| blob | 485d357d4911924107343bcce1c548b7607f1647 |
1 /*
2 Name: imath.c
3 Purpose: Arbitrary precision integer arithmetic routines.
4 Author: M. J. Fromberger <http://spinning-yarns.org/michael/>
6 Copyright (C) 2002-2007 Michael J. Fromberger, All Rights Reserved.
8 Permission is hereby granted, free of charge, to any person obtaining a copy
9 of this software and associated documentation files (the "Software"), to deal
10 in the Software without restriction, including without limitation the rights
11 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
12 copies of the Software, and to permit persons to whom the Software is
13 furnished to do so, subject to the following conditions:
15 The above copyright notice and this permission notice shall be included in
16 all copies or substantial portions of the Software.
18 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
21 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
24 SOFTWARE.
25 */
29 #if DEBUG
30 #include <stdio.h>
31 #endif
33 #include <stdlib.h>
34 #include <string.h>
35 #include <ctype.h>
37 #include <assert.h>
39 #if DEBUG
41 #else
42 #define STATIC static
43 #endif
67 NULL
68 };
70 /* Argument checking macros
71 Use CHECK() where a return value is required; NRCHECK() elsewhere */
72 #define CHECK(TEST) assert(TEST)
73 #define NRCHECK(TEST) assert(TEST)
75 /* The ith entry of this table gives the value of log_i(2).
77 An integer value n requires ceil(log_i(n)) digits to be represented
78 in base i. Since it is easy to compute lg(n), by counting bits, we
79 can compute log_i(n) = lg(n) * log_i(2).
81 The use of this table eliminates a dependency upon linkage against
82 the standard math libraries.
84 If MP_MAX_RADIX is increased, this table should be expanded too.
85 */
97 };
101 /* Return the number of digits needed to represent a static value */
102 #define MP_VALUE_DIGITS(V) \
103 ((sizeof(V)+(sizeof(mp_digit)-1))/sizeof(mp_digit))
105 /* Round precision P to nearest word boundary */
106 #define ROUND_PREC(P) ((mp_size)(2*(((P)+1)/2)))
108 /* Set array P of S digits to zero */
109 #define ZERO(P, S) \
110 do{ \
111 mp_size i__ = (S) * sizeof(mp_digit); \
112 mp_digit *p__ = (P); \
113 memset(p__, 0, i__); \
114 } while(0)
116 /* Copy S digits from array P to array Q */
117 #define COPY(P, Q, S) \
118 do{ \
119 mp_size i__ = (S) * sizeof(mp_digit); \
120 mp_digit *p__ = (P), *q__ = (Q); \
121 memcpy(q__, p__, i__); \
122 } while(0)
124 /* Reverse N elements of type T in array A */
125 #define REV(T, A, N) \
126 do{ \
127 T *u_ = (A), *v_ = u_ + (N) - 1; \
128 while (u_ < v_) { \
129 T xch = *u_; \
130 *u_++ = *v_; \
131 *v_-- = xch; \
132 } \
133 } while(0)
135 #define CLAMP(Z) \
136 do{ \
137 mp_int z_ = (Z); \
138 mp_size uz_ = MP_USED(z_); \
139 mp_digit *dz_ = MP_DIGITS(z_) + uz_ -1; \
140 while (uz_ > 1 && (*dz_-- == 0)) \
141 --uz_; \
142 MP_USED(z_) = uz_; \
143 } while(0)
145 /* Select min/max. Do not provide expressions for which multiple
146 evaluation would be problematic, e.g. x++ */
147 #define MIN(A, B) ((B)<(A)?(B):(A))
148 #define MAX(A, B) ((B)>(A)?(B):(A))
150 /* Exchange lvalues A and B of type T, e.g.
