grpc 1.24.0 → 1.25.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (505) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +306 -243
  3. data/etc/roots.pem +0 -100
  4. data/include/grpc/grpc_security.h +44 -18
  5. data/include/grpc/impl/codegen/grpc_types.h +15 -0
  6. data/include/grpc/impl/codegen/port_platform.h +27 -11
  7. data/include/grpc/impl/codegen/sync_generic.h +1 -1
  8. data/src/boringssl/err_data.c +695 -650
  9. data/src/core/ext/filters/client_channel/client_channel.cc +257 -179
  10. data/src/core/ext/filters/client_channel/client_channel.h +24 -0
  11. data/src/core/ext/filters/client_channel/client_channel_channelz.cc +2 -3
  12. data/src/core/ext/filters/client_channel/client_channel_factory.h +1 -5
  13. data/src/core/ext/filters/client_channel/health/health_check_client.cc +18 -45
  14. data/src/core/ext/filters/client_channel/health/health_check_client.h +5 -13
  15. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +1 -1
  16. data/src/core/ext/filters/client_channel/lb_policy.cc +2 -3
  17. data/src/core/ext/filters/client_channel/lb_policy.h +65 -55
  18. data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +14 -14
  19. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +113 -36
  20. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +14 -19
  21. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +36 -13
  22. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +3 -10
  23. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +814 -1589
  24. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +2 -5
  25. data/src/core/ext/filters/client_channel/lb_policy_factory.h +3 -6
  26. data/src/core/ext/filters/client_channel/resolver.cc +1 -2
  27. data/src/core/ext/filters/client_channel/resolver.h +8 -16
  28. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +25 -8
  29. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +46 -12
  30. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +10 -17
  31. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +7 -8
  32. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -4
  33. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +111 -44
  34. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +22 -14
  35. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +1 -1
  36. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +2 -2
  37. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +29 -10
  38. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +27 -36
  39. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +7 -10
  40. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +60 -16
  41. data/src/core/ext/filters/client_channel/resolver_factory.h +4 -8
  42. data/src/core/ext/filters/client_channel/resolver_registry.cc +1 -1
  43. data/src/core/ext/filters/client_channel/resolver_registry.h +1 -1
  44. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +7 -10
  45. data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +7 -8
  46. data/src/core/ext/filters/client_channel/resolving_lb_policy.h +1 -1
  47. data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -5
  48. data/src/core/ext/filters/client_channel/retry_throttle.h +1 -4
  49. data/src/core/ext/filters/client_channel/service_config.h +8 -8
  50. data/src/core/ext/filters/client_channel/subchannel.cc +53 -86
  51. data/src/core/ext/filters/client_channel/subchannel.h +7 -9
  52. data/src/core/ext/filters/client_channel/subchannel_interface.h +9 -13
  53. data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +3 -6
  54. data/src/core/ext/filters/client_channel/{lb_policy/xds/xds_load_balancer_api.cc → xds/xds_api.cc} +169 -52
  55. data/src/core/ext/filters/client_channel/xds/xds_api.h +171 -0
  56. data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +450 -0
  57. data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +99 -0
  58. data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_channel.h +8 -6
  59. data/src/core/ext/filters/client_channel/xds/xds_channel_args.h +26 -0
  60. data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_channel_secure.cc +28 -11
  61. data/src/core/ext/filters/client_channel/xds/xds_client.cc +1413 -0
  62. data/src/core/ext/filters/client_channel/xds/xds_client.h +221 -0
  63. data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_client_stats.cc +1 -5
  64. data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_client_stats.h +3 -4
  65. data/src/core/ext/filters/deadline/deadline_filter.cc +20 -20
  66. data/src/core/ext/filters/http/client/http_client_filter.cc +15 -15
  67. data/src/core/ext/filters/http/client_authority_filter.cc +14 -14
  68. data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +12 -12
  69. data/src/core/ext/filters/max_age/max_age_filter.cc +59 -50
  70. data/src/core/ext/filters/message_size/message_size_filter.cc +18 -18
  71. data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +15 -14
  72. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +233 -175
  73. data/src/core/ext/transport/chttp2/transport/flow_control.h +21 -24
  74. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +253 -163
  75. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +24 -12
  76. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +2 -3
  77. data/src/core/ext/transport/chttp2/transport/internal.h +13 -15
  78. data/src/core/ext/transport/chttp2/transport/writing.cc +3 -0
  79. data/src/core/ext/transport/inproc/inproc_transport.cc +20 -13
  80. data/src/core/lib/channel/channel_args.cc +16 -0
  81. data/src/core/lib/channel/channel_args.h +22 -0
  82. data/src/core/lib/channel/channelz.cc +5 -6
  83. data/src/core/lib/channel/channelz.h +1 -1
  84. data/src/core/lib/channel/connected_channel.cc +20 -20
  85. data/src/core/lib/channel/handshaker.h +3 -4
  86. data/src/core/lib/channel/handshaker_factory.h +1 -3
  87. data/src/core/lib/debug/trace.h +3 -2
  88. data/src/core/lib/gprpp/arena.cc +3 -3
  89. data/src/core/lib/gprpp/arena.h +2 -3
  90. data/src/core/lib/gprpp/inlined_vector.h +9 -0
  91. data/src/core/lib/gprpp/map.h +3 -501
  92. data/src/core/lib/gprpp/memory.h +45 -41
  93. data/src/core/lib/gprpp/mpscq.cc +108 -0
  94. data/src/core/lib/gprpp/mpscq.h +98 -0
  95. data/src/core/lib/gprpp/orphanable.h +6 -11
  96. data/src/core/lib/gprpp/ref_counted.h +25 -19
  97. data/src/core/lib/gprpp/set.h +33 -0
  98. data/src/core/lib/gprpp/thd.h +2 -4
  99. data/src/core/lib/http/httpcli.cc +1 -1
  100. data/src/core/lib/http/httpcli_security_connector.cc +15 -11
  101. data/src/core/lib/http/parser.cc +1 -1
  102. data/src/core/lib/iomgr/buffer_list.cc +4 -5
  103. data/src/core/lib/iomgr/buffer_list.h +5 -6
  104. data/src/core/lib/iomgr/call_combiner.cc +4 -5
  105. data/src/core/lib/iomgr/call_combiner.h +2 -2
  106. data/src/core/lib/iomgr/cfstream_handle.h +3 -5
  107. data/src/core/lib/iomgr/closure.h +8 -3
  108. data/src/core/lib/iomgr/combiner.cc +45 -82
  109. data/src/core/lib/iomgr/combiner.h +32 -8
  110. data/src/core/lib/iomgr/endpoint_cfstream.cc +5 -3
  111. data/src/core/lib/iomgr/ev_epoll1_linux.cc +19 -15
  112. data/src/core/lib/iomgr/ev_poll_posix.cc +3 -1
  113. data/src/core/lib/iomgr/exec_ctx.h +4 -3
  114. data/src/core/lib/iomgr/executor.cc +4 -2
  115. data/src/core/lib/iomgr/executor.h +3 -0
  116. data/src/core/lib/iomgr/executor/mpmcqueue.h +3 -6
  117. data/src/core/lib/iomgr/executor/threadpool.cc +1 -2
  118. data/src/core/lib/iomgr/executor/threadpool.h +7 -11
  119. data/src/core/lib/iomgr/resource_quota.cc +55 -51
  120. data/src/core/lib/iomgr/resource_quota.h +13 -9
  121. data/src/core/lib/iomgr/socket_utils_common_posix.cc +13 -0
  122. data/src/core/lib/iomgr/socket_utils_posix.h +4 -0
  123. data/src/core/lib/iomgr/tcp_client_posix.cc +4 -11
  124. data/src/core/lib/iomgr/tcp_custom.cc +9 -7
  125. data/src/core/lib/iomgr/tcp_posix.cc +20 -16
  126. data/src/core/lib/iomgr/tcp_server.h +1 -4
  127. data/src/core/lib/iomgr/tcp_server_custom.cc +5 -5
  128. data/src/core/lib/iomgr/tcp_server_posix.cc +1 -1
  129. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +2 -11
  130. data/src/core/lib/iomgr/timer_custom.cc +2 -2
  131. data/src/core/lib/iomgr/udp_server.cc +3 -2
  132. data/src/core/lib/iomgr/udp_server.h +6 -12
  133. data/src/core/lib/json/json.h +1 -1
  134. data/src/core/lib/json/json_string.cc +2 -2
  135. data/src/core/lib/profiling/basic_timers.cc +2 -2
  136. data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -2
  137. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +1 -1
  138. data/src/core/lib/security/credentials/credentials.h +4 -20
  139. data/src/core/lib/security/credentials/fake/fake_credentials.cc +4 -4
  140. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -3
  141. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +64 -0
  142. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +4 -4
  143. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +9 -7
  144. data/src/core/lib/security/security_connector/load_system_roots_linux.cc +2 -0
  145. data/src/core/lib/security/security_connector/local/local_security_connector.cc +4 -4
  146. data/src/core/lib/security/security_connector/security_connector.cc +1 -0
  147. data/src/core/lib/security/security_connector/security_connector.h +19 -17
  148. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +8 -5
  149. data/src/core/lib/security/security_connector/ssl_utils.cc +2 -2
  150. data/src/core/lib/security/security_connector/ssl_utils.h +1 -1
  151. data/src/core/lib/security/security_connector/tls/spiffe_security_connector.cc +14 -6
  152. data/src/core/lib/security/security_connector/tls/spiffe_security_connector.h +4 -2
  153. data/src/core/lib/security/transport/client_auth_filter.cc +17 -17
  154. data/src/core/lib/security/transport/security_handshaker.cc +29 -13
  155. data/src/core/lib/security/transport/security_handshaker.h +4 -2
  156. data/src/core/lib/security/transport/server_auth_filter.cc +14 -14
  157. data/src/core/lib/slice/slice.cc +2 -10
  158. data/src/core/lib/slice/slice_hash_table.h +4 -6
  159. data/src/core/lib/slice/slice_intern.cc +42 -39
  160. data/src/core/lib/slice/slice_internal.h +3 -3
  161. data/src/core/lib/slice/slice_utils.h +21 -4
  162. data/src/core/lib/slice/slice_weak_hash_table.h +4 -6
  163. data/src/core/lib/surface/call.cc +3 -3
  164. data/src/core/lib/surface/channel.cc +7 -0
  165. data/src/core/lib/surface/completion_queue.cc +12 -11
  166. data/src/core/lib/surface/completion_queue.h +4 -2
  167. data/src/core/lib/surface/init.cc +1 -0
  168. data/src/core/lib/surface/lame_client.cc +33 -18
  169. data/src/core/lib/surface/server.cc +77 -76
  170. data/src/core/lib/surface/version.cc +1 -1
  171. data/src/core/lib/transport/byte_stream.h +3 -7
  172. data/src/core/lib/transport/connectivity_state.cc +112 -98
  173. data/src/core/lib/transport/connectivity_state.h +100 -50
  174. data/src/core/lib/transport/static_metadata.cc +276 -288
  175. data/src/core/lib/transport/static_metadata.h +73 -76
  176. data/src/core/lib/transport/status_conversion.cc +1 -1
  177. data/src/core/lib/transport/status_metadata.cc +1 -1
  178. data/src/core/lib/transport/transport.cc +2 -2
  179. data/src/core/lib/transport/transport.h +12 -4
  180. data/src/core/lib/transport/transport_op_string.cc +14 -11
  181. data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +1 -1
  182. data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +1 -1
  183. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +5 -5
  184. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +12 -2
  185. data/src/core/tsi/fake_transport_security.cc +7 -5
  186. data/src/core/tsi/grpc_shadow_boringssl.h +2918 -2627
  187. data/src/core/tsi/local_transport_security.cc +8 -6
  188. data/src/core/tsi/ssl/session_cache/ssl_session.h +1 -3
  189. data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -2
  190. data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +7 -5
