &result);
CSR_WRITE_2(sc, EP_W0_ADDRESS_CFG, result & 0xc000);
/*
* Fake IRQ must be 3 for 3C589 and 3C589B. 3C589D and newer
* ignore this value. 3C589C is unknown, as are the other
* cards supported by this driver, but it appears to never hurt
* and always helps.
*/
SET_IRQ(sc, 3);
CSR_WRITE_2(sc, EP_W0_PRODUCT_ID, sc->epb.prod_id);
if (sc->epb.mii_trans) {
/*
* turn on the MII transciever
*/
GO_WINDOW(sc, 3);
CSR_WRITE_2(sc, EP_W3_OPTIONS, 0x8040);
DELAY(1000);
CSR_WRITE_2(sc, EP_W3_OPTIONS, 0xc040);
CSR_WRITE_2(sc, EP_COMMAND, RX_RESET);
CSR_WRITE_2(sc, EP_COMMAND, TX_RESET);
EP_BUSY_WAIT(sc);
DELAY(1000);
CSR_WRITE_2(sc, EP_W3_OPTIONS, 0x8040);
} else
ep_get_media(sc);
/*
* The 3C562 (a-c revisions) stores the MAC in the CIS in a
* way that's unique to 3com. If we have one of these cards,
* scan the CIS for that MAC address, and use it if we find
* it. The NetBSD driver says that the ROADRUNNER chips also
* do this, which may be true, but none of the cards that I
* have include this TUPLE. Always prefer the MAC addr in the
* CIS tuple to the one returned by the card, as it appears that
* only those cards that need it have this special tuple.
*/
if (pccard_cis_scan(dev, ep_pccard_mac, sc->eaddr))
sc->stat |= F_ENADDR_SKIP;
if ((error = ep_attach(sc))) {
device_printf(dev, "ep_attach() failed! (%d)\n", error);
goto bad;
}
if ((error = bus_setup_intr(dev, sc->irq, INTR_TYPE_NET | INTR_MPSAFE,
NULL, ep_intr, sc, &sc->ep_intrhand))) {
device_printf(dev, "bus_setup_intr() failed! (%d)\n", error);
goto bad;
}
return (0);
bad:
ep_free(dev);
return (error);
}
void pp_map_sim_oatep_k12(fp12_t r, ep_t *p, ep2_t *q, int m) {
ep_t _p[m];
ep2_t t[m], _q[m];
bn_t a;
int i, j, len = FP_BITS, s[FP_BITS];
TRY {
bn_null(a);
bn_new(a);
for (i = 0; i < m; i++) {
ep_null(_p[i]);
ep2_null(_q[i]);
ep2_null(t[i]);
ep_new(_p[i]);
ep2_new(_q[i]);
ep2_new(t[i]);
}
j = 0;
for (i = 0; i < m; i++) {
if (!ep_is_infty(p[i]) && !ep2_is_infty(q[i])) {
ep_norm(_p[j], p[i]);
ep2_norm(_q[j++], q[i]);
}
}
fp12_set_dig(r, 1);
fp_param_get_var(a);
bn_mul_dig(a, a, 6);
bn_add_dig(a, a, 2);
fp_param_get_map(s, &len);
if (j > 0) {
switch (ep_param_get()) {
case BN_P158:
case BN_P254:
case BN_P256:
case BN_P638:
/* r = f_{|a|,Q}(P). */
pp_mil_sps_k12(r, t, _q, _p, j, s, len);
if (bn_sign(a) == BN_NEG) {
/* f_{-a,Q}(P) = 1/f_{a,Q}(P). */
fp12_inv_uni(r, r);
}
for (i = 0; i < j; i++) {
if (bn_sign(a) == BN_NEG) {
ep2_neg(t[i], t[i]);
}
pp_fin_k12_oatep(r, t[i], _q[i], _p[i]);
}
pp_exp_k12(r, r);
break;
case B12_P638:
/* r = f_{|a|,Q}(P). */
pp_mil_sps_k12(r, t, _q, _p, j, s, len);
if (bn_sign(a) == BN_NEG) {
fp12_inv_uni(r, r);
}
pp_exp_k12(r, r);
break;
}
}
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
bn_free(a);
for (i = 0; i < m; i++) {
ep_free(_p[i]);
ep2_free(_q[i]);
ep2_free(t[i]);
}
}
}
/**
* Multiplies and adds two prime elliptic curve points simultaneously,
* optionally choosing the first point as the generator depending on an optional
* table of precomputed points.
*
* @param[out] r - the result.
* @param[in] p - the first point to multiply.
* @param[in] k - the first integer.
* @param[in] q - the second point to multiply.
* @param[in] m - the second integer.
* @param[in] t - the pointer to the precomputed table.
*/
void ep_mul_sim_endom(ep_t r, const ep_t p, const bn_t k, const ep_t q,
const bn_t m, const ep_t *t) {
int len, len0, len1, len2, len3, i, n, sk0, sk1, sl0, sl1, w, g = 0;
int8_t naf0[FP_BITS + 1], naf1[FP_BITS + 1], *t0, *t1;
int8_t naf2[FP_BITS + 1], naf3[FP_BITS + 1], *t2, *t3;
bn_t k0, k1, l0, l1;
bn_t ord, v1[3], v2[3];
ep_t u;
ep_t tab0[1 << (EP_WIDTH - 2)];
ep_t tab1[1 << (EP_WIDTH - 2)];
bn_null(ord);
bn_null(k0);
bn_null(k1);
bn_null(l0);
bn_null(l1);
ep_null(u);
for (i = 0; i < (1 << (EP_WIDTH - 2)); i++) {
ep_null(tab0[i]);
ep_null(tab1[i]);
}
bn_new(ord);
bn_new(k0);
bn_new(k1);
bn_new(l0);
bn_new(l1);
ep_new(u);
TRY {
for (i = 0; i < 3; i++) {
bn_null(v1[i]);
bn_null(v2[i]);
bn_new(v1[i]);
bn_new(v2[i]);
}
ep_curve_get_ord(ord);
ep_curve_get_v1(v1);
ep_curve_get_v2(v2);
bn_rec_glv(k0, k1, k, ord, (const bn_t *)v1, (const bn_t *)v2);
sk0 = bn_sign(k0);
sk1 = bn_sign(k1);
bn_abs(k0, k0);
bn_abs(k1, k1);
bn_rec_glv(l0, l1, m, ord, (const bn_t *)v1, (const bn_t *)v2);
sl0 = bn_sign(l0);
sl1 = bn_sign(l1);
bn_abs(l0, l0);
bn_abs(l1, l1);
g = (t == NULL ? 0 : 1);
if (!g) {
for (i = 0; i < (1 << (EP_WIDTH - 2)); i++) {
ep_new(tab0[i]);
}
ep_tab(tab0, p, EP_WIDTH);
t = (const ep_t *)tab0;
}
/* Prepare the precomputation table. */
for (i = 0; i < (1 << (EP_WIDTH - 2)); i++) {
ep_new(tab1[i]);
}
/* Compute the precomputation table. */
ep_tab(tab1, q, EP_WIDTH);
/* Compute the w-TNAF representation of k and l */
if (g) {
w = EP_DEPTH;
} else {
w = EP_WIDTH;
}
len0 = len1 = len2 = len3 = FP_BITS + 1;
bn_rec_naf(naf0, &len0, k0, w);
bn_rec_naf(naf1, &len1, k1, w);
bn_rec_naf(naf2, &len2, l0, EP_WIDTH);
bn_rec_naf(naf3, &len3, l1, EP_WIDTH);
len = MAX(MAX(len0, len1), MAX(len2, len3));
t0 = naf0 + len - 1;
t1 = naf1 + len - 1;
t2 = naf2 + len - 1;
t3 = naf3 + len - 1;
for (i = len0; i < len; i++) {
naf0[i] = 0;
}
for (i = len1; i < len; i++) {
naf1[i] = 0;
}
for (i = len2; i < len; i++) {
naf2[i] = 0;
}
for (i = len3; i < len; i++) {
naf3[i] = 0;
}
ep_set_infty(r);
for (i = len - 1; i >= 0; i--, t0--, t1--, t2--, t3--) {
ep_dbl(r, r);
n = *t0;
if (n > 0) {
if (sk0 == BN_POS) {
ep_add(r, r, t[n / 2]);
} else {
ep_sub(r, r, t[n / 2]);
}
}
if (n < 0) {
