Semantics of arithmetic operations exactly mimic those of Java's integer + * arithmetic operators, as defined in The Java Language Specification. + * For example, division by zero throws an {@code ArithmeticException}, and + * division of a negative by a positive yields a negative (or zero) remainder. + * + *
Semantics of shift operations extend those of Java's shift operators + * to allow for negative shift distances. A right-shift with a negative + * shift distance results in a left shift, and vice-versa. The unsigned + * right shift operator ({@code >>>}) is omitted since this operation + * only makes sense for a fixed sized word and not for a + * representation conceptually having an infinite number of leading + * virtual sign bits. + * + *
Semantics of bitwise logical operations exactly mimic those of Java's + * bitwise integer operators. The binary operators ({@code and}, + * {@code or}, {@code xor}) implicitly perform sign extension on the shorter + * of the two operands prior to performing the operation. + * + *
Comparison operations perform signed integer comparisons, analogous to + * those performed by Java's relational and equality operators. + * + *
Modular arithmetic operations are provided to compute residues, perform + * exponentiation, and compute multiplicative inverses. These methods always + * return a non-negative result, between {@code 0} and {@code (modulus - 1)}, + * inclusive. + * + *
Bit operations operate on a single bit of the two's-complement + * representation of their operand. If necessary, the operand is sign-extended + * so that it contains the designated bit. None of the single-bit + * operations can produce a BigInteger with a different sign from the + * BigInteger being operated on, as they affect only a single bit, and the + * arbitrarily large abstraction provided by this class ensures that conceptually + * there are infinitely many "virtual sign bits" preceding each BigInteger. + * + *
For the sake of brevity and clarity, pseudo-code is used throughout the + * descriptions of BigInteger methods. The pseudo-code expression + * {@code (i + j)} is shorthand for "a BigInteger whose value is + * that of the BigInteger {@code i} plus that of the BigInteger {@code j}." + * The pseudo-code expression {@code (i == j)} is shorthand for + * "{@code true} if and only if the BigInteger {@code i} represents the same + * value as the BigInteger {@code j}." Other pseudo-code expressions are + * interpreted similarly. + * + *
All methods and constructors in this class throw
+ * {@code NullPointerException} when passed
+ * a null object reference for any input parameter.
+ *
+ * BigInteger must support values in the range
+ * -2{@code Integer.MAX_VALUE} (exclusive) to
+ * +2{@code Integer.MAX_VALUE} (exclusive)
+ * and may support values outside of that range.
+ *
+ * An {@code ArithmeticException} is thrown when a BigInteger
+ * constructor or method would generate a value outside of the
+ * supported range.
+ *
+ * The range of probable prime values is limited and may be less than
+ * the full supported positive range of {@code BigInteger}.
+ * The range must be at least 1 to 2500000000.
+ *
+ * @implNote
+ * In the reference implementation, BigInteger constructors and
+ * operations throw {@code ArithmeticException} when the result is out
+ * of the supported range of
+ * -2{@code Integer.MAX_VALUE} (exclusive) to
+ * +2{@code Integer.MAX_VALUE} (exclusive).
+ *
+ * @jls 4.2.2 Integer Operations
+ * @author Josh Bloch
+ * @author Michael McCloskey
+ * @author Alan Eliasen
+ * @author Timothy Buktu
+ * @since 1.1
+ */
+
+public class BigInteger extends Number implements Comparable Note: never used for a BigInteger with a magnitude of zero.
+ *
+ * @see #firstNonzeroIntNum()
+ */
+ private int firstNonzeroIntNumPlusTwo;
+
+ /**
+ * This mask is used to obtain the value of an int as if it were unsigned.
+ */
+ static final long LONG_MASK = 0xffffffffL;
+
+ /**
+ * This constant limits {@code mag.length} of BigIntegers to the supported
+ * range.
+ */
+ private static final int MAX_MAG_LENGTH = Integer.MAX_VALUE / Integer.SIZE + 1; // (1 << 26)
+
+ /**
+ * Bit lengths larger than this constant can cause overflow in searchLen
+ * calculation and in BitSieve.singleSearch method.
+ */
+ private static final int PRIME_SEARCH_BIT_LENGTH_LIMIT = 500000000;
+
+ /**
+ * The threshold value for using Karatsuba multiplication. If the number
+ * of ints in both mag arrays are greater than this number, then
+ * Karatsuba multiplication will be used. This value is found
+ * experimentally to work well.
+ */
+ private static final int KARATSUBA_THRESHOLD = 80;
+
+ /**
+ * The threshold value for using 3-way Toom-Cook multiplication.
+ * If the number of ints in each mag array is greater than the
+ * Karatsuba threshold, and the number of ints in at least one of
+ * the mag arrays is greater than this threshold, then Toom-Cook
+ * multiplication will be used.
+ */
+ private static final int TOOM_COOK_THRESHOLD = 240;
+
+ /**
+ * The threshold value for using Karatsuba squaring. If the number
+ * of ints in the number are larger than this value,
+ * Karatsuba squaring will be used. This value is found
+ * experimentally to work well.
+ */
+ private static final int KARATSUBA_SQUARE_THRESHOLD = 128;
+
+ /**
+ * The threshold value for using Toom-Cook squaring. If the number
+ * of ints in the number are larger than this value,
+ * Toom-Cook squaring will be used. This value is found
+ * experimentally to work well.
+ */
+ private static final int TOOM_COOK_SQUARE_THRESHOLD = 216;
+
+ /**
+ * The threshold value for using Burnikel-Ziegler division. If the number
+ * of ints in the divisor are larger than this value, Burnikel-Ziegler
+ * division may be used. This value is found experimentally to work well.
+ */
+ static final int BURNIKEL_ZIEGLER_THRESHOLD = 80;
+
+ /**
+ * The offset value for using Burnikel-Ziegler division. If the number
+ * of ints in the divisor exceeds the Burnikel-Ziegler threshold, and the
+ * number of ints in the dividend is greater than the number of ints in the
+ * divisor plus this value, Burnikel-Ziegler division will be used. This
+ * value is found experimentally to work well.
+ */
+ static final int BURNIKEL_ZIEGLER_OFFSET = 40;
+
+ /**
+ * The threshold value for using Schoenhage recursive base conversion. If
+ * the number of ints in the number are larger than this value,
+ * the Schoenhage algorithm will be used. In practice, it appears that the
+ * Schoenhage routine is faster for any threshold down to 2, and is
+ * relatively flat for thresholds between 2-25, so this choice may be
+ * varied within this range for very small effect.
+ */
+ private static final int SCHOENHAGE_BASE_CONVERSION_THRESHOLD = 20;
+
+ /**
+ * The threshold value for using squaring code to perform multiplication
+ * of a {@code BigInteger} instance by itself. If the number of ints in
+ * the number are larger than this value, {@code multiply(this)} will
+ * return {@code square()}.
+ */
+ private static final int MULTIPLY_SQUARE_THRESHOLD = 20;
+
+ /**
+ * The threshold for using an intrinsic version of
+ * implMontgomeryXXX to perform Montgomery multiplication. If the
+ * number of ints in the number is more than this value we do not
+ * use the intrinsic.
+ */
+ private static final int MONTGOMERY_INTRINSIC_THRESHOLD = 512;
+
+
+ // Constructors
+
+ /**
+ * Translates a byte sub-array containing the two's-complement binary
+ * representation of a BigInteger into a BigInteger. The sub-array is
+ * specified via an offset into the array and a length. The sub-array is
+ * assumed to be in big-endian byte-order: the most significant
+ * byte is the element at index {@code off}. The {@code val} array is
+ * assumed to be unchanged for the duration of the constructor call.
+ *
+ * An {@code IndexOutOfBoundsException} is thrown if the length of the array
+ * {@code val} is non-zero and either {@code off} is negative, {@code len}
+ * is negative, or {@code off+len} is greater than the length of
+ * {@code val}.
+ *
+ * @param val byte array containing a sub-array which is the big-endian
+ * two's-complement binary representation of a BigInteger.
+ * @param off the start offset of the binary representation.
+ * @param len the number of bytes to use.
+ * @throws NumberFormatException {@code val} is zero bytes long.
+ * @throws IndexOutOfBoundsException if the provided array offset and
+ * length would cause an index into the byte array to be
+ * negative or greater than or equal to the array length.
+ * @since 9
+ */
+ public BigInteger(byte[] val, int off, int len) {
+ if (val.length == 0) {
+ throw new NumberFormatException("Zero length BigInteger");
+ }
+ Objects.checkFromIndexSize(off, len, val.length);
+
+ if (val[off] < 0) {
+ mag = makePositive(val, off, len);
+ signum = -1;
+ } else {
+ mag = stripLeadingZeroBytes(val, off, len);
+ signum = (mag.length == 0 ? 0 : 1);
+ }
+ if (mag.length >= MAX_MAG_LENGTH) {
+ checkRange();
+ }
+ }
+
+ /**
+ * Translates a byte array containing the two's-complement binary
+ * representation of a BigInteger into a BigInteger. The input array is
+ * assumed to be in big-endian byte-order: the most significant
+ * byte is in the zeroth element. The {@code val} array is assumed to be
+ * unchanged for the duration of the constructor call.
+ *
+ * @param val big-endian two's-complement binary representation of a
+ * BigInteger.
+ * @throws NumberFormatException {@code val} is zero bytes long.
+ */
+ public BigInteger(byte[] val) {
+ this(val, 0, val.length);
+ }
+
+ /**
+ * This private constructor translates an int array containing the
+ * two's-complement binary representation of a BigInteger into a
+ * BigInteger. The input array is assumed to be in big-endian
+ * int-order: the most significant int is in the zeroth element. The
+ * {@code val} array is assumed to be unchanged for the duration of
+ * the constructor call.
+ */
+ private BigInteger(int[] val) {
+ if (val.length == 0)
+ throw new NumberFormatException("Zero length BigInteger");
+
+ if (val[0] < 0) {
+ mag = makePositive(val);
+ signum = -1;
+ } else {
+ mag = trustedStripLeadingZeroInts(val);
+ signum = (mag.length == 0 ? 0 : 1);
+ }
+ if (mag.length >= MAX_MAG_LENGTH) {
+ checkRange();
+ }
+ }
+
+ /**
+ * Translates the sign-magnitude representation of a BigInteger into a
+ * BigInteger. The sign is represented as an integer signum value: -1 for
+ * negative, 0 for zero, or 1 for positive. The magnitude is a sub-array of
+ * a byte array in big-endian byte-order: the most significant byte
+ * is the element at index {@code off}. A zero value of the length
+ * {@code len} is permissible, and will result in a BigInteger value of 0,
+ * whether signum is -1, 0 or 1. The {@code magnitude} array is assumed to
+ * be unchanged for the duration of the constructor call.
+ *
+ * An {@code IndexOutOfBoundsException} is thrown if the length of the array
+ * {@code magnitude} is non-zero and either {@code off} is negative,
+ * {@code len} is negative, or {@code off+len} is greater than the length of
+ * {@code magnitude}.
+ *
+ * @param signum signum of the number (-1 for negative, 0 for zero, 1
+ * for positive).
+ * @param magnitude big-endian binary representation of the magnitude of
+ * the number.
+ * @param off the start offset of the binary representation.
+ * @param len the number of bytes to use.
+ * @throws NumberFormatException {@code signum} is not one of the three
+ * legal values (-1, 0, and 1), or {@code signum} is 0 and
+ * {@code magnitude} contains one or more non-zero bytes.
+ * @throws IndexOutOfBoundsException if the provided array offset and
+ * length would cause an index into the byte array to be
+ * negative or greater than or equal to the array length.
+ * @since 9
+ */
+ public BigInteger(int signum, byte[] magnitude, int off, int len) {
+ if (signum < -1 || signum > 1) {
+ throw(new NumberFormatException("Invalid signum value"));
+ }
+ Objects.checkFromIndexSize(off, len, magnitude.length);
+
+ // stripLeadingZeroBytes() returns a zero length array if len == 0
+ this.mag = stripLeadingZeroBytes(magnitude, off, len);
+
+ if (this.mag.length == 0) {
+ this.signum = 0;
+ } else {
+ if (signum == 0)
+ throw(new NumberFormatException("signum-magnitude mismatch"));
+ this.signum = signum;
+ }
+ if (mag.length >= MAX_MAG_LENGTH) {
+ checkRange();
+ }
+ }
+
+ /**
+ * Translates the sign-magnitude representation of a BigInteger into a
+ * BigInteger. The sign is represented as an integer signum value: -1 for
+ * negative, 0 for zero, or 1 for positive. The magnitude is a byte array
+ * in big-endian byte-order: the most significant byte is the
+ * zeroth element. A zero-length magnitude array is permissible, and will
+ * result in a BigInteger value of 0, whether signum is -1, 0 or 1. The
+ * {@code magnitude} array is assumed to be unchanged for the duration of
+ * the constructor call.
+ *
+ * @param signum signum of the number (-1 for negative, 0 for zero, 1
+ * for positive).
+ * @param magnitude big-endian binary representation of the magnitude of
+ * the number.
+ * @throws NumberFormatException {@code signum} is not one of the three
+ * legal values (-1, 0, and 1), or {@code signum} is 0 and
+ * {@code magnitude} contains one or more non-zero bytes.
+ */
+ public BigInteger(int signum, byte[] magnitude) {
+ this(signum, magnitude, 0, magnitude.length);
+ }
+
+ /**
+ * A constructor for internal use that translates the sign-magnitude
+ * representation of a BigInteger into a BigInteger. It checks the
+ * arguments and copies the magnitude so this constructor would be
+ * safe for external use. The {@code magnitude} array is assumed to be
+ * unchanged for the duration of the constructor call.
+ */
+ private BigInteger(int signum, int[] magnitude) {
+ this.mag = stripLeadingZeroInts(magnitude);
+
+ if (signum < -1 || signum > 1)
+ throw(new NumberFormatException("Invalid signum value"));
+
+ if (this.mag.length == 0) {
+ this.signum = 0;
+ } else {
+ if (signum == 0)
+ throw(new NumberFormatException("signum-magnitude mismatch"));
+ this.signum = signum;
+ }
+ if (mag.length >= MAX_MAG_LENGTH) {
+ checkRange();
+ }
+ }
+
+ /**
+ * Translates the String representation of a BigInteger in the
+ * specified radix into a BigInteger. The String representation
+ * consists of an optional minus or plus sign followed by a
+ * sequence of one or more digits in the specified radix. The
+ * character-to-digit mapping is provided by {@link
+ * Character#digit(char, int) Character.digit}. The String may
+ * not contain any extraneous characters (whitespace, for
+ * example).