151 SWAP(int, x, y) where x and y are variables of type int. */
152 #define SWAP(T, A, B) \
153 do{ \
154 T t_ = (A); \
155 A = (B); \
156 B = t_; \
157 } while(0)
159 /* Used to set up and access simple temp stacks within functions. */
160 #define DECLARE_TEMP(N) \
161 mpz_t temp[(N)]; \
162 int last__ = 0
163 #define CLEANUP_TEMP() \
164 CLEANUP: \
165 while (--last__ >= 0) \
166 mp_int_clear(TEMP(last__))
167 #define TEMP(K) (temp + (K))
168 #define LAST_TEMP() TEMP(last__)
169 #define SETUP(E) \
170 do{ \
171 if ((res = (E)) != MP_OK) \
172 goto CLEANUP; \
173 ++(last__); \
174 } while(0)
176 /* Compare value to zero. */
177 #define CMPZ(Z) \
178 (((Z)->used==1&&(Z)->digits[0]==0)?0:((Z)->sign==MP_NEG)?-1:1)
180 /* Multiply X by Y into Z, ignoring signs. Requires that Z have
181 enough storage preallocated to hold the result. */
182 #define UMUL(X, Y, Z) \
183 do{ \
184 mp_size ua_ = MP_USED(X), ub_ = MP_USED(Y); \
185 mp_size o_ = ua_ + ub_; \
186 ZERO(MP_DIGITS(Z), o_); \
187 (void) s_kmul(MP_DIGITS(X), MP_DIGITS(Y), MP_DIGITS(Z), ua_, ub_); \
188 MP_USED(Z) = o_; \
189 CLAMP(Z); \
190 } while(0)
192 /* Square X into Z. Requires that Z have enough storage to hold the
193 result. */
194 #define USQR(X, Z) \
195 do{ \
196 mp_size ua_ = MP_USED(X), o_ = ua_ + ua_; \
197 ZERO(MP_DIGITS(Z), o_); \
198 (void) s_ksqr(MP_DIGITS(X), MP_DIGITS(Z), ua_); \
199 MP_USED(Z) = o_; \
200 CLAMP(Z); \
201 } while(0)
203 #define UPPER_HALF(W) ((mp_word)((W) >> MP_DIGIT_BIT))
204 #define LOWER_HALF(W) ((mp_digit)(W))
205 #define HIGH_BIT_SET(W) ((W) >> (MP_WORD_BIT - 1))
206 #define ADD_WILL_OVERFLOW(W, V) ((MP_WORD_MAX - (V)) < (W))
210 /* Default number of digits allocated to a new mp_int */
211 #if IMATH_TEST
213 #else
215 #endif
217 /* Minimum number of digits to invoke recursive multiply */
218 #if IMATH_TEST
220 #else
222 #endif
224 /* Allocate a buffer of (at least) num digits, or return
225 NULL if that couldn't be done. */
228 /* Release a buffer of digits allocated by s_alloc(). */
231 /* Insure that z has at least min digits allocated, resizing if
232 necessary. Returns true if successful, false if out of memory. */
235 /* Fill in a "fake" mp_int on the stack with a given value */
239 /* Compare two runs of digits of given length, returns <0, 0, >0 */
242 /* Pack the unsigned digits of v into array t */
245 /* Compare magnitudes of a and b, returns <0, 0, >0 */
248 /* Compare magnitudes of a and v, returns <0, 0, >0 */
252 /* Unsigned magnitude addition; assumes dc is big enough.
253 Carry out is returned (no memory allocated). */
257 /* Unsigned magnitude subtraction. Assumes dc is big enough. */
261 /* Unsigned recursive multiplication. Assumes dc is big enough. */
265 /* Unsigned magnitude multiplication. Assumes dc is big enough. */
269 /* Unsigned recursive squaring. Assumes dc is big enough. */
272 /* Unsigned magnitude squaring. Assumes dc is big enough. */
275 /* Single digit addition. Assumes a is big enough. */
278 /* Single digit multiplication. Assumes a is big enough. */
281 /* Single digit multiplication on buffers; assumes dc is big enough. */
283 mp_size size_a);
285 /* Single digit division. Replaces a with the quotient,
286 returns the remainder. */
289 /* Quick division by a power of 2, replaces z (no allocation) */
292 /* Quick remainder by a power of 2, replaces z (no allocation) */
295 /* Quick multiplication by a power of 2, replaces z.
296 Allocates if necessary; returns false in case this fails. */
299 /* Quick subtraction from a power of 2, replaces z.
