From b812447d8e741e6ecb269cf84a3e386f35dcf195 Mon Sep 17 00:00:00 2001
From: Matt Corallo <git@bluematt.me>
Date: Thu, 1 Aug 2024 21:35:03 +0000
Subject: [PATCH] Drop 384-bit multiplication impl with `slower_smaller_binary`

...instead using the 512-bit multiplication impl and dropping the
resulting high bytes. This is much slower, but very few zones
actually use secp384r1 so in practice this shouldn't really matter.

This is a less than 5% reduction in performance and reduces code
size for the crypto module from 27.4KiB to 26.7KiB.
---
 src/crypto/bigint.rs | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/crypto/bigint.rs b/src/crypto/bigint.rs
index 19b6f7f..8986869 100644
--- a/src/crypto/bigint.rs
+++ b/src/crypto/bigint.rs
@@ -256,6 +256,7 @@ const fn add_mul_2_parts(z2: u128, z1: u128, z0: u128, i_carry_a: bool) -> [u64;
 	[i, j, k, l]
 }
 
+#[cfg(not(feature = "slower_smaller_binary"))]
 const fn mul_3(a: &[u64; 3], b: &[u64; 3]) -> [u64; 6] {
 	let (a0, a1, a2) = (a[0] as u128, a[1] as u128, a[2] as u128);
 	let (b0, b1, b2) = (b[0] as u128, b[1] as u128, b[2] as u128);
@@ -428,12 +429,26 @@ macro_rules! define_mul { ($name: ident, $len: expr, $submul: ident) => {
 } }
 
 define_gradeschool_mul!(mul_4, 4, mul_2);
+#[cfg(not(feature = "slower_smaller_binary"))]
 define_gradeschool_mul!(mul_6, 6, mul_3);
 define_mul!(mul_8, 8, mul_4);
 define_mul!(mul_16, 16, mul_8);
 define_mul!(mul_32, 32, mul_16);
 define_mul!(mul_64, 64, mul_32);
 
+#[cfg(feature = "slower_smaller_binary")]
+const fn mul_6(a: &[u64; 6], b: &[u64; 6]) -> [u64; 12] {
+	let mut ae = [0; 8];
+	let mut be = [0; 8];
+	copy_from_slice!(ae, 2, 8, a);
+	copy_from_slice!(be, 2, 8, b);
+	let bonus_res = mul_8(&ae, &be);
+	let mut res = [0; 12];
+	let mut i = 0;
+	while i < 4 { debug_assert!(bonus_res[i] == 0); i += 1; }
+	while i < 16 { res[i - 4] = bonus_res[i]; i += 1; }
+	res
+}
 
 /// Squares a 128-bit integer, returning a new 256-bit integer.
 ///
-- 
2.39.5