Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

mul_mod does not work on all provided types #717

Open
weaversa opened this issue Dec 19, 2024 · 3 comments
Open

mul_mod does not work on all provided types #717

weaversa opened this issue Dec 19, 2024 · 3 comments

Comments

@weaversa
Copy link

weaversa commented Dec 19, 2024

I appreciate the addition of mul_mod in the release candidate 0.6.0. So, thank you!

While exploring this new function I received errors when using certain types. For example:

use crypto_bigint::{U576, NonZero};

pub fn main() {

    let p = NonZero::new(U576::from(3u32)).unwrap();
    let a = U576::from(1u32);
    let b = U576::from(1u32);

    a.mul_mod(&b, &p);
}

gives the following error when building:

the trait bound `Uint<9>: crypto_bigint::Concat` is not satisfied
...
 |     a.mul_mod(&b, &p);
 |       ^^^^^^^ the trait `ConcatMixed` is not implemented for `Uint<9>`, which is required by `Uint<9>: crypto_bigint::Concat`

However, swapping U576 for U256 builds w/out error. I have not tested against other types.

@tarcieri
Copy link
Member

cc @andrewwhitehead

I would also expect this to work. The ConcatMixed impls are written by these macros:

https://github.com/RustCrypto/crypto-bigint/blob/78f70ae/src/uint.rs#L425-L445

I'm not sure exactly what would need to change to be able to support this offhand.

@fjarri
Copy link
Contributor

fjarri commented Dec 19, 2024

I think that only defines splitting U576 in various proportions, but not joining two U576 which is what you need for multiplication.

Also I wonder if we can get rid of the Concat bound for multiplication by just using two separate Uint of single size for storage.

@andrewwhitehead
Copy link
Contributor

andrewwhitehead commented Dec 19, 2024

The bound appears to be required because MontyForm::new uses rem of a double-wide UInt in its calculation of R2, since rem_wide is not defined (only rem_wide_vartime).

I think Concat of U576 might be gated on the extra-sizes feature.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants