Implement Phase II for Montgomery Inverse function

- Phase II takes care about acomplishing the last step to complete the `AlmMontInv()` function specified on the paper: IEEE TRANSACTIONS ON COMPUTERS, VOL. 49, NO. 7, JULY 2000 763 The Montgomery Modular Inverse - Revisited E. Sava¸s, C¸. K. Ko¸c - This returns `(a^-1) * 2^n (mod p)`
dusk-network · May 17, 2019 · 457ef6e · 457ef6e
1 parent 323b164
commit 457ef6e
Showing 1 changed file with 18 additions and 5 deletions.
diff --git a/src/backend/u64/field.rs b/src/backend/u64/field.rs
@@ -344,13 +344,27 @@ impl FieldElement {
 
         #[inline]
         fn phase2(r: &FieldElement, k: &u64) -> FieldElement {
-
-            for i in 0..(k-252) {
+            let mut rr = r.clone();
+            let mut p = FieldElement([2766226127823335, 4237835465749098, 4503599626623787, 4503599627370495, 2199023255551]);
 
+            // Maybe 253, need to review it since it's the result of the log(base 2) of `FIELD_L`
+            for i in 1..(k-252) {
+                match rr.is_even() {
+                    true => {
+                        for i in 0..5 {
+                            rr[i] = rr[i] >> 1;
+                        };
+                    },
+                    false => {
+                        rr = &rr + &p;
+                        for i in 0..5 {
+                            rr[i] = rr[i] >> 1;
+                        };
+                    }
+                }
             }
-            unimplemented!()
+            rr
         }
-
         unimplemented!()
     }
 }
@@ -360,7 +374,6 @@ impl FieldElement {
 pub mod tests {
 
     use crate::backend::u64::field::FieldElement;
-    use crate::backend::u64::constants;
     use crate::scalar::Ristretto255Scalar;
 
     /// Bytes representation of `-1 (mod l) = 7237005577332262213973186563042994240857116359379907606001950938285454250988`