hurchalla
diff --git a/‎montgomery_arithmetic/CMakeLists.txt‎
Lines changed: 1 addition & 0 deletions b/‎montgomery_arithmetic/CMakeLists.txt‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎montgomery_arithmetic/include/hurchalla/montgomery_arithmetic/detail/MontyFullRange.h‎
Lines changed: 25 additions & 24 deletions b/‎montgomery_arithmetic/include/hurchalla/montgomery_arithmetic/detail/MontyFullRange.h‎
Lines changed: 25 additions & 24 deletions
diff --git a/‎montgomery_arithmetic/include/hurchalla/montgomery_arithmetic/detail/MontyHalfRange.h‎
Lines changed: 17 additions & 4 deletions b/‎montgomery_arithmetic/include/hurchalla/montgomery_arithmetic/detail/MontyHalfRange.h‎
Lines changed: 17 additions & 4 deletions
diff --git a/‎montgomery_arithmetic/include/hurchalla/montgomery_arithmetic/detail/MontyQuarterRange.h‎
Lines changed: 17 additions & 4 deletions b/‎montgomery_arithmetic/include/hurchalla/montgomery_arithmetic/detail/MontyQuarterRange.h‎
Lines changed: 17 additions & 4 deletions
diff --git a/‎montgomery_arithmetic/include/hurchalla/montgomery_arithmetic/detail/MontyWrappedStandardMath.h‎
Lines changed: 17 additions & 4 deletions b/‎montgomery_arithmetic/include/hurchalla/montgomery_arithmetic/detail/MontyWrappedStandardMath.h‎
Lines changed: 17 additions & 4 deletions
diff --git a/‎montgomery_arithmetic/include/hurchalla/montgomery_arithmetic/detail/experimental/MontyFullRangeMasked.h‎
Lines changed: 14 additions & 1 deletion b/‎montgomery_arithmetic/include/hurchalla/montgomery_arithmetic/detail/experimental/MontyFullRangeMasked.h‎
Lines changed: 14 additions & 1 deletion
diff --git a/‎montgomery_arithmetic/include/hurchalla/montgomery_arithmetic/detail/experimental/montgomery_pow_2kary/experimental_montgomery_pow_2kary.h‎
Lines changed: 16 additions & 0 deletions b/‎montgomery_arithmetic/include/hurchalla/montgomery_arithmetic/detail/experimental/montgomery_pow_2kary/experimental_montgomery_pow_2kary.h‎
Lines changed: 16 additions & 0 deletions
@@ -45,6 +45,7 @@ target_sources(hurchalla_montgomery_arithmetic INTERFACE
     $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include/hurchalla/montgomery_arithmetic/detail/experimental/unit_testing_helpers/ConcreteMontgomeryForm.h>
     $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include/hurchalla/montgomery_arithmetic/detail/platform_specific/montgomery_pow.h>
     $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include/hurchalla/montgomery_arithmetic/detail/platform_specific/montgomery_two_pow.h>
+    $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include/hurchalla/montgomery_arithmetic/detail/platform_specific/subtract_returning_difference_or_zero.h>
     $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include/hurchalla/montgomery_arithmetic/detail/platform_specific/two_times_restricted.h>
     $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include/hurchalla/montgomery_arithmetic/detail/platform_specific/quarterrange_get_canonical.h>
     $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include/hurchalla/montgomery_arithmetic/detail/platform_specific/halfrange_get_canonical.h>
 
@@ -13,6 +13,7 @@
 #include "hurchalla/montgomery_arithmetic/low_level_api/REDC.h"
 #include "hurchalla/montgomery_arithmetic/detail/MontyCommonBase.h"
 #include "hurchalla/montgomery_arithmetic/detail/MontyTags.h"
+#include "hurchalla/montgomery_arithmetic/detail/platform_specific/subtract_returning_difference_or_zero.h"
 #include "hurchalla/modular_arithmetic/modular_addition.h"
 #include "hurchalla/modular_arithmetic/modular_subtraction.h"
 #include "hurchalla/modular_arithmetic/absolute_value_difference.h"
@@ -40,14 +41,14 @@ struct MontyFRValueTypes {
     struct V : public BaseMontgomeryValue<T> {
         HURCHALLA_FORCE_INLINE V() = default;
 
