Copyright (c) 2020 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. //go:build !purego package field //go:noescape func carryPropagate(v *Element) func (v *Element) carryPropagate() *Element { carryPropagate(v) return v } golang.org/fips140@v1.0.0-c2097c7c/fips140/v1.0.0-c2097c7c/edwards25519/field/fe_arm64.s // Copyright (c) 2020 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style...

rr0&maskLow51Bits + mul19(rr4>>51) v.l1 = rr1&maskLow51Bits + rr0>>51 v.l2 = rr2&maskLow51Bits + rr1>>51 v.l3 = rr3&maskLow51Bits + rr2>>51 v.l4 = rr4&maskLow51Bits + rr3>>51 } // carryPropagate brings the limbs below 52 bits by applying the reduction // identity (a * 2²⁵⁵ + b = a * 19 + b) to the l4 carry. func (v *Element) carryPropagate() *Element { // (l4>>51) is at most 64 - 51 = 13 bits, so (l4>>51)*19 is at most 18 bits, and // the final l0 will be at most 52 bits. Similarly for the rest. l0 := v.l0...