JubJubFq.montgomeryReduce constructor
JubJubFq.montgomeryReduce()
Implementation
factory JubJubFq.montgomeryReduce(
BigInt r0,
BigInt r1,
BigInt r2,
BigInt r3,
BigInt r4,
BigInt r5,
BigInt r6,
BigInt r7,
) {
BigInt k = (r0 * JubJubFqConst.inv).toU64;
var tmp = BigintUtils.mac(
r0,
k,
JubJubFqConst.modulus.limbs[0],
BigInt.zero,
);
var carry = tmp[1];
tmp = BigintUtils.mac(r1, k, JubJubFqConst.modulus.limbs[1], carry);
r1 = tmp[0];
carry = tmp[1];
tmp = BigintUtils.mac(r2, k, JubJubFqConst.modulus.limbs[2], carry);
r2 = tmp[0];
carry = tmp[1];
tmp = BigintUtils.mac(r3, k, JubJubFqConst.modulus.limbs[3], carry);
r3 = tmp[0];
carry = tmp[1];
var r4New = BigintUtils.adc(r4, BigInt.zero, carry);
r4 = r4New[0];
var carry2 = r4New[1];
// Step 2
k = (r1 * JubJubFqConst.inv).toU64;
tmp = BigintUtils.mac(r1, k, JubJubFqConst.modulus.limbs[0], BigInt.zero);
carry = tmp[1];
tmp = BigintUtils.mac(r2, k, JubJubFqConst.modulus.limbs[1], carry);
r2 = tmp[0];
carry = tmp[1];
tmp = BigintUtils.mac(r3, k, JubJubFqConst.modulus.limbs[2], carry);
r3 = tmp[0];
carry = tmp[1];
tmp = BigintUtils.mac(r4, k, JubJubFqConst.modulus.limbs[3], carry);
r4 = tmp[0];
carry = tmp[1];
var r5New = BigintUtils.adc(r5, carry2, carry);
r5 = r5New[0];
carry2 = r5New[1];
// Step 3
k = (r2 * JubJubFqConst.inv).toU64;
tmp = BigintUtils.mac(r2, k, JubJubFqConst.modulus.limbs[0], BigInt.zero);
carry = tmp[1];
tmp = BigintUtils.mac(r3, k, JubJubFqConst.modulus.limbs[1], carry);
r3 = tmp[0];
carry = tmp[1];
tmp = BigintUtils.mac(r4, k, JubJubFqConst.modulus.limbs[2], carry);
r4 = tmp[0];
carry = tmp[1];
tmp = BigintUtils.mac(r5, k, JubJubFqConst.modulus.limbs[3], carry);
r5 = tmp[0];
carry = tmp[1];
var r6New = BigintUtils.adc(r6, carry2, carry);
r6 = r6New[0];
carry2 = r6New[1];
// Step 4
k = (r3 * JubJubFqConst.inv).toU64;
tmp = BigintUtils.mac(r3, k, JubJubFqConst.modulus.limbs[0], BigInt.zero);
carry = tmp[1];
tmp = BigintUtils.mac(r4, k, JubJubFqConst.modulus.limbs[1], carry);
r4 = tmp[0];
carry = tmp[1];
tmp = BigintUtils.mac(r5, k, JubJubFqConst.modulus.limbs[2], carry);
r5 = tmp[0];
carry = tmp[1];
tmp = BigintUtils.mac(r6, k, JubJubFqConst.modulus.limbs[3], carry);
r6 = tmp[0];
carry = tmp[1];
var r7New = BigintUtils.adc(r7, carry2, carry);
r7 = r7New[0];
return JubJubFq([r4, r5, r6, r7]).sub(JubJubFqConst.modulus);
}