Remove dead code in p256-x86_64.
Change-Id: I9d0b3fa39445d08202c67d905d2c676d5d968c33
Reviewed-on: https://boringssl-review.googlesource.com/6561
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/ec/asm/p256-x86_64-asm.pl b/crypto/ec/asm/p256-x86_64-asm.pl
index e203d46..361a84b 100644
--- a/crypto/ec/asm/p256-x86_64-asm.pl
+++ b/crypto/ec/asm/p256-x86_64-asm.pl
@@ -67,10 +67,6 @@
.Lpoly:
.quad 0xffffffffffffffff, 0x00000000ffffffff, 0x0000000000000000, 0xffffffff00000001
-# 2^512 mod P precomputed for NIST P256 polynomial
-.LRR:
-.quad 0x0000000000000003, 0xfffffffbffffffff, 0xfffffffffffffffe, 0x00000004fffffffd
-
.LOne:
.long 1,1,1,1,1,1,1,1
.LTwo:
@@ -91,7 +87,6 @@
$code.=<<___;
-.globl ecp_nistz256_mul_by_2
.type ecp_nistz256_mul_by_2,\@function,2
.align 64
ecp_nistz256_mul_by_2:
@@ -134,224 +129,6 @@
.size ecp_nistz256_mul_by_2,.-ecp_nistz256_mul_by_2
################################################################################
-# void ecp_nistz256_div_by_2(uint64_t res[4], uint64_t a[4]);
-.globl ecp_nistz256_div_by_2
-.type ecp_nistz256_div_by_2,\@function,2
-.align 32
-ecp_nistz256_div_by_2:
- push %r12
- push %r13
-
- mov 8*0($a_ptr), $a0
- mov 8*1($a_ptr), $a1
- mov 8*2($a_ptr), $a2
- mov $a0, $t0
- mov 8*3($a_ptr), $a3
- lea .Lpoly(%rip), $a_ptr
-
- mov $a1, $t1
- xor $t4, $t4
- add 8*0($a_ptr), $a0
- mov $a2, $t2
- adc 8*1($a_ptr), $a1
- adc 8*2($a_ptr), $a2
- mov $a3, $t3
- adc 8*3($a_ptr), $a3
- adc \$0, $t4
- xor $a_ptr, $a_ptr # borrow $a_ptr
- test \$1, $t0
-
- cmovz $t0, $a0
- cmovz $t1, $a1
- cmovz $t2, $a2
- cmovz $t3, $a3
- cmovz $a_ptr, $t4
-
- mov $a1, $t0 # a0:a3>>1
- shr \$1, $a0
- shl \$63, $t0
- mov $a2, $t1
- shr \$1, $a1
- or $t0, $a0
- shl \$63, $t1
- mov $a3, $t2
- shr \$1, $a2
- or $t1, $a1
- shl \$63, $t2
- shr \$1, $a3
- shl \$63, $t4
- or $t2, $a2
- or $t4, $a3
-
- mov $a0, 8*0($r_ptr)
- mov $a1, 8*1($r_ptr)
- mov $a2, 8*2($r_ptr)
- mov $a3, 8*3($r_ptr)
-
- pop %r13
- pop %r12
- ret
-.size ecp_nistz256_div_by_2,.-ecp_nistz256_div_by_2
-
-################################################################################
-# void ecp_nistz256_mul_by_3(uint64_t res[4], uint64_t a[4]);
-.globl ecp_nistz256_mul_by_3
-.type ecp_nistz256_mul_by_3,\@function,2
-.align 32
-ecp_nistz256_mul_by_3:
- push %r12
- push %r13
-
- mov 8*0($a_ptr), $a0
- xor $t4, $t4
- mov 8*1($a_ptr), $a1
- add $a0, $a0 # a0:a3+a0:a3
- mov 8*2($a_ptr), $a2
- adc $a1, $a1
- mov 8*3($a_ptr), $a3
- mov $a0, $t0
- adc $a2, $a2
- adc $a3, $a3
- mov $a1, $t1
- adc \$0, $t4
-