  191. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +4 -6
  192. data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +1 -2
  193. data/src/core/tsi/ssl_transport_security.cc +12 -12
  194. data/src/core/tsi/ssl_transport_security.h +2 -2
  195. data/src/core/tsi/transport_security_grpc.cc +7 -0
  196. data/src/core/tsi/transport_security_grpc.h +6 -0
  197. data/src/ruby/ext/grpc/extconf.rb +1 -0
  198. data/src/ruby/ext/grpc/rb_call.c +1 -1
  199. data/src/ruby/ext/grpc/rb_channel.c +1 -1
  200. data/src/ruby/lib/grpc/generic/bidi_call.rb +1 -1
  201. data/src/ruby/lib/grpc/generic/rpc_server.rb +1 -1
  202. data/src/ruby/lib/grpc/version.rb +1 -1
  203. data/src/ruby/spec/google_rpc_status_utils_spec.rb +2 -2
  204. data/third_party/boringssl/crypto/asn1/a_bool.c +18 -5
  205. data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +17 -221
  206. data/third_party/boringssl/crypto/asn1/a_dup.c +0 -24
  207. data/third_party/boringssl/crypto/asn1/a_enum.c +2 -2
  208. data/third_party/boringssl/crypto/asn1/a_i2d_fp.c +10 -72
  209. data/third_party/boringssl/crypto/asn1/a_int.c +12 -71
  210. data/third_party/boringssl/crypto/asn1/a_mbstr.c +110 -216
  211. data/third_party/boringssl/crypto/asn1/a_object.c +16 -5
  212. data/third_party/boringssl/crypto/asn1/a_strnid.c +1 -0
  213. data/third_party/boringssl/crypto/asn1/asn1_lib.c +5 -1
  214. data/third_party/boringssl/crypto/asn1/tasn_enc.c +3 -1
  215. data/third_party/boringssl/crypto/base64/base64.c +2 -2
  216. data/third_party/boringssl/crypto/bio/bio.c +73 -9
  217. data/third_party/boringssl/crypto/bio/connect.c +4 -0
  218. data/third_party/boringssl/crypto/bio/fd.c +4 -0
  219. data/third_party/boringssl/crypto/bio/file.c +5 -2
  220. data/third_party/boringssl/crypto/bio/socket.c +4 -0
  221. data/third_party/boringssl/crypto/bio/socket_helper.c +4 -0
  222. data/third_party/boringssl/crypto/bn_extra/convert.c +11 -7
  223. data/third_party/boringssl/crypto/bytestring/ber.c +8 -4
  224. data/third_party/boringssl/crypto/bytestring/cbb.c +19 -7
  225. data/third_party/boringssl/crypto/bytestring/cbs.c +28 -15
  226. data/third_party/boringssl/crypto/bytestring/internal.h +28 -7
  227. data/third_party/boringssl/crypto/bytestring/unicode.c +155 -0
  228. data/third_party/boringssl/crypto/chacha/chacha.c +36 -19
  229. data/third_party/boringssl/crypto/chacha/internal.h +45 -0
  230. data/third_party/boringssl/crypto/cipher_extra/cipher_extra.c +29 -0
  231. data/third_party/boringssl/crypto/cipher_extra/e_aesccm.c +269 -25
  232. data/third_party/boringssl/crypto/cipher_extra/e_aesctrhmac.c +16 -14
  233. data/third_party/boringssl/crypto/cipher_extra/e_aesgcmsiv.c +54 -38
  234. data/third_party/boringssl/crypto/cipher_extra/e_chacha20poly1305.c +133 -41
  235. data/third_party/boringssl/crypto/cipher_extra/e_tls.c +23 -15
  236. data/third_party/boringssl/crypto/cipher_extra/tls_cbc.c +24 -15
  237. data/third_party/boringssl/crypto/cmac/cmac.c +62 -25
  238. data/third_party/boringssl/crypto/conf/conf.c +7 -0
  239. data/third_party/boringssl/crypto/cpu-arm-linux.c +4 -148
  240. data/third_party/boringssl/crypto/cpu-arm-linux.h +201 -0
  241. data/third_party/boringssl/crypto/cpu-intel.c +45 -51
  242. data/third_party/boringssl/crypto/crypto.c +39 -22
  243. data/third_party/boringssl/crypto/curve25519/spake25519.c +1 -1
  244. data/third_party/boringssl/crypto/dsa/dsa.c +77 -53
  245. data/third_party/boringssl/crypto/ec_extra/ec_asn1.c +20 -8
  246. data/third_party/boringssl/crypto/ec_extra/ec_derive.c +96 -0
  247. data/third_party/boringssl/crypto/{ecdh/ecdh.c → ecdh_extra/ecdh_extra.c} +20 -58
  248. data/third_party/boringssl/crypto/ecdsa_extra/ecdsa_asn1.c +1 -9
  249. data/third_party/boringssl/crypto/engine/engine.c +2 -1
  250. data/third_party/boringssl/crypto/err/err.c +2 -0
  251. data/third_party/boringssl/crypto/err/internal.h +2 -2
  252. data/third_party/boringssl/crypto/evp/evp.c +89 -8
  253. data/third_party/boringssl/crypto/evp/evp_asn1.c +56 -5
  254. data/third_party/boringssl/crypto/evp/evp_ctx.c +52 -14
  255. data/third_party/boringssl/crypto/evp/internal.h +18 -1
  256. data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +5 -0
  257. data/third_party/boringssl/crypto/evp/p_ec.c +51 -3
  258. data/third_party/boringssl/crypto/evp/p_ec_asn1.c +6 -7
  259. data/third_party/boringssl/crypto/evp/p_ed25519.c +36 -3
  260. data/third_party/boringssl/crypto/evp/p_ed25519_asn1.c +76 -45
  261. data/third_party/boringssl/crypto/evp/p_rsa.c +3 -1
  262. data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +5 -0
  263. data/third_party/boringssl/crypto/evp/p_x25519.c +110 -0
  264. data/third_party/boringssl/crypto/evp/p_x25519_asn1.c +249 -0
  265. data/third_party/boringssl/crypto/evp/scrypt.c +6 -2
  266. data/third_party/boringssl/crypto/fipsmodule/aes/aes.c +34 -274
  267. data/third_party/boringssl/crypto/fipsmodule/aes/internal.h +161 -21
  268. data/third_party/boringssl/crypto/fipsmodule/aes/key_wrap.c +111 -13
  269. data/third_party/boringssl/crypto/fipsmodule/aes/mode_wrappers.c +17 -21
  270. data/third_party/boringssl/crypto/fipsmodule/bcm.c +119 -7
  271. data/third_party/boringssl/crypto/fipsmodule/bn/bn.c +19 -2
  272. data/third_party/boringssl/crypto/fipsmodule/bn/cmp.c +2 -2
  273. data/third_party/boringssl/crypto/fipsmodule/bn/ctx.c +93 -160
  274. data/third_party/boringssl/crypto/fipsmodule/bn/div.c +48 -57
  275. data/third_party/boringssl/crypto/fipsmodule/bn/div_extra.c +87 -0
  276. data/third_party/boringssl/crypto/fipsmodule/bn/exponentiation.c +143 -211
  277. data/third_party/boringssl/crypto/fipsmodule/bn/gcd.c +0 -305
  278. data/third_party/boringssl/crypto/fipsmodule/bn/gcd_extra.c +325 -0
  279. data/third_party/boringssl/crypto/fipsmodule/bn/internal.h +168 -50
  280. data/third_party/boringssl/crypto/fipsmodule/bn/montgomery.c +68 -92
  281. data/third_party/boringssl/crypto/fipsmodule/bn/montgomery_inv.c +7 -6
  282. data/third_party/boringssl/crypto/fipsmodule/bn/mul.c +11 -14
  283. data/third_party/boringssl/crypto/fipsmodule/bn/prime.c +358 -443
  284. data/third_party/boringssl/crypto/fipsmodule/bn/random.c +25 -35
  285. data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.c +20 -25
  286. data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.h +76 -5
  287. data/third_party/boringssl/crypto/fipsmodule/bn/shift.c +14 -14
  288. data/third_party/boringssl/crypto/fipsmodule/cipher/cipher.c +7 -2
  289. data/third_party/boringssl/crypto/fipsmodule/cipher/e_aes.c +383 -516
  290. data/third_party/boringssl/crypto/fipsmodule/cipher/e_des.c +4 -0
  291. data/third_party/boringssl/crypto/fipsmodule/cipher/internal.h +3 -4
  292. data/third_party/boringssl/crypto/fipsmodule/delocate.h +3 -2
  293. data/third_party/boringssl/crypto/fipsmodule/digest/digest.c +32 -17
  294. data/third_party/boringssl/crypto/fipsmodule/digest/md32_common.h +3 -3
  295. data/third_party/boringssl/crypto/fipsmodule/ec/ec.c +228 -122
  296. data/third_party/boringssl/crypto/fipsmodule/ec/ec_key.c +34 -8
  297. data/third_party/boringssl/crypto/fipsmodule/ec/ec_montgomery.c +311 -98
  298. data/third_party/boringssl/crypto/fipsmodule/ec/felem.c +82 -0
  299. data/third_party/boringssl/crypto/fipsmodule/ec/internal.h +263 -97
  300. data/third_party/boringssl/crypto/fipsmodule/ec/oct.c +22 -59
  301. data/third_party/boringssl/crypto/fipsmodule/ec/p224-64.c +317 -234
  302. data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64-table.h +9473 -9475
  303. data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.c +313 -109
  304. data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.h +36 -0
  305. data/third_party/boringssl/crypto/fipsmodule/ec/scalar.c +96 -0
  306. data/third_party/boringssl/crypto/fipsmodule/ec/simple.c +126 -792
  307. data/third_party/boringssl/crypto/fipsmodule/ec/simple_mul.c +84 -0
  308. data/third_party/boringssl/crypto/fipsmodule/ec/util.c +163 -12
  309. data/third_party/boringssl/crypto/fipsmodule/ec/wnaf.c +84 -211
  310. data/third_party/boringssl/crypto/fipsmodule/ecdh/ecdh.c +122 -0
  311. data/third_party/boringssl/crypto/fipsmodule/ecdsa/ecdsa.c +60 -205
  312. data/third_party/boringssl/crypto/fipsmodule/fips_shared_support.c +32 -0
  313. data/third_party/boringssl/crypto/fipsmodule/is_fips.c +2 -0
  314. data/third_party/boringssl/crypto/fipsmodule/md4/md4.c +3 -1
  315. data/third_party/boringssl/crypto/fipsmodule/md5/internal.h +37 -0
  316. data/third_party/boringssl/crypto/fipsmodule/md5/md5.c +11 -8
  317. data/third_party/boringssl/crypto/fipsmodule/modes/cbc.c +35 -79
  318. data/third_party/boringssl/crypto/fipsmodule/modes/cfb.c +7 -39
  319. data/third_party/boringssl/crypto/fipsmodule/modes/ctr.c +7 -27
  320. data/third_party/boringssl/crypto/fipsmodule/modes/gcm.c +123 -309
  321. data/third_party/boringssl/crypto/fipsmodule/modes/internal.h +189 -126
  322. data/third_party/boringssl/crypto/fipsmodule/modes/ofb.c +3 -2
  323. data/third_party/boringssl/crypto/fipsmodule/rand/ctrdrbg.c +2 -2
  324. data/third_party/boringssl/crypto/fipsmodule/rand/internal.h +35 -0
  325. data/third_party/boringssl/crypto/fipsmodule/rand/rand.c +24 -19
  326. data/third_party/boringssl/crypto/fipsmodule/rand/urandom.c +256 -77
  327. data/third_party/boringssl/crypto/fipsmodule/rsa/padding.c +10 -7
  328. data/third_party/boringssl/crypto/fipsmodule/rsa/rsa.c +5 -1
  329. data/third_party/boringssl/crypto/fipsmodule/rsa/rsa_impl.c +131 -14
  330. data/third_party/boringssl/crypto/fipsmodule/self_check/self_check.c +83 -10
  331. data/third_party/boringssl/crypto/fipsmodule/sha/internal.h +53 -0
  332. data/third_party/boringssl/crypto/fipsmodule/sha/sha1.c +9 -13
  333. data/third_party/boringssl/crypto/fipsmodule/sha/sha256.c +18 -12
  334. data/third_party/boringssl/crypto/fipsmodule/sha/sha512.c +95 -168
  335. data/third_party/boringssl/crypto/hrss/hrss.c +2201 -0
  336. data/third_party/boringssl/crypto/hrss/internal.h +62 -0
  337. data/third_party/boringssl/crypto/internal.h +95 -20
  338. data/third_party/boringssl/crypto/lhash/lhash.c +45 -33
  339. data/third_party/boringssl/crypto/mem.c +39 -2
  340. data/third_party/boringssl/crypto/obj/obj.c +4 -4
  341. data/third_party/boringssl/crypto/obj/obj_dat.h +6181 -875
  342. data/third_party/boringssl/crypto/pem/pem_all.c +2 -3
  343. data/third_party/boringssl/crypto/pem/pem_info.c +144 -162
  344. data/third_party/boringssl/crypto/pem/pem_lib.c +53 -52
  345. data/third_party/boringssl/crypto/pem/pem_pkey.c +13 -21
  346. data/third_party/boringssl/crypto/pkcs7/pkcs7.c +15 -22
  347. data/third_party/boringssl/crypto/pkcs7/pkcs7_x509.c +168 -16
  348. data/third_party/boringssl/crypto/pkcs8/internal.h +11 -0
  349. data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +24 -15
  350. data/third_party/boringssl/crypto/pkcs8/pkcs8.c +42 -25
  351. data/third_party/boringssl/crypto/pkcs8/pkcs8_x509.c +559 -43
  352. data/third_party/boringssl/crypto/pool/internal.h +1 -1
  353. data/third_party/boringssl/crypto/pool/pool.c +21 -0
  354. data/third_party/boringssl/crypto/rand_extra/deterministic.c +8 -0
  355. data/third_party/boringssl/crypto/rand_extra/fuchsia.c +1 -14
  356. data/third_party/boringssl/crypto/refcount_lock.c +2 -2
  357. data/third_party/boringssl/crypto/rsa_extra/rsa_print.c +22 -0
  358. data/third_party/boringssl/crypto/siphash/siphash.c +80 -0
  359. data/third_party/boringssl/crypto/stack/stack.c +83 -32
  360. data/third_party/boringssl/crypto/thread_none.c +2 -2
  361. data/third_party/boringssl/crypto/thread_pthread.c +2 -2
  362. data/third_party/boringssl/crypto/thread_win.c +38 -19
  363. data/third_party/boringssl/crypto/x509/a_strex.c +22 -2
  364. data/third_party/boringssl/crypto/x509/asn1_gen.c +2 -1
  365. data/third_party/boringssl/crypto/x509/by_dir.c +7 -0
  366. data/third_party/boringssl/crypto/x509/by_file.c +12 -10