300 Allocates if necessary; returns false in case this fails. */
303 /* Return maximum k such that 2^k divides z. */
306 /* Return k >= 0 such that z = 2^k, or -1 if there is no such k. */
309 /* Set z to 2^k. May allocate; returns false in case this fails. */
312 /* Normalize a and b for division, returns normalization constant */
315 /* Compute constant mu for Barrett reduction, given modulus m, result
316 replaces z, m is untouched. */
319 /* Reduce a modulo m, using Barrett's algorithm. */
322 /* Modular exponentiation, using Barrett reduction */
325 /* Unsigned magnitude division. Assumes |a| > |b|. Allocates temporaries;
326 overwrites a with quotient, b with remainder. */
329 /* Compute the number of digits in radix r required to represent the given
330 value. Does not account for sign flags, terminators, etc. */
333 /* Guess how many digits of precision will be needed to represent a radix r
334 value of the specified number of digits. Returns a value guaranteed to be
335 no smaller than the actual number required. */
338 /* Convert a character to a digit value in radix r, or
339 -1 if out of range */
342 /* Convert a digit value to a character */
345 /* Take 2's complement of a buffer in place */
348 /* Convert a value to binary, ignoring sign. On input, *limpos is the bound on
349 how many bytes should be written to buf; on output, *limpos is set to the
350 number of bytes actually written. */
353 #if DEBUG
354 /* Dump a representation of the mp_int to standard output */
357 #endif
360 {
371 }
374 {
381 }
384 {
391 else
403 }
406 {
407 mp_result res;
408 mp_size uold;
415 }
421 }
428 }
431 {
432 mpz_t vtmp;
437 }
440 {
441 mpz_t vtmp;
446 }
449 {
450 mpz_t vtmp;
455 }
458 {
459 mpz_t vtmp;
464 }
467 {
476 }
477 }
480 {
485 }
488 {
503 }
506 }
509 {
520 }
521 }
524 {
530 }
533 {
534 mp_result res;
543 }
546 {
547 mp_result res;
558 }
561 {
570 /* Same sign -- add magnitudes, preserve sign of addends */
571 mp_digit carry;
585 }
590 }
592 /* Different signs -- subtract magnitudes, preserve sign of greater */
596 /* Set x to max(a, b), y to min(a, b) to simplify later code.
597 A special case yields zero for equal magnitudes.
598 */
602 }
605 }
608 }
613 /* Subtract smaller from larger */
618 /* Give result the sign of the larger */
620 }
623 }
626 {
627 mpz_t vtmp;
633 }
636 {
645 /* Different signs -- add magnitudes and keep sign of a */
646 mp_digit carry;
660 }
665 }
667 /* Same signs -- subtract magnitudes */
669 mp_sign osign;
677 }
680 }
690 }
693 }
696 {
697 mpz_t vtmp;
703 }
706 {
709 mp_sign osign;
713 /* If either input is zero, we can shortcut multiplication */
717 }
719 /* Output is positive if inputs have same sign, otherwise negative */
722 /* If the output is not identical to any of the inputs, we'll write the
723 results directly; otherwise, allocate a temporary space. */
734 }
740 }
746 /* If we allocated a new buffer, get rid of whatever memory c was already
747 using, and fix up its fields to reflect that.
748 */
754 }
761 }
764 {
765 mpz_t vtmp;
771 }
774 {
775 mp_result res;
783 else
785 }
788 {
794 /* Get a temporary buffer big enough to hold the result */
802 }
808 }
813 /* Get rid of whatever memory c was already using, and fix up its fields to
814 reflect the new digit array it's using
815 */
821 }
828 }
831 {
843 /* If |a| < |b|, no division is required:
844 q = 0, r = a
845 */
853 }
855 /* If |a| = |b|, no division is required:
856 q = 1 or -1, r = 0
857 */
867 }
870 }
872 /* When |a| > |b|, real division is required. We need someplace to store
873 quotient and remainder, but q and r are allowed to be NULL or to overlap
874 with the inputs.
