X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/blobdiff_plain/c9110b350af5f22c32dc7523999a2aeae6e51517..5278d9afdf1aff9fd6f64073ea42395d756ee58c:/mp-gcd.c diff --git a/mp-gcd.c b/mp-gcd.c index 38f95d4..40531c7 100644 --- a/mp-gcd.c +++ b/mp-gcd.c @@ -1,13 +1,13 @@ /* -*-c-*- * - * $Id: mp-gcd.c,v 1.4 2000/06/17 11:34:46 mdw Exp $ + * $Id$ * * Extended GCD calculation * * (c) 1999 Straylight/Edgeware */ -/*----- Licensing notice --------------------------------------------------* +/*----- Licensing notice --------------------------------------------------* * * This file is part of Catacomb. * @@ -15,36 +15,18 @@ * it under the terms of the GNU Library General Public License as * published by the Free Software Foundation; either version 2 of the * License, or (at your option) any later version. - * + * * Catacomb is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Library General Public License for more details. - * + * * You should have received a copy of the GNU Library General Public * License along with Catacomb; if not, write to the Free * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mp-gcd.c,v $ - * Revision 1.4 2000/06/17 11:34:46 mdw - * More hacking for the signs of the outputs. - * - * Revision 1.3 1999/12/10 23:18:39 mdw - * Change interface for suggested destinations. - * - * Revision 1.2 1999/11/22 20:49:56 mdw - * Fix bug which failed to favour `x' when `y' wasn't wanted and the two - * arguments needed swapping. - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" @@ -65,27 +47,25 @@ void mp_gcd(mp **gcd, mp **xx, mp **yy, mp *a, mp *b) { - mp *X = MP_ONE, *Y = MP_ZERO; - mp *x = MP_ZERO, *y = MP_ONE; + mp *x = MP_ONE, *X = MP_ZERO; + mp *y = MP_ZERO, *Y = MP_ONE; mp *u, *v; - size_t shift = 0; + mp *q = MP_NEW, *t, *spare = MP_NEW; unsigned f = 0; - enum { - f_swap = 1u, - f_aneg = 2u, - f_bneg = 4u, - f_ext = 8u - }; +#define f_swap 1u +#define f_aneg 2u +#define f_bneg 4u +#define f_ext 8u /* --- Sort out some initial flags --- */ if (xx || yy) f |= f_ext; - if (a->f & MP_NEG) + if (MP_NEGP(a)) f |= f_aneg; - if (b->f & MP_NEG) + if (MP_NEGP(b)) f |= f_bneg; /* --- Ensure that @a@ is larger than @b@ --- * @@ -94,20 +74,20 @@ void mp_gcd(mp **gcd, mp **xx, mp **yy, mp *a, mp *b) */ if (MPX_UCMP(a->v, a->vl, <, b->v, b->vl)) { - { mp *t = a; a = b; b = t; } + t = a; a = b; b = t; f |= f_swap; } /* --- Check for zeroness --- */ - if (MP_CMP(b, ==, MP_ZERO)) { + if (MP_ZEROP(b)) { /* --- Store %$|a|$% as the GCD --- */ if (gcd) { if (*gcd) MP_DROP(*gcd); a = MP_COPY(a); - if (a->f & MP_NEG) { + if (MP_NEGP(a)) { MP_SPLIT(a); a->f &= ~MP_NEG; f |= f_aneg; @@ -119,11 +99,11 @@ void mp_gcd(mp **gcd, mp **xx, mp **yy, mp *a, mp *b) if (f & f_ext) { if (f & f_swap) { - mp **t = xx; xx = yy; yy = t; + mp **tt = xx; xx = yy; yy = tt; } if (xx) { if (*xx) MP_DROP(*xx); - if (MP_CMP(a, ==, MP_ZERO)) + if (MP_EQ(a, MP_ZERO)) *xx = MP_ZERO; else if (f & f_aneg) *xx = MP_MONE; @@ -138,150 +118,39 @@ void mp_gcd(mp **gcd, mp **xx, mp **yy, mp *a, mp *b) return; } - /* --- Take a reference to the arguments --- */ + /* --- Force the signs on the arguments and take copies --- */ a = MP_COPY(a); b = MP_COPY(b); - /* --- Make sure @a@ and @b@ are not both even --- */ - MP_SPLIT(a); a->f &= ~MP_NEG; MP_SPLIT(b); b->f &= ~MP_NEG; - if (((a->v[0] | b->v[0]) & 1) == 