| line |
true |
false |
branch |
|
82
|
0 |
0 |
FOR(i,8) u=(u<<8)|x[i]; |
|
89
|
4096 |
1024 |
FOR(i,4) { x[i] = u; u >>= 8; } |
|
95
|
0 |
0 |
for (i = 7;i >= 0;--i) { x[i] = u; u >>= 8; } |
|
101
|
160 |
10 |
FOR(i,n) d |= x[i]^y[i]; |
|
120
|
336 |
84 |
FOR(i,4) { |
|
127
|
1344 |
84 |
FOR(i,16) y[i] = x[i]; |
|
129
|
1680 |
84 |
FOR(i,20) { |
|
130
|
6720 |
1680 |
FOR(j,4) { |
|
131
|
26880 |
6720 |
FOR(m,4) t[m] = x[(5*j+4*m)%16]; |
|
136
|
26880 |
6720 |
FOR(m,4) w[4*j+(j+m)%4] = t[m]; |
|
138
|
26880 |
1680 |
FOR(m,16) x[m] = w[m]; |
|
141
|
40 |
44 |
if (h) { |
|
142
|
640 |
40 |
FOR(i,16) x[i] += y[i]; |
|
143
|
160 |
40 |
FOR(i,4) { |
|
147
|
160 |
40 |
FOR(i,4) { |
|
152
|
704 |
44 |
FOR(i,16) st32(out + 4 * i,x[i] + y[i]); |
|
173
|
0 |
30 |
if (!b) return 0; |
|
174
|
480 |
30 |
FOR(i,16) z[i] = 0; |
|
175
|
240 |
30 |
FOR(i,8) z[i] = n[i]; |
|
176
|
16 |
30 |
while (b >= 64) { |
|
178
|
1024 |
0 |
FOR(i,64) c[i] = (m?m[i]:0) ^ x[i]; |
|
|
1024 |
16 |
FOR(i,64) c[i] = (m?m[i]:0) ^ x[i]; |
|
180
|
128 |
16 |
for (i = 8;i < 16;++i) { |
|
187
|
16 |
0 |
if (m) m += 64; |
|
189
|
28 |
2 |
if (b) { |
|
191
|
642 |
320 |
FOR(i,b) c[i] = (m?m[i]:0) ^ x[i]; |
|
|
962 |
28 |
FOR(i,b) c[i] = (m?m[i]:0) ^ x[i]; |
|
218
|
1904 |
112 |
FOR(j,17) { |
|
233
|
340 |
20 |
FOR(j,17) r[j]=h[j]=0; |
|
234
|
320 |
20 |
FOR(j,16) r[j]=k[j]; |
|
243
|
72 |
20 |
while (n > 0) { |
|
244
|
1224 |
72 |
FOR(j,17) c[j] = 0; |
|
245
|
1036 |
62 |
for (j = 0;(j < 16) && (j < n);++j) c[j] = m[j]; |
|
|
1026 |
10 |
for (j = 0;(j < 16) && (j < n);++j) c[j] = m[j]; |
|
249
|
1224 |
72 |
FOR(i,17) { |
|
251
|
11016 |
9792 |
FOR(j,17) x[i] += h[j] * ((j <= i) ? r[i - j] : 320 * r[i + 17 - j]); |
|
|
20808 |
1224 |
FOR(j,17) x[i] += h[j] * ((j <= i) ? r[i - j] : 320 * r[i + 17 - j]); |
|
253
|
1224 |
72 |
FOR(i,17) h[i] = x[i]; |
|
255
|
1152 |
72 |
FOR(j,16) { |
|
262
|
1152 |
72 |
FOR(j,16) { |
|
270
|
340 |
20 |
FOR(j,17) g[j] = h[j]; |
|
273
|
340 |
20 |
FOR(j,17) h[j] ^= s & (g[j] ^ h[j]); |
|
275
|
320 |
20 |
FOR(j,16) c[j] = k[j + 16]; |
|
278
|
320 |
20 |
FOR(j,16) out[j] = h[j]; |
|
292
|
0 |
10 |
if (d < 32) return -1; |
|
295
|
160 |
10 |
FOR(i,16) c[i] = 0; |
|
303
|
0 |
10 |
if (d < 32) return -1; |
|
305
|
0 |
10 |
if (crypto_onetimeauth_verify(c + 16,c + 32,d - 32,x) != 0) return -1; |
|
307
|
320 |
10 |
FOR(i,32) m[i] = 0; |
|
314
|
0 |
0 |
FOR(i,16) r[i]=a[i]; |
|
321
|
1663824 |
103989 |
FOR(i,16) { |
|
332
|
277984 |
17374 |
FOR(i,16) { |
|
343
|
272 |
17 |
FOR(i,16) t[i]=n[i]; |
|
347
|
34 |
17 |
FOR(j,2) { |
|
349
|
476 |
34 |
for(i=1;i<15;i++) { |
|
358
|
272 |
17 |
FOR(i,16) { |
|
382
|
272 |
17 |
FOR(i,16) o[i]=n[2*i]+((i64)n[2*i+1]<<8); |
|
389
|
277440 |
17340 |
FOR(i,16) o[i]=a[i]+b[i]; |
|
395
|
277440 |
17340 |
FOR(i,16) o[i]=a[i]-b[i]; |
|
401
|
1611039 |
51969 |
FOR(i,31) t[i]=0; |
|
402
|
13304064 |
831504 |
FOR(i,16) FOR(j,16) t[i+j]+=a[i]*b[j]; |
|
|
831504 |