if (sk0 == BN_POS) {
ep_sub(r, r, t[-n / 2]);
} else {
ep_add(r, r, t[-n / 2]);
}
}
n = *t1;
if (n > 0) {
ep_copy(u, t[n / 2]);
fp_mul(u->x, u->x, ep_curve_get_beta());
if (sk1 == BN_NEG) {
ep_neg(u, u);
}
ep_add(r, r, u);
}
if (n < 0) {
ep_copy(u, t[-n / 2]);
fp_mul(u->x, u->x, ep_curve_get_beta());
if (sk1 == BN_NEG) {
ep_neg(u, u);
}
ep_sub(r, r, u);
}
n = *t2;
if (n > 0) {
if (sl0 == BN_POS) {
ep_add(r, r, tab1[n / 2]);
} else {
ep_sub(r, r, tab1[n / 2]);
}
}
if (n < 0) {
if (sl0 == BN_POS) {
ep_sub(r, r, tab1[-n / 2]);
} else {
ep_add(r, r, tab1[-n / 2]);
}
}
n = *t3;
if (n > 0) {
ep_copy(u, tab1[n / 2]);
fp_mul(u->x, u->x, ep_curve_get_beta());
if (sl1 == BN_NEG) {
ep_neg(u, u);
}
ep_add(r, r, u);
}
if (n < 0) {
ep_copy(u, tab1[-n / 2]);
fp_mul(u->x, u->x, ep_curve_get_beta());
if (sl1 == BN_NEG) {
ep_neg(u, u);
}
ep_sub(r, r, u);
}
}
/* Convert r to affine coordinates. */
ep_norm(r, r);
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
bn_free(ord);
bn_free(k0);
bn_free(k1);
bn_free(l0);
bn_free(l1);
ep_free(u);
if (!g) {
for (i = 0; i < 1 << (EP_WIDTH - 2); i++) {
ep_free(tab0[i]);
}
}
/* Free the precomputation tables. */
for (i = 0; i < 1 << (EP_WIDTH - 2); i++) {
ep_free(tab1[i]);
}
for (i = 0; i < 3; i++) {
bn_free(v1[i]);
bn_free(v2[i]);
}
}
}
void ep_mul_sim_joint(ep_t r, const ep_t p, const bn_t k, const ep_t q,
const bn_t m) {
ep_t t[5];
int u_i, len, offset;
int8_t jsf[2 * (FP_BITS + 1)];
int i;
ep_null(t[0]);
ep_null(t[1]);
ep_null(t[2]);
ep_null(t[3]);
ep_null(t[4]);
TRY {
for (i = 0; i < 5; i++) {
ep_new(t[i]);
}
ep_set_infty(t[0]);
ep_copy(t[1], q);
ep_copy(t[2], p);
ep_add(t[3], p, q);
ep_sub(t[4], p, q);
#if defined(EP_MIXED)
ep_norm_sim(t + 3, (const ep_t *)t + 3, 2);
#endif
len = 2 * (FP_BITS + 1);
bn_rec_jsf(jsf, &len, k, m);
ep_set_infty(r);
offset = MAX(bn_bits(k), bn_bits(m)) + 1;
for (i = len - 1; i >= 0; i--) {
ep_dbl(r, r);
if (jsf[i] != 0 && jsf[i] == -jsf[i + offset]) {
u_i = jsf[i] * 2 + jsf[i + offset];
if (u_i < 0) {
ep_sub(r, r, t[4]);
} else {
ep_add(r, r, t[4]);
}
} else {
u_i = jsf[i] * 2 + jsf[i + offset];
if (u_i < 0) {
ep_sub(r, r, t[-u_i]);
} else {
ep_add(r, r, t[u_i]);
}
}
}
ep_norm(r, r);
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
for (i = 0; i < 5; i++) {
ep_free(t[i]);
}
}
}
/**
* Multiplies and adds two prime elliptic curve points simultaneously,
* optionally choosing the first point as the generator depending on an optional
* table of precomputed points.