- sub \$-1, $a0
- mov $a2, $t2
- sbb .Lpoly+8*1(%rip), $a1
- sbb \$0, $a2
- mov $a3, $t3
- sbb .Lpoly+8*3(%rip), $a3
- test $t4, $t4
-
- cmovz $t0, $a0
- cmovz $t1, $a1
- cmovz $t2, $a2
- cmovz $t3, $a3
-
- xor $t4, $t4
- add 8*0($a_ptr), $a0 # a0:a3+=a_ptr[0:3]
- adc 8*1($a_ptr), $a1
- mov $a0, $t0
- adc 8*2($a_ptr), $a2
- adc 8*3($a_ptr), $a3
- mov $a1, $t1
- adc \$0, $t4
-
- sub \$-1, $a0
- mov $a2, $t2
- sbb .Lpoly+8*1(%rip), $a1
- sbb \$0, $a2
- mov $a3, $t3
- sbb .Lpoly+8*3(%rip), $a3
- test $t4, $t4
-
- cmovz $t0, $a0
- cmovz $t1, $a1
- mov $a0, 8*0($r_ptr)
- cmovz $t2, $a2
- mov $a1, 8*1($r_ptr)
- cmovz $t3, $a3
- mov $a2, 8*2($r_ptr)
- mov $a3, 8*3($r_ptr)
-
- pop %r13
- pop %r12
- ret
-.size ecp_nistz256_mul_by_3,.-ecp_nistz256_mul_by_3
-
-################################################################################
-# void ecp_nistz256_add(uint64_t res[4], uint64_t a[4], uint64_t b[4]);
-.globl ecp_nistz256_add
-.type ecp_nistz256_add,\@function,3
-.align 32
-ecp_nistz256_add:
- push %r12
- push %r13
-
- mov 8*0($a_ptr), $a0
- xor $t4, $t4
- mov 8*1($a_ptr), $a1
- mov 8*2($a_ptr), $a2
- mov 8*3($a_ptr), $a3
- lea .Lpoly(%rip), $a_ptr
-
- add 8*0($b_ptr), $a0
- adc 8*1($b_ptr), $a1
- mov $a0, $t0
- adc 8*2($b_ptr), $a2
- adc 8*3($b_ptr), $a3
- mov $a1, $t1
- adc \$0, $t4
-
- sub 8*0($a_ptr), $a0
- mov $a2, $t2
- sbb 8*1($a_ptr), $a1
- sbb 8*2($a_ptr), $a2
- mov $a3, $t3
- sbb 8*3($a_ptr), $a3
- test $t4, $t4
-
- cmovz $t0, $a0
- cmovz $t1, $a1
- mov $a0, 8*0($r_ptr)
- cmovz $t2, $a2
- mov $a1, 8*1($r_ptr)
- cmovz $t3, $a3
- mov $a2, 8*2($r_ptr)
- mov $a3, 8*3($r_ptr)
-
- pop %r13
- pop %r12
- ret
-.size ecp_nistz256_add,.-ecp_nistz256_add
-
-################################################################################
-# void ecp_nistz256_sub(uint64_t res[4], uint64_t a[4], uint64_t b[4]);
-.globl ecp_nistz256_sub
-.type ecp_nistz256_sub,\@function,3
-.align 32
-ecp_nistz256_sub:
- push %r12
- push %r13
-
- mov 8*0($a_ptr), $a0
- xor $t4, $t4
- mov 8*1($a_ptr), $a1
- mov 8*2($a_ptr), $a2
- mov 8*3($a_ptr), $a3
- lea .Lpoly(%rip), $a_ptr
-
- sub 8*0($b_ptr), $a0
- sbb 8*1($b_ptr), $a1
- mov $a0, $t0
- sbb 8*2($b_ptr), $a2
- sbb 8*3($b_ptr), $a3
- mov $a1, $t1
- sbb \$0, $t4
-
- add 8*0($a_ptr), $a0
- mov $a2, $t2
- adc 8*1($a_ptr), $a1
- adc 8*2($a_ptr), $a2
- mov $a3, $t3
- adc 8*3($a_ptr), $a3
- test $t4, $t4
-
- cmovz $t0, $a0
- cmovz $t1, $a1
- mov $a0, 8*0($r_ptr)
- cmovz $t2, $a2
- mov $a1, 8*1($r_ptr)
- cmovz $t3, $a3
- mov $a2, 8*2($r_ptr)
- mov $a3, 8*3($r_ptr)
