| // Copyright 2019 The Go Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style |
| // license that can be found in the LICENSE file. |
| |
| // +build !go1.13 |
| |
| package poly1305 |
| |
| // Generic fallbacks for the math/bits intrinsics, copied from |
| // src/math/bits/bits.go. They were added in Go 1.12, but Add64 and Sum64 had |
| // variable time fallbacks until Go 1.13. |
| |
| func bitsAdd64(x, y, carry uint64) (sum, carryOut uint64) { |
| sum = x + y + carry |
| carryOut = ((x & y) | ((x | y) &^ sum)) >> 63 |
| return |
| } |
| |
| func bitsSub64(x, y, borrow uint64) (diff, borrowOut uint64) { |
| diff = x - y - borrow |
| borrowOut = ((^x & y) | (^(x ^ y) & diff)) >> 63 |
| return |
| } |
| |
| func bitsMul64(x, y uint64) (hi, lo uint64) { |
| const mask32 = 1<<32 - 1 |
| x0 := x & mask32 |
| x1 := x >> 32 |
| y0 := y & mask32 |
| y1 := y >> 32 |
| w0 := x0 * y0 |
| t := x1*y0 + w0>>32 |
| w1 := t & mask32 |
| w2 := t >> 32 |
| w1 += x0 * y1 |
| hi = x1*y1 + w2 + w1>>32 |
| lo = x * y |
| return |
| } |