*
* @param[out] r - the result.
* @param[in] p - the first point to multiply.
* @param[in] k - the first integer.
* @param[in] q - the second point to multiply.
* @param[in] m - the second integer.
* @param[in] t - the pointer to the precomputed table.
*/
static void ep_mul_sim_plain(ep_t r, const ep_t p, const bn_t k, const ep_t q,
const bn_t m, const ep_t *t) {
int len, l0, l1, i, n0, n1, w, gen;
int8_t naf0[FP_BITS + 1], naf1[FP_BITS + 1], *_k, *_m;
ep_t t0[1 << (EP_WIDTH - 2)];
ep_t t1[1 << (EP_WIDTH - 2)];
for (i = 0; i < (1 << (EP_WIDTH - 2)); i++) {
ep_null(t0[i]);
ep_null(t1[i]);
}
TRY {
gen = (t == NULL ? 0 : 1);
if (!gen) {
for (i = 0; i < (1 << (EP_WIDTH - 2)); i++) {
ep_new(t0[i]);
}
ep_tab(t0, p, EP_WIDTH);
t = (const ep_t *)t0;
}
/* Prepare the precomputation table. */
for (i = 0; i < (1 << (EP_WIDTH - 2)); i++) {
ep_new(t1[i]);
}
/* Compute the precomputation table. */
ep_tab(t1, q, EP_WIDTH);
/* Compute the w-TNAF representation of k. */
if (gen) {
w = EP_DEPTH;
} else {
w = EP_WIDTH;
}
l0 = l1 = FP_BITS + 1;
bn_rec_naf(naf0, &l0, k, w);
bn_rec_naf(naf1, &l1, m, EP_WIDTH);
len = MAX(l0, l1);
_k = naf0 + len - 1;
_m = naf1 + len - 1;
for (i = l0; i < len; i++)
naf0[i] = 0;
for (i = l1; i < len; i++)
naf1[i] = 0;
ep_set_infty(r);
for (i = len - 1; i >= 0; i--, _k--, _m--) {
ep_dbl(r, r);
n0 = *_k;
n1 = *_m;
if (n0 > 0) {
ep_add(r, r, t[n0 / 2]);
}
if (n0 < 0) {
ep_sub(r, r, t[-n0 / 2]);
}
if (n1 > 0) {
ep_add(r, r, t1[n1 / 2]);
}
if (n1 < 0) {
ep_sub(r, r, t1[-n1 / 2]);
}
}
/* Convert r to affine coordinates. */
ep_norm(r, r);
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
/* Free the precomputation tables. */
if (!gen) {
for (i = 0; i < 1 << (EP_WIDTH - 2); i++) {
ep_free(t0[i]);
}
}
for (i = 0; i < 1 << (EP_WIDTH - 2); i++) {
ep_free(t1[i]);
}
}
}
void ep_param_set(int param) {
int plain = 0, endom = 0, super = 0;
char str[2 * FP_BYTES + 2];
fp_t a, b, beta;
ep_t g;
bn_t r, h, lamb;
fp_null(a);
fp_null(b);
fp_null(beta);
bn_null(lamb);
ep_null(g);
bn_null(r);
bn_null(h);
TRY {
fp_new(a);
fp_new(b);
fp_new(beta);
bn_new(lamb);
ep_new(g);
bn_new(r);
bn_new(h);
core_get()->ep_id = 0;
switch (param) {
#if defined(EP_ENDOM) && FP_PRIME == 158
case BN_P158:
ASSIGNK(BN_P158, BN_158);
endom = 1;
break;
#endif
#if defined(EP_PLAIN) && FP_PRIME == 160
case SECG_P160:
ASSIGN(SECG_P160, SECG_160);
