687 			      const u64 *curve_prime, u64 *tmp)  in vli_mmod_fast_192()  argument
706 	while (carry || vli_cmp(curve_prime, result, ndigits) != 1)  in vli_mmod_fast_192()
707 		carry -= vli_sub(result, result, curve_prime, ndigits);  in vli_mmod_fast_192()
714 			      const u64 *curve_prime, u64 *tmp)  in vli_mmod_fast_256()  argument
781 			carry += vli_add(result, result, curve_prime, ndigits);  in vli_mmod_fast_256()
784 		while (carry || vli_cmp(curve_prime, result, ndigits) != 1)  in vli_mmod_fast_256()
785 			carry -= vli_sub(result, result, curve_prime, ndigits);  in vli_mmod_fast_256()
797 				const u64 *curve_prime, u64 *tmp)  in vli_mmod_fast_384()  argument
889 			carry += vli_add(result, result, curve_prime, ndigits);  in vli_mmod_fast_384()
892 		while (carry || vli_cmp(curve_prime, result, ndigits) != 1)  in vli_mmod_fast_384()
893 			carry -= vli_sub(result, result, curve_prime, ndigits);  in vli_mmod_fast_384()
911 	const u64 *curve_prime = curve->p;  in vli_mmod_fast()  local
917 		if (curve_prime[ndigits - 1] == -1ull) {  in vli_mmod_fast()
918 			vli_mmod_special(result, product, curve_prime,  in vli_mmod_fast()
921 		} else if (curve_prime[ndigits - 1] == 1ull << 63 &&  in vli_mmod_fast()
922 			   curve_prime[ndigits - 2] == 0) {  in vli_mmod_fast()
923 			vli_mmod_special2(result, product, curve_prime,  in vli_mmod_fast()
927 		vli_mmod_barrett(result, product, curve_prime, ndigits);  in vli_mmod_fast()
933 		vli_mmod_fast_192(result, product, curve_prime, tmp);  in vli_mmod_fast()
936 		vli_mmod_fast_256(result, product, curve_prime, tmp);  in vli_mmod_fast()
939 		vli_mmod_fast_384(result, product, curve_prime, tmp);  in vli_mmod_fast()
1082 	const u64 *curve_prime = curve->p;  in ecc_point_double_jacobian()  local
1100 	vli_mod_add(x1, x1, z1, curve_prime, ndigits);  in ecc_point_double_jacobian()
1102 	vli_mod_add(z1, z1, z1, curve_prime, ndigits);  in ecc_point_double_jacobian()
1104 	vli_mod_sub(z1, x1, z1, curve_prime, ndigits);  in ecc_point_double_jacobian()
1109 	vli_mod_add(z1, x1, x1, curve_prime, ndigits);  in ecc_point_double_jacobian()
1111 	vli_mod_add(x1, x1, z1, curve_prime, ndigits);  in ecc_point_double_jacobian()
1113 		u64 carry = vli_add(x1, x1, curve_prime, ndigits);  in ecc_point_double_jacobian()
1125 	vli_mod_sub(z1, z1, t5, curve_prime, ndigits);  in ecc_point_double_jacobian()
1127 	vli_mod_sub(z1, z1, t5, curve_prime, ndigits);  in ecc_point_double_jacobian()
1129 	vli_mod_sub(t5, t5, z1, curve_prime, ndigits);  in ecc_point_double_jacobian()
1133 	vli_mod_sub(t4, x1, t4, curve_prime, ndigits);  in ecc_point_double_jacobian()
1183 	const u64 *curve_prime = curve->p;  in xycz_add()  local
1187 	vli_mod_sub(t5, x2, x1, curve_prime, ndigits);  in xycz_add()
1195 	vli_mod_sub(y2, y2, y1, curve_prime, ndigits);  in xycz_add()
1200 	vli_mod_sub(t5, t5, x1, curve_prime, ndigits);  in xycz_add()
1202 	vli_mod_sub(t5, t5, x2, curve_prime, ndigits);  in xycz_add()
1204 	vli_mod_sub(x2, x2, x1, curve_prime, ndigits);  in xycz_add()
1208 	vli_mod_sub(x2, x1, t5, curve_prime, ndigits);  in xycz_add()
1212 	vli_mod_sub(y2, y2, y1, curve_prime, ndigits);  in xycz_add()
1228 	const u64 *curve_prime = curve->p;  in xycz_add_c()  local
1232 	vli_mod_sub(t5, x2, x1, curve_prime, ndigits);  in xycz_add_c()
1240 	vli_mod_add(t5, y2, y1, curve_prime, ndigits);  in xycz_add_c()
1242 	vli_mod_sub(y2, y2, y1, curve_prime, ndigits);  in xycz_add_c()
1245 	vli_mod_sub(t6, x2, x1, curve_prime, ndigits);  in xycz_add_c()
1249 	vli_mod_add(t6, x1, x2, curve_prime, ndigits);  in xycz_add_c()
1253 	vli_mod_sub(x2, x2, t6, curve_prime, ndigits);  in xycz_add_c()
1256 	vli_mod_sub(t7, x1, x2, curve_prime, ndigits);  in xycz_add_c()
1260 	vli_mod_sub(y2, y2, y1, curve_prime, ndigits);  in xycz_add_c()
1265 	vli_mod_sub(t7, t7, t6, curve_prime, ndigits);  in xycz_add_c()
1267 	vli_mod_sub(t6, t7, x1, curve_prime, ndigits);  in xycz_add_c()
1271 	vli_mod_sub(y1, t6, y1, curve_prime, ndigits);  in xycz_add_c()
1286 	u64 *curve_prime = curve->p;  in ecc_point_mult()  local
1312 	vli_mod_sub(z, rx[1], rx[0], curve_prime, ndigits);  in ecc_point_mult()
1319 	vli_mod_inv(z, z, curve_prime, point->ndigits);  in ecc_point_mult()