mirror of
https://github.com/lcn2/calc.git
synced 2025-08-19 01:13:27 +03:00
ff90bc0e3a
While help/errstr has been added, the errstr builtin function is
not yet written. In anticipation of the new errstr builtin the
rest of the calc error system has been updated to associated errsym
E_STRING's with errnum error codes and errmsg error messages.
Minor improvements to help/rand.
The verify_error_table() function that does a verification
the error_table[] array and setup private_error_alias[] array
is now called by libcalc_call_me_first().
Fix comment about wrong include file in have_sys_mount.h.
Removed unused booltostr() and strtobool() macros from bool.h.
Moved define of math_error(char *, ...) from zmath.h to errtbl.h.
The errtbl.h include file, unless ERRCODE_SRC is defined
also includes attribute.h and errsym.h.
Group calc error related builtin support functions together in func.c.
Make switch indenting in func.c consistent.
Passing an invalid argument to error(), errno() or strerror() will
set errno AND throw a math error. Before errno would be set and
an error value was returned. Before there was no way to tell if
the error value was a result of the arg or if an error detected.
Added E_STRING to error([errnum | "E_STRING"]) builtin function.
Added E_STRING to errno([errnum | "E_STRING"]) builtin function.
Added E_STRING to strerror([errnum | "E_STRING"]) builtin function.
Calling these functions with an E_STRING errsym is the same as calling
them with the matching errnum code.
Standardized on calc computation error related E_STRING strings
where there are a set of related codes. Changed "E_...digits" into
"E_..._digits". For example, E_FPUTC1 became E_FPUTC_1, E_FPUTC2
became E_FPUTC_2, and E_FPUTC3 became E_FPUTC_3. In a few cases
such as E_APPR became E_APPR_1, because there was a E_APPR2 (which
became E_APPR_2) and E_APPR3 (which became E_APPR_3). To other
special cases, E_ILOG10 became E_IBASE10_LOG and E_ILOG2 became
E_IBASE2_LOG because E_ILOG10 and E_ILOG2 are both independent calc
computation error related E_STRING strings. Now related sets of
E_STRING strings end in _ (underscore) followed by digits.
The following is the list of E_STRING strings changes:
E_APPR ==> E_APPR_1
E_ROUND ==> E_ROUND_1
E_SQRT ==> E_SQRT_1
E_ROOT ==> E_ROOT_1
E_SHIFT ==> E_SHIFT_1
E_SCALE ==> E_SCALE_1
E_POWI ==> E_POWI_1
E_POWER ==> E_POWER_1
E_QUO ==> E_QUO_1
E_MOD ==> E_MOD_1
E_ABS ==> E_ABS_1
E_APPR2 ==> E_APPR_2
E_APPR3 ==> E_APPR_3
E_ROUND2 ==> E_ROUND_2
E_ROUND3 ==> E_ROUND_3
E_BROUND2 ==> E_BROUND_2
E_BROUND3 ==> E_BROUND_3
E_SQRT2 ==> E_SQRT_2
E_SQRT3 ==> E_SQRT_3
E_ROOT2 ==> E_ROOT_2
E_ROOT3 ==> E_ROOT_3
E_SHIFT2 ==> E_SHIFT_2
E_SCALE2 ==> E_SCALE_2
E_POWI2 ==> E_POWI_2
E_POWER2 ==> E_POWER_2
E_POWER3 ==> E_POWER_3
E_QUO2 ==> E_QUO_2
E_QUO3 ==> E_QUO_3
E_MOD2 ==> E_MOD_2
E_MOD3 ==> E_MOD_3
E_ABS2 ==> E_ABS_2
E_EXP1 ==> E_EXP_1
E_EXP2 ==> E_EXP_2
E_FPUTC1 ==> E_FPUTC_1
E_FPUTC2 ==> E_FPUTC_2
E_FPUTC3 ==> E_FPUTC_3
E_FGETC1 ==> E_FGETC_1
E_FGETC2 ==> E_FGETC_2
E_FOPEN1 ==> E_FOPEN_1
E_FOPEN2 ==> E_FOPEN_2
E_FREOPEN1 ==> E_FREOPEN_1
E_FREOPEN2 ==> E_FREOPEN_2
E_FREOPEN3 ==> E_FREOPEN_3
E_FCLOSE1 ==> E_FCLOSE_1
E_FPUTS1 ==> E_FPUTS_1
E_FPUTS2 ==> E_FPUTS_2
E_FPUTS3 ==> E_FPUTS_3
E_FGETS1 ==> E_FGETS_1
E_FGETS2 ==> E_FGETS_2
E_FPUTSTR1 ==> E_FPUTSTR_1
E_FPUTSTR2 ==> E_FPUTSTR_2
E_FPUTSTR3 ==> E_FPUTSTR_3
E_FGETSTR1 ==> E_FGETSTR_1
E_FGETSTR2 ==> E_FGETSTR_2
E_FGETLINE1 ==> E_FGETLINE_1
E_FGETLINE2 ==> E_FGETLINE_2
E_FGETFIELD1 ==> E_FGETFIELD_1
E_FGETFIELD2 ==> E_FGETFIELD_2
E_REWIND1 ==> E_REWIND_1
E_PRINTF1 ==> E_PRINTF_1
E_PRINTF2 ==> E_PRINTF_2
E_FPRINTF1 ==> E_FPRINTF_1
E_FPRINTF2 ==> E_FPRINTF_2
E_FPRINTF3 ==> E_FPRINTF_3
E_STRPRINTF1 ==> E_STRPRINTF_1
E_STRPRINTF2 ==> E_STRPRINTF_2
E_FSCAN1 ==> E_FSCAN_1
E_FSCAN2 ==> E_FSCAN_2
E_FSCANF1 ==> E_FSCANF_1
E_FSCANF2 ==> E_FSCANF_2
E_FSCANF3 ==> E_FSCANF_3
E_FSCANF4 ==> E_FSCANF_4
E_STRSCANF1 ==> E_STRSCANF_1
E_STRSCANF2 ==> E_STRSCANF_2
E_STRSCANF3 ==> E_STRSCANF_3
E_STRSCANF4 ==> E_STRSCANF_4
E_SCANF1 ==> E_SCANF_1
E_SCANF2 ==> E_SCANF_2
E_SCANF3 ==> E_SCANF_3
E_FTELL1 ==> E_FTELL_1
E_FTELL2 ==> E_FTELL_2
E_FSEEK1 ==> E_FSEEK_1
E_FSEEK2 ==> E_FSEEK_2
E_FSEEK3 ==> E_FSEEK_3
E_FSIZE1 ==> E_FSIZE_1
E_FSIZE2 ==> E_FSIZE_2
E_FEOF1 ==> E_FEOF_1
E_FEOF2 ==> E_FEOF_2
E_FERROR1 ==> E_FERROR_1
E_FERROR2 ==> E_FERROR_2
E_UNGETC1 ==> E_UNGETC_1
E_UNGETC2 ==> E_UNGETC_2
E_UNGETC3 ==> E_UNGETC_3
E_ISATTY1 ==> E_ISATTY_1
E_ISATTY2 ==> E_ISATTY_2
E_ACCESS1 ==> E_ACCESS_1
E_ACCESS2 ==> E_ACCESS_2
E_SEARCH1 ==> E_SEARCH_1
E_SEARCH2 ==> E_SEARCH_2
E_SEARCH3 ==> E_SEARCH_3
E_SEARCH4 ==> E_SEARCH_4
E_SEARCH5 ==> E_SEARCH_5
E_SEARCH6 ==> E_SEARCH_6
E_RSEARCH1 ==> E_RSEARCH_1
E_RSEARCH2 ==> E_RSEARCH_2
E_RSEARCH3 ==> E_RSEARCH_3
E_RSEARCH4 ==> E_RSEARCH_4
E_RSEARCH5 ==> E_RSEARCH_5
E_RSEARCH6 ==> E_RSEARCH_6
E_REWIND2 ==> E_REWIND_2
E_STRERROR1 ==> E_STRERROR_1
E_STRERROR2 ==> E_STRERROR_2
E_COS1 ==> E_COS_1
E_COS2 ==> E_COS_2
E_SIN1 ==> E_SIN_1
E_SIN2 ==> E_SIN_2
E_EVAL2 ==> E_EVAL_2
E_ARG1 ==> E_ARG_1
E_ARG2 ==> E_ARG_2
E_POLAR1 ==> E_POLAR_1
E_POLAR2 ==> E_POLAR_2
E_MATFILL1 ==> E_MATFILL_1
E_MATFILL2 ==> E_MATFILL_2
E_MATTRANS1 ==> E_MATTRANS_1
E_MATTRANS2 ==> E_MATTRANS_2
E_DET1 ==> E_DET_1
E_DET2 ==> E_DET_2
E_DET3 ==> E_DET_3
E_MATMIN1 ==> E_MATMIN_1
E_MATMIN2 ==> E_MATMIN_2
E_MATMIN3 ==> E_MATMIN_3
E_MATMAX1 ==> E_MATMAX_1
E_MATMAX2 ==> E_MATMAX_2
E_MATMAX3 ==> E_MATMAX_3
E_CP1 ==> E_CP_1
E_CP2 ==> E_CP_2
E_CP3 ==> E_CP_3
E_DP1 ==> E_DP_1
E_DP2 ==> E_DP_2
E_DP3 ==> E_DP_3
E_SUBSTR1 ==> E_SUBSTR_1
E_SUBSTR2 ==> E_SUBSTR_2
E_INSERT1 ==> E_INSERT_1
E_INSERT2 ==> E_INSERT_2
E_DELETE1 ==> E_DELETE_1
E_DELETE2 ==> E_DELETE_2
E_LN1 ==> E_LN_1
E_LN2 ==> E_LN_2
E_ERROR1 ==> E_ERROR_1
E_ERROR2 ==> E_ERROR_2
E_EVAL3 ==> E_EVAL_3
E_EVAL4 ==> E_EVAL_4
E_RM1 ==> E_RM_1
E_RM2 ==> E_RM_2
E_BLK1 ==> E_BLK_1
E_BLK2 ==> E_BLK_2
E_BLK3 ==> E_BLK_3
E_BLK4 ==> E_BLK_4
E_BLKFREE1 ==> E_BLKFREE_1
E_BLKFREE2 ==> E_BLKFREE_2
E_BLKFREE3 ==> E_BLKFREE_3
E_BLKFREE4 ==> E_BLKFREE_4
E_BLKFREE5 ==> E_BLKFREE_5
E_BLOCKS1 ==> E_BLOCKS_1
E_BLOCKS2 ==> E_BLOCKS_2
E_COPY1 ==> E_COPY_01
E_COPY2 ==> E_COPY_02
E_COPY3 ==> E_COPY_03
E_COPY4 ==> E_COPY_04
E_COPY5 ==> E_COPY_05
E_COPY6 ==> E_COPY_06
E_COPY7 ==> E_COPY_07
E_COPY8 ==> E_COPY_08
E_COPY9 ==> E_COPY_09
E_COPY10 ==> E_COPY_10
E_COPY11 ==> E_COPY_11
E_COPY12 ==> E_COPY_12
E_COPY13 ==> E_COPY_13
E_COPY14 ==> E_COPY_14
E_COPY15 ==> E_COPY_15
E_COPY16 ==> E_COPY_16
E_COPY17 ==> E_COPY_17
E_COPYF1 ==> E_COPYF_1
E_COPYF2 ==> E_COPYF_2
E_COPYF3 ==> E_COPYF_3
E_COPYF4 ==> E_COPYF_4