plain = 1;
break;
#endif
#if defined(EP_ENDOM) && FP_PRIME == 160
case SECG_K160:
ASSIGNK(SECG_K160, SECG_160D);
endom = 1;
break;
#endif
#if defined(EP_PLAIN) && FP_PRIME == 192
case NIST_P192:
ASSIGN(NIST_P192, NIST_192);
plain = 1;
break;
#endif
#if defined(EP_ENDOM) && FP_PRIME == 192
case SECG_K192:
ASSIGNK(SECG_K192, SECG_192);
endom = 1;
break;
#endif
#if defined(EP_PLAIN) && FP_PRIME == 221
case CURVE_22103:
ASSIGN(CURVE_22103, PRIME_22103);
plain = 1;
break;
#endif
#if defined(EP_PLAIN) && FP_PRIME == 224
case NIST_P224:
ASSIGN(NIST_P224, NIST_224);
plain = 1;
break;
#endif
#if defined(EP_ENDOM) && FP_PRIME == 224
case SECG_K224:
ASSIGNK(SECG_K224, SECG_224);
endom = 1;
break;
#endif
#if defined(EP_PLAIN) && FP_PRIME == 226
case CURVE_4417:
ASSIGN(CURVE_4417, PRIME_22605);
plain = 1;
break;
#endif
#if defined(EP_ENDOM) && FP_PRIME == 254
case BN_P254:
ASSIGNK(BN_P254, BN_254);
endom = 1;
break;
#endif
#if defined(EP_PLAIN) && FP_PRIME == 251
case CURVE_1174:
ASSIGN(CURVE_1174, PRIME_25109);
plain = 1;
break;
#endif
#if defined(EP_PLAIN) && FP_PRIME == 255
case CURVE_25519:
ASSIGN(CURVE_25519, PRIME_25519);
plain = 1;
break;
#endif
#if defined(EP_PLAIN) && FP_PRIME == 256
case NIST_P256:
ASSIGN(NIST_P256, NIST_256);
plain = 1;
break;
#endif
#if defined(EP_ENDOM) && FP_PRIME == 256
case SECG_K256:
ASSIGNK(SECG_K256, SECG_256);
endom = 1;
break;
case BN_P256:
ASSIGNK(BN_P256, BN_256);
endom = 1;
break;
#endif
#if defined(EP_PLAIN) & FP_PRIME == 382
case CURVE_67254:
ASSIGN(CURVE_67254, PRIME_382105);
plain = 1;
break;
#endif
#if defined(EP_PLAIN) && FP_PRIME == 383
case CURVE_383187:
ASSIGN(CURVE_383187, PRIME_383187);
plain = 1;
break;
#endif
#if defined(EP_PLAIN) && FP_PRIME == 384
case NIST_P384:
ASSIGN(NIST_P384, NIST_384);
plain = 1;
break;
#endif
#if defined(EP_PLAIN) && FP_PRIME == 477
case B24_P477:
ASSIGN(B24_P477, B24_477);
plain = 1;
break;
#endif
#if defined(EP_ENDOM) && FP_PRIME == 508
case KSS_P508:
ASSIGNK(KSS_P508, KSS_508);
endom = 1;
break;
#endif
#if defined(EP_PLAIN) && FP_PRIME == 511
case CURVE_511187:
ASSIGN(CURVE_511187, PRIME_511187);
plain = 1;
break;
#endif
#if defined(EP_PLAIN) && FP_PRIME == 521
case NIST_P521:
ASSIGN(NIST_P521, NIST_521);
plain = 1;
break;
#endif
#if defined(EP_ENDOM) && FP_PRIME == 638
case BN_P638:
ASSIGNK(BN_P638, BN_638);
endom = 1;
