Coverage Report

Created: 2024-11-25 06:31

/src/gmp/mpn/powlo.c
Line
Count
Source (jump to first uncovered line)
1
/* mpn_powlo -- Compute R = U^E mod B^n, where B is the limb base.
2
3
Copyright 2007-2009, 2012, 2015, 2016, 2018, 2020 Free Software
4
Foundation, Inc.
5
6
This file is part of the GNU MP Library.
7
8
The GNU MP Library is free software; you can redistribute it and/or modify
9
it under the terms of either:
10
11
  * the GNU Lesser General Public License as published by the Free
12
    Software Foundation; either version 3 of the License, or (at your
13
    option) any later version.
14
15
or
16
17
  * the GNU General Public License as published by the Free Software
18
    Foundation; either version 2 of the License, or (at your option) any
19
    later version.
20
21
or both in parallel, as here.
22
23
The GNU MP Library is distributed in the hope that it will be useful, but
24
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
25
or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
26
for more details.
27
28
You should have received copies of the GNU General Public License and the
29
GNU Lesser General Public License along with the GNU MP Library.  If not,
30
see https://www.gnu.org/licenses/.  */
31
32
33
#include "gmp-impl.h"
34
#include "longlong.h"
35
36
37
#define getbit(p,bi) \
38
451k
  ((p[(bi - 1) / GMP_LIMB_BITS] >> (bi - 1) % GMP_LIMB_BITS) & 1)
39
40
static inline mp_limb_t
41
getbits (const mp_limb_t *p, mp_bitcnt_t bi, unsigned nbits)
42
151k
{
43
151k
  unsigned nbits_in_r;
44
151k
  mp_limb_t r;
45
151k
  mp_size_t i;
46
47
151k
  if (bi <= nbits)
48
644
    {
49
644
      return p[0] & (((mp_limb_t) 1 << bi) - 1);
50
644
    }
51
151k
  else
52
151k
    {
53
151k
      bi -= nbits;      /* bit index of low bit to extract */
54
151k
      i = bi / GMP_NUMB_BITS;   /* word index of low bit to extract */
55
151k
      bi %= GMP_NUMB_BITS;   /* bit index in low word */
56
151k
      r = p[i] >> bi;     /* extract (low) bits */
57
151k
      nbits_in_r = GMP_NUMB_BITS - bi;  /* number of bits now in r */
58
151k
      if (nbits_in_r < nbits)    /* did we get enough bits? */
59
8.73k
  r += p[i + 1] << nbits_in_r; /* prepend bits from higher word */
60
151k
      return r & (((mp_limb_t) 1 << nbits) - 1);
61
151k
    }
62
151k
}
63
64
static inline unsigned
65
win_size (mp_bitcnt_t eb)
66
1.76k
{
67
1.76k
  unsigned k;
68
1.76k
  static mp_bitcnt_t x[] = {7,25,81,241,673,1793,4609,11521,28161,~(mp_bitcnt_t)0};
69
1.76k
  ASSERT (eb > 1);
70
9.35k
  for (k = 0; eb > x[k++];)
71
7.58k
    ;
72
1.76k
  return k;
73
1.76k
}
74
75
/* rp[n-1..0] = bp[n-1..0] ^ ep[en-1..0] mod B^n, B is the limb base.
76
   Requires that ep[en-1] is non-zero.