E_PROTECT1 ==> E_PROTECT_1
E_PROTECT2 ==> E_PROTECT_2
E_PROTECT3 ==> E_PROTECT_3
E_MATFILL3 ==> E_MATFILL_3
E_MATFILL4 ==> E_MATFILL_4
E_MATTRACE1 ==> E_MATTRACE_1
E_MATTRACE2 ==> E_MATTRACE_2
E_MATTRACE3 ==> E_MATTRACE_3
E_TAN1 ==> E_TAN_1
E_TAN2 ==> E_TAN_2
E_COT1 ==> E_COT_1
E_COT2 ==> E_COT_2
E_SEC1 ==> E_SEC_1
E_SEC2 ==> E_SEC_2
E_CSC1 ==> E_CSC_1
E_CSC2 ==> E_CSC_2
E_SINH1 ==> E_SINH_1
E_SINH2 ==> E_SINH_2
E_COSH1 ==> E_COSH_1
E_COSH2 ==> E_COSH_2
E_TANH1 ==> E_TANH_1
E_TANH2 ==> E_TANH_2
E_COTH1 ==> E_COTH_1
E_COTH2 ==> E_COTH_2
E_SECH1 ==> E_SECH_1
E_SECH2 ==> E_SECH_2
E_CSCH1 ==> E_CSCH_1
E_CSCH2 ==> E_CSCH_2
E_ASIN1 ==> E_ASIN_1
E_ASIN2 ==> E_ASIN_2
E_ACOS1 ==> E_ACOS_1
E_ACOS2 ==> E_ACOS_2
E_ATAN1 ==> E_ATAN_1
E_ATAN2 ==> E_ATAN_2
E_ACOT1 ==> E_ACOT_1
E_ACOT2 ==> E_ACOT_2
E_ASEC1 ==> E_ASEC_1
E_ASEC2 ==> E_ASEC_2
E_ACSC1 ==> E_ACSC_1
E_ACSC2 ==> E_ACSC_2
E_ASINH1 ==> E_ASINH_1
E_ASINH2 ==> E_ASINH_2
E_ACOSH1 ==> E_ACOSH_1
E_ACOSH2 ==> E_ACOSH_2
E_ATANH1 ==> E_ATANH_1
E_ATANH2 ==> E_ATANH_2
E_ACOTH1 ==> E_ACOTH_1
E_ACOTH2 ==> E_ACOTH_2
E_ASECH1 ==> E_ASECH_1
E_ASECH2 ==> E_ASECH_2
E_ACSCH1 ==> E_ACSCH_1
E_ACSCH2 ==> E_ACSCH_2
E_GD1 ==> E_GD_1
E_GD2 ==> E_GD_2
E_AGD1 ==> E_AGD_1
E_AGD2 ==> E_AGD_2
E_BIT1 ==> E_BIT_1
E_BIT2 ==> E_BIT_2
E_SETBIT1 ==> E_SETBIT_1
E_SETBIT2 ==> E_SETBIT_2
E_SETBIT3 ==> E_SETBIT_3
E_SEG1 ==> E_SEG_1
E_SEG2 ==> E_SEG_2
E_SEG3 ==> E_SEG_3
E_HIGHBIT1 ==> E_HIGHBIT_1
E_HIGHBIT2 ==> E_HIGHBIT_2
E_LOWBIT1 ==> E_LOWBIT_1
E_LOWBIT2 ==> E_LOWBIT_2
E_HEAD1 ==> E_HEAD_1
E_HEAD2 ==> E_HEAD_2
E_TAIL1 ==> E_TAIL_1
E_TAIL2 ==> E_TAIL_2
E_XOR1 ==> E_XOR_1
E_XOR2 ==> E_XOR_2
E_INDICES1 ==> E_INDICES_1
E_INDICES2 ==> E_INDICES_2
E_EXP3 ==> E_EXP_3
E_SINH3 ==> E_SINH_3
E_COSH3 ==> E_COSH_3
E_SIN3 ==> E_SIN_3
E_COS3 ==> E_COS_3
E_GD3 ==> E_GD_3
E_AGD3 ==> E_AGD_3
E_POWER4 ==> E_POWER_4
E_ROOT4 ==> E_ROOT_4
E_DGT1 ==> E_DGT_1
E_DGT2 ==> E_DGT_2
E_DGT3 ==> E_DGT_3
E_PLCS1 ==> E_PLCS_1
E_PLCS2 ==> E_PLCS_2
E_DGTS1 ==> E_DGTS_1
E_DGTS2 ==> E_DGTS_2
E_ILOG10 ==> E_IBASE10_LOG
E_ILOG2 ==> E_IBASE2_LOG
E_COMB1 ==> E_COMB_1
E_COMB2 ==> E_COMB_2
E_ASSIGN1 ==> E_ASSIGN_1
E_ASSIGN2 ==> E_ASSIGN_2
E_ASSIGN3 ==> E_ASSIGN_3
E_ASSIGN4 ==> E_ASSIGN_4
E_ASSIGN5 ==> E_ASSIGN_5
E_ASSIGN6 ==> E_ASSIGN_6
E_ASSIGN7 ==> E_ASSIGN_7
E_ASSIGN8 ==> E_ASSIGN_8
E_ASSIGN9 ==> E_ASSIGN_9
E_SWAP1 ==> E_SWAP_1
E_SWAP2 ==> E_SWAP_2
E_SWAP3 ==> E_SWAP_3
E_QUOMOD1 ==> E_QUOMOD_1
E_QUOMOD2 ==> E_QUOMOD_2
E_QUOMOD3 ==> E_QUOMOD_3
E_PREINC1 ==> E_PREINC_1
E_PREINC2 ==> E_PREINC_2
E_PREINC3 ==> E_PREINC_3
E_PREDEC1 ==> E_PREDEC_1
E_PREDEC2 ==> E_PREDEC_2
E_PREDEC3 ==> E_PREDEC_3
E_POSTINC1 ==> E_POSTINC_1
E_POSTINC2 ==> E_POSTINC_2
E_POSTINC3 ==> E_POSTINC_3
E_POSTDEC1 ==> E_POSTDEC_1
E_POSTDEC2 ==> E_POSTDEC_2
E_POSTDEC3 ==> E_POSTDEC_3
E_INIT1 ==> E_INIT_01
E_INIT2 ==> E_INIT_02
E_INIT3 ==> E_INIT_03
E_INIT4 ==> E_INIT_04
E_INIT5 ==> E_INIT_05
E_INIT6 ==> E_INIT_06
E_INIT7 ==> E_INIT_07
E_INIT8 ==> E_INIT_08
E_INIT9 ==> E_INIT_09
E_INIT10 ==> E_INIT_10
E_LIST1 ==> E_LIST_1
E_LIST2 ==> E_LIST_2
E_LIST3 ==> E_LIST_3
E_LIST4 ==> E_LIST_4
E_LIST5 ==> E_LIST_5
E_LIST6 ==> E_LIST_6
E_MODIFY1 ==> E_MODIFY_1
E_MODIFY2 ==> E_MODIFY_2
E_MODIFY3 ==> E_MODIFY_3
E_MODIFY4 ==> E_MODIFY_4
E_MODIFY5 ==> E_MODIFY_5
E_FPATHOPEN1 ==> E_FPATHOPEN_1
E_FPATHOPEN2 ==> E_FPATHOPEN_2
E_LOG1 ==> E_LOG_1
E_LOG2 ==> E_LOG_2
E_LOG3 ==> E_LOG_3
E_FGETFILE1 ==> E_FGETFILE_1
E_FGETFILE2 ==> E_FGETFILE_2
E_FGETFILE3 ==> E_FGETFILE_3
E_TAN3 ==> E_TAN_3
E_TAN4 ==> E_TAN_4
E_COT3 ==> E_COT_3
E_COT4 ==> E_COT_4
E_SEC3 ==> E_SEC_3
E_CSC3 ==> E_CSC_3
E_TANH3 ==> E_TANH_3
E_TANH4 ==> E_TANH_4
E_COTH3 ==> E_COTH_3
E_COTH4 ==> E_COTH_4
E_SECH3 ==> E_SECH_3
E_CSCH3 ==> E_CSCH_3
E_ASIN3 ==> E_ASIN_3
E_ACOS3 ==> E_ACOS_3
E_ASINH3 ==> E_ASINH_3
E_ACOSH3 ==> E_ACOSH_3
E_ATAN3 ==> E_ATAN_3
E_ACOT3 ==> E_ACOT_3
E_ASEC3 ==> E_ASEC_3
E_ACSC3 ==> E_ACSC_3
E_ATANH3 ==> E_ATANH_3
E_ACOTH3 ==> E_ACOTH_3
E_ASECH3 ==> E_ASECH_3
E_ACSCH3 ==> E_ACSCH_3
E_D2R1 ==> E_D2R_1
E_D2R2 ==> E_D2R_2
E_R2D1 ==> E_R2D_1
E_R2D2 ==> E_R2D_2
E_G2R1 ==> E_G2R_1
E_G2R2 ==> E_G2R_2
E_R2G1 ==> E_R2G_1
E_R2G2 ==> E_R2G_2
E_D2G1 ==> E_D2G_1
E_G2D1 ==> E_G2D_1
E_D2DMS1 ==> E_D2DMS_1
E_D2DMS2 ==> E_D2DMS_2
E_D2DMS3 ==> E_D2DMS_3
E_D2DMS4 ==> E_D2DMS_4
E_D2DM1 ==> E_D2DM_1
E_D2DM2 ==> E_D2DM_2
E_D2DM3 ==> E_D2DM_3
E_D2DM4 ==> E_D2DM_4
E_G2GMS1 ==> E_G2GMS_1
E_G2GMS2 ==> E_G2GMS_2
E_G2GMS3 ==> E_G2GMS_3
E_G2GMS4 ==> E_G2GMS_4
E_G2GM1 ==> E_G2GM_1
E_G2GM2 ==> E_G2GM_2
E_G2GM3 ==> E_G2GM_3
E_G2GM4 ==> E_G2GM_4
E_H2HMS1 ==> E_H2HMS_1
E_H2HMS2 ==> E_H2HMS_2
E_H2HMS3 ==> E_H2HMS_3
E_H2HMS4 ==> E_H2HMS_4
E_H2HM1 ==> E_H2HM_1
E_H2HM2 ==> E_H2HM_2
E_H2HM3 ==> E_H2HM_3
E_H2HM4 ==> E_H2HM_4
E_DMS2D1 ==> E_DMS2D_1
E_DMS2D2 ==> E_DMS2D_2
E_DM2D1 ==> E_DM2D_1
E_DM2D2 ==> E_DM2D_2
E_GMS2G1 ==> E_GMS2G_1
E_GMS2G2 ==> E_GMS2G_2
E_GM2G1 ==> E_GM2G_1
E_GM2G2 ==> E_GM2G_2
E_HMS2H1 ==> E_HMS2H_1
E_HMS2H2 ==> E_HMS2H_2
E_HM2H1 ==> E_HM2H_1
E_HM2H2 ==> E_HM2H_2
E_VERSIN1 ==> E_VERSIN_1
E_VERSIN2 ==> E_VERSIN_2
E_VERSIN3 ==> E_VERSIN_3
E_AVERSIN1 ==> E_AVERSIN_1
E_AVERSIN2 ==> E_AVERSIN_2
E_AVERSIN3 ==> E_AVERSIN_3
E_COVERSIN1 ==> E_COVERSIN_1
E_COVERSIN2 ==> E_COVERSIN_2
E_COVERSIN3 ==> E_COVERSIN_3
E_ACOVERSIN1 ==> E_ACOVERSIN_1
E_ACOVERSIN2 ==> E_ACOVERSIN_2
E_ACOVERSIN3 ==> E_ACOVERSIN_3
E_VERCOS1 ==> E_VERCOS_1
E_VERCOS2 ==> E_VERCOS_2
E_VERCOS3 ==> E_VERCOS_3
E_AVERCOS1 ==> E_AVERCOS_1
E_AVERCOS2 ==> E_AVERCOS_2
E_AVERCOS3 ==> E_AVERCOS_3
E_COVERCOS1 ==> E_COVERCOS_1
E_COVERCOS2 ==> E_COVERCOS_2
E_COVERCOS3 ==> E_COVERCOS_3
E_ACOVERCOS1 ==> E_ACOVERCOS_1
E_ACOVERCOS2 ==> E_ACOVERCOS_2
E_ACOVERCOS3 ==> E_ACOVERCOS_3
E_TAN5 ==> E_TAN_5
E_COT5 ==> E_COT_5
E_COT6 ==> E_COT_6
E_SEC5 ==> E_SEC_5
E_CSC5 ==> E_CSC_5
E_CSC6 ==> E_CSC_6
2277 lines
48 KiB
C
2277 lines
48 KiB
C
/*
|
|
* zmod - modulo arithmetic routines
|
|
*
|
|
* Copyright (C) 1999-2007,2021-2023 David I. Bell, Landon Curt Noll and Ernest Bowen
|
|
*
|
|
* Primary author: David I. Bell
|
|
*
|
|
* Calc is open software; you can redistribute it and/or modify it under
|
|
* the terms of the version 2.1 of the GNU Lesser General Public License
|
|
* as published by the Free Software Foundation.
|
|
*
|
|
* Calc is distributed in the hope that it will be useful, but WITHOUT
|
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General
|
|
* Public License for more details.
|
|
*
|
|
* A copy of version 2.1 of the GNU Lesser General Public License is
|
|
* distributed with calc under the filename COPYING-LGPL. You should have
|
|
* received a copy with calc; if not, write to Free Software Foundation, Inc.