-        template <int BITNUM> HURCHALLA_FORCE_INLINE
-        static V cselect_on_bit_ne0(uint64_t num, V v1, V v2)
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static V cselect_on_bit_ne0(uint64_t num, V v1, V v2)
         {
             T sel = ::hurchalla::cselect_on_bit<BITNUM>::ne_0(num, v1.get(), v2.get());
             return V(sel);
         }
-        template <int BITNUM> HURCHALLA_FORCE_INLINE
-        static V cselect_on_bit_eq0(uint64_t num, V v1, V v2)
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static V cselect_on_bit_eq0(uint64_t num, V v1, V v2)
         {
             T sel = ::hurchalla::cselect_on_bit<BITNUM>::eq_0(num, v1.get(), v2.get());
             return V(sel);
@@ -63,6 +64,19 @@ struct MontyFRValueTypes {
             { return x.get() == y.get(); }
         HURCHALLA_FORCE_INLINE friend bool operator!=(const C& x, const C& y)
             { return !(x == y); }
+
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static C cselect_on_bit_ne0(uint64_t num, C c1, C c2)
+        {
+            T sel = ::hurchalla::cselect_on_bit<BITNUM>::ne_0(num, c1.get(), c2.get());
+            return C(sel);
+        }
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static C cselect_on_bit_eq0(uint64_t num, C c1, C c2)
+        {
+            T sel = ::hurchalla::cselect_on_bit<BITNUM>::eq_0(num, c1.get(), c2.get());
+            return C(sel);
+        }
      protected:
         template <template<class> class, template<class> class, typename>
           friend class MontyCommonBase;
@@ -271,28 +285,15 @@ class MontyFullRange final :
 
         T minu, subt;
         hc::REDC_incomplete(minu, subt, u_hi, u_lo, n_, BC::inv_n_, PTAG());
-#if 1
-        T res = static_cast<T>(minu - subt);
-          // T subtrahend = (minu < subt) ? res : static_cast<T>(0);
-        T subtrahend = hc::conditional_select((minu < subt), res, static_cast<T>(0));
+#if 0
+        T diff = static_cast<T>(minu - subt);
+          // T subtrahend = (minu < subt) ? diff : static_cast<T>(0);
+        T subtrahend = hc::conditional_select((minu < subt), diff, static_cast<T>(0));
 #else
-        uint64_t minu_lo = static_cast<uint64_t>(minu);
-        uint64_t minu_hi = static_cast<uint64_t>(minu >> 64);
-        uint64_t subt_lo = static_cast<uint64_t>(subt);
-        uint64_t subt_hi = static_cast<uint64_t>(subt >> 64);
-        uint64_t reslo, reshi;
-        uint64_t subtrahend_lo, subtrahend_hi;
-        __asm__ ("subs %[reslo], %[minu_lo], %[subt_lo] \n\t"      /* res = minu - subt */
-                 "sbcs %[reshi], %[minu_hi], %[subt_hi] \n\t"
-                 "csel %[subtrahend_lo], %[reslo], xzr, lo \n\t"   /* res = (minu < subt) ? res : 0 */
-                 "csel %[subtrahend_hi], %[reshi], xzr, lo \n\t"
-                 : [reslo]"=&r"(reslo), [reshi]"=r"(reshi), [subtrahend_lo]"=r"(subtrahend_lo), [subtrahend_hi]"=r"(subtrahend_hi)
-                 : [minu_lo]"r"(minu_lo), [minu_hi]"r"(minu_hi), [subt_lo]"r"(subt_lo), [subt_hi]"r"(subt_hi)
-                 : "cc");
-        __uint128_t res = (static_cast<__uint128_t>(reshi) << 64) | reslo;
-        __uint128_t subtrahend = (static_cast<__uint128_t>(subtrahend_hi) << 64) | subtrahend_lo;
+        T diff;
+        T subtrahend = subtract_returning_difference_or_zero(diff, minu, subt);
 #endif
-        SV result(res, subtrahend);
+        SV result(diff, subtrahend);
         return result;
     }
 
 
@@ -55,14 +55,14 @@ struct MontyHRValueTypes {
     struct V : public BaseMontgomeryValue<SignedT> {
         HURCHALLA_FORCE_INLINE V() = default;
 
