Integrate changes to trait impls from pairing into ff_derive

2018-07-01 00:05:56 -04:00 · 2018-07-01 00:05:56 -04:00 · 5a48059a14
parent 29a9161981
commit 5a48059a14
1 changed files with 39 additions and 41 deletions
--- a/ff_derive/src/lib.rs
+++ b/ff_derive/src/lib.rs
@ -254,7 +254,7 @@ fn prime_field_repr_impl(repr: &syn::Ident, limbs: usize) -> proc_macro2::TokenS
            #[inline(always)]
            fn mul2(&mut self) {
                let mut last = 0;
-                for i in self.0.iter_mut() {
+                for i in &mut self.0 {
                    let tmp = *i >> 63;
                    *i <<= 1;
                    *i |= last;
@ -484,17 +484,14 @@ fn prime_field_constants_and_sqrt(
                        // Tonelli-Shank's algorithm for q mod 16 = 1
                        // https://eprint.iacr.org/2012/685.pdf (page 12, algorithm 5)

-                        if self.is_zero() {
-                            return Some(*self);
-                        }
-
-                        if self.pow(#mod_minus_1_over_2) != Self::one() {
-                            None
-                        } else {
-                            let mut c = #name(#repr(#root_of_unity));
+                        match self.legendre() {
+                            ::ff::LegendreSymbol::Zero => Some(*self),
+                            ::ff::LegendreSymbol::QuadraticNonResidue => None,
+                            ::ff::LegendreSymbol::QuadraticResidue => {
+                                let mut c = #name(ROOT_OF_UNITY);
                                let mut r = self.pow(#t_plus_1_over_2);
                                let mut t = self.pow(#t);
-                            let mut m = #s;
+                                let mut m = S;

                                while t != Self::one() {
                                    let mut i = 1;
@ -524,6 +521,7 @@ fn prime_field_constants_and_sqrt(
                        }
                    }
                }
+            }
        } else {
            quote!{}
        };
@ -681,23 +679,20 @@ fn prime_field_impl(
        }

        for i in 1..(limbs * 2) {
-            let k = get_temp(i);
+            let temp0 = get_temp(limbs * 2 - i);
+            let temp1 = get_temp(limbs * 2 - i - 1);

            if i == 1 {
                gen.extend(quote!{
-                    let tmp0 = #k >> 63;
-                    let #k = #k << 1;
+                    let #temp0 = #temp1 >> 63;
                });
            } else if i == (limbs * 2 - 1) {
                gen.extend(quote!{
-                    let #k = tmp0;
+                    let #temp0 = #temp0 << 1;
                });
            } else {
                gen.extend(quote!{
-                    let tmp1 = #k >> 63;
-                    let #k = #k << 1;
-                    let #k = #k | tmp0;
-                    let tmp0 = tmp1;
+                    let #temp0 = (#temp0 << 1) | (#temp1 >> 63);
                });
            }
        }
@ -796,6 +791,8 @@ fn prime_field_impl(
        proc_macro2::Punct::new(',', proc_macro2::Spacing::Alone),
    );

+    let top_limb_index = limbs - 1;
+
    quote!{
        impl Copy for #name { }

@ -846,9 +843,10 @@ fn prime_field_impl(
            fn rand<R: ::rand::Rng>(rng: &mut R) -> Self {
                loop {
                    let mut tmp = #name(#repr::rand(rng));
-                    for _ in 0..REPR_SHAVE_BITS {
-                        tmp.0.div2();
-                    }
+
+                    // Mask away the unused bits at the beginning.
+                    tmp.0.as_mut()[#top_limb_index] &= 0xffffffffffffffff >> REPR_SHAVE_BITS;
+
                    if tmp.is_valid() {
                        return tmp
                    }