-
- pop %r13
- pop %r12
- ret
-.size ecp_nistz256_sub,.-ecp_nistz256_sub
-
-################################################################################
# void ecp_nistz256_neg(uint64_t res[4], uint64_t a[4]);
.globl ecp_nistz256_neg
.type ecp_nistz256_neg,\@function,2
@@ -406,24 +183,6 @@
$code.=<<___;
################################################################################
-# void ecp_nistz256_to_mont(
-# uint64_t res[4],
-# uint64_t in[4]);
-.globl ecp_nistz256_to_mont
-.type ecp_nistz256_to_mont,\@function,2
-.align 32
-ecp_nistz256_to_mont:
-___
-$code.=<<___ if ($addx);
- mov \$0x80100, %ecx
- and OPENSSL_ia32cap_P+8(%rip), %ecx
-___
-$code.=<<___;
- lea .LRR(%rip), $b_org
- jmp .Lmul_mont
-.size ecp_nistz256_to_mont,.-ecp_nistz256_to_mont
-
-################################################################################
# void ecp_nistz256_mul_mont(
# uint64_t res[4],
# uint64_t a[4],
diff --git a/crypto/ec/p256-x86_64.c b/crypto/ec/p256-x86_64.c
index d1cdb53..8b7826b 100644
--- a/crypto/ec/p256-x86_64.c
+++ b/crypto/ec/p256-x86_64.c
@@ -65,21 +65,6 @@
/* Functions implemented in assembly */
-/* Modular mul by 2: res = 2*a mod P */
-void ecp_nistz256_mul_by_2(BN_ULONG res[P256_LIMBS],
- const BN_ULONG a[P256_LIMBS]);
-/* Modular div by 2: res = a/2 mod P */
-void ecp_nistz256_div_by_2(BN_ULONG res[P256_LIMBS],
- const BN_ULONG a[P256_LIMBS]);
-/* Modular mul by 3: res = 3*a mod P */
-void ecp_nistz256_mul_by_3(BN_ULONG res[P256_LIMBS],
- const BN_ULONG a[P256_LIMBS]);
-/* Modular add: res = a+b mod P */
-void ecp_nistz256_add(BN_ULONG res[P256_LIMBS], const BN_ULONG a[P256_LIMBS],
- const BN_ULONG b[P256_LIMBS]);
-/* Modular sub: res = a-b mod P */
-void ecp_nistz256_sub(BN_ULONG res[P256_LIMBS], const BN_ULONG a[P256_LIMBS],
- const BN_ULONG b[P256_LIMBS]);
/* Modular neg: res = -a mod P */
void ecp_nistz256_neg(BN_ULONG res[P256_LIMBS], const BN_ULONG a[P256_LIMBS]);
/* Montgomery mul: res = a*b*2^-256 mod P */
@@ -92,9 +77,6 @@
/* Convert a number from Montgomery domain, by multiplying with 1 */
void ecp_nistz256_from_mont(BN_ULONG res[P256_LIMBS],
const BN_ULONG in[P256_LIMBS]);
-/* Convert a number to Montgomery domain, by multiplying with 2^512 mod P*/
-void ecp_nistz256_to_mont(BN_ULONG res[P256_LIMBS],
- const BN_ULONG in[P256_LIMBS]);
/* Functions that perform constant time access to the precomputed tables */
void ecp_nistz256_select_w5(P256_POINT *val, const P256_POINT *in_t, int index);
void ecp_nistz256_select_w7(P256_POINT_AFFINE *val,