81 static BNU_CHUNK_T* cpGFpExp2(BNU_CHUNK_T* pR, const BNU_CHUNK_T* pA, int e, gsModEngine* pGFE)  in cpGFpExp2()  argument
83    cpGFpElementCopy(pR, pA, GFP_FELEN(pGFE));  in cpGFpExp2()
85       GFP_METHOD(pGFE)->sqr(pR, pR, pGFE);  in cpGFpExp2()
95 int cpGFpSqrt(BNU_CHUNK_T* pR, const BNU_CHUNK_T* pA, gsModEngine* pGFE)  in cpGFpSqrt()  argument
97    int elemLen = GFP_FELEN(pGFE);  in cpGFpSqrt()
98    int poolelementLen = GFP_PELEN(pGFE);  in cpGFpSqrt()
107       BNU_CHUNK_T* q = cpGFpGetPool(4, pGFE);  in cpGFpSqrt()
120       cpSub_BNU(q, GFP_MODULUS(pGFE), z, elemLen);  in cpGFpSqrt()
128       cpGFpExp(y, GFP_QNR(pGFE), q,elemLen, pGFE);  in cpGFpSqrt()
132       cpGFpExp(x, pA, q, elemLen, pGFE);  in cpGFpSqrt()
134       GFP_METHOD(pGFE)->mul(z, x, x, pGFE);  in cpGFpSqrt()
135       GFP_METHOD(pGFE)->mul(z, pA, z, pGFE);  in cpGFpSqrt()
137       GFP_METHOD(pGFE)->mul(pR, pA, x, pGFE);  in cpGFpSqrt()
139       while( !GFP_EQ(z, MOD_MNT_R(pGFE), elemLen) ) {  in cpGFpSqrt()
144             GFP_METHOD(pGFE)->mul(q, q, q, pGFE);  in cpGFpSqrt()
145             if( GFP_EQ(q, MOD_MNT_R(pGFE), elemLen) )  in cpGFpSqrt()
156             cpGFpExp2(q, y, (s-m-1), pGFE);           /* q = y^(2^(s-m-1)) */  in cpGFpSqrt()
157             GFP_METHOD(pGFE)->mul(y, q, q, pGFE);     /* y = q^2 */  in cpGFpSqrt()
158             GFP_METHOD(pGFE)->mul(pR, q, pR, pGFE);   /* R = q*R */  in cpGFpSqrt()
159             GFP_METHOD(pGFE)->mul(z, y, z, pGFE);     /* z = z*y */  in cpGFpSqrt()
165       GFP_METHOD(pGFE)->decode(q, pR, pGFE);  in cpGFpSqrt()
166       if(GFP_GT(q, GFP_HMODULUS(pGFE), elemLen))  in cpGFpSqrt()
167          GFP_METHOD(pGFE)->neg(pR, pR, pGFE);  in cpGFpSqrt()
169       cpGFpReleasePool(4, pGFE);  in cpGFpSqrt()