_ZNK5Botan17Barrett_Reduction4cubeERKNS_6BigIntE: 66| 7| BigInt cube(const BigInt& x) const { return this->multiply(x, this->square(x)); } _ZN5Botan10ct_is_zeroITkNSt3__117unsigned_integralEhEET_S2_: 37| 2.03k|BOTAN_FORCE_INLINE constexpr T ct_is_zero(T x) { 38| 2.03k| return ct_expand_top_bit(~x & (x - 1)); 39| 2.03k|} _ZN5Botan17ct_expand_top_bitITkNSt3__117unsigned_integralEhEET_S2_: 28| 2.03k|BOTAN_FORCE_INLINE constexpr T ct_expand_top_bit(T a) { 29| 2.03k| const T top = CT::value_barrier(a >> (sizeof(T) * 8 - 1)); 30| 2.03k| return static_cast(0) - top; 31| 2.03k|} _ZN5Botan17ct_expand_top_bitITkNSt3__117unsigned_integralEmEET_S2_: 28| 1.16M|BOTAN_FORCE_INLINE constexpr T ct_expand_top_bit(T a) { 29| 1.16M| const T top = CT::value_barrier(a >> (sizeof(T) * 8 - 1)); 30| 1.16M| return static_cast(0) - top; 31| 1.16M|} _ZN5Botan10ct_is_zeroITkNSt3__117unsigned_integralEmEET_S2_: 37| 1.14M|BOTAN_FORCE_INLINE constexpr T ct_is_zero(T x) { 38| 1.14M| return ct_expand_top_bit(~x & (x - 1)); 39| 1.14M|} _ZN5Botan6chooseITkNSt3__117unsigned_integralEmEET_S2_S2_S2_: 216| 3.37M|BOTAN_FORCE_INLINE constexpr T choose(T mask, T a, T b) { 217| | //return (mask & a) | (~mask & b); 218| 3.37M| return (b ^ (mask & (a ^ b))); 219| 3.37M|} _ZN5Botan8high_bitITkNSt3__117unsigned_integralEjEEmT_: 73| 7|BOTAN_FORCE_INLINE constexpr size_t high_bit(T n) { 74| 7| size_t hb = 0; 75| | 76| 42| for(size_t s = 8 * sizeof(T) / 2; s > 0; s /= 2) { ------------------ | Branch (76:38): [True: 35, False: 7] ------------------ 77| | // Equivalent to: ((n >> s) == 0) ? 0 : s; 78| 35| const size_t z = s - ct_if_is_zero_ret(n >> s, s); 79| 35| hb += z; 80| 35| n >>= z; 81| 35| } 82| | 83| 7| hb += n; 84| | 85| 7| return hb; 86| 7|} _ZN5Botan17ct_if_is_zero_retITkNSt3__117unsigned_integralEjEEmT_m: 45| 35|BOTAN_FORCE_INLINE constexpr size_t ct_if_is_zero_ret(T x, size_t s) { 46| | /* 47| | Similar to `return ct_is_zero(x) & s` but has to account for possibility that 48| | sizeof(T) is smaller than sizeof(size_t) which would lead to incomplete masking 49| | */ 50| 35| const T a = ~x & (x - 1); 51| 35| const size_t a_top = static_cast(CT::value_barrier(a >> (sizeof(T) * 8 - 1))); 52| 35| const size_t mask = static_cast(0) - a_top; 53| 35| return mask & s; 54| 35|} _ZN5Botan17ct_if_is_zero_retITkNSt3__117unsigned_integralEmEEmT_m: 45| 336|BOTAN_FORCE_INLINE constexpr size_t ct_if_is_zero_ret(T x, size_t s) { 46| | /* 47| | Similar to `return ct_is_zero(x) & s` but has to account for possibility that 48| | sizeof(T) is smaller than sizeof(size_t) which would lead to incomplete masking 49| | */ 50| 336| const T a = ~x & (x - 1); 51| 336| const size_t a_top = static_cast(CT::value_barrier(a >> (sizeof(T) * 8 - 1))); 52| 336| const size_t mask = static_cast(0) - a_top; 53| 336| return mask & s; 54| 336|} _ZN5Botan8high_bitITkNSt3__117unsigned_integralEmEEmT_: 73| 56|BOTAN_FORCE_INLINE constexpr size_t high_bit(T n) { 74| 56| size_t hb = 0; 75| | 76| 392| for(size_t s = 8 * sizeof(T) / 2; s > 0; s /= 2) { ------------------ | Branch (76:38): [True: 336, False: 56] ------------------ 77| | // Equivalent to: ((n >> s) == 0) ? 0 : s; 78| 336| const size_t z = s - ct_if_is_zero_ret(n >> s, s); 79| 336| hb += z; 80| 336| n >>= z; 81| 336| } 82| | 83| 56| hb += n; 84| | 85| 56| return hb; 86| 56|} _ZN5Botan13reverse_bytesITkNSt3__117unsigned_integralEmQooooooeqstT_Li1EeqstS2_Li2EeqstS2_Li4EeqstS2_Li8EEES2_S2_: 27| 33.9k|inline constexpr T reverse_bytes(T x) { 28| | if constexpr(sizeof(T) == 1) { 29| | return x; 30| | } else if constexpr(sizeof(T) == 2) { 31| |#if BOTAN_COMPILER_HAS_BUILTIN(__builtin_bswap16) 32| | return static_cast(__builtin_bswap16(x)); 33| |#else 34| | return static_cast((x << 8) | (x >> 8)); 35| |#endif 36| | } else if constexpr(sizeof(T) == 4) { 37| |#if BOTAN_COMPILER_HAS_BUILTIN(__builtin_bswap32) 38| | return static_cast(__builtin_bswap32(x)); 39| |#else 40| | // MSVC at least recognizes this as a bswap 41| | return static_cast(((x & 0x000000FF) << 24) | ((x & 0x0000FF00) << 8) | ((x & 0x00FF0000) >> 8) | 42| | ((x & 0xFF000000) >> 24)); 43| |#endif 44| 33.9k| } else if constexpr(sizeof(T) == 8) { 45| 33.9k|#if BOTAN_COMPILER_HAS_BUILTIN(__builtin_bswap64) 46| 33.9k| return static_cast(__builtin_bswap64(x)); 47| |#else 48| | uint32_t hi = static_cast(x >> 32); 49| | uint32_t lo = static_cast(x); 50| | 51| | hi = reverse_bytes(hi); 52| | lo = reverse_bytes(lo); 53| | 54| | return (static_cast(lo) << 32) | hi; 55| |#endif 56| 33.9k| } 57| 33.9k|} _ZN5Botan13BufferStufferC2ENSt3__14spanIhLm18446744073709551615EEE: 26| 1.51k| constexpr explicit BufferStuffer(std::span buffer) : m_buffer(buffer) {} _ZN5Botan13BufferStuffer6appendEhm: 64| 1.51k| constexpr void append(uint8_t b, size_t repeat = 1) { 65| 1.51k| auto sink = next(repeat); 66| 1.51k| std::fill(sink.begin(), sink.end(), b); 67| 1.51k| } _ZN5Botan13BufferStuffer4nextEm: 32| 1.51k| constexpr std::span next(size_t bytes) { 33| 1.51k| BOTAN_STATE_CHECK(m_buffer.size() >= bytes); ------------------ | | 51| 1.51k| do { \ | | 52| 1.51k| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 53| 1.51k| if(!(expr)) { \ | | ------------------ | | | Branch (53:10): [True: 0, False: 1.51k] | | ------------------ | | 54| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 55| 0| Botan::throw_invalid_state(#expr, __func__, __FILE__); \ | | 56| 0| } \ | | 57| 1.51k| } while(0) | | ------------------ | | | Branch (57:12): [Folded, False: 1.51k] | | ------------------ ------------------ 34| | 35| 1.51k| auto result = m_buffer.first(bytes); 36| 1.51k| m_buffer = m_buffer.subspan(bytes); 37| 1.51k| return result; 38| 1.51k| } _ZN5Botan13BufferStuffer4nextILm32EEENSt3__14spanIhXT_EEEv: 41| 992| constexpr std::span next() { 42| 992| BOTAN_STATE_CHECK(m_buffer.size() >= bytes); ------------------ | | 51| 992| do { \ | | 52| 992| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 53| 992| if(!(expr)) { \ | | ------------------ | | | Branch (53:10): [True: 0, False: 992] | | ------------------ | | 54| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 55| 0| Botan::throw_invalid_state(#expr, __func__, __FILE__); \ | | 56| 0| } \ | | 57| 992| } while(0) | | ------------------ | | | Branch (57:12): [Folded, False: 992] | | ------------------ ------------------ 43| | 44| 992| auto result = m_buffer.first(); 45| 992| m_buffer = m_buffer.subspan(bytes); 46| 992| return result; 47| 992| } _ZN5Botan13BufferStuffer4nextILm48EEENSt3__14spanIhXT_EEEv: 41| 332| constexpr std::span next() { 42| 332| BOTAN_STATE_CHECK(m_buffer.size() >= bytes); ------------------ | | 51| 332| do { \ | | 52| 332| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 53| 332| if(!(expr)) { \ | | ------------------ | | | Branch (53:10): [True: 0, False: 332] | | ------------------ | | 54| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 55| 0| Botan::throw_invalid_state(#expr, __func__, __FILE__); \ | | 56| 0| } \ | | 57| 332| } while(0) | | ------------------ | | | Branch (57:12): [Folded, False: 332] | | ------------------ ------------------ 43| | 44| 332| auto result = m_buffer.first(); 45| 332| m_buffer = m_buffer.subspan(bytes); 46| 332| return result; 47| 332| } _ZN5Botan13BufferStuffer4nextILm64EEENSt3__14spanIhXT_EEEv: 41| 316| constexpr std::span next() { 42| 316| BOTAN_STATE_CHECK(m_buffer.size() >= bytes); ------------------ | | 51| 316| do { \ | | 52| 316| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 53| 316| if(!(expr)) { \ | | ------------------ | | | Branch (53:10): [True: 0, False: 316] | | ------------------ | | 54| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 55| 0| Botan::throw_invalid_state(#expr, __func__, __FILE__); \ | | 56| 0| } \ | | 57| 316| } while(0) | | ------------------ | | | Branch (57:12): [Folded, False: 316] | | ------------------ ------------------ 43| | 44| 316| auto result = m_buffer.first(); 45| 316| m_buffer = m_buffer.subspan(bytes); 46| 316| return result; 47| 316| } _ZN5Botan13BufferStuffer4nextILm24EEENSt3__14spanIhXT_EEEv: 41| 352| constexpr std::span next() { 42| 352| BOTAN_STATE_CHECK(m_buffer.size() >= bytes); ------------------ | | 51| 352| do { \ | | 52| 352| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 53| 352| if(!(expr)) { \ | | ------------------ | | | Branch (53:10): [True: 0, False: 352] | | ------------------ | | 54| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 55| 0| Botan::throw_invalid_state(#expr, __func__, __FILE__); \ | | 56| 0| } \ | | 57| 352| } while(0) | | ------------------ | | | Branch (57:12): [Folded, False: 352] | | ------------------ ------------------ 43| | 44| 352| auto result = m_buffer.first(); 45| 352| m_buffer = m_buffer.subspan(bytes); 46| 352| return result; 47| 352| } _ZN5Botan13BufferStuffer4nextILm28EEENSt3__14spanIhXT_EEEv: 41| 384| constexpr std::span next() { 42| 384| BOTAN_STATE_CHECK(m_buffer.size() >= bytes); ------------------ | | 51| 384| do { \ | | 52| 384| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 53| 384| if(!(expr)) { \ | | ------------------ | | | Branch (53:10): [True: 0, False: 384] | | ------------------ | | 54| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 55| 0| Botan::throw_invalid_state(#expr, __func__, __FILE__); \ | | 56| 0| } \ | | 57| 384| } while(0) | | ------------------ | | | Branch (57:12): [Folded, False: 384] | | ------------------ ------------------ 43| | 44| 384| auto result = m_buffer.first(); 45| 384| m_buffer = m_buffer.subspan(bytes); 46| 384| return result; 47| 384| } _ZN5Botan13BufferStuffer4nextILm66EEENSt3__14spanIhXT_EEEv: 41| 648| constexpr std::span next() { 42| 648| BOTAN_STATE_CHECK(m_buffer.size() >= bytes); ------------------ | | 51| 648| do { \ | | 52| 648| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 53| 648| if(!(expr)) { \ | | ------------------ | | | Branch (53:10): [True: 0, False: 648] | | ------------------ | | 54| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 55| 0| Botan::throw_invalid_state(#expr, __func__, __FILE__); \ | | 56| 0| } \ | | 57| 648| } while(0) | | ------------------ | | | Branch (57:12): [Folded, False: 648] | | ------------------ ------------------ 43| | 44| 648| auto result = m_buffer.first(); 45| 648| m_buffer = m_buffer.subspan(bytes); 46| 648| return result; 47| 648| } _ZN5Botan2CT4MaskIhE7is_zeroEh: 437| 2.03k| static constexpr Mask is_zero(T x) { return Mask(ct_is_zero(value_barrier(x))); } _ZN5Botan2CT4MaskIhEC2Eh: 637| 2.03k| constexpr explicit Mask(T m) : m_mask(m) {} _ZNK5Botan2CT4MaskIhE16unpoisoned_valueEv: 598| 2.03k| constexpr T unpoisoned_value() const { 599| 2.03k| T r = value(); 600| 2.03k| CT::unpoison(r); 601| 2.03k| return r; 602| 2.03k| } _ZNK5Botan2CT4MaskIhE5valueEv: 630| 2.03k| constexpr T value() const { return value_barrier(m_mask); } _ZN5Botan2CT8unpoisonITkNSt3__18integralEhEEvRKT_: 112| 2.03k|constexpr void unpoison(const T& p) { 113| 2.03k| unpoison(&p, 1); 114| 2.03k|} _ZN5Botan2CT8unpoisonIhEEvPKT_m: 67| 2.03k|constexpr inline void unpoison(const T* p, size_t n) { 68| |#if defined(BOTAN_HAS_VALGRIND) 69| | if(!std::is_constant_evaluated()) { 70| | VALGRIND_MAKE_MEM_DEFINED(p, n * sizeof(T)); 71| | } 72| |#endif 73| | 74| 2.03k| BOTAN_UNUSED(p, n); ------------------ | | 144| 2.03k|#define BOTAN_UNUSED Botan::ignore_params ------------------ 75| 2.03k|} _ZN5Botan2CT6Choice9from_maskEm: 303| 76.5k| constexpr static Choice from_mask(underlying_type v) { return Choice(v); } _ZN5Botan2CT6Choice2noEv: 307| 7| constexpr static Choice no() { return Choice(0); } _ZNK5Botan2CT6ChoicentEv: 309| 67.5k| constexpr Choice operator!() const { return Choice(~value()); } _ZNK5Botan2CT6ChoiceaaERKS1_: 311| 23.1k| constexpr Choice operator&&(const Choice& other) const { return Choice(value() & other.value()); } _ZNK5Botan2CT6ChoiceooERKS1_: 313| 14.2k| constexpr Choice operator||(const Choice& other) const { return Choice(value() | other.value()); } _ZNK5Botan2CT6ChoiceneERKS1_: 315| 1.51k| constexpr Choice operator!=(const Choice& other) const { return Choice(value() ^ other.value()); } _ZNK5Botan2CT6Choice7as_boolEv: 329| 12.3k| constexpr bool as_bool() const { return m_value != 0; } _ZNK5Botan2CT6Choice5valueEv: 332| 215k| constexpr underlying_type value() const { return value_barrier(m_value); } _ZN5Botan2CT6ChoiceC2Em: 341| 186k| constexpr explicit Choice(underlying_type v) : m_value(CT::value_barrier(v)) {} _ZN5Botan2CT4MaskImE7is_zeroEm: 437| 1.13M| static constexpr Mask is_zero(T x) { return Mask(ct_is_zero(value_barrier(x))); } _ZNK5Botan2CT4MaskImE5valueEv: 630| 1.69M| constexpr T value() const { return value_barrier(m_mask); } _ZNK5Botan2CT4MaskImEcoEv: 533| 525k| constexpr Mask operator~() const { return Mask(~value()); } _ZN5Botan2CT4MaskImE6expandEm: 392| 525k| static constexpr Mask expand(T v) { return ~Mask::is_zero(value_barrier(v)); } _ZN5Botan2CT6poisonImEEvPKT_m: 56| 56|constexpr inline void poison(const T* p, size_t n) { 57| |#if defined(BOTAN_HAS_VALGRIND) 58| | if(!std::is_constant_evaluated()) { 59| | VALGRIND_MAKE_MEM_UNDEFINED(p, n * sizeof(T)); 60| | } 61| |#endif 62| | 63| 56| BOTAN_UNUSED(p, n); ------------------ | | 144| 56|#define BOTAN_UNUSED Botan::ignore_params ------------------ 64| 56|} _ZN5Botan2CT8unpoisonImEEvPKT_m: 67| 81.2k|constexpr inline void unpoison(const T* p, size_t n) { 68| |#if defined(BOTAN_HAS_VALGRIND) 69| | if(!std::is_constant_evaluated()) { 70| | VALGRIND_MAKE_MEM_DEFINED(p, n * sizeof(T)); 71| | } 72| |#endif 73| | 74| 81.2k| BOTAN_UNUSED(p, n); ------------------ | | 144| 81.2k|#define BOTAN_UNUSED Botan::ignore_params ------------------ 75| 81.2k|} _ZN5Botan2CT8unpoisonITkNS_6ranges14spanable_rangeENSt3__16vectorImNS_16secure_allocatorImEEEEQaasr3stdE23is_trivially_copyable_vINS3_11conditionalIXsr21__is_primary_templateINS3_15iterator_traitsIu14__remove_cvrefIDTclL_ZNS3_6ranges5__cpo5beginEEclsr3stdE7declvalIRT_EEEEEEEEE5valueENS3_26indirectly_readable_traitsISF_EESG_E4type10value_typeEEnt19custom_unpoisonableISC_EEEvRKSC_: 128| 168|constexpr void unpoison(const R& r) { 129| 168| const std::span s{r}; 130| 168| unpoison(s.data(), s.size()); 131| 168|} _ZNK5Botan2CT4MaskImE6selectEmm: 548| 21.2k| constexpr T select(T x, T y) const { return choose(value(), x, y); } _ZN5Botan2CT9all_zerosImEENS0_4MaskIT_EEPKS3_m: 785| 48.5k|constexpr inline CT::Mask all_zeros(const T elem[], size_t len) { 786| 48.5k| T sum = 0; 787| 345k| for(size_t i = 0; i != len; ++i) { ------------------ | Branch (787:22): [True: 296k, False: 48.5k] ------------------ 788| 296k| sum |= elem[i]; 789| 296k| } 790| 