875 */
880 else
882 }
886 }
891 else
893 }
897 }
900 }
907 }
909 /* Recompute signs for output */
914 }
919 }
926 }
929 {
930 mp_result res;
931 mpz_t tmp;
932 mp_int out;
937 }
940 }
947 else
950 CLEANUP:
955 }
958 {
961 mp_result res;
972 CLEANUP:
975 }
978 {
990 }
993 {
994 mpz_t t;
995 mp_result res;
1010 }
1017 }
1019 CLEANUP:
1022 }
1025 {
1026 mpz_t t;
1027 mp_result res;
1042 }
1049 }
1051 CLEANUP:
1054 }
1057 {
1058 mpz_t t;
1059 mp_result res;
1077 }
1084 }
1085 }
1087 CLEANUP:
1090 }
1093 {
1094 mp_sign sa;
1102 /* If they're both zero or positive, the normal comparison applies; if both
1103 negative, the sense is reversed. */
1106 else
1109 }
1113 else
1115 }
1116 }
1119 {
1123 }
1126 {
1133 else
1135 }
1138 {
1148 }
1151 }
1152 }
1155 {
1160 else
1162 }
1165 {
1166 mp_result res;
1167 mp_size um;
1168 mp_int s;
1173 /* Zero moduli and negative exponents are not considered. */
1186 }
1189 }
1202 }
1205 {
1206 mpz_t vtmp;
1212 }
1216 {
1217 mpz_t vtmp;
1223 }
1226 {
1227 mp_result res;
1228 mp_size um;
1229 mp_int s;
1234 /* Zero moduli and negative exponents are not considered. */
1246 }
1249 }
1260 }
1263 {
1267 }
1270 {
1271 mp_result res;
1272 mp_sign sa;
1291 }
1293 /* It is first necessary to constrain the value to the proper range */
1297 /* Now, if 'a' was originally negative, the value we have is actually the
1298 magnitude of the negative representative; to get the positive value we
1299 have to subtract from the modulus. Otherwise, the value is okay as it
1300 stands.
1301 */
1304 else
1309 }
1311 /* Binary GCD algorithm due to Josef Stein, 1961 */
1313 {
1316 mp_result res;
1343 }
1348 }
1352 }
1360 }
1364 }
1371 }
1378 CLEANUP:
1384 }
1386 /* This is the binary GCD algorithm again, but this time we keep track of the
1387 elementary matrix operations as we go, so we can get values x and y
1388 satisfying c = ax + by.
1389 */
1392 {
1394 mp_result res;
1407 }
1411 }
1413 /* Initialize temporaries:
1414 A:0, B:1, C:2, D:3, u:4, v:5, ou:6, ov:7 */
1423 /* We will work with absolute values here */
1433 }
1447 }
1451 }
1461 }
1465 }
1471 }
1476 }
1485 }
1488 }
1491 }
1492 }
1496 }
1499 {
1500 mpz_t lcm;
1501 mp_result res;
1505 /* Since a * b = gcd(a, b) * lcm(a, b), we can compute
1506 lcm(a, b) = (a / gcd(a, b)) * b.
1508 This formulation insures everything works even if the input
1509 variables share space.
1510 */
1522 CLEANUP:
1526 }
1529 {
1536 }
1539 {
1543 }
1545 /* Implementation of Newton's root finding method, based loosely on a patch
1546 contributed by Hal Finkel <half@halssoftware.com>
1547 modified by M. J. Fromberger.