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
*
|
|
* Under source code control: 1991/05/22 23:03:55
|
|
* File existed as early as: 1991
|
|
*
|
|
* Share and enjoy! :-) http://www.isthe.com/chongo/tech/comp/calc/
|
|
*/
|
|
|
|
/*
|
|
* Routines to do modulo arithmetic both normally and also using the REDC
|
|
* algorithm given by Peter L. Montgomery in Mathematics of Computation,
|
|
* volume 44, number 170 (April, 1985). For multiple multiplies using
|
|
* the same large modulus, the REDC algorithm avoids the usual division
|
|
* by the modulus, instead replacing it with two multiplies or else a
|
|
* special algorithm. When these two multiplies or the special algorithm
|
|
* are faster then the division, then the REDC algorithm is better.
|
|
*/
|
|
|
|
|
|
#include "alloc.h"
|
|
#include "config.h"
|
|
#include "zmath.h"
|
|
|
|
|
|
#include "errtbl.h"
|
|
#include "banned.h" /* include after system header <> includes */
|
|
|
|
|
|
#define POWBITS 4 /* bits for power chunks (must divide BASEB) */
|
|
#define POWNUMS (1<<POWBITS) /* number of powers needed in table */
|
|
|
|
S_FUNC void zmod5(ZVALUE *zp);
|
|
S_FUNC void zmod6(ZVALUE z1, ZVALUE *res);
|
|
S_FUNC void zredcmodinv(ZVALUE z1, ZVALUE *res);
|
|
|
|
STATIC REDC *powermodredc = NULL; /* REDC info for raising to power */
|
|
|
|
bool havelastmod = false;
|
|
STATIC ZVALUE lastmod[1];
|
|
STATIC ZVALUE lastmodinv[1];
|
|
|
|
|
|
/*
|
|
* Square a number and then mod the result with a second number.
|
|
* The number to be squared can be negative or out of modulo range.
|
|
* The result will be in the range 0 to the modulus - 1.
|
|
*
|
|
* given:
|
|
* z1 number to be squared
|
|
* z2 number to take mod with
|
|
* res result
|
|
*/
|
|
void
|
|
zsquaremod(ZVALUE z1, ZVALUE z2, ZVALUE *res)
|
|
{
|
|
ZVALUE tmp;
|
|
FULL prod;
|
|
FULL digit;
|
|
|
|
/* firewall */
|
|
if (res == NULL) {
|
|
math_error("%s: res NULL", __func__);
|
|
not_reached();
|
|
}
|
|
|
|
if (ziszero(z2) || zisneg(z2)) {
|
|
math_error("Mod of non-positive integer");
|
|
not_reached();
|
|
}
|
|
if (ziszero(z1) || zisunit(z2)) {
|
|
*res = _zero_;
|
|
return;
|
|
}
|
|
|
|
/*
|
|
* If the modulus is a single digit number, then do the result
|
|
* cheaply. Check especially for a small power of two.
|
|
*/
|
|
if (zistiny(z2)) {
|
|
digit = z2.v[0];
|
|
if ((digit & -digit) == digit) { /* NEEDS 2'S COMP */
|
|
prod = (FULL) z1.v[0];
|
|
prod = (prod * prod) & (digit - 1);
|
|
} else {
|
|
z1.sign = 0;
|
|
prod = (FULL) zmodi(z1, (long) digit);
|
|
prod = (prod * prod) % digit;
|
|
}
|
|
itoz((long) prod, res);
|
|
return;
|
|
}
|
|
|
|
/*
|
|
* The modulus is more than one digit.
|
|
* Actually do the square and divide if necessary.
|
|
*/
|
|
zsquare(z1, &tmp);
|
|
if ((tmp.len < z2.len) ||
|
|
((tmp.len == z2.len) && (tmp.v[tmp.len-1] < z2.v[z2.len-1]))) {
|
|
*res = tmp;
|
|
return;
|
|
}
|
|
zmod(tmp, z2, res, 0);
|
|
zfree(tmp);
|
|
}
|
|
|
|
|
|
/*
|
|
* Calculate the number congruent to the given number whose absolute
|
|
* value is minimal. The number to be reduced can be negative or out of
|
|
* modulo range. The result will be within the range -int((modulus-1)/2)
|
|
* to int(modulus/2) inclusive. For example, for modulus 7, numbers are
|
|
* reduced to the range [-3, 3], and for modulus 8, numbers are reduced to
|
|
* the range [-3, 4].
|
|
*
|
|
* given:
|
|
* z1 number to find minimum congruence of
|
|
* z2 number to take mod with
|
|
* res result
|
|
*/
|
|
void
|
|
zminmod(ZVALUE z1, ZVALUE z2, ZVALUE *res)
|
|
{
|
|
ZVALUE tmp1, tmp2;
|
|
int sign;
|
|
int cv;
|
|
|
|
/* firewall */
|
|
if (res == NULL) {
|
|
math_error("%s: res NULL", __func__);
|
|
not_reached();
|
|
}
|
|
|
|
if (ziszero(z2) || zisneg(z2)) {
|
|
math_error("Mod of non-positive integer");
|
|
not_reached();
|
|
}
|
|
if (ziszero(z1) || zisunit(z2)) {
|
|
*res = _zero_;
|
|
return;
|
|
}
|
|
if (zistwo(z2)) {
|
|
if (zisodd(z1))
|
|
*res = _one_;
|
|
else
|
|
*res = _zero_;
|
|
return;
|
|
}
|
|
|
|
/*
|
|
* Do a quick check to see if the number is very small compared
|
|
* to the modulus. If so, then the result is obvious.
|
|
*/
|
|
if (z1.len < z2.len - 1) {
|
|
zcopy(z1, res);
|
|
return;
|
|
}
|
|
|
|
/*
|
|
* Now make sure the input number is within the modulo range.
|
|
* If not, then reduce it to be within range and make the
|
|
* quick check again.
|
|
*/
|
|
sign = z1.sign;
|
|
z1.sign = 0;
|
|
cv = zrel(z1, z2);
|
|
if (cv == 0) {
|
|
*res = _zero_;
|
|
return;
|
|
}
|
|
tmp1 = z1;
|
|
if (cv > 0) {
|
|
z1.sign = (bool)sign;
|
|
zmod(z1, z2, &tmp1, 0);
|
|
if (tmp1.len < z2.len - 1) {
|
|
*res = tmp1;
|
|
return;
|
|
}
|
|
sign = 0;
|
|
}
|
|
|
|
/*
|
|
* Now calculate the difference of the modulus and the absolute
|
|
* value of the original number. Compare the original number with
|
|
* the difference, and return the one with the smallest absolute
|
|
* value, with the correct sign. If the two values are equal, then
|
|
* return the positive result.
|
|
*/
|
|
zsub(z2, tmp1, &tmp2);
|
|
cv = zrel(tmp1, tmp2);
|
|
if (cv < 0) {
|
|
zfree(tmp2);
|
|
tmp1.sign = (bool)sign;
|
|
if (tmp1.v == z1.v)
|
|
zcopy(tmp1, res);
|
|
else
|
|
*res = tmp1;
|
|
} else {
|
|
if (cv)
|
|
tmp2.sign = !sign;
|
|
if (tmp1.v != z1.v)
|
|
zfree(tmp1);
|
|
*res = tmp2;
|
|
}
|
|
}
|
|
|
|
|
|
/*
|
|
* Compare two numbers for equality modulo a third number.
|
|
* The two numbers to be compared can be negative or out of modulo range.
|
|
* Returns true if the numbers are not congruent, and false if they are
|
|
* congruent.
|
|
*
|
|
* given:
|
|
* z1 first number to be compared
|
|
* z2 second number to be compared
|
|
* z3 modulus
|
|
*/
|
|
bool
|
|
zcmpmod(ZVALUE z1, ZVALUE z2, ZVALUE z3)
|
|
{
|
|
ZVALUE tmp1, tmp2, tmp3;
|
|
FULL digit;
|
|
LEN len;
|
|
int cv;
|
|
|
|
if (zisneg(z3) || ziszero(z3)) {
|
|
math_error("Non-positive modulus in zcmpmod");
|
|
not_reached();
|
|
}
|
|
if (zistwo(z3))
|
|
return (((z1.v[0] + z2.v[0]) & 0x1) != 0);
|
|
|
|
/*
|
|
* If the two numbers are equal, then their mods are equal.
|
|
*/
|
|
if ((z1.sign == z2.sign) && (z1.len == z2.len) &&
|
|
(z1.v[0] == z2.v[0]) && (zcmp(z1, z2) == 0))
|
|
return false;
|
|
|
|
/*
|
|
* If both numbers are negative, then we can make them positive.
|
|
*/
|
|
if (zisneg(z1) && zisneg(z2)) {
|
|
z1.sign = 0;
|
|
z2.sign = 0;
|
|
}
|
|
|
|
/*
|
|
* For small negative numbers, make them positive before comparing.
|
|
* In any case, the resulting numbers are in tmp1 and tmp2.
|
|
*/
|
|
tmp1 = z1;
|
|
tmp2 = z2;
|
|
len = z3.len;
|
|
digit = z3.v[len - 1];
|
|
|
|
if (zisneg(z1) && ((z1.len < len) ||
|
|
((z1.len == len) && (z1.v[z1.len - 1] < digit))))
|
|
zadd(z1, z3, &tmp1);
|
|
|
|
if (zisneg(z2) && ((z2.len < len) ||
|
|
((z2.len == len) && (z2.v[z2.len - 1] < digit))))
|
|
zadd(z2, z3, &tmp2);
|
|
|
|
/*
|
|
* Now compare the two numbers for equality.
|
|
* If they are equal we are all done.
|
|
*/
|
|
if (zcmp(tmp1, tmp2) == 0) {
|
|
if (tmp1.v != z1.v)
|
|
zfree(tmp1);
|
|
if (tmp2.v != z2.v)
|
|
zfree(tmp2);
|
|
return false;
|
|
}
|
|
|
|
/*
|
|
* They are not identical. Now if both numbers are positive
|
|
* and less than the modulus, then they are definitely not equal.
|
|
*/
|
|
if ((tmp1.sign == tmp2.sign) &&
|
|
((tmp1.len < len) || (zrel(tmp1, z3) < 0)) &&
|
|
((tmp2.len < len) || (zrel(tmp2, z3) < 0))) {
|
|
if (tmp1.v != z1.v)
|
|
zfree(tmp1);
|
|
if (tmp2.v != z2.v)
|
|
zfree(tmp2);
|
|
return true;
|
|
}
|
|
|
|
/*
|
|
* Either one of the numbers is negative or is large.
|
|
* So do the standard thing and subtract the two numbers.
|
|
* Then they are equal if the result is 0 (mod z3).
|
|
*/
|
|
zsub(tmp1, tmp2, &tmp3);
|
|
if (tmp1.v != z1.v)
|
|
zfree(tmp1);
|
|
if (tmp2.v != z2.v)
|
|
zfree(tmp2);
|
|
|
|
/*
|
|
* Compare the result with the modulus to see if it is equal to
|
|
* or less than the modulus. If so, we know the mod result.
|
|
*/
|
|
tmp3.sign = 0;
|
|
cv = zrel(tmp3, z3);
|
|
if (cv == 0) {
|
|
zfree(tmp3);
|
|
return false;
|
|
}
|
|
if (cv < 0) {
|
|
zfree(tmp3);
|
|
return true;
|
|
}
|
|
|
|
/*
|
|
* We are forced to actually do the division.
|
|
* The numbers are congruent if the result is zero.
|
|
*/
|
|
zmod(tmp3, z3, &tmp1, 0);
|
|
zfree(tmp3);
|
|
if (ziszero(tmp1)) {
|
|
zfree(tmp1);
|
|
return false;
|
|
} else {
|
|
zfree(tmp1);
|
|
return true;
|
|
}
|
|
}
|
|
|
|
|
|
/*
|
|
* Given the address of a positive integer whose word count does not
|
|
* exceed twice that of the modulus stored at lastmod, to evaluate and store
|
|
* at that address the value of the integer modulo the modulus.
|
|
*/
|
|
S_FUNC void
|
|
zmod5(ZVALUE *zp)
|
|
{
|
|
LEN len, modlen, j;
|
|
ZVALUE tmp1, tmp2;
|
|
ZVALUE z1, z2, z3;
|
|
HALF *a, *b;
|
|
FULL f;
|
|
HALF u;
|
|
|
|
/* firewall */
|
|
if (zp == NULL) {
|
|
math_error("%s: zp NULL", __func__);
|
|
not_reached();
|
|
}
|
|
|
|
int subcount = 0;
|
|
|
|
if (zrel(*zp, *lastmod) < 0)
|
|
return;
|
|
modlen = lastmod->len;
|
|
len = zp->len;
|
|
z1.v = zp->v + modlen - 1;
|
|
z1.len = len - modlen + 1;
|
|
z1.sign = z2.sign = z3.sign = 0;
|
|
if (z1.len > modlen + 1) {
|
|
math_error("Bad call to zmod5!!!");
|
|
not_reached();
|
|
}
|
|
z2.v = lastmodinv->v + modlen + 1 - z1.len;
|
|
z2.len = lastmodinv->len - modlen - 1 + z1.len;
|
|
zmul(z1, z2, &tmp1);
|
|
z3.v = tmp1.v + z1.len;
|
|
z3.len = tmp1.len - z1.len;
|
|
if (z3.len > 0) {
|
|
zmul(z3, *lastmod, &tmp2);
|
|
j = modlen;
|
|
a = zp->v;
|
|
b = tmp2.v;
|
|
u = 0;
|
|
len = modlen;
|
|
while (j-- > 0) {
|
|
f = (FULL) *a - (FULL) *b++ - (FULL) u;
|
|
*a++ = (HALF) f;
|
|
u = - (HALF) (f >> BASEB);
|
|
}
|
|
if (z1.len > 1) {
|
|
len++;
|
|
if (tmp2.len > modlen)
|
|
f = (FULL) *a - (FULL) *b - (FULL) u;
|
|
else
|
|
f = (FULL) *a - (FULL) u;
|
|
*a++ = (HALF) f;
|
|
}
|
|
while (len > 0 && *--a == 0)
|
|
len--;
|
|
zp->len = len;
|
|
zfree(tmp2);
|
|
}
|
|
zfree(tmp1);
|
|
while (len > 0 && zrel(*zp, *lastmod) >= 0) {
|
|
subcount++;
|
|
if (subcount > 2) {
|
|
math_error("Too many subtractions in zmod5");
|
|
not_reached();
|
|
}
|
|
j = modlen;
|
|
a = zp->v;
|
|
b = lastmod->v;
|
|
u = 0;
|
|
while (j-- > 0) {
|
|
f = (FULL) *a - (FULL) *b++ - (FULL) u;
|
|
*a++ = (HALF) f;
|
|
u = - (HALF) (f >> BASEB);
|
|
}
|
|
if (len > modlen) {
|
|
f = (FULL) *a - (FULL) u;
|
|
*a++ = (HALF) f;
|
|
}
|
|
while (len > 0 && *--a == 0)
|
|
len--;
|
|
zp->len = len;
|
|
}
|
|
if (len == 0)
|
|
zp->len = 1;
|
|
}
|
|
|
|
S_FUNC void
|
|
zmod6(ZVALUE z1, ZVALUE *res)
|
|
{
|
|
LEN len, modlen, len0;
|
|
int sign;
|
|
ZVALUE zp0, ztmp;
|
|
|
|
/* firewall */
|
|
if (res == NULL) {
|
|
math_error("%s: res NULL", __func__);
|
|
not_reached();
|
|
}
|
|
|
|
if (ziszero(z1) || zisone(*lastmod)) {
|
|
*res = _zero_;
|
|
return;
|
|
}
|
|
sign = z1.sign;
|
|
z1.sign = 0;
|
|
zcopy(z1, &ztmp);
|
|
modlen = lastmod->len;
|
|
zp0.sign = 0;
|
|
while (zrel(ztmp, *lastmod) >= 0) {
|
|
len = ztmp.len;
|
|
zp0.len = len;
|
|
len0 = 0;
|
|
if (len > 2 * modlen) {
|
|
zp0.len = 2 * modlen;
|
|
len0 = len - 2 * modlen;
|
|
}
|
|
zp0.v = ztmp.v + len - zp0.len;
|
|
zmod5(&zp0);
|
|
len = len0 + zp0.len;
|
|
while (len > 0 && ztmp.v[len - 1] == 0)
|
|
len--;
|
|
if (len == 0) {
|
|
zfree(ztmp);
|
|
*res = _zero_;
|
|
return;
|
|
}
|
|
ztmp.len = len;
|
|
}
|
|
if (sign)
|
|
zsub(*lastmod, ztmp, res);
|
|
else
|
|
zcopy(ztmp, res);
|
|
zfree(ztmp);
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
* Compute the result of raising one number to a power modulo another number.