48.5k| return CT::Mask::is_zero(sum); 791| 48.5k|} _ZN5Botan2CT4MaskImEC2Em: 637| 1.69M| constexpr explicit Mask(T m) : m_mask(m) {} _ZNK5Botan2CT4MaskImE7as_boolEv: 614| 3.24k| constexpr bool as_bool() const { return unpoisoned_value() != 0; } _ZNK5Botan2CT4MaskImE16unpoisoned_valueEv: 598| 79.7k| constexpr T unpoisoned_value() const { 599| 79.7k| T r = value(); 600| 79.7k| CT::unpoison(r); 601| 79.7k| return r; 602| 79.7k| } _ZN5Botan2CT8unpoisonITkNSt3__18integralEmEEvRKT_: 112| 80.5k|constexpr void unpoison(const T& p) { 113| 80.5k| unpoison(&p, 1); 114| 80.5k|} _ZN5Botan2CT4MaskImE8is_equalEmm: 442| 19.8k| static constexpr Mask is_equal(T x, T y) { 443| 19.8k| const T diff = value_barrier(x) ^ value_barrier(y); 444| 19.8k| return Mask::is_zero(diff); 445| 19.8k| } _ZNK5Botan2CT4MaskImE13if_set_returnEm: 538| 2.82k| constexpr T if_set_return(T x) const { return value() & x; } _ZN5Botan2CT4MaskImE5is_ltEmm: 450| 19.7k| static constexpr Mask is_lt(T x, T y) { 451| 19.7k| T u = x ^ ((x ^ y) | ((x - y) ^ x)); 452| 19.7k| return Mask::expand_top_bit(u); 453| 19.7k| } _ZN5Botan2CT4MaskImE14expand_top_bitEm: 415| 19.7k| static constexpr Mask expand_top_bit(T v) { return Mask(ct_expand_top_bit(v)); } _ZN5Botan2CT20conditional_copy_memImEENS0_4MaskIT_EES3_PS3_PKS3_S7_m: 738| 56|constexpr inline Mask conditional_copy_mem(T cnd, T* dest, const T* if_set, const T* if_unset, size_t elems) { 739| 56| const auto mask = CT::Mask::expand(cnd); 740| 56| return CT::conditional_copy_mem(mask, dest, if_set, if_unset, elems); 741| 56|} _ZN5Botan2CT20conditional_copy_memImEENS0_4MaskIT_EES4_PS3_PKS3_S7_m: 732| 56|constexpr inline Mask conditional_copy_mem(Mask mask, T* dest, const T* if_set, const T* if_unset, size_t elems) { 733| 56| mask.select_n(dest, if_set, if_unset, elems); 734| 56| return mask; 735| 56|} _ZNK5Botan2CT4MaskImE8select_nEPmPKmS5_m: 565| 453k| constexpr void select_n(T output[], const T x[], const T y[], size_t len) const { 566| 453k| const T mask = value(); 567| 3.32M| for(size_t i = 0; i != len; ++i) { ------------------ | Branch (567:28): [True: 2.86M, False: 453k] ------------------ 568| 2.86M| output[i] = choose(mask, x[i], y[i]); 569| 2.86M| } 570| 453k| } _ZNK5Botan2CT4MaskImE11select_maskES2_S2_: 559| 18.3k| Mask select_mask(Mask x, Mask y) const { return Mask(select(x.value(), y.value())); } _ZN5Botan2CT4MaskImEaNES2_: 494| 58| Mask& operator&=(Mask o) { 495| 58| m_mask &= o.value(); 496| 58| return (*this); 497| 58| } _ZNK5Botan2CT4MaskImE9as_choiceEv: 619| 76.5k| constexpr CT::Choice as_choice() const { 620| 76.5k| if constexpr(sizeof(T) >= sizeof(Choice::underlying_type)) { 621| 76.5k| return CT::Choice::from_mask(static_cast(unpoisoned_value())); 622| | } else { 623| | return CT::Choice::from_int(unpoisoned_value()); 624| | } 625| 76.5k| } _ZN5Botan2CT6Choice8from_intIjQaasr3stdE17unsigned_integralIT_Entsr3stdE7same_asIbS3_EEES1_S3_: 268| 63| constexpr static Choice from_int(T v) { 269| 63| if constexpr(sizeof(T) <= sizeof(underlying_type)) { 270| 63| return !Choice(ct_is_zero(v)); 271| | } else { 272| | // Mask of T that is either |0| or |1| 273| | const T v_is_0 = ct_is_zero(value_barrier(v)); 274| | 275| | // We want the mask to be set if v != 0 so we must check that 276| | // v_is_0 is itself zero. 277| | // 278| | // Also sizeof(T) may not equal sizeof(underlying_type) so we must 279| | // use ct_is_zero. It's ok to either truncate or 280| | // zero extend v_is_0 to 32 bits since we know it is |0| or |1| 281| | // so even just the low bit is sufficient. 282| | return Choice(ct_is_zero(static_cast(v_is_0))); 283| | } 284| 63| } _ZN5Botan2CT6poisonITkNS_6ranges14spanable_rangeENSt3__14spanIKmLm18446744073709551615EEEQaasr3stdE23is_trivially_copyable_vINS3_11conditionalIXsr21__is_primary_templateINS3_15iterator_traitsIu14__remove_cvrefIDTclL_ZNS3_6ranges5__cpo5beginEEclsr3stdE7declvalIRT_EEEEEEEEE5valueENS3_26indirectly_readable_traitsISE_EESF_E4type10value_typeEEnt17custom_poisonableISB_EEEvRKSB_: 121| 56|constexpr void poison(const R& r) { 122| 56| const std::span s{r}; 123| 56| poison(s.data(), s.size()); 124| 56|} _ZN5Botan2CT8unpoisonITkNS_6ranges14spanable_rangeENSt3__14spanIKmLm18446744073709551615EEEQaasr3stdE23is_trivially_copyable_vINS3_11conditionalIXsr21__is_primary_templateINS3_15iterator_traitsIu14__remove_cvrefIDTclL_ZNS3_6ranges5__cpo5beginEEclsr3stdE7declvalIRT_EEEEEEEEE5valueENS3_26indirectly_readable_traitsISE_EESF_E4type10value_typeEEnt19custom_unpoisonableISB_EEEvRKSB_: 128| 56|constexpr void unpoison(const R& r) { 129| 56| const std::span s{r}; 130| 56| unpoison(s.data(), s.size()); 131| 56|} _ZN5Botan2CT22conditional_assign_memImEENS0_4MaskIT_EES3_PS3_PKS3_m: 749| 453k|constexpr inline Mask conditional_assign_mem(T cnd, T* dest, const T* src, size_t elems) { 750| 453k| const auto mask = CT::Mask::expand(cnd); 751| 453k| mask.select_n(dest, src, dest, elems); 752| 453k| return mask; 753| 453k|} _ZNK5Botan2CT6Choice12into_bitmaskImQaasr3stdE17unsigned_integralIT_Entsr3stdE7same_asIbS3_EEES3_v: 291| 70.6k| constexpr T into_bitmask() const { 292| 70.6k| if constexpr(sizeof(T) <= sizeof(underlying_type)) { 293| | // The inner mask is already |0| or |1| so just truncate 294| 70.6k| return static_cast(value()); 295| | } else { 296| | return ~ct_is_zero(value()); 297| | } 298| 70.6k| } _ZN5Botan2CT8is_equalImEENS0_4MaskIT_EEPKS3_S6_m: 798| 29.4k|constexpr inline CT::Mask is_equal(const T x[], const T y[], size_t len) { 799| 29.4k| if(std::is_constant_evaluated()) { ------------------ | Branch (799:7): [Folded, False: 29.4k] ------------------ 800| 0| T difference = 0; 801| | 802| 0| for(size_t i = 0; i != len; ++i) { ------------------ | Branch (802:25): [True: 0, False: 0] ------------------ 803| 0| difference = difference | (x[i] ^ y[i]); 804| 0| } 805| | 806| 0| return CT::Mask::is_zero(difference); 807| 29.4k| } else { 808| 29.4k| volatile T difference = 0; 809| | 810| 151k| for(size_t i = 0; i != len; ++i) { ------------------ | Branch (810:25): [True: 121k, False: 29.4k] ------------------ 811| 121k| difference = difference | (x[i] ^ y[i]); 812| 121k| } 813| | 814| 29.4k| return CT::Mask::is_zero(difference); 815| 29.4k| } 816| 29.4k|} _ZN5Botan2CT4MaskIhE8is_equalEhh: 442| 2.03k| static constexpr Mask is_equal(T x, T y) { 443| 2.03k| const T diff = value_barrier(x) ^ value_barrier(y); 444| 2.03k| return Mask::is_zero(diff); 445| 2.03k| } _ZNK5Botan2CT4MaskIhE9as_choiceEv: 619| 2.03k| constexpr CT::Choice as_choice() const { 620| | if constexpr(sizeof(T) >= sizeof(Choice::underlying_type)) { 621| | return CT::Choice::from_mask(static_cast(unpoisoned_value())); 622| 2.03k| } else { 623| 2.03k| return CT::Choice::from_int(unpoisoned_value()); 624| 2.03k| } 625| 2.03k| } _ZN5Botan2CT6Choice8from_intIhQaasr3stdE17unsigned_integralIT_Entsr3stdE7same_asIbS3_EEES1_S3_: 268| 2.03k| constexpr static Choice from_int(T v) { 269| 2.03k| if constexpr(sizeof(T) <= sizeof(underlying_type)) { 270| 2.03k| return !Choice(ct_is_zero(v)); 271| | } else { 272| | // Mask of T that is either |0| or |1| 273| | const T v_is_0 = ct_is_zero(value_barrier(v)); 274| | 275| | // We want the mask to be set if v != 0 so we must check that 276| | // v_is_0 is itself zero. 277| | // 278| | // Also sizeof(T) may not equal sizeof(underlying_type) so we must 279| | // use ct_is_zero. It's ok to either truncate or 280| | // zero extend v_is_0 to 32 bits since we know it is |0| or |1| 281| | // so even just the low bit is sufficient. 282| | return Choice(ct_is_zero(static_cast(v_is_0))); 283| | } 284| 2.03k| } pcurves_brainpool256r1.cpp:_ZN5Botan2CT6OptionINS_6IntModINS_13MontgomeryRepINS_13EllipticCurveINS_6PCurve12_GLOBAL__N_114brainpool256r16ParamsES3_E11FieldParamsEEEEEEC2ESC_NS0_6ChoiceE: 653| 360| constexpr Option(T v, Choice valid) : m_has_value(valid), m_value(std::move(v)) {} pcurves_brainpool256r1.cpp:_ZNK5Botan2CT6OptionINS_6IntModINS_13MontgomeryRepINS_13EllipticCurveINS_6PCurve12_GLOBAL__N_114brainpool256r16ParamsES3_E11FieldParamsEEEEEE19as_optional_vartimeEv: 710| 360| constexpr std::optional as_optional_vartime() const { 711| 360| if(m_has_value.as_bool()) { ------------------ | Branch (711:13): [True: 214, False: 146] ------------------ 712| 214| return {m_value}; 713| 214| } else { 714| 146| return {}; 715| 146| } 716| 360| } _ZN5Botan2CT6Choice8from_intImQaasr3stdE17unsigned_integralIT_Entsr3stdE7same_asIbS3_EEES1_S3_: 268| 1.51k| constexpr static Choice from_int(T v) { 269| 1.51k| if constexpr(sizeof(T) <= sizeof(underlying_type)) { 270| 1.51k| return !Choice(ct_is_zero(v)); 271| | } else { 272| | // Mask of T that is either |0| or |1| 273| | const T v_is_0 = ct_is_zero(value_barrier(v)); 274| | 275| | // We want the mask to be set if v != 0 so we must check that 276| | // v_is_0 is itself zero. 277| | // 278| | // Also sizeof(T) may not equal sizeof(underlying_type) so we must 279| | // use ct_is_zero. It's ok to either truncate or 280| | // zero extend v_is_0 to 32 bits since we know it is |0| or |1| 281| | // so even just the low bit is sufficient. 282| | return Choice(ct_is_zero(static_cast(v_is_0))); 283| | } 284| 1.51k| } pcurves_brainpool512r1.cpp:_ZN5Botan2CT6OptionINS_6IntModINS_13MontgomeryRepINS_13EllipticCurveINS_6PCurve12_GLOBAL__N_114brainpool512r16ParamsES3_E11FieldParamsEEEEEEC2ESC_NS0_6ChoiceE: 653| 238| constexpr Option(T v, Choice valid) : m_has_value(valid), m_value(std::move(v)) {} pcurves_brainpool512r1.cpp:_ZNK5Botan2CT6OptionINS_6IntModINS_13MontgomeryRepINS_13EllipticCurveINS_6PCurve12_GLOBAL__N_114brainpool512r16ParamsES3_E11FieldParamsEEEEEE19as_optional_vartimeEv: 710| 238| constexpr std::optional as_optional_vartime() const { 711| 238| if(m_has_value.as_bool()) { ------------------ | Branch (711:13): [True: 158, False: 80] ------------------ 712| 158| return {m_value}; 713| 158| } else { 714| 80| return {}; 715| 80| } 716| 238| } pcurves_secp192r1.cpp:_ZN5Botan2CT6OptionINS_6IntModINS_6PCurve12_GLOBAL__N_19secp192r112Secp192r1RepINS_13EllipticCurveINS5_6ParamsES6_E11FieldParamsEEEEEEC2ESC_NS0_6ChoiceE: 653| 179| constexpr Option(T v, Choice valid) : m_has_value(valid), m_value(std::move(v)) {} pcurves_secp192r1.cpp:_ZNK5Botan2CT6OptionINS_6IntModINS_6PCurve12_GLOBAL__N_19secp192r112Secp192r1RepINS_13EllipticCurveINS5_6ParamsES6_E11FieldParamsEEEEEE19as_optional_vartimeEv: 710| 179| constexpr std::optional as_optional_vartime() const { 711| 179| if(m_has_value.as_bool()) { ------------------ | Branch (711:13): [True: 176, False: 3] ------------------ 712| 176| return {m_value}; 713| 176| } else { 714| 3| return {}; 715| 3| } 716| 179| } pcurves_secp224r1.cpp:_ZN5Botan2CT6OptionINS_6IntModINS_6PCurve12_GLOBAL__N_19secp224r112Secp224r1RepINS_13EllipticCurveINS5_6ParamsES6_E11FieldParamsEEEEEEC2ESC_NS0_6ChoiceE: 653| 283| constexpr Option(T v, Choice valid) : m_has_value(valid), m_value(std::move(v)) {} pcurves_secp224r1.cpp:_ZNK5Botan2CT6OptionINS_6IntModINS_6PCurve12_GLOBAL__N_19secp224r112Secp224r1RepINS_13EllipticCurveINS5_6ParamsES6_E11FieldParamsEEEEEE19as_optional_vartimeEv: 710| 283| constexpr std::optional as_optional_vartime() const { 711| 283| if(m_has_value.as_bool()) { ------------------ | Branch (711:13): [True: 192, False: 91] ------------------ 712| 192| return {m_value}; 713| 192| } else { 714| 91| return {}; 715| 91| } 716| 283| } pcurves_secp256r1.cpp:_ZN5Botan2CT6OptionINS_6IntModINS_6PCurve12_GLOBAL__N_112Secp256r1RepINS_13EllipticCurveINS4_9secp256r16ParamsES5_E11FieldParamsEEEEEEC2ESC_NS0_6ChoiceE: 653| 386| constexpr Option(T v, Choice valid) : m_has_value(valid), m_value(std::move(v)) {} pcurves_secp256r1.cpp:_ZNK5Botan2CT6OptionINS_6IntModINS_6PCurve12_GLOBAL__N_112Secp256r1RepINS_13EllipticCurveINS4_9secp256r16ParamsES5_E11FieldParamsEEEEEE19as_optional_vartimeEv: 710| 386| constexpr std::optional as_optional_vartime() const { 711| 386| if(m_has_value.as_bool()) { ------------------ | Branch (711:13): [True: 282, False: 104] ------------------ 712| 282| return {m_value}; 713| 282| } else { 714| 104| return {}; 715| 104| } 716| 386| } pcurves_secp384r1.cpp:_ZN5Botan2CT6OptionINS_6IntModINS_6PCurve12_GLOBAL__N_112Secp384r1RepINS_13EllipticCurveINS4_9secp384r16ParamsES5_E11FieldParamsEEEEEEC2ESC_NS0_6ChoiceE: 653| 168| constexpr Option(T v, Choice valid) : m_has_value(valid), m_value(std::move(v)) {} pcurves_secp384r1.cpp:_ZNK5Botan2CT6OptionINS_6IntModINS_6PCurve12_GLOBAL__N_112Secp384r1RepINS_13EllipticCurveINS4_9secp384r16ParamsES5_E11FieldParamsEEEEEE19as_optional_vartimeEv: 710| 168| constexpr std::optional as_optional_vartime() const { 711| 168| if(m_has_value.as_bool()) { ------------------ | Branch (711:13): [True: 166, False: 2] ------------------ 712| 166| return {m_value}; 713| 166| } else { 714| 2| return {}; 715| 2| } 716| 168| } pcurves_secp521r1.cpp:_ZN5Botan2CT6OptionINS_6IntModINS_6PCurve12_GLOBAL__N_19secp521r17P521RepINS_13EllipticCurveINS5_6ParamsES6_E11FieldParamsEEEEEEC2ESC_NS0_6ChoiceE: 653| 374| constexpr Option(T v, Choice valid) : m_has_value(valid), m_value(std::move(v)) {} pcurves_secp521r1.cpp:_ZNK5Botan2CT6OptionINS_6IntModINS_6PCurve12_GLOBAL__N_19secp521r17P521RepINS_13EllipticCurveINS5_6ParamsES6_E11FieldParamsEEEEEE19as_optional_vartimeEv: 710| 374| constexpr std::optional as_optional_vartime() const { 711| 374| if(m_has_value.as_bool()) { ------------------ | Branch (711:13): [True: 324, False: 50] ------------------ 712| 324| return {m_value}; 713| 324| } else { 714| 50| return {}; 715| 50| } 716| 374| } _ZNK5Botan13EC_Group_Data3oidEv: 165| 28| const OID& oid() const { return m_oid; } _ZNK5Botan13EC_Group_Data1pEv: 169| 14| const BigInt& p() const { return m_p; } _ZNK5Botan13EC_Group_Data5montyEv: 184| 35| const Montgomery_Params& monty() const { return m_monty; } _ZNK5Botan13EC_Group_Data7p_wordsEv: 201| 7| size_t p_words() const { return m_p_words; } _ZNK5Botan13EC_Group_Data6pcurveEv: 282| 3.03k| const PCurve::PrimeOrderCurve& pcurve() const { 283| 3.03k| BOTAN_ASSERT_NONNULL(m_pcurve); ------------------ | | 116| 3.03k| do { \ | | 117| 3.03k| if((ptr) == nullptr) { \ | | ------------------ | | | Branch (117:10): [True: 0, False: 3.03k] | | ------------------ | | 118| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 119| 0| Botan::assertion_failure(#ptr " is not null", "", __func__, __FILE__, __LINE__); \ | | 120| 0| } \ | | 121| 3.03k| } while(0) | | ------------------ | | | Branch (121:12): [Folded, False: 3.03k] | | ------------------ ------------------ 284| 3.03k| return *m_pcurve; 285| 3.03k| } _ZN5Botan19EC_AffinePoint_DataD2Ev: 73| 1.52k| virtual ~EC_AffinePoint_Data() = default; _ZN5Botan11checked_mulITkNSt3__117unsigned_integralEmEENS1_8optionalIT_EES3_S3_: 46| 2.21k|constexpr inline std::optional checked_mul(T a, T b) { 47| | // Multiplication by 1U is a hack to work around C's insane 48| | // integer promotion rules. 