  367. data/third_party/boringssl/crypto/x509/t_crl.c +5 -8
  368. data/third_party/boringssl/crypto/x509/t_req.c +1 -3
  369. data/third_party/boringssl/crypto/x509/t_x509.c +5 -8
  370. data/third_party/boringssl/crypto/x509/x509_cmp.c +1 -1
  371. data/third_party/boringssl/crypto/x509/x509_def.c +1 -1
  372. data/third_party/boringssl/crypto/x509/x509_lu.c +114 -5
  373. data/third_party/boringssl/crypto/x509/x509_req.c +20 -0
  374. data/third_party/boringssl/crypto/x509/x509_set.c +5 -0
  375. data/third_party/boringssl/crypto/x509/x509_trs.c +1 -0
  376. data/third_party/boringssl/crypto/x509/x509_txt.c +4 -5
  377. data/third_party/boringssl/crypto/x509/x509_vfy.c +145 -138
  378. data/third_party/boringssl/crypto/x509/x509_vpm.c +2 -0
  379. data/third_party/boringssl/crypto/x509/x509cset.c +40 -0
  380. data/third_party/boringssl/crypto/x509/x509name.c +2 -3
  381. data/third_party/boringssl/crypto/x509/x_all.c +109 -210
  382. data/third_party/boringssl/crypto/x509/x_x509.c +6 -0
  383. data/third_party/boringssl/crypto/x509v3/ext_dat.h +1 -3
  384. data/third_party/boringssl/crypto/x509v3/internal.h +56 -0
  385. data/third_party/boringssl/crypto/x509v3/pcy_cache.c +2 -0
  386. data/third_party/boringssl/crypto/x509v3/pcy_node.c +1 -0
  387. data/third_party/boringssl/crypto/x509v3/pcy_tree.c +4 -2
  388. data/third_party/boringssl/crypto/x509v3/v3_akey.c +5 -2
  389. data/third_party/boringssl/crypto/x509v3/v3_alt.c +19 -13
  390. data/third_party/boringssl/crypto/x509v3/v3_conf.c +2 -1
  391. data/third_party/boringssl/crypto/x509v3/v3_cpols.c +3 -2
  392. data/third_party/boringssl/crypto/x509v3/v3_genn.c +1 -6
  393. data/third_party/boringssl/crypto/x509v3/v3_lib.c +1 -0
  394. data/third_party/boringssl/crypto/x509v3/v3_ocsp.c +68 -0
  395. data/third_party/boringssl/crypto/x509v3/v3_pci.c +2 -1
  396. data/third_party/boringssl/crypto/x509v3/v3_purp.c +47 -69
  397. data/third_party/boringssl/crypto/x509v3/v3_skey.c +5 -2
  398. data/third_party/boringssl/crypto/x509v3/v3_utl.c +69 -25
  399. data/third_party/boringssl/include/openssl/aead.h +45 -19
  400. data/third_party/boringssl/include/openssl/aes.h +32 -7
  401. data/third_party/boringssl/include/openssl/asn1.h +7 -77
  402. data/third_party/boringssl/include/openssl/base.h +120 -6
  403. data/third_party/boringssl/include/openssl/base64.h +4 -1
  404. data/third_party/boringssl/include/openssl/bio.h +112 -81
  405. data/third_party/boringssl/include/openssl/blowfish.h +3 -3
  406. data/third_party/boringssl/include/openssl/bn.h +55 -29
  407. data/third_party/boringssl/include/openssl/buf.h +2 -2
  408. data/third_party/boringssl/include/openssl/bytestring.h +54 -32
  409. data/third_party/boringssl/include/openssl/cast.h +2 -2
  410. data/third_party/boringssl/include/openssl/cipher.h +46 -16
  411. data/third_party/boringssl/include/openssl/cmac.h +6 -2
  412. data/third_party/boringssl/include/openssl/conf.h +3 -6
  413. data/third_party/boringssl/include/openssl/cpu.h +25 -9
  414. data/third_party/boringssl/include/openssl/crypto.h +32 -10
  415. data/third_party/boringssl/include/openssl/curve25519.h +4 -4
  416. data/third_party/boringssl/include/openssl/dh.h +3 -2
  417. data/third_party/boringssl/include/openssl/digest.h +21 -7
  418. data/third_party/boringssl/include/openssl/dsa.h +8 -2
  419. data/third_party/boringssl/include/openssl/e_os2.h +18 -0
  420. data/third_party/boringssl/include/openssl/ec.h +25 -21
  421. data/third_party/boringssl/include/openssl/ec_key.h +36 -8
  422. data/third_party/boringssl/include/openssl/ecdh.h +17 -0
  423. data/third_party/boringssl/include/openssl/ecdsa.h +3 -3
  424. data/third_party/boringssl/include/openssl/engine.h +4 -4
  425. data/third_party/boringssl/include/openssl/err.h +3 -0
  426. data/third_party/boringssl/include/openssl/evp.h +199 -42
  427. data/third_party/boringssl/include/openssl/hmac.h +4 -4
  428. data/third_party/boringssl/include/openssl/hrss.h +100 -0
  429. data/third_party/boringssl/include/openssl/lhash.h +131 -23
  430. data/third_party/boringssl/include/openssl/md4.h +6 -4
  431. data/third_party/boringssl/include/openssl/md5.h +6 -4
  432. data/third_party/boringssl/include/openssl/mem.h +6 -2
  433. data/third_party/boringssl/include/openssl/nid.h +3 -0
  434. data/third_party/boringssl/include/openssl/obj.h +3 -0
  435. data/third_party/boringssl/include/openssl/pem.h +102 -64
  436. data/third_party/boringssl/include/openssl/pkcs7.h +136 -3
  437. data/third_party/boringssl/include/openssl/pkcs8.h +42 -3
  438. data/third_party/boringssl/include/openssl/pool.h +13 -2
  439. data/third_party/boringssl/include/openssl/ripemd.h +5 -4
  440. data/third_party/boringssl/include/openssl/rsa.h +46 -15
  441. data/third_party/boringssl/include/openssl/sha.h +40 -28
  442. data/third_party/boringssl/include/openssl/siphash.h +37 -0
  443. data/third_party/boringssl/include/openssl/span.h +17 -9
  444. data/third_party/boringssl/include/openssl/ssl.h +766 -393
  445. data/third_party/boringssl/include/openssl/ssl3.h +4 -3
  446. data/third_party/boringssl/include/openssl/stack.h +134 -77
  447. data/third_party/boringssl/include/openssl/thread.h +1 -1
  448. data/third_party/boringssl/include/openssl/tls1.h +25 -9
  449. data/third_party/boringssl/include/openssl/type_check.h +14 -15
  450. data/third_party/boringssl/include/openssl/x509.h +28 -3
  451. data/third_party/boringssl/include/openssl/x509_vfy.h +98 -32
  452. data/third_party/boringssl/include/openssl/x509v3.h +17 -13
  453. data/third_party/boringssl/ssl/d1_both.cc +9 -18
  454. data/third_party/boringssl/ssl/d1_lib.cc +4 -3
  455. data/third_party/boringssl/ssl/d1_pkt.cc +4 -4
  456. data/third_party/boringssl/ssl/d1_srtp.cc +15 -15
  457. data/third_party/boringssl/ssl/dtls_method.cc +0 -1
  458. data/third_party/boringssl/ssl/dtls_record.cc +28 -28
  459. data/third_party/boringssl/ssl/handoff.cc +295 -91
  460. data/third_party/boringssl/ssl/handshake.cc +133 -72
  461. data/third_party/boringssl/ssl/handshake_client.cc +218 -189
  462. data/third_party/boringssl/ssl/handshake_server.cc +399 -272
  463. data/third_party/boringssl/ssl/internal.h +1413 -928
  464. data/third_party/boringssl/ssl/s3_both.cc +175 -36
  465. data/third_party/boringssl/ssl/s3_lib.cc +9 -13
  466. data/third_party/boringssl/ssl/s3_pkt.cc +63 -29
  467. data/third_party/boringssl/ssl/ssl_aead_ctx.cc +55 -35
  468. data/third_party/boringssl/ssl/ssl_asn1.cc +57 -73
  469. data/third_party/boringssl/ssl/ssl_buffer.cc +13 -12
  470. data/third_party/boringssl/ssl/ssl_cert.cc +313 -210
  471. data/third_party/boringssl/ssl/ssl_cipher.cc +159 -221
  472. data/third_party/boringssl/ssl/ssl_file.cc +2 -0
  473. data/third_party/boringssl/ssl/ssl_key_share.cc +164 -19
  474. data/third_party/boringssl/ssl/ssl_lib.cc +847 -555
  475. data/third_party/boringssl/ssl/ssl_privkey.cc +441 -111
  476. data/third_party/boringssl/ssl/ssl_session.cc +230 -178
  477. data/third_party/boringssl/ssl/ssl_transcript.cc +21 -142
  478. data/third_party/boringssl/ssl/ssl_versions.cc +88 -93
  479. data/third_party/boringssl/ssl/ssl_x509.cc +279 -218
  480. data/third_party/boringssl/ssl/t1_enc.cc +5 -96
  481. data/third_party/boringssl/ssl/t1_lib.cc +931 -678
  482. data/third_party/boringssl/ssl/tls13_both.cc +251 -121
  483. data/third_party/boringssl/ssl/tls13_client.cc +129 -73
  484. data/third_party/boringssl/ssl/tls13_enc.cc +350 -282
  485. data/third_party/boringssl/ssl/tls13_server.cc +259 -192
  486. data/third_party/boringssl/ssl/tls_method.cc +26 -21
  487. data/third_party/boringssl/ssl/tls_record.cc +42 -47
  488. data/third_party/boringssl/third_party/fiat/curve25519.c +261 -1324
  489. data/third_party/boringssl/third_party/fiat/curve25519_32.h +911 -0
  490. data/third_party/boringssl/third_party/fiat/curve25519_64.h +559 -0
  491. data/third_party/boringssl/third_party/fiat/p256.c +238 -999
  492. data/third_party/boringssl/third_party/fiat/p256_32.h +3226 -0
  493. data/third_party/boringssl/third_party/fiat/p256_64.h +1217 -0
  494. data/third_party/upb/upb/port_def.inc +1 -1
  495. data/third_party/upb/upb/table.c +2 -1
  496. metadata +72 -44
  497. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_load_balancer_api.h +0 -127
  498. data/src/core/lib/gpr/mpscq.cc +0 -117
  499. data/src/core/lib/gpr/mpscq.h +0 -88
  500. data/src/core/lib/gprpp/abstract.h +0 -47
  501. data/src/core/lib/gprpp/pair.h +0 -38
  502. data/third_party/boringssl/crypto/cipher_extra/e_ssl3.c +0 -460
  503. data/third_party/boringssl/crypto/fipsmodule/modes/ccm.c +0 -256
  504. data/third_party/boringssl/include/openssl/lhash_macros.h +0 -174
  505. data/third_party/boringssl/ssl/custom_extensions.cc +0 -265
@@ -0,0 +1,1217 @@
1
+ /* Autogenerated */
2
+ /* curve description: p256 */
3
+ /* requested operations: (all) */
4
+ /* m = 0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff (from "2^256 - 2^224 + 2^192 + 2^96 - 1") */
5
+ /* machine_wordsize = 64 (from "64") */
6
+ /* */
7
+ /* NOTE: In addition to the bounds specified above each function, all */
8
+ /* functions synthesized for this Montgomery arithmetic require the */
9
+ /* input to be strictly less than the prime modulus (m), and also */
10
+ /* require the input to be in the unique saturated representation. */
11
+ /* All functions also ensure that these two properties are true of */
12
+ /* return values. */
13
+
14
+ #include <stdint.h>
15
+ typedef unsigned char fiat_p256_uint1;
16
+ typedef signed char fiat_p256_int1;
17
+ typedef signed __int128 fiat_p256_int128;
18
+ typedef unsigned __int128 fiat_p256_uint128;
19
+
20
+
21
+ /*
22
+ * Input Bounds:
23
+ * arg1: [0x0 ~> 0x1]
24
+ * arg2: [0x0 ~> 0xffffffffffffffff]
25
+ * arg3: [0x0 ~> 0xffffffffffffffff]
26
+ * Output Bounds:
27
+ * out1: [0x0 ~> 0xffffffffffffffff]
28
+ * out2: [0x0 ~> 0x1]
29
+ */
30
+ static void fiat_p256_addcarryx_u64(uint64_t* out1, fiat_p256_uint1* out2, fiat_p256_uint1 arg1, uint64_t arg2, uint64_t arg3) {
31
+ fiat_p256_uint128 x1 = ((arg1 + (fiat_p256_uint128)arg2) + arg3);
32
+ uint64_t x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff));
33
+ fiat_p256_uint1 x3 = (fiat_p256_uint1)(x1 >> 64);
34
+ *out1 = x2;
35
+ *out2 = x3;
36
+ }
37
+
38
+ /*
39
+ * Input Bounds:
40
+ * arg1: [0x0 ~> 0x1]
41
+ * arg2: [0x0 ~> 0xffffffffffffffff]
42
+ * arg3: [0x0 ~> 0xffffffffffffffff]
43
+ * Output Bounds:
44
+ * out1: [0x0 ~> 0xffffffffffffffff]
45
+ * out2: [0x0 ~> 0x1]
46
+ */
47
+ static void fiat_p256_subborrowx_u64(uint64_t* out1, fiat_p256_uint1* out2, fiat_p256_uint1 arg1, uint64_t arg2, uint64_t arg3) {
48
+ fiat_p256_int128 x1 = ((arg2 - (fiat_p256_int128)arg1) - arg3);
49
+ fiat_p256_int1 x2 = (fiat_p256_int1)(x1 >> 64);
50
+ uint64_t x3 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff));
51
+ *out1 = x3;
52
+ *out2 = (fiat_p256_uint1)(0x0 - x2);
53
+ }
54
+
55
+ /*
56
+ * Input Bounds:
57
+ * arg1: [0x0 ~> 0xffffffffffffffff]
58
+ * arg2: [0x0 ~> 0xffffffffffffffff]
59
+ * Output Bounds:
60
+ * out1: [0x0 ~> 0xffffffffffffffff]
61
+ * out2: [0x0 ~> 0xffffffffffffffff]
62
+ */
63
+ static void fiat_p256_mulx_u64(uint64_t* out1, uint64_t* out2, uint64_t arg1, uint64_t arg2) {
64
+ fiat_p256_uint128 x1 = ((fiat_p256_uint128)arg1 * arg2);
65
+ uint64_t x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff));
66
+ uint64_t x3 = (uint64_t)(x1 >> 64);
67
+ *out1 = x2;
68
+ *out2 = x3;
69
+ }
70
+
71
+ /*
72
+ * Input Bounds:
73
+ * arg1: [0x0 ~> 0x1]
74
+ * arg2: [0x0 ~> 0xffffffffffffffff]
75
+ * arg3: [0x0 ~> 0xffffffffffffffff]
76
+ * Output Bounds:
77
+ * out1: [0x0 ~> 0xffffffffffffffff]
78
+ */
79
+ static void fiat_p256_cmovznz_u64(uint64_t* out1, fiat_p256_uint1 arg1, uint64_t arg2, uint64_t arg3) {
80
+ fiat_p256_uint1 x1 = (!(!arg1));
81
+ uint64_t x2 = ((fiat_p256_int1)(0x0 - x1) & UINT64_C(0xffffffffffffffff));
82
+ // Note this line has been patched from the synthesized code to add value
83
+ // barriers.
