Add initial nistec project files

extra_asm.go

@@ -0,0 +1,61 @@
+// Copyright 2023 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !purego && (amd64 || arm64 || ppc64le || s390x)
+
+package nistec
+
+import "sources.truenas.cloud/code/nistec/internal/fiat"
+
+// Negate sets p = -q and returns p.
+func (p *P256Point) Negate(q *P256Point) *P256Point {
+	// fiat.P256Element is a little-endian Montgomery domain fully-reduced
+	// element, like p256Element, so they are actually interchangable.
+	qy := new(fiat.P256Element)
+	*qy.Bits() = q.y
+	py := new(fiat.P256Element).Sub(new(fiat.P256Element), qy)
+
+	p.x = q.x
+	p.y = *py.Bits()
+	p.z = q.z
+	return p
+}
+
+// IsInfinity returns 1 if p is the point-at-infinity, 0 otherwise.
+func (p *P256Point) IsInfinity() int {
+	return p.isInfinity()
+}
+
+// Equal returns 1 if p and q represent the same point, 0 otherwise.
+func (p *P256Point) Equal(q *P256Point) int {
+	pinf := p256Equal(&p.z, &p256Zero)
+	qinf := p256Equal(&q.z, &p256Zero)
+	bothinf := pinf & qinf
+	noneinf := (1 - pinf) & (1 - qinf)
+
+	// xp = Xp / Zp²
+	// yp = Yp / Zp³
+	// xq = Xq / Zq²
+	// yq = Yq / Zq³
+	// If Zp != 0 and Zq != 0, then:
+	//    xp == yp  <=>  Xp*Zq² == Xq*Zp²
+	//    xq == yq  <=>  Yp*Zq³ == Yq*Zp³
+	px := new(p256Element)
+	qx := new(p256Element)
+	py := new(p256Element)
+	qy := new(p256Element)
+	pz := new(p256Element)
+	qz := new(p256Element)
+	p256Sqr(pz, &p.z, 1)
+	p256Sqr(qz, &q.z, 1)
+	p256Mul(px, &p.x, qz)
+	p256Mul(qx, &q.x, pz)
+	samex := p256Equal(px, qx)
+	p256Mul(pz, pz, &p.z)
+	p256Mul(qz, qz, &q.z)
+	p256Mul(py, &p.y, qz)
+	p256Mul(qy, &q.y, pz)
+	samey := p256Equal(py, qy)
+	return bothinf | (noneinf & samex & samey)
+}