49| | // https://stackoverflow.com/questions/24795651 50| 2.21k| const T r = (1U * a) * b; 51| | // If a == 0 then the multiply certainly did not overflow 52| | // Otherwise r / a == b unless overflow occurred 53| 2.21k| if(a != 0 && r / a != b) { ------------------ | Branch (53:7): [True: 2.21k, False: 0] | Branch (53:17): [True: 0, False: 2.21k] ------------------ 54| 0| return {}; 55| 0| } 56| 2.21k| return r; 57| 2.21k|} _ZN5Botan11checked_addITkNSt3__117unsigned_integralEjEENS1_8optionalIT_EES3_S3_: 19| 7|constexpr inline std::optional checked_add(T a, T b) { 20| 7| const T r = a + b; 21| 7| if(r < a || r < b) { ------------------ | Branch (21:7): [True: 0, False: 7] | Branch (21:16): [True: 0, False: 7] ------------------ 22| 0| return {}; 23| 0| } 24| 7| return r; 25| 7|} _ZN5Botan13swar_in_rangeITkNSt3__117unsigned_integralEmEET_S2_S2_S2_: 114| 3.52k|constexpr T swar_in_range(T v, T lower, T upper) { 115| | // The constant 0x808080... as a T 116| 3.52k| constexpr T hi1 = (static_cast(-1) / 255) << 7; 117| | // The constant 0x7F7F7F... as a T 118| 3.52k| constexpr T lo7 = ~hi1; 119| | 120| 3.52k| const T sub = ((v | hi1) - (lower & lo7)) ^ ((v ^ (~lower)) & hi1); 121| 3.52k| const T a_lo = sub & lo7; 122| 3.52k| const T a_hi = sub & hi1; 123| 3.52k| return (lo7 - a_lo + upper) & hi1 & ~a_hi; 124| 3.52k|} _ZN5Botan23index_of_first_set_byteITkNSt3__117unsigned_integralEmEEmT_: 130| 3.52k|constexpr size_t index_of_first_set_byte(T v) { 131| | // The constant 0x010101... as a T 132| 3.52k| constexpr T lo1 = (static_cast(-1) / 255); 133| | // The constant 0x808080... as a T 134| 3.52k| constexpr T hi1 = lo1 << 7; 135| | // How many bits to shift in order to get the top byte 136| 3.52k| constexpr size_t bits = (sizeof(T) * 8) - 8; 137| | 138| 3.52k| return static_cast((((((v & hi1) - 1) & lo1) * lo1) >> bits) - 1); 139| 3.52k|} _ZN5Botan6detail9store_anyILNSt3__16endianE64206ETkNS0_20unsigned_integralishEmTkNS_6ranges23contiguous_output_rangeIhEENS2_4spanIhLm8EEEQnt15custom_storableINS0_19wrapped_type_helperIu14__remove_cvrefIT0_EE4typeEEEEvS9_OT1_: 525| 16.9k|inline constexpr void store_any(WrappedInT wrapped_in, OutR&& out_range) { 526| 16.9k| const auto in = detail::unwrap_strong_type_or_enum(wrapped_in); 527| 16.9k| using InT = decltype(in); 528| 16.9k| ranges::assert_exact_byte_length(out_range); 529| 16.9k| const std::span out{out_range}; 530| | 531| | // At compile time we cannot use `typecast_copy` as it uses `std::memcpy` 532| | // internally to copy ranges on a byte-by-byte basis, which is not allowed 533| | // in a `constexpr` context. 534| 16.9k| if(std::is_constant_evaluated()) /* TODO: C++23: if consteval {} */ { ------------------ | Branch (534:7): [Folded, False: 16.9k] ------------------ 535| 0| return fallback_store_any(in, std::forward(out_range)); 536| 16.9k| } else { 537| | if constexpr(sizeof(InT) == 1) { 538| | out[0] = static_cast(in); 539| | } else if constexpr(endianness == std::endian::native) { 540| | typecast_copy(out, in); 541| 16.9k| } else { 542| 16.9k| static_assert(opposite(endianness) == std::endian::native); 543| 16.9k| typecast_copy(out, reverse_bytes(in)); 544| 16.9k| } 545| 16.9k| } 546| 16.9k|} _ZN5Botan6detail26unwrap_strong_type_or_enumITkNS0_20unsigned_integralishEmEEDaT_: 190| 16.9k|constexpr auto unwrap_strong_type_or_enum(InT t) { 191| | if constexpr(std::is_enum_v) { 192| | // TODO: C++23: use std::to_underlying(in) instead 193| | return static_cast>(t); 194| 16.9k| } else { 195| 16.9k| return Botan::unwrap_strong_type(t); 196| 16.9k| } 197| 16.9k|} _ZN5Botan7load_beImJNSt3__14spanIKhLm8EEEEEEDaDpOT0_: 504| 216|inline constexpr auto load_be(ParamTs&&... params) { 505| 216| return detail::load_any(std::forward(params)...); 506| 216|} _ZN5Botan6detail8load_anyILNSt3__16endianE64206ETkNS0_20unsigned_integralishEmTkNS_6ranges16contiguous_rangeIhEENS2_4spanIKhLm8EEEQnt15custom_loadableINS0_19wrapped_type_helperIu14__remove_cvrefIT0_EE4typeEEEESA_OT1_: 278| 17.0k|inline constexpr WrappedOutT load_any(InR&& in_range) { 279| 17.0k| using OutT = detail::wrapped_type; 280| 17.0k| ranges::assert_exact_byte_length(in_range); 281| | 282| 17.0k| return detail::wrap_strong_type_or_enum([&]() -> OutT { 283| | // At compile time we cannot use `typecast_copy` as it uses `std::memcpy` 284| | // internally to copy ranges on a byte-by-byte basis, which is not allowed 285| | // in a `constexpr` context. 286| 17.0k| if(std::is_constant_evaluated()) /* TODO: C++23: if consteval {} */ { 287| 17.0k| return fallback_load_any(std::forward(in_range)); 288| 17.0k| } else { 289| 17.0k| const std::span in{in_range}; 290| 17.0k| if constexpr(sizeof(OutT) == 1) { 291| 17.0k| return static_cast(in[0]); 292| 17.0k| } else if constexpr(endianness == std::endian::native) { 293| 17.0k| return typecast_copy(in); 294| 17.0k| } else { 295| 17.0k| static_assert(opposite(endianness) == std::endian::native); 296| 17.0k| return reverse_bytes(typecast_copy(in)); 297| 17.0k| } 298| 17.0k| } 299| 17.0k| }()); 300| 17.0k|} _ZN5Botan6detail24wrap_strong_type_or_enumITkNS0_20unsigned_integralishEmTkNSt3__117unsigned_integralEmEEDaT0_: 200| 17.0k|constexpr auto wrap_strong_type_or_enum(T t) { 201| | if constexpr(std::is_enum_v) { 202| | return static_cast(t); 203| 17.0k| } else { 204| 17.0k| return Botan::wrap_strong_type(t); 205| 17.0k| } 206| 17.0k|} _ZZN5Botan6detail8load_anyILNSt3__16endianE64206ETkNS0_20unsigned_integralishEmTkNS_6ranges16contiguous_rangeIhEENS2_4spanIKhLm8EEEQnt15custom_loadableINS0_19wrapped_type_helperIu14__remove_cvrefIT0_EE4typeEEEESA_OT1_ENKUlvE_clEv: 282| 17.0k| return detail::wrap_strong_type_or_enum([&]() -> OutT { 283| | // At compile time we cannot use `typecast_copy` as it uses `std::memcpy` 284| | // internally to copy ranges on a byte-by-byte basis, which is not allowed 285| | // in a `constexpr` context. 286| 17.0k| if(std::is_constant_evaluated()) /* TODO: C++23: if consteval {} */ { ------------------ | Branch (286:10): [Folded, False: 17.0k] ------------------ 287| 0| return fallback_load_any(std::forward(in_range)); 288| 17.0k| } else { 289| 17.0k| const std::span in{in_range}; 290| | if constexpr(sizeof(OutT) == 1) { 291| | return static_cast(in[0]); 292| | } else if constexpr(endianness == std::endian::native) { 293| | return typecast_copy(in); 294| 17.0k| } else { 295| 17.0k| static_assert(opposite(endianness) == std::endian::native); 296| 17.0k| return reverse_bytes(typecast_copy(in)); 297| 17.0k| } 298| 17.0k| } 299| 17.0k| }()); _ZN5Botan7load_beImJRNSt3__15arrayIhLm8EEEEEEDaDpOT0_: 504| 12|inline constexpr auto load_be(ParamTs&&... params) { 505| 12| return detail::load_any(std::forward(params)...); 506| 12|} _ZN5Botan6detail8load_anyILNSt3__16endianE64206ETkNS0_20unsigned_integralishEmTkNS_6ranges16contiguous_rangeIhEERNS2_5arrayIhLm8EEEQnt15custom_loadableINS0_19wrapped_type_helperIu14__remove_cvrefIT0_EE4typeEEEESA_OT1_: 278| 12|inline constexpr WrappedOutT load_any(InR&& in_range) { 279| 12| using OutT = detail::wrapped_type; 280| 12| ranges::assert_exact_byte_length(in_range); 281| | 282| 12| return detail::wrap_strong_type_or_enum([&]() -> OutT { 283| | // At compile time we cannot use `typecast_copy` as it uses `std::memcpy` 284| | // internally to copy ranges on a byte-by-byte basis, which is not allowed 285| | // in a `constexpr` context. 286| 12| if(std::is_constant_evaluated()) /* TODO: C++23: if consteval {} */ { 287| 12| return fallback_load_any(std::forward(in_range)); 288| 12| } else { 289| 12| const std::span in{in_range}; 290| 12| if constexpr(sizeof(OutT) == 1) { 291| 12| return static_cast(in[0]); 292| 12| } else if constexpr(endianness == std::endian::native) { 293| 12| return typecast_copy(in); 294| 12| } else { 295| 12| static_assert(opposite(endianness) == std::endian::native); 296| 12| return reverse_bytes(typecast_copy(in)); 297| 12| } 298| 12| } 299| 12| }()); 300| 12|} _ZZN5Botan6detail8load_anyILNSt3__16endianE64206ETkNS0_20unsigned_integralishEmTkNS_6ranges16contiguous_rangeIhEERNS2_5arrayIhLm8EEEQnt15custom_loadableINS0_19wrapped_type_helperIu14__remove_cvrefIT0_EE4typeEEEESA_OT1_ENKUlvE_clEv: 282| 12| return detail::wrap_strong_type_or_enum([&]() -> OutT { 283| | // At compile time we cannot use `typecast_copy` as it uses `std::memcpy` 284| | // internally to copy ranges on a byte-by-byte basis, which is not allowed 285| | // in a `constexpr` context. 286| 12| if(std::is_constant_evaluated()) /* TODO: C++23: if consteval {} */ { ------------------ | Branch (286:10): [Folded, False: 12] ------------------ 287| 0| return fallback_load_any(std::forward(in_range)); 288| 12| } else { 289| 12| const std::span in{in_range}; 290| | if constexpr(sizeof(OutT) == 1) { 291| | return static_cast(in[0]); 292| | } else if constexpr(endianness == std::endian::native) { 293| | return typecast_copy(in); 294| 12| } else { 295| 12| static_assert(opposite(endianness) == std::endian::native); 296| 12| return reverse_bytes(typecast_copy(in)); 297| 12| } 298| 12| } 299| 12| }()); _ZN5Botan6detail9store_anyILNSt3__16endianE64206EmTkNS_6ranges23contiguous_output_rangeIhEENS2_4spanIhLm8EEETpTkNS0_20unsigned_integralishEJmEQaagtsZT2_Li0Eooaasr3stdE7same_asINS0_10AutoDetectET0_E10all_same_vIDpT2_Eaa20unsigned_integralishIS9_E10all_same_vIS9_SB_EEEvOT1_SB_: 582| 16.9k|inline constexpr void store_any(OutR&& out /* NOLINT(*-std-forward) */, Ts... ins) { 583| 16.9k| ranges::assert_exact_byte_length<(sizeof(Ts) + ...)>(out); 584| 16.9k| auto store_one = [off = 0](auto o, T i) mutable { 585| 16.9k| store_any(i, o.subspan(off).template first()); 586| 16.9k| off += sizeof(T); 587| 16.9k| }; 588| | 589| 16.9k| (store_one(std::span{out}, ins), ...); 590| 16.9k|} _ZZN5Botan6detail9store_anyILNSt3__16endianE64206EmTkNS_6ranges23contiguous_output_rangeIhEENS2_4spanIhLm8EEETpTkNS0_20unsigned_integralishEJmEQaagtsZT2_Li0Eooaasr3stdE7same_asINS0_10AutoDetectET0_E10all_same_vIDpT2_Eaa20unsigned_integralishIS9_E10all_same_vIS9_SB_EEEvOT1_SB_ENUlTyS9_T_E_clImS7_EEDaS9_SE_: 584| 16.9k| auto store_one = [off = 0](auto o, T i) mutable { 585| 16.9k| store_any(i, o.subspan(off).template first()); 586| 16.9k| off += sizeof(T); 587| 16.9k| }; _ZN5Botan8store_beINS_6detail10AutoDetectEJRNSt3__14spanIhLm32EEERNS3_5arrayImLm4EEEEEEDaDpOT0_: 745| 992|inline constexpr auto store_be(ParamTs&&... params) { 746| 992| return detail::store_any(std::forward(params)...); 747| 992|} _ZN5Botan6detail9store_anyILNSt3__16endianE64206ENS0_10AutoDetectETkNS_6ranges23contiguous_output_rangeIhEERNS2_4spanIhLm32EEETkNS5_14spanable_rangeENS2_5arrayImLm4EEEQoosr3stdE7same_asIS4_T0_Esr3stdE7same_asISC_NS2_11conditionalIXsr21__is_primary_templateINS2_15iterator_traitsIu14__remove_cvrefIDTclL_ZNS2_6ranges5__cpo5beginEEclsr3stdE7declvalIRT2_EEEEEEEEE5valueENS2_26indirectly_readable_traitsISK_EESL_E4type10value_typeEEEEvOT1_RKSH_: 603| 992|inline constexpr void store_any(OutR&& out /* NOLINT(*-std-forward) */, const InR& in) { 604| 992| ranges::assert_equal_byte_lengths(out, in); 605| 992| using element_type = std::ranges::range_value_t; 606| | 607| 992| auto store_elementwise = [&] { 608| 992| constexpr size_t bytes_per_element = sizeof(element_type); 609| 992| std::span out_s(out); 610| 992| for(auto in_elem : in) { 611| 992| store_any(out_s.template first(), in_elem); 612| 992| out_s = out_s.subspan(bytes_per_element); 613| 992| } 614| 992| }; 615| | 616| | // At compile time we cannot use `typecast_copy` as it uses `std::memcpy` 617| | // internally to copy ranges on a byte-by-byte basis, which is not allowed 618| | // in a `constexpr` context. 619| 992| if(std::is_constant_evaluated()) /* TODO: C++23: if consteval {} */ { ------------------ | Branch (619:7): [Folded, False: 992] ------------------ 620| 0| store_elementwise(); 621| 992| } else { 622| | if constexpr(endianness == std::endian::native && !custom_storable) { 623| | typecast_copy(out, in); 624| 992| } else { 625| 992| store_elementwise(); 626| 992| } 627| 992| } 628| 992|} _ZZN5Botan6detail9store_anyILNSt3__16endianE64206ENS0_10AutoDetectETkNS_6ranges23contiguous_output_rangeIhEERNS2_4spanIhLm32EEETkNS5_14spanable_rangeENS2_5arrayImLm4EEEQoosr3stdE7same_asIS4_T0_Esr3stdE7same_asISC_NS2_11conditionalIXsr21__is_primary_templateINS2_15iterator_traitsIu14__remove_cvrefIDTclL_ZNS2_6ranges5__cpo5beginEEclsr3stdE7declvalIRT2_EEEEEEEEE5valueENS2_26indirectly_readable_traitsISK_EESL_E4type10value_typeEEEEvOT1_RKSH_ENKUlvE_clEv: 607| 992| auto store_elementwise = [&] { 608| 992| constexpr size_t bytes_per_element = sizeof(element_type); 609| 992| std::span out_s(out); 610| 3.96k| for(auto in_elem : in) { ------------------ | Branch (610:24): [True: 3.96k, False: 992] ------------------ 611| 3.96k| store_any(out_s.template first(), in_elem); 612| 3.96k| out_s = out_s.subspan(bytes_per_element); 613| 3.96k| } 614| 992| }; _ZN5Botan7load_beImJPKhmEEEDaDpOT0_: 504| 16.8k|inline constexpr auto load_be(ParamTs&&... params) { 505| 16.8k| return detail::load_any(std::forward(params)...); 506| 16.8k|} _ZN5Botan6detail8load_anyILNSt3__16endianE64206ETkNS0_20unsigned_integralishEmEET0_PKhm: 454| 16.8k|inline constexpr OutT load_any(const uint8_t in[], size_t off) { 455| | // asserts that *in points to enough bytes to read at offset off 456| 16.8k| constexpr size_t out_size = sizeof(OutT); 457| 16.8k| return load_any(std::span(in + off * out_size, out_size)); 458| 16.8k|} _ZN5Botan8store_beINS_6detail10AutoDetectEJRNSt3__14spanIhLm48EEERNS3_5arrayImLm6EEEEEEDaDpOT0_: 745| 332|inline constexpr auto store_be(ParamTs&&... params) { 746| 332| return detail::store_any(std::forward(params)...); 747| 332|} _ZN5Botan6detail9store_anyILNSt3__16endianE64206ENS0_10AutoDetectETkNS_6ranges23contiguous_output_rangeIhEERNS2_4spanIhLm48EEETkNS5_14spanable_rangeENS2_5arrayImLm6EEEQoosr3stdE7same_asIS4_T0_Esr3stdE7same_asISC_NS2_11conditionalIXsr21__is_primary_templateINS2_15iterator_traitsIu14__remove_cvrefIDTclL_ZNS2_6ranges5__cpo5beginEEclsr3stdE7declvalIRT2_EEEEEEEEE5valueENS2_26indirectly_readable_traitsISK_EESL_E4type10value_typeEEEEvOT1_RKSH_: 603| 332|inline constexpr void store_any(OutR&& out /* NOLINT(*-std-forward) */, const InR& in) { 604| 332| ranges::assert_equal_byte_lengths(out, in); 605| 332| using element_type = std::ranges::range_value_t; 606| | 607| 332| auto store_elementwise = [&] { 608| 332| constexpr size_t bytes_per_element = sizeof(element_type); 609| 332| std::span out_s(out); 610| 332| for(auto in_elem : in) { 611| 332| store_any(out_s.template first(), in_elem); 612| 332| out_s = out_s.subspan(bytes_per_element); 613| 332| } 614| 332| }; 615| | 616| | // At compile time we cannot use `typecast_copy` as it uses `std::memcpy` 617| | // internally to copy ranges on a byte-by-byte basis, which is not allowed 618| | // in a `constexpr` context. 