add remainder() function to MontgomeryForm

Author: hurchalla

montgomery_arithmetic/include/hurchalla/montgomery_arithmetic/MontgomeryForm.h

@@ -486,6 +486,17 @@ class MontgomeryForm final {
     {
         return static_cast<T>(impl.gcd_with_modulus(x, gcd_functor));
     }
+
+
+    // Returns  a % modulus.  A convenience function for better performance.
+    // If you have already instantiated this MontgomeryForm, then calling
+    // remainder() should be faster than directly computing  a % modulus,
+    // even if your CPU has extremely fast division (like many new CPUs).
+    T remainder(T a) const
+    {
+        HPBC_PRECONDITION(a >= 0);
+        return static_cast<T>(impl.remainder(static_cast<U>(a)));
+    }
 };
 
 

montgomery_arithmetic/include/hurchalla/montgomery_arithmetic/detail/MontyCommonBase.h

@@ -98,6 +98,21 @@ class MontyCommonBase {
         return result;
     }
 
+    HURCHALLA_FORCE_INLINE T remainder(T a) const
+    {
+        HPBC_INVARIANT2(r_mod_n_ < n_);
+        namespace hc = ::hurchalla;
+        T u_lo;
+        T u_hi = hc::unsigned_multiply_to_hilo_product(u_lo, a, r_mod_n_);
+        // Since a is type T, 0 <= a < R.  And since r_mod_n is type T and
+        // r_mod_n < n, we know  0 <= r_mod_n < n.  Therefore,
+        // 0 <= u == a * r_mod_n < R*n,  which will satisfy REDC's precondition.
+        T result = hc::REDC_standard(u_hi, u_lo, n_, inv_n_, LowlatencyTag());
+
+        HPBC_POSTCONDITION2(result < n_);
+        return result;
+    }
+
     HURCHALLA_FORCE_INLINE C getUnityValue() const
     {
         // as noted in constructor, unityValue == (1*R)%n_ == r_mod_n_

montgomery_arithmetic/include/hurchalla/montgomery_arithmetic/detail/MontyWrappedStandardMath.h

@@ -105,6 +105,11 @@ class MontyWrappedStandardMath final {
         return ret;
     }
 
+    HURCHALLA_FORCE_INLINE T remainder(T a) const
+    {
+        return static_cast<T>(a % modulus_);
+    }
+
     HURCHALLA_FORCE_INLINE C getCanonicalValue(V x) const
     {
         HPBC_PRECONDITION2(isCanonical(x));

test/montgomery_arithmetic/test_MontgomeryForm.h

@@ -224,9 +224,29 @@ void test_square_variants(const M& mf, typename M::MontgomeryValue x,
                             fusedSquareAdd<hc::LowuopsTag>(x,zc)) == answer);
 }
 
+template <typename M>
+void test_remainder(const M& mf)
+{
+    using T = typename M::IntegerType;
+    namespace hc = ::hurchalla;
+
+    T max = hc::ut_numeric_limits<T>::max();
+    T mid = static_cast<T>(max/2);
+    T modulus = mf.getModulus();
+
+    EXPECT_TRUE(mf.remainder(0) == (0 % modulus));
+    EXPECT_TRUE(mf.remainder(1) == (1 % modulus));
+    EXPECT_TRUE(mf.remainder(2) == (2 % modulus));
+    EXPECT_TRUE(mf.remainder(static_cast<T>(max-0)) == ((max-0) % modulus));
+    EXPECT_TRUE(mf.remainder(static_cast<T>(max-1)) == ((max-1) % modulus));
+    EXPECT_TRUE(mf.remainder(static_cast<T>(max-2)) == ((max-2) % modulus));
+    EXPECT_TRUE(mf.remainder(static_cast<T>(mid-1)) == ((mid-1) % modulus));
+    EXPECT_TRUE(mf.remainder(static_cast<T>(mid-0)) == ((mid-0) % modulus));
+    EXPECT_TRUE(mf.remainder(static_cast<T>(mid+1)) == ((mid+1) % modulus));
+}
 
 template <typename M>
-void test_mf_general_checks(M& mf, typename M::IntegerType a,
+void test_mf_general_checks(const M& mf, typename M::IntegerType a,
                            typename M::IntegerType b, typename M::IntegerType c)
 {
     namespace hc = ::hurchalla;
@@ -590,6 +610,18 @@ void test_MontgomeryForm()
         M mf(modulus);
         EXPECT_TRUE(mf.gcd_with_modulus(mf.convertIn(12), GcdFunctor()) == 3);
     }
+
+    // test remainder()
+    {
+        T max = M::max_modulus();
+        T mid = static_cast<T>(max/2);
+        mid = (mid % 2 == 0) ? static_cast<T>(mid + 1) : mid;
+        test_remainder(M(3));    // smallest possible modulus
+        test_remainder(M(max));  // largest possible modulus
+        if (121 <= max)
+            test_remainder(M(121));
+        test_remainder(M(mid));
+    }
 }