84
+ //
85
+ // Clang recognizes this pattern as a select. While it usually transforms it
86
+ // to a cmov, it sometimes further transforms it into a branch, which we do
87
+ // not want.
88
+ uint64_t x3 = ((value_barrier_u64(x2) & arg3) | (value_barrier_u64(~x2) & arg2));
89
+ *out1 = x3;
90
+ }
91
+
92
+ /*
93
+ * Input Bounds:
94
+ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
95
+ * arg2: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
96
+ * Output Bounds:
97
+ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
98
+ */
99
+ static void fiat_p256_mul(uint64_t out1[4], const uint64_t arg1[4], const uint64_t arg2[4]) {
100
+ uint64_t x1 = (arg1[1]);
101
+ uint64_t x2 = (arg1[2]);
102
+ uint64_t x3 = (arg1[3]);
103
+ uint64_t x4 = (arg1[0]);
104
+ uint64_t x5;
105
+ uint64_t x6;
106
+ fiat_p256_mulx_u64(&x5, &x6, x4, (arg2[3]));
107
+ uint64_t x7;
108
+ uint64_t x8;
109
+ fiat_p256_mulx_u64(&x7, &x8, x4, (arg2[2]));
110
+ uint64_t x9;
111
+ uint64_t x10;
112
+ fiat_p256_mulx_u64(&x9, &x10, x4, (arg2[1]));
113
+ uint64_t x11;
114
+ uint64_t x12;
115
+ fiat_p256_mulx_u64(&x11, &x12, x4, (arg2[0]));
116
+ uint64_t x13;
117
+ fiat_p256_uint1 x14;
118
+ fiat_p256_addcarryx_u64(&x13, &x14, 0x0, x9, x12);
119
+ uint64_t x15;
120
+ fiat_p256_uint1 x16;
121
+ fiat_p256_addcarryx_u64(&x15, &x16, x14, x7, x10);
122
+ uint64_t x17;
123
+ fiat_p256_uint1 x18;
124
+ fiat_p256_addcarryx_u64(&x17, &x18, x16, x5, x8);
125
+ uint64_t x19;
126
+ fiat_p256_uint1 x20;
127
+ fiat_p256_addcarryx_u64(&x19, &x20, x18, 0x0, x6);
128
+ uint64_t x21;
129
+ uint64_t x22;
130
+ fiat_p256_mulx_u64(&x21, &x22, x11, UINT64_C(0xffffffff00000001));
131
+ uint64_t x23;
132
+ uint64_t x24;
133
+ fiat_p256_mulx_u64(&x23, &x24, x11, UINT32_C(0xffffffff));
134
+ uint64_t x25;
135
+ uint64_t x26;
136
+ fiat_p256_mulx_u64(&x25, &x26, x11, UINT64_C(0xffffffffffffffff));
137
+ uint64_t x27;
138
+ fiat_p256_uint1 x28;
139
+ fiat_p256_addcarryx_u64(&x27, &x28, 0x0, x23, x26);
140
+ uint64_t x29;
141
+ fiat_p256_uint1 x30;
142
+ fiat_p256_addcarryx_u64(&x29, &x30, x28, 0x0, x24);
143
+ uint64_t x31;
144
+ fiat_p256_uint1 x32;
145
+ fiat_p256_addcarryx_u64(&x31, &x32, 0x0, x25, x11);
146
+ uint64_t x33;
147
+ fiat_p256_uint1 x34;
148
+ fiat_p256_addcarryx_u64(&x33, &x34, x32, x27, x13);
149
+ uint64_t x35;
150
+ fiat_p256_uint1 x36;
151
+ fiat_p256_addcarryx_u64(&x35, &x36, x34, x29, x15);
152
+ uint64_t x37;
153
+ fiat_p256_uint1 x38;
154
+ fiat_p256_addcarryx_u64(&x37, &x38, x36, x21, x17);
155
+ uint64_t x39;
156
+ fiat_p256_uint1 x40;
157
+ fiat_p256_addcarryx_u64(&x39, &x40, x38, x22, x19);
158
+ uint64_t x41;
159
+ fiat_p256_uint1 x42;
160
+ fiat_p256_addcarryx_u64(&x41, &x42, x40, 0x0, 0x0);
161
+ uint64_t x43;
162
+ uint64_t x44;
163
+ fiat_p256_mulx_u64(&x43, &x44, x1, (arg2[3]));
164
+ uint64_t x45;
165
+ uint64_t x46;
166
+ fiat_p256_mulx_u64(&x45, &x46, x1, (arg2[2]));
167
+ uint64_t x47;
168
+ uint64_t x48;
169
+ fiat_p256_mulx_u64(&x47, &x48, x1, (arg2[1]));
170
+ uint64_t x49;
171
+ uint64_t x50;
172
+ fiat_p256_mulx_u64(&x49, &x50, x1, (arg2[0]));
173
+ uint64_t x51;
174
+ fiat_p256_uint1 x52;
175
+ fiat_p256_addcarryx_u64(&x51, &x52, 0x0, x47, x50);
176
+ uint64_t x53;
177
+ fiat_p256_uint1 x54;
178
+ fiat_p256_addcarryx_u64(&x53, &x54, x52, x45, x48);
179
+ uint64_t x55;
180
+ fiat_p256_uint1 x56;
181
+ fiat_p256_addcarryx_u64(&x55, &x56, x54, x43, x46);
182
+ uint64_t x57;
183
+ fiat_p256_uint1 x58;
184
+ fiat_p256_addcarryx_u64(&x57, &x58, x56, 0x0, x44);
185
+ uint64_t x59;
186
+ fiat_p256_uint1 x60;
187
+ fiat_p256_addcarryx_u64(&x59, &x60, 0x0, x49, x33);
188
+ uint64_t x61;
189
+ fiat_p256_uint1 x62;
190
+ fiat_p256_addcarryx_u64(&x61, &x62, x60, x51, x35);
191
+ uint64_t x63;
192
+ fiat_p256_uint1 x64;
193
+ fiat_p256_addcarryx_u64(&x63, &x64, x62, x53, x37);
194
+ uint64_t x65;
195
+ fiat_p256_uint1 x66;
196
+ fiat_p256_addcarryx_u64(&x65, &x66, x64, x55, x39);
197
+ uint64_t x67;
198
+ fiat_p256_uint1 x68;
199
+ fiat_p256_addcarryx_u64(&x67, &x68, x66, x57, (fiat_p256_uint1)x41);
200
+ uint64_t x69;
201
+ uint64_t x70;
202
+ fiat_p256_mulx_u64(&x69, &x70, x59, UINT64_C(0xffffffff00000001));
203
+ uint64_t x71;
204
+ uint64_t x72;
205
+ fiat_p256_mulx_u64(&x71, &x72, x59, UINT32_C(0xffffffff));
206
+ uint64_t x73;
207
+ uint64_t x74;
208
+ fiat_p256_mulx_u64(&x73, &x74, x59, UINT64_C(0xffffffffffffffff));
209
+ uint64_t x75;
210
+ fiat_p256_uint1 x76;
211
+ fiat_p256_addcarryx_u64(&x75, &x76, 0x0, x71, x74);
212
+ uint64_t x77;
213
+ fiat_p256_uint1 x78;
214
+ fiat_p256_addcarryx_u64(&x77, &x78, x76, 0x0, x72);
215
+ uint64_t x79;
216
+ fiat_p256_uint1 x80;
217
+ fiat_p256_addcarryx_u64(&x79, &x80, 0x0, x73, x59);
218
+ uint64_t x81;
219
+ fiat_p256_uint1 x82;
220
+ fiat_p256_addcarryx_u64(&x81, &x82, x80, x75, x61);
221
+ uint64_t x83;
222
+ fiat_p256_uint1 x84;
223
+ fiat_p256_addcarryx_u64(&x83, &x84, x82, x77, x63);
224
+ uint64_t x85;
225
+ fiat_p256_uint1 x86;
226
+ fiat_p256_addcarryx_u64(&x85, &x86, x84, x69, x65);
227
+ uint64_t x87;
228
+ fiat_p256_uint1 x88;
229
+ fiat_p256_addcarryx_u64(&x87, &x88, x86, x70, x67);
230
+ uint64_t x89;
231
+ fiat_p256_uint1 x90;
232
+ fiat_p256_addcarryx_u64(&x89, &x90, x88, 0x0, x68);
233
+ uint64_t x91;
234
+ uint64_t x92;
235
+ fiat_p256_mulx_u64(&x91, &x92, x2, (arg2[3]));
236
+ uint64_t x93;
237
+ uint64_t x94;
238
+ fiat_p256_mulx_u64(&x93, &x94, x2, (arg2[2]));
239
+ uint64_t x95;
240
+ uint64_t x96;
241
+ fiat_p256_mulx_u64(&x95, &x96, x2, (arg2[1]));
242
+ uint64_t x97;
243
+ uint64_t x98;
244
+ fiat_p256_mulx_u64(&x97, &x98, x2, (arg2[0]));
245
+ uint64_t x99;
246
+ fiat_p256_uint1 x100;
247
+ fiat_p256_addcarryx_u64(&x99, &x100, 0x0, x95, x98);
248
+ uint64_t x101;
249
+ fiat_p256_uint1 x102;
250
+ fiat_p256_addcarryx_u64(&x101, &x102, x100, x93, x96);
251
+ uint64_t x103;
252
+ fiat_p256_uint1 x104;
253
+ fiat_p256_addcarryx_u64(&x103, &x104, x102, x91, x94);
254
+ uint64_t x105;
255
+ fiat_p256_uint1 x106;
256
+ fiat_p256_addcarryx_u64(&x105, &x106, x104, 0x0, x92);
257
+ uint64_t x107;
258
+ fiat_p256_uint1 x108;
259
+ fiat_p256_addcarryx_u64(&x107, &x108, 0x0, x97, x81);
260
+ uint64_t x109;
261
+ fiat_p256_uint1 x110;
262
+ fiat_p256_addcarryx_u64(&x109, &x110, x108, x99, x83);
263
+ uint64_t x111;
264
+ fiat_p256_uint1 x112;
265
+ fiat_p256_addcarryx_u64(&x111, &x112, x110, x101, x85);
266
+ uint64_t x113;
267
+ fiat_p256_uint1 x114;
268
+ fiat_p256_addcarryx_u64(&x113, &x114, x112, x103, x87);
269
+ uint64_t x115;
270
+ fiat_p256_uint1 x116;
271
+ fiat_p256_addcarryx_u64(&x115, &x116, x114, x105, x89);
272
+ uint64_t x117;
273
+ uint64_t x118;
274
+ fiat_p256_mulx_u64(&x117, &x118, x107, UINT64_C(0xffffffff00000001));
275
+ uint64_t x119;
276
+ uint64_t x120;
277
+ fiat_p256_mulx_u64(&x119, &x120, x107, UINT32_C(0xffffffff));
278
+ uint64_t x121;
279
+ uint64_t x122;
280
+ fiat_p256_mulx_u64(&x121, &x122, x107, UINT64_C(0xffffffffffffffff));
281
+ uint64_t x123;
282
+ fiat_p256_uint1 x124;
283
+ fiat_p256_addcarryx_u64(&x123, &x124, 0x0, x119, x122);
284
+ uint64_t x125;
285
+ fiat_p256_uint1 x126;
286
+ fiat_p256_addcarryx_u64(&x125, &x126, x124, 0x0, x120);
287
+ uint64_t x127;
288
+ fiat_p256_uint1 x128;
289
+ fiat_p256_addcarryx_u64(&x127, &x128, 0x0, x121, x107);
290
+ uint64_t x129;
291
+ fiat_p256_uint1 x130;
292
+ fiat_p256_addcarryx_u64(&x129, &x130, x128, x123, x109);
293
+ uint64_t x131;
294
+ fiat_p256_uint1 x132;
295
+ fiat_p256_addcarryx_u64(&x131, &x132, x130, x125, x111);
296
+ uint64_t x133;
297
+ fiat_p256_uint1 x134;
298
+ fiat_p256_addcarryx_u64(&x133, &x134, x132, x117, x113);
299
+ uint64_t x135;
300
+ fiat_p256_uint1 x136;
301
+ fiat_p256_addcarryx_u64(&x135, &x136, x134, x118, x115);
302
+ uint64_t x137;
303
+ fiat_p256_uint1 x138;
304
+ fiat_p256_addcarryx_u64(&x137, &x138, x136, 0x0, x116);
305
+ uint64_t x139;
306
+ uint64_t x140;
307
+ fiat_p256_mulx_u64(&x139, &x140, x3, (arg2[3]));
308
+ uint64_t x141;
309
+ uint64_t x142;
310
+ fiat_p256_mulx_u64(&x141, &x142, x3, (arg2[2]));
311
+ uint64_t x143;
312
+ uint64_t x144;
313
+ fiat_p256_mulx_u64(&x143, &x144, x3, (arg2[1]));
314
+ uint64_t x145;
315
+ uint64_t x146;
316
+ fiat_p256_mulx_u64(&x145, &x146, x3, (arg2[0]));
317