619| 332| if(std::is_constant_evaluated()) /* TODO: C++23: if consteval {} */ { ------------------ | Branch (619:7): [Folded, False: 332] ------------------ 620| 0| store_elementwise(); 621| 332| } else { 622| | if constexpr(endianness == std::endian::native && !custom_storable) { 623| | typecast_copy(out, in); 624| 332| } else { 625| 332| store_elementwise(); 626| 332| } 627| 332| } 628| 332|} _ZZN5Botan6detail9store_anyILNSt3__16endianE64206ENS0_10AutoDetectETkNS_6ranges23contiguous_output_rangeIhEERNS2_4spanIhLm48EEETkNS5_14spanable_rangeENS2_5arrayImLm6EEEQoosr3stdE7same_asIS4_T0_Esr3stdE7same_asISC_NS2_11conditionalIXsr21__is_primary_templateINS2_15iterator_traitsIu14__remove_cvrefIDTclL_ZNS2_6ranges5__cpo5beginEEclsr3stdE7declvalIRT2_EEEEEEEEE5valueENS2_26indirectly_readable_traitsISK_EESL_E4type10value_typeEEEEvOT1_RKSH_ENKUlvE_clEv: 607| 332| auto store_elementwise = [&] { 608| 332| constexpr size_t bytes_per_element = sizeof(element_type); 609| 332| std::span out_s(out); 610| 1.99k| for(auto in_elem : in) { ------------------ | Branch (610:24): [True: 1.99k, False: 332] ------------------ 611| 1.99k| store_any(out_s.template first(), in_elem); 612| 1.99k| out_s = out_s.subspan(bytes_per_element); 613| 1.99k| } 614| 332| }; _ZN5Botan8store_beINS_6detail10AutoDetectEJRNSt3__14spanIhLm64EEERNS3_5arrayImLm8EEEEEEDaDpOT0_: 745| 316|inline constexpr auto store_be(ParamTs&&... params) { 746| 316| return detail::store_any(std::forward(params)...); 747| 316|} _ZN5Botan6detail9store_anyILNSt3__16endianE64206ENS0_10AutoDetectETkNS_6ranges23contiguous_output_rangeIhEERNS2_4spanIhLm64EEETkNS5_14spanable_rangeENS2_5arrayImLm8EEEQoosr3stdE7same_asIS4_T0_Esr3stdE7same_asISC_NS2_11conditionalIXsr21__is_primary_templateINS2_15iterator_traitsIu14__remove_cvrefIDTclL_ZNS2_6ranges5__cpo5beginEEclsr3stdE7declvalIRT2_EEEEEEEEE5valueENS2_26indirectly_readable_traitsISK_EESL_E4type10value_typeEEEEvOT1_RKSH_: 603| 316|inline constexpr void store_any(OutR&& out /* NOLINT(*-std-forward) */, const InR& in) { 604| 316| ranges::assert_equal_byte_lengths(out, in); 605| 316| using element_type = std::ranges::range_value_t; 606| | 607| 316| auto store_elementwise = [&] { 608| 316| constexpr size_t bytes_per_element = sizeof(element_type); 609| 316| std::span out_s(out); 610| 316| for(auto in_elem : in) { 611| 316| store_any(out_s.template first(), in_elem); 612| 316| out_s = out_s.subspan(bytes_per_element); 613| 316| } 614| 316| }; 615| | 616| | // At compile time we cannot use `typecast_copy` as it uses `std::memcpy` 617| | // internally to copy ranges on a byte-by-byte basis, which is not allowed 618| | // in a `constexpr` context. 619| 316| if(std::is_constant_evaluated()) /* TODO: C++23: if consteval {} */ { ------------------ | Branch (619:7): [Folded, False: 316] ------------------ 620| 0| store_elementwise(); 621| 316| } else { 622| | if constexpr(endianness == std::endian::native && !custom_storable) { 623| | typecast_copy(out, in); 624| 316| } else { 625| 316| store_elementwise(); 626| 316| } 627| 316| } 628| 316|} _ZZN5Botan6detail9store_anyILNSt3__16endianE64206ENS0_10AutoDetectETkNS_6ranges23contiguous_output_rangeIhEERNS2_4spanIhLm64EEETkNS5_14spanable_rangeENS2_5arrayImLm8EEEQoosr3stdE7same_asIS4_T0_Esr3stdE7same_asISC_NS2_11conditionalIXsr21__is_primary_templateINS2_15iterator_traitsIu14__remove_cvrefIDTclL_ZNS2_6ranges5__cpo5beginEEclsr3stdE7declvalIRT2_EEEEEEEEE5valueENS2_26indirectly_readable_traitsISK_EESL_E4type10value_typeEEEEvOT1_RKSH_ENKUlvE_clEv: 607| 316| auto store_elementwise = [&] { 608| 316| constexpr size_t bytes_per_element = sizeof(element_type); 609| 316| std::span out_s(out); 610| 2.52k| for(auto in_elem : in) { ------------------ | Branch (610:24): [True: 2.52k, False: 316] ------------------ 611| 2.52k| store_any(out_s.template first(), in_elem); 612| 2.52k| out_s = out_s.subspan(bytes_per_element); 613| 2.52k| } 614| 316| }; _ZN5Botan8store_beINS_6detail10AutoDetectEJRNSt3__15arrayImLm9EEEEEEDaDpOT0_: 745| 648|inline constexpr auto store_be(ParamTs&&... params) { 746| 648| return detail::store_any(std::forward(params)...); 747| 648|} _ZN5Botan6detail9store_anyILNSt3__16endianE64206ENS0_10AutoDetectETkNS_6ranges14spanable_rangeERNS2_5arrayImLm9EEEQoooosr3stdE7same_asIS4_T0_Eaasr6rangesE25statically_spanable_rangeIS9_Esr3stdE21default_initializableIS9_Esr8conceptsE21resizable_byte_bufferIS9_EEEDaOT1_: 663| 648|inline constexpr auto store_any(InR&& in_range) { 664| 648| auto out = []([[maybe_unused]] const auto& in) { 665| 648| if constexpr(std::same_as) { 666| 648| if constexpr(ranges::statically_spanable_range) { 667| 648| constexpr size_t bytes = decltype(std::span{in})::extent * sizeof(std::ranges::range_value_t); 668| 648| return std::array(); 669| 648| } else { 670| 648| static_assert( 671| 648| !std::same_as, 672| 648| "cannot infer a suitable result container type from the given parameters at compile time, please specify it explicitly"); 673| 648| } 674| 648| } else if constexpr(concepts::resizable_byte_buffer) { 675| 648| return OutR(std::span{in}.size_bytes()); 676| 648| } else { 677| 648| return OutR{}; 678| 648| } 679| 648| }(in_range); 680| | 681| 648| store_any>(out, std::forward(in_range)); 682| 648| return out; 683| 648|} _ZZN5Botan6detail9store_anyILNSt3__16endianE64206ENS0_10AutoDetectETkNS_6ranges14spanable_rangeERNS2_5arrayImLm9EEEQoooosr3stdE7same_asIS4_T0_Eaasr6rangesE25statically_spanable_rangeIS9_Esr3stdE21default_initializableIS9_Esr8conceptsE21resizable_byte_bufferIS9_EEEDaOT1_ENKUlRKT_E_clIS7_EEDaSE_: 664| 648| auto out = []([[maybe_unused]] const auto& in) { 665| 648| if constexpr(std::same_as) { 666| 648| if constexpr(ranges::statically_spanable_range) { 667| 648| constexpr size_t bytes = decltype(std::span{in})::extent * sizeof(std::ranges::range_value_t); 668| 648| return std::array(); 669| | } else { 670| | static_assert( 671| | !std::same_as, 672| | "cannot infer a suitable result container type from the given parameters at compile time, please specify it explicitly"); 673| | } 674| | } else if constexpr(concepts::resizable_byte_buffer) { 675| | return OutR(std::span{in}.size_bytes()); 676| | } else { 677| | return OutR{}; 678| | } 679| 648| }(in_range); _ZN5Botan6detail9store_anyILNSt3__16endianE64206EmTkNS_6ranges23contiguous_output_rangeIhEERNS2_5arrayIhLm72EEETkNS4_14spanable_rangeENS6_ImLm9EEEQoosr3stdE7same_asINS0_10AutoDetectET0_Esr3stdE7same_asISB_NS2_11conditionalIXsr21__is_primary_templateINS2_15iterator_traitsIu14__remove_cvrefIDTclL_ZNS2_6ranges5__cpo5beginEEclsr3stdE7declvalIRT2_EEEEEEEEE5valueENS2_26indirectly_readable_traitsISJ_EESK_E4type10value_typeEEEEvOT1_RKSG_: 603| 648|inline constexpr void store_any(OutR&& out /* NOLINT(*-std-forward) */, const InR& in) { 604| 648| ranges::assert_equal_byte_lengths(out, in); 605| 648| using element_type = std::ranges::range_value_t; 606| | 607| 648| auto store_elementwise = [&] { 608| 648| constexpr size_t bytes_per_element = sizeof(element_type); 609| 648| std::span out_s(out); 610| 648| for(auto in_elem : in) { 611| 648| store_any(out_s.template first(), in_elem); 612| 648| out_s = out_s.subspan(bytes_per_element); 613| 648| } 614| 648| }; 615| | 616| | // At compile time we cannot use `typecast_copy` as it uses `std::memcpy` 617| | // internally to copy ranges on a byte-by-byte basis, which is not allowed 618| | // in a `constexpr` context. 619| 648| if(std::is_constant_evaluated()) /* TODO: C++23: if consteval {} */ { ------------------ | Branch (619:7): [Folded, False: 648] ------------------ 620| 0| store_elementwise(); 621| 648| } else { 622| | if constexpr(endianness == std::endian::native && !custom_storable) { 623| | typecast_copy(out, in); 624| 648| } else { 625| 648| store_elementwise(); 626| 648| } 627| 648| } 628| 648|} _ZZN5Botan6detail9store_anyILNSt3__16endianE64206EmTkNS_6ranges23contiguous_output_rangeIhEERNS2_5arrayIhLm72EEETkNS4_14spanable_rangeENS6_ImLm9EEEQoosr3stdE7same_asINS0_10AutoDetectET0_Esr3stdE7same_asISB_NS2_11conditionalIXsr21__is_primary_templateINS2_15iterator_traitsIu14__remove_cvrefIDTclL_ZNS2_6ranges5__cpo5beginEEclsr3stdE7declvalIRT2_EEEEEEEEE5valueENS2_26indirectly_readable_traitsISJ_EESK_E4type10value_typeEEEEvOT1_RKSG_ENKUlvE_clEv: 607| 648| auto store_elementwise = [&] { 608| 648| constexpr size_t bytes_per_element = sizeof(element_type); 609| 648| std::span out_s(out); 610| 5.83k| for(auto in_elem : in) { ------------------ | Branch (610:24): [True: 5.83k, False: 648] ------------------ 611| 5.83k| store_any(out_s.template first(), in_elem); 612| 5.83k| out_s = out_s.subspan(bytes_per_element); 613| 5.83k| } 614| 648| }; _ZN5Botan8store_beINS_6detail10AutoDetectEJRNSt3__14spanIhLm24EEERNS3_5arrayImLm3EEEEEEDaDpOT0_: 745| 352|inline constexpr auto store_be(ParamTs&&... params) { 746| 352| return detail::store_any(std::forward(params)...); 747| 352|} _ZN5Botan6detail9store_anyILNSt3__16endianE64206ENS0_10AutoDetectETkNS_6ranges23contiguous_output_rangeIhEERNS2_4spanIhLm24EEETkNS5_14spanable_rangeENS2_5arrayImLm3EEEQoosr3stdE7same_asIS4_T0_Esr3stdE7same_asISC_NS2_11conditionalIXsr21__is_primary_templateINS2_15iterator_traitsIu14__remove_cvrefIDTclL_ZNS2_6ranges5__cpo5beginEEclsr3stdE7declvalIRT2_EEEEEEEEE5valueENS2_26indirectly_readable_traitsISK_EESL_E4type10value_typeEEEEvOT1_RKSH_: 603| 352|inline constexpr void store_any(OutR&& out /* NOLINT(*-std-forward) */, const InR& in) { 604| 352| ranges::assert_equal_byte_lengths(out, in); 605| 352| using element_type = std::ranges::range_value_t; 606| | 607| 352| auto store_elementwise = [&] { 608| 352| constexpr size_t bytes_per_element = sizeof(element_type); 609| 352| std::span out_s(out); 610| 352| for(auto in_elem : in) { 611| 352| store_any(out_s.template first(), in_elem); 612| 352| out_s = out_s.subspan(bytes_per_element); 613| 352| } 614| 352| }; 615| | 616| | // At compile time we cannot use `typecast_copy` as it uses `std::memcpy` 617| | // internally to copy ranges on a byte-by-byte basis, which is not allowed 618| | // in a `constexpr` context. 619| 352| if(std::is_constant_evaluated()) /* TODO: C++23: if consteval {} */ { ------------------ | Branch (619:7): [Folded, False: 352] ------------------ 620| 0| store_elementwise(); 621| 352| } else { 622| | if constexpr(endianness == std::endian::native && !custom_storable) { 623| | typecast_copy(out, in); 624| 352| } else { 625| 352| store_elementwise(); 626| 352| } 627| 352| } 628| 352|} _ZZN5Botan6detail9store_anyILNSt3__16endianE64206ENS0_10AutoDetectETkNS_6ranges23contiguous_output_rangeIhEERNS2_4spanIhLm24EEETkNS5_14spanable_rangeENS2_5arrayImLm3EEEQoosr3stdE7same_asIS4_T0_Esr3stdE7same_asISC_NS2_11conditionalIXsr21__is_primary_templateINS2_15iterator_traitsIu14__remove_cvrefIDTclL_ZNS2_6ranges5__cpo5beginEEclsr3stdE7declvalIRT2_EEEEEEEEE5valueENS2_26indirectly_readable_traitsISK_EESL_E4type10value_typeEEEEvOT1_RKSH_ENKUlvE_clEv: 607| 352| auto store_elementwise = [&] { 608| 352| constexpr size_t bytes_per_element = sizeof(element_type); 609| 352| std::span out_s(out); 610| 1.05k| for(auto in_elem : in) { ------------------ | Branch (610:24): [True: 1.05k, False: 352] ------------------ 611| 1.05k| store_any(out_s.template first(), in_elem); 612| 1.05k| out_s = out_s.subspan(bytes_per_element); 613| 1.05k| } 614| 352| }; _ZN5Botan8store_beINS_6detail10AutoDetectEJRNSt3__15arrayImLm4EEEEEEDaDpOT0_: 745| 384|inline constexpr auto store_be(ParamTs&&... params) { 746| 384| return detail::store_any(std::forward(params)...); 747| 384|} _ZN5Botan6detail9store_anyILNSt3__16endianE64206ENS0_10AutoDetectETkNS_6ranges14spanable_rangeERNS2_5arrayImLm4EEEQoooosr3stdE7same_asIS4_T0_Eaasr6rangesE25statically_spanable_rangeIS9_Esr3stdE21default_initializableIS9_Esr8conceptsE21resizable_byte_bufferIS9_EEEDaOT1_: 663| 384|inline constexpr auto store_any(InR&& in_range) { 664| 384| auto out = []([[maybe_unused]] const auto& in) { 665| 384| if constexpr(std::same_as) { 666| 384| if constexpr(ranges::statically_spanable_range) { 667| 384| constexpr size_t bytes = decltype(std::span{in})::extent * sizeof(std::ranges::range_value_t); 668| 384| return std::array(); 669| 384| } else { 670| 384| static_assert( 671| 384| !std::same_as, 672| 384| "cannot infer a suitable result container type from the given parameters at compile time, please specify it explicitly"); 673| 384| } 674| 384| } else if constexpr(concepts::resizable_byte_buffer) { 675| 384| return OutR(std::span{in}.size_bytes()); 676| 384| } else { 677| 384| return OutR{}; 678| 384| } 679| 384| }(in_range); 680| | 681| 384| store_any>(out, std::forward(in_range)); 682| 384| return out; 683| 384|} _ZZN5Botan6detail9store_anyILNSt3__16endianE64206ENS0_10AutoDetectETkNS_6ranges14spanable_rangeERNS2_5arrayImLm4EEEQoooosr3stdE7same_asIS4_T0_Eaasr6rangesE25statically_spanable_rangeIS9_Esr3stdE21default_initializableIS9_Esr8conceptsE21resizable_byte_bufferIS9_EEEDaOT1_ENKUlRKT_E_clIS7_EEDaSE_: 664| 384| auto out = []([[maybe_unused]] const auto& in) { 665| 384| if constexpr(std::same_as) { 666| 384| if constexpr(ranges::statically_spanable_range) { 667| 384| constexpr size_t bytes = decltype(std::span{in})::extent * sizeof(std::ranges::range_value_t); 668| 384| return std::array(); 669| | } else { 670| | static_assert( 671| | !std::same_as, 672| | "cannot infer a suitable result container type from the given parameters at compile time, please specify it explicitly"); 673| | } 674| | } else if constexpr(concepts::resizable_byte_buffer) { 675| | return OutR(std::span{in}.size_bytes()); 676| | } else { 677| | return OutR{}; 678| | } 679| 384| }(in_range); _ZN5Botan6detail9store_anyILNSt3__16endianE64206EmTkNS_6ranges23contiguous_output_rangeIhEERNS2_5arrayIhLm32EEETkNS4_14spanable_rangeENS6_ImLm4EEEQoosr3stdE7same_asINS0_10AutoDetectET0_Esr3stdE7same_asISB_NS2_11conditionalIXsr21__is_primary_templateINS2_15iterator_traitsIu14__remove_cvrefIDTclL_ZNS2_6ranges5__cpo5beginEEclsr3stdE7declvalIRT2_EEEEEEEEE5valueENS2_26indirectly_readable_traitsISJ_EESK_E4type10value_typeEEEEvOT1_RKSG_: 603| 384|inline constexpr void store_any(OutR&& out /* NOLINT(*-std-forward) */, const InR& in) { 604| 384| ranges::assert_equal_byte_lengths(out, in); 605| 384| using element_type = std::ranges::range_value_t; 606| | 607| 384| auto store_elementwise = [&] { 608| 384| constexpr size_t bytes_per_element = sizeof(element_type); 609| 384| std::span out_s(out); 610| 384| for(auto in_elem : in) { 611| 384| store_any(out_s.template first(), in_elem); 612| 384| out_s = out_s.subspan(bytes_per_element); 613| 384| } 614| 384| }; 615| | 616| | // At compile time we cannot use `typecast_copy` as it uses `std::memcpy` 617| | // internally to copy ranges on a byte-by-byte basis, which is not allowed 618| | // in a `constexpr` context. 