Simplify ep_mul_lwreg.

relic-toolkit · Mar 30, 2024 · eb8d511 · eb8d511
1 parent 308412e
commit eb8d511
Showing 1 changed file with 48 additions and 59 deletions.
diff --git a/src/ep/relic_ep_mul.c b/src/ep/relic_ep_mul.c
@@ -212,36 +212,31 @@ static void ep_mul_naf_imp(ep_t r, const ep_t p, const bn_t k) {
 #if defined(EP_ENDOM)
 
 static void ep_mul_reg_glv(ep_t r, const ep_t p, const bn_t k) {
-	int i, j, n0, n1, s0, s1, b0, b1;
-	int8_t _s0, _s1, reg0[RLC_FP_BITS + 1], reg1[RLC_FP_BITS + 1];
-	bn_t n, _k, k0, k1, v1[3], v2[3];
-	ep_t q, t[1 << (RLC_WIDTH - 2)], u, v, w;
+	int8_t reg[2][RLC_FP_BITS + 1], s[2], b[2], c0, c1, n0, n1;
+	bn_t n, _k[2], v1[3], v2[3];
+	ep_t q, t[1 << (RLC_WIDTH - 2)], u, w;
 	size_t l;
 
 	bn_null(n);
-	bn_null(_k);
-	bn_null(k0);
-	bn_null(k1);
+	bn_null(_k[0]);
+	bn_null(_k[1]);
 	ep_null(q);
 	ep_null(u);
-	ep_null(v);
 	ep_null(w);
 
 	RLC_TRY {
 		bn_new(n);
-		bn_new(_k);
-		bn_new(k0);
-		bn_new(k1);
+		bn_new(_k[0]);
+		bn_new(_k[1]);
 		ep_new(q);
 		ep_new(u);
-		ep_new(v);
 		ep_new(w);
 
-		for (i = 0; i < (1 << (RLC_WIDTH - 2)); i++) {
+		for (size_t i = 0; i < (1 << (RLC_WIDTH - 2)); i++) {
 			ep_null(t[i]);
 			ep_new(t[i]);
 		}
-		for (i = 0; i < 3; i++) {
+		for (size_t i = 0; i < 3; i++) {
 			bn_null(v1[i]);
 			bn_null(v2[i]);
 			bn_new(v1[i]);
@@ -252,27 +247,25 @@ static void ep_mul_reg_glv(ep_t r, const ep_t p, const bn_t k) {
 		ep_curve_get_v1(v1);
 		ep_curve_get_v2(v2);
 
-		bn_mod(_k, k, n);
+		bn_mod(_k[0], k, n);
 
-		bn_rec_glv(k0, k1, _k, n, (const bn_t *)v1, (const bn_t *)v2);
-		s0 = bn_sign(k0);
-		s1 = bn_sign(k1);
-		bn_abs(k0, k0);
-		bn_abs(k1, k1);
-		b0 = bn_is_even(k0);
-		b1 = bn_is_even(k1);
-		k0->dp[0] |= b0;
-		k1->dp[0] |= b1;
-
-		ep_copy(q, p);
-		ep_neg(t[0], p);
-		dv_copy_cond(q->y, t[0]->y, RLC_FP_DIGS, s0 != RLC_POS);
+		bn_rec_glv(_k[0], _k[1], _k[0], n, (const bn_t *)v1, (const bn_t *)v2);
+		for (size_t i = 0; i < 2; i++) {
+			s[i] = bn_sign(_k[i]);
+			bn_abs(_k[i], _k[i]);
+			b[i] = bn_is_even(_k[i]);
+			_k[i]->dp[0] |= b[i];
+		}
+
+		ep_norm(t[0], p);
+		ep_neg(q, t[0]);
+		dv_copy_cond(q->y, t[0]->y, RLC_FP_DIGS, s[0] == RLC_POS);
 		ep_tab(t, q, RLC_WIDTH);
 
 		l = RLC_FP_BITS + 1;
-		bn_rec_reg(reg0, &l, k0, bn_bits(n) >> 1, RLC_WIDTH);
+		bn_rec_reg(reg[0], &l, _k[0], bn_bits(n) >> 1, RLC_WIDTH);
 		l = RLC_FP_BITS + 1;
-		bn_rec_reg(reg1, &l, k1, bn_bits(n) >> 1, RLC_WIDTH);
+		bn_rec_reg(reg[1], &l, _k[1], bn_bits(n) >> 1, RLC_WIDTH);
 
 #if defined(EP_MIXED)
 		fp_set_dig(u->z, 1);
@@ -282,19 +275,19 @@ static void ep_mul_reg_glv(ep_t r, const ep_t p, const bn_t k) {
 		u->coord = w->coord = EP_ADD;
 #endif
 		ep_set_infty(r);
-		for (i = l - 1; i >= 0; i--) {
-			for (j = 0; j < RLC_WIDTH - 1; j++) {
+		for (int i = l - 1; i >= 0; i--) {
+			for (size_t j = 0; j < RLC_WIDTH - 1; j++) {
 				ep_dbl(r, r);
 			}
 
