/**
* Performs the final reduction of the Montgomery algorithm.
* @see monPro(BigInteger, BigInteger, BigInteger, long)
* @see monSquare(BigInteger, BigInteger, long)
*/
private static BigInteger FinalSubtraction(int[] res, BigInteger modulus)
{
// skipping leading zeros
int modulusLen = modulus.numberLength;
bool doSub = res[modulusLen] != 0;
if (!doSub)
{
int[] modulusDigits = modulus.Digits;
doSub = true;
for (int i = modulusLen - 1; i >= 0; i--)
{
if (res[i] != modulusDigits[i])
{
doSub = (res[i] != 0) && ((res[i] & 0xFFFFFFFFL) > (modulusDigits[i] & 0xFFFFFFFFL));
break;
}
}
}
BigInteger result = new BigInteger(1, modulusLen + 1, res);
// if (res >= modulusDigits) compute (res - modulusDigits)
if (doSub)
{
Elementary.inplaceSubtract(result, modulus);
}
result.CutOffLeadingZeroes();
return(result);
}
/**
* Calculates a.modInverse(p) Based on: Savas, E; Koc, C "The Montgomery Modular
* Inverse - Revised"
*/
public static BigInteger ModInverseMontgomery(BigInteger a, BigInteger p)
{
if (a.Sign == 0)
{
// ZERO hasn't inverse
// math.19: BigInteger not invertible
throw new ArithmeticException(Messages.math19);
}
if (!BigInteger.TestBit(p, 0))
{
// montgomery inverse require even modulo
return(ModInverseLorencz(a, p));
}
int m = p.numberLength * 32;
// PRE: a \in [1, p - 1]
BigInteger u, v, r, s;
u = p.Copy(); // make copy to use inplace method
v = a.Copy();
int max = System.Math.Max(v.numberLength, u.numberLength);
r = new BigInteger(1, 1, new int[max + 1]);
s = new BigInteger(1, 1, new int[max + 1]);
s.Digits[0] = 1;
// s == 1 && v == 0
int k = 0;
int lsbu = u.LowestSetBit;
int lsbv = v.LowestSetBit;
int toShift;
if (lsbu > lsbv)
{
BitLevel.InplaceShiftRight(u, lsbu);
BitLevel.InplaceShiftRight(v, lsbv);
BitLevel.InplaceShiftLeft(r, lsbv);
k += lsbu - lsbv;
}
else
{
BitLevel.InplaceShiftRight(u, lsbu);
BitLevel.InplaceShiftRight(v, lsbv);
BitLevel.InplaceShiftLeft(s, lsbu);
k += lsbv - lsbu;
}
r.Sign = 1;
while (v.Sign > 0)
{
// INV v >= 0, u >= 0, v odd, u odd (except last iteration when v is even (0))
while (u.CompareTo(v) > BigInteger.EQUALS)
{
Elementary.inplaceSubtract(u, v);
toShift = u.LowestSetBit;
BitLevel.InplaceShiftRight(u, toShift);
Elementary.inplaceAdd(r, s);
BitLevel.InplaceShiftLeft(s, toShift);
k += toShift;
}
while (u.CompareTo(v) <= BigInteger.EQUALS)
{
Elementary.inplaceSubtract(v, u);
if (v.Sign == 0)
{
break;
}
toShift = v.LowestSetBit;
BitLevel.InplaceShiftRight(v, toShift);
Elementary.inplaceAdd(s, r);
BitLevel.InplaceShiftLeft(r, toShift);
k += toShift;
}
}
if (!u.IsOne)
{
// in u is stored the gcd
// math.19: BigInteger not invertible.
throw new ArithmeticException(Messages.math19);
}
if (r.CompareTo(p) >= BigInteger.EQUALS)
{
Elementary.inplaceSubtract(r, p);
}
r = p - r;
// Have pair: ((BigInteger)r, (Integer)k) where r == a^(-1) * 2^k mod (module)
int n1 = CalcN(p);
if (k > m)
{
r = MonPro(r, BigInteger.One, p, n1);
k = k - m;
}
r = MonPro(r, BigInteger.GetPowerOfTwo(m - k), p, n1);
return(r);
}
/**
* @param m a positive modulus
* Return the greatest common divisor of op1 and op2,
*
* @param op1
* must be greater than zero
* @param op2
* must be greater than zero
* @see BigInteger#gcd(BigInteger)
* @return {@code GCD(op1, op2)}
*/
public static BigInteger GcdBinary(BigInteger op1, BigInteger op2)
{
// PRE: (op1 > 0) and (op2 > 0)
/*
* Divide both number the maximal possible times by 2 without rounding
* gcd(2*a, 2*b) = 2 * gcd(a,b)
*/
int lsb1 = op1.LowestSetBit;
int lsb2 = op2.LowestSetBit;
int pow2Count = System.Math.Min(lsb1, lsb2);
BitLevel.InplaceShiftRight(op1, lsb1);
BitLevel.InplaceShiftRight(op2, lsb2);
BigInteger swap;
// I want op2 > op1
if (op1.CompareTo(op2) == BigInteger.GREATER)
{
swap = op1;
op1 = op2;
op2 = swap;
}
do
{
// INV: op2 >= op1 && both are odd unless op1 = 0
// Optimization for small operands
// (op2.bitLength() < 64) implies by INV (op1.bitLength() < 64)
if ((op2.numberLength == 1) ||
((op2.numberLength == 2) && (op2.Digits[1] > 0)))
{
op2 = BigInteger.FromInt64(Division.GcdBinary(op1.ToInt64(),
op2.ToInt64()));
break;
}
// Implements one step of the Euclidean algorithm
// To reduce one operand if it's much smaller than the other one
if (op2.numberLength > op1.numberLength * 1.2)
{
op2 = BigMath.Remainder(op2, op1);
if (op2.Sign != 0)
{
BitLevel.InplaceShiftRight(op2, op2.LowestSetBit);
}
}
else
{
// Use Knuth's algorithm of successive subtract and shifting
do
{
Elementary.inplaceSubtract(op2, op1); // both are odd
BitLevel.InplaceShiftRight(op2, op2.LowestSetBit); // op2 is even
} while (op2.CompareTo(op1) >= BigInteger.EQUALS);
}
// now op1 >= op2
swap = op2;
op2 = op1;
op1 = swap;
} while (op1.Sign != 0);
return(op2 << pow2Count);
}