|
|
* That is, this computes: a^b (modulo c).
|
|
* This calculates the result by examining the power POWBITS bits at a time,
|
|
* using a small table of POWNUMS low powers to calculate powers for those bits,
|
|
* and repeated squaring and multiplying by the partial powers to generate
|
|
* the complete power. If the power being raised to is high enough, then
|
|
* this uses the REDC algorithm to avoid doing many divisions. When using
|
|
* REDC, multiple calls to this routine using the same modulus will be
|
|
* slightly faster.
|
|
*/
|
|
void
|
|
zpowermod(ZVALUE z1, ZVALUE z2, ZVALUE z3, ZVALUE *res)
|
|
{
|
|
HALF *hp; /* pointer to current word of the power */
|
|
REDC *rp; /* REDC information to be used */
|
|
ZVALUE *pp; /* pointer to low power table */
|
|
ZVALUE ans, temp; /* calculation values */
|
|
ZVALUE modpow; /* current small power */
|
|
ZVALUE lowpowers[POWNUMS]; /* low powers */
|
|
ZVALUE ztmp;
|
|
int curshift; /* shift value for word of power */
|
|
HALF curhalf; /* current word of power */
|
|
unsigned int curpow; /* current low power */
|
|
unsigned int curbit; /* current bit of low power */
|
|
bool free_z1; /* true => need to free z1 */
|
|
int i;
|
|
|
|
/* firewall */
|
|
if (res == NULL) {
|
|
math_error("%s: res NULL", __func__);
|
|
not_reached();
|
|
}
|
|
|
|
if (zisneg(z3) || ziszero(z3)) {
|
|
math_error("Non-positive modulus in zpowermod");
|
|
not_reached();
|
|
}
|
|
if (zisneg(z2)) {
|
|
math_error("Negative power in zpowermod");
|
|
not_reached();
|
|
}
|
|
|
|
|
|
/*
|
|
* Check easy cases first.
|
|
*/
|
|
if ((ziszero(z1) && !ziszero(z2)) || zisunit(z3)) {
|
|
/* 0^(non_zero) or x^y mod 1 always produces zero */
|
|
*res = _zero_;
|
|
return;
|
|
}
|
|
if (ziszero(z2)) { /* x^0 == 1 */
|
|
*res = _one_;
|
|
return;
|
|
}
|
|
if (zistwo(z3)) { /* mod 2 */
|
|
if (zisodd(z1))
|
|
*res = _one_;
|
|
else
|
|
*res = _zero_;
|
|
return;
|
|
}
|
|
if (zisunit(z1) && (!z1.sign || ziseven(z2))) {
|
|
/* 1^x or (-1)^(2x) */
|
|
*res = _one_;
|
|
return;
|
|
}
|
|
|
|
/*
|
|
* Normalize the number being raised to be non-negative and to lie
|
|
* within the modulo range. Then check for zero or one specially.
|
|
*/
|
|
ztmp.len = 0;
|
|
free_z1 = false;
|
|
if (zisneg(z1) || zrel(z1, z3) >= 0) {
|
|
zmod(z1, z3, &ztmp, 0);
|
|
zfree(z1);
|
|
z1 = ztmp;
|
|
free_z1 = true;
|
|
}
|
|
if (ziszero(z1)) {
|
|
zfree(z1);
|
|
if (ztmp.len)
|
|
zfree(ztmp);
|
|
*res = _zero_;
|
|
return;
|
|
}
|
|
if (zisone(z1)) {
|
|
zfree(z1);
|
|
if (ztmp.len)
|
|
zfree(ztmp);
|
|
*res = _one_;
|
|
return;
|
|
}
|
|
|
|
/*
|
|
* If modulus is large enough use zmod5
|
|
*/
|
|
if (z3.len >= conf->pow2) {
|
|
if (havelastmod && zcmp(z3, *lastmod)) {
|
|
zfree(*lastmod);
|
|
zfree(*lastmodinv);
|
|
havelastmod = false;
|
|
}
|
|
if (!havelastmod) {
|
|
zcopy(z3, lastmod);
|
|
zbitvalue(2 * z3.len * BASEB, &temp);
|
|
zquo(temp, z3, lastmodinv, 0);
|
|
zfree(temp);
|
|
havelastmod = true;
|
|
}
|
|
|
|
/* zzz */
|
|
for (pp = &lowpowers[2]; pp <= &lowpowers[POWNUMS-1]; pp++) {
|
|
pp->len = 0;
|
|
pp->v = NULL;
|
|
}
|
|
lowpowers[0] = _one_;
|
|
lowpowers[1] = z1;
|
|
ans = _one_;
|
|
|
|
hp = &z2.v[z2.len - 1];
|
|
curhalf = *hp;
|
|
curshift = BASEB - POWBITS;
|
|
while (curshift && ((curhalf >> curshift) == 0))
|
|
curshift -= POWBITS;
|
|
|
|
/*
|
|
* Calculate the result by examining the power POWBITS bits at
|
|
* a time, and use the table of low powers at each iteration.
|
|
*/
|
|
for (;;) {
|
|
curpow = (curhalf >> curshift) & (POWNUMS - 1);
|
|
pp = &lowpowers[curpow];
|
|
|
|
/*
|
|
* If the small power is not yet saved in the table,
|
|
* then calculate it and remember it in the table for
|
|
* future use.
|
|
*/
|
|
if (pp->v == NULL) {
|
|
if (curpow & 0x1) {
|
|
zcopy(z1, &modpow);
|
|
free_z1 = false;
|
|
} else {
|
|
modpow = _one_;
|
|
}
|
|
|
|
for (curbit = 0x2;
|
|
curbit <= curpow;
|
|
curbit *= 2) {
|
|
pp = &lowpowers[curbit];
|
|
if (pp->v == NULL) {
|
|
zsquare(lowpowers[curbit/2],
|
|
&temp);
|
|
zmod5(&temp);
|
|
zcopy(temp, pp);
|
|
zfree(temp);
|
|
}
|
|
if (curbit & curpow) {
|
|
zmul(*pp, modpow, &temp);
|
|
zfree(modpow);
|
|
zmod5(&temp);
|
|
zcopy(temp, &modpow);
|
|
zfree(temp);
|
|
}
|
|
}
|
|
pp = &lowpowers[curpow];
|
|
if (pp->v != NULL) {
|
|
zfree(*pp);
|
|
}
|
|
*pp = modpow;
|
|
}
|
|
|
|
/*
|
|
* If the power is nonzero, then accumulate the small
|
|
* power into the result.
|
|
*/
|
|
if (curpow) {
|
|
zmul(ans, *pp, &temp);
|
|
zfree(ans);
|
|
zmod5(&temp);
|
|
zcopy(temp, &ans);
|
|
zfree(temp);
|
|
}
|
|
|
|
/*
|
|
* Select the next POWBITS bits of the power, if
|
|
* there is any more to generate.
|
|
*/
|
|
curshift -= POWBITS;
|
|
if (curshift < 0) {
|
|
if (hp == z2.v)
|
|
break;
|
|
curhalf = *--hp;
|
|
curshift = BASEB - POWBITS;
|
|
}
|
|
|
|
/*
|
|
* Square the result POWBITS times to make room for
|
|
* the next chunk of bits.
|
|
*/
|
|
for (i = 0; i < POWBITS; i++) {
|
|
zsquare(ans, &temp);
|
|
zfree(ans);
|
|
zmod5(&temp);
|
|
zcopy(temp, &ans);
|
|
zfree(temp);
|
|
}
|
|
}
|
|
|
|
for (pp = &lowpowers[2]; pp <= &lowpowers[POWNUMS-1]; pp++) {
|
|
zfree(*pp);
|
|
}
|
|
*res = ans;
|
|
if (ztmp.len)
|
|
zfree(ztmp);
|
|
return;
|
|
}
|
|
|
|
/*
|
|
* If the modulus is odd and small enough then use
|
|
* the REDC algorithm. The size where this is done is configurable.
|
|
*/
|
|
if (z3.len < conf->redc2 && zisodd(z3)) {
|
|
if (powermodredc && zcmp(powermodredc->mod, z3)) {
|
|
zredcfree(powermodredc);
|
|
powermodredc = NULL;
|
|
}
|
|
if (powermodredc == NULL)
|
|
powermodredc = zredcalloc(z3);
|
|
rp = powermodredc;
|
|
zredcencode(rp, z1, &temp);
|
|
if (free_z1 == true) {
|
|
zfree(z1);
|
|
}
|
|
zredcpower(rp, temp, z2, &z1);
|
|
zfree(temp);
|
|
zredcdecode(rp, z1, res);
|
|
zfree(z1);
|
|
return;
|
|
}
|
|
|
|
/*
|
|
* Modulus or power is small enough to perform the power raising
|
|
* directly. Initialize the table of powers.
|
|
*/
|
|
for (pp = &lowpowers[2]; pp <= &lowpowers[POWNUMS-1]; pp++) {
|
|
pp->len = 0;
|
|
pp->v = NULL;
|
|
}
|
|
lowpowers[0] = _one_;
|
|
lowpowers[1] = z1;
|
|
ans = _one_;
|
|
|
|
hp = &z2.v[z2.len - 1];
|
|
curhalf = *hp;
|
|
curshift = BASEB - POWBITS;
|
|
while (curshift && ((curhalf >> curshift) == 0))
|
|
curshift -= POWBITS;
|
|
|
|
/*
|
|
* Calculate the result by examining the power POWBITS bits at a time,
|
|
* and use the table of low powers at each iteration.
|
|
*/
|
|
for (;;) {
|
|
curpow = (curhalf >> curshift) & (POWNUMS - 1);
|
|
pp = &lowpowers[curpow];
|
|
|
|
/*
|
|
* If the small power is not yet saved in the table, then
|
|
* calculate it and remember it in the table for future use.
|
|
*/
|
|
if (pp->v == NULL) {
|
|
if (curpow & 0x1) {
|
|
zcopy(z1, &modpow);
|
|
free_z1 = false;
|
|
} else {
|
|
modpow = _one_;
|
|
}
|
|
|
|
for (curbit = 0x2; curbit <= curpow; curbit *= 2) {
|
|
pp = &lowpowers[curbit];
|
|
if (pp->v == NULL) {
|
|
zsquare(lowpowers[curbit/2], &temp);
|
|
zmod(temp, z3, pp, 0);
|
|
zfree(temp);
|
|
}
|
|
if (curbit & curpow) {
|
|
zmul(*pp, modpow, &temp);
|
|
zfree(modpow);
|
|
zmod(temp, z3, &modpow, 0);
|
|
zfree(temp);
|
|
}
|
|
}
|
|
pp = &lowpowers[curpow];
|
|
if (pp->v != NULL) {
|
|
zfree(*pp);
|
|
}
|
|
*pp = modpow;
|
|
}
|
|
|
|
/*
|
|
* If the power is nonzero, then accumulate the small power
|
|
* into the result.
