# Finite Field Arithmetic

------------------------------------------------------------------------------
------------------------------------------------------------------------------
-- This file is part of 'Finite Field Arithmetic', aka 'FFA'.               --
--                                                                          --
-- (C) 2019 Stanislav Datskovskiy ( www.loper-os.org )                      --
-- http://wot.deedbot.org/17215D118B7239507FAFED98B98228A001ABFFC7.html     --
--                                                                          --
-- You do not have, nor can you ever acquire the right to use, copy or      --
-- distribute this software ; Should you use this software for any purpose, --
-- or copy and distribute it to anyone or in any manner, you are breaking   --
-- the laws of whatever soi-disant jurisdiction, and you promise to         --
-- continue doing so for the indefinite future. In any case, please         --
-- always : read and understand any software ; verify any PGP signatures    --
-- that you use - for any purpose.                                          --
--                                                                          --
------------------------------------------------------------------------------
------------------------------------------------------------------------------
19
with Words;    use Words;
with Word_Ops; use Word_Ops;
with W_Mul;    use W_Mul;
with FZ_Arith; use FZ_Arith;
with FZ_Mul;   use FZ_Mul;
25
26
-- "Low Multiplication" computes only the bottom half of the product XY.
-- Presently, it is used solely in Barrett's Modular Reduction.
29
package body FZ_LoMul is
31
-- Low-Only Comba's multiplier. (CAUTION: UNBUFFERED)
procedure FZ_Low_Mul_Comba(X     : in  FZ;
Y     : in  FZ;
XY    : out FZ) is
36
-- Words in each multiplicand (and also in the half-product)
L : constant Word_Index := X'Length;
39
-- 3-word Accumulator
A2, A1, A0 : Word := 0;
42
begin
44
-- Compute the lower half of the Product, which is all we want:
for N in 0 .. L - 1 loop
47
-- Compute the Nth (indexed from zero) column of the Half-Product
declare
50
-- The outputs of a Word multiplication
Lo, Hi : Word;
53
-- Carry for the Accumulator addition
C      : WBool;
56
-- Sum for Accumulator addition
Sum    : Word;
59
begin
61
-- For lower half of XY, will go from 0 to N
-- For upper half of XY, will go from N - L + 1 to L - 1
for j in 0 .. N loop
65
-- Hi:Lo := j-th Word of X  *  (N - j)-th Word of Y
Mul_Word(X(X'First + j),
Y(Y'First - j + N),
Lo, Hi);
70
-- Now add Hi:Lo into the Accumulator:
72
-- A0 += Lo; C := Carry
Sum := A0 + Lo;
C   := W_Carry(A0, Lo, Sum);
A0  := Sum;
77
-- A1 += Hi + C; C := Carry
Sum := A1 + Hi + C;
C   := W_Carry(A1, Hi, Sum);
A1  := Sum;
82
-- A2 += A2 + C
A2  := A2 + C;
85
end loop;
87
-- We now have the Nth (indexed from zero) word of XY
XY(XY'First + N) := A0;
90
-- Right-Shift the Accumulator by one Word width:
A0 := A1;
A1 := A2;
A2 := 0;
end;
96
end loop;
98
end FZ_Low_Mul_Comba;
100
101
-- Low-Only Multiplier. (CAUTION: UNBUFFERED)
procedure Low_Mul(X  : in  FZ;
Y  : in  FZ;
XY : out FZ) is
106
-- L is the wordness of a multiplicand. Guaranteed to be a power of two.
L : constant Word_Count := X'Length;
109
-- K is HALF of the length of a multiplicand.
K : constant Word_Index := L / 2;
112
-- A 'KSeg' is the same length as HALF of a multiplicand.
subtype KSeg is FZ(1 .. K);
115
-- The two K-sized variables of the half-product equation:
LH, HL : KSeg;
118
-- Bottom and Top K-sized halves of the multiplicand X.
XLo        : KSeg  renames    X(  X'First       ..   X'Last - K );
XHi        : KSeg  renames    X(  X'First + K   ..   X'Last     );
122
-- Bottom and Top K-sized halves of the multiplicand Y.
YLo        : KSeg  renames    Y(  Y'First       ..   Y'Last - K );
YHi        : KSeg  renames    Y(  Y'First + K   ..   Y'Last     );
126
-- Top K-sized half of the half-product XY.
XYHi       : KSeg  renames   XY( XY'First + K   ..  XY'Last     );
129
-- Carry from individual term additions.
C          : WBool;
pragma Unreferenced(C);
133
begin
135
-- Recurse to FULL-width multiplication: XY := XLo * YLo
FZ_Multiply_Unbuffered(XLo, YLo, XY);
138
-- Recurse to HALF-width multiplication: LH := XLo * YHi
FZ_Low_Multiply_Unbuffered(XLo, YHi, LH);
141
-- Recurse to HALF-width multiplication: HL := XHi * YLo
FZ_Low_Multiply_Unbuffered(XHi, YLo, HL);
144
-- XY += 2^(K * Bitness) * LH
FZ_Add_D(X => XYHi, Y => LH, Overflow => C);
147
-- XY += 2^(K * Bitness) * HL
FZ_Add_D(X => XYHi, Y => HL, Overflow => C);
150
end Low_Mul;
-- CAUTION: Inlining prohibited for Low_Mul !
153
154
-- Low-Only Multiplier. (CAUTION: UNBUFFERED)
procedure FZ_Low_Multiply_Unbuffered(X     : in  FZ;
Y     : in  FZ;
XY    : out FZ) is
159
-- The length of either multiplicand
L : constant Word_Count := X'Length;
162
begin
164
if L <= Low_Mul_Thresh then
166
-- Base case:
FZ_Low_Mul_Comba(X, Y, XY);
169
else
171
-- Recursive case:
Low_Mul(X, Y, XY);
174
end if;
176
end FZ_Low_Multiply_Unbuffered;
178
179
-- Low-Only Multiplier. Preserves the inputs.
procedure FZ_Low_Multiply_Buffered(X     : in  FZ;
Y     : in  FZ;
XY    : out FZ) is
184
-- Product buffer.
P : FZ(1 .. X'Length);
187
begin
189
FZ_Low_Multiply_Unbuffered(X, Y, P);
191
XY := P;
193
end FZ_Low_Multiply_Buffered;
195
end FZ_LoMul;