1548 */
1550 {
1559 }
1563 else
1565 }
1597 }
1600 }
1605 /* If the original value of a was negative, flip the output sign. */
1611 }
1614 {
1616 mp_size uz;
1618 mp_sign sz;
1622 /* Make sure the value is representable as a small integer */
1635 }
1641 }
1644 {
1646 mp_size uz;
1648 mp_sign sz;
1652 /* Make sure the value is representable as an unsigned small integer */
1664 }
1670 }
1674 {
1675 mp_result res;
1685 }
1687 mpz_t tmp;
1696 }
1699 /* Generate digits in reverse order until finished or limit reached */
1701 mp_digit d;
1708 }
1711 /* Put digits back in correct output order */
1716 }
1719 }
1724 else
1726 }
1729 {
1739 /* Allow for sign marker on negatives */
1744 }
1746 /* Read zero-terminated string into z */
1748 {
1750 }
1753 {
1761 /* Skip leading whitespace */
1765 /* Handle leading sign tag (+/-, positive default) */
1776 }
1778 /* Skip leading zeroes */
1782 /* Make sure there is enough space for the value */
1792 }
1796 /* Override sign for zero, even if negative specified. */
1803 /* Return a truncation error if the string has unprocessed characters
1804 remaining, so the caller can tell if the whole string was done */
1807 else
1809 }
1812 {
1814 mp_digit d;
1829 }
1832 }
1835 {
1838 mp_result res;
1849 }
1852 {
1859 /* Figure out how many digits are needed to represent this value */
1866 /* If the high-order bit is set, take the 2's complement before reading the
1867 value (it will be restored afterward) */
1871 }
1877 }
1879 /* Restore 2's complement if we took it before */
1884 }
1887 {
1896 /* If the highest-order bit falls exactly on a byte boundary, we need to pad
1897 with an extra byte so that the sign will be read correctly when reading it
1898 back in. */
1903 }
1906 {
1912 }
1915 {
1921 /* Figure out how many digits are needed to represent this value */
1931 }
1934 }
1937 {
1947 }
1950 {
1957 ;
1961 else
1963 }
1965 /*------------------------------------------------------------------------*/
1966 /* Private functions for internal use. These make assumptions. */
1969 {
1973 #if DEBUG > 1
1974 {
1980 }
1981 #endif
1984 }
1987 {
1988 #if DEBUG > 1
1996 #else
2000 #endif
2002 }
2005 {
2007 }
2010 {
2020 }
2026 }
2029 }
2031 /* Note: This will not work correctly when value == MP_SMALL_MIN */
2033 {
2038 }
2041 {
2048 }
2051 {
2059 }
2062 }
2065 {
2075 }
2076 }
2079 }
2082 {
2089 else
2091 }
2094 {
2097 }
2100 {
2101 mpz_t vtmp;
2106 }
2110 {
2111 mp_size pos;
2114 /* Insure that da is the longer of the two to simplify later code */
2118 }
2120 /* Add corresponding digits until the shorter number runs out */
2125 }
2127 /* Propagate carries as far as necessary */
2133 }
2135 /* Return carry out */
2137 }
2141 {
2142 mp_size pos;
2145 /* We assume that |a| >= |b| so this should definitely hold */
2148 /* Subtract corresponding digits and propagate borrow */
2155 }
2157 /* Finish the subtraction for remaining upper digits of da */
2164 }
2166 /* If there is a borrow out at the end, it violates the precondition */
2168 }
2172 {
2173 mp_size bot_size;
2175 /* Make sure b is the smaller of the two input values */
2179 }
2181 /* Insure that the bottom is the larger half in an odd-length split; the code
2182 below relies on this being true.
2183 */
2186 /* If the values are big enough to bother with recursion, use the Karatsuba
2187 algorithm to compute the product; otherwise use the normal multiplication
2188 algorithm
2189 */
2203 /* Do a single allocation for all three temporary buffers needed; each
2204 buffer must be big enough to hold the product of two bottom halves, and
2205 one buffer needs space for the completed product; twice the space is
2206 plenty.
2207 */
2213 /* t1 and t2 are initially used as temporaries to compute the inner product
2214 (a1 + a0)(b1 + b0) = a1b1 + a1b0 + a0b1 + a0b0
2215 */
2224 /* Now we'll get t1 = a0b0 and t2 = a1b1, and subtract them out so that
2225 we're left with only the pieces we want: t3 = a1b0 + a0b1
2226 */
2232 /* Subtract out t1 and t2 to get the inner product */
2236 /* Assemble the output value */
2247 }
2250 }
2253 }
2257 {
2259 mp_word w;
2274 }
2277 }
2278 }
2281 {
2299 /* Quick multiply t3 by 2, shifting left (can't overflow) */
2300 {
2309 }
2311 }
2313 /* Assemble the output value */
2325 }
2328 }
2331 }
2334 {
2336 mp_word w;
2344 /* Take care of the first digit, no rollover */
2354 /* Check if doubling t will overflow a word */
2360 /* Check if adding u to w will overflow a word */
2371 }
2372 }
2379 }
2382 }
2383 }
2386 {
2400 }
2405 }
2406 }
2409 {
2419 }
2424 }
2425 }
2428 {
2437 }
2441 }
2444 {
2455 }
2458 }
2461 }
2465 }
2468 {
2473 mp_size mark;
2479 }
2487 }
2501 }
2504 }
2508 }
2511 {
2520 }
2521 }
2524 {
2534 /* Figure out if we need an extra digit at the top end; this occurs if the
2535 topmost `rest' bits of the high-order digit of z are not zero, meaning
2536 they will be shifted off the end if not preserved */
2543 }
2548 /* If we need to shift by whole digits, do that in one pass, then
2549 to back and shift by partial digits.
