X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/blobdiff_plain/8017495b1a3ba7f0edbe3ca2edb004aefbc2c9b6..c760149fcb65296defd1af967fbfa098bd83143a:/mp-arith.c diff --git a/mp-arith.c b/mp-arith.c index c055f95..c67fdd8 100644 --- a/mp-arith.c +++ b/mp-arith.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mp-arith.c,v 1.4 1999/12/13 15:35:16 mdw Exp $ + * $Id: mp-arith.c,v 1.7 2000/06/22 19:02:53 mdw Exp $ * * Basic arithmetic on multiprecision integers * @@ -30,6 +30,19 @@ /*----- Revision history --------------------------------------------------* * * $Log: mp-arith.c,v $ + * Revision 1.7 2000/06/22 19:02:53 mdw + * New function @mp_odd@ to extract powers of two from an integer. This is + * common code from the Rabin-Miller test, RSA key recovery and modular + * square-root extraction. + * + * Revision 1.6 2000/06/17 11:45:09 mdw + * Major memory management overhaul. Added arena support. Use the secure + * arena for secret integers. Replace and improve the MP management macros + * (e.g., replace MP_MODIFY by MP_DEST). + * + * Revision 1.5 1999/12/22 15:54:41 mdw + * Adjust Karatsuba parameters. Calculate destination size better. + * * Revision 1.4 1999/12/13 15:35:16 mdw * Slightly different rules on memory allocation. * @@ -66,7 +79,7 @@ mp *mp_2c(mp *d, mp *a) if (!(a->f & MP_NEG)) return (MP_COPY(a)); - MP_MODIFY(d, MP_LEN(a)); + MP_DEST(d, MP_LEN(a), a->f); mpx_2c(d->v, d->vl, a->v, a->vl); d->f = a->f & MP_BURN; MP_SHRINK(d); @@ -87,7 +100,7 @@ mp *mp_sm(mp *d, mp *a) if (!MP_LEN(a) || a->vl[-1] < MPW_MAX / 2) return (MP_COPY(a)); - MP_MODIFY(d, MP_LEN(a)); + MP_DEST(d, MP_LEN(a), a->f); mpx_2c(d->v, d->vl, a->v, a->vl); d->f = (a->f & (MP_BURN | MP_NEG)) ^ MP_NEG; MP_SHRINK(d); @@ -105,7 +118,7 @@ mp *mp_sm(mp *d, mp *a) mp *mp_lsl(mp *d, mp *a, size_t n) { - MP_MODIFY(d, MP_LEN(a) + (n + MPW_BITS - 1) / MPW_BITS); + MP_DEST(d, MP_LEN(a) + (n + MPW_BITS - 1) / MPW_BITS, a->f); mpx_lsl(d->v, d->vl, a->v, a->vl, n); d->f = a->f & (MP_NEG | MP_BURN); MP_SHRINK(d); @@ -123,7 +136,7 @@ mp *mp_lsl(mp *d, mp *a, size_t n) mp *mp_lsr(mp *d, mp *a, size_t n) { - MP_MODIFY(d, MP_LEN(a)); + MP_DEST(d, MP_LEN(a), a->f); mpx_lsr(d->v, d->vl, a->v, a->vl, n); d->f = a->f & (MP_NEG | MP_BURN); MP_SHRINK(d); @@ -158,7 +171,7 @@ int mp_cmp(const mp *a, const mp *b) mp *mp_add(mp *d, mp *a, mp *b) { - MP_MODIFY(d, MAX(MP_LEN(a), MP_LEN(b)) + 1); + MP_DEST(d, MAX(MP_LEN(a), MP_LEN(b)) + 1, a->f | b->f); if (!