|
|
*/
|
|
if (curpow) {
|
|
zmul(ans, *pp, &temp);
|
|
zfree(ans);
|
|
zmod(temp, z3, &ans, 0);
|
|
zfree(temp);
|
|
}
|
|
|
|
/*
|
|
* Select the next POWBITS bits of the power, if there is
|
|
* any more to generate.
|
|
*/
|
|
curshift -= POWBITS;
|
|
if (curshift < 0) {
|
|
if (hp-- == z2.v)
|
|
break;
|
|
curhalf = *hp;
|
|
curshift = BASEB - POWBITS;
|
|
}
|
|
|
|
/*
|
|
* Square the result POWBITS times to make room for the next
|
|
* chunk of bits.
|
|
*/
|
|
for (i = 0; i < POWBITS; i++) {
|
|
zsquare(ans, &temp);
|
|
zfree(ans);
|
|
zmod(temp, z3, &ans, 0);
|
|
zfree(temp);
|
|
}
|
|
}
|
|
|
|
for (pp = &lowpowers[2]; pp <= &lowpowers[POWNUMS-1]; pp++) {
|
|
zfree(*pp);
|
|
}
|
|
*res = ans;
|
|
if (ztmp.len)
|
|
zfree(ztmp);
|
|
if (free_z1 == true) {
|
|
zfree(z1);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Given a positive odd N-word integer z, evaluate minv(-z, BASEB^N)
|
|
*/
|
|
S_FUNC void
|
|
zredcmodinv(ZVALUE z, ZVALUE *res)
|
|
{
|
|
ZVALUE tmp;
|
|
HALF *a0, *a, *b;
|
|
HALF bit, h, inv, v;
|
|
FULL f;
|
|
LEN N, i, j, len;
|
|
|
|
/* firewall */
|
|
if (res == NULL) {
|
|
math_error("%s: res NULL", __func__);
|
|
not_reached();
|
|
}
|
|
|
|
N = z.len;
|
|
tmp.sign = 0;
|
|
tmp.len = N;
|
|
tmp.v = alloc(N);
|
|
zclearval(tmp);
|
|
*tmp.v = 1;
|
|
h = 1 + *z.v;
|
|
bit = 1;
|
|
inv = 1;
|
|
while (h) {
|
|
bit <<= 1;
|
|
if (bit & h) {
|
|
inv |= bit;
|
|
h += bit * *z.v;
|
|
}
|
|
}
|
|
|
|
j = N;
|
|
a0 = tmp.v;
|
|
while (j-- > 0) {
|
|
v = inv * *a0;
|
|
i = j;
|
|
a = a0;
|
|
b = z.v;
|
|
f = (FULL) v * (FULL) *b++ + (FULL) *a++;
|
|
*a0 = v;
|
|
while (i-- > 0) {
|
|
f = (FULL) v * (FULL) *b++ + (FULL) *a + (f >> BASEB);
|
|
*a++ = (HALF) f;
|
|
}
|
|
while (j > 0 && *++a0 == 0)
|
|
j--;
|
|
}
|
|
a = tmp.v + N;
|
|
len = N;
|
|
while (*--a == 0)
|
|
len--;
|
|
tmp.len = len;
|
|
zcopy(tmp, res);
|
|
zfree(tmp);
|
|
}
|
|
|
|
|
|
/*
|
|
* Initialize the REDC algorithm for a particular modulus,
|
|
* returning a pointer to a structure that is used for other
|
|
* REDC calls. An error is generated if the structure cannot
|
|
* be allocated. The modulus must be odd and positive.
|
|
*
|
|
* given:
|
|
* z1 modulus to initialize for
|
|
*/
|
|
REDC *
|
|
zredcalloc(ZVALUE z1)
|
|
{
|
|
REDC *rp; /* REDC information */
|
|
ZVALUE tmp;
|
|
long bit;
|
|
|
|
if (ziseven(z1) || zisneg(z1)) {
|
|
math_error("REDC requires positive odd modulus");
|
|
not_reached();
|
|
}
|
|
|
|
rp = (REDC *) malloc(sizeof(REDC));
|
|
if (rp == NULL) {
|
|
math_error("Cannot allocate REDC structure");
|
|
not_reached();
|
|
}
|
|
|
|
/*
|
|
* Round up the binary modulus to the next power of two
|
|
* which is at a word boundary. Then the shift and modulo
|
|
* operations mod the binary modulus can be done very cheaply.
|
|
* Calculate the REDC format for the number 1 for future use.
|
|
*/
|
|
zcopy(z1, &rp->mod);
|
|
zredcmodinv(z1, &rp->inv);
|
|
bit = zhighbit(z1) + 1;
|
|
if (bit % BASEB)
|
|
bit += (BASEB - (bit % BASEB));
|
|
zbitvalue(bit, &tmp);
|
|
zmod(tmp, rp->mod, &rp->one, 0);
|
|
zfree(tmp);
|
|
rp->len = (LEN)(bit / BASEB);
|
|
return rp;
|
|
}
|
|
|
|
|
|
/*
|
|
* Free any numbers associated with the specified REDC structure,
|
|
* and then the REDC structure itself.
|
|
*
|
|
* given:
|
|
* rp REDC information to be cleared
|
|
*/
|
|
void
|
|
zredcfree(REDC *rp)
|
|
{
|
|
/* firewall */
|
|
if (rp == NULL) {
|
|
math_error("%s: rp NULL", __func__);
|
|
not_reached();
|
|
}
|
|
|
|
zfree(rp->mod);
|
|
zfree(rp->inv);
|
|
zfree(rp->one);
|
|
free(rp);
|
|
}
|
|
|
|
|
|
/*
|
|
* Convert a normal number into the specified REDC format.
|
|
* The number to be converted can be negative or out of modulo range.
|
|
* The resulting number can be used for multiplying, adding, subtracting,
|
|
* or comparing with any other such converted numbers, as if the numbers
|
|
* were being calculated modulo the number which initialized the REDC
|
|
* information. When the final value is not converted, the result is the
|
|
* same as if the usual operations were done with the original numbers.
|
|
*
|
|
* given:
|
|
* rp REDC information
|
|
* z1 number to be converted
|
|
* res returned converted number
|
|
*/
|
|
void
|
|
zredcencode(REDC *rp, ZVALUE z1, ZVALUE *res)
|
|
{
|
|
ZVALUE tmp1;
|
|
|
|
/* firewall */
|
|
if (rp == NULL) {
|
|
math_error("%s: rp NULL", __func__);
|
|
not_reached();
|
|
}
|
|
if (res == NULL) {
|
|
math_error("%s: res NULL", __func__);
|
|
not_reached();
|
|
}
|
|
|
|
/*
|
|
* Confirm or initialize lastmod information when modulus is a
|
|
* big number.
|
|
*/
|
|
|
|
if (rp->len >= conf->pow2) {
|
|
if (havelastmod && zcmp(rp->mod, *lastmod)) {
|
|
zfree(*lastmod);
|
|
zfree(*lastmodinv);
|
|
havelastmod = false;
|
|
}
|
|
if (!havelastmod) {
|
|
zcopy(rp->mod, lastmod);
|
|
zbitvalue(2 * rp->len * BASEB, &tmp1);
|
|
zquo(tmp1, rp->mod, lastmodinv, 0);
|
|
zfree(tmp1);
|
|
havelastmod = true;
|
|
}
|
|
}
|
|
/*
|
|
* Handle the cases 0, 1, -1, and 2 specially since these are
|
|
* easy to calculate. Zero transforms to zero, and the others
|
|
* can be obtained from the precomputed REDC format for 1 since
|
|
* addition and subtraction act normally for REDC format numbers.
|
|
*/
|
|
if (ziszero(z1)) {
|
|
*res = _zero_;
|
|
return;
|
|
}
|
|
if (zisone(z1)) {
|
|
zcopy(rp->one, res);
|
|
return;
|
|
}
|
|
if (zisunit(z1)) {
|
|
zsub(rp->mod, rp->one, res);
|
|
return;
|
|
}
|
|
if (zistwo(z1)) {
|
|
zadd(rp->one, rp->one, &tmp1);
|
|
if (zrel(tmp1, rp->mod) < 0) {
|
|
*res = tmp1;
|
|
return;
|
|
}
|
|
zsub(tmp1, rp->mod, res);
|
|
zfree(tmp1);
|
|
return;
|
|
}
|
|
|
|
/*
|
|
* Not a trivial number to convert, so do the full transformation.
|
|
*/
|
|
zshift(z1, rp->len * BASEB, &tmp1);
|
|
if (rp->len < conf->pow2)
|
|
zmod(tmp1, rp->mod, res, 0);
|
|
else
|
|
zmod6(tmp1, res);
|
|
zfree(tmp1);
|
|
}
|
|
|
|
|
|
/*
|
|
* The REDC algorithm used to convert numbers out of REDC format and also
|
|
* used after multiplication of two REDC numbers. Using this routine
|
|
* avoids any divides, replacing the divide by two multiplications.
|
|
* If the numbers are very large, then these two multiplies will be
|
|
* quicker than the divide, since dividing is harder than multiplying.
|
|
*
|
|
* given:
|
|
* rp REDC information
|
|
* z1 number to be transformed
|
|
* res returned transformed number
|
|
*/
|
|
void
|
|
zredcdecode(REDC *rp, ZVALUE z1, ZVALUE *res)
|
|
{
|
|
ZVALUE tmp1, tmp2;
|
|
ZVALUE ztmp;
|
|
ZVALUE ztop;
|
|
ZVALUE zp1;
|
|
FULL muln;
|
|
HALF *h1;
|
|
HALF *h3;
|
|
HALF *hd = NULL;
|
|
HALF Ninv;
|
|
LEN modlen;
|
|
LEN len;
|
|
FULL f;
|
|
int sign;
|
|
|
|
/* firewall */
|
|
if (rp == NULL) {
|
|
math_error("%s: rp NULL", __func__);
|
|
not_reached();
|
|
}
|
|
if (res == NULL) {
|
|
math_error("%s: res NULL", __func__);
|
|
not_reached();
|
|
}
|
|
int i, j;
|
|
|
|
/*
|
|
* Check first for the special values for 0 and 1 that are easy.
|
|
*/
|
|
if (ziszero(z1)) {
|
|
*res = _zero_;
|
|
return;
|
|
}
|
|
if ((z1.len == rp->one.len) && (z1.v[0] == rp->one.v[0]) &&
|
|
(zcmp(z1, rp->one) == 0)) {
|
|
*res = _one_;
|
|
return;
|
|
}
|
|
ztop.len = 0;
|
|
ztmp.len = 0;
|
|
modlen = rp->len;
|
|
sign = z1.sign;
|
|
z1.sign = 0;
|
|
if (z1.len > modlen) {
|
|
ztop.v = z1.v + modlen;
|
|
ztop.len = z1.len - modlen;
|
|
ztop.sign = 0;
|
|
if (zrel(ztop, rp->mod) >= 0) {
|
|
zmod(ztop, rp->mod, &ztmp, 0);
|
|
ztop = ztmp;
|
|
}
|
|
len = modlen;
|
|
h1 = z1.v + len;
|
|
while (len > 0 && *--h1 == 0)
|
|
len--;
|
|
if (len == 0) {
|
|
if (ztmp.len)
|
|
*res = ztmp;
|
|
else
|
|
zcopy(ztop, res);
|
|
return;
|
|
}
|
|
z1.len = len;
|
|
|
|
}
|
|
if (rp->mod.len < conf->pow2) {
|
|
Ninv = rp->inv.v[0];
|
|
res->sign = 0;
|
|
res->len = modlen;
|
|
res->v = alloc(modlen);
|
|
zclearval(*res);
|
|
h1 = z1.v;
|
|
for (i = 0; i < modlen; i++) {
|
|
h3 = rp->mod.v;
|
|
hd = res->v;
|
|
f = (FULL) *hd++;
|
|
if (i < z1.len)
|
|
f += (FULL) *h1++;
|
|
muln = (HALF) ((f & BASE1) * Ninv);
|
|
f = ((muln * (FULL) *h3++) + f) >> BASEB;
|
|
j = modlen;
|
|
while (--j > 0) {
|
|
f += (muln * (FULL) *h3++) + (FULL) *hd;
|
|
hd[-1] = (HALF) f;
|
|
f >>= BASEB;
|
|
hd++;
|
|
}
|
|
hd[-1] = (HALF) f;
|
|
}
|
|
len = modlen;
|
|
while (*--hd == 0 && len > 1)
|
|
len--;
|
|
if (len == 0)
|
|
len = 1;
|
|
res->len = len;
|
|
} else {
|
|
/* Here 0 < z1 < 2^bitnum */
|
|
|
|
/*
|
|
* First calculate the following:
|
|
* tmp2 = ((z1 * inv) % 2^bitnum.
|
|
* The mod operations can be done with no work since the bit
|
|
* number was selected as a multiple of the word size. Just
|
|
* reduce the sizes of the numbers as required.
|
|
*/
|
|
zmul(z1, rp->inv, &tmp2);
|
|
if (tmp2.len > modlen) {
|
|
h1 = tmp2.v + modlen;
|
|
len = modlen;
|
|
while (len > 0 && *--h1 == 0)
|
|
len--;
|
|
tmp2.len = len;
|
|
}
|
|
|
|
/*
|
|
* Next calculate the following:
|
|
* res = (z1 + tmp2 * modulus) / 2^bitnum
|
|
* Since 0 < z1 < 2^bitnum and the division is always exact,
|
|
* the quotient can be evaluated by rounding up
|
|
* (tmp2 * modulus)/2^bitnum. This can be achieved by defining
|
|
* zp1 by an appropriate shift and then adding one.