+ *
+ * @param val String representation of BigInteger.
+ * @param radix radix to be used in interpreting {@code val}.
+ * @throws NumberFormatException {@code val} is not a valid representation
+ * of a BigInteger in the specified radix, or {@code radix} is
+ * outside the range from {@link Character#MIN_RADIX} to
+ * {@link Character#MAX_RADIX}, inclusive.
+ */
+ public BigInteger(String val, int radix) {
+ int cursor = 0, numDigits;
+ final int len = val.length();
+
+ if (radix < Character.MIN_RADIX || radix > Character.MAX_RADIX)
+ throw new NumberFormatException("Radix out of range");
+ if (len == 0)
+ throw new NumberFormatException("Zero length BigInteger");
+
+ // Check for at most one leading sign
+ int sign = 1;
+ int index1 = val.lastIndexOf('-');
+ int index2 = val.lastIndexOf('+');
+ if (index1 >= 0) {
+ if (index1 != 0 || index2 >= 0) {
+ throw new NumberFormatException("Illegal embedded sign character");
+ }
+ sign = -1;
+ cursor = 1;
+ } else if (index2 >= 0) {
+ if (index2 != 0) {
+ throw new NumberFormatException("Illegal embedded sign character");
+ }
+ cursor = 1;
+ }
+ if (cursor == len)
+ throw new NumberFormatException("Zero length BigInteger");
+
+ // Skip leading zeros and compute number of digits in magnitude
+ while (cursor < len &&
+ Character.digit(val.charAt(cursor), radix) == 0) {
+ cursor++;
+ }
+
+ if (cursor == len) {
+ signum = 0;
+ mag = ZERO.mag;
+ return;
+ }
+
+ numDigits = len - cursor;
+ signum = sign;
+
+ // Pre-allocate array of expected size. May be too large but can
+ // never be too small. Typically exact.
+ long numBits = ((numDigits * bitsPerDigit[radix]) >>> 10) + 1;
+ if (numBits + 31 >= (1L << 32)) {
+ reportOverflow();
+ }
+ int numWords = (int) (numBits + 31) >>> 5;
+ int[] magnitude = new int[numWords];
+
+ // Process first (potentially short) digit group
+ int firstGroupLen = numDigits % digitsPerInt[radix];
+ if (firstGroupLen == 0)
+ firstGroupLen = digitsPerInt[radix];
+ String group = val.substring(cursor, cursor += firstGroupLen);
+ magnitude[numWords - 1] = Integer.parseInt(group, radix);
+ if (magnitude[numWords - 1] < 0)
+ throw new NumberFormatException("Illegal digit");
+
+ // Process remaining digit groups
+ int superRadix = intRadix[radix];
+ int groupVal = 0;
+ while (cursor < len) {
+ group = val.substring(cursor, cursor += digitsPerInt[radix]);
+ groupVal = Integer.parseInt(group, radix);
+ if (groupVal < 0)
+ throw new NumberFormatException("Illegal digit");
+ destructiveMulAdd(magnitude, superRadix, groupVal);
+ }
+ // Required for cases where the array was overallocated.
+ mag = trustedStripLeadingZeroInts(magnitude);
+ if (mag.length >= MAX_MAG_LENGTH) {
+ checkRange();
+ }
+ }
+
+ /*
+ * Constructs a new BigInteger using a char array with radix=10.
+ * Sign is precalculated outside and not allowed in the val. The {@code val}
+ * array is assumed to be unchanged for the duration of the constructor
+ * call.
+ */
+ BigInteger(char[] val, int sign, int len) {
+ int cursor = 0, numDigits;
+
+ // Skip leading zeros and compute number of digits in magnitude
+ while (cursor < len && Character.digit(val[cursor], 10) == 0) {
+ cursor++;
+ }
+ if (cursor == len) {
+ signum = 0;
+ mag = ZERO.mag;
+ return;
+ }
+
+ numDigits = len - cursor;
+ signum = sign;
+ // Pre-allocate array of expected size
+ int numWords;
+ if (len < 10) {
+ numWords = 1;
+ } else {
+ long numBits = ((numDigits * bitsPerDigit[10]) >>> 10) + 1;
+ if (numBits + 31 >= (1L << 32)) {
+ reportOverflow();
+ }
+ numWords = (int) (numBits + 31) >>> 5;
+ }
+ int[] magnitude = new int[numWords];
+
+ // Process first (potentially short) digit group
+ int firstGroupLen = numDigits % digitsPerInt[10];
+ if (firstGroupLen == 0)
+ firstGroupLen = digitsPerInt[10];
+ magnitude[numWords - 1] = parseInt(val, cursor, cursor += firstGroupLen);
+
+ // Process remaining digit groups
+ while (cursor < len) {
+ int groupVal = parseInt(val, cursor, cursor += digitsPerInt[10]);
+ destructiveMulAdd(magnitude, intRadix[10], groupVal);
+ }
+ mag = trustedStripLeadingZeroInts(magnitude);
+ if (mag.length >= MAX_MAG_LENGTH) {
+ checkRange();
+ }
+ }
+
+ // Create an integer with the digits between the two indexes
+ // Assumes start < end. The result may be negative, but it
+ // is to be treated as an unsigned value.
+ private int parseInt(char[] source, int start, int end) {
+ int result = Character.digit(source[start++], 10);
+ if (result == -1)
+ throw new NumberFormatException(new String(source));
+
+ for (int index = start; index < end; index++) {
+ int nextVal = Character.digit(source[index], 10);
+ if (nextVal == -1)
+ throw new NumberFormatException(new String(source));
+ result = 10*result + nextVal;
+ }
+
+ return result;
+ }
+
+ // bitsPerDigit in the given radix times 1024
+ // Rounded up to avoid underallocation.
+ private static long bitsPerDigit[] = { 0, 0,
+ 1024, 1624, 2048, 2378, 2648, 2875, 3072, 3247, 3402, 3543, 3672,
+ 3790, 3899, 4001, 4096, 4186, 4271, 4350, 4426, 4498, 4567, 4633,
+ 4696, 4756, 4814, 4870, 4923, 4975, 5025, 5074, 5120, 5166, 5210,
+ 5253, 5295};
+
+ // Multiply x array times word y in place, and add word z
+ private static void destructiveMulAdd(int[] x, int y, int z) {
+ // Perform the multiplication word by word
+ long ylong = y & LONG_MASK;
+ long zlong = z & LONG_MASK;
+ int len = x.length;
+
+ long product = 0;
+ long carry = 0;
+ for (int i = len-1; i >= 0; i--) {
+ product = ylong * (x[i] & LONG_MASK) + carry;
+ x[i] = (int)product;
+ carry = product >>> 32;
+ }
+
+ // Perform the addition
+ long sum = (x[len-1] & LONG_MASK) + zlong;
+ x[len-1] = (int)sum;
+ carry = sum >>> 32;
+ for (int i = len-2; i >= 0; i--) {
+ sum = (x[i] & LONG_MASK) + carry;
+ x[i] = (int)sum;
+ carry = sum >>> 32;
+ }
+ }
+
+ /**
+ * Translates the decimal String representation of a BigInteger
+ * into a BigInteger. The String representation consists of an
+ * optional minus or plus sign followed by a sequence of one or
+ * more decimal digits. The character-to-digit mapping is
+ * provided by {@link Character#digit(char, int)
+ * Character.digit}. The String may not contain any extraneous
+ * characters (whitespace, for example).
+ *
+ * @param val decimal String representation of BigInteger.
+ * @throws NumberFormatException {@code val} is not a valid representation
+ * of a BigInteger.
+ */
+ public BigInteger(String val) {
+ this(val, 10);
+ }
+
+ /**
+ * Constructs a randomly generated BigInteger, uniformly distributed over
+ * the range 0 to (2{@code numBits} - 1), inclusive.
+ * The uniformity of the distribution assumes that a fair source of random
+ * bits is provided in {@code rnd}. Note that this constructor always
+ * constructs a non-negative BigInteger.
+ *
+ * @param numBits maximum bitLength of the new BigInteger.
+ * @param rnd source of randomness to be used in computing the new
+ * BigInteger.
+ * @throws IllegalArgumentException {@code numBits} is negative.
+ * @see #bitLength()
+ */
+ public BigInteger(int numBits, Random rnd) {
+ byte[] magnitude = randomBits(numBits, rnd);
+
+ try {
+ // stripLeadingZeroBytes() returns a zero length array if len == 0
+ this.mag = stripLeadingZeroBytes(magnitude, 0, magnitude.length);
+
+ if (this.mag.length == 0) {
+ this.signum = 0;
+ } else {
+ this.signum = 1;
+ }
+ if (mag.length >= MAX_MAG_LENGTH) {
+ checkRange();
+ }
+ } finally {
+ Arrays.fill(magnitude, (byte)0);
+ }
+ }
+
+ private static byte[] randomBits(int numBits, Random rnd) {
+ if (numBits < 0)
+ throw new IllegalArgumentException("numBits must be non-negative");
+ int numBytes = (int)(((long)numBits+7)/8); // avoid overflow
+ byte[] randomBits = new byte[numBytes];
+
+ // Generate random bytes and mask out any excess bits
+ if (numBytes > 0) {
+ rnd.nextBytes(randomBits);
+ int excessBits = 8*numBytes - numBits;
+ randomBits[0] &= (1 << (8-excessBits)) - 1;
+ }
+ return randomBits;
+ }
+
+ // Minimum size in bits that the requested prime number has
+ // before we use the large prime number generating algorithms.
+ // The cutoff of 95 was chosen empirically for best performance.
+ private static final int SMALL_PRIME_THRESHOLD = 95;
+
+ // Certainty required to meet the spec of probablePrime
+ private static final int DEFAULT_PRIME_CERTAINTY = 100;
+
+ /**
+ * This internal constructor differs from its public cousin
+ * with the arguments reversed in two ways: it assumes that its
+ * arguments are correct, and it doesn't copy the magnitude array.
+ */
+ BigInteger(int[] magnitude, int signum) {
+ this.signum = (magnitude.length == 0 ? 0 : signum);
+ this.mag = magnitude;
+ if (mag.length >= MAX_MAG_LENGTH) {
+ checkRange();
+ }
+ }
+
+ /**
+ * This private constructor is for internal use and assumes that its
+ * arguments are correct. The {@code magnitude} array is assumed to be
+ * unchanged for the duration of the constructor call.
+ */
+ private BigInteger(byte[] magnitude, int signum) {
+ this.signum = (magnitude.length == 0 ? 0 : signum);
+ this.mag = stripLeadingZeroBytes(magnitude, 0, magnitude.length);
+ if (mag.length >= MAX_MAG_LENGTH) {
+ checkRange();
+ }
+ }
+
+ /**
+ * Throws an {@code ArithmeticException} if the {@code BigInteger} would be
+ * out of the supported range.
+ *
+ * @throws ArithmeticException if {@code this} exceeds the supported range.
+ */
+ private void checkRange() {
+ if (mag.length > MAX_MAG_LENGTH || mag.length == MAX_MAG_LENGTH && mag[0] < 0) {
+ reportOverflow();
+ }
+ }
+
+ private static void reportOverflow() {
+ throw new ArithmeticException("BigInteger would overflow supported range");
+ }
+
+ //Static Factory Methods
+
+ /**
+ * Returns a BigInteger whose value is equal to that of the
+ * specified {@code long}.
+ *
+ * @apiNote This static factory method is provided in preference
+ * to a ({@code long}) constructor because it allows for reuse of
+ * frequently used BigIntegers.
+ *
+ * @param val value of the BigInteger to return.
+ * @return a BigInteger with the specified value.
+ */
+ public static BigInteger valueOf(long val) {
+ // If -MAX_CONSTANT < val < MAX_CONSTANT, return stashed constant
+ if (val == 0)
+ return ZERO;
+ if (val > 0 && val <= MAX_CONSTANT)
+ return posConst[(int) val];
+ else if (val < 0 && val >= -MAX_CONSTANT)
+ return negConst[(int) -val];
+
+ return new BigInteger(val);
+ }
+
+ /**
+ * Constructs a BigInteger with the specified value, which may not be zero.
+ */
+ private BigInteger(long val) {
+ if (val < 0) {
+ val = -val;
+ signum = -1;
+ } else {
+ signum = 1;
+ }
+
+ int highWord = (int)(val >>> 32);
+ if (highWord == 0) {
+ mag = new int[1];
+ mag[0] = (int)val;
+ } else {
+ mag = new int[2];
+ mag[0] = highWord;
+ mag[1] = (int)val;
+ }
+ }
+
+ /**
+ * Returns a BigInteger with the given two's complement representation.
+ * Assumes that the input array will not be modified (the returned
+ * BigInteger will reference the input array if feasible).
+ */
+ private static BigInteger valueOf(int val[]) {
+ return (val[0] > 0 ? new BigInteger(val, 1) : new BigInteger(val));
+ }
+
+ // Constants
+
+ /**
+ * Initialize static constant array when class is loaded.
+ */
+ private static final int MAX_CONSTANT = 16;
+ private static final BigInteger[] posConst = new BigInteger[MAX_CONSTANT+1];
+ private static final BigInteger[] negConst = new BigInteger[MAX_CONSTANT+1];
+
+ /**
+ * The cache of powers of each radix. This allows us to not have to
+ * recalculate powers of radix^(2^n) more than once. This speeds
+ * Schoenhage recursive base conversion significantly.
+ */
+ private static volatile BigInteger[][] powerCache;
+
+ /** The cache of logarithms of radices for base conversion. */
+ private static final double[] logCache;
+
+ /** The natural log of 2. This is used in computing cache indices. */
+ private static final double LOG_TWO = Math.log(2.0);
+
+ static {
+ assert 0 < KARATSUBA_THRESHOLD
+ && KARATSUBA_THRESHOLD < TOOM_COOK_THRESHOLD
+ && TOOM_COOK_THRESHOLD < Integer.MAX_VALUE
+ && 0 < KARATSUBA_SQUARE_THRESHOLD
+ && KARATSUBA_SQUARE_THRESHOLD < TOOM_COOK_SQUARE_THRESHOLD
+ && TOOM_COOK_SQUARE_THRESHOLD < Integer.MAX_VALUE :
+ "Algorithm thresholds are inconsistent";
+
+ for (int i = 1; i <= MAX_CONSTANT; i++) {
+ int[] magnitude = new int[1];
+ magnitude[0] = i;
+ posConst[i] = new BigInteger(magnitude, 1);
+ negConst[i] = new BigInteger(magnitude, -1);
+ }
+
+ /*
+ * Initialize the cache of radix^(2^x) values used for base conversion
+ * with just the very first value. Additional values will be created
+ * on demand.