((a->f ^ b->f) & MP_NEG)) mpx_uadd(d->v, d->vl, a->v, a->vl, b->v, b->vl); else { @@ -183,7 +196,7 @@ mp *mp_add(mp *d, mp *a, mp *b) mp *mp_sub(mp *d, mp *a, mp *b) { unsigned sgn = 0; - MP_MODIFY(d, MAX(MP_LEN(a), MP_LEN(b)) + 1); + MP_DEST(d, MAX(MP_LEN(a), MP_LEN(b)) + 1, a->f | b->f); if ((a->f ^ b->f) & MP_NEG) mpx_uadd(d->v, d->vl, a->v, a->vl, b->v, b->vl); else { @@ -208,21 +221,20 @@ mp *mp_sub(mp *d, mp *a, mp *b) mp *mp_mul(mp *d, mp *a, mp *b) { - size_t m = MAX(MP_LEN(a), MP_LEN(b)) * 2 + KARATSUBA_SLOP; - a = MP_COPY(a); b = MP_COPY(b); if (MP_LEN(a) <= KARATSUBA_CUTOFF || MP_LEN(b) <= KARATSUBA_CUTOFF) { - MP_MODIFY(d, MP_LEN(a) + MP_LEN(b)); + MP_DEST(d, MP_LEN(a) + MP_LEN(b), a->f | b->f | MP_UNDEF); mpx_umul(d->v, d->vl, a->v, a->vl, b->v, b->vl); } else { + size_t m = 2 * MAX(MP_LEN(a), MP_LEN(b)) + 2; mpw *s; - m += 32; - s = MP_ALLOC(m); - MP_MODIFY(d, 2 * m + 2); + MP_DEST(d, m, a->f | b->f | MP_UNDEF); + m += KARATSUBA_SLOP; + s = mpalloc(d->a, m); mpx_kmul(d->v, d->vl, a->v, a->vl, b->v, b->vl, s, s + m); - MP_FREE(s); + mpfree(d->a, s); } d->f = ((a->f | b->f) & MP_BURN) | ((a->f ^ b->f) & MP_NEG); @@ -245,13 +257,13 @@ mp *mp_sqr(mp *d, mp *a) size_t m = MP_LEN(a); a = MP_COPY(a); - MP_MODIFY(d, 2 * m + 2); + MP_DEST(d, 2 * m + 2, a->f | MP_UNDEF); if (m > KARATSUBA_CUTOFF) { mpw *s; - m = 2 * (m + 1) + 32; - s = MP_ALLOC(m); + m = 2 * (m + 1) + KARATSUBA_SLOP; + s = mpalloc(d->a, m); mpx_ksqr(d->v, d->vl, a->v, a->vl, s, s + m); - MP_FREE(s); + mpfree(d->a, s); } else mpx_usqr(d->v, d->vl, a->v, a->vl); d->f = a->f & MP_BURN; @@ -285,41 +297,32 @@ void mp_div(mp **qq, mp **rr, mp *a, mp *b) mp *q = qq ? *qq : MP_NEW; mpw *sv, *svl; - /* --- Set up some temporary workspace --- */ - - { - size_t rq = MP_LEN(b) + 1; - sv = MP_ALLOC(rq); - svl = sv + rq; - } - /* --- Set the remainder up right --- * * * Just in case the divisor is larger, be able to cope with this. It's not * important in @mpx_udiv@, but it is here because of the sign correction. */ - { - size_t rq = MP_LEN(a) + 2; - if (MP_LEN(b) > rq) - rq = MP_LEN(b); - - b = MP_COPY(b); - if (r == a) { - MP_SPLIT(a); - a = r = MP_COPY(a); - MP_ENSURE(r, MP_LEN(r) + 2); - } else { - a = MP_COPY(a); - MP_MODIFY(r, MP_LEN(a) + 2); - memcpy(r->v, a->v, MPWS(MP_LEN(a))); - memset(r->v + MP_LEN(a), 0, MPWS(2)); - } - } + b = MP_COPY(b); + a = MP_COPY(a); + if (r) + MP_DROP(r); + r = a; + MP_DEST(r, MP_LEN(a) + 2, a->f | b->f); /* --- Fix up the quotient too --- */ - MP_MODIFY(q, MP_LEN(a)); + r = MP_COPY(r); + MP_DEST(q, MP_LEN(r), r->f | MP_UNDEF); + MP_DROP(r); + + /* --- Set up some temporary workspace --- */ + + { + size_t rq = MP_LEN(b) + 1; + sv = mpalloc(r->a, rq); + svl = sv + rq; + } /* --- Perform the calculation --- */ @@ -332,7 +335,7 @@ void mp_div(mp **qq, mp **rr, mp *a, mp *b) * remainder from @b@. */ - q->f = ((a->f | b->f) & MP_BURN) | ((a->f ^ b->f) & MP_NEG); + q->f = ((r->f | b->f) & MP_BURN) | ((r->f ^ b->f) & MP_NEG); if (q->f & MP_NEG) { mpw *v; for (v = r->v; v < r->vl; v++) { @@ -344,10 +347,13 @@ void mp_div(mp **qq, mp **rr, mp *a, mp *b) } } - r->f = ((a->f | b->f) & MP_BURN) | (b->f & MP_NEG); + r->f = ((r->f | b->f) & MP_BURN) | (b->f & MP_NEG); /* --- Store the return values --- */ + mpfree(r->a, sv); + MP_DROP(b); + if (!qq) MP_DROP(q); else { @@ -361,10 +367,49 @@ void mp_div(mp **qq, mp **rr, mp *a, mp *b) MP_SHRINK(r); *rr = r; } +} - MP_DROP(a); - MP_DROP(b); - MP_FREE(sv); +/* --- @mp_odd@ --- * + * + * Arguments: @mp *d@ = pointer to destination integer + * @mp *m@ = pointer to source integer + * @size_t *s@ = where to store the power of 2 + * + * Returns: An odd integer integer %$t$% such that %$m = 2^s t$%. + * + * Use: Computes a power of two and an odd integer which, when + * multiplied, give a specified result. This sort of thing is + * useful in number theory quite often. + */ + +mp *mp_odd(mp *d, mp *m, size_t *s) +{ + size_t ss = 0; + const mpw *v, *vl; + + v = m->v; + vl = m->vl; + for (; !*v && v < vl; v++) + ss += MPW_BITS; + if (v >= vl) + ss = 0; + else { + mpw x = *v; + mpw mask = MPW_MAX; + unsigned z = MPW_BITS / 2; + + while (z) { + mask >>= z; + if (!(x & mask)) { + x >>= z; + ss += z; + } + z >>= 1; + } + } + + *s = ss; + return (mp_lsr(d, m, ss)); } /*----- Test rig ----------------------------------------------------------*/ @@ -441,6 +486,31 @@ static int tdiv(dstr *v) return (ok); } +static int todd(dstr *v) +{ + mp *a = *(mp **)v[0].buf; + size_t rs = *(uint32 *)v[1].buf; + mp *rt = *(mp **)v[2].buf; + int ok = 1; + mp *t; + size_t s; + t = mp_odd(MP_NEW, a, &s); + if (s != rs || MP_CMP(t, !=, rt)) { + ok = 0; + fprintf(stderr, "\n*** odd failed"); + fputs("\n*** a = ", stderr); mp_writefile(a, stderr, 10); + fprintf(stderr, "\n*** s = %lu", (unsigned long)s); + fputs("\n*** t = ", stderr); mp_writefile(t, stderr, 10); + fprintf(stderr, "\n*** rs = %lu", (unsigned long)rs); + fputs("\n*** rt = ", stderr); mp_writefile(rt, stderr, 10); + fputc('\n', stderr); + } + mp_drop(a); + mp_drop(rt); + mp_drop(t); + return (ok); +} + static test_chunk tests[] = { { "lsl", tlsl, { &type_mp, &type_mp, &type_mp, 0 } }, { "lsr", tlsr, { &type_mp, &type_mp, &type_mp, 0 } }, @@ -448,6 +518,7 @@ static test_chunk tests[] = { { "sub", tsub, { &type_mp, &type_mp, &type_mp, 0 } }, { "mul", tmul, { &type_mp, &type_mp, &type_mp, 0 } }, { "div", tdiv, { &type_mp, &type_mp, &type_mp, &type_mp, 0 } }, + { "odd", todd, { &type_mp, &type_uint32, &type_mp, 0 } }, { 0, 0, { 0 } }, };