|
|
*/
|
|
zmul(tmp2, rp->mod, &tmp1);
|
|
zfree(tmp2);
|
|
if (tmp1.len > modlen) {
|
|
zp1.v = tmp1.v + modlen;
|
|
zp1.len = tmp1.len - modlen;
|
|
zp1.sign = 0;
|
|
zadd(zp1, _one_, res);
|
|
} else {
|
|
*res = _one_;
|
|
}
|
|
zfree(tmp1);
|
|
}
|
|
if (ztop.len) {
|
|
zadd(*res, ztop, &tmp1);
|
|
zfree(*res);
|
|
if (ztmp.len)
|
|
zfree(ztmp);
|
|
*res = tmp1;
|
|
}
|
|
|
|
/*
|
|
* Finally do a final modulo by a simple subtraction if necessary.
|
|
* This is all that is needed because the previous calculation is
|
|
* guaranteed to always be less than twice the modulus.
|
|
*/
|
|
|
|
if (zrel(*res, rp->mod) >= 0) {
|
|
zsub(*res, rp->mod, &tmp1);
|
|
zfree(*res);
|
|
*res = tmp1;
|
|
}
|
|
if (sign && !ziszero(*res)) {
|
|
zsub(rp->mod, *res, &tmp1);
|
|
zfree(*res);
|
|
*res = tmp1;
|
|
}
|
|
return;
|
|
}
|
|
|
|
|
|
/*
|
|
* Multiply two numbers in REDC format together producing a result also
|
|
* in REDC format. If the result is converted back to a normal number,
|
|
* then the result is the same as the modulo'd multiplication of the
|
|
* original numbers before they were converted to REDC format. This
|
|
* calculation is done in one of two ways, depending on the size of the
|
|
* modulus. For large numbers, the REDC definition is used directly
|
|
* which involves three multiplies overall. For small numbers, a
|
|
* complicated routine is used which does the indicated multiplication
|
|
* and the REDC algorithm at the same time to produce the result.
|
|
*
|
|
* given:
|
|
* rp REDC information
|
|
* z1 first REDC number to be multiplied
|
|
* z2 second REDC number to be multiplied
|
|
* res resulting REDC number
|
|
*/
|
|
void
|
|
zredcmul(REDC *rp, ZVALUE z1, ZVALUE z2, ZVALUE *res)
|
|
{
|
|
FULL mulb;
|
|
FULL muln;
|
|
HALF *h1;
|
|
HALF *h2;
|
|
HALF *h3;
|
|
HALF *hd;
|
|
HALF Ninv;
|
|
HALF topdigit = 0;
|
|
LEN modlen;
|
|
LEN len;
|
|
LEN len2;
|
|
SIUNION sival1;
|
|
SIUNION sival2;
|
|
SIUNION carry;
|
|
ZVALUE tmp;
|
|
ZVALUE z1tmp, z2tmp;
|
|
int sign;
|
|
|
|
/* firewall */
|
|
if (rp == NULL) {
|
|
math_error("%s: rp NULL", __func__);
|
|
not_reached();
|
|
}
|
|
if (res == NULL) {
|
|
math_error("%s: res NULL", __func__);
|
|
not_reached();
|
|
}
|
|
|
|
sign = z1.sign ^ z2.sign;
|
|
z1.sign = 0;
|
|
z2.sign = 0;
|
|
z1tmp.len = 0;
|
|
if (zrel(z1, rp->mod) >= 0) {
|
|
zmod(z1, rp->mod, &z1tmp, 0);
|
|
z1 = z1tmp;
|
|
}
|
|
z2tmp.len = 0;
|
|
if (zrel(z2, rp->mod) >= 0) {
|
|
zmod(z2, rp->mod, &z2tmp, 0);
|
|
z2 = z2tmp;
|
|
}
|
|
|
|
|
|
/*
|
|
* Check for special values which we easily know the answer.
|
|
*/
|
|
if (ziszero(z1) || ziszero(z2)) {
|
|
*res = _zero_;
|
|
if (z1tmp.len)
|
|
zfree(z1tmp);
|
|
if (z2tmp.len)
|
|
zfree(z2tmp);
|
|
return;
|
|
}
|
|
|
|
if ((z1.len == rp->one.len) && (z1.v[0] == rp->one.v[0]) &&
|
|
(zcmp(z1, rp->one) == 0)) {
|
|
if (sign)
|
|
zsub(rp->mod, z2, res);
|
|
else
|
|
zcopy(z2, res);
|
|
if (z1tmp.len)
|
|
zfree(z1tmp);
|
|
if (z2tmp.len)
|
|
zfree(z2tmp);
|
|
return;
|
|
}
|
|
|
|
if ((z2.len == rp->one.len) && (z2.v[0] == rp->one.v[0]) &&
|
|
(zcmp(z2, rp->one) == 0)) {
|
|
if (sign)
|
|
zsub(rp->mod, z1, res);
|
|
else
|
|
zcopy(z1, res);
|
|
if (z1tmp.len)
|
|
zfree(z1tmp);
|
|
if (z2tmp.len)
|
|
zfree(z2tmp);
|
|
return;
|
|
}
|
|
|
|
/*
|
|
* If the size of the modulus is large, then just do the multiply,
|
|
* followed by the two multiplies contained in the REDC routine.
|
|
* This will be quicker than directly doing the REDC calculation
|
|
* because of the O(N^1.585) speed of the multiplies. The size
|
|
* of the number which this is done is configurable.
|
|
*/
|
|
if (rp->mod.len >= conf->redc2) {
|
|
zmul(z1, z2, &tmp);
|
|
zredcdecode(rp, tmp, res);
|
|
zfree(tmp);
|
|
if (sign && !ziszero(*res)) {
|
|
zsub(rp->mod, *res, &tmp);
|
|
zfree(*res);
|
|
*res = tmp;
|
|
}
|
|
if (z1tmp.len)
|
|
zfree(z1tmp);
|
|
if (z2tmp.len)
|
|
zfree(z2tmp);
|
|
return;
|
|
}
|
|
|
|
/*
|
|
* The number is small enough to calculate by doing the O(N^2) REDC
|
|
* algorithm directly. This algorithm performs the multiplication and
|
|
* the reduction at the same time. Notice the obscure facts that
|
|
* only the lowest word of the inverse value is used, and that
|
|
* there is no shifting of the partial products as there is in a
|
|
* normal multiply.
|
|
*/
|
|
modlen = rp->mod.len;
|
|
Ninv = rp->inv.v[0];
|
|
|
|
/*
|
|
* Allocate the result and clear it.
|
|
* The size of the result will be equal to or smaller than
|
|
* the modulus size.
|
|
*/
|
|
res->sign = 0;
|
|
res->len = modlen;
|
|
res->v = alloc(modlen);
|
|
|
|
hd = res->v;
|
|
len = modlen;
|
|
zclearval(*res);
|
|
|
|
/*
|
|
* Do this outermost loop over all the digits of z1.
|
|
*/
|
|
h1 = z1.v;
|
|
len = z1.len;
|
|
while (len--) {
|
|
/*
|
|
* Start off with the next digit of z1, the first
|
|
* digit of z2, and the first digit of the modulus.
|
|
*/
|
|
mulb = (FULL) *h1++;
|
|
h2 = z2.v;
|
|
h3 = rp->mod.v;
|
|
hd = res->v;
|
|
sival1.ivalue = mulb * ((FULL) *h2++) + ((FULL) *hd++);
|
|
muln = ((HALF) (sival1.silow * Ninv));
|
|
sival2.ivalue = muln * ((FULL) *h3++) + ((FULL) sival1.silow);
|
|
carry.ivalue = ((FULL) sival1.sihigh) + ((FULL) sival2.sihigh);
|
|
|
|
/*
|
|
* Do this innermost loop for each digit of z2, except
|
|
* for the first digit which was just done above.
|
|
*/
|
|
len2 = z2.len;
|
|
while (--len2 > 0) {
|
|
sival1.ivalue = mulb * ((FULL) *h2++)
|
|
+ ((FULL) *hd) + ((FULL) carry.silow);
|
|
sival2.ivalue = muln * ((FULL) *h3++)
|
|
+ ((FULL) sival1.silow);
|
|
carry.ivalue = ((FULL) sival1.sihigh)
|
|
+ ((FULL) sival2.sihigh)
|
|
+ ((FULL) carry.sihigh);
|
|
|
|
hd[-1] = sival2.silow;
|
|
hd++;
|
|
}
|
|
|
|
/*
|
|
* Now continue the loop as necessary so the total number
|
|
* of iterations is equal to the size of the modulus.
|
|
* This acts as if the innermost loop was repeated for
|
|
* high digits of z2 that are zero.
|
|
*/
|
|
len2 = modlen - z2.len;
|
|
while (len2--) {
|
|
sival2.ivalue = muln * ((FULL) *h3++)
|
|
+ ((FULL) *hd)
|
|
+ ((FULL) carry.silow);
|
|
carry.ivalue = ((FULL) sival2.sihigh)
|
|
+ ((FULL) carry.sihigh);
|
|
|
|
hd[-1] = sival2.silow;
|
|
hd++;
|
|
}
|
|
|
|
carry.ivalue += topdigit;
|
|
hd[-1] = carry.silow;
|
|
topdigit = carry.sihigh;
|
|
}
|
|
|
|
/*
|
|
* Now continue the loop as necessary so the total number
|
|
* of iterations is equal to the size of the modulus.
|
|
* This acts as if the outermost loop was repeated for high
|
|
* digits of z1 that are zero.
|
|
*/
|
|
len = modlen - z1.len;
|
|
while (len--) {
|
|
/*
|
|
* Start off with the first digit of the modulus.
|
|
*/
|
|
h3 = rp->mod.v;
|
|
hd = res->v;
|
|
muln = ((HALF) (*hd * Ninv));
|
|
sival2.ivalue = muln * ((FULL) *h3++) + (FULL) *hd++;
|
|
carry.ivalue = ((FULL) sival2.sihigh);
|
|
|
|
/*
|
|
* Do this innermost loop for each digit of the modulus,
|
|
* except for the first digit which was just done above.
|
|
*/
|
|
len2 = modlen;
|
|
while (--len2 > 0) {
|
|
sival2.ivalue = muln * ((FULL) *h3++)
|
|
+ ((FULL) *hd) + ((FULL) carry.silow);
|
|
carry.ivalue = ((FULL) sival2.sihigh)
|
|
+ ((FULL) carry.sihigh);
|
|
|
|
hd[-1] = sival2.silow;
|
|
hd++;
|
|
}
|
|
carry.ivalue += topdigit;
|
|
hd[-1] = carry.silow;
|
|
topdigit = carry.sihigh;
|
|
}
|
|
|
|
/*
|
|
* Determine the true size of the result, taking the top digit of
|
|
* the current result into account. The top digit is not stored in
|
|
* the number because it is temporary and would become zero anyway
|
|
* after the final subtraction is done.
|
|
*/
|
|
if (topdigit == 0) {
|
|
len = modlen;
|
|
while (*--hd == 0 && len > 1) {
|
|
len--;
|
|
}
|
|
res->len = len;
|
|
|
|
/*
|
|
* Compare the result with the modulus.
|
|
* If it is less than the modulus, then the calculation is complete.
|
|
*/
|
|
|
|
if (zrel(*res, rp->mod) < 0) {
|
|
if (z1tmp.len)
|
|
zfree(z1tmp);
|
|
if (z2tmp.len)
|
|
zfree(z2tmp);
|
|
if (sign && !ziszero(*res)) {
|
|
zsub(rp->mod, *res, &tmp);
|
|
zfree(*res);
|
|
*res = tmp;
|
|
}
|
|
return;
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Do a subtraction to reduce the result to a value less than
|
|
* the modulus. The REDC algorithm guarantees that a single subtract
|
|
* is all that is needed. Ignore any borrowing from the possible
|
|
* highest word of the current result because that would affect
|
|
* only the top digit value that was not stored and would become
|
|
* zero anyway.
|
|
*/
|
|
carry.ivalue = 0;
|
|
h1 = rp->mod.v;
|
|
hd = res->v;
|
|
len = modlen;
|
|
while (len--) {
|
|
carry.ivalue = BASE1 - ((FULL) *hd) + ((FULL) *h1++)
|
|
+ ((FULL) carry.silow);
|
|
*hd++ = (HALF)(BASE1 - carry.silow);
|
|
carry.silow = carry.sihigh;
|
|
}
|
|
|
|
/*
|
|
* Now finally recompute the size of the result.
|
|
*/
|
|
len = modlen;
|
|
hd = &res->v[len - 1];
|
|
while ((*hd == 0) && (len > 1)) {
|
|
hd--;
|
|
len--;
|
|
}
|
|
res->len = len;
|
|
if (z1tmp.len)
|
|
zfree(z1tmp);
|
|
if (z2tmp.len)
|
|
zfree(z2tmp);
|
|
if (sign && !ziszero(*res)) {
|
|
zsub(rp->mod, *res, &tmp);
|
|
zfree(*res);
|
|
*res = tmp;
|
|
}
|
|
|
|
}
|
|
|
|
/*
|
|
* Square a number in REDC format producing a result also in REDC format.