+ */
+ powerCache = new BigInteger[Character.MAX_RADIX+1][];
+ logCache = new double[Character.MAX_RADIX+1];
+
+ for (int i=Character.MIN_RADIX; i <= Character.MAX_RADIX; i++) {
+ powerCache[i] = new BigInteger[] { BigInteger.valueOf(i) };
+ logCache[i] = Math.log(i);
+ }
+ }
+
+ /**
+ * The BigInteger constant zero.
+ *
+ * @since 1.2
+ */
+ public static final BigInteger ZERO = new BigInteger(new int[0], 0);
+
+ /**
+ * The BigInteger constant one.
+ *
+ * @since 1.2
+ */
+ public static final BigInteger ONE = valueOf(1);
+
+ /**
+ * The BigInteger constant two.
+ *
+ * @since 9
+ */
+ public static final BigInteger TWO = valueOf(2);
+
+ /**
+ * The BigInteger constant -1. (Not exported.)
+ */
+ private static final BigInteger NEGATIVE_ONE = valueOf(-1);
+
+ /**
+ * The BigInteger constant ten.
+ *
+ * @since 1.5
+ */
+ public static final BigInteger TEN = valueOf(10);
+
+ // Arithmetic Operations
+
+ /**
+ * Returns a BigInteger whose value is {@code (this + val)}.
+ *
+ * @param val value to be added to this BigInteger.
+ * @return {@code this + val}
+ */
+ public BigInteger add(BigInteger val) {
+ if (val.signum == 0)
+ return this;
+ if (signum == 0)
+ return val;
+ if (val.signum == signum)
+ return new BigInteger(add(mag, val.mag), signum);
+
+ int cmp = compareMagnitude(val);
+ if (cmp == 0)
+ return ZERO;
+ int[] resultMag = (cmp > 0 ? subtract(mag, val.mag)
+ : subtract(val.mag, mag));
+ resultMag = trustedStripLeadingZeroInts(resultMag);
+
+ return new BigInteger(resultMag, cmp == signum ? 1 : -1);
+ }
+
+ /**
+ * Package private methods used by BigDecimal code to add a BigInteger
+ * with a long. Assumes val is not equal to INFLATED.
+ */
+ BigInteger add(long val) {
+ if (val == 0)
+ return this;
+ if (signum == 0)
+ return valueOf(val);
+ if (Long.signum(val) == signum)
+ return new BigInteger(add(mag, Math.abs(val)), signum);
+ int cmp = compareMagnitude(val);
+ if (cmp == 0)
+ return ZERO;
+ int[] resultMag = (cmp > 0 ? subtract(mag, Math.abs(val)) : subtract(Math.abs(val), mag));
+ resultMag = trustedStripLeadingZeroInts(resultMag);
+ return new BigInteger(resultMag, cmp == signum ? 1 : -1);
+ }
+
+ /**
+ * Adds the contents of the int array x and long value val. This
+ * method allocates a new int array to hold the answer and returns
+ * a reference to that array. Assumes x.length > 0 and val is
+ * non-negative
+ */
+ private static int[] add(int[] x, long val) {
+ int[] y;
+ long sum = 0;
+ int xIndex = x.length;
+ int[] result;
+ int highWord = (int)(val >>> 32);
+ if (highWord == 0) {
+ result = new int[xIndex];
+ sum = (x[--xIndex] & LONG_MASK) + val;
+ result[xIndex] = (int)sum;
+ } else {
+ if (xIndex == 1) {
+ result = new int[2];
+ sum = val + (x[0] & LONG_MASK);
+ result[1] = (int)sum;
+ result[0] = (int)(sum >>> 32);
+ return result;
+ } else {
+ result = new int[xIndex];
+ sum = (x[--xIndex] & LONG_MASK) + (val & LONG_MASK);
+ result[xIndex] = (int)sum;
+ sum = (x[--xIndex] & LONG_MASK) + (highWord & LONG_MASK) + (sum >>> 32);
+ result[xIndex] = (int)sum;
+ }
+ }
+ // Copy remainder of longer number while carry propagation is required
+ boolean carry = (sum >>> 32 != 0);
+ while (xIndex > 0 && carry)
+ carry = ((result[--xIndex] = x[xIndex] + 1) == 0);
+ // Copy remainder of longer number
+ while (xIndex > 0)
+ result[--xIndex] = x[xIndex];
+ // Grow result if necessary
+ if (carry) {
+ int bigger[] = new int[result.length + 1];
+ System.arraycopy(result, 0, bigger, 1, result.length);
+ bigger[0] = 0x01;
+ return bigger;
+ }
+ return result;
+ }
+
+ /**
+ * Adds the contents of the int arrays x and y. This method allocates
+ * a new int array to hold the answer and returns a reference to that
+ * array.
+ */
+ private static int[] add(int[] x, int[] y) {
+ // If x is shorter, swap the two arrays
+ if (x.length < y.length) {
+ int[] tmp = x;
+ x = y;
+ y = tmp;
+ }
+
+ int xIndex = x.length;
+ int yIndex = y.length;
+ int result[] = new int[xIndex];
+ long sum = 0;
+ if (yIndex == 1) {
+ sum = (x[--xIndex] & LONG_MASK) + (y[0] & LONG_MASK) ;
+ result[xIndex] = (int)sum;
+ } else {
+ // Add common parts of both numbers
+ while (yIndex > 0) {
+ sum = (x[--xIndex] & LONG_MASK) +
+ (y[--yIndex] & LONG_MASK) + (sum >>> 32);
+ result[xIndex] = (int)sum;
+ }
+ }
+ // Copy remainder of longer number while carry propagation is required
+ boolean carry = (sum >>> 32 != 0);
+ while (xIndex > 0 && carry)
+ carry = ((result[--xIndex] = x[xIndex] + 1) == 0);
+
+ // Copy remainder of longer number
+ while (xIndex > 0)
+ result[--xIndex] = x[xIndex];
+
+ // Grow result if necessary
+ if (carry) {
+ int bigger[] = new int[result.length + 1];
+ System.arraycopy(result, 0, bigger, 1, result.length);
+ bigger[0] = 0x01;
+ return bigger;
+ }
+ return result;
+ }
+
+ private static int[] subtract(long val, int[] little) {
+ int highWord = (int)(val >>> 32);
+ if (highWord == 0) {
+ int result[] = new int[1];
+ result[0] = (int)(val - (little[0] & LONG_MASK));
+ return result;
+ } else {
+ int result[] = new int[2];
+ if (little.length == 1) {
+ long difference = ((int)val & LONG_MASK) - (little[0] & LONG_MASK);
+ result[1] = (int)difference;
+ // Subtract remainder of longer number while borrow propagates
+ boolean borrow = (difference >> 32 != 0);
+ if (borrow) {
+ result[0] = highWord - 1;
+ } else { // Copy remainder of longer number
+ result[0] = highWord;
+ }
+ return result;
+ } else { // little.length == 2
+ long difference = ((int)val & LONG_MASK) - (little[1] & LONG_MASK);
+ result[1] = (int)difference;
+ difference = (highWord & LONG_MASK) - (little[0] & LONG_MASK) + (difference >> 32);
+ result[0] = (int)difference;
+ return result;
+ }
+ }
+ }
+
+ /**
+ * Subtracts the contents of the second argument (val) from the
+ * first (big). The first int array (big) must represent a larger number
+ * than the second. This method allocates the space necessary to hold the
+ * answer.
+ * assumes val >= 0
+ */
+ private static int[] subtract(int[] big, long val) {
+ int highWord = (int)(val >>> 32);
+ int bigIndex = big.length;
+ int result[] = new int[bigIndex];
+ long difference = 0;
+
+ if (highWord == 0) {
+ difference = (big[--bigIndex] & LONG_MASK) - val;
+ result[bigIndex] = (int)difference;
+ } else {
+ difference = (big[--bigIndex] & LONG_MASK) - (val & LONG_MASK);
+ result[bigIndex] = (int)difference;
+ difference = (big[--bigIndex] & LONG_MASK) - (highWord & LONG_MASK) + (difference >> 32);
+ result[bigIndex] = (int)difference;
+ }
+
+ // Subtract remainder of longer number while borrow propagates
+ boolean borrow = (difference >> 32 != 0);
+ while (bigIndex > 0 && borrow)
+ borrow = ((result[--bigIndex] = big[bigIndex] - 1) == -1);
+
+ // Copy remainder of longer number
+ while (bigIndex > 0)
+ result[--bigIndex] = big[bigIndex];
+
+ return result;
+ }
+
+ /**
+ * Returns a BigInteger whose value is {@code (this - val)}.
+ *
+ * @param val value to be subtracted from this BigInteger.
+ * @return {@code this - val}
+ */
+ public BigInteger subtract(BigInteger val) {
+ if (val.signum == 0)
+ return this;
+ if (signum == 0)
+ return val.negate();
+ if (val.signum != signum)
+ return new BigInteger(add(mag, val.mag), signum);
+
+ int cmp = compareMagnitude(val);
+ if (cmp == 0)
+ return ZERO;
+ int[] resultMag = (cmp > 0 ? subtract(mag, val.mag)
+ : subtract(val.mag, mag));
+ resultMag = trustedStripLeadingZeroInts(resultMag);
+ return new BigInteger(resultMag, cmp == signum ? 1 : -1);
+ }
+
+ /**
+ * Subtracts the contents of the second int arrays (little) from the
+ * first (big). The first int array (big) must represent a larger number
+ * than the second. This method allocates the space necessary to hold the
+ * answer.
+ */
+ private static int[] subtract(int[] big, int[] little) {
+ int bigIndex = big.length;
+ int result[] = new int[bigIndex];
+ int littleIndex = little.length;
+ long difference = 0;
+
+ // Subtract common parts of both numbers
+ while (littleIndex > 0) {
+ difference = (big[--bigIndex] & LONG_MASK) -
+ (little[--littleIndex] & LONG_MASK) +
+ (difference >> 32);
+ result[bigIndex] = (int)difference;
+ }
+
+ // Subtract remainder of longer number while borrow propagates
+ boolean borrow = (difference >> 32 != 0);
+ while (bigIndex > 0 && borrow)
+ borrow = ((result[--bigIndex] = big[bigIndex] - 1) == -1);
+
+ // Copy remainder of longer number
+ while (bigIndex > 0)
+ result[--bigIndex] = big[bigIndex];
+
+ return result;
+ }
+
+ /**
+ * Returns a BigInteger whose value is {@code (this * val)}.
+ *
+ * @implNote An implementation may offer better algorithmic
+ * performance when {@code val == this}.
+ *
+ * @param val value to be multiplied by this BigInteger.
+ * @return {@code this * val}
+ */
+ public BigInteger multiply(BigInteger val) {
+ return multiply(val, false);
+ }
+
+ /**
+ * Returns a BigInteger whose value is {@code (this * val)}. If
+ * the invocation is recursive certain overflow checks are skipped.
+ *
+ * @param val value to be multiplied by this BigInteger.
+ * @param isRecursion whether this is a recursive invocation
+ * @return {@code this * val}
+ */
+ private BigInteger multiply(BigInteger val, boolean isRecursion) {
+ if (val.signum == 0 || signum == 0)
+ return ZERO;
+
+ int xlen = mag.length;
+
+ if (val == this && xlen > MULTIPLY_SQUARE_THRESHOLD) {
+ return square();
+ }
+
+ int ylen = val.mag.length;
+
+ if ((xlen < KARATSUBA_THRESHOLD) || (ylen < KARATSUBA_THRESHOLD)) {
+ int resultSign = signum == val.signum ? 1 : -1;
+ if (val.mag.length == 1) {
+ return multiplyByInt(mag,val.mag[0], resultSign);
+ }
+ if (mag.length == 1) {
+ return multiplyByInt(val.mag,mag[0], resultSign);
+ }
+ int[] result = multiplyToLen(mag, xlen,
+ val.mag, ylen, null);
+ result = trustedStripLeadingZeroInts(result);
+ return new BigInteger(result, resultSign);
+ } else {
+ if ((xlen < TOOM_COOK_THRESHOLD) && (ylen < TOOM_COOK_THRESHOLD)) {
+ return multiplyKaratsuba(this, val);
+ } else {
+ //
+ // In "Hacker's Delight" section 2-13, p.33, it is explained
+ // that if x and y are unsigned 32-bit quantities and m and n
+ // are their respective numbers of leading zeros within 32 bits,
+ // then the number of leading zeros within their product as a
+ // 64-bit unsigned quantity is either m + n or m + n + 1. If
+ // their product is not to overflow, it cannot exceed 32 bits,
+ // and so the number of leading zeros of the product within 64
+ // bits must be at least 32, i.e., the leftmost set bit is at
+ // zero-relative position 31 or less.
+ //
+ // From the above there are three cases:
+ //
+ // m + n leftmost set bit condition
+ // ----- ---------------- ---------
+ // >= 32 x <= 64 - 32 = 32 no overflow
+ // == 31 x >= 64 - 32 = 32 possible overflow
+ // <= 30 x >= 64 - 31 = 33 definite overflow
+ //
+ // The "possible overflow" condition cannot be detected by
+ // examning data lengths alone and requires further calculation.
+ //
+ // By analogy, if 'this' and 'val' have m and n as their
+ // respective numbers of leading zeros within 32*MAX_MAG_LENGTH
+ // bits, then:
+ //
+ // m + n >= 32*MAX_MAG_LENGTH no overflow
+ // m + n == 32*MAX_MAG_LENGTH - 1 possible overflow
+ // m + n <= 32*MAX_MAG_LENGTH - 2 definite overflow
+ //
+ // Note however that if the number of ints in the result
+ // were to be MAX_MAG_LENGTH and mag[0] < 0, then there would
+ // be overflow. As a result the leftmost bit (of mag[0]) cannot
+ // be used and the constraints must be adjusted by one bit to:
+ //
+ // m + n > 32*MAX_MAG_LENGTH no overflow
+ // m + n == 32*MAX_MAG_LENGTH possible overflow
+ // m + n < 32*MAX_MAG_LENGTH definite overflow
+ //
+ // The foregoing leading zero-based discussion is for clarity
+ // only. The actual calculations use the estimated bit length
+ // of the product as this is more natural to the internal
+ // array representation of the magnitude which has no leading
+ // zero elements.
