- zBytes := mul.z.Bytes()
- rem := len(x) - len(zBytes)
- for i := 0; i < rem; i++ {
- mul.buf[i] = 0
+ return t, x0, x1, z0, z1
+}
+
+func (mul *mul128) Mul(x, y []byte) []byte {
+ x1 := binary.BigEndian.Uint64(x[:8])
+ x0 := binary.BigEndian.Uint64(x[8:])
+ y1 := binary.BigEndian.Uint64(y[:8])
+ y0 := binary.BigEndian.Uint64(y[8:])
+ t, x0, x1, z0, z1 := gf128half(64, y0, x0, x1, 0, 0)
+ t, x0, x1, z0, z1 = gf128half(63, y1, x0, x1, z0, z1)
+ if t&1 > 0 {
+ z0, z1 = z0^x0, z1^x1