Longfellow ZK 0290cb32
Loading...
Searching...
No Matches
fp.h
1// Copyright 2025 Google LLC.
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15#ifndef PRIVACY_PROOFS_ZK_LIB_ALGEBRA_FP_H_
16#define PRIVACY_PROOFS_ZK_LIB_ALGEBRA_FP_H_
17
18#include <cstddef>
19
20#include "algebra/fp_generic.h"
21#include "algebra/sysdep.h"
22
23namespace proofs {
24
25/*
26The FpReduce structure factors out the main routine for performing modular
27reduction wrt to a Montgomery-represented field element in the FpGeneric
28class. This struct contains a generic reduction step that always works,
29but it can be specialized for certain primes to achieve better efficiency as
30done with our 128- and 256- bit fields.
31*/
32struct FpReduce {
33 template <class limb_t, class N>
34 static inline void reduction_step(limb_t a[], limb_t mprime, const N& m) {
35 constexpr size_t kLimbs = N::kLimbs;
36 if (kLimbs == 1) {
37 // The general case (below) represents the (kLimbs+1)-word product as
38 // L+(H<<64), where in general L and H overlap, requiring
39 // two additions. For kLimbs==1, L and H do not overlap, and we can
40 // interpret [L, H] as a single double-precision number.
41 limb_t lh[2];
42 limb_t r = mprime * a[0];
43 mulhl(1, lh, lh + 1, r, m.limb_);
44 accum(3, a, 2, lh);
45 } else {
46 limb_t l[kLimbs], h[kLimbs];
47 limb_t r = mprime * a[0];
48 mulhl(kLimbs, l, h, r, m.limb_);
49 accum(kLimbs + 2, a, kLimbs, l);
50 accum(kLimbs + 1, a + 1, kLimbs, h);
51 }
52 }
53};
54
55template <size_t W, bool optimized_mul = false>
56using Fp = FpGeneric<W, optimized_mul, FpReduce>;
57} // namespace proofs
58
59#endif // PRIVACY_PROOFS_ZK_LIB_ALGEBRA_FP_H_
proofs::FpGeneric
Definition fp_generic.h:36
proofs::FpReduce
Definition fp.h:32
Generated by doxygen 1.15.0