secp256k1Modinv64Normalize62 static method

void secp256k1Modinv64Normalize62(
  1. Secp256k1ModinvSigned r,
  2. BigInt sign,
  3. Secp256k1ModinvInfo modinfo
)

Implementation

static void secp256k1Modinv64Normalize62(
    Secp256k1ModinvSigned r, BigInt sign, Secp256k1ModinvInfo modinfo) {
  final BigInt m62 = Secp256k1Const.mask62;
  BigInt r0 = r[0], r1 = r[1], r2 = r[2], r3 = r[3], r4 = r[4];
  BigInt condAdd, condNegate;

  condAdd = (r4 >> 63).toSigned64;
  r0 = (r0 + (modinfo.modulus[0] & condAdd)).toSigned64;
  r1 = (r1 + (modinfo.modulus[1] & condAdd)).toSigned64;
  r2 = (r2 + (modinfo.modulus[2] & condAdd)).toSigned64;
  r3 = (r3 + (modinfo.modulus[3] & condAdd)).toSigned64;
  r4 = (r4 + (modinfo.modulus[4] & condAdd)).toSigned64;
  condNegate = sign >> 63;
  r0 = ((r0 ^ condNegate) - condNegate).toSigned64;
  r1 = ((r1 ^ condNegate) - condNegate).toSigned64;
  r2 = ((r2 ^ condNegate) - condNegate).toSigned64;
  r3 = ((r3 ^ condNegate) - condNegate).toSigned64;
  r4 = ((r4 ^ condNegate) - condNegate).toSigned64;

  /// Propagate the top bits, to bring limbs back to range (-2^62,2^62).
  r1 = (r1 + (r0 >> 62)).toSigned64;
  r0 = (r0 & m62).toSigned64;

  r2 = (r2 + (r1 >> 62)).toSigned64;
  r1 = (r1 & m62).toSigned64;

  r3 = (r3 + (r2 >> 62)).toSigned64;
  r2 = (r2 & m62).toSigned64;

  r4 = (r4 + (r3 >> 62)).toSigned64;
  r3 = (r3 & m62).toSigned64;

  condAdd = r4 >> 63;
  r0 = (r0 + (modinfo.modulus[0] & condAdd)).toSigned64;
  r1 = (r1 + (modinfo.modulus[1] & condAdd)).toSigned64;
  r2 = (r2 + (modinfo.modulus[2] & condAdd)).toSigned64;
  r3 = (r3 + (modinfo.modulus[3] & condAdd)).toSigned64;
  r4 = (r4 + (modinfo.modulus[4] & condAdd)).toSigned64;

  r1 = (r1 + (r0 >> 62)).toSigned64;
  r0 = (r0 & m62).toSigned64;

  r2 = (r2 + (r1 >> 62)).toSigned64;
  r1 = (r1 & m62).toSigned64;

  r3 = (r3 + (r2 >> 62)).toSigned64;
  r2 = (r2 & m62).toSigned64;

  r4 = (r4 + (r3 >> 62)).toSigned64;
  r3 = (r3 & m62).toSigned64;

  r[0] = r0;
  r[1] = r1;
  r[2] = r2;
  r[3] = r3;
  r[4] = r4;

  _cond(r0 >> 62 == BigInt.zero, "secp256k1Modinv64Normalize62");
  _cond(r1 >> 62 == BigInt.zero, "secp256k1Modinv64Normalize62");
  _cond(r2 >> 62 == BigInt.zero, "secp256k1Modinv64Normalize62");
  _cond(r3 >> 62 == BigInt.zero, "secp256k1Modinv64Normalize62");
  _cond(r4 >> 62 == BigInt.zero, "secp256k1Modinv64Normalize62");
  _cond(secp256k1Modinv64MulCmp62(r, 5, modinfo.modulus, BigInt.zero) >= 0,
      "secp256k1Modinv64Normalize62");
  _cond(secp256k1Modinv64MulCmp62(r, 5, modinfo.modulus, BigInt.one) < 0,
      "secp256k1Modinv64Normalize62");
}