2550 */
2560 }
2569 }
2575 }
2576 }
2582 }
2584 /* Compute z = 2^p2 - |z|; requires that 2^p2 >= |z|
2585 The sign of the result is always zero/positive.
2586 */
2588 {
2601 }
2612 }
2615 {
2625 }
2631 }
2634 }
2637 {
2646 }
2653 }
2656 }
2659 {
2675 }
2678 {
2685 }
2687 /* These multiplications can't fail */
2691 }
2694 }
2697 {
2705 }
2708 {
2717 /* Compute q2 = floor((floor(x / b^(k-1)) * mu) / b^(k+1)) */
2722 /* Set x = x mod b^(k+1) */
2725 /* Now, q is a guess for the quotient a / m.
2726 Compute x - q * m mod b^(k+1), replacing x. This may be off
2727 by a factor of 2m, but no more than that.
2728 */
2733 /* The result may be < 0; if it is, add b^(k+1) to pin it in the proper
2734 range. */
2738 /* If x > m, we need to back it off until it is in range. This will be
2739 required at most twice. */
2744 }
2746 /* At this point, x has been properly reduced. */
2748 }
2750 /* Perform modular exponentiation using Barrett's method, where mu is the
2751 reduction constant for m. Assumes a < m, b > 0. */
2753 {
2755 mp_result res;
2763 }
2767 /* Take care of low-order digits */
2773 /* The use of a second temporary avoids allocation */
2777 }
2779 }
2786 }
2789 }
2792 }
2794 /* Take care of highest-order digit */
2801 }
2803 }
2811 }
2813 }
2817 }
2819 #if 0
2820 /*
2821 The s_udiv function produces incorrect results. For example, with test
2822 div:11141460315522012760862883825:48318382095:0,230584300062375935
2823 commenting out the function for now and using s_udiv_knuth instead.
2824 STATIC mp_result s_udiv(mp_int a, mp_int b);
2825 */
2826 /* Precondition: a >= b and b > 0
2827 Postcondition: a' = a / b, b' = a % b
2828 */
2830 {
2837 /* Force signs to positive */
2841 /* Normalize, per Knuth */
2855 /* Solve for quotient digits, store in q.digits in reverse order */
2867 }
2870 mp_word qdigit;
2876 }
2881 }
2888 }
2896 }
2897 }
2899 /* Put quotient digits in the correct order, and discard extra zeroes */
2904 /* Denormalize the remainder */
2913 CLEANUP:
2916 }
2917 #endif
2919 /* Division of nonnegative integers
2921 This function implements division algorithm for unsigned multi-precision
2922 integers. The algorithm is based on Algorithm D from Knuth's "The Art of
2923 Computer Programming", 3rd ed. 1998, pg 272-273.
2925 We diverge from Knuth's algorithm in that we do not perform the subtraction
2926 from the remainder until we have determined that we have the correct
2927 quotient digit. This makes our algorithm less efficient that Knuth because
2928 we might have to perform multiple multiplication and comparison steps before
2929 the subtraction. The advantage is that it is easy to implement and ensure
2930 correctness without worrying about underflow from the subtraction.
2932 inputs: u a n+m digit integer in base b (b is 2^MP_DIGIT_BIT)
2933 v a n digit integer in base b (b is 2^MP_DIGIT_BIT)
2934 n >= 1
2935 m >= 0
2936 outputs: u / v stored in u
2937 u % v stored in v
2938 */
2941 mp_result
2946 /* Force signs to positive */
2950 /* Use simple division algorithm when v is only one digit long */
2957 }
2959 /************************************************************/
2960 /* Algorithm D */
2961 /************************************************************/
2962 /* The n and m variables are defined as used by Knuth.
2963 u is an n digit number with digits u_{n-1}..u_0.