619| 384| if(std::is_constant_evaluated()) /* TODO: C++23: if consteval {} */ { ------------------ | Branch (619:7): [Folded, False: 384] ------------------ 620| 0| store_elementwise(); 621| 384| } else { 622| | if constexpr(endianness == std::endian::native && !custom_storable) { 623| | typecast_copy(out, in); 624| 384| } else { 625| 384| store_elementwise(); 626| 384| } 627| 384| } 628| 384|} _ZZN5Botan6detail9store_anyILNSt3__16endianE64206EmTkNS_6ranges23contiguous_output_rangeIhEERNS2_5arrayIhLm32EEETkNS4_14spanable_rangeENS6_ImLm4EEEQoosr3stdE7same_asINS0_10AutoDetectET0_Esr3stdE7same_asISB_NS2_11conditionalIXsr21__is_primary_templateINS2_15iterator_traitsIu14__remove_cvrefIDTclL_ZNS2_6ranges5__cpo5beginEEclsr3stdE7declvalIRT2_EEEEEEEEE5valueENS2_26indirectly_readable_traitsISJ_EESK_E4type10value_typeEEEEvOT1_RKSG_ENKUlvE_clEv: 607| 384| auto store_elementwise = [&] { 608| 384| constexpr size_t bytes_per_element = sizeof(element_type); 609| 384| std::span out_s(out); 610| 1.53k| for(auto in_elem : in) { ------------------ | Branch (610:24): [True: 1.53k, False: 384] ------------------ 611| 1.53k| store_any(out_s.template first(), in_elem); 612| 1.53k| out_s = out_s.subspan(bytes_per_element); 613| 1.53k| } 614| 384| }; _ZN5Botan14zeroize_bufferITkNSt3__117unsigned_integralEmEEvPT_m: 37| 417|inline void zeroize_buffer(T buf[], size_t n) { 38| 417| if(n > 0) { ------------------ | Branch (38:7): [True: 411, False: 6] ------------------ 39| 411| std::memset(buf, 0, sizeof(T) * n); 40| 411| } 41| 417|} _ZN5Botan21unchecked_copy_memoryITkNSt3__117unsigned_integralEmEEvPT_PKS2_m: 44| 162|inline void unchecked_copy_memory(T* out, const T* in, size_t n) { 45| 162| if(in != nullptr && out != nullptr && n > 0) { ------------------ | Branch (45:7): [True: 162, False: 0] | Branch (45:24): [True: 162, False: 0] | Branch (45:42): [True: 162, False: 0] ------------------ 46| 162| std::memmove(out, in, sizeof(T) * n); 47| 162| } 48| 162|} _ZNK5Botan17Montgomery_Params1pEv: 41| 28| const BigInt& p() const { return m_data->p(); } _ZNK5Botan17Montgomery_Params2R1Ev: 43| 7| const BigInt& R1() const { return m_data->r1(); } _ZNK5Botan17Montgomery_Params2R2Ev: 45| 28| const BigInt& R2() const { return m_data->r2(); } _ZNK5Botan17Montgomery_Params6p_dashEv: 49| 28| word p_dash() const { return m_data->p_dash(); } _ZNK5Botan17Montgomery_Params7p_wordsEv: 51| 42| size_t p_words() const { return m_data->p_size(); } _ZNK5Botan17Montgomery_Params4Data1pEv: 76| 28| const BigInt& p() const { return m_p; } _ZNK5Botan17Montgomery_Params4Data2r1Ev: 78| 7| const BigInt& r1() const { return m_r1; } _ZNK5Botan17Montgomery_Params4Data2r2Ev: 80| 28| const BigInt& r2() const { return m_r2; } _ZNK5Botan17Montgomery_Params4Data6p_dashEv: 84| 28| word p_dash() const { return m_p_dash; } _ZNK5Botan17Montgomery_Params4Data6p_sizeEv: 86| 42| size_t p_size() const { return m_p_words; } _ZN5Botan10word8_add2ITkNS_8WordTypeEmEET_PS1_PKS1_S1_: 268| 471|inline constexpr auto word8_add2(W x[8], const W y[8], W carry) -> W { 269| 471|#if defined(BOTAN_MP_USE_X86_64_ASM) 270| 471| if(std::same_as && !std::is_constant_evaluated()) { ------------------ | Branch (270:7): [True: 0, Folded] | Branch (270:36): [True: 0, Folded] ------------------ 271| 471| asm volatile(ADD_OR_SUBTRACT(DO_8_TIMES(ADDSUB2_OP, "adcq")) 272| 471| : [carry] "=r"(carry) 273| 471| : [x] "r"(x), [y] "r"(y), "0"(carry) 274| 471| : "cc", "memory"); 275| 471| return carry; 276| 471| } 277| 0|#endif 278| | 279| 0| x[0] = word_add(x[0], y[0], &carry); 280| 0| x[1] = word_add(x[1], y[1], &carry); 281| 0| x[2] = word_add(x[2], y[2], &carry); 282| 0| x[3] = word_add(x[3], y[3], &carry); 283| 0| x[4] = word_add(x[4], y[4], &carry); 284| 0| x[5] = word_add(x[5], y[5], &carry); 285| 0| x[6] = word_add(x[6], y[6], &carry); 286| 0| x[7] = word_add(x[7], y[7], &carry); 287| 0| return carry; 288| 471|} _ZN5Botan8word_addITkNS_8WordTypeEmEET_S1_S1_PS1_: 231| 9.80M|inline constexpr auto word_add(W x, W y, W* carry) -> W { 232| 9.80M|#if BOTAN_COMPILER_HAS_BUILTIN(__builtin_addc) 233| 9.80M| if(!std::is_constant_evaluated()) { ------------------ | Branch (233:7): [True: 9.80M, Folded] ------------------ 234| | if constexpr(std::same_as) { 235| | return __builtin_addc(x, y, *carry & 1, carry); 236| 9.80M| } else if constexpr(std::same_as) { 237| 9.80M| return __builtin_addcl(x, y, *carry & 1, carry); 238| | } else if constexpr(std::same_as) { 239| | return __builtin_addcll(x, y, *carry & 1, carry); 240| | } 241| 9.80M| } 242| 0|#endif 243| | 244| | if constexpr(WordInfo::dword_is_native && use_dword_for_word_add) { 245| | /* 246| | TODO(Botan4) this is largely a performance hack for GCCs that don't 247| | support __builtin_addc, if we increase the minimum supported version of 248| | GCC to GCC 14 then we can remove this and not worry about it 249| | */ 250| | const W cb = *carry & 1; 251| | const auto s = typename WordInfo::dword(x) + y + cb; 252| | *carry = static_cast(s >> WordInfo::bits); 253| | return static_cast(s); 254| 9.80M| } else { 255| 9.80M| const W cb = *carry & 1; 256| 9.80M| W z = x + y; 257| 9.80M| W c1 = (z < x); 258| 9.80M| z += cb; 259| 9.80M| *carry = c1 | (z < cb); 260| 9.80M| return z; 261| 9.80M| } 262| 9.80M|} _ZN5Botan10word8_sub2ITkNS_8WordTypeEmEET_PS1_PKS1_S1_: 345| 95|inline constexpr auto word8_sub2(W x[8], const W y[8], W carry) -> W { 346| 95|#if defined(BOTAN_MP_USE_X86_64_ASM) 347| 95| if(std::same_as && !std::is_constant_evaluated()) { ------------------ | Branch (347:7): [True: 0, Folded] | Branch (347:36): [True: 0, Folded] ------------------ 348| 95| asm volatile(ADD_OR_SUBTRACT(DO_8_TIMES(ADDSUB2_OP, "sbbq")) 349| 95| : [carry] "=r"(carry) 350| 95| : [x] "r"(x), [y] "r"(y), "0"(carry) 351| 95| : "cc", "memory"); 352| 95| return carry; 353| 95| } 354| 0|#endif 355| | 356| 0| x[0] = word_sub(x[0], y[0], &carry); 357| 0| x[1] = word_sub(x[1], y[1], &carry); 358| 0| x[2] = word_sub(x[2], y[2], &carry); 359| 0| x[3] = word_sub(x[3], y[3], &carry); 360| 0| x[4] = word_sub(x[4], y[4], &carry); 361| 0| x[5] = word_sub(x[5], y[5], &carry); 362| 0| x[6] = word_sub(x[6], y[6], &carry); 363| 0| x[7] = word_sub(x[7], y[7], &carry); 364| 0| return carry; 365| 95|} _ZN5Botan8word_subITkNS_8WordTypeEmEET_S1_S1_PS1_: 320| 12.7M|inline constexpr auto word_sub(W x, W y, W* carry) -> W { 321| 12.7M|#if BOTAN_COMPILER_HAS_BUILTIN(__builtin_subc) 322| 12.7M| if(!std::is_constant_evaluated()) { ------------------ | Branch (322:7): [True: 12.7M, Folded] ------------------ 323| | if constexpr(std::same_as) { 324| | return __builtin_subc(x, y, *carry & 1, carry); 325| 12.7M| } else if constexpr(std::same_as) { 326| 12.7M| return __builtin_subcl(x, y, *carry & 1, carry); 327| | } else if constexpr(std::same_as) { 328| | return __builtin_subcll(x, y, *carry & 1, carry); 329| | } 330| 12.7M| } 331| 0|#endif 332| | 333| 0| const W cb = *carry & 1; 334| 12.7M| W t0 = x - y; 335| 12.7M| W c1 = (t0 > x); 336| 12.7M| W z = t0 - cb; 337| 12.7M| *carry = c1 | (z > t0); 338| 12.7M| return z; 339| 12.7M|} _ZN5Botan10word8_sub3ITkNS_8WordTypeEmEET_PS1_PKS1_S4_S1_: 371| 1.17k|inline constexpr auto word8_sub3(W z[8], const W x[8], const W y[8], W carry) -> W { 372| 1.17k|#if defined(BOTAN_MP_USE_X86_64_ASM) 373| 1.17k| if(std::same_as && !std::is_constant_evaluated()) { ------------------ | Branch (373:7): [True: 0, Folded] | Branch (373:36): [True: 0, Folded] ------------------ 374| 1.17k| asm volatile(ADD_OR_SUBTRACT(DO_8_TIMES(ADDSUB3_OP, "sbbq")) 375| 1.17k| : [carry] "=r"(carry) 376| 1.17k| : [x] "r"(x), [y] "r"(y), [z] "r"(z), "0"(carry) 377| 1.17k| : "cc", "memory"); 378| 1.17k| return carry; 379| 1.17k| } 380| 0|#endif 381| | 382| 0| z[0] = word_sub(x[0], y[0], &carry); 383| 0| z[1] = word_sub(x[1], y[1], &carry); 384| 0| z[2] = word_sub(x[2], y[2], &carry); 385| 0| z[3] = word_sub(x[3], y[3], &carry); 386| 0| z[4] = word_sub(x[4], y[4], &carry); 387| 0| z[5] = word_sub(x[5], y[5], &carry); 388| 0| z[6] = word_sub(x[6], y[6], &carry); 389| 0| z[7] = word_sub(x[7], y[7], &carry); 390| 0| return carry; 391| 1.17k|} _ZN5Botan10word8_add3ITkNS_8WordTypeEmEET_PS1_PKS1_S4_S1_: 294| 4|inline constexpr auto word8_add3(W z[8], const W x[8], const W y[8], W carry) -> W { 295| 4|#if defined(BOTAN_MP_USE_X86_64_ASM) 296| 4| if(std::same_as && !std::is_constant_evaluated()) { ------------------ | Branch (296:7): [True: 0, Folded] | Branch (296:36): [True: 0, Folded] ------------------ 297| 4| asm volatile(ADD_OR_SUBTRACT(DO_8_TIMES(ADDSUB3_OP, "adcq")) 298| 4| : [carry] "=r"(carry) 299| 4| : [x] "r"(x), [y] "r"(y), [z] "r"(z), "0"(carry) 300| 4| : "cc", "memory"); 301| 4| return carry; 302| 4| } 303| 0|#endif 304| | 305| 0| z[0] = word_add(x[0], y[0], &carry); 306| 0| z[1] = word_add(x[1], y[1], &carry); 307| 0| z[2] = word_add(x[2], y[2], &carry); 308| 0| z[3] = word_add(x[3], y[3], &carry); 309| 0| z[4] = word_add(x[4], y[4], &carry); 310| 0| z[5] = word_add(x[5], y[5], &carry); 311| 0| z[6] = word_add(x[6], y[6], &carry); 312| 0| z[7] = word_add(x[7], y[7], &carry); 313| 0| return carry; 314| 4|} _ZN5Botan13word8_linmul3ITkNS_8WordTypeEmEET_PS1_PKS1_S1_S1_: 397| 42|inline constexpr auto word8_linmul3(W z[8], const W x[8], W y, W carry) -> W { 398| 42|#if defined(BOTAN_MP_USE_X86_64_ASM) 399| 42| if(std::same_as && !std::is_constant_evaluated()) { ------------------ | Branch (399:7): [True: 0, Folded] | Branch (399:36): [True: 0, Folded] ------------------ 400| 42| asm(DO_8_TIMES(LINMUL_OP, "z") 401| 42| : [carry] "=r"(carry) 402| 42| : [z] "r"(z), [x] "r"(x), [y] "rm"(y), "0"(carry) 403| 42| : "cc", "%rax", "%rdx", "memory"); 404| 42| return carry; 405| 42| } 406| 0|#endif 407| | 408| 0| z[0] = word_madd2(x[0], y, &carry); 409| 0| z[1] = word_madd2(x[1], y, &carry); 410| 0| z[2] = word_madd2(x[2], y, &carry); 411| 0| z[3] = word_madd2(x[3], y, &carry); 412| 0| z[4] = word_madd2(x[4], y, &carry); 413| 0| z[5] = word_madd2(x[5], y, &carry); 414| 0| z[6] = word_madd2(x[6], y, &carry); 415| 0| z[7] = word_madd2(x[7], y, &carry); 416| 0| return carry; 417| 42|} _ZN5Botan10word_madd2ITkNS_8WordTypeEmEET_S1_S1_PS1_: 90| 640|inline constexpr auto word_madd2(W a, W b, W* c) -> W { 91| 640|#if defined(BOTAN_MP_USE_X86_64_ASM) 92| 640| if(std::same_as && !std::is_constant_evaluated()) { ------------------ | Branch (92:7): [True: 0, Folded] | Branch (92:36): [True: 0, Folded] ------------------ 93| 640| asm(R"( 94| 640| mulq %[b] 95| 640| addq %[c],%[a] 96| 640| adcq $0,%[carry] 97| 640| )" 98| 640| : [a] "=a"(a), [b] "=rm"(b), [carry] "=&d"(*c) 99| 640| : "0"(a), "1"(b), [c] "g"(*c) 100| 640| : "cc"); 101| | 102| 640| return a; 103| 640| } 104| |#elif defined(BOTAN_MP_USE_AARCH64_ASM) 105| | if(std::same_as && !std::is_constant_evaluated()) { 106| | W lo = 0; 107| | W hi = 0; 108| | asm(R"( 109| | mul %[lo], %[a], %[b] 110| | umulh %[hi], %[a], %[b] 111| | adds %[lo], %[lo], %[c] 112| | adc %[hi], %[hi], xzr 113| | )" 114| | : [lo] "=&r"(lo), [hi] "=&r"(hi) 115| | : [a] "r"(a), [b] "r"(b), [c] "r"(*c) 116| | : "cc"); 117| | 118| | *c = hi; 119| | return lo; 120| | } 121| |#endif 122| | 123| 0| typedef typename WordInfo::dword dword; 124| 0| const dword s = dword(a) * b + *c; 125| 0| *c = static_cast(s >> WordInfo::bits); 126| 0| return static_cast(s); 127| 640|} _ZN5Botan11word8_madd3ITkNS_8WordTypeEmEET_PS1_PKS1_S1_S1_: 423| 152|inline constexpr auto word8_madd3(W z[8], const W x[8], W y, W carry) -> W { 424| 152|#if defined(BOTAN_MP_USE_X86_64_ASM) 425| 152| if(std::same_as && !std::is_constant_evaluated()) { ------------------ | Branch (425:7): [True: 0, Folded] | Branch (425:36): [True: 0, Folded] ------------------ 426| 152| asm(DO_8_TIMES(MULADD_OP, "") 427| 152| : [carry] "=r"(carry) 428| 152| : [z] "r"(z), [x] "r"(x), [y] "rm"(y), "0"(carry) 429| 152| : "cc", "%rax", "%rdx", "memory"); 430| 152| return carry; 431| 152| } 432| 0|#endif 433| | 434| 0| z[0] = word_madd3(x[0], y, z[0], &carry); 435| 0| z[1] = word_madd3(x[1], y, z[1], &carry); 436| 0| z[2] = word_madd3(x[2], y, z[2], &carry); 437| 0| z[3] = word_madd3(x[3], y, z[3], &carry); 438| 0| z[4] = word_madd3(x[4], y, z[4], &carry); 439| 0| z[5] = word_madd3(x[5], y, z[5], &carry); 440| 0| z[6] = word_madd3(x[6], y, z[6], &carry); 441| 0| z[7] = word_madd3(x[7], y, z[7], &carry); 442| 0| return carry; 443| 152|} _ZN5Botan10word_madd3ITkNS_8WordTypeEmEET_S1_S1_S1_PS1_: 133| 376|inline constexpr auto word_madd3(W a, W b, W c, W* d) -> W { 134| 376|#if defined(BOTAN_MP_USE_X86_64_ASM) 135| 376| if(std::same_as && !std::is_constant_evaluated()) { ------------------ | Branch (135:7): [True: 0, Folded] | Branch (135:36): [True: 0, Folded] ------------------ 136| 376| asm(R"( 137| 376| mulq %[b] 138| 376| 139| 376| addq %[c],%[a] 140| 376| adcq $0,%[carry] 141| 376| 142| 376| addq %[d],%[a] 143| 376| adcq $0,%[carry] 144| 376| )" 145| 376| : [a] "=a"(a), [b] "=rm"(b), [carry] "=&d"(*d) 146| 376| : "0"(a), "1"(b), [c] "g"(c), [d] "g"(*d) 147| 376| : "cc"); 148| | 149| 376| return a; 150| 376| } 151| |#elif defined(BOTAN_MP_USE_AARCH64_ASM) 152| | if(std::same_as && !std::is_constant_evaluated()) { 153| | W lo = 0; 154| | W hi = 0; 155| | asm(R"( 156| | mul %[lo], %[a], %[b] 157| | umulh %[hi], %[a], %[b] 158| | adds %[lo], %[lo], %[c] 159| | adc %[hi], %[hi], xzr 160| | adds %[lo], %[lo], %[d] 161| | adc %[hi], %[hi], xzr 162| | )" 163| | : [lo] "=&r"(lo), [hi] "=&r"(hi) 164| | : [a] "r"(a), [b] "r"(b), [c] "r"(c), [d] "r"(*d) 165| | : "cc"); 166| | 167| | *d = hi; 168| | return lo; 169| | } 170| |#endif 171| | 172| 0| typedef typename WordInfo::dword dword; 173| 0| const dword s = dword(a) * b + c + *d; 174| 0| *d = static_cast(s >> WordInfo::bits); 175| 0| return static_cast(s); 176| 376|} _ZN5Botan5word3ImE3mulEmm: 460| 38.2M| inline constexpr void mul(W x, W y) { m_w += static_cast(x) * y; } _ZN5Botan5word3ImE7extractEv: 466| 26.2M| inline constexpr W extract() { 467| 26.2M| W r = static_cast(m_w); 468| 26.2M| m_w >>= WordInfo::bits; 469| 26.2M| return r; 470| 26.2M| } _ZN5Botan5word3ImE3addEm: 464| 4.63M| inline constexpr void add(W x) { m_w += x; } _ZN5Botan5word3ImE10monty_stepEmm: 472| 2.31M| inline constexpr W monty_step(W p0, W p_dash) { 473| 2.31M| const W w0 = static_cast(m_w); 474| 2.31M| const W r = w0 * p_dash; 475| 2.31M| mul(r, p0); 476| 2.31M| m_w >>= WordInfo::bits; 477| 2.31M| return r; 478| 2.31M| } _ZN5Botan5word3ImEC2Ev: 458| 2.73M| constexpr word3() : m_w(0) {} _ZN5Botan5word3ImE6mul_x2Emm: 462| 22.2M| inline constexpr void mul_x2(W x, W y) { m_w += static_cast(x) * y * 2; } _ZN5Botan11bigint_add2ITkNS_8WordTypeEmEET_PS1_mPKS1_m: 94| 1.35k|inline constexpr auto bigint_add2(W x[], size_t x_size, const W y[], size_t y_size) -> W { 95| 1.35k| W carry = 0; 96| | 97| 1.35k| BOTAN_ASSERT(x_size >= y_size, "Expected sizes"); ------------------ | | 64| 1.35k| do { \ | | 65| 1.35k| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 66| 1.35k| if(!