-        template <int BITNUM> HURCHALLA_FORCE_INLINE
-        static V cselect_on_bit_ne0(uint64_t num, V v1, V v2)
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static V cselect_on_bit_ne0(uint64_t num, V v1, V v2)
         {
             SignedT sel = ::hurchalla::cselect_on_bit<BITNUM>::ne_0(num, v1.get(), v2.get());
             return V(sel);
         }
-        template <int BITNUM> HURCHALLA_FORCE_INLINE
-        static V cselect_on_bit_eq0(uint64_t num, V v1, V v2)
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static V cselect_on_bit_eq0(uint64_t num, V v1, V v2)
         {
             SignedT sel = ::hurchalla::cselect_on_bit<BITNUM>::eq_0(num, v1.get(), v2.get());
             return V(sel);
@@ -88,6 +88,19 @@ struct MontyHRValueTypes {
             { return x.get() == y.get(); }
         HURCHALLA_FORCE_INLINE friend bool operator!=(const C& x, const C& y)
             { return !(x == y); }
+
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static C cselect_on_bit_ne0(uint64_t num, C c1, C c2)
+        {
+            T sel = ::hurchalla::cselect_on_bit<BITNUM>::ne_0(num, c1.get(), c2.get());
+            return C(sel);
+        }
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static C cselect_on_bit_eq0(uint64_t num, C c1, C c2)
+        {
+            T sel = ::hurchalla::cselect_on_bit<BITNUM>::eq_0(num, c1.get(), c2.get());
+            return C(sel);
+        }
      protected:
         template <typename> friend class MontyHalfRange;
         template <template<class> class, template<class> class, typename>
 
@@ -60,14 +60,14 @@ struct MontyQRValueTypes {
     struct V : public BaseMontgomeryValue<T> {
         HURCHALLA_FORCE_INLINE V() = default;
 
-        template <int BITNUM> HURCHALLA_FORCE_INLINE
-        static V cselect_on_bit_ne0(uint64_t num, V v1, V v2)
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static V cselect_on_bit_ne0(uint64_t num, V v1, V v2)
         {
             T sel = ::hurchalla::cselect_on_bit<BITNUM>::ne_0(num, v1.get(), v2.get());
             return V(sel);
         }
-        template <int BITNUM> HURCHALLA_FORCE_INLINE
-        static V cselect_on_bit_eq0(uint64_t num, V v1, V v2)
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static V cselect_on_bit_eq0(uint64_t num, V v1, V v2)
         {
             T sel = ::hurchalla::cselect_on_bit<BITNUM>::eq_0(num, v1.get(), v2.get());
             return V(sel);
@@ -83,6 +83,19 @@ struct MontyQRValueTypes {
             { return x.get() == y.get(); }
         HURCHALLA_FORCE_INLINE friend bool operator!=(const C& x, const C& y)
             { return !(x == y); }
+
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static C cselect_on_bit_ne0(uint64_t num, C c1, C c2)
+        {
+            T sel = ::hurchalla::cselect_on_bit<BITNUM>::ne_0(num, c1.get(), c2.get());
+            return C(sel);
+        }
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static C cselect_on_bit_eq0(uint64_t num, C c1, C c2)
+        {
+            T sel = ::hurchalla::cselect_on_bit<BITNUM>::eq_0(num, c1.get(), c2.get());
+            return C(sel);
+        }
      protected:
         template <template<class> class, template<class> class, typename>
           friend class MontyCommonBase;
 
@@ -41,14 +41,14 @@ class MontyWrappedStandardMath final {
     struct V : public BaseMontgomeryValue<T> {  // regular montgomery value type
         HURCHALLA_FORCE_INLINE V() = default;
 
-        template <int BITNUM> HURCHALLA_FORCE_INLINE
-        static V cselect_on_bit_ne0(uint64_t num, V v1, V v2)
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static V cselect_on_bit_ne0(uint64_t num, V v1, V v2)
         {
             T sel = ::hurchalla::cselect_on_bit<BITNUM>::ne_0(num, v1.get(), v2.get());
             return V(sel);
         }
-        template <int BITNUM> HURCHALLA_FORCE_INLINE
-        static V cselect_on_bit_eq0(uint64_t num, V v1, V v2)
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static V cselect_on_bit_eq0(uint64_t num, V v1, V v2)
         {
             T sel = ::hurchalla::cselect_on_bit<BITNUM>::eq_0(num, v1.get(), v2.get());
             return V(sel);
@@ -63,6 +63,19 @@ class MontyWrappedStandardMath final {
             { return x.get() == y.get(); }
         HURCHALLA_FORCE_INLINE friend bool operator!=(const C& x, const C& y)
             { return !(x == y); }
+
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static C cselect_on_bit_ne0(uint64_t num, C c1, C c2)
+        {
+            T sel = ::hurchalla::cselect_on_bit<BITNUM>::ne_0(num, c1.get(), c2.get());
+            return C(sel);
+        }
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static C cselect_on_bit_eq0(uint64_t num, C c1, C c2)
+        {
+            T sel = ::hurchalla::cselect_on_bit<BITNUM>::eq_0(num, c1.get(), c2.get());
+            return C(sel);
+        }
      protected:
         friend MontyWrappedStandardMath;
         HURCHALLA_FORCE_INLINE explicit C(T a) : V(a) {}
 
