| Austin Schuh | dace2a6 | 2020-08-18 10:56:48 -0700 | [diff] [blame] | 1 | /* mpz_lucas_mod -- Helper function for the strong Lucas |
| 2 | primality test. |
| 3 | |
| 4 | THE FUNCTIONS IN THIS FILE ARE FOR INTERNAL USE ONLY. THEY'RE ALMOST |
| 5 | CERTAIN TO BE SUBJECT TO INCOMPATIBLE CHANGES OR DISAPPEAR COMPLETELY IN |
| 6 | FUTURE GNU MP RELEASES. |
| 7 | |
| 8 | Copyright 2018 Free Software Foundation, Inc. |
| 9 | |
| 10 | Contributed by Marco Bodrato. |
| 11 | |
| 12 | This file is part of the GNU MP Library. |
| 13 | |
| 14 | The GNU MP Library is free software; you can redistribute it and/or modify |
| 15 | it under the terms of either: |
| 16 | |
| 17 | * the GNU Lesser General Public License as published by the Free |
| 18 | Software Foundation; either version 3 of the License, or (at your |
| 19 | option) any later version. |
| 20 | |
| 21 | or |
| 22 | |
| 23 | * the GNU General Public License as published by the Free Software |
| 24 | Foundation; either version 2 of the License, or (at your option) any |
| 25 | later version. |
| 26 | |
| 27 | or both in parallel, as here. |
| 28 | |
| 29 | The GNU MP Library is distributed in the hope that it will be useful, but |
| 30 | WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY |
| 31 | or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| 32 | for more details. |
| 33 | |
| 34 | You should have received copies of the GNU General Public License and the |
| 35 | GNU Lesser General Public License along with the GNU MP Library. If not, |
| 36 | see https://www.gnu.org/licenses/. */ |
| 37 | |
| 38 | #include "gmp-impl.h" |
| 39 | |
| 40 | /* Computes V_{k+1}, Q^{k+1} (mod n) for the Lucas' sequence */ |
| 41 | /* with P=1, Q=Q; k = n>>b0. */ |
| 42 | /* Requires n > 4; b0 > 0; -2*Q must not overflow a long. */ |
| 43 | /* If U_{k+1}==0 (mod n) or V_{k+1}==0 (mod n), it returns 1, */ |
| 44 | /* otherwise it returns 0 and sets V=V_{k+1} and Qk=Q^{k+1}. */ |
| 45 | /* V will never grow beyond SIZ(n), Qk not beyond 2*SIZ(n). */ |
| 46 | int |
| 47 | mpz_lucas_mod (mpz_ptr V, mpz_ptr Qk, long Q, |
| 48 | mp_bitcnt_t b0, mpz_srcptr n, mpz_ptr T1, mpz_ptr T2) |
| 49 | { |
| 50 | mp_bitcnt_t bs; |
| 51 | int res; |
| 52 | |
| 53 | ASSERT (b0 > 0); |
| 54 | ASSERT (SIZ (n) > 1 || SIZ (n) > 0 && PTR (n) [0] > 4); |
| 55 | |
| 56 | mpz_set_ui (V, 1); /* U1 = 1 */ |
| 57 | bs = mpz_sizeinbase (n, 2) - 2; |
| 58 | if (UNLIKELY (bs < b0)) |
| 59 | { |
| 60 | /* n = 2^b0 - 1, should we use Lucas-Lehmer instead? */ |
| 61 | ASSERT (bs == b0 - 2); |
| 62 | mpz_set_si (Qk, Q); |
| 63 | return 0; |