(expr)) { \ | | ------------------ | | | Branch (66:10): [True: 0, False: 1.35k] | | ------------------ | | 67| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 68| 0| Botan::assertion_failure(#expr, assertion_made, __func__, __FILE__, __LINE__); \ | | 69| 0| } \ | | 70| 1.35k| } while(0) | | ------------------ | | | Branch (70:12): [Folded, False: 1.35k] | | ------------------ ------------------ 98| | 99| 1.35k| const size_t blocks = y_size - (y_size % 8); 100| | 101| 1.82k| for(size_t i = 0; i != blocks; i += 8) { ------------------ | Branch (101:22): [True: 471, False: 1.35k] ------------------ 102| 471| carry = word8_add2(x + i, y + i, carry); 103| 471| } 104| | 105| 5.36k| for(size_t i = blocks; i != y_size; ++i) { ------------------ | Branch (105:27): [True: 4.01k, False: 1.35k] ------------------ 106| 4.01k| x[i] = word_add(x[i], y[i], &carry); 107| 4.01k| } 108| | 109| 1.35k| for(size_t i = y_size; i != x_size; ++i) { ------------------ | Branch (109:27): [True: 0, False: 1.35k] ------------------ 110| 0| x[i] = word_add(x[i], static_cast(0), &carry); 111| 0| } 112| | 113| 1.35k| return carry; 114| 1.35k|} _ZN5Botan10bigint_cmpITkNS_8WordTypeEmEEiPKT_mS3_m: 439| 185|inline constexpr int32_t bigint_cmp(const W x[], size_t x_size, const W y[], size_t y_size) { 440| 185| static_assert(sizeof(W) >= sizeof(uint32_t), "Size assumption"); 441| | 442| 185| const W LT = static_cast(-1); 443| 185| const W EQ = 0; 444| 185| const W GT = 1; 445| | 446| 185| const size_t common_elems = std::min(x_size, y_size); 447| | 448| 185| W result = EQ; // until found otherwise 449| | 450| 1.62k| for(size_t i = 0; i != common_elems; i++) { ------------------ | Branch (450:22): [True: 1.43k, False: 185] ------------------ 451| 1.43k| const auto is_eq = CT::Mask::is_equal(x[i], y[i]); 452| 1.43k| const auto is_lt = CT::Mask::is_lt(x[i], y[i]); 453| | 454| 1.43k| result = is_eq.select(result, is_lt.select(LT, GT)); 455| 1.43k| } 456| | 457| 185| if(x_size < y_size) { ------------------ | Branch (457:7): [True: 0, False: 185] ------------------ 458| 0| W mask = 0; 459| 0| for(size_t i = x_size; i != y_size; i++) { ------------------ | Branch (459:30): [True: 0, False: 0] ------------------ 460| 0| mask |= y[i]; 461| 0| } 462| | 463| | // If any bits were set in high part of y, then x < y 464| 0| result = CT::Mask::is_zero(mask).select(result, LT); 465| 185| } else if(y_size < x_size) { ------------------ | Branch (465:14): [True: 28, False: 157] ------------------ 466| 28| W mask = 0; 467| 80| for(size_t i = y_size; i != x_size; i++) { ------------------ | Branch (467:30): [True: 52, False: 28] ------------------ 468| 52| mask |= x[i]; 469| 52| } 470| | 471| | // If any bits were set in high part of x, then x > y 472| 28| result = CT::Mask::is_zero(mask).select(result, GT); 473| 28| } 474| | 475| 185| CT::unpoison(result); 476| 185| BOTAN_DEBUG_ASSERT(result == LT || result == GT || result == EQ); ------------------ | | 130| 185| do { /* NOLINT(*-avoid-do-while) */ \ | | 131| 185| } while(0) | | ------------------ | | | Branch (131:15): [Folded, False: 185] | | ------------------ ------------------ 477| 185| return static_cast(result); 478| 185|} _ZN5Botan11bigint_sub2ITkNS_8WordTypeEmEET_PS1_mPKS1_m: 148| 157|inline constexpr auto bigint_sub2(W x[], size_t x_size, const W y[], size_t y_size) -> W { 149| 157| W borrow = 0; 150| | 151| 157| BOTAN_ASSERT(x_size >= y_size, "Expected sizes"); ------------------ | | 64| 157| do { \ | | 65| 157| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 66| 157| if(!(expr)) { \ | | ------------------ | | | Branch (66:10): [True: 0, False: 157] | | ------------------ | | 67| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 68| 0| Botan::assertion_failure(#expr, assertion_made, __func__, __FILE__, __LINE__); \ | | 69| 0| } \ | | 70| 157| } while(0) | | ------------------ | | | Branch (70:12): [Folded, False: 157] | | ------------------ ------------------ 152| | 153| 157| const size_t blocks = y_size - (y_size % 8); 154| | 155| 252| for(size_t i = 0; i != blocks; i += 8) { ------------------ | Branch (155:22): [True: 95, False: 157] ------------------ 156| 95| borrow = word8_sub2(x + i, y + i, borrow); 157| 95| } 158| | 159| 747| for(size_t i = blocks; i != y_size; ++i) { ------------------ | Branch (159:27): [True: 590, False: 157] ------------------ 160| 590| x[i] = word_sub(x[i], y[i], &borrow); 161| 590| } 162| | 163| 178| for(size_t i = y_size; i != x_size; ++i) { ------------------ | Branch (163:27): [True: 21, False: 157] ------------------ 164| 21| x[i] = word_sub(x[i], static_cast(0), &borrow); 165| 21| } 166| | 167| 157| return borrow; 168| 157|} _ZN5Botan11bigint_sub3ITkNS_8WordTypeEmEET_PS1_PKS1_mS4_m: 192| 2.56k|inline constexpr auto bigint_sub3(W z[], const W x[], size_t x_size, const W y[], size_t y_size) -> W { 193| 2.56k| W borrow = 0; 194| | 195| 2.56k| BOTAN_ASSERT(x_size >= y_size, "Expected sizes"); ------------------ | | 64| 2.56k| do { \ | | 65| 2.56k| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 66| 2.56k| if(!(expr)) { \ | | ------------------ | | | Branch (66:10): [True: 0, False: 2.56k] | | ------------------ | | 67| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 68| 0| Botan::assertion_failure(#expr, assertion_made, __func__, __FILE__, __LINE__); \ | | 69| 0| } \ | | 70| 2.56k| } while(0) | | ------------------ | | | Branch (70:12): [Folded, False: 2.56k] | | ------------------ ------------------ 196| | 197| 2.56k| const size_t blocks = y_size - (y_size % 8); 198| | 199| 3.70k| for(size_t i = 0; i != blocks; i += 8) { ------------------ | Branch (199:22): [True: 1.13k, False: 2.56k] ------------------ 200| 1.13k| borrow = word8_sub3(z + i, x + i, y + i, borrow); 201| 1.13k| } 202| | 203| 9.43k| for(size_t i = blocks; i != y_size; ++i) { ------------------ | Branch (203:27): [True: 6.86k, False: 2.56k] ------------------ 204| 6.86k| z[i] = word_sub(x[i], y[i], &borrow); 205| 6.86k| } 206| | 207| 2.72k| for(size_t i = y_size; i != x_size; ++i) { ------------------ | Branch (207:27): [True: 164, False: 2.56k] ------------------ 208| 164| z[i] = word_sub(x[i], static_cast(0), &borrow); 209| 164| } 210| | 211| 2.56k| return borrow; 212| 2.56k|} _ZN5Botan11bigint_add3ITkNS_8WordTypeEmEET_PS1_PKS1_mS4_m: 120| 14|inline constexpr auto bigint_add3(W z[], const W x[], size_t x_size, const W y[], size_t y_size) -> W { 121| 14| if(x_size < y_size) { ------------------ | Branch (121:7): [True: 0, False: 14] ------------------ 122| 0| return bigint_add3(z, y, y_size, x, x_size); 123| 0| } 124| | 125| 14| W carry = 0; 126| | 127| 14| const size_t blocks = y_size - (y_size % 8); 128| | 129| 18| for(size_t i = 0; i != blocks; i += 8) { ------------------ | Branch (129:22): [True: 4, False: 14] ------------------ 130| 4| carry = word8_add3(z + i, x + i, y + i, carry); 131| 4| } 132| | 133| 58| for(size_t i = blocks; i != y_size; ++i) { ------------------ | Branch (133:27): [True: 44, False: 14] ------------------ 134| 44| z[i] = word_add(x[i], y[i], &carry); 135| 44| } 136| | 137| 15| for(size_t i = y_size; i != x_size; ++i) { ------------------ | Branch (137:27): [True: 1, False: 14] ------------------ 138| 1| z[i] = word_add(x[i], static_cast(0), &carry); 139| 1| } 140| | 141| 14| return carry; 142| 14|} _ZN5Botan14bigint_linmul3ITkNS_8WordTypeEmEEvPT_PKS1_mS1_: 416| 80|inline constexpr void bigint_linmul3(W z[], const W x[], size_t x_size, W y) { 417| 80| const size_t blocks = x_size - (x_size % 8); 418| | 419| 80| W carry = 0; 420| | 421| 122| for(size_t i = 0; i != blocks; i += 8) { ------------------ | Branch (421:22): [True: 42, False: 80] ------------------ 422| 42| carry = word8_linmul3(z + i, x + i, y, carry); 423| 42| } 424| | 425| 418| for(size_t i = blocks; i != x_size; ++i) { ------------------ | Branch (425:27): [True: 338, False: 80] ------------------ 426| 338| z[i] = word_madd2(x[i], y, &carry); 427| 338| } 428| | 429| 80| z[x_size] = carry; 430| 80|} _ZN5Botan14divide_precompImEC2Em: 574| 21| explicit constexpr divide_precomp(W divisor) : m_divisor(divisor) { 575| 21| BOTAN_ARG_CHECK(m_divisor != 0, "Division by zero"); ------------------ | | 35| 21| do { \ | | 36| 21| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 37| 21| if(!(expr)) { \ | | ------------------ | | | Branch (37:10): [True: 0, False: 21] | | ------------------ | | 38| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 39| 0| Botan::throw_invalid_argument(msg, __func__, __FILE__); \ | | 40| 0| } \ | | 41| 21| } while(0) | | ------------------ | | | Branch (41:12): [Folded, False: 21] | | ------------------ ------------------ 576| 21| } _ZNK5Botan14divide_precompImE16vartime_div_2to1Emm: 581| 133| inline constexpr W vartime_div_2to1(W n1, W n0) const { 582| 133| BOTAN_ASSERT_NOMSG(n1 < m_divisor); ------------------ | | 77| 133| do { \ | | 78| 133| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 79| 133| if(!(expr)) { \ | | ------------------ | | | Branch (79:10): [True: 0, False: 133] | | ------------------ | | 80| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 81| 0| Botan::assertion_failure(#expr, "", __func__, __FILE__, __LINE__); \ | | 82| 0| } \ | | 83| 133| } while(0) | | ------------------ | | | Branch (83:12): [Folded, False: 133] | | ------------------ ------------------ 583| | 584| 133| if(m_divisor == WordInfo::max) { ------------------ | Branch (584:13): [True: 76, False: 57] ------------------ 585| 76| return vartime_div_2to1_max_d(n1, n0); 586| 76| } 587| | 588| 57| if(m_divisor == WordInfo::top_bit) { ------------------ | Branch (588:13): [True: 0, False: 57] ------------------ 589| | // Simply a shift by N-1 bits 590| 0| return (n1 << 1) | (n0 >> (WordInfo::bits - 1)); 591| 0| } 592| | 593| 57| if(!std::is_constant_evaluated()) { ------------------ | Branch (593:13): [True: 57, Folded] ------------------ 594| 57|#if defined(BOTAN_MP_USE_X86_64_ASM) 595| 57| if constexpr(std::same_as) { 596| 57| W quotient = 0; 597| 57| W remainder = 0; 598| | // NOLINTNEXTLINE(*-no-assembler) 599| 57| asm("divq %[v]" : "=a"(quotient), "=d"(remainder) : [v] "r"(m_divisor), "a"(n0), "d"(n1) : "cc"); 600| 57| return quotient; 601| 57| } 602| 0|#endif 603| | 604| 0|#if !defined(BOTAN_BUILD_COMPILER_IS_CLANGCL) 605| | 606| | /* clang-cl has a bug where on encountering a 128/64 division it emits 607| | * a call to __udivti3() but then fails to link the relevant builtin into 608| | * the binary, causing a link failure. Work around this by simply omitting 609| | * such code for clang-cl 610| | * 611| | * See https://github.com/llvm/llvm-project/issues/25679 612| | */ 613| 57| if constexpr(WordInfo::dword_is_native) { 614| 57| typename WordInfo::dword n = n1; 615| 57| n <<= WordInfo::bits; 616| 57| n |= n0; 617| 57| return static_cast(n / m_divisor); 618| 57| } 619| 57|#endif 620| 57| } 621| | 622| 0| W high = n1; 623| 57| W quotient = 0; 624| | 625| 57| for(size_t i = 0; i != WordInfo::bits; ++i) { ------------------ | Branch (625:28): [True: 0, False: 57] ------------------ 626| 0| const W high_top_bit = high >> (WordInfo::bits - 1); 627| | 628| 0| high <<= 1; 629| 0| high |= (n0 >> (WordInfo::bits - 1 - i)) & 1; 630| 0| quotient <<= 1; 631| | 632| 0| if(high_top_bit || high >= m_divisor) { ------------------ | Branch (632:16): [True: 0, False: 0] | Branch (632:32): [True: 0, False: 0] ------------------ 633| 0| high -= m_divisor; 634| 0| quotient |= 1; 635| 0| } 636| 0| } 637| | 638| 57| return quotient; 639| 57| } _ZN5Botan14divide_precompImE22vartime_div_2to1_max_dEmm: 657| 76| static inline constexpr W vartime_div_2to1_max_d(W n1, W n0) { 658| | /* 659| | Use k to refer to WordInfo::bits 660| | 661| | We are dividing n = (n1 * 2^k) + n0 by 2^k - 1 662| | 663| | Recall that 2^k = 1 (mod 2^k - 1) 664| | 665| | Rewrite n = n1*2^k + n0 as n1*(2^k - 1) + n1 + n0 666| | 667| | The result of dividing n by (2^k - 1) will be equal to 668| | (n1*(2^k-1) + n1 + n0) / (2^k-1) = 669| | n1 + ((n1 + n0) / (2^k-1) 670| | 671| | Use c to refer to ((n1 + n0) / (2^k-1)) 672| | 673| | If (n1 + n0) < (2^k - 1) then c is 0 674| | If (n1 + n0) >= (2^k - 1) then c is 1 675| | 676| | Since n1 < 2^k - 1 [*] and n0 <= 2^k - 1 it is impossible for (n1 + n0) / (2^k -1) 677| | to be greater than 1. 678| | 679| | [*] We require n1 be strictly less than the divisor to ensure that the 680| | output fits in a single word; this is checked at the start of vartime_div_2to1. 681| | */ 682| | 683| 76| const W s = n0 + n1; 684| | // did n0 + n1 overflow? or does (n0 + n1) == 2^k - 1? if either, c == 1 685| 76| if(s < n0 || s == WordInfo::max) { ------------------ | Branch (685:13): [True: 12, False: 64] | Branch (685:23): [True: 0, False: 64] ------------------ 686| 12| n1 += 1; 687| 12| } 688| | 689| 76| return n1; 690| 76| } _ZN5Botan11bigint_shl1ITkNS_8WordTypeEmEEvPT_mmm: 309| 6|inline constexpr void bigint_shl1(W x[], size_t x_size, size_t x_words, size_t shift) { 310| 6| const size_t word_shift = shift / WordInfo::bits; 311| 6| const size_t bit_shift = shift % WordInfo::bits; 312| | 313| 6| BOTAN_ASSERT_NOMSG(word_shift <= x_size); ------------------ | | 77| 6| do { \ | | 78| 6| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 79| 6| if(!