+ uint64_t x147;
318
+ fiat_p256_uint1 x148;
319
+ fiat_p256_addcarryx_u64(&x147, &x148, 0x0, x143, x146);
320
+ uint64_t x149;
321
+ fiat_p256_uint1 x150;
322
+ fiat_p256_addcarryx_u64(&x149, &x150, x148, x141, x144);
323
+ uint64_t x151;
324
+ fiat_p256_uint1 x152;
325
+ fiat_p256_addcarryx_u64(&x151, &x152, x150, x139, x142);
326
+ uint64_t x153;
327
+ fiat_p256_uint1 x154;
328
+ fiat_p256_addcarryx_u64(&x153, &x154, x152, 0x0, x140);
329
+ uint64_t x155;
330
+ fiat_p256_uint1 x156;
331
+ fiat_p256_addcarryx_u64(&x155, &x156, 0x0, x145, x129);
332
+ uint64_t x157;
333
+ fiat_p256_uint1 x158;
334
+ fiat_p256_addcarryx_u64(&x157, &x158, x156, x147, x131);
335
+ uint64_t x159;
336
+ fiat_p256_uint1 x160;
337
+ fiat_p256_addcarryx_u64(&x159, &x160, x158, x149, x133);
338
+ uint64_t x161;
339
+ fiat_p256_uint1 x162;
340
+ fiat_p256_addcarryx_u64(&x161, &x162, x160, x151, x135);
341
+ uint64_t x163;
342
+ fiat_p256_uint1 x164;
343
+ fiat_p256_addcarryx_u64(&x163, &x164, x162, x153, x137);
344
+ uint64_t x165;
345
+ uint64_t x166;
346
+ fiat_p256_mulx_u64(&x165, &x166, x155, UINT64_C(0xffffffff00000001));
347
+ uint64_t x167;
348
+ uint64_t x168;
349
+ fiat_p256_mulx_u64(&x167, &x168, x155, UINT32_C(0xffffffff));
350
+ uint64_t x169;
351
+ uint64_t x170;
352
+ fiat_p256_mulx_u64(&x169, &x170, x155, UINT64_C(0xffffffffffffffff));
353
+ uint64_t x171;
354
+ fiat_p256_uint1 x172;
355
+ fiat_p256_addcarryx_u64(&x171, &x172, 0x0, x167, x170);
356
+ uint64_t x173;
357
+ fiat_p256_uint1 x174;
358
+ fiat_p256_addcarryx_u64(&x173, &x174, x172, 0x0, x168);
359
+ uint64_t x175;
360
+ fiat_p256_uint1 x176;
361
+ fiat_p256_addcarryx_u64(&x175, &x176, 0x0, x169, x155);
362
+ uint64_t x177;
363
+ fiat_p256_uint1 x178;
364
+ fiat_p256_addcarryx_u64(&x177, &x178, x176, x171, x157);
365
+ uint64_t x179;
366
+ fiat_p256_uint1 x180;
367
+ fiat_p256_addcarryx_u64(&x179, &x180, x178, x173, x159);
368
+ uint64_t x181;
369
+ fiat_p256_uint1 x182;
370
+ fiat_p256_addcarryx_u64(&x181, &x182, x180, x165, x161);
371
+ uint64_t x183;
372
+ fiat_p256_uint1 x184;
373
+ fiat_p256_addcarryx_u64(&x183, &x184, x182, x166, x163);
374
+ uint64_t x185;
375
+ fiat_p256_uint1 x186;
376
+ fiat_p256_addcarryx_u64(&x185, &x186, x184, 0x0, x164);
377
+ uint64_t x187;
378
+ fiat_p256_uint1 x188;
379
+ fiat_p256_subborrowx_u64(&x187, &x188, 0x0, x177, UINT64_C(0xffffffffffffffff));
380
+ uint64_t x189;
381
+ fiat_p256_uint1 x190;
382
+ fiat_p256_subborrowx_u64(&x189, &x190, x188, x179, UINT32_C(0xffffffff));
383
+ uint64_t x191;
384
+ fiat_p256_uint1 x192;
385
+ fiat_p256_subborrowx_u64(&x191, &x192, x190, x181, 0x0);
386
+ uint64_t x193;
387
+ fiat_p256_uint1 x194;
388
+ fiat_p256_subborrowx_u64(&x193, &x194, x192, x183, UINT64_C(0xffffffff00000001));
389
+ uint64_t x195;
390
+ fiat_p256_uint1 x196;
391
+ fiat_p256_subborrowx_u64(&x195, &x196, x194, x185, 0x0);
392
+ uint64_t x197;
393
+ fiat_p256_cmovznz_u64(&x197, x196, x187, x177);
394
+ uint64_t x198;
395
+ fiat_p256_cmovznz_u64(&x198, x196, x189, x179);
396
+ uint64_t x199;
397
+ fiat_p256_cmovznz_u64(&x199, x196, x191, x181);
398
+ uint64_t x200;
399
+ fiat_p256_cmovznz_u64(&x200, x196, x193, x183);
400
+ out1[0] = x197;
401
+ out1[1] = x198;
402
+ out1[2] = x199;
403
+ out1[3] = x200;
404
+ }
405
+
406
+ /*
407
+ * Input Bounds:
408
+ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
409
+ * Output Bounds:
410
+ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
411
+ */
412
+ static void fiat_p256_square(uint64_t out1[4], const uint64_t arg1[4]) {
413
+ uint64_t x1 = (arg1[1]);
414
+ uint64_t x2 = (arg1[2]);
415
+ uint64_t x3 = (arg1[3]);
416
+ uint64_t x4 = (arg1[0]);
417
+ uint64_t x5;
418
+ uint64_t x6;
419
+ fiat_p256_mulx_u64(&x5, &x6, x4, (arg1[3]));
420
+ uint64_t x7;
421
+ uint64_t x8;
422
+ fiat_p256_mulx_u64(&x7, &x8, x4, (arg1[2]));
423
+ uint64_t x9;
424
+ uint64_t x10;
425
+ fiat_p256_mulx_u64(&x9, &x10, x4, (arg1[1]));
426
+ uint64_t x11;
427
+ uint64_t x12;
428
+ fiat_p256_mulx_u64(&x11, &x12, x4, (arg1[0]));
429
+ uint64_t x13;
430
+ fiat_p256_uint1 x14;
431
+ fiat_p256_addcarryx_u64(&x13, &x14, 0x0, x9, x12);
432
+ uint64_t x15;
433
+ fiat_p256_uint1 x16;
434
+ fiat_p256_addcarryx_u64(&x15, &x16, x14, x7, x10);
435
+ uint64_t x17;
436
+ fiat_p256_uint1 x18;
437
+ fiat_p256_addcarryx_u64(&x17, &x18, x16, x5, x8);
438
+ uint64_t x19;
439
+ fiat_p256_uint1 x20;
440
+ fiat_p256_addcarryx_u64(&x19, &x20, x18, 0x0, x6);
441
+ uint64_t x21;
442
+ uint64_t x22;
443
+ fiat_p256_mulx_u64(&x21, &x22, x11, UINT64_C(0xffffffff00000001));
444
+ uint64_t x23;
445
+ uint64_t x24;
446
+ fiat_p256_mulx_u64(&x23, &x24, x11, UINT32_C(0xffffffff));
447
+ uint64_t x25;
448
+ uint64_t x26;
449
+ fiat_p256_mulx_u64(&x25, &x26, x11, UINT64_C(0xffffffffffffffff));
450
+ uint64_t x27;
451
+ fiat_p256_uint1 x28;
452
+ fiat_p256_addcarryx_u64(&x27, &x28, 0x0, x23, x26);
453
+ uint64_t x29;
454
+ fiat_p256_uint1 x30;
455
+ fiat_p256_addcarryx_u64(&x29, &x30, x28, 0x0, x24);
456
+ uint64_t x31;
457
+ fiat_p256_uint1 x32;
458
+ fiat_p256_addcarryx_u64(&x31, &x32, 0x0, x25, x11);
459
+ uint64_t x33;
460
+ fiat_p256_uint1 x34;
461
+ fiat_p256_addcarryx_u64(&x33, &x34, x32, x27, x13);
462
+ uint64_t x35;
463
+ fiat_p256_uint1 x36;
464
+ fiat_p256_addcarryx_u64(&x35, &x36, x34, x29, x15);
465
+ uint64_t x37;
466
+ fiat_p256_uint1 x38;
467
+ fiat_p256_addcarryx_u64(&x37, &x38, x36, x21, x17);
468
+ uint64_t x39;
469
+ fiat_p256_uint1 x40;
470
+ fiat_p256_addcarryx_u64(&x39, &x40, x38, x22, x19);
471
+ uint64_t x41;
472
+ fiat_p256_uint1 x42;
473
+ fiat_p256_addcarryx_u64(&x41, &x42, x40, 0x0, 0x0);
474
+ uint64_t x43;
475
+ uint64_t x44;
476
+ fiat_p256_mulx_u64(&x43, &x44, x1, (arg1[3]));
477
+ uint64_t x45;
478
+ uint64_t x46;
479
+ fiat_p256_mulx_u64(&x45, &x46, x1, (arg1[2]));
480
+ uint64_t x47;
481
+ uint64_t x48;
482
+ fiat_p256_mulx_u64(&x47, &x48, x1, (arg1[1]));
483
+ uint64_t x49;
484
+ uint64_t x50;
485
+ fiat_p256_mulx_u64(&x49, &x50, x1, (arg1[0]));
486
+ uint64_t x51;
487
+ fiat_p256_uint1 x52;
488
+ fiat_p256_addcarryx_u64(&x51, &x52, 0x0, x47, x50);
489
+ uint64_t x53;
490
+ fiat_p256_uint1 x54;
491
+ fiat_p256_addcarryx_u64(&x53, &x54, x52, x45, x48);
492
+ uint64_t x55;
493
+ fiat_p256_uint1 x56;
494
+ fiat_p256_addcarryx_u64(&x55, &x56, x54, x43, x46);
495
+ uint64_t x57;
496
+ fiat_p256_uint1 x58;
497
+ fiat_p256_addcarryx_u64(&x57, &x58, x56, 0x0, x44);
498
+ uint64_t x59;
499
+ fiat_p256_uint1 x60;
500
+ fiat_p256_addcarryx_u64(&x59, &x60, 0x0, x49, x33);
501
+ uint64_t x61;
502
+ fiat_p256_uint1 x62;
503
+ fiat_p256_addcarryx_u64(&x61, &x62, x60, x51, x35);
504
+ uint64_t x63;
505
+ fiat_p256_uint1 x64;
506
+ fiat_p256_addcarryx_u64(&x63, &x64, x62, x53, x37);
507
+ uint64_t x65;
508
+ fiat_p256_uint1 x66;
509
+ fiat_p256_addcarryx_u64(&x65, &x66, x64, x55, x39);
510
+ uint64_t x67;
511
+ fiat_p256_uint1 x68;
512
+ fiat_p256_addcarryx_u64(&x67, &x68, x66, x57, (fiat_p256_uint1)x41);
513
+ uint64_t x69;
514
+ uint64_t x70;
515
+ fiat_p256_mulx_u64(&x69, &x70, x59, UINT64_C(0xffffffff00000001));
516
+ uint64_t x71;
517
+ uint64_t x72;
518
+ fiat_p256_mulx_u64(&x71, &x72, x59, UINT32_C(0xffffffff));
519
+ uint64_t x73;
520
+ uint64_t x74;
521
+ fiat_p256_mulx_u64(&x73, &x74, x59, UINT64_C(0xffffffffffffffff));
522
+ uint64_t x75;
523
+ fiat_p256_uint1 x76;
524
+ fiat_p256_addcarryx_u64(&x75, &x76, 0x0, x71, x74);
525
+ uint64_t x77;
526
+ fiat_p256_uint1 x78;
527
+ fiat_p256_addcarryx_u64(&x77, &x78, x76, 0x0, x72);
528
+ uint64_t x79;
529
+ fiat_p256_uint1 x80;
530
+ fiat_p256_addcarryx_u64(&x79, &x80, 0x0, x73, x59);
531
+ uint64_t x81;
532
+ fiat_p256_uint1 x82;
533
+ fiat_p256_addcarryx_u64(&x81, &x82, x80, x75, x61);
534
+ uint64_t x83;
535
+ fiat_p256_uint1 x84;
536
+ fiat_p256_addcarryx_u64(&x83, &x84, x82, x77, x63);
537
+ uint64_t x85;
538
+ fiat_p256_uint1 x86;
539
+ fiat_p256_addcarryx_u64(&x85, &x86, x84, x69, x65);
540
+ uint64_t x87;
541
+ fiat_p256_uint1 x88;
542
+ fiat_p256_addcarryx_u64(&x87, &x88, x86, x70, x67);
543
+ uint64_t x89;
544
+ fiat_p256_uint1 x90;
545
+ fiat_p256_addcarryx_u64(&x89, &x90, x88, 0x0, x68);
546
+ uint64_t x91;
547
+ uint64_t x92;
548
+ fiat_p256_mulx_u64(&x91, &x92, x2, (arg1[3]));
549
+ uint64_t x93;
550