@@ -146,6 +146,19 @@ struct MfrmValueTypes {
             { return x.get() == y.get(); }
         HURCHALLA_FORCE_INLINE friend bool operator!=(const C& x, const C& y)
             { return !(x == y); }
+
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static C cselect_on_bit_ne0(uint64_t num, C c1, C c2)
+        {
+            T sel = ::hurchalla::cselect_on_bit<BITNUM>::ne_0(num, c1.get(), c2.get());
+            return C(sel);
+        }
+        template <int BITNUM>
+        HURCHALLA_FORCE_INLINE static C cselect_on_bit_eq0(uint64_t num, C c1, C c2)
+        {
+            T sel = ::hurchalla::cselect_on_bit<BITNUM>::eq_0(num, c1.get(), c2.get());
+            return C(sel);
+        }
      protected:
         template <typename> friend class MontyFullRangeMasked;
         template <template<class> class, template<class> class, typename>
@@ -417,7 +430,7 @@ class MontyFullRangeMasked final :
         T umlo;
         T umhi = ::hurchalla::unsigned_multiply_to_hilo_product(umlo, a, a);
         T masked_a = static_cast<T>(x.getmask() & a);
-        T result_hi = static_cast<T>(umhi - static_cast<T>(2) * masked_a);
+        T result_hi = static_cast<T>(umhi - masked_a - masked_a);
         u_lo = umlo;
         // Complete details are in the proof below, but roughly what we do here
         // is get a*a as a two-word product (umhi, umlo).  We let s == 1 if x is
 
@@ -98,15 +98,23 @@ if HURCHALLA_CPP17_CONSTEXPR (CODE_SECTION == 0) {
         U exponent = n;
 
         V mont_one = mf.getUnityValue();
+#ifndef HURCHALLA_MONTGOMERY_POW_2KARY_USE_CSELECT_ON_BIT
         V result = mont_one;
         result.cmov(static_cast<size_t>(exponent) & 1u, base);
+#else
+        V result = V::template cselect_on_bit_ne0<0>(static_cast<uint64_t>(exponent), base, mont_one);
+#endif
         exponent = static_cast<U>(exponent >> 1);
 
         while (exponent > 0u) {
             base = mf.square(base);
 
+#ifndef HURCHALLA_MONTGOMERY_POW_2KARY_USE_CSELECT_ON_BIT
             V tmp = mont_one;
             tmp.cmov(static_cast<size_t>(exponent) & 1u, base);
+#else
+            V tmp = V::template cselect_on_bit_ne0<0>(static_cast<uint64_t>(exponent), base, mont_one);
+#endif
             result = mf.multiply(result, tmp);
 
             exponent = static_cast<U>(exponent >> 1);
@@ -1148,14 +1156,22 @@ if HURCHALLA_CPP17_CONSTEXPR (CODE_SECTION == 0) {
         index = static_cast<size_t>(branchless_shift_right(n, shift)) & MASK;
 
         HURCHALLA_REQUEST_UNROLL_LOOP for (size_t j=0; j<ARRAY_SIZE; ++j) {
+#ifndef HURCHALLA_MONTGOMERY_POW_2KARY_USE_CSELECT_ON_BIT
             V tmp = result[j];
             tmp.cmov((index % 2 == 0), table[index/2][j]);
+#else
+            V tmp = V::template cselect_on_bit_eq0<0>(static_cast<uint64_t>(index), table[index/2][j], result[j]);
+#endif
             result[j] = mf.template multiply<LowuopsTag>(tmp, result[j]);
         }
 
         HURCHALLA_REQUEST_UNROLL_LOOP for (size_t j=0; j<ARRAY_SIZE; ++j) {
+#ifndef HURCHALLA_MONTGOMERY_POW_2KARY_USE_CSELECT_ON_BIT
             V tmp = table[index][j];
             tmp.cmov((index % 2 == 0), result[j]);
+#else
+            V tmp = V::template cselect_on_bit_eq0<0>(static_cast<uint64_t>(index), result[j], table[index][j]);
+#endif
             result[j] = mf.template multiply<LowuopsTag>(tmp, result[j]);
         }
     }