def CarryOut(res, a, b, c=0, kappa=None):
"""
res = last carry bit in addition of a and b
a: array of clear bits
b: array of secret bits (same length as a)
c: initial carry-in bit
"""
from .types import sint
movs(res, sint.conv(CarryOutRaw(a, b, c)))
def BitLTL(res, a, b, kappa):
"""
res = a <? b (logarithmic rounds version)
a: clear integer register
b: array of secret bits (same length as a)
"""
k = len(b)
a_bits = b[0].bit_decompose_clear(a, k)
from .types import sint
movs(res, sint.conv(BitLTL_raw(a_bits, b)))
def TruncRing(d, a, k, m, signed):
program.curr_tape.require_bit_length(1)
if program.use_split() in (2, 3):
if signed:
a += (1 << (k - 1))
from Compiler.types import sint
from .GC.types import sbitint
length = int(program.options.ring)
summands = a.split_to_n_summands(length, program.use_split())
x = sbitint.wallace_tree_without_finish(summands, True)
if program.use_split() == 2:
carries = sbitint.get_carries(*x)
low = carries[m]
high = sint.conv(carries[length])
else:
if m == 1:
low = x[1][1]
high = sint.conv(CarryOutLE(x[1][:-1], x[0][:-1])) + \
sint.conv(x[0][-1])
else:
mid_carry = CarryOutRawLE(x[1][:m], x[0][:m])
low = sint.conv(mid_carry) + sint.conv(x[0][m])
tmp = util.tree_reduce(
carry, (sbitint.half_adder(xx, yy)
for xx, yy in zip(x[1][m:-1], x[0][m:-1])))
top_carry = sint.conv(carry([None, mid_carry], tmp, False)[1])
high = top_carry + sint.conv(x[0][-1])
shifted = sint()
shrsi(shifted, a, m)
res = shifted + sint.conv(low) - (high << (length - m))
if signed:
res -= (1 << (k - m - 1))
else:
a_prime = Mod2mRing(None, a, k, m, signed)
a -= a_prime
res = TruncLeakyInRing(a, k, m, signed)
if d is not None:
movs(d, res)
return res