77
   Uses scratch space tp[3n-1..0], i.e., 3n words.  */
78
/* We only use n words in the scratch space, we should pass tp + n to
79
   mullo/sqrlo as a temporary area, it is needed. */
80
void
81
mpn_powlo (mp_ptr rp, mp_srcptr bp,
82
     mp_srcptr ep, mp_size_t en,
83
     mp_size_t n, mp_ptr tp)
84
1.76k
{
85
1.76k
  unsigned cnt;
86
1.76k
  mp_bitcnt_t ebi;
87
1.76k
  unsigned windowsize, this_windowsize;
88
1.76k
  mp_limb_t expbits;
89
1.76k
  mp_limb_t *pp;
90
1.76k
  long i;
91
1.76k
  int flipflop;
92
1.76k
  TMP_DECL;
93
94
1.76k
  ASSERT (en > 1 || (en == 1 && ep[0] > 1));
95
96
1.76k
  TMP_MARK;
97
98
1.76k
  MPN_SIZEINBASE_2EXP(ebi, ep, en, 1);
99
100
1.76k
  windowsize = win_size (ebi);
101
1.76k
  if (windowsize > 1)
102
1.76k
    {
103
1.76k
      mp_limb_t *this_pp, *last_pp;
104
1.76k
      ASSERT (windowsize < ebi);
105
106
1.76k
      pp = TMP_ALLOC_LIMBS ((n << (windowsize - 1)));
107
108
1.76k
      this_pp = pp;
109
110
1.76k
      MPN_COPY (this_pp, bp, n);
111
112
      /* Store b^2 in tp.  */
113
1.76k
      mpn_sqrlo (tp, bp, n);
114
115
      /* Precompute odd powers of b and put them in the temporary area at pp.  */
116
1.76k
      i = (1 << (windowsize - 1)) - 1;
117
1.76k
      do
118
34.7k
  {
119
34.7k
    last_pp = this_pp;
120
34.7k
    this_pp += n;
121
34.7k
    mpn_mullo_n (this_pp, last_pp, tp, n);
122
34.7k
  } while (--i != 0);
123
124
1.76k
      expbits = getbits (ep, ebi, windowsize);
125
1.76k
      ebi -= windowsize;
126
127
      /* THINK: Should we initialise the case expbits % 4 == 0 with a mullo? */
128
1.76k
      count_trailing_zeros (cnt, expbits);
129
1.76k
      ebi += cnt;
130
1.76k
      expbits >>= cnt;
131
132
1.76k
      MPN_COPY (rp, pp + n * (expbits >> 1), n);
133
1.76k
    }
134
0
  else
135
0
    {
136
0
      pp = tp + n;
137
0
      MPN_COPY (pp, bp, n);
138
0
      MPN_COPY (rp, bp, n);
139
0
      --ebi;
140
0
    }
141
142
1.76k
  flipflop = 0;
143
144
1.76k
  do
145
151k
    {
146
451k
      while (getbit (ep, ebi) == 0)
147
301k
  {
148
301k
    mpn_sqrlo (tp, rp, n);
149
301k
    MP_PTR_SWAP (rp, tp);
150
301k
    flipflop = ! flipflop;
151
301k
    if (--ebi == 0)
152
1.59k
      goto done;
153
301k
  }
154
155
      /* The next bit of the exponent is 1.  Now extract the largest block of
156
   bits <= windowsize, and such that the least significant bit is 1.  */
157
158
150k
      expbits = getbits (ep, ebi, windowsize);
159
150k
      this_windowsize = MIN (windowsize, ebi);
160
161
150k
      count_trailing_zeros (cnt, expbits);
162
150k
      this_windowsize -= cnt;
163
150k
      ebi -= this_windowsize;
164
150k
      expbits >>= cnt;
165
166
440k
      while (this_windowsize > 1)
167
290k
  {
168
290k
    mpn_sqrlo (tp, rp, n);
169
290k
    mpn_sqrlo (rp, tp, n);
170
290k
    this_windowsize -= 2;
171
290k
  }
172
173
150k
      if (this_windowsize != 0)
174
79.1k
  mpn_sqrlo (tp, rp, n);
175
70.9k
      else
176
70.9k
  {
177
70.9k
    MP_PTR_SWAP (rp, tp);
178
70.9k
    flipflop = ! flipflop;
179
70.9k
  }
180
181
150k
      mpn_mullo_n (rp, tp, pp + n * (expbits >> 1), n);
182
150k
    } while (ebi != 0);
183
184
1.76k
 done:
185
1.76k
  if (flipflop)
186
1.03k
    MPN_COPY (tp, rp, n);
187
1.76k
  TMP_FREE;
188
1.76k
}