|
|
*
|
|
* given:
|
|
* rp REDC information
|
|
* z1 REDC number to be squared
|
|
* res resulting REDC number
|
|
*/
|
|
void
|
|
zredcsquare(REDC *rp, ZVALUE z1, ZVALUE *res)
|
|
{
|
|
FULL mulb;
|
|
FULL muln;
|
|
HALF *h1;
|
|
HALF *h2;
|
|
HALF *h3;
|
|
HALF *hd = NULL;
|
|
HALF Ninv;
|
|
HALF topdigit = 0;
|
|
LEN modlen;
|
|
LEN len;
|
|
SIUNION sival1;
|
|
SIUNION sival2;
|
|
SIUNION sival3;
|
|
SIUNION carry;
|
|
ZVALUE tmp, ztmp;
|
|
FULL f;
|
|
int i, j;
|
|
|
|
/* firewall */
|
|
if (rp == NULL) {
|
|
math_error("%s: rp NULL", __func__);
|
|
not_reached();
|
|
}
|
|
if (res == NULL) {
|
|
math_error("%s: res NULL", __func__);
|
|
not_reached();
|
|
}
|
|
|
|
ztmp.len = 0;
|
|
z1.sign = 0;
|
|
if (zrel(z1, rp->mod) >= 0) {
|
|
zmod(z1, rp->mod, &ztmp, 0);
|
|
z1 = ztmp;
|
|
}
|
|
if (ziszero(z1)) {
|
|
*res = _zero_;
|
|
if (ztmp.len)
|
|
zfree(ztmp);
|
|
return;
|
|
}
|
|
if ((z1.len == rp->one.len) && (z1.v[0] == rp->one.v[0]) &&
|
|
(zcmp(z1, rp->one) == 0)) {
|
|
zcopy(z1, res);
|
|
if (ztmp.len)
|
|
zfree(ztmp);
|
|
return;
|
|
}
|
|
|
|
|
|
/*
|
|
* If the modulus is small enough, then call the multiply
|
|
* routine to produce the result. Otherwise call the O(N^1.585)
|
|
* routines to get the answer.
|
|
*/
|
|
if (rp->mod.len >= conf->redc2
|
|
|| 3 * z1.len < 2 * rp->mod.len) {
|
|
zsquare(z1, &tmp);
|
|
zredcdecode(rp, tmp, res);
|
|
zfree(tmp);
|
|
if (ztmp.len)
|
|
zfree(ztmp);
|
|
return;
|
|
}
|
|
modlen = rp->mod.len;
|
|
Ninv = rp->inv.v[0];
|
|
|
|
res->sign = 0;
|
|
res->len = modlen;
|
|
res->v = alloc(modlen);
|
|
|
|
zclearval(*res);
|
|
|
|
h1 = z1.v;
|
|
|
|
for (i = 0; i < z1.len; i++) {
|
|
mulb = (FULL) *h1++;
|
|
h2 = h1;
|
|
h3 = rp->mod.v;
|
|
hd = res->v;
|
|
if (i == 0) {
|
|
sival1.ivalue = mulb * mulb;
|
|
muln = (HALF) (sival1.silow * Ninv);
|
|
sival2.ivalue = muln * ((FULL) *h3++)
|
|
+ (FULL) sival1.silow;
|
|
carry.ivalue = (FULL) sival1.sihigh
|
|
+ (FULL) sival2.sihigh;
|
|
hd++;
|
|
} else {
|
|
muln = (HALF) (*hd * Ninv);
|
|
f = (muln * ((FULL) *h3++) + (FULL) *hd++) >> BASEB;
|
|
j = i;
|
|
while (--j > 0) {
|
|
f += muln * ((FULL) *h3++) + *hd;
|
|
hd[-1] = (HALF) f;
|
|
f >>= BASEB;
|
|
hd++;
|
|
}
|
|
carry.ivalue = f;
|
|
sival1.ivalue = mulb * mulb + (FULL) carry.silow;
|
|
sival2.ivalue = muln * ((FULL) *h3++)
|
|
+ (FULL) *hd
|
|
+ (FULL) sival1.silow;
|
|
carry.ivalue = (FULL) sival1.sihigh
|
|
+ (FULL) sival2.sihigh
|
|
+ (FULL) carry.sihigh;
|
|
hd[-1] = sival2.silow;
|
|
hd++;
|
|
}
|
|
j = z1.len - i;
|
|
while (--j > 0) {
|
|
sival1.ivalue = mulb * ((FULL) *h2++);
|
|
sival2.ivalue = ((FULL) sival1.silow << 1)
|
|
+ muln * ((FULL) *h3++);
|
|
sival3.ivalue = (FULL) sival2.silow
|
|
+ (FULL) *hd
|
|
+ (FULL) carry.silow;
|
|
carry.ivalue = ((FULL) sival1.sihigh << 1)
|
|
+ (FULL) sival2.sihigh
|
|
+ (FULL) sival3.sihigh
|
|
+ (FULL) carry.sihigh;
|
|
hd[-1] = sival3.silow;
|
|
hd++;
|
|
}
|
|
j = modlen - z1.len;
|
|
while (j-- > 0) {
|
|
sival1.ivalue = muln * ((FULL) *h3++)
|
|
+ (FULL) *hd
|
|
+ (FULL) carry.silow;
|
|
carry.ivalue = (FULL) sival1.sihigh
|
|
+ (FULL) carry.sihigh;
|
|
hd[-1] = sival1.silow;
|
|
hd++;
|
|
}
|
|
carry.ivalue += (FULL) topdigit;
|
|
hd[-1] = carry.silow;
|
|
topdigit = carry.sihigh;
|
|
}
|
|
i = modlen - z1.len;
|
|
while (i-- > 0) {
|
|
h3 = rp->mod.v;
|
|
hd = res->v;
|
|
muln = (HALF) (*hd * Ninv);
|
|
sival1.ivalue = muln * ((FULL) *h3++) + (FULL) *hd++;
|
|
carry.ivalue = (FULL) sival1.sihigh;
|
|
j = modlen;
|
|
while (--j > 0) {
|
|
sival1.ivalue = muln * ((FULL) *h3++)
|
|
+ (FULL) *hd
|
|
+ (FULL) carry.silow;
|
|
carry.ivalue = (FULL) sival1.sihigh
|
|
+ (FULL) carry.sihigh;
|
|
hd[-1] = sival1.silow;
|
|
hd++;
|
|
}
|
|
carry.ivalue += (FULL) topdigit;
|
|
hd[-1] = carry.silow;
|
|
topdigit = carry.sihigh;
|
|
}
|
|
if (topdigit == 0) {
|
|
len = modlen;
|
|
while (*--hd == 0 && len > 1) {
|
|
len--;
|
|
}
|
|
res->len = len;
|
|
if (zrel(*res, rp->mod) < 0) {
|
|
if (ztmp.len)
|
|
zfree(ztmp);
|
|
return;
|
|
}
|
|
}
|
|
|
|
carry.ivalue = 0;
|
|
h1 = rp->mod.v;
|
|
hd = res->v;
|
|
len = modlen;
|
|
while (len--) {
|
|
carry.ivalue = BASE1 - ((FULL) *hd) + ((FULL) *h1++)
|
|
+ ((FULL) carry.silow);
|
|
*hd++ = (HALF)(BASE1 - carry.silow);
|
|
carry.silow = carry.sihigh;
|
|
}
|
|
|
|
len = modlen;
|
|
hd = &res->v[len - 1];
|
|
while ((*hd == 0) && (len > 1)) {
|
|
hd--;
|
|
len--;
|
|
}
|
|
res->len = len;
|
|
if (ztmp.len)
|
|
zfree(ztmp);
|
|
}
|
|
|
|
|
|
/*
|
|
* Compute the result of raising a REDC format number to a power.
|
|
* The result is within the range 0 to the modulus - 1.
|
|
* This calculates the result by examining the power POWBITS bits at a time,
|
|
* using a small table of POWNUMS low powers to calculate powers for those bits,
|
|
* and repeated squaring and multiplying by the partial powers to generate
|
|
* the complete power.
|
|
*
|
|
* given:
|
|
* rp REDC information
|
|
* z1 REDC number to be raised
|
|
* z2 normal number to raise number to
|
|
* res result
|
|
*/
|
|
void
|
|
zredcpower(REDC *rp, ZVALUE z1, ZVALUE z2, ZVALUE *res)
|
|
{
|
|
HALF *hp; /* pointer to current word of the power */
|
|
ZVALUE *pp; /* pointer to low power table */
|
|
ZVALUE ans, temp; /* calculation values */
|
|
ZVALUE ztmp;
|
|
ZVALUE modpow; /* current small power */
|
|
ZVALUE lowpowers[POWNUMS]; /* low powers */
|
|
int curshift; /* shift value for word of power */
|
|
HALF curhalf; /* current word of power */
|
|
unsigned int curpow; /* current low power */
|
|
unsigned int curbit; /* current bit of low power */
|
|
int sign;
|
|
int i;
|
|
|
|
/* firewall */
|
|
if (rp == NULL) {
|
|
math_error("%s: rp NULL", __func__);
|
|
not_reached();
|
|
}
|
|
if (res == NULL) {
|
|
math_error("%s: res NULL", __func__);
|
|
not_reached();
|
|
}
|
|
|
|
if (zisneg(z2)) {
|
|
math_error("Negative power in zredcpower");
|
|
not_reached();
|
|
}
|
|
|
|
if (zisunit(rp->mod)) {
|
|
*res = _zero_;
|
|
return;
|
|
}
|
|
|
|
sign = zisodd(z2) ? z1.sign : 0;
|
|
z1.sign = 0;
|
|
ztmp.len = 0;
|
|
if (zrel(z1, rp->mod) >= 0) {
|
|
zmod(z1, rp->mod, &ztmp, 0);
|
|
z1 = ztmp;
|
|
}
|
|
/*
|
|
* Check for zero or the REDC format for one.
|
|
*/
|
|
if (ziszero(z1)) {
|
|
if (ziszero(z2))
|
|
*res = _one_;
|
|
else
|
|
*res = _zero_;
|
|
if (ztmp.len)
|
|
zfree(ztmp);
|
|
return;
|
|
}
|
|
if (zcmp(z1, rp->one) == 0) {
|
|
if (sign)
|
|
zsub(rp->mod, rp->one, res);
|
|
else
|
|
zcopy(rp->one, res);
|
|
if (ztmp.len)
|
|
zfree(ztmp);
|
|
return;
|
|
}
|
|
|
|
/*
|
|
* See if the number being raised is the REDC format for -1.
|
|
* If so, then the answer is the REDC format for one or minus one.
|
|
* To do this check, calculate the REDC format for -1.
|
|
*/
|
|
if (((HALF)(z1.v[0] + rp->one.v[0])) == rp->mod.v[0]) {
|
|
zsub(rp->mod, rp->one, &temp);
|
|
if (zcmp(z1, temp) == 0) {
|
|
if (zisodd(z2) ^ sign) {
|
|
*res = temp;
|
|
if (ztmp.len)
|
|
zfree(ztmp);
|
|
return;
|
|
}
|
|
zfree(temp);
|
|
zcopy(rp->one, res);
|
|
if (ztmp.len)
|
|
zfree(ztmp);
|
|
return;
|
|
}
|
|
zfree(temp);
|
|
}
|
|
|
|
for (pp = &lowpowers[2]; pp < &lowpowers[POWNUMS]; pp++)
|
|
pp->len = 0;
|
|
zcopy(rp->one, &lowpowers[0]);
|
|
zcopy(z1, &lowpowers[1]);
|
|
zcopy(rp->one, &ans);
|
|
|
|
hp = &z2.v[z2.len - 1];
|
|
curhalf = *hp;
|
|
curshift = BASEB - POWBITS;
|
|
while (curshift && ((curhalf >> curshift) == 0))
|
|
curshift -= POWBITS;
|
|
|
|
/*
|
|
* Calculate the result by examining the power POWBITS bits at a time,
|
|
* and use the table of low powers at each iteration.
|
|
*/
|
|
for (;;) {
|
|
curpow = (curhalf >> curshift) & (POWNUMS - 1);
|
|
pp = &lowpowers[curpow];
|
|
|
|
/*
|
|
* If the small power is not yet saved in the table, then
|
|
* calculate it and remember it in the table for future use.
|
|
*/
|
|
if (pp->len == 0) {
|
|
if (curpow & 0x1)
|
|
zcopy(z1, &modpow);
|
|
else
|
|
zcopy(rp->one, &modpow);
|
|
|
|
for (curbit = 0x2; curbit <= curpow; curbit *= 2) {
|
|
pp = &lowpowers[curbit];
|
|
if (pp->len == 0)
|
|
zredcsquare(rp, lowpowers[curbit/2],
|
|
pp);
|
|
if (curbit & curpow) {
|
|
zredcmul(rp, *pp, modpow, &temp);
|
|
zfree(modpow);
|
|
modpow = temp;
|
|
}
|
|
}
|
|
pp = &lowpowers[curpow];
|
|
if (pp->len > 0) {
|
|
zfree(*pp);
|
|
}
|
|
*pp = modpow;
|
|
}
|
|
|
|
/*
|
|
* If the power is nonzero, then accumulate the small power
|
|
* into the result.
