mpn/generic/powlo.c

*86d7f5d3SJohn Marino/* mpn_powlo -- Compute R = U^E mod B^n, where B is the limb base.
*86d7f5d3SJohn Marino
*86d7f5d3SJohn MarinoCopyright 2007, 2008, 2009 Free Software Foundation, Inc.
*86d7f5d3SJohn Marino
*86d7f5d3SJohn MarinoThis file is part of the GNU MP Library.
*86d7f5d3SJohn Marino
*86d7f5d3SJohn MarinoThe GNU MP Library is free software; you can redistribute it and/or modify
*86d7f5d3SJohn Marinoit under the terms of the GNU Lesser General Public License as published by
*86d7f5d3SJohn Marinothe Free Software Foundation; either version 3 of the License, or (at your
*86d7f5d3SJohn Marinooption) any later version.
*86d7f5d3SJohn Marino
*86d7f5d3SJohn MarinoThe GNU MP Library is distributed in the hope that it will be useful, but
*86d7f5d3SJohn MarinoWITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
*86d7f5d3SJohn Marinoor FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
*86d7f5d3SJohn MarinoLicense for more details.
*86d7f5d3SJohn Marino
*86d7f5d3SJohn MarinoYou should have received a copy of the GNU Lesser General Public License
*86d7f5d3SJohn Marinoalong with the GNU MP Library.  If not, see http://www.gnu.org/licenses/.  */
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino#include "gmp.h"
*86d7f5d3SJohn Marino#include "gmp-impl.h"
*86d7f5d3SJohn Marino#include "longlong.h"
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino#define getbit(p,bi) \
*86d7f5d3SJohn Marino  ((p[(bi - 1) / GMP_LIMB_BITS] >> (bi - 1) % GMP_LIMB_BITS) & 1)
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marinostatic inline mp_limb_t
*86d7f5d3SJohn Marinogetbits (const mp_limb_t *p, mp_bitcnt_t bi, int nbits)
*86d7f5d3SJohn Marino{
*86d7f5d3SJohn Marino  int nbits_in_r;
*86d7f5d3SJohn Marino  mp_limb_t r;
*86d7f5d3SJohn Marino  mp_size_t i;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino  if (bi < nbits)
*86d7f5d3SJohn Marino    {
*86d7f5d3SJohn Marino      return p[0] & (((mp_limb_t) 1 << bi) - 1);
*86d7f5d3SJohn Marino    }
*86d7f5d3SJohn Marino  else
*86d7f5d3SJohn Marino    {
*86d7f5d3SJohn Marino      bi -= nbits;			/* bit index of low bit to extract */
*86d7f5d3SJohn Marino      i = bi / GMP_NUMB_BITS;		/* word index of low bit to extract */
*86d7f5d3SJohn Marino      bi %= GMP_NUMB_BITS;		/* bit index in low word */
*86d7f5d3SJohn Marino      r = p[i] >> bi;			/* extract (low) bits */
*86d7f5d3SJohn Marino      nbits_in_r = GMP_NUMB_BITS - bi;	/* number of bits now in r */
*86d7f5d3SJohn Marino      if (nbits_in_r < nbits)		/* did we get enough bits? */
*86d7f5d3SJohn Marino	r += p[i + 1] << nbits_in_r;	/* prepend bits from higher word */
*86d7f5d3SJohn Marino      return r & (((mp_limb_t ) 1 << nbits) - 1);
*86d7f5d3SJohn Marino    }
*86d7f5d3SJohn Marino}
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marinostatic inline int
*86d7f5d3SJohn Marinowin_size (mp_bitcnt_t eb)
*86d7f5d3SJohn Marino{
*86d7f5d3SJohn Marino  int k;
*86d7f5d3SJohn Marino  static mp_bitcnt_t x[] = {1,7,25,81,241,673,1793,4609,11521,28161,~(mp_bitcnt_t)0};
*86d7f5d3SJohn Marino  for (k = 0; eb > x[k]; k++)
*86d7f5d3SJohn Marino    ;
*86d7f5d3SJohn Marino  return k;
*86d7f5d3SJohn Marino}
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino/* rp[n-1..0] = bp[n-1..0] ^ ep[en-1..0] mod B^n, B is the limb base.
*86d7f5d3SJohn Marino   Requires that ep[en-1] is non-zero.