+ uint64_t x94;
551
+ fiat_p256_mulx_u64(&x93, &x94, x2, (arg1[2]));
552
+ uint64_t x95;
553
+ uint64_t x96;
554
+ fiat_p256_mulx_u64(&x95, &x96, x2, (arg1[1]));
555
+ uint64_t x97;
556
+ uint64_t x98;
557
+ fiat_p256_mulx_u64(&x97, &x98, x2, (arg1[0]));
558
+ uint64_t x99;
559
+ fiat_p256_uint1 x100;
560
+ fiat_p256_addcarryx_u64(&x99, &x100, 0x0, x95, x98);
561
+ uint64_t x101;
562
+ fiat_p256_uint1 x102;
563
+ fiat_p256_addcarryx_u64(&x101, &x102, x100, x93, x96);
564
+ uint64_t x103;
565
+ fiat_p256_uint1 x104;
566
+ fiat_p256_addcarryx_u64(&x103, &x104, x102, x91, x94);
567
+ uint64_t x105;
568
+ fiat_p256_uint1 x106;
569
+ fiat_p256_addcarryx_u64(&x105, &x106, x104, 0x0, x92);
570
+ uint64_t x107;
571
+ fiat_p256_uint1 x108;
572
+ fiat_p256_addcarryx_u64(&x107, &x108, 0x0, x97, x81);
573
+ uint64_t x109;
574
+ fiat_p256_uint1 x110;
575
+ fiat_p256_addcarryx_u64(&x109, &x110, x108, x99, x83);
576
+ uint64_t x111;
577
+ fiat_p256_uint1 x112;
578
+ fiat_p256_addcarryx_u64(&x111, &x112, x110, x101, x85);
579
+ uint64_t x113;
580
+ fiat_p256_uint1 x114;
581
+ fiat_p256_addcarryx_u64(&x113, &x114, x112, x103, x87);
582
+ uint64_t x115;
583
+ fiat_p256_uint1 x116;
584
+ fiat_p256_addcarryx_u64(&x115, &x116, x114, x105, x89);
585
+ uint64_t x117;
586
+ uint64_t x118;
587
+ fiat_p256_mulx_u64(&x117, &x118, x107, UINT64_C(0xffffffff00000001));
588
+ uint64_t x119;
589
+ uint64_t x120;
590
+ fiat_p256_mulx_u64(&x119, &x120, x107, UINT32_C(0xffffffff));
591
+ uint64_t x121;
592
+ uint64_t x122;
593
+ fiat_p256_mulx_u64(&x121, &x122, x107, UINT64_C(0xffffffffffffffff));
594
+ uint64_t x123;
595
+ fiat_p256_uint1 x124;
596
+ fiat_p256_addcarryx_u64(&x123, &x124, 0x0, x119, x122);
597
+ uint64_t x125;
598
+ fiat_p256_uint1 x126;
599
+ fiat_p256_addcarryx_u64(&x125, &x126, x124, 0x0, x120);
600
+ uint64_t x127;
601
+ fiat_p256_uint1 x128;
602
+ fiat_p256_addcarryx_u64(&x127, &x128, 0x0, x121, x107);
603
+ uint64_t x129;
604
+ fiat_p256_uint1 x130;
605
+ fiat_p256_addcarryx_u64(&x129, &x130, x128, x123, x109);
606
+ uint64_t x131;
607
+ fiat_p256_uint1 x132;
608
+ fiat_p256_addcarryx_u64(&x131, &x132, x130, x125, x111);
609
+ uint64_t x133;
610
+ fiat_p256_uint1 x134;
611
+ fiat_p256_addcarryx_u64(&x133, &x134, x132, x117, x113);
612
+ uint64_t x135;
613
+ fiat_p256_uint1 x136;
614
+ fiat_p256_addcarryx_u64(&x135, &x136, x134, x118, x115);
615
+ uint64_t x137;
616
+ fiat_p256_uint1 x138;
617
+ fiat_p256_addcarryx_u64(&x137, &x138, x136, 0x0, x116);
618
+ uint64_t x139;
619
+ uint64_t x140;
620
+ fiat_p256_mulx_u64(&x139, &x140, x3, (arg1[3]));
621
+ uint64_t x141;
622
+ uint64_t x142;
623
+ fiat_p256_mulx_u64(&x141, &x142, x3, (arg1[2]));
624
+ uint64_t x143;
625
+ uint64_t x144;
626
+ fiat_p256_mulx_u64(&x143, &x144, x3, (arg1[1]));
627
+ uint64_t x145;
628
+ uint64_t x146;
629
+ fiat_p256_mulx_u64(&x145, &x146, x3, (arg1[0]));
630
+ uint64_t x147;
631
+ fiat_p256_uint1 x148;
632
+ fiat_p256_addcarryx_u64(&x147, &x148, 0x0, x143, x146);
633
+ uint64_t x149;
634
+ fiat_p256_uint1 x150;
635
+ fiat_p256_addcarryx_u64(&x149, &x150, x148, x141, x144);
636
+ uint64_t x151;
637
+ fiat_p256_uint1 x152;
638
+ fiat_p256_addcarryx_u64(&x151, &x152, x150, x139, x142);
639
+ uint64_t x153;
640
+ fiat_p256_uint1 x154;
641
+ fiat_p256_addcarryx_u64(&x153, &x154, x152, 0x0, x140);
642
+ uint64_t x155;
643
+ fiat_p256_uint1 x156;
644
+ fiat_p256_addcarryx_u64(&x155, &x156, 0x0, x145, x129);
645
+ uint64_t x157;
646
+ fiat_p256_uint1 x158;
647
+ fiat_p256_addcarryx_u64(&x157, &x158, x156, x147, x131);
648
+ uint64_t x159;
649
+ fiat_p256_uint1 x160;
650
+ fiat_p256_addcarryx_u64(&x159, &x160, x158, x149, x133);
651
+ uint64_t x161;
652
+ fiat_p256_uint1 x162;
653
+ fiat_p256_addcarryx_u64(&x161, &x162, x160, x151, x135);
654
+ uint64_t x163;
655
+ fiat_p256_uint1 x164;
656
+ fiat_p256_addcarryx_u64(&x163, &x164, x162, x153, x137);
657
+ uint64_t x165;
658
+ uint64_t x166;
659
+ fiat_p256_mulx_u64(&x165, &x166, x155, UINT64_C(0xffffffff00000001));
660
+ uint64_t x167;
661
+ uint64_t x168;
662
+ fiat_p256_mulx_u64(&x167, &x168, x155, UINT32_C(0xffffffff));
663
+ uint64_t x169;
664
+ uint64_t x170;
665
+ fiat_p256_mulx_u64(&x169, &x170, x155, UINT64_C(0xffffffffffffffff));
666
+ uint64_t x171;
667
+ fiat_p256_uint1 x172;
668
+ fiat_p256_addcarryx_u64(&x171, &x172, 0x0, x167, x170);
669
+ uint64_t x173;
670
+ fiat_p256_uint1 x174;
671
+ fiat_p256_addcarryx_u64(&x173, &x174, x172, 0x0, x168);
672
+ uint64_t x175;
673
+ fiat_p256_uint1 x176;
674
+ fiat_p256_addcarryx_u64(&x175, &x176, 0x0, x169, x155);
675
+ uint64_t x177;
676
+ fiat_p256_uint1 x178;
677
+ fiat_p256_addcarryx_u64(&x177, &x178, x176, x171, x157);
678
+ uint64_t x179;
679
+ fiat_p256_uint1 x180;
680
+ fiat_p256_addcarryx_u64(&x179, &x180, x178, x173, x159);
681
+ uint64_t x181;
682
+ fiat_p256_uint1 x182;
683
+ fiat_p256_addcarryx_u64(&x181, &x182, x180, x165, x161);
684
+ uint64_t x183;
685
+ fiat_p256_uint1 x184;
686
+ fiat_p256_addcarryx_u64(&x183, &x184, x182, x166, x163);
687
+ uint64_t x185;
688
+ fiat_p256_uint1 x186;
689
+ fiat_p256_addcarryx_u64(&x185, &x186, x184, 0x0, x164);
690
+ uint64_t x187;
691
+ fiat_p256_uint1 x188;
692
+ fiat_p256_subborrowx_u64(&x187, &x188, 0x0, x177, UINT64_C(0xffffffffffffffff));
693
+ uint64_t x189;
694
+ fiat_p256_uint1 x190;
695
+ fiat_p256_subborrowx_u64(&x189, &x190, x188, x179, UINT32_C(0xffffffff));
696
+ uint64_t x191;
697
+ fiat_p256_uint1 x192;
698
+ fiat_p256_subborrowx_u64(&x191, &x192, x190, x181, 0x0);
699
+ uint64_t x193;
700
+ fiat_p256_uint1 x194;
701
+ fiat_p256_subborrowx_u64(&x193, &x194, x192, x183, UINT64_C(0xffffffff00000001));
702
+ uint64_t x195;
703
+ fiat_p256_uint1 x196;
704
+ fiat_p256_subborrowx_u64(&x195, &x196, x194, x185, 0x0);
705
+ uint64_t x197;
706
+ fiat_p256_cmovznz_u64(&x197, x196, x187, x177);
707
+ uint64_t x198;
708
+ fiat_p256_cmovznz_u64(&x198, x196, x189, x179);
709
+ uint64_t x199;
710
+ fiat_p256_cmovznz_u64(&x199, x196, x191, x181);
711
+ uint64_t x200;
712
+ fiat_p256_cmovznz_u64(&x200, x196, x193, x183);
713
+ out1[0] = x197;
714
+ out1[1] = x198;
715
+ out1[2] = x199;
716
+ out1[3] = x200;
717
+ }
718
+
719
+ /*
720
+ * Input Bounds:
721
+ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
722
+ * arg2: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
723
+ * Output Bounds:
724
+ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
725
+ */
726
+ static void fiat_p256_add(uint64_t out1[4], const uint64_t arg1[4], const uint64_t arg2[4]) {
727
+ uint64_t x1;
728
+ fiat_p256_uint1 x2;
729
+ fiat_p256_addcarryx_u64(&x1, &x2, 0x0, (arg2[0]), (arg1[0]));
730
+ uint64_t x3;
731
+ fiat_p256_uint1 x4;
732
+ fiat_p256_addcarryx_u64(&x3, &x4, x2, (arg2[1]), (arg1[1]));
733
+ uint64_t x5;
734
+ fiat_p256_uint1 x6;
735
+ fiat_p256_addcarryx_u64(&x5, &x6, x4, (arg2[2]), (arg1[2]));
736
+ uint64_t x7;
737
+ fiat_p256_uint1 x8;
738
+ fiat_p256_addcarryx_u64(&x7, &x8, x6, (arg2[3]), (arg1[3]));
739
+ uint64_t x9;
740
+ fiat_p256_uint1 x10;
741
+ fiat_p256_subborrowx_u64(&x9, &x10, 0x0, x1, UINT64_C(0xffffffffffffffff));
742
+ uint64_t x11;
743
+ fiat_p256_uint1 x12;
744
+ fiat_p256_subborrowx_u64(&x11, &x12, x10, x3, UINT32_C(0xffffffff));
745
+ uint64_t x13;
746
+ fiat_p256_uint1 x14;
747
+ fiat_p256_subborrowx_u64(&x13, &x14, x12, x5, 0x0);
748
+ uint64_t x15;
749
+ fiat_p256_uint1 x16;
750
+ fiat_p256_subborrowx_u64(&x15, &x16, x14, x7, UINT64_C(0xffffffff00000001));
751
+ uint64_t x17;
752
+ fiat_p256_uint1 x18;
753
+ fiat_p256_subborrowx_u64(&x17, &x18, x16, x8, 0x0);
754
+ uint64_t x19;
755
+ fiat_p256_cmovznz_u64(&x19, x18, x9, x1);
756
+ uint64_t x20;
757
+ fiat_p256_cmovznz_u64(&x20, x18, x11, x3);
758
+ uint64_t x21;
759
+ fiat_p256_cmovznz_u64(&x21, x18, x13, x5);
760
+ uint64_t x22;
761
+ fiat_p256_cmovznz_u64(&x22, x18, x15, x7);
762
+ out1[0] = x19;
763
+ out1[1] = x20;
764
+ out1[2] = x21;
765
+ out1[3] = x22;
766
+ }
767
+
768
+ /*
769
+ * Input Bounds:
770
+ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
771
+ * arg2: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
772
+ * Output Bounds:
773
+ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
774
+ */
775
+ static void fiat_p256_sub(uint64_t out1[4], const uint64_t arg1[4], const uint64_t arg2[4]) {
