Add a specialized BoxedUint::shl1 implementation

RustCrypto · Dec 9, 2023 · 8c67ba9 · 8c67ba9
1 parent 0e32cdb
commit 8c67ba9
Showing 1 changed file with 19 additions and 4 deletions.
diff --git a/src/uint/boxed/shl.rs b/src/uint/boxed/shl.rs
@@ -89,14 +89,21 @@ impl BoxedUint {
 
     /// Computes `self >> 1` in constant-time.
     pub(crate) fn shl1(&self) -> Self {
-        // TODO(tarcieri): optimized implementation
-        self.shl_vartime(1).expect("shift within range")
+        let mut ret = self.clone();
+        ret.shl1_assign();
+        ret
     }
 
     /// Computes `self >> 1` in-place in constant-time.
     pub(crate) fn shl1_assign(&mut self) {
-        // TODO(tarcieri): optimized implementation
-        *self = self.shl1();
+        let mut carry = self.limbs[0].0 >> Limb::HI_BIT;
+        self.limbs[0].shl_assign(1);
+        for i in 1..self.limbs.len() {
+            let new_carry = self.limbs[i].0 >> Limb::HI_BIT;
+            self.limbs[i].shl_assign(1);
+            self.limbs[i].0 |= carry;
+            carry = new_carry
+        }
     }
 }
 
@@ -129,6 +136,14 @@ impl ShlAssign<u32> for BoxedUint {
 mod tests {
     use super::BoxedUint;
 
+    #[test]
+    fn shl1_assign() {
+        let mut n = BoxedUint::from(0x3c442b21f19185fe433f0a65af902b8fu128);
+        let n_shl1 = BoxedUint::from(0x78885643e3230bfc867e14cb5f20571eu128);
+        n.shl1_assign();
+        assert_eq!(n, n_shl1);
+    }
+
     #[test]
     fn shl() {
         let one = BoxedUint::one_with_precision(128);