+ //
+ if (!isRecursion) {
+ // The bitLength() instance method is not used here as we
+ // are only considering the magnitudes as non-negative. The
+ // Toom-Cook multiplication algorithm determines the sign
+ // at its end from the two signum values.
+ if ((long)bitLength(mag, mag.length) +
+ (long)bitLength(val.mag, val.mag.length) >
+ 32L*MAX_MAG_LENGTH) {
+ reportOverflow();
+ }
+ }
+
+ return multiplyToomCook3(this, val);
+ }
+ }
+ }
+
+ private static BigInteger multiplyByInt(int[] x, int y, int sign) {
+ if (Integer.bitCount(y) == 1) {
+ return new BigInteger(shiftLeft(x,Integer.numberOfTrailingZeros(y)), sign);
+ }
+ int xlen = x.length;
+ int[] rmag = new int[xlen + 1];
+ long carry = 0;
+ long yl = y & LONG_MASK;
+ int rstart = rmag.length - 1;
+ for (int i = xlen - 1; i >= 0; i--) {
+ long product = (x[i] & LONG_MASK) * yl + carry;
+ rmag[rstart--] = (int)product;
+ carry = product >>> 32;
+ }
+ if (carry == 0L) {
+ rmag = java.util.Arrays.copyOfRange(rmag, 1, rmag.length);
+ } else {
+ rmag[rstart] = (int)carry;
+ }
+ return new BigInteger(rmag, sign);
+ }
+
+ /**
+ * Package private methods used by BigDecimal code to multiply a BigInteger
+ * with a long. Assumes v is not equal to INFLATED.
+ */
+ BigInteger multiply(long v) {
+ if (v == 0 || signum == 0)
+ return ZERO;
+ if (v == INFLATED)
+ return multiply(BigInteger.valueOf(v));
+ int rsign = (v > 0 ? signum : -signum);
+ if (v < 0)
+ v = -v;
+ long dh = v >>> 32; // higher order bits
+ long dl = v & LONG_MASK; // lower order bits
+
+ int xlen = mag.length;
+ int[] value = mag;
+ int[] rmag = (dh == 0L) ? (new int[xlen + 1]) : (new int[xlen + 2]);
+ long carry = 0;
+ int rstart = rmag.length - 1;
+ for (int i = xlen - 1; i >= 0; i--) {
+ long product = (value[i] & LONG_MASK) * dl + carry;
+ rmag[rstart--] = (int)product;
+ carry = product >>> 32;
+ }
+ rmag[rstart] = (int)carry;
+ if (dh != 0L) {
+ carry = 0;
+ rstart = rmag.length - 2;
+ for (int i = xlen - 1; i >= 0; i--) {
+ long product = (value[i] & LONG_MASK) * dh +
+ (rmag[rstart] & LONG_MASK) + carry;
+ rmag[rstart--] = (int)product;
+ carry = product >>> 32;
+ }
+ rmag[0] = (int)carry;
+ }
+ if (carry == 0L)
+ rmag = java.util.Arrays.copyOfRange(rmag, 1, rmag.length);
+ return new BigInteger(rmag, rsign);
+ }
+
+ /**
+ * Multiplies int arrays x and y to the specified lengths and places
+ * the result into z. There will be no leading zeros in the resultant array.
+ */
+ private static int[] multiplyToLen(int[] x, int xlen, int[] y, int ylen, int[] z) {
+ multiplyToLenCheck(x, xlen);
+ multiplyToLenCheck(y, ylen);
+ return implMultiplyToLen(x, xlen, y, ylen, z);
+ }
+
+ // @IntrinsicCandidate
+ private static int[] implMultiplyToLen(int[] x, int xlen, int[] y, int ylen, int[] z) {
+ int xstart = xlen - 1;
+ int ystart = ylen - 1;
+
+ if (z == null || z.length < (xlen+ ylen))
+ z = new int[xlen+ylen];
+
+ long carry = 0;
+ for (int j=ystart, k=ystart+1+xstart; j >= 0; j--, k--) {
+ long product = (y[j] & LONG_MASK) *
+ (x[xstart] & LONG_MASK) + carry;
+ z[k] = (int)product;
+ carry = product >>> 32;
+ }
+ z[xstart] = (int)carry;
+
+ for (int i = xstart-1; i >= 0; i--) {
+ carry = 0;
+ for (int j=ystart, k=ystart+1+i; j >= 0; j--, k--) {
+ long product = (y[j] & LONG_MASK) *
+ (x[i] & LONG_MASK) +
+ (z[k] & LONG_MASK) + carry;
+ z[k] = (int)product;
+ carry = product >>> 32;
+ }
+ z[i] = (int)carry;
+ }
+ return z;
+ }
+
+ private static void multiplyToLenCheck(int[] array, int length) {
+ if (length <= 0) {
+ return; // not an error because multiplyToLen won't execute if len <= 0
+ }
+
+ Objects.requireNonNull(array);
+
+ if (length > array.length) {
+ throw new ArrayIndexOutOfBoundsException(length - 1);
+ }
+ }
+
+ /**
+ * Multiplies two BigIntegers using the Karatsuba multiplication
+ * algorithm. This is a recursive divide-and-conquer algorithm which is
+ * more efficient for large numbers than what is commonly called the
+ * "grade-school" algorithm used in multiplyToLen. If the numbers to be
+ * multiplied have length n, the "grade-school" algorithm has an
+ * asymptotic complexity of O(n^2). In contrast, the Karatsuba algorithm
+ * has complexity of O(n^(log2(3))), or O(n^1.585). It achieves this
+ * increased performance by doing 3 multiplies instead of 4 when
+ * evaluating the product. As it has some overhead, should be used when
+ * both numbers are larger than a certain threshold (found
+ * experimentally).
+ *
+ * See: http://en.wikipedia.org/wiki/Karatsuba_algorithm
+ */
+ private static BigInteger multiplyKaratsuba(BigInteger x, BigInteger y) {
+ int xlen = x.mag.length;
+ int ylen = y.mag.length;
+
+ // The number of ints in each half of the number.
+ int half = (Math.max(xlen, ylen)+1) / 2;
+
+ // xl and yl are the lower halves of x and y respectively,
+ // xh and yh are the upper halves.
+ BigInteger xl = x.getLower(half);
+ BigInteger xh = x.getUpper(half);
+ BigInteger yl = y.getLower(half);
+ BigInteger yh = y.getUpper(half);
+
+ BigInteger p1 = xh.multiply(yh); // p1 = xh*yh
+ BigInteger p2 = xl.multiply(yl); // p2 = xl*yl
+
+ // p3=(xh+xl)*(yh+yl)
+ BigInteger p3 = xh.add(xl).multiply(yh.add(yl));
+
+ // result = p1 * 2^(32*2*half) + (p3 - p1 - p2) * 2^(32*half) + p2
+ BigInteger result = p1.shiftLeft(32*half).add(p3.subtract(p1).subtract(p2)).shiftLeft(32*half).add(p2);
+
+ if (x.signum != y.signum) {
+ return result.negate();
+ } else {
+ return result;
+ }
+ }
+
+ /**
+ * Multiplies two BigIntegers using a 3-way Toom-Cook multiplication
+ * algorithm. This is a recursive divide-and-conquer algorithm which is
+ * more efficient for large numbers than what is commonly called the
+ * "grade-school" algorithm used in multiplyToLen. If the numbers to be
+ * multiplied have length n, the "grade-school" algorithm has an
+ * asymptotic complexity of O(n^2). In contrast, 3-way Toom-Cook has a
+ * complexity of about O(n^1.465). It achieves this increased asymptotic
+ * performance by breaking each number into three parts and by doing 5
+ * multiplies instead of 9 when evaluating the product. Due to overhead
+ * (additions, shifts, and one division) in the Toom-Cook algorithm, it
+ * should only be used when both numbers are larger than a certain
+ * threshold (found experimentally). This threshold is generally larger
+ * than that for Karatsuba multiplication, so this algorithm is generally
+ * only used when numbers become significantly larger.
+ *
+ * The algorithm used is the "optimal" 3-way Toom-Cook algorithm outlined
+ * by Marco Bodrato.
+ *
+ * See: http://bodrato.it/toom-cook/
+ * http://bodrato.it/papers/#WAIFI2007
+ *
+ * "Towards Optimal Toom-Cook Multiplication for Univariate and
+ * Multivariate Polynomials in Characteristic 2 and 0." by Marco BODRATO;
+ * In C.Carlet and B.Sunar, Eds., "WAIFI'07 proceedings", p. 116-133,
+ * LNCS #4547. Springer, Madrid, Spain, June 21-22, 2007.
+ *
+ */
+ private static BigInteger multiplyToomCook3(BigInteger a, BigInteger b) {
+ int alen = a.mag.length;
+ int blen = b.mag.length;
+
+ int largest = Math.max(alen, blen);
+
+ // k is the size (in ints) of the lower-order slices.
+ int k = (largest+2)/3; // Equal to ceil(largest/3)
+
+ // r is the size (in ints) of the highest-order slice.
+ int r = largest - 2*k;
+
+ // Obtain slices of the numbers. a2 and b2 are the most significant
+ // bits of the numbers a and b, and a0 and b0 the least significant.
+ BigInteger a0, a1, a2, b0, b1, b2;
+ a2 = a.getToomSlice(k, r, 0, largest);
+ a1 = a.getToomSlice(k, r, 1, largest);
+ a0 = a.getToomSlice(k, r, 2, largest);
+ b2 = b.getToomSlice(k, r, 0, largest);
+ b1 = b.getToomSlice(k, r, 1, largest);
+ b0 = b.getToomSlice(k, r, 2, largest);
+
+ BigInteger v0, v1, v2, vm1, vinf, t1, t2, tm1, da1, db1;
+
+ v0 = a0.multiply(b0, true);
+ da1 = a2.add(a0);
+ db1 = b2.add(b0);
+ vm1 = da1.subtract(a1).multiply(db1.subtract(b1), true);
+ da1 = da1.add(a1);
+ db1 = db1.add(b1);
+ v1 = da1.multiply(db1, true);
+ v2 = da1.add(a2).shiftLeft(1).subtract(a0).multiply(
+ db1.add(b2).shiftLeft(1).subtract(b0), true);
+ vinf = a2.multiply(b2, true);
+
+ // The algorithm requires two divisions by 2 and one by 3.
+ // All divisions are known to be exact, that is, they do not produce
+ // remainders, and all results are positive. The divisions by 2 are
+ // implemented as right shifts which are relatively efficient, leaving
+ // only an exact division by 3, which is done by a specialized
+ // linear-time algorithm.
+ t2 = v2.subtract(vm1).exactDivideBy3();
+ tm1 = v1.subtract(vm1).shiftRight(1);
+ t1 = v1.subtract(v0);
+ t2 = t2.subtract(t1).shiftRight(1);
+ t1 = t1.subtract(tm1).subtract(vinf);
+ t2 = t2.subtract(vinf.shiftLeft(1));
+ tm1 = tm1.subtract(t2);
+
+ // Number of bits to shift left.
+ int ss = k*32;
+
+ BigInteger result = vinf.shiftLeft(ss).add(t2).shiftLeft(ss).add(t1).shiftLeft(ss).add(tm1).shiftLeft(ss).add(v0);
+
+ if (a.signum != b.signum) {
+ return result.negate();
+ } else {
+ return result;
+ }
+ }
+
+
+ /**
+ * Returns a slice of a BigInteger for use in Toom-Cook multiplication.
+ *
+ * @param lowerSize The size of the lower-order bit slices.
+ * @param upperSize The size of the higher-order bit slices.
+ * @param slice The index of which slice is requested, which must be a
+ * number from 0 to size-1. Slice 0 is the highest-order bits, and slice
+ * size-1 are the lowest-order bits. Slice 0 may be of different size than
+ * the other slices.
+ * @param fullsize The size of the larger integer array, used to align
+ * slices to the appropriate position when multiplying different-sized
+ * numbers.
+ */
+ private BigInteger getToomSlice(int lowerSize, int upperSize, int slice,
+ int fullsize) {
+ int start, end, sliceSize, len, offset;
+
+ len = mag.length;
+ offset = fullsize - len;
+
+ if (slice == 0) {
+ start = 0 - offset;
+ end = upperSize - 1 - offset;
+ } else {
+ start = upperSize + (slice-1)*lowerSize - offset;
+ end = start + lowerSize - 1;
+ }
+
+ if (start < 0) {
+ start = 0;
+ }
+ if (end < 0) {
+ return ZERO;
+ }
+
+ sliceSize = (end-start) + 1;
+
+ if (sliceSize <= 0) {
+ return ZERO;
+ }
+
+ // While performing Toom-Cook, all slices are positive and
+ // the sign is adjusted when the final number is composed.
+ if (start == 0 && sliceSize >= len) {
+ return this.abs();
+ }
+
+ int intSlice[] = new int[sliceSize];
+ System.arraycopy(mag, start, intSlice, 0, sliceSize);
+
+ return new BigInteger(trustedStripLeadingZeroInts(intSlice), 1);
+ }
+
+ /**
+ * Does an exact division (that is, the remainder is known to be zero)
+ * of the specified number by 3. This is used in Toom-Cook
+ * multiplication. This is an efficient algorithm that runs in linear
+ * time. If the argument is not exactly divisible by 3, results are
+ * undefined. Note that this is expected to be called with positive
+ * arguments only.
+ */
+ private BigInteger exactDivideBy3() {
+ int len = mag.length;
+ int[] result = new int[len];
+ long x, w, q, borrow;
+ borrow = 0L;
+ for (int i=len-1; i >= 0; i--) {
+ x = (mag[i] & LONG_MASK);
+ w = x - borrow;
+ if (borrow > x) { // Did we make the number go negative?
+ borrow = 1L;
+ } else {
+ borrow = 0L;
+ }
+
+ // 0xAAAAAAAB is the modular inverse of 3 (mod 2^32). Thus,
+ // the effect of this is to divide by 3 (mod 2^32).
+ // This is much faster than division on most architectures.
+ q = (w * 0xAAAAAAABL) & LONG_MASK;
+ result[i] = (int) q;
+
+ // Now check the borrow. The second check can of course be
+ // eliminated if the first fails.
+ if (q >= 0x55555556L) {
+ borrow++;
+ if (q >= 0xAAAAAAABL)
+ borrow++;
+ }
+ }
+ result = trustedStripLeadingZeroInts(result);
+ return new BigInteger(result, signum);
+ }
+
+ /**
+ * Returns a new BigInteger representing n lower ints of the number.