776
+ uint64_t x1;
777
+ fiat_p256_uint1 x2;
778
+ fiat_p256_subborrowx_u64(&x1, &x2, 0x0, (arg1[0]), (arg2[0]));
779
+ uint64_t x3;
780
+ fiat_p256_uint1 x4;
781
+ fiat_p256_subborrowx_u64(&x3, &x4, x2, (arg1[1]), (arg2[1]));
782
+ uint64_t x5;
783
+ fiat_p256_uint1 x6;
784
+ fiat_p256_subborrowx_u64(&x5, &x6, x4, (arg1[2]), (arg2[2]));
785
+ uint64_t x7;
786
+ fiat_p256_uint1 x8;
787
+ fiat_p256_subborrowx_u64(&x7, &x8, x6, (arg1[3]), (arg2[3]));
788
+ uint64_t x9;
789
+ fiat_p256_cmovznz_u64(&x9, x8, 0x0, UINT64_C(0xffffffffffffffff));
790
+ uint64_t x10;
791
+ fiat_p256_uint1 x11;
792
+ fiat_p256_addcarryx_u64(&x10, &x11, 0x0, (x9 & UINT64_C(0xffffffffffffffff)), x1);
793
+ uint64_t x12;
794
+ fiat_p256_uint1 x13;
795
+ fiat_p256_addcarryx_u64(&x12, &x13, x11, (x9 & UINT32_C(0xffffffff)), x3);
796
+ uint64_t x14;
797
+ fiat_p256_uint1 x15;
798
+ fiat_p256_addcarryx_u64(&x14, &x15, x13, 0x0, x5);
799
+ uint64_t x16;
800
+ fiat_p256_uint1 x17;
801
+ fiat_p256_addcarryx_u64(&x16, &x17, x15, (x9 & UINT64_C(0xffffffff00000001)), x7);
802
+ out1[0] = x10;
803
+ out1[1] = x12;
804
+ out1[2] = x14;
805
+ out1[3] = x16;
806
+ }
807
+
808
+ /*
809
+ * Input Bounds:
810
+ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
811
+ * Output Bounds:
812
+ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
813
+ */
814
+ static void fiat_p256_opp(uint64_t out1[4], const uint64_t arg1[4]) {
815
+ uint64_t x1;
816
+ fiat_p256_uint1 x2;
817
+ fiat_p256_subborrowx_u64(&x1, &x2, 0x0, 0x0, (arg1[0]));
818
+ uint64_t x3;
819
+ fiat_p256_uint1 x4;
820
+ fiat_p256_subborrowx_u64(&x3, &x4, x2, 0x0, (arg1[1]));
821
+ uint64_t x5;
822
+ fiat_p256_uint1 x6;
823
+ fiat_p256_subborrowx_u64(&x5, &x6, x4, 0x0, (arg1[2]));
824
+ uint64_t x7;
825
+ fiat_p256_uint1 x8;
826
+ fiat_p256_subborrowx_u64(&x7, &x8, x6, 0x0, (arg1[3]));
827
+ uint64_t x9;
828
+ fiat_p256_cmovznz_u64(&x9, x8, 0x0, UINT64_C(0xffffffffffffffff));
829
+ uint64_t x10;
830
+ fiat_p256_uint1 x11;
831
+ fiat_p256_addcarryx_u64(&x10, &x11, 0x0, (x9 & UINT64_C(0xffffffffffffffff)), x1);
832
+ uint64_t x12;
833
+ fiat_p256_uint1 x13;
834
+ fiat_p256_addcarryx_u64(&x12, &x13, x11, (x9 & UINT32_C(0xffffffff)), x3);
835
+ uint64_t x14;
836
+ fiat_p256_uint1 x15;
837
+ fiat_p256_addcarryx_u64(&x14, &x15, x13, 0x0, x5);
838
+ uint64_t x16;
839
+ fiat_p256_uint1 x17;
840
+ fiat_p256_addcarryx_u64(&x16, &x17, x15, (x9 & UINT64_C(0xffffffff00000001)), x7);
841
+ out1[0] = x10;
842
+ out1[1] = x12;
843
+ out1[2] = x14;
844
+ out1[3] = x16;
845
+ }
846
+
847
+ /*
848
+ * Input Bounds:
849
+ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
850
+ * Output Bounds:
851
+ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
852
+ */
853
+ static void fiat_p256_from_montgomery(uint64_t out1[4], const uint64_t arg1[4]) {
854
+ uint64_t x1 = (arg1[0]);
855
+ uint64_t x2;
856
+ uint64_t x3;
857
+ fiat_p256_mulx_u64(&x2, &x3, x1, UINT64_C(0xffffffff00000001));
858
+ uint64_t x4;
859
+ uint64_t x5;
860
+ fiat_p256_mulx_u64(&x4, &x5, x1, UINT32_C(0xffffffff));
861
+ uint64_t x6;
862
+ uint64_t x7;
863
+ fiat_p256_mulx_u64(&x6, &x7, x1, UINT64_C(0xffffffffffffffff));
864
+ uint64_t x8;
865
+ fiat_p256_uint1 x9;
866
+ fiat_p256_addcarryx_u64(&x8, &x9, 0x0, x4, x7);
867
+ uint64_t x10;
868
+ fiat_p256_uint1 x11;
869
+ fiat_p256_addcarryx_u64(&x10, &x11, 0x0, x6, x1);
870
+ uint64_t x12;
871
+ fiat_p256_uint1 x13;
872
+ fiat_p256_addcarryx_u64(&x12, &x13, x11, x8, 0x0);
873
+ uint64_t x14;
874
+ fiat_p256_uint1 x15;
875
+ fiat_p256_addcarryx_u64(&x14, &x15, 0x0, (arg1[1]), x12);
876
+ uint64_t x16;
877
+ uint64_t x17;
878
+ fiat_p256_mulx_u64(&x16, &x17, x14, UINT64_C(0xffffffff00000001));
879
+ uint64_t x18;
880
+ uint64_t x19;
881
+ fiat_p256_mulx_u64(&x18, &x19, x14, UINT32_C(0xffffffff));
882
+ uint64_t x20;
883
+ uint64_t x21;
884
+ fiat_p256_mulx_u64(&x20, &x21, x14, UINT64_C(0xffffffffffffffff));
885
+ uint64_t x22;
886
+ fiat_p256_uint1 x23;
887
+ fiat_p256_addcarryx_u64(&x22, &x23, 0x0, x18, x21);
888
+ uint64_t x24;
889
+ fiat_p256_uint1 x25;
890
+ fiat_p256_addcarryx_u64(&x24, &x25, x9, 0x0, x5);
891
+ uint64_t x26;
892
+ fiat_p256_uint1 x27;
893
+ fiat_p256_addcarryx_u64(&x26, &x27, x13, x24, 0x0);
894
+ uint64_t x28;
895
+ fiat_p256_uint1 x29;
896
+ fiat_p256_addcarryx_u64(&x28, &x29, x15, 0x0, x26);
897
+ uint64_t x30;
898
+ fiat_p256_uint1 x31;
899
+ fiat_p256_addcarryx_u64(&x30, &x31, 0x0, x20, x14);
900
+ uint64_t x32;
901
+ fiat_p256_uint1 x33;
902
+ fiat_p256_addcarryx_u64(&x32, &x33, x31, x22, x28);
903
+ uint64_t x34;
904
+ fiat_p256_uint1 x35;
905
+ fiat_p256_addcarryx_u64(&x34, &x35, x23, 0x0, x19);
906
+ uint64_t x36;
907
+ fiat_p256_uint1 x37;
908
+ fiat_p256_addcarryx_u64(&x36, &x37, x33, x34, x2);
909
+ uint64_t x38;
910
+ fiat_p256_uint1 x39;
911
+ fiat_p256_addcarryx_u64(&x38, &x39, x37, x16, x3);
912
+ uint64_t x40;
913
+ fiat_p256_uint1 x41;
914
+ fiat_p256_addcarryx_u64(&x40, &x41, 0x0, (arg1[2]), x32);
915
+ uint64_t x42;
916
+ fiat_p256_uint1 x43;
917
+ fiat_p256_addcarryx_u64(&x42, &x43, x41, 0x0, x36);
918
+ uint64_t x44;
919
+ fiat_p256_uint1 x45;
920
+ fiat_p256_addcarryx_u64(&x44, &x45, x43, 0x0, x38);
921
+ uint64_t x46;
922
+ uint64_t x47;
923
+ fiat_p256_mulx_u64(&x46, &x47, x40, UINT64_C(0xffffffff00000001));
924
+ uint64_t x48;
925
+ uint64_t x49;
926
+ fiat_p256_mulx_u64(&x48, &x49, x40, UINT32_C(0xffffffff));
927
+ uint64_t x50;
928
+ uint64_t x51;
929
+ fiat_p256_mulx_u64(&x50, &x51, x40, UINT64_C(0xffffffffffffffff));
930
+ uint64_t x52;
931
+ fiat_p256_uint1 x53;
932
+ fiat_p256_addcarryx_u64(&x52, &x53, 0x0, x48, x51);
933
+ uint64_t x54;
934
+ fiat_p256_uint1 x55;
935
+ fiat_p256_addcarryx_u64(&x54, &x55, 0x0, x50, x40);
936
+ uint64_t x56;
937
+ fiat_p256_uint1 x57;
938
+ fiat_p256_addcarryx_u64(&x56, &x57, x55, x52, x42);
939
+ uint64_t x58;
940
+ fiat_p256_uint1 x59;
941
+ fiat_p256_addcarryx_u64(&x58, &x59, x53, 0x0, x49);
942
+ uint64_t x60;
943
+ fiat_p256_uint1 x61;
944
+ fiat_p256_addcarryx_u64(&x60, &x61, x57, x58, x44);
945
+ uint64_t x62;
946
+ fiat_p256_uint1 x63;
947
+ fiat_p256_addcarryx_u64(&x62, &x63, x39, x17, 0x0);
948
+ uint64_t x64;
949
+ fiat_p256_uint1 x65;
950
+ fiat_p256_addcarryx_u64(&x64, &x65, x45, 0x0, x62);
951
+ uint64_t x66;
952
+ fiat_p256_uint1 x67;
953
+ fiat_p256_addcarryx_u64(&x66, &x67, x61, x46, x64);
954
+ uint64_t x68;
955
+ fiat_p256_uint1 x69;
956
+ fiat_p256_addcarryx_u64(&x68, &x69, 0x0, (arg1[3]), x56);
957
+ uint64_t x70;
958
+ fiat_p256_uint1 x71;
959
+ fiat_p256_addcarryx_u64(&x70, &x71, x69, 0x0, x60);
960
+ uint64_t x72;
961
+ fiat_p256_uint1 x73;
962
+ fiat_p256_addcarryx_u64(&x72, &x73, x71, 0x0, x66);
963
+ uint64_t x74;
964
+ uint64_t x75;
965
+ fiat_p256_mulx_u64(&x74, &x75, x68, UINT64_C(0xffffffff00000001));
966
+ uint64_t x76;
967
+ uint64_t x77;
968
+ fiat_p256_mulx_u64(&x76, &x77, x68, UINT32_C(0xffffffff));
969
+ uint64_t x78;
970
+ uint64_t x79;
971
+ fiat_p256_mulx_u64(&x78, &x79, x68, UINT64_C(0xffffffffffffffff));
972
+ uint64_t x80;
973
+ fiat_p256_uint1 x81;
974
+ fiat_p256_addcarryx_u64(&x80, &x81, 0x0, x76, x79);
975
+ uint64_t x82;
976
+ fiat_p256_uint1 x83;
977
+ fiat_p256_addcarryx_u64(&x82, &x83, 0x0, x78, x68);
978
+ uint64_t x84;
979
+ fiat_p256_uint1 x85;
980
+ fiat_p256_addcarryx_u64(&x84, &x85, x83, x80, x70);
981
+ uint64_t x86;
982
+ fiat_p256_uint1 x87;
983
+ fiat_p256_addcarryx_u64(&x86, &x87, x81, 0x0, x77);
984
+ uint64_t x88;
985
+ fiat_p256_uint1 x89;
986
+ fiat_p256_addcarryx_u64(&x88, &x89, x85, x86, x72);
987
+ uint64_t x90;
988
+ fiat_p256_uint1 x91;
989
+ fiat_p256_addcarryx_u64(&x90, &x91, x67, x47, 0x0);
990
+ uint64_t x92;
991
+ fiat_p256_uint1 x93;
992
+ fiat_p256_addcarryx_u64(&x92, &x93, x73, 0x0, x90);
993
+ uint64_t x94;
994
+ fiat_p256_uint1 x95;
995
+ fiat_p256_addcarryx_u64(&x94, &x95, x89, x74, x92);
996
+ uint64_t x96;
997
+ fiat_p256_uint1 x97;
998
+ fiat_p256_addcarryx_u64(&x96, &x97, x95, x75, 0x0);
999
+ uint64_t x98;
1000
+ fiat_p256_uint1 x99;
1001
+ fiat_p256_subborrowx_u64(&x98, &x99, 0x0, x84, UINT64_C(0xffffffffffffffff));
1002
+ uint64_t x100;
1003
+ fiat_p256_uint1 x101;
1004
+ fiat_p256_subborrowx_u64(&x100, &x101, x99, x88, UINT32_C(0xffffffff));
1005