51969 |
FOR(i,16) FOR(j,16) t[i+j]+=a[i]*b[j]; |
|
403
|
779535 |
51969 |
FOR(i,15) t[i]+=38*t[i+16]; |
|
404
|
831504 |
51969 |
FOR(i,16) o[i]=t[i]; |
|
418
|
272 |
17 |
FOR(a,16) c[a]=i[a]; |
|
419
|
4318 |
17 |
for(a=253;a>=0;a--) { |
|
421
|
4301 |
17 |
if(a!=2&&a!=4) M(c,c,i); |
|
|
4284 |
17 |
if(a!=2&&a!=4) M(c,c,i); |
|
423
|
272 |
17 |
FOR(a,16) o[a]=c[a]; |
|
430
|
0 |
0 |
FOR(a,16) c[a]=i[a]; |
|
431
|
0 |
0 |
for(a=250;a>=0;a--) { |
|
433
|
0 |
0 |
if(a!=1) M(c,c,i); |
|
435
|
0 |
0 |
FOR(a,16) o[a]=c[a]; |
|
443
|
527 |
17 |
FOR(i,31) z[i]=n[i]; |
|
447
|
272 |
17 |
FOR(i,16) { |
|
452
|
4335 |
17 |
for(i=254;i>=0;--i) { |
|
477
|
272 |
17 |
FOR(i,16) { |
|
568
|
0 |
0 |
FOR(i,8) z[i] = a[i] = dl64(x + 8 * i); |
|
570
|
0 |
0 |
while (n >= 128) { |
|
571
|
0 |
0 |
FOR(i,16) w[i] = dl64(m + 8 * i); |
|
573
|
0 |
0 |
FOR(i,80) { |
|
574
|
0 |
0 |
FOR(j,8) b[j] = a[j]; |
|
578
|
0 |
0 |
FOR(j,8) a[(j+1)%8] = b[j]; |
|
579
|
0 |
0 |
if (i%16 == 15) |
|
580
|
0 |
0 |
FOR(j,16) |
|
584
|
0 |
0 |
FOR(i,8) { a[i] += z[i]; z[i] = a[i]; } |
|
590
|
0 |
0 |
FOR(i,8) ts64(x+8*i,z[i]); |
|
611
|
0 |
0 |
FOR(i,64) h[i] = iv[i]; |
|
618
|
0 |
0 |
FOR(i,256) x[i] = 0; |
|
619
|
0 |
0 |
FOR(i,n) x[i] = m[i]; |
|
622
|
0 |
0 |
n = 256-128*(n<112); |
|
627
|
0 |
0 |
FOR(i,64) out[i] = h[i]; |
|
660
|
0 |
0 |
FOR(i,4) |
|
681
|
0 |
0 |
for (i = 255;i >= 0;--i) { |
|
715
|
0 |
0 |
FOR(i,32) sk[32 + i] = pk[i]; |
|
724
|
0 |
0 |
for (i = 63;i >= 32;--i) { |
|
726
|
0 |
0 |
for (j = i - 32;j < i - 12;++j) { |
|
735
|
0 |
0 |
FOR(j,32) { |
|
740
|
0 |
0 |
FOR(j,32) x[j] -= carry * L[j]; |
|
741
|
0 |
0 |
FOR(i,32) { |
|
750
|
0 |
0 |
FOR(i,64) x[i] = (u64) r[i]; |
|
751
|
0 |
0 |
FOR(i,64) r[i] = 0; |
|
767
|
0 |
0 |
FOR(i,n) sm[64 + i] = m[i]; |
|
768
|
0 |
0 |
FOR(i,32) sm[32 + i] = d[32 + i]; |
|
775
|
0 |
0 |
FOR(i,32) sm[i+32] = sk[i+32]; |
|
779
|
0 |
0 |
FOR(i,64) x[i] = 0; |
|
780
|
0 |
0 |
FOR(i,32) x[i] = (u64) r[i]; |
|
781
|
0 |
0 |
FOR(i,32) FOR(j,32) x[i+j] += h[i] * (u64) d[j]; |
|
|
0 |
0 |
FOR(i,32) FOR(j,32) x[i+j] += h[i] * (u64) d[j]; |
|
811
|
0 |
0 |
if (neq25519(chk, num)) M(r[0],r[0],I); |
|
815
|
0 |
0 |
if (neq25519(chk, num)) return -1; |
|
817
|
0 |
0 |
if (par25519(r[0]) == (p[31]>>7)) Z(r[0],gf0,r[0]); |
|
830
|
0 |
0 |
if (n < 64) return -1; |
|
832
|
0 |
0 |
if (unpackneg(q,pk)) return -1; |
|
834
|
0 |
0 |
FOR(i,n) m[i] = sm[i]; |
|
835
|
0 |
0 |
FOR(i,32) m[i+32] = pk[i]; |
|
845
|
0 |
0 |
if (crypto_verify_32(sm, t)) { |
|
846
|
0 |
0 |
FOR(i,n) m[i] = 0; |
|
850
|
0 |
0 |
FOR(i,n) m[i] = sm[i + 64]; |
|
931
|
0 |
10 |
assert (fd != -1); |
|
933
|
10 |
10 |
while (xlen > 0) { |
|
934
|
10 |
0 |
if (xlen < 1048576) |
|
944
|
0 |
10 |
if (i < 1) { |
|
958
|
13 |
0 |
if (fd != -1 && close(fd) == 0) { |
|
|
13 |
0 |
if (fd != -1 && close(fd) == 0) { |
|
970
|
13 |
0 |
if (fd == -1) { |
|
977
|
13 |
0 |
if (fd != -1) |
|
983
|
0 |
13 |
assert (rc != -1); |