Little-endian wider words, consisting of four Limbs.

>>> 1 :: Wider
1

Construct a Wider word from four Words, provided in little-endian order.

>>> wider 1 0 0 0
1

Convert an Integer to a Wider word.

>>> to_vartime 1
1

Convert a Wider word to an Integer.

>>> from_vartime 1
1

Compare Wider words for equality in variable time.

>>> eq_vartime 1 0
False
>>> eq_vartime 1 1
True

Variable-time comparison between Wider words.

The actual comparison here is performed in constant time, but we must branch to return an Ordering.

>>> cmp_vartime 1 2
LT
>>> cmp_vartime 2 1
GT
>>> cmp_vartime 2 2
EQ

Constant-time less-than comparison between Wider values.

>>> import qualified Data.Choice as CT
>>> CT.decide (lt 1 2)
True
>>> CT.decide (lt 1 1)
False

Constant-time greater-than comparison between Wider values.

>>> import qualified Data.Choice as CT
>>> CT.decide (gt 1 2)
False
>>> CT.decide (gt 2 1)
True

Check if a Wider is odd, returning a Choice.

Return a if c is truthy, otherwise return b.

>>> import qualified Data.Choice as C
>>> select 0 1 (C.true# ())
1

Constant-time 1-bit shift-left.

>>> shl1 1
2
>>> shl1 (2 ^ (255 :: Word))
0

Constant-time 1-bit shift-right.

>>> shr1 2
1
>>> shr1 1
0

Constant-time 1-bit shift-left with carry, with a Choice indicating whether the highest bit was set.

Constant-time 1-bit shift-right with carry, with a Choice indicating whether the lowest bit was set.

Shift right by less than the number of bits in a Limb (e.g., by a maximum of 63 bits on 64-bit architectures). The shift amount is unchecked.

>>> shr_limb 2 1
1

Shift left by less than the number of bits in a Limb (e.g., by a maximum of 63 bits on 64-bit architectures). The shift amount is unchecked.

>>> shl_limb 2 1
1
>>> shl_limb 1 63
9223372036854775808

Binary and.

>>> and 1 1
1
>>> and 1 0
0

Binary or.

>>> or 1 1
1
>>> or 1 0
1

Binary xor.

>>> xor 1 1
0
>>> xor 1 0
1

Binary not.

>>> not 0
115792089237316195423570985008687907853269984665640564039457584007913129639935
>>> not (not 0)
0

Overflowing addition, computing 'a + b', returning the sum and a carry bit.

>>> add_o 1 1
(2,0)
>>> add_o 1 (2 ^ (256 :: Word) - 1)
(0,1)

Wrapping addition, computing 'a + b'.

Note that as Wider is an instance of Num, you can use + to apply this function.

>>> add 1 (2 ^ (256 :: Word) - 1)
0

Modular addition.

Assumes that the sum is less than twice the modulus; this is not checked.

>>> add_mod 1 1 3
2
>>> add_mod 1 2 3
0

Wrapping subtraction, computing 'a - b' and returning the difference.

Note that as Wider is an instance of Num, you can use - to apply this function.

>>> sub 1 1
0
>>> sub 0 (2 ^ (256 :: Word) - 1)
1

Borrowing subtraction, computing 'a - b' and returning the difference with a borrow mask.

>>> sub_b 1 1
(0,0)
>>> sub_b 0 (2 ^ (256 :: Word) - 1)
(1,18446744073709551615)

Modular subtraction. Computes a - b mod m.

Assumes that the magnitude of the difference is less than the modulus (this is unchecked).

>>> sub_mod 1 1 4
0
>>> sub_mod 2 3 4
3

Modular subtraction with carry. Computes (# a, c #) - b mod m.

Wrapping multiplication.

Note that as Wider is an instance of Num, you can use * to apply this function.

>>> mul 1 1
1
>>> mul 1 2
2

Widening multiplication.

Returns the low and high Wider words of the product, in that order.

>>> mul_c 2 3
(6,0)
>>> mul_c (2 ^ (256 :: Word) - 1)  2
(115792089237316195423570985008687907853269984665640564039457584007913129639934,1)

Widening square.

>>> sqr 2
(4,0)
>>> sqr (2 ^ (256 :: Word) - 1)
(1,115792089237316195423570985008687907853269984665640564039457584007913129639934)