Provide an optimised bn_subw() for amd64.

bn_subw() will be used more widely in an upcoming change.

diff --git a/lib/libcrypto/bn/arch/amd64/bn_arch.h b/lib/libcrypto/bn/arch/amd64/bn_arch.h
index f3653bc..927cd75 100644 (file)
--- a/lib/libcrypto/bn/arch/amd64/bn_arch.h
+++ b/lib/libcrypto/bn/arch/amd64/bn_arch.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: bn_arch.h,v 1.13 2023/02/16 11:13:05 jsing Exp $ */
+/*     $OpenBSD: bn_arch.h,v 1.14 2024/03/26 06:09:25 jsing Exp $ */
 /*
  * Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
  *
@@ -42,6 +42,7 @@
 #define HAVE_BN_WORD_CLZ
 
 #if defined(__GNUC__)
+
 #define HAVE_BN_DIV_REM_WORDS_INLINE
 
 static inline void
@@ -62,9 +63,7 @@ bn_div_rem_words_inline(BN_ULONG h, BN_ULONG l, BN_ULONG d, BN_ULONG *out_q,
        *out_q = q;
        *out_r = r;
 }
-#endif /* __GNUC__ */
 
-#if defined(__GNUC__)
 #define HAVE_BN_MULW
 
 static inline void
@@ -84,6 +83,26 @@ bn_mulw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0)
        *out_r1 = r1;
        *out_r0 = r0;
 }
+
+#define HAVE_BN_SUBW
+
+static inline void
+bn_subw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_borrow, BN_ULONG *out_r0)
+{
+       BN_ULONG borrow, r0;
+
+       __asm__ (
+           "subq   %3, %1 \n"
+           "setb   %b0 \n"
+           "and    $1, %0 \n"
+           : "=r"(borrow), "=r"(r0)
+           : "1"(a), "rm"(b)
+           : "cc");
+
+       *out_borrow = borrow;
+       *out_r0 = r0;
+}
+
 #endif /* __GNUC__ */
 
 #endif