sub method

Implementation

VestaFq sub(VestaFq rhs) {
  // Step 1: subtract each limb with borrow
  var s0 = BigintUtils.sbb(limbs[0], rhs.limbs[0], BigInt.zero);
  var d0 = s0[0];
  var borrow = s0[1];

  var s1 = BigintUtils.sbb(limbs[1], rhs.limbs[1], borrow);
  var d1 = s1[0];
  borrow = s1[1];

  var s2 = BigintUtils.sbb(limbs[2], rhs.limbs[2], borrow);
  var d2 = s2[0];
  borrow = s2[1];

  var s3 = BigintUtils.sbb(limbs[3], rhs.limbs[3], borrow);
  var d3 = s3[0];
  borrow = s3[1];

  // Step 2: if underflow occurred, add modulus
  var a0 = BigintUtils.adc(
    d0,
    VestaFQConst.modulus.limbs[0] & borrow,
    BigInt.zero,
  );
  d0 = a0[0];
  var carry = a0[1];

  var a1 = BigintUtils.adc(d1, VestaFQConst.modulus.limbs[1] & borrow, carry);
  d1 = a1[0];
  carry = a1[1];

  var a2 = BigintUtils.adc(d2, VestaFQConst.modulus.limbs[2] & borrow, carry);
  d2 = a2[0];
  carry = a2[1];

  var a3 = BigintUtils.adc(d3, VestaFQConst.modulus.limbs[3] & borrow, carry);
  d3 = a3[0];
  // final carry ignored

  return VestaFq([d0, d1, d2, d3]);
}