(expr)) { \ | | ------------------ | | | Branch (79:10): [True: 0, False: 6] | | ------------------ | | 80| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 81| 0| Botan::assertion_failure(#expr, "", __func__, __FILE__, __LINE__); \ | | 82| 0| } \ | | 83| 6| } while(0) | | ------------------ | | | Branch (83:12): [Folded, False: 6] | | ------------------ ------------------ 314| 6| BOTAN_ASSERT_NOMSG(x_words <= x_size - word_shift); ------------------ | | 77| 6| do { \ | | 78| 6| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 79| 6| if(!(expr)) { \ | | ------------------ | | | Branch (79:10): [True: 0, False: 6] | | ------------------ | | 80| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 81| 0| Botan::assertion_failure(#expr, "", __func__, __FILE__, __LINE__); \ | | 82| 0| } \ | | 83| 6| } while(0) | | ------------------ | | | Branch (83:12): [Folded, False: 6] | | ------------------ ------------------ 315| | 316| 6| unchecked_copy_memory(x + word_shift, x, x_words); 317| 6| zeroize_buffer(x, word_shift); 318| | 319| 6| const auto carry_mask = CT::Mask::expand(bit_shift); 320| 6| const W carry_shift = carry_mask.if_set_return(WordInfo::bits - bit_shift); 321| | 322| 6| W carry = 0; 323| 51| for(size_t i = word_shift; i != x_size; ++i) { ------------------ | Branch (323:31): [True: 45, False: 6] ------------------ 324| 45| const W w = x[i]; 325| 45| x[i] = (w << bit_shift) | carry; 326| 45| carry = carry_mask.if_set_return(w >> carry_shift); 327| 45| } 328| 6|} _ZN5Botan11bigint_shr1ITkNS_8WordTypeEmEEvPT_mm: 331| 135|inline constexpr void bigint_shr1(W x[], size_t x_size, size_t shift) { 332| 135| const size_t word_shift = shift / WordInfo::bits; 333| 135| const size_t bit_shift = shift % WordInfo::bits; 334| | 335| 135| const size_t top = x_size >= word_shift ? (x_size - word_shift) : 0; ------------------ | Branch (335:23): [True: 135, False: 0] ------------------ 336| | 337| 135| if(top > 0) { ------------------ | Branch (337:7): [True: 135, False: 0] ------------------ 338| 135| unchecked_copy_memory(x, x + word_shift, top); 339| 135| } 340| 135| zeroize_buffer(x + top, std::min(word_shift, x_size)); 341| | 342| 135| const auto carry_mask = CT::Mask::expand(bit_shift); 343| 135| const W carry_shift = carry_mask.if_set_return(WordInfo::bits - bit_shift); 344| | 345| 135| W carry = 0; 346| | 347| 2.61k| for(size_t i = 0; i != top; ++i) { ------------------ | Branch (347:22): [True: 2.48k, False: 135] ------------------ 348| 2.48k| const W w = x[top - i - 1]; 349| 2.48k| x[top - i - 1] = (w >> bit_shift) | carry; 350| 2.48k| carry = carry_mask.if_set_return(w << carry_shift); 351| 2.48k| } 352| 135|} _ZN5Botan17bigint_monty_redcEPmPKmS2_mmS0_m: 924| 28| word r[], const word z[], const word p[], size_t p_size, word p_dash, word ws[], size_t ws_size) { 925| 28| const size_t z_size = 2 * p_size; 926| | 927| 28| BOTAN_ARG_CHECK(ws_size >= p_size, "Montgomery reduction workspace too small"); ------------------ | | 35| 28| do { \ | | 36| 28| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 37| 28| if(!(expr)) { \ | | ------------------ | | | Branch (37:10): [True: 0, False: 28] | | ------------------ | | 38| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 39| 0| Botan::throw_invalid_argument(msg, __func__, __FILE__); \ | | 40| 0| } \ | | 41| 28| } while(0) | | ------------------ | | | Branch (41:12): [Folded, False: 28] | | ------------------ ------------------ 928| | 929| 28| if(p_size == 4) { ------------------ | Branch (929:7): [True: 12, False: 16] ------------------ 930| 12| bigint_monty_redc_4(r, z, p, p_dash, ws); 931| 16| } else if(p_size == 6) { ------------------ | Branch (931:14): [True: 4, False: 12] ------------------ 932| 4| bigint_monty_redc_6(r, z, p, p_dash, ws); 933| 12| } else if(p_size == 8) { ------------------ | Branch (933:14): [True: 4, False: 8] ------------------ 934| 4| bigint_monty_redc_8(r, z, p, p_dash, ws); 935| 8| } else if(p_size == 12) { ------------------ | Branch (935:14): [True: 0, False: 8] ------------------ 936| 0| bigint_monty_redc_12(r, z, p, p_dash, ws); 937| 8| } else if(p_size == 16) { ------------------ | Branch (937:14): [True: 0, False: 8] ------------------ 938| 0| bigint_monty_redc_16(r, z, p, p_dash, ws); 939| 8| } else if(p_size == 24) { ------------------ | Branch (939:14): [True: 0, False: 8] ------------------ 940| 0| bigint_monty_redc_24(r, z, p, p_dash, ws); 941| 8| } else if(p_size == 32) { ------------------ | Branch (941:14): [True: 0, False: 8] ------------------ 942| 0| bigint_monty_redc_32(r, z, p, p_dash, ws); 943| 8| } else { 944| 8| bigint_monty_redc_generic(r, z, z_size, p, p_size, p_dash, ws); 945| 8| } 946| 28|} _ZN5Botan25bigint_monty_redc_inplaceEPmPKmmmS0_m: 948| 28|inline void bigint_monty_redc_inplace(word z[], const word p[], size_t p_size, word p_dash, word ws[], size_t ws_size) { 949| 28| bigint_monty_redc(z, z, p, p_size, p_dash, ws, ws_size); 950| 28| zeroize_buffer(z + p_size, p_size); 951| 28|} _ZN5Botan11bigint_shl2ITkNS_8WordTypeEmEEvPT_mPKS1_mm: 355| 21|inline constexpr void bigint_shl2(W y[], size_t y_size, const W x[], size_t x_size, size_t shift) { 356| 21| const size_t word_shift = shift / WordInfo::bits; 357| 21| const size_t bit_shift = shift % WordInfo::bits; 358| | 359| 21| BOTAN_ASSERT_NOMSG(word_shift <= y_size); ------------------ | | 77| 21| do { \ | | 78| 21| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 79| 21| if(!(expr)) { \ | | ------------------ | | | Branch (79:10): [True: 0, False: 21] | | ------------------ | | 80| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 81| 0| Botan::assertion_failure(#expr, "", __func__, __FILE__, __LINE__); \ | | 82| 0| } \ | | 83| 21| } while(0) | | ------------------ | | | Branch (83:12): [Folded, False: 21] | | ------------------ ------------------ 360| 21| BOTAN_ASSERT_NOMSG(x_size < y_size - word_shift); ------------------ | | 77| 21| do { \ | | 78| 21| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 79| 21| if(!(expr)) { \ | | ------------------ | | | Branch (79:10): [True: 0, False: 21] | | ------------------ | | 80| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 81| 0| Botan::assertion_failure(#expr, "", __func__, __FILE__, __LINE__); \ | | 82| 0| } \ | | 83| 21| } while(0) | | ------------------ | | | Branch (83:12): [Folded, False: 21] | | ------------------ ------------------ 361| | 362| 21| unchecked_copy_memory(y + word_shift, x, x_size); 363| 21| zeroize_buffer(y, word_shift); 364| 21| zeroize_buffer(y + word_shift + x_size, y_size - word_shift - x_size); 365| | 366| 21| const auto carry_mask = CT::Mask::expand(bit_shift); 367| 21| const W carry_shift = carry_mask.if_set_return(WordInfo::bits - bit_shift); 368| | 369| 21| W carry = 0; 370| 156| for(size_t i = word_shift; i != x_size + word_shift + 1; ++i) { ------------------ | Branch (370:31): [True: 135, False: 21] ------------------ 371| 135| const W w = y[i]; 372| 135| y[i] = (w << bit_shift) | carry; 373| 135| carry = carry_mask.if_set_return(w >> carry_shift); 374| 135| } 375| 21|} _ZN5Botan15bigint_ct_is_eqITkNS_8WordTypeEmEENS_2CT4MaskIT_EEPKS3_mS6_m: 519| 14|inline constexpr auto bigint_ct_is_eq(const W x[], size_t x_size, const W y[], size_t y_size) -> CT::Mask { 520| 14| const size_t common_elems = std::min(x_size, y_size); 521| | 522| 14| W diff = 0; 523| | 524| 182| for(size_t i = 0; i != common_elems; i++) { ------------------ | Branch (524:22): [True: 168, False: 14] ------------------ 525| 168| diff |= (x[i] ^ y[i]); 526| 168| } 527| | 528| | // If any bits were set in high part of x/y, then they are not equal 529| 14| if(x_size < y_size) { ------------------ | Branch (529:7): [True: 1, False: 13] ------------------ 530| 9| for(size_t i = x_size; i != y_size; i++) { ------------------ | Branch (530:30): [True: 8, False: 1] ------------------ 531| 8| diff |= y[i]; 532| 8| } 533| 13| } else if(y_size < x_size) { ------------------ | Branch (533:14): [True: 0, False: 13] ------------------ 534| 0| for(size_t i = y_size; i != x_size; i++) { ------------------ | Branch (534:30): [True: 0, False: 0] ------------------ 535| 0| diff |= x[i]; 536| 0| } 537| 0| } 538| | 539| 14| return CT::Mask::is_zero(diff); 540| 14|} _ZN5Botan15bigint_ct_is_ltITkNS_8WordTypeEmEENS_2CT4MaskIT_EEPKS3_mS6_mb: 487| 3.29k| -> CT::Mask { 488| 3.29k| const size_t common_elems = std::min(x_size, y_size); 489| | 490| 3.29k| auto is_lt = CT::Mask::expand(lt_or_equal); 491| | 492| 21.6k| for(size_t i = 0; i != common_elems; i++) { ------------------ | Branch (492:22): [True: 18.3k, False: 3.29k] ------------------ 493| 18.3k| const auto eq = CT::Mask::is_equal(x[i], y[i]); 494| 18.3k| const auto lt = CT::Mask::is_lt(x[i], y[i]); 495| 18.3k| is_lt = eq.select_mask(is_lt, lt); 496| 18.3k| } 497| | 498| 3.29k| if(x_size < y_size) { ------------------ | Branch (498:7): [True: 0, False: 3.29k] ------------------ 499| 0| W mask = 0; 500| 0| for(size_t i = x_size; i != y_size; i++) { ------------------ | Branch (500:30): [True: 0, False: 0] ------------------ 501| 0| mask |= y[i]; 502| 0| } 503| | // If any bits were set in high part of y, then is_lt should be forced true 504| 0| is_lt |= CT::Mask::expand(mask); 505| 3.29k| } else if(y_size < x_size) { ------------------ | Branch (505:14): [True: 58, False: 3.24k] ------------------ 506| 58| W mask = 0; 507| 452| for(size_t i = y_size; i != x_size; i++) { ------------------ | Branch (507:30): [True: 394, False: 58] ------------------ 508| 394| mask |= x[i]; 509| 394| } 510| | 511| | // If any bits were set in high part of x, then is_lt should be false 512| 58| is_lt &= CT::Mask::is_zero(mask); 513| 58| } 514| | 515| 3.29k| return is_lt; 516| 3.29k|} _ZN5Botan14bigint_sub_absITkNS_8WordTypeEmEENS_2CT4MaskIT_EEPS3_PKS3_S7_mS5_: 279| 56|inline constexpr auto bigint_sub_abs(W z[], const W x[], const W y[], size_t N, W ws[]) -> CT::Mask { 280| | // Subtract in both direction then conditional copy out the result 281| | 282| 56| W* ws0 = ws; 283| 56| W* ws1 = ws + N; 284| | 285| 56| W borrow0 = 0; 286| 56| W borrow1 = 0; 287| | 288| 56| const size_t blocks = N - (N % 8); 289| | 290| 72| for(size_t i = 0; i != blocks; i += 8) { ------------------ | Branch (290:22): [True: 16, False: 56] ------------------ 291| 16| borrow0 = word8_sub3(ws0 + i, x + i, y + i, borrow0); 292| 16| borrow1 = word8_sub3(ws1 + i, y + i, x + i, borrow1); 293| 16| } 294| | 295| 288| for(size_t i = blocks; i != N; ++i) { ------------------ | Branch (295:27): [True: 232, False: 56] ------------------ 296| 232| ws0[i] = word_sub(x[i], y[i], &borrow0); 297| 232| ws1[i] = word_sub(y[i], x[i], &borrow1); 298| 232| } 299| | 300| 56| return CT::conditional_copy_mem(borrow0, z, ws1, ws0, N); 301| 56|} _ZN5Botan13monty_inverseITkNS_8WordTypeEmEET_S1_: 703| 7|inline constexpr auto monty_inverse(W a) -> W { 704| 7| BOTAN_ARG_CHECK(a % 2 == 1, "Cannot compute Montgomery inverse of an even integer"); ------------------ | | 35| 7| do { \ | | 36| 7| /* NOLINTNEXTLINE(*-simplify-boolean-expr) */ \ | | 37| 7| if(!(expr)) { \ | | ------------------ | | | Branch (37:10): [True: 0, False: 7] | | ------------------ | | 38| 0| /* NOLINTNEXTLINE(bugprone-lambda-function-name) */ \ | | 39| 0| Botan::throw_invalid_argument(msg, __func__, __FILE__); \ | | 40| 0| } \ | | 41| 7| } while(0) | | ------------------ | | | Branch (41:12): [Folded, False: 7] | | ------------------ ------------------ 705| | 706| | // Newton's Method, following https://lemire.me/blog/2017/09/18/computing-the-inverse-of-odd-integers/ 707| | 708| 7| constexpr size_t iter = WordInfo::bits == 64 ? 4 : 3; ------------------ | Branch (708:28): [True: 0, Folded] ------------------ 709| | 710| | // Initial guess provides 5 bits of accuracy 711| 7| W r = (3 * a) ^ 2; 712| | 713| | // Each iteration doubles the accuracy 714| 35| for(size_t i = 0; i != iter; ++i) { ------------------ | Branch (714:22): [True: 28, False: 7] ------------------ 715| 28| r = r * (2 - r * a); 716| 28| } 717| | 718| | // Now invert in addition space 719| 7| r = (WordInfo::max - r) + 1; 720| | 721| 7| return r; 722| 7|} _ZN5Botan22bigint_monty_maybe_subITkNS_8WordTypeEmEEvmPT_S1_PKS1_S4_: 225| 8|inline constexpr void bigint_monty_maybe_sub(size_t N, W z[], W x0, const W x[], const W p[]) { 226| 8| W borrow = 0; 227| | 228| 8| const size_t blocks = N - (N % 8); 229| | 230| 12| for(size_t i = 0; i != blocks; i += 8) { ------------------ | Branch (230:22): [True: 4, False: 8] ------------------ 231| 4| borrow = word8_sub3(z + i, x + i, p + i, borrow); 232| 4| } 233| | 234| 24| for(size_t i = blocks; i != N; ++i) { ------------------ | Branch (234:27): [True: 16, False: 8] ------------------ 235| 16| z[i] = word_sub(x[i], p[i], &borrow); 236| 16| } 237| | 238| 8| borrow = (x0 - borrow) > x0; 239| | 240| 8| CT::conditional_assign_mem(borrow, z, x, N); 241| 8|} _ZN5Botan9comba_sqrILm4ETkNS_8WordTypeEmEEvPT0_PKS1_: 854| 1.57M|constexpr inline void comba_sqr(W z[2 * N], const W x[N]) { 855| 1.57M| if(!std::is_constant_evaluated()) { ------------------ | Branch (855:7): [True: 1.57M, Folded] ------------------ 856| 1.57M| if constexpr(std::same_as && N == 4) { 857| 1.57M| return bigint_comba_sqr4(z, x); 858| 1.57M| } 859| | if constexpr(std::same_as && N == 6) { 860| | return bigint_comba_sqr6(z, x); 861| | } 862| | if constexpr(std::same_as && N == 7) { 863| | return bigint_comba_sqr7(z, x); 864| | } 865| | if constexpr(std::same_as && N == 8) { 866| | return bigint_comba_sqr8(z, x); 867| | } 868| | if constexpr(std::same_as && N == 9) { 869| | return bigint_comba_sqr9(z, x); 870| | } 871| | if constexpr(std::same_as && N == 16) { 872| | return bigint_comba_sqr16(z, x); 873| | } 874| 1.57M| } 875| | 876| 0| word3 accum; 877| | 878| 1.57M| for(size_t i = 0; i != 2 * N; ++i) { ------------------ | Branch (878:22): [True: 0, False: 1.57M] ------------------ 879| 0| const size_t start = i + 1 < N ? 