break;
case B12_P638:
ASSIGNK(B12_P638, B12_638);
endom = 1;
break;
#endif
#if defined(EP_SUPER) && FP_PRIME == 1536
case SS_P1536:
ASSIGN(SS_P1536, SS_1536);
super = 1;
break;
#endif
default:
(void)str;
THROW(ERR_NO_VALID);
break;
}
/* Do not generate warnings. */
(void)endom;
(void)plain;
(void)beta;
fp_zero(g->z);
fp_set_dig(g->z, 1);
g->norm = 1;
#if defined(EP_PLAIN)
if (plain) {
ep_curve_set_plain(a, b, g, r, h);
core_get()->ep_id = param;
}
#endif
#if defined(EP_ENDOM)
if (endom) {
ep_curve_set_endom(b, g, r, h, beta, lamb);
core_get()->ep_id = param;
}
#endif
#if defined(EP_SUPER)
if (super) {
ep_curve_set_super(a, b, g, r, h);
core_get()->ep_id = param;
}
#endif
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fp_free(a);
fp_free(b);
fp_free(beta);
bn_free(lamb);
ep_free(g);
bn_free(r);
bn_free(h);
}
}
void ep_mul_sim_trick(ep_t r, const ep_t p, const bn_t k, const ep_t q,
const bn_t m) {
ep_t t0[1 << (EP_WIDTH / 2)], t1[1 << (EP_WIDTH / 2)], t[1 << EP_WIDTH];
bn_t n;
int l0, l1, w = EP_WIDTH / 2;
uint8_t w0[CEIL(FP_BITS + 1, w)], w1[CEIL(FP_BITS + 1, w)];
bn_null(n);
for (int i = 0; i < 1 << EP_WIDTH; i++) {
ep_null(t[i]);
}
for (int i = 0; i < 1 << (EP_WIDTH / 2); i++) {
ep_null(t0[i]);
ep_null(t1[i]);
}
TRY {
bn_new(n);
ep_curve_get_ord(n);
for (int i = 0; i < (1 << w); i++) {
ep_new(t0[i]);
ep_new(t1[i]);
}
for (int i = 0; i < (1 << EP_WIDTH); i++) {
ep_new(t[i]);
}
ep_set_infty(t0[0]);
for (int i = 1; i < (1 << w); i++) {
ep_add(t0[i], t0[i - 1], p);
}
ep_set_infty(t1[0]);
for (int i = 1; i < (1 << w); i++) {
ep_add(t1[i], t1[i - 1], q);
}
for (int i = 0; i < (1 << w); i++) {
for (int j = 0; j < (1 << w); j++) {
ep_add(t[(i << w) + j], t0[i], t1[j]);
}
}
#if defined(EP_MIXED)
ep_norm_sim(t + 1, (const ep_t *)t + 1, (1 << (EP_WIDTH)) - 1);
#endif
l0 = l1 = CEIL(FP_BITS, w);
bn_rec_win(w0, &l0, k, w);
bn_rec_win(w1, &l1, m, w);
for (int i = l0; i < l1; i++) {
w0[i] = 0;
}
for (int i = l1; i < l0; i++) {
w1[i] = 0;
}
ep_set_infty(r);
for (int i = MAX(l0, l1) - 1; i >= 0; i--) {
for (int j = 0; j < w; j++) {
ep_dbl(r, r);
}
ep_add(r, r, t[(w0[i] << w) + w1[i]]);
}
ep_norm(r, r);
} CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
bn_free(n);
for (int i = 0; i < (1 << w); i++) {
ep_free(t0[i]);
ep_free(t1[i]);
}
for (int i = 0; i < (1 << EP_WIDTH); i++) {
ep_free(t[i]);
}
}
}