Modular inversion cleanups (#740)

tarcieri · web-flow · commit acb69c40cbde · 2025-01-18T15:26:10.000-07:00
DRYs out some safegcd init by extracting a `const fn`
diff --git a/src/modular/boxed_monty_form/inv.rs b/src/modular/boxed_monty_form/inv.rs
@@ -13,8 +13,7 @@ impl BoxedMontyForm {
     /// Computes `self^-1` representing the multiplicative inverse of `self`,
     /// i.e. `self * self^-1 = 1`.
     pub fn invert(&self) -> CtOption<Self> {
-        let inverter = self.params.precompute_inverter();
-        inverter.invert(self)
+        self.params.precompute_inverter().invert(self)
     }
 
     /// Computes `self^-1` representing the multiplicative inverse of `self`,
@@ -23,8 +22,7 @@ impl BoxedMontyForm {
     /// This version is variable-time with respect to the value of `self`, but constant-time with
     /// respect to `self`'s `params`.
     pub fn invert_vartime(&self) -> CtOption<Self> {
-        let inverter = self.params.precompute_inverter();
-        inverter.invert_vartime(self)
+        self.params.precompute_inverter().invert_vartime(self)
     }
 }
 
diff --git a/src/modular/monty_form/inv.rs b/src/modular/monty_form/inv.rs
@@ -21,11 +21,7 @@ where
     /// If the number was invertible, the second element of the tuple is the truthy value,
     /// otherwise it is the falsy value (in which case the first element's value is unspecified).
     pub const fn inv(&self) -> ConstCtOption<Self> {
-        let inverter = <Odd<Uint<SAT_LIMBS>> as PrecomputeInverter>::Inverter::new(
-            &self.params.modulus,
-            &self.params.r2,
-        );
-
+        let inverter = self.params.inverter();
         let maybe_inverse = inverter.inv(&self.montgomery_form);
         let (inverse, inverse_is_some) = maybe_inverse.components_ref();
 
@@ -46,11 +42,7 @@ where
     /// This version is variable-time with respect to the value of `self`, but constant-time with
     /// respect to `self`'s `params`.
     pub const fn inv_vartime(&self) -> ConstCtOption<Self> {
-        let inverter = <Odd<Uint<SAT_LIMBS>> as PrecomputeInverter>::Inverter::new(
-            &self.params.modulus,
-            &self.params.r2,
-        );
-
+        let inverter = self.params.inverter();
         let maybe_inverse = inverter.inv_vartime(&self.montgomery_form);
         let (inverse, inverse_is_some) = maybe_inverse.components_ref();
 
@@ -81,6 +73,20 @@ where
     }
 }
 
+impl<const SAT_LIMBS: usize, const UNSAT_LIMBS: usize> MontyParams<SAT_LIMBS>
+where
+    Odd<Uint<SAT_LIMBS>>: PrecomputeInverter<
+        Inverter = SafeGcdInverter<SAT_LIMBS, UNSAT_LIMBS>,
+        Output = Uint<SAT_LIMBS>,
+    >,
+{
+    /// Create a modular inverter for the modulus of these params.
+    // TODO(tarcieri): make `pub`?
+    const fn inverter(&self) -> SafeGcdInverter<SAT_LIMBS, UNSAT_LIMBS> {
+        SafeGcdInverter::new(&self.modulus, &self.r2)
+    }
+}
+
 impl<const LIMBS: usize> PrecomputeInverter for MontyParams<LIMBS>
 where
     Odd<Uint<LIMBS>>:

Original file line number	Diff line number	Diff line change
`@@ -13,8 +13,7 @@ impl BoxedMontyForm {`
`13`	`13`	/// Computes `self^-1` representing the multiplicative inverse of `self`,
`14`	`14`	/// i.e. `self * self^-1 = 1`.
`15`	`15`	`pub fn invert(&self) -> CtOption<Self> {`
`16`		`- let inverter = self.params.precompute_inverter();`
`17`		`- inverter.invert(self)`
	`16`	`+ self.params.precompute_inverter().invert(self)`
`18`	`17`	`}`
`19`	`18`
`20`	`19`	/// Computes `self^-1` representing the multiplicative inverse of `self`,
`@@ -23,8 +22,7 @@ impl BoxedMontyForm {`
`23`	`22`	/// This version is variable-time with respect to the value of `self`, but constant-time with
`24`	`23`	/// respect to `self`'s `params`.
`25`	`24`	`pub fn invert_vartime(&self) -> CtOption<Self> {`
`26`		`- let inverter = self.params.precompute_inverter();`
`27`		`- inverter.invert_vartime(self)`
	`25`	`+ self.params.precompute_inverter().invert_vartime(self)`
`28`	`26`	`}`
`29`	`27`	`}`
`30`	`28`