| 64 | } |
| 65 | mpz_set_ui (Qk, 1); /* U2 = 1 */ |
| 66 | |
| 67 | do |
| 68 | { |
| 69 | /* We use the iteration suggested in "Elementary Number Theory" */ |
| 70 | /* by Peter Hackman (November 1, 2009), section "L.XVII Scalar */ |
| 71 | /* Formulas", from http://hackmat.se/kurser/TATM54/booktot.pdf */ |
| 72 | /* U_{2k} = 2*U_{k+1}*U_k - P*U_k^2 */ |
| 73 | /* U_{2k+1} = U_{k+1}^2 - Q*U_k^2 */ |
| 74 | /* U_{2k+2} = P*U_{k+1}^2 - 2*Q*U_{k+1}*U_k */ |
| 75 | /* We note that U_{2k+2} = P*U_{2k+1} - Q*U_{2k} */ |
| 76 | /* The formulas are specialized for P=1, and only squares: */ |
| 77 | /* U_{2k} = U_{k+1}^2 - |U_{k+1} - U_k|^2 */ |
| 78 | /* U_{2k+1} = U_{k+1}^2 - Q*U_k^2 */ |
| 79 | /* U_{2k+2} = U_{2k+1} - Q*U_{2k} */ |
| 80 | mpz_mul (T1, Qk, Qk); /* U_{k+1}^2 */ |
| 81 | mpz_sub (Qk, V, Qk); /* |U_{k+1} - U_k| */ |
| 82 | mpz_mul (T2, Qk, Qk); /* |U_{k+1} - U_k|^2 */ |
| 83 | mpz_mul (Qk, V, V); /* U_k^2 */ |
| 84 | mpz_sub (T2, T1, T2); /* U_{k+1}^2 - (U_{k+1} - U_k)^2 */ |
| 85 | if (Q > 0) /* U_{k+1}^2 - Q U_k^2 = U_{2k+1} */ |
| 86 | mpz_submul_ui (T1, Qk, Q); |
| 87 | else |
| 88 | mpz_addmul_ui (T1, Qk, NEG_CAST (unsigned long, Q)); |
| 89 | |
| 90 | /* A step k->k+1 is performed if the bit in $n$ is 1 */ |
| 91 | if (mpz_tstbit (n, bs)) |
| 92 | { |
| 93 | /* U_{2k+2} = U_{2k+1} - Q*U_{2k} */ |
| 94 | mpz_mul_si (T2, T2, Q); |
| 95 | mpz_sub (T2, T1, T2); |
| 96 | mpz_swap (T1, T2); |
| 97 | } |
| 98 | mpz_tdiv_r (Qk, T1, n); |
| 99 | mpz_tdiv_r (V, T2, n); |
| 100 | } while (--bs >= b0); |
| 101 | |
| 102 | res = SIZ (Qk) == 0; |
| 103 | if (!res) { |
| 104 | mpz_mul_si (T1, V, -2*Q); |
| 105 | mpz_add (T1, Qk, T1); /* V_k = U_k - 2Q*U_{k-1} */ |
| 106 | mpz_tdiv_r (V, T1, n); |
| 107 | res = SIZ (V) == 0; |
| 108 | if (!res && b0 > 1) { |
| 109 | /* V_k and Q^k will be needed for further check, compute them. */ |
| 110 | /* FIXME: Here we compute V_k^2 and store V_k, but the former */ |
| 111 | /* will be recomputed by the calling function, shoul we store */ |
| 112 | /* that instead? */ |
| 113 | mpz_mul (T2, T1, T1); /* V_k^2 */ |
| 114 | mpz_mul (T1, Qk, Qk); /* P^2 U_k^2 = U_k^2 */ |
| 115 | mpz_sub (T2, T2, T1); |
| 116 | ASSERT (SIZ (T2) == 0 || PTR (T2) [0] % 4 == 0); |
| 117 | mpz_tdiv_q_2exp (T2, T2, 2); /* (V_k^2 - P^2 U_k^2) / 4 */ |
| 118 | if (Q > 0) /* (V_k^2 - (P^2 -4Q) U_k^2) / 4 = Q^k */ |
| 119 | mpz_addmul_ui (T2, T1, Q); |
| 120 | else |
| 121 | mpz_submul_ui (T2, T1, NEG_CAST (unsigned long, Q)); |
| 122 | mpz_tdiv_r (Qk, T2, n); |
| 123 | } |
| 124 | } |
| 125 | |
| 126 | return res; |
| 127 | } |