+ * This is used by Karatsuba multiplication and Karatsuba squaring.
+ */
+ private BigInteger getLower(int n) {
+ int len = mag.length;
+
+ if (len <= n) {
+ return abs();
+ }
+
+ int lowerInts[] = new int[n];
+ System.arraycopy(mag, len-n, lowerInts, 0, n);
+
+ return new BigInteger(trustedStripLeadingZeroInts(lowerInts), 1);
+ }
+
+ /**
+ * Returns a new BigInteger representing mag.length-n upper
+ * ints of the number. This is used by Karatsuba multiplication and
+ * Karatsuba squaring.
+ */
+ private BigInteger getUpper(int n) {
+ int len = mag.length;
+
+ if (len <= n) {
+ return ZERO;
+ }
+
+ int upperLen = len - n;
+ int upperInts[] = new int[upperLen];
+ System.arraycopy(mag, 0, upperInts, 0, upperLen);
+
+ return new BigInteger(trustedStripLeadingZeroInts(upperInts), 1);
+ }
+
+ // Squaring
+
+ /**
+ * Returns a BigInteger whose value is {@code (this2)}.
+ *
+ * @return {@code this2}
+ */
+ private BigInteger square() {
+ return square(false);
+ }
+
+ /**
+ * Returns a BigInteger whose value is {@code (this2)}. If
+ * the invocation is recursive certain overflow checks are skipped.
+ *
+ * @param isRecursion whether this is a recursive invocation
+ * @return {@code this2}
+ */
+ private BigInteger square(boolean isRecursion) {
+ if (signum == 0) {
+ return ZERO;
+ }
+ int len = mag.length;
+
+ if (len < KARATSUBA_SQUARE_THRESHOLD) {
+ int[] z = squareToLen(mag, len, null);
+ return new BigInteger(trustedStripLeadingZeroInts(z), 1);
+ } else {
+ if (len < TOOM_COOK_SQUARE_THRESHOLD) {
+ return squareKaratsuba();
+ } else {
+ //
+ // For a discussion of overflow detection see multiply()
+ //
+ if (!isRecursion) {
+ if (bitLength(mag, mag.length) > 16L*MAX_MAG_LENGTH) {
+ reportOverflow();
+ }
+ }
+
+ return squareToomCook3();
+ }
+ }
+ }
+
+ /**
+ * Squares the contents of the int array x. The result is placed into the
+ * int array z. The contents of x are not changed.
+ */
+ private static final int[] squareToLen(int[] x, int len, int[] z) {
+ int zlen = len << 1;
+ if (z == null || z.length < zlen)
+ z = new int[zlen];
+
+ // Execute checks before calling intrinsified method.
+ implSquareToLenChecks(x, len, z, zlen);
+ return implSquareToLen(x, len, z, zlen);
+ }
+
+ /**
+ * Parameters validation.
+ */
+ private static void implSquareToLenChecks(int[] x, int len, int[] z, int zlen) throws RuntimeException {
+ if (len < 1) {
+ throw new IllegalArgumentException("invalid input length: " + len);
+ }
+ if (len > x.length) {
+ throw new IllegalArgumentException("input length out of bound: " +
+ len + " > " + x.length);
+ }
+ if (len * 2 > z.length) {
+ throw new IllegalArgumentException("input length out of bound: " +
+ (len * 2) + " > " + z.length);
+ }
+ if (zlen < 1) {
+ throw new IllegalArgumentException("invalid input length: " + zlen);
+ }
+ if (zlen > z.length) {
+ throw new IllegalArgumentException("input length out of bound: " +
+ len + " > " + z.length);
+ }
+ }
+
+ /**
+ * Java Runtime may use intrinsic for this method.
+ */
+ // @IntrinsicCandidate
+ private static final int[] implSquareToLen(int[] x, int len, int[] z, int zlen) {
+ /*
+ * The algorithm used here is adapted from Colin Plumb's C library.
+ * Technique: Consider the partial products in the multiplication
+ * of "abcde" by itself:
+ *
+ * a b c d e
+ * * a b c d e
+ * ==================
+ * ae be ce de ee
+ * ad bd cd dd de
+ * ac bc cc cd ce
+ * ab bb bc bd be
+ * aa ab ac ad ae
+ *
+ * Note that everything above the main diagonal:
+ * ae be ce de = (abcd) * e
+ * ad bd cd = (abc) * d
+ * ac bc = (ab) * c
+ * ab = (a) * b
+ *
+ * is a copy of everything below the main diagonal:
+ * de
+ * cd ce
+ * bc bd be
+ * ab ac ad ae
+ *
+ * Thus, the sum is 2 * (off the diagonal) + diagonal.
+ *
+ * This is accumulated beginning with the diagonal (which
+ * consist of the squares of the digits of the input), which is then
+ * divided by two, the off-diagonal added, and multiplied by two
+ * again. The low bit is simply a copy of the low bit of the
+ * input, so it doesn't need special care.
+ */
+
+ // Store the squares, right shifted one bit (i.e., divided by 2)
+ int lastProductLowWord = 0;
+ for (int j=0, i=0; j < len; j++) {
+ long piece = (x[j] & LONG_MASK);
+ long product = piece * piece;
+ z[i++] = (lastProductLowWord << 31) | (int)(product >>> 33);
+ z[i++] = (int)(product >>> 1);
+ lastProductLowWord = (int)product;
+ }
+
+ // Add in off-diagonal sums
+ for (int i=len, offset=1; i > 0; i--, offset+=2) {
+ int t = x[i-1];
+ t = mulAdd(z, x, offset, i-1, t);
+ addOne(z, offset-1, i, t);
+ }
+
+ // Shift back up and set low bit
+ primitiveLeftShift(z, zlen, 1);
+ z[zlen-1] |= x[len-1] & 1;
+
+ return z;
+ }
+
+ /**
+ * Squares a BigInteger using the Karatsuba squaring algorithm. It should
+ * be used when both numbers are larger than a certain threshold (found
+ * experimentally). It is a recursive divide-and-conquer algorithm that
+ * has better asymptotic performance than the algorithm used in
+ * squareToLen.
+ */
+ private BigInteger squareKaratsuba() {
+ int half = (mag.length+1) / 2;
+
+ BigInteger xl = getLower(half);
+ BigInteger xh = getUpper(half);
+
+ BigInteger xhs = xh.square(); // xhs = xh^2
+ BigInteger xls = xl.square(); // xls = xl^2
+
+ // xh^2 << 64 + (((xl+xh)^2 - (xh^2 + xl^2)) << 32) + xl^2
+ return xhs.shiftLeft(half*32).add(xl.add(xh).square().subtract(xhs.add(xls))).shiftLeft(half*32).add(xls);
+ }
+
+ /**
+ * Squares a BigInteger using the 3-way Toom-Cook squaring algorithm. It
+ * should be used when both numbers are larger than a certain threshold
+ * (found experimentally). It is a recursive divide-and-conquer algorithm
+ * that has better asymptotic performance than the algorithm used in
+ * squareToLen or squareKaratsuba.
+ */
+ private BigInteger squareToomCook3() {
+ int len = mag.length;
+
+ // k is the size (in ints) of the lower-order slices.
+ int k = (len+2)/3; // Equal to ceil(largest/3)
+
+ // r is the size (in ints) of the highest-order slice.
+ int r = len - 2*k;
+
+ // Obtain slices of the numbers. a2 is the most significant
+ // bits of the number, and a0 the least significant.
+ BigInteger a0, a1, a2;
+ a2 = getToomSlice(k, r, 0, len);
+ a1 = getToomSlice(k, r, 1, len);
+ a0 = getToomSlice(k, r, 2, len);
+ BigInteger v0, v1, v2, vm1, vinf, t1, t2, tm1, da1;
+
+ v0 = a0.square(true);
+ da1 = a2.add(a0);
+ vm1 = da1.subtract(a1).square(true);
+ da1 = da1.add(a1);
+ v1 = da1.square(true);
+ vinf = a2.square(true);
+ v2 = da1.add(a2).shiftLeft(1).subtract(a0).square(true);
+
+ // The algorithm requires two divisions by 2 and one by 3.
+ // All divisions are known to be exact, that is, they do not produce
+ // remainders, and all results are positive. The divisions by 2 are
+ // implemented as right shifts which are relatively efficient, leaving
+ // only a division by 3.
+ // The division by 3 is done by an optimized algorithm for this case.
+ t2 = v2.subtract(vm1).exactDivideBy3();
+ tm1 = v1.subtract(vm1).shiftRight(1);
+ t1 = v1.subtract(v0);
+ t2 = t2.subtract(t1).shiftRight(1);
+ t1 = t1.subtract(tm1).subtract(vinf);
+ t2 = t2.subtract(vinf.shiftLeft(1));
+ tm1 = tm1.subtract(t2);
+
+ // Number of bits to shift left.
+ int ss = k*32;
+
+ return vinf.shiftLeft(ss).add(t2).shiftLeft(ss).add(t1).shiftLeft(ss).add(tm1).shiftLeft(ss).add(v0);
+ }
+
+ // Division
+
+ /**
+ * Returns a BigInteger whose value is {@code (this / val)}.
+ *
+ * @param val value by which this BigInteger is to be divided.
+ * @return {@code this / val}
+ * @throws ArithmeticException if {@code val} is zero.
+ */
+ public BigInteger divide(BigInteger val) {
+ if (val.mag.length < BURNIKEL_ZIEGLER_THRESHOLD ||
+ mag.length - val.mag.length < BURNIKEL_ZIEGLER_OFFSET) {
+ return divideKnuth(val);
+ } else {
+ return divideBurnikelZiegler(val);
+ }
+ }
+
+ /**
+ * Returns a BigInteger whose value is {@code (this / val)} using an O(n^2) algorithm from Knuth.
+ *
+ * @param val value by which this BigInteger is to be divided.
+ * @return {@code this / val}
+ * @throws ArithmeticException if {@code val} is zero.
+ * @see MutableBigInteger#divideKnuth(MutableBigInteger, MutableBigInteger, boolean)
+ */
+ private BigInteger divideKnuth(BigInteger val) {
+ MutableBigInteger q = new MutableBigInteger(),
+ a = new MutableBigInteger(this.mag),
+ b = new MutableBigInteger(val.mag);
+
+ a.divideKnuth(b, q, false);
+ return q.toBigInteger(this.signum * val.signum);
+ }
+
+ /**
+ * Returns an array of two BigIntegers containing {@code (this / val)}
+ * followed by {@code (this % val)}.
+ *
+ * @param val value by which this BigInteger is to be divided, and the
+ * remainder computed.
+ * @return an array of two BigIntegers: the quotient {@code (this / val)}
+ * is the initial element, and the remainder {@code (this % val)}
+ * is the final element.
+ * @throws ArithmeticException if {@code val} is zero.
+ */
+ public BigInteger[] divideAndRemainder(BigInteger val) {
+ if (val.mag.length < BURNIKEL_ZIEGLER_THRESHOLD ||
+ mag.length - val.mag.length < BURNIKEL_ZIEGLER_OFFSET) {
+ return divideAndRemainderKnuth(val);
+ } else {
+ return divideAndRemainderBurnikelZiegler(val);
+ }
+ }
+
+ /** Long division */
+ private BigInteger[] divideAndRemainderKnuth(BigInteger val) {
+ BigInteger[] result = new BigInteger[2];
+ MutableBigInteger q = new MutableBigInteger(),
+ a = new MutableBigInteger(this.mag),
+ b = new MutableBigInteger(val.mag);
+ MutableBigInteger r = a.divideKnuth(b, q);
+ result[0] = q.toBigInteger(this.signum == val.signum ? 1 : -1);
+ result[1] = r.toBigInteger(this.signum);
+ return result;
+ }
+
+ /**
+ * Returns a BigInteger whose value is {@code (this % val)}.
+ *
+ * @param val value by which this BigInteger is to be divided, and the
+ * remainder computed.
+ * @return {@code this % val}
+ * @throws ArithmeticException if {@code val} is zero.
+ */
+ public BigInteger remainder(BigInteger val) {
+ if (val.mag.length < BURNIKEL_ZIEGLER_THRESHOLD ||
+ mag.length - val.mag.length < BURNIKEL_ZIEGLER_OFFSET) {
+ return remainderKnuth(val);
+ } else {
+ return remainderBurnikelZiegler(val);
+ }
+ }
+
+ /** Long division */
+ private BigInteger remainderKnuth(BigInteger val) {
+ MutableBigInteger q = new MutableBigInteger(),
+ a = new MutableBigInteger(this.mag),
+ b = new MutableBigInteger(val.mag);
+
+ return a.divideKnuth(b, q).toBigInteger(this.signum);
+ }
+
+ /**
+ * Calculates {@code this / val} using the Burnikel-Ziegler algorithm.
+ * @param val the divisor
+ * @return {@code this / val}
+ */
+ private BigInteger divideBurnikelZiegler(BigInteger val) {
+ return divideAndRemainderBurnikelZiegler(val)[0];
+ }
+
+ /**
+ * Calculates {@code this % val} using the Burnikel-Ziegler algorithm.
+ * @param val the divisor
+ * @return {@code this % val}
+ */
+ private BigInteger remainderBurnikelZiegler(BigInteger val) {
+ return divideAndRemainderBurnikelZiegler(val)[1];
+ }
+
+ /**
+ * Computes {@code this / val} and {@code this % val} using the
+ * Burnikel-Ziegler algorithm.
+ * @param val the divisor
+ * @return an array containing the quotient and remainder
+ */
+ private BigInteger[] divideAndRemainderBurnikelZiegler(BigInteger val) {
+ MutableBigInteger q = new MutableBigInteger();
+ MutableBigInteger r = new MutableBigInteger(this).divideAndRemainderBurnikelZiegler(new MutableBigInteger(val), q);
+ BigInteger qBigInt = q.isZero() ? ZERO : q.toBigInteger(signum*val.signum);
+ BigInteger rBigInt = r.isZero() ? ZERO : r.toBigInteger(signum);
+ return new BigInteger[] {qBigInt, rBigInt};
+ }
+
+ /**
+ * Returns a BigInteger whose value is
+ * See Knuth, Donald, _The Art of Computer Programming_, Vol. 2,
+ * Answers to Exercises (4.4) Question 14.
+ *
+ * @param u The number to convert to a string.
+ * @param sb The StringBuilder that will be appended to in place.
+ * @param radix The base to convert to.
+ * @param digits The minimum number of digits to pad to.