0) { - mpscan asc, bsc; - - /* --- Break off my copies --- */ - - MP_SCAN(&asc, a); - MP_SCAN(&bsc, b); - - /* --- Start scanning --- */ - - for (;;) { - if (!MP_STEP(&asc) || !MP_STEP(&bsc)) - assert(((void)"zero argument passed to mp_gcd", 0)); - if (MP_BIT(&asc) || MP_BIT(&bsc)) - break; - shift++; - } - - /* --- Shift @a@ and @b@ down --- */ - - a = mp_lsr(a, a, shift); - b = mp_lsr(b, b, shift); - } - - /* --- Set up @u@ and @v@ --- */ - u = MP_COPY(a); v = MP_COPY(b); - /* --- Start the main loop --- */ - - for (;;) { - - /* --- While @u@ is even --- */ - - { - mpscan sc, xsc, ysc; - size_t n = 0, nn = 0; - - MP_SCAN(&sc, u); - MP_SCAN(&xsc, X); MP_SCAN(&ysc, Y); - for (;;) { - MP_STEP(&sc); - MP_STEP(&xsc); MP_STEP(&ysc); - if (MP_BIT(&sc)) - break; - if ((f & f_ext) && (MP_BIT(&xsc) | MP_BIT(&ysc))) { - if (n) { - X = mp_lsr(X, X, n); - Y = mp_lsr(Y, Y, n); - n = 0; - } - X = mp_add(X, X, b); - Y = mp_sub(Y, Y, a); - MP_SCAN(&xsc, X); - MP_SCAN(&ysc, Y); - MP_STEP(&xsc); MP_STEP(&ysc); - } - n++; nn++; - } - - if (nn) { - u = mp_lsr(u, u, nn); - if ((f & f_ext) && n) { - X = mp_lsr(X, X, n); - Y = mp_lsr(Y, Y, n); - } - } - } - - /* --- While @v@ is even --- */ - - { - mpscan sc, xsc, ysc; - size_t n = 0, nn = 0; - - MP_SCAN(&sc, v); - MP_SCAN(&xsc, x); MP_SCAN(&ysc, y); - for (;;) { - MP_STEP(&sc); - MP_STEP(&xsc); MP_STEP(&ysc); - if (MP_BIT(&sc)) - break; - if ((f & f_ext) && (MP_BIT(&xsc) | MP_BIT(&ysc))) { - if (n) { - x = mp_lsr(x, x, n); - y = mp_lsr(y, y, n); - n = 0; - } - x = mp_add(x, x, b); - y = mp_sub(y, y, a); - MP_SCAN(&xsc, x); - MP_SCAN(&ysc, y); - MP_STEP(&xsc); MP_STEP(&ysc); - } - n++; nn++; - } - - if (nn) { - v = mp_lsr(v, v, nn); - if ((f & f_ext) && n) { - x = mp_lsr(x, x, n); - y = mp_lsr(y, y, n); - } - } - } - - /* --- End-of-loop fiddling --- */ + /* --- Main extended Euclidean algorithm --- */ - if (MP_CMP(u, >=, v)) { - u = mp_sub(u, u, v); - if (f & f_ext) { - X = mp_sub(X, X, x); - Y = mp_sub(Y, Y, y); - } - } else { - v = mp_sub(v, v, u); - if (f & f_ext) { - x = mp_sub(x, x, X); - y = mp_sub(y, y, Y); - } + while (!MP_ZEROP(v)) { + mp_div(&q, &u, u, v); + if (f & f_ext) { + t = mp_mul(spare, X, q); + t = mp_sub(t, x, t); + spare = x; x = X; X = t; + t = mp_mul(spare, Y, q); + t = mp_sub(t, y, t); + spare = y; y = Y; Y = t; } - - if (MP_CMP(u, ==, MP_ZERO)) - break; + t = u; u = v; v = t; } - /* --- Write the results out --- */ - + MP_DROP(q); if (spare) MP_DROP(spare); if (!gcd) - MP_DROP(v); + MP_DROP(u); else { if (*gcd) MP_DROP(*gcd); - *gcd = mp_lsl(v, v, shift); + u->f &= ~MP_NEG; + *gcd = u; } /* --- Perform a little normalization --- * @@ -296,7 +165,7 @@ void mp_gcd(mp **gcd, mp **xx, mp **yy, mp *a, mp *b) /* --- If @a@ and @b@ got swapped, swap the coefficients back --- */ if (f & f_swap) { - mp *t = x; x = y; y = t; + t = x; x = y; y = t; t = a; a = b; b = t; } @@ -308,11 +177,11 @@ void mp_gcd(mp **gcd, mp **xx, mp **yy, mp *a, mp *b) */ if (yy) { - if (y->f & MP_NEG) { + if (MP_NEGP(y)) { do { y = mp_add(y, y, a); x = mp_sub(x, x, b); - } while (y->f & MP_NEG); + } while (MP_NEGP(y)); } else { while (MP_CMP(y, >=, a)) { y = mp_sub(y, y, a); @@ -320,10 +189,10 @@ void mp_gcd(mp **gcd, mp **xx, mp **yy, mp *a, mp *b) } } } else { - if (x->f & MP_NEG) { + if (MP_NEGP(x)) { do x = mp_add(x, x, b); - while (x->f & MP_NEG); + while (MP_NEGP(x)); } else { while (MP_CMP(x, >=, b)) x = mp_sub(x, x, b); @@ -354,15 +223,57 @@ void mp_gcd(mp **gcd, mp **xx, mp **yy, mp *a, mp *b) } } - MP_DROP(u); + MP_DROP(v); MP_DROP(X); MP_DROP(Y); MP_DROP(a); MP_DROP(b); } +/* -- @mp_modinv@ --- * + * + * Arguments: @mp *d@ = destination + * @mp *x@ = argument + * @mp *p@ = modulus + * + * Returns: The inverse %$x^{-1} \bmod p$%. + * + * Use: Computes a modular inverse. An assertion fails if %$p$% + * has no inverse. + */ + +mp *mp_modinv(mp *d, mp *x, mp *p) +{ + mp *g = MP_NEW; + mp_gcd(&g, 0, &d, p, x); + assert(MP_EQ(g, MP_ONE)); + mp_drop(g); + return (d); +} + /*----- Test rig ----------------------------------------------------------*/ #ifdef TEST_RIG +static int modinv(dstr *v) +{ + int ok = 1; + mp *x = *(mp **)v[0].buf; + mp *m = *(mp **)v[1].buf; + mp *r = *(mp **)v[2].buf; + + mp *y = mp_modinv(MP_NEW, x, m); + if (!MP_EQ(y, r)) { + fputs("\n*** mp_modinv failed", stderr); + fputs("\nx = ", stderr); mp_writefile(x, stderr, 10); + fputs("\nm = ", stderr); mp_writefile(m, stderr, 10); + fputs("\nexpect = ", stderr); mp_writefile(r, stderr, 10); + fputs("\nresult = ", stderr); mp_writefile(y, stderr, 10); + ok = 0; + } + MP_DROP(x); MP_DROP(m); MP_DROP(r); MP_DROP(y); + assert(mparena_count(MPARENA_GLOBAL) == 0); + return (ok); +} + static int gcd(dstr *v) { int ok = 1; @@ -374,19 +285,19 @@ static int gcd(dstr *v) mp *gg = MP_NEW, *xx = MP_NEW, *yy = MP_NEW; mp_gcd(&gg, &xx, &yy, a, b); - if (MP_CMP(x, !=, xx)) { + if (!MP_EQ(x, xx)) { fputs("\n*** mp_gcd(x) failed", stderr); - fputs("\na = ", stderr); mp_writefile(a, stderr, 10); - fputs("\nb = ", stderr); mp_writefile(b, stderr, 10); + fputs("\na = ", stderr); mp_writefile(a, stderr, 10); + fputs("\nb = ", stderr); mp_writefile(b, stderr, 10); fputs("\nexpect = ", stderr); mp_writefile(x, stderr, 10); fputs("\nresult = ", stderr); mp_writefile(xx, stderr, 10); fputc('\n', stderr); ok = 0; } - if (MP_CMP(y, !=, yy)) { + if (!MP_EQ(y, yy)) { fputs("\n*** mp_gcd(y) failed", stderr); - fputs("\na = ", stderr); mp_writefile(a, stderr, 10); - fputs("\nb = ", stderr); mp_writefile(b, stderr, 10); + fputs("\na = ", stderr); mp_writefile(a, stderr, 10); + fputs("\nb = ", stderr); mp_writefile(b, stderr, 10); fputs("\nexpect = ", stderr); mp_writefile(y, stderr, 10); fputs("\nresult = ", stderr); mp_writefile(yy, stderr, 10); fputc('\n', stderr); @@ -397,16 +308,16 @@ static int gcd(dstr *v) mp *ax = mp_mul(MP_NEW, a, xx); mp *by = mp_mul(MP_NEW, b, yy); ax = mp_add(ax, ax, by); - if (MP_CMP(ax, ==, gg)) + if (MP_EQ(ax, gg)) fputs("\n*** (Alternative result found.)\n", stderr); MP_DROP(ax); MP_DROP(by); } - if (MP_CMP(g, !=, gg)) { + if (!MP_EQ(g, gg)) { fputs("\n*** mp_gcd(gcd) failed", stderr); - fputs("\na = ", stderr); mp_writefile(a, stderr, 10); - fputs("\nb = ", stderr); mp_writefile(b, stderr, 10); + fputs("\na = ", stderr); mp_writefile(a, stderr, 10); + fputs("\nb = ", stderr); mp_writefile(b, stderr, 10); fputs("\nexpect = ", stderr); mp_writefile(g, stderr, 10); fputs("\nresult = ", stderr); mp_writefile(gg, stderr, 10); fputc('\n', stderr); @@ -420,6 +331,7 @@ static int gcd(dstr *v) static test_chunk tests[] = { { "gcd", gcd, { &type_mp, &type_mp, &type_mp, &type_mp, &type_mp, 0 } }, + { "modinv", modinv, { &type_mp, &type_mp, &type_mp, 0 } }, { 0, 0, { 0 } } };