square method

Implementation

@override
JubJubFq square() {
  var tmp = BigintUtils.mac(BigInt.zero, limbs[0], limbs[1], BigInt.zero);
  BigInt r1 = tmp[0];
  BigInt carry = tmp[1];

  tmp = BigintUtils.mac(BigInt.zero, limbs[0], limbs[2], carry);
  BigInt r2 = tmp[0];
  carry = tmp[1];

  tmp = BigintUtils.mac(BigInt.zero, limbs[0], limbs[3], carry);
  BigInt r3 = tmp[0];
  BigInt r4 = tmp[1];

  tmp = BigintUtils.mac(r3, limbs[1], limbs[2], BigInt.zero);
  r3 = tmp[0];
  carry = tmp[1];

  tmp = BigintUtils.mac(r4, limbs[1], limbs[3], carry);
  r4 = tmp[0];
  BigInt r5 = tmp[1];

  tmp = BigintUtils.mac(r5, limbs[2], limbs[3], BigInt.zero);
  r5 = tmp[0];
  BigInt r6 = tmp[1];

  // Double the cross products
  BigInt r7 = (r6 >> 63).toU64;
  r6 = ((r6 << 1) | (r5 >> 63)).toU64;
  r5 = ((r5 << 1) | (r4 >> 63)).toU64;
  r4 = ((r4 << 1) | (r3 >> 63)).toU64;
  r3 = ((r3 << 1) | (r2 >> 63)).toU64;
  r2 = ((r2 << 1) | (r1 >> 63)).toU64;
  r1 = (r1 << 1).toU64;

  tmp = BigintUtils.mac(BigInt.zero, limbs[0], limbs[0], BigInt.zero);
  BigInt r0 = tmp[0];
  carry = tmp[1];

  tmp = BigintUtils.adc(BigInt.zero, r1, carry);
  r1 = tmp[0];
  carry = tmp[1];

  tmp = BigintUtils.mac(r2, limbs[1], limbs[1], carry);
  r2 = tmp[0];
  carry = tmp[1];

  tmp = BigintUtils.adc(BigInt.zero, r3, carry);
  r3 = tmp[0];
  carry = tmp[1];

  tmp = BigintUtils.mac(r4, limbs[2], limbs[2], carry);
  r4 = tmp[0];
  carry = tmp[1];

  tmp = BigintUtils.adc(BigInt.zero, r5, carry);
  r5 = tmp[0];
  carry = tmp[1];

  tmp = BigintUtils.mac(r6, limbs[3], limbs[3], carry);
  r6 = tmp[0];
  carry = tmp[1];

  tmp = BigintUtils.adc(BigInt.zero, r7, carry);
  r7 = tmp[0];
  // final carry ignored
  return JubJubFq.montgomeryReduce(r0, r1, r2, r3, r4, r5, r6, r7);
}