mp_build(&a, &aw, &aw + 1);
i = 0;
+
+ again:
+
+ /* --- Choose a random %$a$% and calculate %$z = a^t \bmod n$% --- *
+ *
+ * If %$z \equiv 1$% or %$z \equiv -1 \pmod n$% then this iteration
+ * is a failure.
+ */
+
+ aw = primetab[i++];
+ z = mpmont_mul(&mm, z, &a, mm.r2);
+ z = mpmont_expr(&mm, z, z, t);
+ if (MP_EQ(z, mm.r) || MP_EQ(z, m1))
+ goto again;
+
+ /* --- Now square until something interesting happens --- *
+ *
+ * Compute %$z^{2i} \bmod n$%. Eventually, I'll either get %$-1$% or
+ * %$1$%. If the former, the number is uninteresting, and I need to
+ * restart. If the latter, the previous number minus 1 has a common
+ * factor with %$n$%.
+ */
+
for (;;) {
- again:
-
- /* --- Choose a random %$a$% and calculate %$z = a^t \bmod n$% --- *
- *
- * If %$z \equiv 1$% or %$z \equiv -1 \pmod n$% then this iteration
- * is a failure.
- */
-
- aw = primetab[i++];
- z = mpmont_mul(&mm, z, &a, mm.r2);
- z = mpmont_expr(&mm, z, z, t);
- if (MP_EQ(z, mm.r) || MP_EQ(z, m1))
- continue;
-
- /* --- Now square until something interesting happens --- *
- *
- * Compute %$z^{2i} \bmod n$%. Eventually, I'll either get %$-1$% or
- * %$1$%. If the former, the number is uninteresting, and I need to
- * restart. If the latter, the previous number minus 1 has a common
- * factor with %$n$%.
- */
-
- for (;;) {
- zz = mp_sqr(zz, z);
- zz = mpmont_reduce(&mm, zz, zz);
- if (MP_EQ(zz, mm.r)) {
- mp_drop(zz);
- goto done;
- } else if (MP_EQ(zz, m1)) {
- mp_drop(zz);
- goto again;
- }
- mp_drop(z);
- z = zz;
- zz = MP_NEW;
+ zz = mp_sqr(zz, z);
+ zz = mpmont_reduce(&mm, zz, zz);
+ if (MP_EQ(zz, mm.r)) {
+ mp_drop(zz);
+ goto done;
+ } else if (MP_EQ(zz, m1)) {
+ mp_drop(zz);
+ goto again;
}
+ mp_drop(z);
+ z = zz;
+ zz = MP_NEW;
}
/* --- Do the factoring --- *
~mdw / catacomb / blobdiff