From 013379143152c00f8a66a04d52c9af460e08244f Mon Sep 17 00:00:00 2001
From: "Diego F. Aranha" <dfaranha@gmail.com>
Date: Sun, 29 Dec 2024 22:36:28 +0100
Subject: [PATCH] Handle more cases.

---
 src/bn/relic_bn_rec.c | 45 +++++++++++++++++++------------------------
 1 file changed, 20 insertions(+), 25 deletions(-)

diff --git a/src/bn/relic_bn_rec.c b/src/bn/relic_bn_rec.c
index 56155daa0..94f1083a3 100644
--- a/src/bn/relic_bn_rec.c
+++ b/src/bn/relic_bn_rec.c
@@ -825,13 +825,12 @@ void bn_rec_glv(bn_t k0, bn_t k1, const bn_t k, const bn_t n, const bn_st *v1,
 	size_t bits = bn_bits(n), d = bits >> RLC_DIG_LOG, b = bits % RLC_DIG;
 	dig_t r, b1[2 * RLC_FP_DIGS + 1] = { 0 }, b2[2 * RLC_FP_DIGS + 1] = { 0 };
 	dig_t _k[2 * RLC_FP_DIGS + 1] = { 0 }, _v[2 * RLC_FP_DIGS] = { 0 };
-	bn_t t, u;
+	bn_t t;
 
 	bn_null(t);
 
 	RLC_TRY {
 		bn_new(t);
-		bn_new(u);
 
 		bn_abs(t, k);
 
@@ -859,56 +858,52 @@ void bn_rec_glv(bn_t k0, bn_t k1, const bn_t k, const bn_t n, const bn_st *v1,
 		dv_zero(_v, 2 * RLC_FP_DIGS);
 		dv_copy(_v, v1[1].dp, v1[1].used);
 		bn_muln_low(k0->dp, b1, _v, RLC_FP_DIGS);
-		k0->used = 2 * RLC_FP_DIGS;
+		k0->dp[2 * RLC_FP_DIGS] = 0;
 		k0->sign = v1[0].sign ^ v1[1].sign;
-		bn_trim(k0);
 
 		/* k1 = b2 * v21 */
 		dv_zero(_v, 2 * RLC_FP_DIGS);
 		dv_copy(_v, v2[1].dp, v2[1].used);
 		bn_muln_low(k1->dp, b2, _v, RLC_FP_DIGS);
-		k1->used = 2 * RLC_FP_DIGS;
+		k1->dp[2 * RLC_FP_DIGS] = 0;
 		k1->sign = v2[0].sign ^ v2[1].sign;
-		bn_trim(k1);
 
-		k0->sign ^= 1;
-		bn_negs_low(k0->dp, k0->dp, k0->sign, 2 * RLC_FP_DIGS);
-		bn_addn_low(k0->dp, k0->dp, _k, 2 * RLC_FP_DIGS);
-		k0->sign = k0->dp[2 * RLC_FP_DIGS - 1] & 1;
-		k0->used = 2 * RLC_FP_DIGS;
-		bn_trim(k0);
-		k1->sign ^= 1;
-		k1->used = 2 * RLC_FP_DIGS;
-		bn_negs_low(k1->dp, k1->dp, k1->sign, 2 * RLC_FP_DIGS);
-		bn_addn_low(k0->dp, k0->dp, k1->dp, 2 * RLC_FP_DIGS);
-		k0->sign = k0->dp[2 * RLC_FP_DIGS - 1] & 1;
-		bn_negs_low(k0->dp, k0->dp, k0->sign, 2 * RLC_FP_DIGS);
+		/* k0 = k - k0 - k1. */
+		bn_negs_low(k0->dp, k0->dp, k0->sign ^ 1, 2 * RLC_FP_DIGS + 1);
+		bn_negs_low(k1->dp, k1->dp, k1->sign ^ 1, 2 * RLC_FP_DIGS + 1);
+		bn_addn_low(k0->dp, k0->dp, k1->dp, 2 * RLC_FP_DIGS + 1);
+		bn_addn_low(k0->dp, k0->dp, _k, 2 * RLC_FP_DIGS + 1);
+		k0->sign = k0->dp[2 * RLC_FP_DIGS] & 1;
+		bn_negs_low(k0->dp, k0->dp, k0->sign, 2 * RLC_FP_DIGS + 1);
 		k0->used = 2 * RLC_FP_DIGS;
 		bn_trim(k0);
 
+		/* k1 = 0 - b1 * v21 - b2 * v21. */
 		dv_zero(_v, 2 * RLC_FP_DIGS);
 		dv_copy(_v, v1[2].dp, v1[2].used);
 		bn_muln_low(k1->dp, b1, _v, RLC_FP_DIGS);
-		k1->used = 2 * RLC_FP_DIGS;
+		k1->dp[2 * RLC_FP_DIGS] = 0;
 		k1->sign = v1[0].sign ^ v1[2].sign;
-		bn_trim(k1);
 
 		dv_zero(_v, 2 * RLC_FP_DIGS);
 		dv_copy(_v, v2[2].dp, v2[2].used);
 		bn_muln_low(t->dp, b2, _v, RLC_FP_DIGS);
-		t->used = 2 * RLC_FP_DIGS;
+		t->dp[2 * RLC_FP_DIGS] = 0;
 		t->sign = v2[0].sign ^ v2[2].sign;
-		bn_trim(t);
 
-		bn_add(k1, k1, t);
-		k1->sign ^= 1;
+		bn_negs_low(t->dp, t->dp, t->sign ^ 1, 2 * RLC_FP_DIGS + 1);
+		bn_negs_low(k1->dp, k1->dp, k1->sign ^ 1, 2 * RLC_FP_DIGS + 1);
+		bn_addn_low(k1->dp, k1->dp, t->dp, 2 * RLC_FP_DIGS + 1);
+		k1->sign = k1->dp[2 * RLC_FP_DIGS] & 1;
+		bn_negs_low(k1->dp, k1->dp, k1->sign, 2 * RLC_FP_DIGS + 1);
+		k1->used = 2 * RLC_FP_DIGS;
+		bn_trim(k1);
 	}
 	RLC_CATCH_ANY {
 		RLC_THROW(ERR_CAUGHT);
 	}
 	RLC_FINALLY {
 		bn_free(t);
-		bn_free(u);
 	}
 }