Add separate result argument to all mod functions.

* ecc-internal.h (typedef ecc_mod_func): Add separate result argument. Updated all C implementations and callers.
author: Niels Möller <nisse@lysator.liu.se> 2020-10-30 15:01:39 +0100
committer: Niels Möller <nisse@lysator.liu.se> 2020-10-30 20:22:40 +0100
commit: f4f5625edb7d899972431b838ac19ced9288f68a (patch)
tree: bc18e9bd95b9f940bc6d4229e012c063562e8c9e /ecc-mod.c
parent: cbf217b15f66a73041e6fe1a108453efd0297d27 (diff)
download: nettle-f4f5625edb7d899972431b838ac19ced9288f68a.tar.gz
1 files changed, 20 insertions, 15 deletions
diff --git a/ecc-mod.c b/ecc-mod.c
index 38a0d4f9..7532d1ec 100644
--- a/ecc-mod.c
+++ b/ecc-mod.c
@@ -39,9 +39,11 @@
 
 #include "ecc-internal.h"
 
-/* Computes r mod m, input 2*m->size, output m->size. */
+/* Computes r <-- x mod m, input 2*m->size, output m->size. It's
+ * allowed to have rp == xp or rp == xp + m->size, but no other kind
+ * of overlap is allowed. */
 void
-ecc_mod (const struct ecc_modulo *m, mp_limb_t *rp)
+ecc_mod (const struct ecc_modulo *m, mp_limb_t *rp, mp_limb_t *xp)
 {
   mp_limb_t hi;
   mp_size_t mn = m->size;
@@ -64,9 +66,9 @@ ecc_mod (const struct ecc_modulo *m, mp_limb_t *rp)
 	  rn -= sn;
 
 	  for (i = 0; i <= sn; i++)
-	    rp[rn+i-1] = mpn_addmul_1 (rp + rn - mn - 1 + i, m->B, bn, rp[rn+i-1]);
-	  rp[rn-1] = rp[rn+sn-1]
-	    + mpn_add_n (rp + rn - sn - 1, rp + rn - sn - 1, rp + rn - 1, sn);
+	    xp[rn+i-1] = mpn_addmul_1 (xp + rn - mn - 1 + i, m->B, bn, xp[rn+i-1]);
+	  xp[rn-1] = xp[rn+sn-1]
+	    + mpn_add_n (xp + rn - sn - 1, xp + rn - sn - 1, xp + rn - 1, sn);
 	}
     }
   else
@@ -76,10 +78,10 @@ ecc_mod (const struct ecc_modulo *m, mp_limb_t *rp)
 	  rn -= sn;
 
 	  for (i = 0; i < sn; i++)
-	    rp[rn+i] = mpn_addmul_1 (rp + rn - mn + i, m->B, bn, rp[rn+i]);
+	    xp[rn+i] = mpn_addmul_1 (xp + rn - mn + i, m->B, bn, xp[rn+i]);
 				     
-	  hi = mpn_add_n (rp + rn - sn, rp + rn - sn, rp + rn, sn);
-	  hi = mpn_cnd_add_n (hi, rp + rn - mn, rp + rn - mn, m->B, mn);
+	  hi = mpn_add_n (xp + rn - sn, xp + rn - sn, xp + rn, sn);
+	  hi = mpn_cnd_add_n (hi, xp + rn - mn, xp + rn - mn, m->B, mn);
 	  assert (hi == 0);
 	}
     }
@@ -89,23 +91,26 @@ ecc_mod (const struct ecc_modulo *m, mp_limb_t *rp)
   assert (rn <= sn);
 
   for (i = 0; i < rn; i++)
-    rp[mn+i] = mpn_addmul_1 (rp + i, m->B, bn, rp[mn+i]);
+    xp[mn+i] = mpn_addmul_1 (xp + i, m->B, bn, xp[mn+i]);
 
-  hi = mpn_add_n (rp + bn, rp + bn, rp + mn, rn);
+  hi = mpn_add_n (xp + bn, xp + bn, xp + mn, rn);
   if (rn < sn)
-    hi = sec_add_1 (rp + bn + rn, rp + bn + rn, sn - rn, hi);
+    hi = sec_add_1 (xp + bn + rn, xp + bn + rn, sn - rn, hi);
 
   shift = m->size * GMP_NUMB_BITS - m->bit_size;
   if (shift > 0)
     {
       /* Combine hi with top bits, add in */
-      hi = (hi << shift) | (rp[mn-1] >> (GMP_NUMB_BITS - shift));
-      rp[mn-1] = (rp[mn-1] & (((mp_limb_t) 1 << (GMP_NUMB_BITS - shift)) - 1))
-	+ mpn_addmul_1 (rp, m->B_shifted, mn-1, hi);
+      hi = (hi << shift) | (xp[mn-1] >> (GMP_NUMB_BITS - shift));
+      xp[mn-1] = (xp[mn-1] & (((mp_limb_t) 1 << (GMP_NUMB_BITS - shift)) - 1))
+	+ mpn_addmul_1 (xp, m->B_shifted, mn-1, hi);
+      /* FIXME: Can this copying be eliminated? */
+      if (rp != xp)
+	mpn_copyi (rp, xp, mn);
     }
   else
     {
-      hi = mpn_cnd_add_n (hi, rp, rp, m->B, mn);
+      hi = mpn_cnd_add_n (hi, rp, xp, m->B, mn);
       assert (hi == 0);
     }
 }
author	Niels Möller <nisse@lysator.liu.se>	2020-10-30 15:01:39 +0100
committer	Niels Möller <nisse@lysator.liu.se>	2020-10-30 20:22:40 +0100
commit	f4f5625edb7d899972431b838ac19ced9288f68a (patch)
tree	bc18e9bd95b9f940bc6d4229e012c063562e8c9e /ecc-mod.c
parent	cbf217b15f66a73041e6fe1a108453efd0297d27 (diff)
download	nettle-f4f5625edb7d899972431b838ac19ced9288f68a.tar.gz