+ */
+ private static void toString(BigInteger u, StringBuilder sb,
+ int radix, int digits) {
+ assert u.signum() >= 0;
+
+ // If we're smaller than a certain threshold, use the smallToString
+ // method, padding with leading zeroes when necessary unless we're
+ // at the beginning of the string or digits <= 0. As u.signum() >= 0,
+ // smallToString() will not prepend a negative sign.
+ if (u.mag.length <= SCHOENHAGE_BASE_CONVERSION_THRESHOLD) {
+ u.smallToString(radix, sb, digits);
+ return;
+ }
+
+ // Calculate a value for n in the equation radix^(2^n) = u
+ // and subtract 1 from that value. This is used to find the
+ // cache index that contains the best value to divide u.
+ int b = u.bitLength();
+ int n = (int) Math.round(Math.log(b * LOG_TWO / logCache[radix]) /
+ LOG_TWO - 1.0);
+
+ BigInteger v = getRadixConversionCache(radix, n);
+ BigInteger[] results;
+ results = u.divideAndRemainder(v);
+
+ int expectedDigits = 1 << n;
+
+ // Now recursively build the two halves of each number.
+ toString(results[0], sb, radix, digits - expectedDigits);
+ toString(results[1], sb, radix, expectedDigits);
+ }
+
+ /**
+ * Returns the value radix^(2^exponent) from the cache.
+ * If this value doesn't already exist in the cache, it is added.
+ *
+ * This could be changed to a more complicated caching method using
+ * {@code Future}.
+ */
+ private static BigInteger getRadixConversionCache(int radix, int exponent) {
+ BigInteger[] cacheLine = powerCache[radix]; // volatile read
+ if (exponent < cacheLine.length) {
+ return cacheLine[exponent];
+ }
+
+ int oldLength = cacheLine.length;
+ cacheLine = Arrays.copyOf(cacheLine, exponent + 1);
+ for (int i = oldLength; i <= exponent; i++) {
+ cacheLine[i] = cacheLine[i - 1].pow(2);
+ }
+
+ BigInteger[][] pc = powerCache; // volatile read again
+ if (exponent >= pc[radix].length) {
+ pc = pc.clone();
+ pc[radix] = cacheLine;
+ powerCache = pc; // volatile write, publish
+ }
+ return cacheLine[exponent];
+ }
+
+ /* Size of ZEROS string. */
+ private static int NUM_ZEROS = 63;
+
+ /* ZEROS is a string of NUM_ZEROS consecutive zeros. */
+ private static final String ZEROS = "0".repeat(NUM_ZEROS);
+
+ /**
+ * Returns the decimal String representation of this BigInteger.
+ * The digit-to-character mapping provided by
+ * {@code Character.forDigit} is used, and a minus sign is
+ * prepended if appropriate. (This representation is compatible
+ * with the {@link #BigInteger(String) (String)} constructor, and
+ * allows for String concatenation with Java's + operator.)
+ *
+ * @return decimal String representation of this BigInteger.
+ * @see Character#forDigit
+ * @see #BigInteger(java.lang.String)
+ */
+ public String toString() {
+ return toString(10);
+ }
+
+ /**
+ * Returns a byte array containing the two's-complement
+ * representation of this BigInteger. The byte array will be in
+ * big-endian byte-order: the most significant byte is in
+ * the zeroth element. The array will contain the minimum number
+ * of bytes required to represent this BigInteger, including at
+ * least one sign bit, which is {@code (ceil((this.bitLength() +
+ * 1)/8))}. (This representation is compatible with the
+ * {@link #BigInteger(byte[]) (byte[])} constructor.)
+ *
+ * @return a byte array containing the two's-complement representation of
+ * this BigInteger.
+ * @see #BigInteger(byte[])
+ */
+ public byte[] toByteArray() {
+ int byteLen = bitLength()/8 + 1;
+ byte[] byteArray = new byte[byteLen];
+
+ for (int i=byteLen-1, bytesCopied=4, nextInt=0, intIndex=0; i >= 0; i--) {
+ if (bytesCopied == 4) {
+ nextInt = getInt(intIndex++);
+ bytesCopied = 1;
+ } else {
+ nextInt >>>= 8;
+ bytesCopied++;
+ }
+ byteArray[i] = (byte)nextInt;
+ }
+ return byteArray;
+ }
+
+ /**
+ * Converts this BigInteger to an {@code int}. This
+ * conversion is analogous to a
+ * narrowing primitive conversion from {@code long} to
+ * {@code int} as defined in
+ * The Java Language Specification:
+ * if this BigInteger is too big to fit in an
+ * {@code int}, only the low-order 32 bits are returned.
+ * Note that this conversion can lose information about the
+ * overall magnitude of the BigInteger value as well as return a
+ * result with the opposite sign.
+ *
+ * @return this BigInteger converted to an {@code int}.
+ * @see #intValueExact()
+ * @jls 5.1.3 Narrowing Primitive Conversion
+ */
+ public int intValue() {
+ int result = 0;
+ result = getInt(0);
+ return result;
+ }
+
+ /**
+ * Converts this BigInteger to a {@code long}. This
+ * conversion is analogous to a
+ * narrowing primitive conversion from {@code long} to
+ * {@code int} as defined in
+ * The Java Language Specification:
+ * if this BigInteger is too big to fit in a
+ * {@code long}, only the low-order 64 bits are returned.
+ * Note that this conversion can lose information about the
+ * overall magnitude of the BigInteger value as well as return a
+ * result with the opposite sign.
+ *
+ * @return this BigInteger converted to a {@code long}.
+ * @see #longValueExact()
+ * @jls 5.1.3 Narrowing Primitive Conversion
+ */
+ public long longValue() {
+ long result = 0;
+
+ for (int i=1; i >= 0; i--)
+ result = (result << 32) + (getInt(i) & LONG_MASK);
+ return result;
+ }
+
+ /**
+ * Converts this BigInteger to a {@code float}. This
+ * conversion is similar to the
+ * narrowing primitive conversion from {@code double} to
+ * {@code float} as defined in
+ * The Java Language Specification:
+ * if this BigInteger has too great a magnitude
+ * to represent as a {@code float}, it will be converted to
+ * {@link Float#NEGATIVE_INFINITY} or {@link
+ * Float#POSITIVE_INFINITY} as appropriate. Note that even when
+ * the return value is finite, this conversion can lose
+ * information about the precision of the BigInteger value.
+ *
+ * @return this BigInteger converted to a {@code float}.
+ * @jls 5.1.3 Narrowing Primitive Conversion
+ */
+ public float floatValue() {
+ if (signum == 0) {
+ return 0.0f;
+ }
+
+ int exponent = ((mag.length - 1) << 5) + bitLengthForInt(mag[0]) - 1;
+
+ // exponent == floor(log2(abs(this)))
+ if (exponent < Long.SIZE - 1) {
+ return longValue();
+ } else if (exponent > Float.MAX_EXPONENT) {
+ return signum > 0 ? Float.POSITIVE_INFINITY : Float.NEGATIVE_INFINITY;
+ }
+
+ /*
+ * We need the top SIGNIFICAND_WIDTH bits, including the "implicit"
+ * one bit. To make rounding easier, we pick out the top
+ * SIGNIFICAND_WIDTH + 1 bits, so we have one to help us round up or
+ * down. twiceSignifFloor will contain the top SIGNIFICAND_WIDTH + 1
+ * bits, and signifFloor the top SIGNIFICAND_WIDTH.
+ *
+ * It helps to consider the real number signif = abs(this) *
+ * 2^(SIGNIFICAND_WIDTH - 1 - exponent).
+ */
+ int shift = exponent - FloatConsts.SIGNIFICAND_WIDTH;
+
+ int twiceSignifFloor;
+ // twiceSignifFloor will be == abs().shiftRight(shift).intValue()
+ // We do the shift into an int directly to improve performance.
+
+ int nBits = shift & 0x1f;
+ int nBits2 = 32 - nBits;
+
+ if (nBits == 0) {
+ twiceSignifFloor = mag[0];
+ } else {
+ twiceSignifFloor = mag[0] >>> nBits;
+ if (twiceSignifFloor == 0) {
+ twiceSignifFloor = (mag[0] << nBits2) | (mag[1] >>> nBits);
+ }
+ }
+
+ int signifFloor = twiceSignifFloor >> 1;
+ signifFloor &= FloatConsts.SIGNIF_BIT_MASK; // remove the implied bit
+
+ /*
+ * We round up if either the fractional part of signif is strictly
+ * greater than 0.5 (which is true if the 0.5 bit is set and any lower
+ * bit is set), or if the fractional part of signif is >= 0.5 and
+ * signifFloor is odd (which is true if both the 0.5 bit and the 1 bit
+ * are set). This is equivalent to the desired HALF_EVEN rounding.
+ */
+ boolean increment = (twiceSignifFloor & 1) != 0
+ && ((signifFloor & 1) != 0 || abs().getLowestSetBit() < shift);
+ int signifRounded = increment ? signifFloor + 1 : signifFloor;
+ int bits = ((exponent + FloatConsts.EXP_BIAS))
+ << (FloatConsts.SIGNIFICAND_WIDTH - 1);
+ bits += signifRounded;
+ /*
+ * If signifRounded == 2^24, we'd need to set all of the significand
+ * bits to zero and add 1 to the exponent. This is exactly the behavior
+ * we get from just adding signifRounded to bits directly. If the
+ * exponent is Float.MAX_EXPONENT, we round up (correctly) to
+ * Float.POSITIVE_INFINITY.
+ */
+ bits |= signum & FloatConsts.SIGN_BIT_MASK;
+ return Float.intBitsToFloat(bits);
+ }
+
+ /**
+ * Converts this BigInteger to a {@code double}. This
+ * conversion is similar to the
+ * narrowing primitive conversion from {@code double} to
+ * {@code float} as defined in
+ * The Java Language Specification:
+ * if this BigInteger has too great a magnitude
+ * to represent as a {@code double}, it will be converted to
+ * {@link Double#NEGATIVE_INFINITY} or {@link
+ * Double#POSITIVE_INFINITY} as appropriate. Note that even when
+ * the return value is finite, this conversion can lose
+ * information about the precision of the BigInteger value.
+ *
+ * @return this BigInteger converted to a {@code double}.
+ * @jls 5.1.3 Narrowing Primitive Conversion
+ */
+ public double doubleValue() {
+ if (signum == 0) {
+ return 0.0;
+ }
+
+ int exponent = ((mag.length - 1) << 5) + bitLengthForInt(mag[0]) - 1;
+
+ // exponent == floor(log2(abs(this))Double)
+ if (exponent < Long.SIZE - 1) {
+ return longValue();
+ } else if (exponent > Double.MAX_EXPONENT) {
+ return signum > 0 ? Double.POSITIVE_INFINITY : Double.NEGATIVE_INFINITY;
+ }
+
+ /*
+ * We need the top SIGNIFICAND_WIDTH bits, including the "implicit"
+ * one bit. To make rounding easier, we pick out the top
+ * SIGNIFICAND_WIDTH + 1 bits, so we have one to help us round up or
+ * down. twiceSignifFloor will contain the top SIGNIFICAND_WIDTH + 1
+ * bits, and signifFloor the top SIGNIFICAND_WIDTH.
+ *
+ * It helps to consider the real number signif = abs(this) *
+ * 2^(SIGNIFICAND_WIDTH - 1 - exponent).
+ */
+ int shift = exponent - DoubleConsts.SIGNIFICAND_WIDTH;
+
+ long twiceSignifFloor;
+ // twiceSignifFloor will be == abs().shiftRight(shift).longValue()
+ // We do the shift into a long directly to improve performance.
+
+ int nBits = shift & 0x1f;
+ int nBits2 = 32 - nBits;
+
+ int highBits;
+ int lowBits;
+ if (nBits == 0) {
+ highBits = mag[0];
+ lowBits = mag[1];
+ } else {
+ highBits = mag[0] >>> nBits;
+ lowBits = (mag[0] << nBits2) | (mag[1] >>> nBits);
+ if (highBits == 0) {
+ highBits = lowBits;
+ lowBits = (mag[1] << nBits2) | (mag[2] >>> nBits);
+ }
+ }
+
+ twiceSignifFloor = ((highBits & LONG_MASK) << 32)
+ | (lowBits & LONG_MASK);
+
+ long signifFloor = twiceSignifFloor >> 1;
+ signifFloor &= DoubleConsts.SIGNIF_BIT_MASK; // remove the implied bit
+
+ /*
+ * We round up if either the fractional part of signif is strictly
+ * greater than 0.5 (which is true if the 0.5 bit is set and any lower
+ * bit is set), or if the fractional part of signif is >= 0.5 and
+ * signifFloor is odd (which is true if both the 0.5 bit and the 1 bit
+ * are set). This is equivalent to the desired HALF_EVEN rounding.
+ */
+ boolean increment = (twiceSignifFloor & 1) != 0
+ && ((signifFloor & 1) != 0 || abs().getLowestSetBit() < shift);
+ long signifRounded = increment ? signifFloor + 1 : signifFloor;
+ long bits = (long) ((exponent + DoubleConsts.EXP_BIAS))
+ << (DoubleConsts.SIGNIFICAND_WIDTH - 1);
+ bits += signifRounded;
+ /*
+ * If signifRounded == 2^53, we'd need to set all of the significand
+ * bits to zero and add 1 to the exponent. This is exactly the behavior
+ * we get from just adding signifRounded to bits directly. If the
+ * exponent is Double.MAX_EXPONENT, we round up (correctly) to
+ * Double.POSITIVE_INFINITY.
+ */
+ bits |= signum & DoubleConsts.SIGN_BIT_MASK;
+ return Double.longBitsToDouble(bits);
+ }
+
+ /**
+ * Returns a copy of the input array stripped of any leading zero bytes.
+ */
+ private static int[] stripLeadingZeroInts(int val[]) {
+ int vlen = val.length;
+ int keep;
+
+ // Find first nonzero byte
+ for (keep = 0; keep < vlen && val[keep] == 0; keep++)
+ ;
+ return java.util.Arrays.copyOfRange(val, keep, vlen);
+ }
+
+ /**
+ * Returns the input array stripped of any leading zero bytes.
+ * Since the source is trusted the copying may be skipped.
+ */
+ private static int[] trustedStripLeadingZeroInts(int val[]) {
+ int vlen = val.length;
+ int keep;
+
+ // Find first nonzero byte
+ for (keep = 0; keep < vlen && val[keep] == 0; keep++)
+ ;
+ return keep == 0 ? val : java.util.Arrays.copyOfRange(val, keep, vlen);
+ }
+
+ /**
+ * Returns a copy of the input array stripped of any leading zero bytes.
