690 			      const u64 *curve_prime, u64 *tmp)  in vli_mmod_fast_192()  argument
709 	while (carry || vli_cmp(curve_prime, result, ndigits) != 1)  in vli_mmod_fast_192()
710 		carry -= vli_sub(result, result, curve_prime, ndigits);  in vli_mmod_fast_192()
717 			      const u64 *curve_prime, u64 *tmp)  in vli_mmod_fast_256()  argument
784 			carry += vli_add(result, result, curve_prime, ndigits);  in vli_mmod_fast_256()
787 		while (carry || vli_cmp(curve_prime, result, ndigits) != 1)  in vli_mmod_fast_256()
788 			carry -= vli_sub(result, result, curve_prime, ndigits);  in vli_mmod_fast_256()
800 				const u64 *curve_prime, u64 *tmp)  in vli_mmod_fast_384()  argument
892 			carry += vli_add(result, result, curve_prime, ndigits);  in vli_mmod_fast_384()
895 		while (carry || vli_cmp(curve_prime, result, ndigits) != 1)  in vli_mmod_fast_384()
896 			carry -= vli_sub(result, result, curve_prime, ndigits);  in vli_mmod_fast_384()
914 	const u64 *curve_prime = curve->p;  in vli_mmod_fast()  local
920 		if (curve_prime[ndigits - 1] == -1ull) {  in vli_mmod_fast()
921 			vli_mmod_special(result, product, curve_prime,  in vli_mmod_fast()
924 		} else if (curve_prime[ndigits - 1] == 1ull << 63 &&  in vli_mmod_fast()
925 			   curve_prime[ndigits - 2] == 0) {  in vli_mmod_fast()
926 			vli_mmod_special2(result, product, curve_prime,  in vli_mmod_fast()
930 		vli_mmod_barrett(result, product, curve_prime, ndigits);  in vli_mmod_fast()
936 		vli_mmod_fast_192(result, product, curve_prime, tmp);  in vli_mmod_fast()
939 		vli_mmod_fast_256(result, product, curve_prime, tmp);  in vli_mmod_fast()
942 		vli_mmod_fast_384(result, product, curve_prime, tmp);  in vli_mmod_fast()
1086 	const u64 *curve_prime = curve->p;  in ecc_point_double_jacobian()  local
1104 	vli_mod_add(x1, x1, z1, curve_prime, ndigits);  in ecc_point_double_jacobian()
1106 	vli_mod_add(z1, z1, z1, curve_prime, ndigits);  in ecc_point_double_jacobian()
1108 	vli_mod_sub(z1, x1, z1, curve_prime, ndigits);  in ecc_point_double_jacobian()
1113 	vli_mod_add(z1, x1, x1, curve_prime, ndigits);  in ecc_point_double_jacobian()
1115 	vli_mod_add(x1, x1, z1, curve_prime, ndigits);  in ecc_point_double_jacobian()
1117 		u64 carry = vli_add(x1, x1, curve_prime, ndigits);  in ecc_point_double_jacobian()
1129 	vli_mod_sub(z1, z1, t5, curve_prime, ndigits);  in ecc_point_double_jacobian()
1131 	vli_mod_sub(z1, z1, t5, curve_prime, ndigits);  in ecc_point_double_jacobian()
1133 	vli_mod_sub(t5, t5, z1, curve_prime, ndigits);  in ecc_point_double_jacobian()
1137 	vli_mod_sub(t4, x1, t4, curve_prime, ndigits);  in ecc_point_double_jacobian()
1187 	const u64 *curve_prime = curve->p;  in xycz_add()  local
1191 	vli_mod_sub(t5, x2, x1, curve_prime, ndigits);  in xycz_add()
1199 	vli_mod_sub(y2, y2, y1, curve_prime, ndigits);  in xycz_add()
1204 	vli_mod_sub(t5, t5, x1, curve_prime, ndigits);  in xycz_add()
1206 	vli_mod_sub(t5, t5, x2, curve_prime, ndigits);  in xycz_add()
1208 	vli_mod_sub(x2, x2, x1, curve_prime, ndigits);  in xycz_add()
1212 	vli_mod_sub(x2, x1, t5, curve_prime, ndigits);  in xycz_add()
1216 	vli_mod_sub(y2, y2, y1, curve_prime, ndigits);  in xycz_add()
1232 	const u64 *curve_prime = curve->p;  in xycz_add_c()  local
1236 	vli_mod_sub(t5, x2, x1, curve_prime, ndigits);  in xycz_add_c()
1244 	vli_mod_add(t5, y2, y1, curve_prime, ndigits);  in xycz_add_c()
1246 	vli_mod_sub(y2, y2, y1, curve_prime, ndigits);  in xycz_add_c()
1249 	vli_mod_sub(t6, x2, x1, curve_prime, ndigits);  in xycz_add_c()
1253 	vli_mod_add(t6, x1, x2, curve_prime, ndigits);  in xycz_add_c()
1257 	vli_mod_sub(x2, x2, t6, curve_prime, ndigits);  in xycz_add_c()
1260 	vli_mod_sub(t7, x1, x2, curve_prime, ndigits);  in xycz_add_c()
1264 	vli_mod_sub(y2, y2, y1, curve_prime, ndigits);  in xycz_add_c()
1269 	vli_mod_sub(t7, t7, t6, curve_prime, ndigits);  in xycz_add_c()
1271 	vli_mod_sub(t6, t7, x1, curve_prime, ndigits);  in xycz_add_c()
1275 	vli_mod_sub(y1, t6, y1, curve_prime, ndigits);  in xycz_add_c()
1290 	u64 *curve_prime = curve->p;  in ecc_point_mult()  local
1316 	vli_mod_sub(z, rx[1], rx[0], curve_prime, ndigits);  in ecc_point_mult()
1323 	vli_mod_inv(z, z, curve_prime, point->ndigits);  in ecc_point_mult()