*86d7f5d3SJohn Marino   Uses scratch space tp[3n-1..0], i.e., 3n words.  */
*86d7f5d3SJohn Marinovoid
*86d7f5d3SJohn Marinompn_powlo (mp_ptr rp, mp_srcptr bp,
*86d7f5d3SJohn Marino	   mp_srcptr ep, mp_size_t en,
*86d7f5d3SJohn Marino	   mp_size_t n, mp_ptr tp)
*86d7f5d3SJohn Marino{
*86d7f5d3SJohn Marino  int cnt;
*86d7f5d3SJohn Marino  mp_bitcnt_t ebi;
*86d7f5d3SJohn Marino  int windowsize, this_windowsize;
*86d7f5d3SJohn Marino  mp_limb_t expbits;
*86d7f5d3SJohn Marino  mp_limb_t *pp, *this_pp, *last_pp;
*86d7f5d3SJohn Marino  mp_limb_t *b2p;
*86d7f5d3SJohn Marino  long i;
*86d7f5d3SJohn Marino  TMP_DECL;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino  ASSERT (en > 1 || (en == 1 && ep[0] > 1));
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino  TMP_MARK;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino  count_leading_zeros (cnt, ep[en - 1]);
*86d7f5d3SJohn Marino  ebi = (mp_bitcnt_t) en * GMP_LIMB_BITS - cnt;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino  windowsize = win_size (ebi);
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino  pp = TMP_ALLOC_LIMBS ((n << (windowsize - 1)) + n); /* + n is for mullo ign part */
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino  this_pp = pp;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino  MPN_COPY (this_pp, bp, n);
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino  b2p = tp + 2*n;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino  /* Store b^2 in b2.  */
*86d7f5d3SJohn Marino  mpn_sqr (tp, bp, n);	/* FIXME: Use "mpn_sqrlo" */
*86d7f5d3SJohn Marino  MPN_COPY (b2p, tp, n);
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino  /* Precompute odd powers of b and put them in the temporary area at pp.  */
*86d7f5d3SJohn Marino  for (i = (1 << (windowsize - 1)) - 1; i > 0; i--)
*86d7f5d3SJohn Marino    {
*86d7f5d3SJohn Marino      last_pp = this_pp;
*86d7f5d3SJohn Marino      this_pp += n;
*86d7f5d3SJohn Marino      mpn_mullo_n (this_pp, last_pp, b2p, n);
*86d7f5d3SJohn Marino    }
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino  expbits = getbits (ep, ebi, windowsize);
*86d7f5d3SJohn Marino  if (ebi < windowsize)
*86d7f5d3SJohn Marino    ebi = 0;
*86d7f5d3SJohn Marino  else
*86d7f5d3SJohn Marino    ebi -= windowsize;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino  count_trailing_zeros (cnt, expbits);
*86d7f5d3SJohn Marino  ebi += cnt;
*86d7f5d3SJohn Marino  expbits >>= cnt;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino  MPN_COPY (rp, pp + n * (expbits >> 1), n);
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino  while (ebi != 0)
*86d7f5d3SJohn Marino    {
*86d7f5d3SJohn Marino      while (getbit (ep, ebi) == 0)
*86d7f5d3SJohn Marino	{
*86d7f5d3SJohn Marino	  mpn_sqr (tp, rp, n);	/* FIXME: Use "mpn_sqrlo" */
*86d7f5d3SJohn Marino	  MPN_COPY (rp, tp, n);
*86d7f5d3SJohn Marino	  ebi--;
*86d7f5d3SJohn Marino	  if (ebi == 0)
*86d7f5d3SJohn Marino	    goto done;
*86d7f5d3SJohn Marino	}
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino      /* The next bit of the exponent is 1.  Now extract the largest block of
*86d7f5d3SJohn Marino	 bits <= windowsize, and such that the least significant bit is 1.  */
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino      expbits = getbits (ep, ebi, windowsize);
*86d7f5d3SJohn Marino      this_windowsize = windowsize;
*86d7f5d3SJohn Marino      if (ebi < windowsize)
*86d7f5d3SJohn Marino	{
*86d7f5d3SJohn Marino	  this_windowsize -= windowsize - ebi;
*86d7f5d3SJohn Marino	  ebi = 0;
*86d7f5d3SJohn Marino	}
*86d7f5d3SJohn Marino      else
*86d7f5d3SJohn Marino	ebi -= windowsize;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino      count_trailing_zeros (cnt, expbits);
*86d7f5d3SJohn Marino      this_windowsize -= cnt;
*86d7f5d3SJohn Marino      ebi += cnt;
*86d7f5d3SJohn Marino      expbits >>= cnt;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino      do
*86d7f5d3SJohn Marino	{
*86d7f5d3SJohn Marino	  mpn_sqr (tp, rp, n);
*86d7f5d3SJohn Marino	  MPN_COPY (rp, tp, n);
*86d7f5d3SJohn Marino	  this_windowsize--;
*86d7f5d3SJohn Marino	}
*86d7f5d3SJohn Marino      while (this_windowsize != 0);
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino      mpn_mullo_n (tp, rp, pp + n * (expbits >> 1), n);
*86d7f5d3SJohn Marino      MPN_COPY (rp, tp, n);
*86d7f5d3SJohn Marino    }
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino done:
*86d7f5d3SJohn Marino  TMP_FREE;
*86d7f5d3SJohn Marino}