Provide an optimised bn_subw() for amd64.

bn_subw() will be used more widely in an upcoming change.

1 files changed, 22 insertions, 3 deletions

diff --git a/src/lib/libcrypto/bn/arch/amd64/bn_arch.h b/src/lib/libcrypto/bn/arch/amd64/bn_arch.h
index f3653bcc40..927cd75208 100644
--- a/src/lib/libcrypto/bn/arch/amd64/bn_arch.h
+++ b/src/lib/libcrypto/bn/arch/amd64/bn_arch.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: bn_arch.h,v 1.13 2023/02/16 11:13:05 jsing Exp $ */
+/*      $OpenBSD: bn_arch.h,v 1.14 2024/03/26 06:09:25 jsing Exp $ */
 /*
  * Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
  *
@@ -42,6 +42,7 @@
 #define HAVE_BN_WORD_CLZ
 
 #if defined(__GNUC__)
+
 #define HAVE_BN_DIV_REM_WORDS_INLINE
 
 static inline void
@@ -62,9 +63,7 @@ bn_div_rem_words_inline(BN_ULONG h, BN_ULONG l, BN_ULONG d, BN_ULONG *out_q,
         *out_q = q;
         *out_r = r;
 }
-#endif /* __GNUC__ */
 
-#if defined(__GNUC__)
 #define HAVE_BN_MULW
 
 static inline void
@@ -84,6 +83,26 @@ bn_mulw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0)
         *out_r1 = r1;
         *out_r0 = r0;
 }
+
+#define HAVE_BN_SUBW
+
+static inline void
+bn_subw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_borrow, BN_ULONG *out_r0)
+{
+        BN_ULONG borrow, r0;
+
+        __asm__ (
+            "subq   %3, %1 \n"
+            "setb   %b0 \n"
+            "and    $1, %0 \n"
+            : "=r"(borrow), "=r"(r0)
+            : "1"(a), "rm"(b)
+            : "cc");
+
+        *out_borrow = borrow;
+        *out_r0 = r0;
+}
+
 #endif /* __GNUC__ */
 
 #endif