0 : i + 1 - N; ------------------ | Branch (879:28): [True: 0, False: 0] ------------------ 880| 0| const size_t end = std::min(N, i + 1); 881| | 882| 0| for(size_t j = start; j != end; ++j) { ------------------ | Branch (882:29): [True: 0, False: 0] ------------------ 883| 0| accum.mul(x[j], x[i - j]); 884| 0| } 885| 0| z[i] = accum.extract(); 886| 0| } 887| 1.57M|} _ZN5Botan22bigint_monty_maybe_subILm4ETkNS_8WordTypeEmEEvPT0_S1_PKS1_S4_: 254| 178k|inline constexpr void bigint_monty_maybe_sub(W z[N], W x0, const W x[N], const W y[N]) { 255| 178k| W borrow = 0; 256| | 257| 894k| for(size_t i = 0; i != N; ++i) { ------------------ | Branch (257:22): [True: 715k, False: 178k] ------------------ 258| 715k| z[i] = word_sub(x[i], y[i], &borrow); 259| 715k| } 260| | 261| 178k| borrow = (x0 - borrow) > x0; 262| | 263| 178k| CT::conditional_assign_mem(borrow, z, x, N); 264| 178k|} _ZN5Botan9comba_mulILm4ETkNS_8WordTypeEmEEvPT0_PKS1_S4_: 818| 154k|constexpr inline void comba_mul(W z[2 * N], const W x[N], const W y[N]) { 819| 154k| if(!std::is_constant_evaluated()) { ------------------ | Branch (819:7): [True: 154k, Folded] ------------------ 820| 154k| if constexpr(std::same_as && N == 4) { 821| 154k| return bigint_comba_mul4(z, x, y); 822| 154k| } 823| | if constexpr(std::same_as && N == 6) { 824| | return bigint_comba_mul6(z, x, y); 825| | } 826| | if constexpr(std::same_as && N == 7) { 827| | return bigint_comba_mul7(z, x, y); 828| | } 829| | if constexpr(std::same_as && N == 8) { 830| | return bigint_comba_mul8(z, x, y); 831| | } 832| | if constexpr(std::same_as && N == 9) { 833| | return bigint_comba_mul9(z, x, y); 834| | } 835| | if constexpr(std::same_as && N == 16) { 836| | return bigint_comba_mul16(z, x, y); 837| | } 838| 154k| } 839| | 840| 0| word3 accum; 841| | 842| 154k| for(size_t i = 0; i != 2 * N; ++i) { ------------------ | Branch (842:22): [True: 0, False: 154k] ------------------ 843| 0| const size_t start = i + 1 < N ? 0 : i + 1 - N; ------------------ | Branch (843:28): [True: 0, False: 0] ------------------ 844| 0| const size_t end = std::min(N, i + 1); 845| | 846| 0| for(size_t j = start; j != end; ++j) { ------------------ | Branch (846:29): [True: 0, False: 0] ------------------ 847| 0| accum.mul(x[j], y[i - j]); 848| 0| } 849| 0| z[i] = accum.extract(); 850| 0| } 851| 154k|} _ZN5Botan10shift_leftILm1ETkNS_8WordTypeEmLm4EEET0_RNSt3__15arrayIS1_XT1_EEE: 725| 19.1k|inline constexpr W shift_left(std::array& x) { 726| 19.1k| static_assert(N >= 1, "Invalid input size"); 727| 19.1k| static_assert(S > 0, "Zero shift not supported"); 728| 19.1k| static_assert(S < WordInfo::bits, "Shift too large"); 729| | 730| 19.1k| const W carry = x[N - 1] >> (WordInfo::bits - S); 731| | 732| 76.7k| for(size_t i = N - 1; i != 0; --i) { ------------------ | Branch (732:26): [True: 57.5k, False: 19.1k] ------------------ 733| 57.5k| x[i] = (x[i] << S) | (x[i - 1] >> (WordInfo::bits - S)); 734| 57.5k| } 735| 19.1k| x[0] <<= S; 736| | 737| 19.1k| return carry; 738| 19.1k|} _ZN5Botan16read_window_bitsILm4EmLm4EEEmNSt3__14spanIKT0_XT1_EEEm: 1071| 38.8k|constexpr size_t read_window_bits(std::span words, size_t offset) { 1072| 38.8k| static_assert(WindowBits >= 1 && WindowBits <= 7); 1073| | 1074| 38.8k| constexpr uint8_t WindowMask = static_cast(1 << WindowBits) - 1; 1075| | 1076| 38.8k| constexpr size_t W_bits = sizeof(W) * 8; 1077| 38.8k| const auto bit_shift = offset % W_bits; 1078| 38.8k| const auto word_offset = words.size() - 1 - (offset / W_bits); 1079| | 1080| 38.8k| const bool single_byte_window = bit_shift <= (W_bits - WindowBits) || word_offset == 0; ------------------ | Branch (1080:36): [True: 38.8k, False: 0] | Branch (1080:74): [True: 0, False: 0] ------------------ 1081| | 1082| 38.8k| const auto w0 = words[word_offset]; 1083| | 1084| 38.8k| if(single_byte_window) { ------------------ | Branch (1084:7): [True: 38.8k, False: 0] ------------------ 1085| 38.8k| return (w0 >> bit_shift) & WindowMask; 1086| 38.8k| } else { 1087| | // Otherwise we must join two words and extract the result 1088| 0| const auto w1 = words[word_offset - 1]; 1089| 0| const auto combined = ((w0 >> bit_shift) | (w1 << (W_bits - bit_shift))); 1090| 0| return combined & WindowMask; 1091| 0| } 1092| 38.8k|} _ZN5Botan11shift_rightILm1ETkNS_8WordTypeEmLm4EEET0_RNSt3__15arrayIS1_XT1_EEE: 741| 2.13k|inline constexpr W shift_right(std::array& x) { 742| 2.13k| static_assert(N >= 1, "Invalid input size"); 743| 2.13k| static_assert(S > 0, "Zero shift not supported"); 744| 2.13k| static_assert(S < WordInfo::bits, "Shift too large"); 745| | 746| 2.13k| const W carry = x[0] << (WordInfo::bits - S); 747| | 748| 8.54k| for(size_t i = 0; i != N - 1; ++i) { ------------------ | Branch (748:22): [True: 6.40k, False: 2.13k] ------------------ 749| 6.40k| x[i] = (x[i] >> S) | (x[i + 1] << (WordInfo::bits - S)); 750| 6.40k| } 751| 2.13k| x[N - 1] >>= S; 752| | 753| 2.13k| return carry; 754| 2.13k|} _ZN5Botan9comba_sqrILm6ETkNS_8WordTypeEmEEvPT0_PKS1_: 854| 76.1k|constexpr inline void comba_sqr(W z[2 * N], const W x[N]) { 855| 76.1k| if(!std::is_constant_evaluated()) { ------------------ | Branch (855:7): [True: 76.1k, Folded] ------------------ 856| | if constexpr(std::same_as && N == 4) { 857| | return bigint_comba_sqr4(z, x); 858| | } 859| 76.1k| if constexpr(std::same_as && N == 6) { 860| 76.1k| return bigint_comba_sqr6(z, x); 861| 76.1k| } 862| | if constexpr(std::same_as && N == 7) { 863| | return bigint_comba_sqr7(z, x); 864| | } 865| | if constexpr(std::same_as && N == 8) { 866| | return bigint_comba_sqr8(z, x); 867| | } 868| | if constexpr(std::same_as && N == 9) { 869| | return bigint_comba_sqr9(z, x); 870| | } 871| | if constexpr(std::same_as && N == 16) { 872| | return bigint_comba_sqr16(z, x); 873| | } 874| 76.1k| } 875| | 876| 0| word3 accum; 877| | 878| 76.1k| for(size_t i = 0; i != 2 * N; ++i) { ------------------ | Branch (878:22): [True: 0, False: 76.1k] ------------------ 879| 0| const size_t start = i + 1 < N ? 0 : i + 1 - N; ------------------ | Branch (879:28): [True: 0, False: 0] ------------------ 880| 0| const size_t end = std::min(N, i + 1); 881| | 882| 0| for(size_t j = start; j != end; ++j) { ------------------ | Branch (882:29): [True: 0, False: 0] ------------------ 883| 0| accum.mul(x[j], x[i - j]); 884| 0| } 885| 0| z[i] = accum.extract(); 886| 0| } 887| 76.1k|} _ZN5Botan22bigint_monty_maybe_subILm6ETkNS_8WordTypeEmEEvPT0_S1_PKS1_S4_: 254| 14.2k|inline constexpr void bigint_monty_maybe_sub(W z[N], W x0, const W x[N], const W y[N]) { 255| 14.2k| W borrow = 0; 256| | 257| 99.4k| for(size_t i = 0; i != N; ++i) { ------------------ | Branch (257:22): [True: 85.2k, False: 14.2k] ------------------ 258| 85.2k| z[i] = word_sub(x[i], y[i], &borrow); 259| 85.2k| } 260| | 261| 14.2k| borrow = (x0 - borrow) > x0; 262| | 263| 14.2k| CT::conditional_assign_mem(borrow, z, x, N); 264| 14.2k|} _ZN5Botan9comba_mulILm6ETkNS_8WordTypeEmEEvPT0_PKS1_S4_: 818| 34.6k|constexpr inline void comba_mul(W z[2 * N], const W x[N], const W y[N]) { 819| 34.6k| if(!std::is_constant_evaluated()) { ------------------ | Branch (819:7): [True: 34.6k, Folded] ------------------ 820| | if constexpr(std::same_as && N == 4) { 821| | return bigint_comba_mul4(z, x, y); 822| | } 823| 34.6k| if constexpr(std::same_as && N == 6) { 824| 34.6k| return bigint_comba_mul6(z, x, y); 825| 34.6k| } 826| | if constexpr(std::same_as && N == 7) { 827| | return bigint_comba_mul7(z, x, y); 828| | } 829| | if constexpr(std::same_as && N == 8) { 830| | return bigint_comba_mul8(z, x, y); 831| | } 832| | if constexpr(std::same_as && N == 9) { 833| | return bigint_comba_mul9(z, x, y); 834| | } 835| | if constexpr(std::same_as && N == 16) { 836| | return bigint_comba_mul16(z, x, y); 837| | } 838| 34.6k| } 839| | 840| 0| word3 accum; 841| | 842| 34.6k| for(size_t i = 0; i != 2 * N; ++i) { ------------------ | Branch (842:22): [True: 0, False: 34.6k] ------------------ 843| 0| const size_t start = i + 1 < N ? 0 : i + 1 - N; ------------------ | Branch (843:28): [True: 0, False: 0] ------------------ 844| 0| const size_t end = std::min(N, i + 1); 845| | 846| 0| for(size_t j = start; j != end; ++j) { ------------------ | Branch (846:29): [True: 0, False: 0] ------------------ 847| 0| accum.mul(x[j], y[i - j]); 848| 0| } 849| 0| z[i] = accum.extract(); 850| 0| } 851| 34.6k|} _ZN5Botan10shift_leftILm1ETkNS_8WordTypeEmLm6EEET0_RNSt3__15arrayIS1_XT1_EEE: 725| 9.92k|inline constexpr W shift_left(std::array& x) { 726| 9.92k| static_assert(N >= 1, "Invalid input size"); 727| 9.92k| static_assert(S > 0, "Zero shift not supported"); 728| 9.92k| static_assert(S < WordInfo::bits, "Shift too large"); 729| | 730| 9.92k| const W carry = x[N - 1] >> (WordInfo::bits - S); 731| | 732| 59.5k| for(size_t i = N - 1; i != 0; --i) { ------------------ | Branch (732:26): [True: 49.6k, False: 9.92k] ------------------ 733| 49.6k| x[i] = (x[i] << S) | (x[i - 1] >> (WordInfo::bits - S)); 734| 49.6k| } 735| 9.92k| x[0] <<= S; 736| | 737| 9.92k| return carry; 738| 9.92k|} _ZN5Botan11shift_rightILm1ETkNS_8WordTypeEmLm6EEET0_RNSt3__15arrayIS1_XT1_EEE: 741| 1.11k|inline constexpr W shift_right(std::array& x) { 742| 1.11k| static_assert(N >= 1, "Invalid input size"); 743| 1.11k| static_assert(S > 0, "Zero shift not supported"); 744| 1.11k| static_assert(S < WordInfo::bits, "Shift too large"); 745| | 746| 1.11k| const W carry = x[0] << (WordInfo::bits - S); 747| | 748| 6.67k| for(size_t i = 0; i != N - 1; ++i) { ------------------ | Branch (748:22): [True: 5.56k, False: 1.11k] ------------------ 749| 5.56k| x[i] = (x[i] >> S) | (x[i + 1] << (WordInfo::bits - S)); 750| 5.56k| } 751| 1.11k| x[N - 1] >>= S; 752| | 753| 1.11k| return carry; 754| 1.11k|} _ZN5Botan9comba_sqrILm8ETkNS_8WordTypeEmEEvPT0_PKS1_: 854| 144k|constexpr inline void comba_sqr(W z[2 * N], const W x[N]) { 855| 144k| if(!std::is_constant_evaluated()) { ------------------ | Branch (855:7): [True: 144k, Folded] ------------------ 856| | if constexpr(std::same_as && N == 4) { 857| | return bigint_comba_sqr4(z, x); 858| | } 859| | if constexpr(std::same_as && N == 6) { 860| | return bigint_comba_sqr6(z, x); 861| | } 862| | if constexpr(std::same_as && N == 7) { 863| | return bigint_comba_sqr7(z, x); 864| | } 865| 144k| if constexpr(std::same_as && N == 8) { 866| 144k| return bigint_comba_sqr8(z, x); 867| 144k| } 868| | if constexpr(std::same_as && N == 9) { 869| | return bigint_comba_sqr9(z, x); 870| | } 871| | if constexpr(std::same_as && N == 16) { 872| | return bigint_comba_sqr16(z, x); 873| | } 874| 144k| } 875| | 876| 0| word3 accum; 877| | 878| 144k| for(size_t i = 0; i != 2 * N; ++i) { ------------------ | Branch (878:22): [True: 0, False: 144k] ------------------ 879| 0| const size_t start = i + 1 < N ? 0 : i + 1 - N; ------------------ | Branch (879:28): [True: 0, False: 0] ------------------ 880| 0| const size_t end = std::min(N, i + 1); 881| | 882| 0| for(size_t j = start; j != end; ++j) { ------------------ | Branch (882:29): [True: 0, False: 0] ------------------ 883| 0| accum.mul(x[j], x[i - j]); 884| 0| } 885| 0| z[i] = accum.extract(); 886| 0| } 887| 144k|} _ZN5Botan22bigint_monty_maybe_subILm8ETkNS_8WordTypeEmEEvPT0_S1_PKS1_S4_: 254| 233k|inline constexpr void bigint_monty_maybe_sub(W z[N], W x0, const W x[N], const W y[N]) { 255| 233k| W borrow = 0; 256| | 257| 2.10M| for(size_t i = 0; i != N; ++i) { ------------------ | Branch (257:22): [True: 1.87M, False: 233k] ------------------ 258| 1.87M| z[i] = word_sub(x[i], y[i], &borrow); 259| 1.87M| } 260| | 261| 233k| borrow = (x0 - borrow) > x0; 262| | 263| 233k| CT::conditional_assign_mem(borrow, z, x, N); 264| 233k|} _ZN5Botan9comba_mulILm8ETkNS_8WordTypeEmEEvPT0_PKS1_S4_: 818| 70.0k|constexpr inline void comba_mul(W z[2 * N], const W x[N], const W y[N]) { 819| 70.0k| if(!std::is_constant_evaluated()) { ------------------ | Branch (819:7): [True: 70.0k, Folded] ------------------ 820| | if constexpr(std::same_as && N == 4) { 821| | return bigint_comba_mul4(z, x, y); 822| | } 823| | if constexpr(std::same_as && N == 6) { 824| | return bigint_comba_mul6(z, x, y); 825| | } 826| | if constexpr(std::same_as && N == 7) { 827| | return bigint_comba_mul7(z, x, y); 828| | } 829| 70.0k| if constexpr(std::same_as && N == 8) { 830| 70.0k| return bigint_comba_mul8(z, x, y); 831| 70.0k| } 832| | if constexpr(std::same_as && N == 9) { 833| | return bigint_comba_mul9(z, x, y); 834| | } 835| | if constexpr(std::same_as && N == 16) { 836| | return bigint_comba_mul16(z, x, y); 837| | } 838| 70.0k| } 839| | 840| 0| word3 accum; 841| | 842| 70.0k| for(size_t i = 0; i != 2 * N; ++i) { ------------------ | Branch (842:22): [True: 0, False: 70.0k] ------------------ 843| 0| const size_t start = i + 1 < N ? 0 : i + 1 - N; ------------------ | Branch (843:28): [True: 0, False: 0] ------------------ 844| 0| const size_t end = std::min(N, i + 1); 845| | 846| 0| for(size_t j = start; j != end; ++j) { ------------------ | Branch (846:29): [True: 0, False: 0] ------------------ 847| 0| accum.mul(x[j], y[i - j]); 848| 0| } 849| 0| z[i] = accum.extract(); 850| 0| } 851| 70.0k|} _ZN5Botan10shift_leftILm1ETkNS_8WordTypeEmLm8EEET0_RNSt3__15arrayIS1_XT1_EEE: 725| 13.1k|inline constexpr W shift_left(std::array& x) { 726| 13.1k| static_assert(N >= 1, "Invalid input size"); 727| 13.1k| static_assert(S > 0, "Zero shift not supported"); 728| 13.1k| static_assert(S < WordInfo::bits, "Shift too large"); 729| | 730| 13.1k| const W carry = x[N - 1] >> (WordInfo::bits - S); 731| | 732| 105k| for(size_t i = N - 1; i != 0; --i) { ------------------ | Branch (732:26): [True: 92.3k, False: 13.1k] ------------------ 733| 92.3k| x[i] = (x[i] << S) | (x[i - 1] >> (WordInfo::bits - S)); 734| 92.3k| } 735| 13.1k| x[0] <<= S; 736| | 737| 13.1k| return carry; 738| 13.1k|} _ZN5Botan16read_window_bitsILm5EmLm8EEEmNSt3__14spanIKT0_XT1_EEEm: 1071| 24.5k|constexpr size_t read_window_bits(std::span words, size_t offset) { 1072| 24.5k| static_assert(WindowBits >= 1 && WindowBits <= 7); 1073| | 1074| 24.5k| constexpr uint8_t WindowMask = static_cast(1 << WindowBits) - 1; 1075| | 1076| 24.5k| constexpr size_t W_bits = sizeof(W) * 8; 1077| 24.5k| const auto bit_shift = offset % W_bits; 1078| 24.5k| const auto word_offset = words.size() - 1 - (offset / W_bits); 1079| | 1080| 24.5k| const bool single_byte_window = bit_shift <= (W_bits - WindowBits) || word_offset == 0; ------------------ | Branch (1080:36): [True: 22.8k, False: 1.66k] | Branch (1080:74): [True: 238, False: 1.42k] ------------------ 1081| | 1082| 24.5k| const auto w0 = words[word_offset]; 1083| | 1084| 24.5k| if(single_byte_window) { ------------------ | Branch (1084:7): [True: 23.0k, False: 1.42k] ------------------ 1085| 23.0k| return (w0 >> bit_shift) & WindowMask; 1086| 23.0k| } else { 1087| | // Otherwise we must join two words and extract the result 1088| 1.42k| const auto w1 = words[word_offset - 1]; 1089| 1.42k| const auto combined = ((w0 >> bit_shift) | (w1 << (W_bits - bit_shift))); 1090| 1.42k| return combined & WindowMask; 1091| 1.42k| } 1092| 24.5k|} _ZN5Botan11shift_rightILm1ETkNS_8WordTypeEmLm8EEET0_RNSt3__15arrayIS1_XT1_EEE: 741| 1.42k|inline constexpr W shift_right(std::array& x) { 742| 1.42k| static_assert(N >= 1, "Invalid input size"); 743| 1.42k| static_assert(S > 0, "Zero shift not supported"); 744| 1.42k| static_assert(S < WordInfo::bits, "Shift too large"); 745| | 746| 1.42k| const W carry = x[0] << (WordInfo