+ */
+ private static int[] stripLeadingZeroBytes(byte a[], int off, int len) {
+ int indexBound = off + len;
+ int keep;
+
+ // Find first nonzero byte
+ for (keep = off; keep < indexBound && a[keep] == 0; keep++)
+ ;
+
+ // Allocate new array and copy relevant part of input array
+ int intLength = ((indexBound - keep) + 3) >>> 2;
+ int[] result = new int[intLength];
+ int b = indexBound - 1;
+ for (int i = intLength-1; i >= 0; i--) {
+ result[i] = a[b--] & 0xff;
+ int bytesRemaining = b - keep + 1;
+ int bytesToTransfer = Math.min(3, bytesRemaining);
+ for (int j=8; j <= (bytesToTransfer << 3); j += 8)
+ result[i] |= ((a[b--] & 0xff) << j);
+ }
+ return result;
+ }
+
+ /**
+ * Takes an array a representing a negative 2's-complement number and
+ * returns the minimal (no leading zero bytes) unsigned whose value is -a.
+ */
+ private static int[] makePositive(byte a[], int off, int len) {
+ int keep, k;
+ int indexBound = off + len;
+
+ // Find first non-sign (0xff) byte of input
+ for (keep=off; keep < indexBound && a[keep] == -1; keep++)
+ ;
+
+
+ /* Allocate output array. If all non-sign bytes are 0x00, we must
+ * allocate space for one extra output byte. */
+ for (k=keep; k < indexBound && a[k] == 0; k++)
+ ;
+
+ int extraByte = (k == indexBound) ? 1 : 0;
+ int intLength = ((indexBound - keep + extraByte) + 3) >>> 2;
+ int result[] = new int[intLength];
+
+ /* Copy one's complement of input into output, leaving extra
+ * byte (if it exists) == 0x00 */
+ int b = indexBound - 1;
+ for (int i = intLength-1; i >= 0; i--) {
+ result[i] = a[b--] & 0xff;
+ int numBytesToTransfer = Math.min(3, b-keep+1);
+ if (numBytesToTransfer < 0)
+ numBytesToTransfer = 0;
+ for (int j=8; j <= 8*numBytesToTransfer; j += 8)
+ result[i] |= ((a[b--] & 0xff) << j);
+
+ // Mask indicates which bits must be complemented
+ int mask = -1 >>> (8*(3-numBytesToTransfer));
+ result[i] = ~result[i] & mask;
+ }
+
+ // Add one to one's complement to generate two's complement
+ for (int i=result.length-1; i >= 0; i--) {
+ result[i] = (int)((result[i] & LONG_MASK) + 1);
+ if (result[i] != 0)
+ break;
+ }
+
+ return result;
+ }
+
+ /**
+ * Takes an array a representing a negative 2's-complement number and
+ * returns the minimal (no leading zero ints) unsigned whose value is -a.
+ */
+ private static int[] makePositive(int a[]) {
+ int keep, j;
+
+ // Find first non-sign (0xffffffff) int of input
+ for (keep=0; keep < a.length && a[keep] == -1; keep++)
+ ;
+
+ /* Allocate output array. If all non-sign ints are 0x00, we must
+ * allocate space for one extra output int. */
+ for (j=keep; j < a.length && a[j] == 0; j++)
+ ;
+ int extraInt = (j == a.length ? 1 : 0);
+ int result[] = new int[a.length - keep + extraInt];
+
+ /* Copy one's complement of input into output, leaving extra
+ * int (if it exists) == 0x00 */
+ for (int i = keep; i < a.length; i++)
+ result[i - keep + extraInt] = ~a[i];
+
+ // Add one to one's complement to generate two's complement
+ for (int i=result.length-1; ++result[i] == 0; i--)
+ ;
+
+ return result;
+ }
+
+ /*
+ * The following two arrays are used for fast String conversions. Both
+ * are indexed by radix. The first is the number of digits of the given
+ * radix that can fit in a Java long without "going negative", i.e., the
+ * highest integer n such that radix**n < 2**63. The second is the
+ * "long radix" that tears each number into "long digits", each of which
+ * consists of the number of digits in the corresponding element in
+ * digitsPerLong (longRadix[i] = i**digitPerLong[i]). Both arrays have
+ * nonsense values in their 0 and 1 elements, as radixes 0 and 1 are not
+ * used.
+ */
+ private static int digitsPerLong[] = {0, 0,
+ 62, 39, 31, 27, 24, 22, 20, 19, 18, 18, 17, 17, 16, 16, 15, 15, 15, 14,
+ 14, 14, 14, 13, 13, 13, 13, 13, 13, 12, 12, 12, 12, 12, 12, 12, 12};
+
+ private static BigInteger longRadix[] = {null, null,
+ valueOf(0x4000000000000000L), valueOf(0x383d9170b85ff80bL),
+ valueOf(0x4000000000000000L), valueOf(0x6765c793fa10079dL),
+ valueOf(0x41c21cb8e1000000L), valueOf(0x3642798750226111L),
+ valueOf(0x1000000000000000L), valueOf(0x12bf307ae81ffd59L),
+ valueOf( 0xde0b6b3a7640000L), valueOf(0x4d28cb56c33fa539L),
+ valueOf(0x1eca170c00000000L), valueOf(0x780c7372621bd74dL),
+ valueOf(0x1e39a5057d810000L), valueOf(0x5b27ac993df97701L),
+ valueOf(0x1000000000000000L), valueOf(0x27b95e997e21d9f1L),
+ valueOf(0x5da0e1e53c5c8000L), valueOf( 0xb16a458ef403f19L),
+ valueOf(0x16bcc41e90000000L), valueOf(0x2d04b7fdd9c0ef49L),
+ valueOf(0x5658597bcaa24000L), valueOf( 0x6feb266931a75b7L),
+ valueOf( 0xc29e98000000000L), valueOf(0x14adf4b7320334b9L),
+ valueOf(0x226ed36478bfa000L), valueOf(0x383d9170b85ff80bL),
+ valueOf(0x5a3c23e39c000000L), valueOf( 0x4e900abb53e6b71L),
+ valueOf( 0x7600ec618141000L), valueOf( 0xaee5720ee830681L),
+ valueOf(0x1000000000000000L), valueOf(0x172588ad4f5f0981L),
+ valueOf(0x211e44f7d02c1000L), valueOf(0x2ee56725f06e5c71L),
+ valueOf(0x41c21cb8e1000000L)};
+
+ /*
+ * These two arrays are the integer analogue of above.
+ */
+ private static int digitsPerInt[] = {0, 0, 30, 19, 15, 13, 11,
+ 11, 10, 9, 9, 8, 8, 8, 8, 7, 7, 7, 7, 7, 7, 7, 6, 6, 6, 6,
+ 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 5};
+
+ private static int intRadix[] = {0, 0,
+ 0x40000000, 0x4546b3db, 0x40000000, 0x48c27395, 0x159fd800,
+ 0x75db9c97, 0x40000000, 0x17179149, 0x3b9aca00, 0xcc6db61,
+ 0x19a10000, 0x309f1021, 0x57f6c100, 0xa2f1b6f, 0x10000000,
+ 0x18754571, 0x247dbc80, 0x3547667b, 0x4c4b4000, 0x6b5a6e1d,
+ 0x6c20a40, 0x8d2d931, 0xb640000, 0xe8d4a51, 0x1269ae40,
+ 0x17179149, 0x1cb91000, 0x23744899, 0x2b73a840, 0x34e63b41,
+ 0x40000000, 0x4cfa3cc1, 0x5c13d840, 0x6d91b519, 0x39aa400
+ };
+
+ /**
+ * These routines provide access to the two's complement representation
+ * of BigIntegers.
+ */
+
+ /**
+ * Returns the length of the two's complement representation in ints,
+ * including space for at least one sign bit.
+ */
+ private int intLength() {
+ return (bitLength() >>> 5) + 1;
+ }
+
+ /* Returns sign bit */
+ private int signBit() {
+ return signum < 0 ? 1 : 0;
+ }
+
+ /* Returns an int of sign bits */
+ private int signInt() {
+ return signum < 0 ? -1 : 0;
+ }
+
+ /**
+ * Returns the specified int of the little-endian two's complement
+ * representation (int 0 is the least significant). The int number can
+ * be arbitrarily high (values are logically preceded by infinitely many
+ * sign ints).
+ */
+ private int getInt(int n) {
+ if (n < 0)
+ return 0;
+ if (n >= mag.length)
+ return signInt();
+
+ int magInt = mag[mag.length-n-1];
+
+ return (signum >= 0 ? magInt :
+ (n <= firstNonzeroIntNum() ? -magInt : ~magInt));
+ }
+
+ /**
+ * Returns the index of the int that contains the first nonzero int in the
+ * little-endian binary representation of the magnitude (int 0 is the
+ * least significant). If the magnitude is zero, return value is undefined.
+ *
+ * Note: never used for a BigInteger with a magnitude of zero.
+ * @see #getInt
+ */
+ private int firstNonzeroIntNum() {
+ int fn = firstNonzeroIntNumPlusTwo - 2;
+ if (fn == -2) { // firstNonzeroIntNum not initialized yet
+ // Search for the first nonzero int
+ int i;
+ int mlen = mag.length;
+ for (i = mlen - 1; i >= 0 && mag[i] == 0; i--)
+ ;
+ fn = mlen - i - 1;
+ firstNonzeroIntNumPlusTwo = fn + 2; // offset by two to initialize
+ }
+ return fn;
+ }
+
+
+ /*
+ @java.io.Serial
+ private static final long serialVersionUID = -8287574255936472291L;
+
+ @java.io.Serial
+ private static final ObjectStreamField[] serialPersistentFields = {
+ new ObjectStreamField("signum", Integer.TYPE),
+ new ObjectStreamField("magnitude", byte[].class),
+ new ObjectStreamField("bitCount", Integer.TYPE),
+ new ObjectStreamField("bitLength", Integer.TYPE),
+ new ObjectStreamField("firstNonzeroByteNum", Integer.TYPE),
+ new ObjectStreamField("lowestSetBit", Integer.TYPE)
+ };
+
+
+ @java.io.Serial
+ private void readObject(java.io.ObjectInputStream s)
+ throws java.io.IOException, ClassNotFoundException {
+ // prepare to read the alternate persistent fields
+ ObjectInputStream.GetField fields = s.readFields();
+
+ // Read and validate the alternate persistent fields that we
+ // care about, signum and magnitude
+
+ // Read and validate signum
+ int sign = fields.get("signum", -2);
+ if (sign < -1 || sign > 1) {
+ String message = "BigInteger: Invalid signum value";
+ if (fields.defaulted("signum"))
+ message = "BigInteger: Signum not present in stream";
+ throw new java.io.StreamCorruptedException(message);
+ }
+
+ // Read and validate magnitude
+ byte[] magnitude = (byte[])fields.get("magnitude", null);
+ magnitude = magnitude.clone(); // defensive copy
+ int[] mag = stripLeadingZeroBytes(magnitude, 0, magnitude.length);
+ if ((mag.length == 0) != (sign == 0)) {
+ String message = "BigInteger: signum-magnitude mismatch";
+ if (fields.defaulted("magnitude"))
+ message = "BigInteger: Magnitude not present in stream";
+ throw new java.io.StreamCorruptedException(message);
+ }
+
+ // Equivalent to checkRange() on mag local without assigning
+ // this.mag field
+ if (mag.length > MAX_MAG_LENGTH ||
+ (mag.length == MAX_MAG_LENGTH && mag[0] < 0)) {
+ throw new java.io.StreamCorruptedException("BigInteger: Out of the supported range");
+ }
+
+ // Commit final fields via Unsafe
+ UnsafeHolder.putSignAndMag(this, sign, mag);
+ }
+
+
+ @java.io.Serial
+ private void readObjectNoData()
+ throws ObjectStreamException {
+ throw new InvalidObjectException("Deserialized BigInteger objects need data");
+ }
+
+ // Support for resetting final fields while deserializing
+ private static class UnsafeHolder {
+ private static final jdk.internal.misc.Unsafe unsafe
+ = jdk.internal.misc.Unsafe.getUnsafe();
+ private static final long signumOffset
+ = unsafe.objectFieldOffset(BigInteger.class, "signum");
+ private static final long magOffset
+ = unsafe.objectFieldOffset(BigInteger.class, "mag");
+
+ static void putSignAndMag(BigInteger bi, int sign, int[] magnitude) {
+ unsafe.putInt(bi, signumOffset, sign);
+ unsafe.putReference(bi, magOffset, magnitude);
+ }
+ }
+
+ @java.io.Serial
+ private void writeObject(ObjectOutputStream s) throws IOException {
+ // set the values of the Serializable fields
+ ObjectOutputStream.PutField fields = s.putFields();
+ fields.put("signum", signum);
+ fields.put("magnitude", magSerializedForm());
+ // The values written for cached fields are compatible with older
+ // versions, but are ignored in readObject so don't otherwise matter.
+ fields.put("bitCount", -1);
+ fields.put("bitLength", -1);
+ fields.put("lowestSetBit", -2);
+ fields.put("firstNonzeroByteNum", -2);
+
+ // save them
+ s.writeFields();
+ }
+
+ private byte[] magSerializedForm() {
+ int len = mag.length;
+
+ int bitLen = (len == 0 ? 0 : ((len - 1) << 5) + bitLengthForInt(mag[0]));
+ int byteLen = (bitLen + 7) >>> 3;
+ byte[] result = new byte[byteLen];
+
+ for (int i = byteLen - 1, bytesCopied = 4, intIndex = len - 1, nextInt = 0;
+ i >= 0; i--) {
+ if (bytesCopied == 4) {
+ nextInt = mag[intIndex--];
+ bytesCopied = 1;
+ } else {
+ nextInt >>>= 8;
+ bytesCopied++;
+ }
+ result[i] = (byte)nextInt;
+ }
+ return result;
+ }
+
+ */
+
+ /**
+ * Converts this {@code BigInteger} to a {@code long}, checking
+ * for lost information. If the value of this {@code BigInteger}
+ * is out of the range of the {@code long} type, then an
+ * {@code ArithmeticException} is thrown.
+ *
+ * @return this {@code BigInteger} converted to a {@code long}.
+ * @throws ArithmeticException if the value of {@code this} will
+ * not exactly fit in a {@code long}.