|
|
*/
|
|
if (curpow) {
|
|
zredcmul(rp, ans, *pp, &temp);
|
|
zfree(ans);
|
|
ans = temp;
|
|
}
|
|
|
|
/*
|
|
* Select the next POWBITS bits of the power, if there is
|
|
* any more to generate.
|
|
*/
|
|
curshift -= POWBITS;
|
|
if (curshift < 0) {
|
|
if (hp-- == z2.v)
|
|
break;
|
|
curhalf = *hp;
|
|
curshift = BASEB - POWBITS;
|
|
}
|
|
|
|
/*
|
|
* Square the result POWBITS times to make room for the next
|
|
* chunk of bits.
|
|
*/
|
|
for (i = 0; i < POWBITS; i++) {
|
|
zredcsquare(rp, ans, &temp);
|
|
zfree(ans);
|
|
ans = temp;
|
|
}
|
|
}
|
|
|
|
for (pp = lowpowers; pp < &lowpowers[POWNUMS]; pp++) {
|
|
zfree(*pp);
|
|
}
|
|
if (sign && !ziszero(ans)) {
|
|
zsub(rp->mod, ans, res);
|
|
zfree(ans);
|
|
} else {
|
|
*res = ans;
|
|
}
|
|
if (ztmp.len)
|
|
zfree(ztmp);
|
|
}
|
|
|
|
|
|
/*
|
|
* zhnrmod - compute z mod h*2^n+r
|
|
*
|
|
* We compute v mod h*2^n+r, where h>0, n>0, abs(r) <= 1, as follows:
|
|
*
|
|
* Let v = b*2^n + a, where 0 <= a < 2^n
|
|
*
|
|
* Now v mod h*2^n+r == b*2^n + a mod h*2^n+r,
|
|
* and thus v mod h*2^n+r == b*2^n mod h*2^n+r + a mod h*2^n+r.
|
|
*
|
|
* Because 0 <= a < 2^n < h*2^n+r, a mod h*2^n+r == a.
|
|
* Thus v mod h*2^n+r == b*2^n mod h*2^n+r + a.
|
|
*
|
|
* It can be shown that b*2^n mod h*2^n == 2^n * (b mod h).
|
|
*
|
|
* Thus for r == 0, v mod h*2^n+r == (2^n)*(b mod h) + a.
|
|
*
|
|
* It can be shown that v mod 2^n-1 == a+b mod 2^n-1.
|
|
*
|
|
* Thus for r == -1, v mod h*2^n+r == (2^n)*(b mod h) + a + int(b/h).
|
|
*
|
|
* It can be shown that v mod 2^n+1 == a-b mod 2^n+1.
|
|
*
|
|
* Thus for r == +1, v mod h*2^n+r == (2^n)*(b mod h) + a - int(b/h).
|
|
*
|
|
* Therefore, v mod h*2^n+r == (2^n)*(b mod h) + a - r*int(b/h).
|
|
*
|
|
* The above proof leads to the following calc resource file which computes
|
|
* the value z mod h*2^n+r:
|
|
*
|
|
* define hnrmod(v,h,n,r)
|
|
* {
|
|
* local a,b,modulus,tquo,tmod,lbit,ret;
|
|
*
|
|
* if (!isint(h) || h < 1) {
|
|
* quit "h must be an integer be > 0";
|
|
* }
|
|
* if (!isint(n) || n < 1) {
|
|
* quit "n must be an integer be > 0";
|
|
* }
|
|
* if (r != 1 && r != 0 && r != -1) {
|
|
* quit "r must be -1, 0 or 1";
|
|
* }
|
|
*
|
|
* lbit = lowbit(h);
|
|
* if (lbit > 0) {
|
|
* n += lbit;
|
|
* h >>= lbit;
|
|
* }
|
|
*
|
|
* modulus = h<<n+r;
|
|
* if (modulus <= 2^31-1) {
|
|
* return v % modulus;
|
|
* }
|
|
* ret = v;
|
|
*
|
|
* do {
|
|
* if (highbit(ret) < n) {
|
|
* break;
|
|
* }
|
|
* b = ret>>n;
|
|
* a = ret - (b<<n);
|
|
*
|
|
* switch (r) {
|
|
* case -1:
|
|
* if (h == 1) {
|
|
* ret = a + b;
|
|
* } else {
|
|
* quomod(b, h, tquo, tmod);
|
|
* ret = tmod<<n + a + tquo;
|
|
* }
|
|
* break;
|
|
* case 0:
|
|
* if (h == 1) {
|
|
* ret = a;
|
|
* } else {
|
|
* ret = (b%h)<<n + a;
|
|
* }
|
|
* break;
|
|
* case 1:
|
|
* if (h == 1) {
|
|
* ret = ((a > b) ? a-b : modulus+a-b);
|
|
* } else {
|
|
* quomod(b, h, tquo, tmod);
|
|
* tmod = tmod<<n + a;
|
|
* ret = ((tmod >= tquo) ? tmod-tquo : modulus+tmod-tquo);
|
|
* }
|
|
* break;
|
|
* }
|
|
* } while (ret > modulus);
|
|
* ret = ((ret < 0) ? ret+modulus : ((ret == modulus) ? 0 : ret));
|
|
*
|
|
* return ret;
|
|
* }
|
|
*
|
|
* This function implements the above calc resource file.
|
|
*
|
|
* given:
|
|
* v take mod of this value, v >= 0
|
|
* zh h from modulus h*2^n+r, h > 0
|
|
* zn n from modulus h*2^n+r, n > 0
|
|
* zr r from modulus h*2^n+r, abs(r) <= 1
|
|
* res v mod h*2^n+r
|
|
*/
|
|
void
|
|
zhnrmod(ZVALUE v, ZVALUE zh, ZVALUE zn, ZVALUE zr, ZVALUE *res)
|
|
{
|
|
ZVALUE a; /* lower n bits of v */
|
|
ZVALUE b; /* bits above the lower n bits of v */
|
|
ZVALUE h; /* working zh value */
|
|
ZVALUE modulus; /* h^2^n + r */
|
|
ZVALUE tquo; /* b // h */
|
|
ZVALUE tmod; /* b % h or (b%h)<<n + a */
|
|
ZVALUE t; /* temp ZVALUE */
|
|
ZVALUE t2; /* temp ZVALUE */
|
|
ZVALUE ret; /* return value, what *res is set to */
|
|
long n; /* integer value of zn */
|
|
long r; /* integer value of zr */
|
|
long hbit; /* highbit(res) */
|
|
long lbit; /* lowbit(h) */
|
|
int zrelval; /* return value of zrel() */
|
|
int hisone; /* 1 => h == 1, 0 => h != 1 */
|
|
|
|
/* firewall */
|
|
if (res == NULL) {
|
|
math_error("%s: res NULL", __func__);
|
|
not_reached();
|
|
}
|
|
|
|
/*
|
|
* firewall
|
|
*/
|
|
if (zisneg(zh) || ziszero(zh)) {
|
|
math_error("h must be > 0");
|
|
not_reached();
|
|
}
|
|
if (zisneg(zn) || ziszero(zn)) {
|
|
math_error("n must be > 0");
|
|
not_reached();
|
|
}
|
|
if (zge31b(zn)) {
|
|
math_error("n must be < 2^31");
|
|
not_reached();
|
|
}
|
|
if (!zisabsleone(zr)) {
|
|
math_error("r must be -1, 0 or 1");
|
|
not_reached();
|
|
}
|
|
|
|
|
|
/*
|
|
* setup for loop
|
|
*/
|
|
n = ztolong(zn);
|
|
r = ztolong(zr);
|
|
if (zisneg(zr)) {
|
|
r = -r;
|
|
}
|
|
/* lbit = lowbit(h); */
|
|
lbit = zlowbit(zh);
|
|
/* if (lbit > 0) { n += lbit; h >>= lbit; } */
|
|
if (lbit > 0) {
|
|
n += lbit;
|
|
zshift(zh, -lbit, &h);
|
|
} else {
|
|
h = zh;
|
|
}
|
|
/* modulus = h<<n+r; */
|
|
zshift(h, n, &t);
|
|
switch (r) {
|
|
case 1:
|
|
zadd(t, _one_, &modulus);
|
|
zfree(t);
|
|
break;
|
|
case 0:
|
|
modulus = t;
|
|
break;
|
|
case -1:
|
|
zsub(t, _one_, &modulus);
|
|
zfree(t);
|
|
break;
|
|
}
|
|
/* if (modulus <= MAXLONG) { return v % modulus; } */
|
|
if (!zgtmaxlong(modulus)) {
|
|
itoz(zmodi(v, ztolong(modulus)), res);
|
|
zfree(modulus);
|
|
if (lbit > 0) {
|
|
zfree(h);
|
|
}
|
|
return;
|
|
}
|
|
/* ret = v; */
|
|
zcopy(v, &ret);
|
|
|
|
/*
|
|
* shift-add modulus loop
|
|
*/
|
|
hisone = zisone(h);
|
|
do {
|
|
|
|
/*
|
|
* split ret into to chunks, the lower n bits
|
|
* and everything above the lower n bits
|
|
*/
|
|
/* if (highbit(ret) < n) { break; } */
|
|
hbit = (long)zhighbit(ret);
|
|
if (hbit < n) {
|
|
zrelval = (zcmp(ret, modulus) ? -1 : 0);
|
|
break;
|
|
}
|
|
/* b = ret>>n; */
|
|
zshift(ret, -n, &b);
|
|
b.sign = ret.sign;
|
|
/* a = ret - (b<<n); */
|
|
a.sign = ret.sign;
|
|
a.len = (n+BASEB-1)/BASEB;
|
|
a.v = alloc(a.len);
|
|
memcpy(a.v, ret.v, a.len*sizeof(HALF));
|
|
if (n % BASEB) {
|
|
a.v[a.len - 1] &= lowhalf[n % BASEB];
|
|
}
|
|
ztrim(&a);
|
|
|
|
/*
|
|
* switch depending on r == -1, 0 or 1
|
|
*/
|
|
switch (r) {
|
|
case -1: /* v mod h*2^h-1 */
|
|
/* if (h == 1) ... */
|
|
if (hisone) {
|
|
/* ret = a + b; */
|
|
zfree(ret);
|
|
zadd(a, b, &ret);
|
|
|
|
/* ... else ... */
|
|
} else {
|
|
/* quomod(b, h, tquo, tmod); */
|
|
(void) zdiv(b, h, &tquo, &tmod, 0);
|
|
/* ret = tmod<<n + a + tquo; */
|
|
zshift(tmod, n, &t);
|
|
zfree(tmod);
|
|
zadd(a, tquo, &t2);
|
|
zfree(tquo);
|
|
zfree(ret);
|
|
zadd(t, t2, &ret);
|
|
zfree(t);
|
|
zfree(t2);
|
|
}
|
|
break;
|
|
|
|
case 0: /* v mod h*2^h-1 */
|
|
/* if (h == 1) ... */
|
|
if (hisone) {
|
|
/* ret = a; */
|
|
zfree(ret);
|
|
zcopy(a, &ret);
|
|
|
|
/* ... else ... */
|
|
} else {
|
|
/* ret = (b%h)<<n + a; */
|
|
(void) zmod(b, h, &tmod, 0);
|
|
zshift(tmod, n, &t);
|
|
zfree(tmod);
|
|
zfree(ret);
|
|
zadd(t, a, &ret);
|
|
zfree(t);
|
|
}
|
|
break;
|
|
|
|
case 1: /* v mod h*2^h-1 */
|
|
/* if (h == 1) ... */
|
|
if (hisone) {
|
|
/* ret = a-b; */
|
|
zfree(ret);
|
|
zsub(a, b, &ret);
|
|
|
|
/* ... else ... */
|
|
} else {
|
|
/* quomod(b, h, tquo, tmod); */
|
|
(void) zdiv(b, h, &tquo, &tmod, 0);
|
|
/* tmod = tmod<<n + a; */
|
|
zshift(tmod, n, &t);
|
|
zfree(tmod);
|
|
zadd(t, a, &tmod);
|
|
zfree(t);
|
|
/* ret = tmod-tquo; */
|
|
zfree(ret);
|
|
zsub(tmod, tquo, &ret);
|
|
zfree(tquo);
|
|
zfree(tmod);
|
|
}
|
|
break;
|
|
}
|
|
zfree(a);
|
|
zfree(b);
|
|
|
|
/* ... while (abs(ret) > modulus); */
|
|
} while ((zrelval = zabsrel(ret, modulus)) > 0);
|
|
/* ret = ((ret < 0) ? ret+modulus : ((ret == modulus) ? 0 : ret)); */
|
|
if (ret.sign) {
|
|
zadd(ret, modulus, &t);
|
|
zfree(ret);
|
|
ret = t;
|
|
} else if (zrelval == 0) {
|
|
zfree(ret);
|
|
ret = _zero_;
|
|
}
|
|
zfree(modulus);
|
|
if (lbit > 0) {
|
|
zfree(h);
|
|
}
|
|
|
|
/*
|
|
* return ret
|
|
*/
|
|
*res = ret;
|
|
return;
|
|
}
|