New functions ecc_mod_mul_canonical and ecc_mod_sqr_canonical.

* ecc-mod-arith.c (ecc_mod_mul_canonical, ecc_mod_sqr_canonical):
New functions.
* ecc-internal.h: Declare and document new functions.
* curve448-eh-to-x.c (curve448_eh_to_x): Use ecc_mod_sqr_canonical.
* curve25519-eh-to-x.c (curve25519_eh_to_x): Use ecc_mod_mul_canonical.
* ecc-eh-to-a.c (ecc_eh_to_a): Likewise.
* ecc-j-to-a.c (ecc_j_to_a): Likewise.
* ecc-mul-m.c (ecc_mul_m): Likewise.

1 files changed, 3 insertions, 12 deletions

diff --git a/ecc-j-to-a.c b/ecc-j-to-a.c
index 2d55b3a5..ac134b51 100644
--- a/ecc-j-to-a.c
+++ b/ecc-j-to-a.c
@@ -49,8 +49,6 @@ ecc_j_to_a (const struct ecc_curve *ecc,
 #define iz3p (scratch + 2*ecc->p.size)
 #define tp    scratch
 
-  mp_limb_t cy;
-
   ecc->p.invert (&ecc->p, izp, p+2*ecc->p.size, izp + ecc->p.size);
   ecc_mod_sqr (&ecc->p, iz2p, izp, iz2p);
 
@@ -63,17 +61,13 @@ ecc_j_to_a (const struct ecc_curve *ecc,
     }
 
   /* r_x <-- x / z^2 */
-  ecc_mod_mul (&ecc->p, iz3p, iz2p, p, iz3p);
-  /* ecc_mod (and ecc_mod_mul) may return a value up to 2p - 1, so
-     do a conditional subtraction. */
-  cy = mpn_sub_n (r, iz3p, ecc->p.m, ecc->p.size);
-  cnd_copy (cy, r, iz3p, ecc->p.size);
-
+  ecc_mod_mul_canonical (&ecc->p, r, iz2p, p, iz3p);
   if (op)
     {
       /* Skip y coordinate */
       if (op > 1)
 	{
+	  mp_limb_t cy;
 	  /* Also reduce the x coordinate mod ecc->q. It should
 	     already be < 2*ecc->q, so one subtraction should
 	     suffice. */
@@ -83,10 +77,7 @@ ecc_j_to_a (const struct ecc_curve *ecc,
       return;
     }
   ecc_mod_mul (&ecc->p, iz3p, iz2p, izp, iz3p);
-  ecc_mod_mul (&ecc->p, tp, iz3p, p + ecc->p.size, tp);
-  /* And a similar subtraction. */
-  cy = mpn_sub_n (r + ecc->p.size, tp, ecc->p.m, ecc->p.size);
-  cnd_copy (cy, r + ecc->p.size, tp, ecc->p.size);
+  ecc_mod_mul_canonical (&ecc->p, r + ecc->p.size, iz3p, p + ecc->p.size, tp);
 
 #undef izp
 #undef iz2p