+ uint64_t x102;
1006
+ fiat_p256_uint1 x103;
1007
+ fiat_p256_subborrowx_u64(&x102, &x103, x101, x94, 0x0);
1008
+ uint64_t x104;
1009
+ fiat_p256_uint1 x105;
1010
+ fiat_p256_subborrowx_u64(&x104, &x105, x103, x96, UINT64_C(0xffffffff00000001));
1011
+ uint64_t x106;
1012
+ fiat_p256_uint1 x107;
1013
+ fiat_p256_subborrowx_u64(&x106, &x107, x105, 0x0, 0x0);
1014
+ uint64_t x108;
1015
+ fiat_p256_cmovznz_u64(&x108, x107, x98, x84);
1016
+ uint64_t x109;
1017
+ fiat_p256_cmovznz_u64(&x109, x107, x100, x88);
1018
+ uint64_t x110;
1019
+ fiat_p256_cmovznz_u64(&x110, x107, x102, x94);
1020
+ uint64_t x111;
1021
+ fiat_p256_cmovznz_u64(&x111, x107, x104, x96);
1022
+ out1[0] = x108;
1023
+ out1[1] = x109;
1024
+ out1[2] = x110;
1025
+ out1[3] = x111;
1026
+ }
1027
+
1028
+ /*
1029
+ * Input Bounds:
1030
+ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
1031
+ * Output Bounds:
1032
+ * out1: [0x0 ~> 0xffffffffffffffff]
1033
+ */
1034
+ static void fiat_p256_nonzero(uint64_t* out1, const uint64_t arg1[4]) {
1035
+ uint64_t x1 = ((arg1[0]) | ((arg1[1]) | ((arg1[2]) | ((arg1[3]) | (uint64_t)0x0))));
1036
+ *out1 = x1;
1037
+ }
1038
+
1039
+ /*
1040
+ * Input Bounds:
1041
+ * arg1: [0x0 ~> 0x1]
1042
+ * arg2: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
1043
+ * arg3: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
1044
+ * Output Bounds:
1045
+ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
1046
+ */
1047
+ static void fiat_p256_selectznz(uint64_t out1[4], fiat_p256_uint1 arg1, const uint64_t arg2[4], const uint64_t arg3[4]) {
1048
+ uint64_t x1;
1049
+ fiat_p256_cmovznz_u64(&x1, arg1, (arg2[0]), (arg3[0]));
1050
+ uint64_t x2;
1051
+ fiat_p256_cmovznz_u64(&x2, arg1, (arg2[1]), (arg3[1]));
1052
+ uint64_t x3;
1053
+ fiat_p256_cmovznz_u64(&x3, arg1, (arg2[2]), (arg3[2]));
1054
+ uint64_t x4;
1055
+ fiat_p256_cmovznz_u64(&x4, arg1, (arg2[3]), (arg3[3]));
1056
+ out1[0] = x1;
1057
+ out1[1] = x2;
1058
+ out1[2] = x3;
1059
+ out1[3] = x4;
1060
+ }
1061
+
1062
+ /*
1063
+ * Input Bounds:
1064
+ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
1065
+ * Output Bounds:
1066
+ * out1: [[0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff]]
1067
+ */
1068
+ static void fiat_p256_to_bytes(uint8_t out1[32], const uint64_t arg1[4]) {
1069
+ uint64_t x1 = (arg1[3]);
1070
+ uint64_t x2 = (arg1[2]);
1071
+ uint64_t x3 = (arg1[1]);
1072
+ uint64_t x4 = (arg1[0]);
1073
+ uint64_t x5 = (x4 >> 8);
1074
+ uint8_t x6 = (uint8_t)(x4 & UINT8_C(0xff));
1075
+ uint64_t x7 = (x5 >> 8);
1076
+ uint8_t x8 = (uint8_t)(x5 & UINT8_C(0xff));
1077
+ uint64_t x9 = (x7 >> 8);
1078
+ uint8_t x10 = (uint8_t)(x7 & UINT8_C(0xff));
1079
+ uint64_t x11 = (x9 >> 8);
1080
+ uint8_t x12 = (uint8_t)(x9 & UINT8_C(0xff));
1081
+ uint64_t x13 = (x11 >> 8);
1082
+ uint8_t x14 = (uint8_t)(x11 & UINT8_C(0xff));
1083
+ uint64_t x15 = (x13 >> 8);
1084
+ uint8_t x16 = (uint8_t)(x13 & UINT8_C(0xff));
1085
+ uint8_t x17 = (uint8_t)(x15 >> 8);
1086
+ uint8_t x18 = (uint8_t)(x15 & UINT8_C(0xff));
1087
+ uint8_t x19 = (uint8_t)(x17 & UINT8_C(0xff));
1088
+ uint64_t x20 = (x3 >> 8);
1089
+ uint8_t x21 = (uint8_t)(x3 & UINT8_C(0xff));
1090
+ uint64_t x22 = (x20 >> 8);
1091
+ uint8_t x23 = (uint8_t)(x20 & UINT8_C(0xff));
1092
+ uint64_t x24 = (x22 >> 8);
1093
+ uint8_t x25 = (uint8_t)(x22 & UINT8_C(0xff));
1094
+ uint64_t x26 = (x24 >> 8);
1095
+ uint8_t x27 = (uint8_t)(x24 & UINT8_C(0xff));
1096
+ uint64_t x28 = (x26 >> 8);
1097
+ uint8_t x29 = (uint8_t)(x26 & UINT8_C(0xff));
1098
+ uint64_t x30 = (x28 >> 8);
1099
+ uint8_t x31 = (uint8_t)(x28 & UINT8_C(0xff));
1100
+ uint8_t x32 = (uint8_t)(x30 >> 8);
1101
+ uint8_t x33 = (uint8_t)(x30 & UINT8_C(0xff));
1102
+ uint8_t x34 = (uint8_t)(x32 & UINT8_C(0xff));
1103
+ uint64_t x35 = (x2 >> 8);
1104
+ uint8_t x36 = (uint8_t)(x2 & UINT8_C(0xff));
1105
+ uint64_t x37 = (x35 >> 8);
1106
+ uint8_t x38 = (uint8_t)(x35 & UINT8_C(0xff));
1107
+ uint64_t x39 = (x37 >> 8);
1108
+ uint8_t x40 = (uint8_t)(x37 & UINT8_C(0xff));
1109
+ uint64_t x41 = (x39 >> 8);
1110
+ uint8_t x42 = (uint8_t)(x39 & UINT8_C(0xff));
1111
+ uint64_t x43 = (x41 >> 8);
1112
+ uint8_t x44 = (uint8_t)(x41 & UINT8_C(0xff));
1113
+ uint64_t x45 = (x43 >> 8);
1114
+ uint8_t x46 = (uint8_t)(x43 & UINT8_C(0xff));
1115
+ uint8_t x47 = (uint8_t)(x45 >> 8);
1116
+ uint8_t x48 = (uint8_t)(x45 & UINT8_C(0xff));
1117
+ uint8_t x49 = (uint8_t)(x47 & UINT8_C(0xff));
1118
+ uint64_t x50 = (x1 >> 8);
1119
+ uint8_t x51 = (uint8_t)(x1 & UINT8_C(0xff));
1120
+ uint64_t x52 = (x50 >> 8);
1121
+ uint8_t x53 = (uint8_t)(x50 & UINT8_C(0xff));
1122
+ uint64_t x54 = (x52 >> 8);
1123
+ uint8_t x55 = (uint8_t)(x52 & UINT8_C(0xff));
1124
+ uint64_t x56 = (x54 >> 8);
1125
+ uint8_t x57 = (uint8_t)(x54 & UINT8_C(0xff));
1126
+ uint64_t x58 = (x56 >> 8);
1127
+ uint8_t x59 = (uint8_t)(x56 & UINT8_C(0xff));
1128
+ uint64_t x60 = (x58 >> 8);
1129
+ uint8_t x61 = (uint8_t)(x58 & UINT8_C(0xff));
1130
+ uint8_t x62 = (uint8_t)(x60 >> 8);
1131
+ uint8_t x63 = (uint8_t)(x60 & UINT8_C(0xff));
1132
+ out1[0] = x6;
1133
+ out1[1] = x8;
1134
+ out1[2] = x10;
1135
+ out1[3] = x12;
1136
+ out1[4] = x14;
1137
+ out1[5] = x16;
1138
+ out1[6] = x18;
1139
+ out1[7] = x19;
1140
+ out1[8] = x21;
1141
+ out1[9] = x23;
1142
+ out1[10] = x25;
1143
+ out1[11] = x27;
1144
+ out1[12] = x29;
1145
+ out1[13] = x31;
1146
+ out1[14] = x33;
1147
+ out1[15] = x34;
1148
+ out1[16] = x36;
1149
+ out1[17] = x38;
1150
+ out1[18] = x40;
1151
+ out1[19] = x42;
1152
+ out1[20] = x44;
1153
+ out1[21] = x46;
1154
+ out1[22] = x48;
1155
+ out1[23] = x49;
1156
+ out1[24] = x51;
1157
+ out1[25] = x53;
1158
+ out1[26] = x55;
1159
+ out1[27] = x57;
1160
+ out1[28] = x59;
1161
+ out1[29] = x61;
1162
+ out1[30] = x63;
1163
+ out1[31] = x62;
1164
+ }
1165
+
1166
+ /*
1167
+ * Input Bounds:
1168
+ * arg1: [[0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff]]
1169
+ * Output Bounds:
1170
+ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
1171
+ */
1172
+ static void fiat_p256_from_bytes(uint64_t out1[4], const uint8_t arg1[32]) {
1173
+ uint64_t x1 = ((uint64_t)(arg1[31]) << 56);
1174
+ uint64_t x2 = ((uint64_t)(arg1[30]) << 48);
1175
+ uint64_t x3 = ((uint64_t)(arg1[29]) << 40);
1176
+ uint64_t x4 = ((uint64_t)(arg1[28]) << 32);
1177
+ uint64_t x5 = ((uint64_t)(arg1[27]) << 24);
1178
+ uint64_t x6 = ((uint64_t)(arg1[26]) << 16);
1179
+ uint64_t x7 = ((uint64_t)(arg1[25]) << 8);
1180
+ uint8_t x8 = (arg1[24]);
1181
+ uint64_t x9 = ((uint64_t)(arg1[23]) << 56);
1182
+ uint64_t x10 = ((uint64_t)(arg1[22]) << 48);
1183
+ uint64_t x11 = ((uint64_t)(arg1[21]) << 40);
1184
+ uint64_t x12 = ((uint64_t)(arg1[20]) << 32);
1185
+ uint64_t x13 = ((uint64_t)(arg1[19]) << 24);
1186
+ uint64_t x14 = ((uint64_t)(arg1[18]) << 16);
1187
+ uint64_t x15 = ((uint64_t)(arg1[17]) << 8);
1188
+ uint8_t x16 = (arg1[16]);
1189
+ uint64_t x17 = ((uint64_t)(arg1[15]) << 56);
1190
+ uint64_t x18 = ((uint64_t)(arg1[14]) << 48);
1191
+ uint64_t x19 = ((uint64_t)(arg1[13]) << 40);
1192
+ uint64_t x20 = ((uint64_t)(arg1[12]) << 32);
1193
+ uint64_t x21 = ((uint64_t)(arg1[11]) << 24);
1194
+ uint64_t x22 = ((uint64_t)(arg1[10]) << 16);
1195
+ uint64_t x23 = ((uint64_t)(arg1[9]) << 8);
1196
+ uint8_t x24 = (arg1[8]);
1197
+ uint64_t x25 = ((uint64_t)(arg1[7]) << 56);
1198
+ uint64_t x26 = ((uint64_t)(arg1[6]) << 48);
1199
+ uint64_t x27 = ((uint64_t)(arg1[5]) << 40);
1200
+ uint64_t x28 = ((uint64_t)(arg1[4]) << 32);
1201
+ uint64_t x29 = ((uint64_t)(arg1[3]) << 24);
1202
+ uint64_t x30 = ((uint64_t)(arg1[2]) << 16);
1203
+ uint64_t x31 = ((uint64_t)(arg1[1]) << 8);
1204
+ uint8_t x32 = (arg1[0]);
1205
+ uint64_t x33 = (x32 + (x31 + (x30 + (x29 + (x28 + (x27 + (x26 + x25)))))));
1206
+ uint64_t x34 = (x33 & UINT64_C(0xffffffffffffffff));
1207
+ uint64_t x35 = (x8 + (x7 + (x6 + (x5 + (x4 + (x3 + (x2 + x1)))))));
1208
+ uint64_t x36 = (x16 + (x15 + (x14 + (x13 + (x12 + (x11 + (x10 + x9)))))));
1209
+ uint64_t x37 = (x24 + (x23 + (x22 + (x21 + (x20 + (x19 + (x18 + x17)))))));
1210
+ uint64_t x38 = (x37 & UINT64_C(0xffffffffffffffff));
1211
+ uint64_t x39 = (x36 & UINT64_C(0xffffffffffffffff));
1212
+ out1[0] = x34;
1213
+ out1[1] = x38;
1214
+ out1[2] = x39;
1215
+ out1[3] = x35;
1216
+ }
1217
+