-			n0 = reg0[i];
-			_s0 = (n0 >> 7);
-			n0 = ((n0 ^ _s0) - _s0) >> 1;
-			n1 = reg1[i];
-			_s1 = (n1 >> 7);
-			n1 = ((n1 ^ _s1) - _s1) >> 1;
+			n0 = reg[0][i];
+			c0 = (n0 >> 7);
+			n0 = ((n0 ^ c0) - c0) >> 1;
+			n1 = reg[1][i];
+			c1 = (n1 >> 7);
+			n1 = ((n1 ^ c1) - c1) >> 1;
 
-			for (j = 0; j < (1 << (RLC_WIDTH - 2)); j++) {
+			for (size_t j = 0; j < (1 << (RLC_WIDTH - 2)); j++) {
 				dv_copy_cond(u->x, t[j]->x, RLC_FP_DIGS, j == n0);
 				dv_copy_cond(w->x, t[j]->x, RLC_FP_DIGS, j == n1);
 				dv_copy_cond(u->y, t[j]->y, RLC_FP_DIGS, j == n0);
@@ -304,31 +297,29 @@ static void ep_mul_reg_glv(ep_t r, const ep_t p, const bn_t k) {
 				dv_copy_cond(w->z, t[j]->z, RLC_FP_DIGS, j == n1);
 #endif
 			}
-			ep_neg(v, u);
-			dv_copy_cond(u->y, v->y, RLC_FP_DIGS, _s0 != 0);
-			ep_add(r, r, u);
+			ep_neg(q, u);
+			dv_copy_cond(q->y, u->y, RLC_FP_DIGS, c0 == 0);
+			ep_add(r, r, q);
 
 			ep_psi(w, w);
 			ep_neg(q, w);
-			dv_copy_cond(w->y, q->y, RLC_FP_DIGS, s0 != s1);
-			ep_neg(q, w);
-			dv_copy_cond(w->y, q->y, RLC_FP_DIGS, _s1 != 0);
+			dv_copy_cond(w->y, q->y, RLC_FP_DIGS, (c1 != 0) ^ (s[0] != s[1]));
 			ep_add(r, r, w);
 		}
 
 		/* t[0] has an unmodified copy of p. */
 		ep_sub(u, r, t[0]);
-		dv_copy_cond(r->x, u->x, RLC_FP_DIGS, b0);
-		dv_copy_cond(r->y, u->y, RLC_FP_DIGS, b0);
-		dv_copy_cond(r->z, u->z, RLC_FP_DIGS, b0);
+		dv_copy_cond(r->x, u->x, RLC_FP_DIGS, b[0]);
+		dv_copy_cond(r->y, u->y, RLC_FP_DIGS, b[0]);
+		dv_copy_cond(r->z, u->z, RLC_FP_DIGS, b[0]);
 
 		ep_psi(w, t[0]);
 		ep_neg(q, w);
-		dv_copy_cond(w->y, q->y, RLC_FP_DIGS, s0 != s1);
-		ep_sub(u, r, w);
-		dv_copy_cond(r->x, u->x, RLC_FP_DIGS, b1);
-		dv_copy_cond(r->y, u->y, RLC_FP_DIGS, b1);
-		dv_copy_cond(r->z, u->z, RLC_FP_DIGS, b1);
+		dv_copy_cond(q->y, w->y, RLC_FP_DIGS, s[0] == s[1]);
+		ep_sub(u, r, q);
+		dv_copy_cond(r->x, u->x, RLC_FP_DIGS, b[1]);
+		dv_copy_cond(r->y, u->y, RLC_FP_DIGS, b[1]);
+		dv_copy_cond(r->z, u->z, RLC_FP_DIGS, b[1]);
 
 		/* Convert r to affine coordinates. */
 		ep_norm(r, r);
@@ -338,18 +329,16 @@ static void ep_mul_reg_glv(ep_t r, const ep_t p, const bn_t k) {
 	}
 	RLC_FINALLY {
 		bn_free(n);
-		bn_free(_k);
-		bn_free(k0);
-		bn_free(k1);
+		bn_free(_k[0]);
+		bn_free(_k[1]);
 		bn_free(n);
 		ep_free(q);
 		ep_free(u);
-		ep_free(v);
 		ep_free(w);
-		for (i = 0; i < 1 << (RLC_WIDTH - 2); i++) {
+		for (size_t i = 0; i < 1 << (RLC_WIDTH - 2); i++) {
 			ep_free(t[i]);
 		}
-		for (i = 0; i < 3; i++) {
+		for (size_t i = 0; i < 3; i++) {
 			bn_free(v1[i]);
 			bn_free(v2[i]);
 		}