2964 v is an n+m digit number with digits from v_{m+n-1}..v_0.
2965 We require that n > 1 and m >= 0 */
2971 /************************************************************/
2972 /* D1: Normalize.
2973 The normalization step provides the necessary condition for Theorem B,
2974 which states that the quotient estimate for q_j, call it qhat
2976 qhat = u_{j+n}u_{j+n-1} / v_{n-1}
2978 is bounded by
2980 qhat - 2 <= q_j <= qhat.
2982 That is, qhat is always greater than the actual quotient digit q,
2983 and it is never more than two larger than the actual quotient digit. */
2986 /* Extend size of u by one if needed.
2988 The algorithm begins with a value of u that has one more digit of input.
2989 The normalization step sets u_{m+n}..u_0 = 2^k * u_{m+n-1}..u_0. If the
2990 multiplication did not increase the number of digits of u, we need to add
2991 a leading zero here.
2992 */
2998 }
3000 /* Add a leading 0 to v.
3002 The multiplication in step D4 multiplies qhat * 0v_{n-1}..v_0. We need to
3003 add the leading zero to v here to ensure that the multiplication will
3004 produce the full n+1 digit result. */
3007 /* Initialize temporary variables q and t.
3008 q allocates space for m+1 digits to store the quotient digits
3009 t allocates space for n+1 digits to hold the result of q_j*v */
3013 /************************************************************/
3014 /* D2: Initialize j */
3022 /* Calculate the m+1 digits of the quotient result */
3024 /************************************************************/
3025 /* D3: Calculate q' */
3026 /* r->digits is aligned to position j of the number u */
3034 /* Check to see if qhat > b, and decrease qhat if so.
3035 Theorem B guarantess that qhat is at most 2 larger than the
3036 actual value, so it is possible that qhat is greater than
3037 the maximum value that will fit in a digit */
3041 /************************************************************/
3042 /* D4,D5,D6: Multiply qhat * v and test for a correct value of q
3044 We proceed a bit different than the way described by Knuth. This way is
3045 simpler but less efficent. Instead of doing the multiply and subtract
3046 then checking for underflow, we first do the multiply of qhat * v and
3047 see if it is larger than the current remainder r. If it is larger, we
3048 decrease qhat by one and try again. We may need to decrease qhat one
3049 more time before we get a value that is smaller than r.
3051 This way is less efficent than Knuth becuase we do more multiplies, but
3052 we do not need to worry about underflow this way. */
3053 /* t = qhat * v */
3057 /* Clamp r for the comparison. Comparisons do not like leading zeros. */
3068 }
3070 }
3071 /* Unclamp r. The D algorithm expects r = u_{j+n}..u_j to always be n+1
3072 digits long. */
3075 /************************************************************/
3076 /* D4: Multiply and subtract */
3077 /* note: The multiply was completed above so we only need to subtract here.
3078 **/
3081 /************************************************************/
3082 /* D5: Test remainder */
3083 /* note: Not needed because we always check that qhat is the correct value
3084 * before performing the subtract.
3085 * Value cast to mp_digit to prevent warning, qhat has been clamped to MP_DIGIT_MAX */
3088 /************************************************************/
3089 /* D6: Add back */
3090 /* note: Not needed because we always check that qhat is the correct value
3091 * before performing the subtract. */
3093 /************************************************************/
3094 /* D7: Loop on j */
3097 }
3099 /* Get rid of leading zeros in q */
3103 /* Denormalize the remainder */
3112 CLEANUP:
3115 }
3118 {
3119 mp_result bits;
3128 }
3131 {
3136 }
3139 {
3146 else
3150 }
3153 {
3163 else
3165 }
3166 }
3169 {
3181 }
3183 /* last carry out is ignored */
3184 }
3187 {
3188 mp_size uz;
3201 /* Don't write leading zeroes */
3204 }
3206 /* Detect truncation (loop exited with pos >= limit) */
3210 }
3215 else
3217 }
3219 /* Digits are in reverse order, fix that */
3222 /* Return the number of bytes actually written */
3226 }
3228 #if DEBUG
3230 {
3241 }
3244 {
3253 }
3254 #endif
3256 /* Here there be dragons */