+ * @see BigInteger#longValue
+ * @since 1.8
+ */
+ public long longValueExact() {
+ if (mag.length <= 2 && bitLength() <= 63)
+ return longValue();
+ else
+ throw new ArithmeticException("BigInteger out of long range");
+ }
+
+ /**
+ * Converts this {@code BigInteger} to an {@code int}, checking
+ * for lost information. If the value of this {@code BigInteger}
+ * is out of the range of the {@code int} type, then an
+ * {@code ArithmeticException} is thrown.
+ *
+ * @return this {@code BigInteger} converted to an {@code int}.
+ * @throws ArithmeticException if the value of {@code this} will
+ * not exactly fit in an {@code int}.
+ * @see BigInteger#intValue
+ * @since 1.8
+ */
+ public int intValueExact() {
+ if (mag.length <= 1 && bitLength() <= 31)
+ return intValue();
+ else
+ throw new ArithmeticException("BigInteger out of int range");
+ }
+
+ /**
+ * Converts this {@code BigInteger} to a {@code short}, checking
+ * for lost information. If the value of this {@code BigInteger}
+ * is out of the range of the {@code short} type, then an
+ * {@code ArithmeticException} is thrown.
+ *
+ * @return this {@code BigInteger} converted to a {@code short}.
+ * @throws ArithmeticException if the value of {@code this} will
+ * not exactly fit in a {@code short}.
+ * @see BigInteger#shortValue
+ * @since 1.8
+ */
+ public short shortValueExact() {
+ if (mag.length <= 1 && bitLength() <= 31) {
+ int value = intValue();
+ if (value >= Short.MIN_VALUE && value <= Short.MAX_VALUE)
+ return shortValue();
+ }
+ throw new ArithmeticException("BigInteger out of short range");
+ }
+
+ /**
+ * Converts this {@code BigInteger} to a {@code byte}, checking
+ * for lost information. If the value of this {@code BigInteger}
+ * is out of the range of the {@code byte} type, then an
+ * {@code ArithmeticException} is thrown.
+ *
+ * @return this {@code BigInteger} converted to a {@code byte}.
+ * @throws ArithmeticException if the value of {@code this} will
+ * not exactly fit in a {@code byte}.
+ * @see BigInteger#byteValue
+ * @since 1.8
+ */
+ public byte byteValueExact() {
+ if (mag.length <= 1 && bitLength() <= 31) {
+ int value = intValue();
+ if (value >= Byte.MIN_VALUE && value <= Byte.MAX_VALUE)
+ return byteValue();
+ }
+ throw new ArithmeticException("BigInteger out of byte range");
+ }
+}
diff --git a/egklib/src/jvmMain/java/org/cryptobiotic/bigint/DoubleConsts.java b/egklib/src/jvmMain/java/org/cryptobiotic/bigint/DoubleConsts.java
new file mode 100644
index 00000000..36a3c64b
--- /dev/null
+++ b/egklib/src/jvmMain/java/org/cryptobiotic/bigint/DoubleConsts.java
@@ -0,0 +1,52 @@
+package org.cryptobiotic.bigint;
+
+public class DoubleConsts {
+ /**
+ * Don't let anyone instantiate this class.
+ */
+ private DoubleConsts() {}
+
+ /**
+ * The number of logical bits in the significand of a
+ * {@code double} number, including the implicit bit.
+ */
+ public static final int SIGNIFICAND_WIDTH = 53;
+
+ /**
+ * The exponent the smallest positive {@code double}
+ * subnormal value would have if it could be normalized..
+ */
+ public static final int MIN_SUB_EXPONENT = Double.MIN_EXPONENT -
+ (SIGNIFICAND_WIDTH - 1);
+
+ /**
+ * Bias used in representing a {@code double} exponent.
+ */
+ public static final int EXP_BIAS = 1023;
+
+ /**
+ * Bit mask to isolate the sign bit of a {@code double}.
+ */
+ public static final long SIGN_BIT_MASK = 0x8000000000000000L;
+
+ /**
+ * Bit mask to isolate the exponent field of a
+ * {@code double}.
+ */
+ public static final long EXP_BIT_MASK = 0x7FF0000000000000L;
+
+ /**
+ * Bit mask to isolate the significand field of a
+ * {@code double}.
+ */
+ public static final long SIGNIF_BIT_MASK = 0x000FFFFFFFFFFFFFL;
+
+ static {
+ // verify bit masks cover all bit positions and that the bit
+ // masks are non-overlapping
+ assert(((SIGN_BIT_MASK | EXP_BIT_MASK | SIGNIF_BIT_MASK) == ~0L) &&
+ (((SIGN_BIT_MASK & EXP_BIT_MASK) == 0L) &&
+ ((SIGN_BIT_MASK & SIGNIF_BIT_MASK) == 0L) &&
+ ((EXP_BIT_MASK & SIGNIF_BIT_MASK) == 0L)));
+ }
+}
diff --git a/egklib/src/jvmMain/java/org/cryptobiotic/bigint/FloatConsts.java b/egklib/src/jvmMain/java/org/cryptobiotic/bigint/FloatConsts.java
new file mode 100644
index 00000000..c5a5999e
--- /dev/null
+++ b/egklib/src/jvmMain/java/org/cryptobiotic/bigint/FloatConsts.java
@@ -0,0 +1,52 @@
+package org.cryptobiotic.bigint;
+
+public class FloatConsts {
+ /**
+ * Don't let anyone instantiate this class.
+ */
+ private FloatConsts() {}
+
+ /**
+ * The number of logical bits in the significand of a
+ * {@code float} number, including the implicit bit.
+ */
+ public static final int SIGNIFICAND_WIDTH = 24;
+
+ /**
+ * The exponent the smallest positive {@code float} subnormal
+ * value would have if it could be normalized.
+ */
+ public static final int MIN_SUB_EXPONENT = Float.MIN_EXPONENT -
+ (SIGNIFICAND_WIDTH - 1);
+
+ /**
+ * Bias used in representing a {@code float} exponent.
+ */
+ public static final int EXP_BIAS = 127;
+
+ /**
+ * Bit mask to isolate the sign bit of a {@code float}.
+ */
+ public static final int SIGN_BIT_MASK = 0x80000000;
+
+ /**
+ * Bit mask to isolate the exponent field of a
+ * {@code float}.
+ */
+ public static final int EXP_BIT_MASK = 0x7F800000;
+
+ /**
+ * Bit mask to isolate the significand field of a
+ * {@code float}.
+ */
+ public static final int SIGNIF_BIT_MASK = 0x007FFFFF;
+
+ static {
+ // verify bit masks cover all bit positions and that the bit
+ // masks are non-overlapping
+ assert(((SIGN_BIT_MASK | EXP_BIT_MASK | SIGNIF_BIT_MASK) == ~0) &&
+ (((SIGN_BIT_MASK & EXP_BIT_MASK) == 0) &&
+ ((SIGN_BIT_MASK & SIGNIF_BIT_MASK) == 0) &&
+ ((EXP_BIT_MASK & SIGNIF_BIT_MASK) == 0)));
+ }
+}
\ No newline at end of file
diff --git a/egklib/src/jvmMain/java/org/cryptobiotic/bigint/MutableBigInteger.java b/egklib/src/jvmMain/java/org/cryptobiotic/bigint/MutableBigInteger.java
new file mode 100644
index 00000000..3240f3da
--- /dev/null
+++ b/egklib/src/jvmMain/java/org/cryptobiotic/bigint/MutableBigInteger.java
@@ -0,0 +1,2360 @@
+/*
+ * Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package org.cryptobiotic.bigint;
+
+/**
+ * A class used to represent multiprecision integers that makes efficient
+ * use of allocated space by allowing a number to occupy only part of
+ * an array so that the arrays do not have to be reallocated as often.
+ * When performing an operation with many iterations the array used to
+ * hold a number is only reallocated when necessary and does not have to
+ * be the same size as the number it represents. A mutable number allows
+ * calculations to occur on the same number without having to create
+ * a new number for every step of the calculation as occurs with
+ * BigIntegers.
+ *
+ * @see BigInteger
+ * @author Michael McCloskey
+ * @author Timothy Buktu
+ * @since 1.3
+ */
+
+import java.util.Arrays;
+
+import static org.cryptobiotic.bigint.BigInteger.LONG_MASK;
+
+
+class MutableBigInteger {
+ static final long INFLATED = Long.MIN_VALUE;
+
+ /**
+ * Holds the magnitude of this MutableBigInteger in big endian order.
+ * The magnitude may start at an offset into the value array, and it may
+ * end before the length of the value array.
+ */
+ int[] value;
+
+ /**
+ * The number of ints of the value array that are currently used
+ * to hold the magnitude of this MutableBigInteger. The magnitude starts
+ * at an offset and offset + intLen may be less than value.length.
+ */
+ int intLen;
+
+ /**
+ * The offset into the value array where the magnitude of this
+ * MutableBigInteger begins.
+ */
+ int offset = 0;
+
+ // Constants
+ /**
+ * MutableBigInteger with one element value array with the value 1. Used by
+ * BigDecimal divideAndRound to increment the quotient. Use this constant
+ * only when the method is not going to modify this object.
+ */
+ static final MutableBigInteger ONE = new MutableBigInteger(1);
+
+ /**
+ * The minimum {@code intLen} for cancelling powers of two before
+ * dividing.
+ * If the number of ints is less than this threshold,
+ * {@code divideKnuth} does not eliminate common powers of two from
+ * the dividend and divisor.
+ */
+ static final int KNUTH_POW2_THRESH_LEN = 6;
+
+ /**
+ * The minimum number of trailing zero ints for cancelling powers of two
+ * before dividing.
+ * If the dividend and divisor don't share at least this many zero ints
+ * at the end, {@code divideKnuth} does not eliminate common powers
+ * of two from the dividend and divisor.
+ */
+ static final int KNUTH_POW2_THRESH_ZEROS = 3;
+
+ // Constructors
+
+ /**
+ * The default constructor. An empty MutableBigInteger is created with
+ * a one word capacity.
+ */
+ MutableBigInteger() {
+ value = new int[1];
+ intLen = 0;
+ }
+
+ /**
+ * Construct a new MutableBigInteger with a magnitude specified by
+ * the int val.
+ */
+ MutableBigInteger(int val) {
+ value = new int[1];
+ intLen = 1;
+ value[0] = val;
+ }
+
+ /**
+ * Construct a new MutableBigInteger with the specified value array
+ * up to the length of the array supplied.
+ */
+ MutableBigInteger(int[] val) {
+ value = val;
+ intLen = val.length;
+ }
+
+ /**
+ * Construct a new MutableBigInteger with a magnitude equal to the
+ * specified BigInteger.
+ */
+ MutableBigInteger(BigInteger b) {
+ intLen = b.mag.length;
+ value = Arrays.copyOf(b.mag, intLen);
+ }
+
+ /**
+ * Construct a new MutableBigInteger with a magnitude equal to the
+ * specified MutableBigInteger.
+ */
+ MutableBigInteger(MutableBigInteger val) {
+ intLen = val.intLen;
+ value = Arrays.copyOfRange(val.value, val.offset, val.offset + intLen);
+ }
+
+ /**
+ * Makes this number an {@code n}-int number all of whose bits are ones.
+ * Used by Burnikel-Ziegler division.
+ * @param n number of ints in the {@code value} array
+ */
+ private void ones(int n) {
+ if (n > value.length)
+ value = new int[n];
+ Arrays.fill(value, -1);
+ offset = 0;
+ intLen = n;
+ }
+
+ /**
+ * Internal helper method to return the magnitude array. The caller is not
+ * supposed to modify the returned array.
+ */
+ private int[] getMagnitudeArray() {
+ if (offset > 0 || value.length != intLen) {
+ // Shrink value to be the total magnitude
+ int[] tmp = Arrays.copyOfRange(value, offset, offset + intLen);
+ Arrays.fill(value, 0);
+ offset = 0;
+ intLen = tmp.length;
+ value = tmp;
+ }
+ return value;
+ }
+
+ /**
+ * Convert this MutableBigInteger to a long value. The caller has to make
+ * sure this MutableBigInteger can be fit into long.
+ */
+ private long toLong() {
+ assert (intLen <= 2) : "this MutableBigInteger exceeds the range of long";
+ if (intLen == 0)
+ return 0;
+ long d = value[offset] & LONG_MASK;
+ return (intLen == 2) ? d << 32 | (value[offset + 1] & LONG_MASK) : d;
+ }
+
+ /**
+ * Convert this MutableBigInteger to a BigInteger object.
+ */
+ BigInteger toBigInteger(int sign) {
+ if (intLen == 0 || sign == 0)
+ return BigInteger.ZERO;
+ return new BigInteger(getMagnitudeArray(), sign);
+ }
+
+ /**
+ * Converts this number to a nonnegative {@code BigInteger}.
+ */
+ BigInteger toBigInteger() {
+ normalize();
+ return toBigInteger(isZero() ? 0 : 1);
+ }
+
+ /*
+ BigDecimal toBigDecimal(int sign, int scale) {
+ if (intLen == 0 || sign == 0)
+ return BigDecimal.zeroValueOf(scale);
+ int[] mag = getMagnitudeArray();
+ int len = mag.length;
+ int d = mag[0];
+ // If this MutableBigInteger can't be fit into long, we need to
+ // make a BigInteger object for the resultant BigDecimal object.
+ if (len > 2 || (d < 0 && len == 2))
+ return new BigDecimal(new BigInteger(mag, sign), INFLATED, scale, 0);
+ long v = (len == 2) ?
+ ((mag[1] & LONG_MASK) | (d & LONG_MASK) << 32) :
+ d & LONG_MASK;
+ return BigDecimal.valueOf(sign == -1 ? -v : v, scale);
+ }
+
+ */
+
+ /**
+ * This is for internal use in converting from a MutableBigInteger
+ * object into a long value given a specified sign.
+ * returns INFLATED if value is not fit into long
+ */
+ long toCompactValue(int sign) {
+ if (intLen == 0 || sign == 0)
+ return 0L;
+ int[] mag = getMagnitudeArray();
+ int len = mag.length;
+ int d = mag[0];
+ // If this MutableBigInteger can not be fitted into long, we need to
+ // make a BigInteger object for the resultant BigDecimal object.
+ if (len > 2 || (d < 0 && len == 2))
+ return INFLATED;
+ long v = (len == 2) ?
+ ((mag[1] & LONG_MASK) | (d & LONG_MASK) << 32) :
+ d & LONG_MASK;
+ return sign == -1 ? -v : v;
+ }
+
+ /**
+ * Clear out a MutableBigInteger for reuse.
+ */
+ void clear() {
+ offset = intLen = 0;
+ for (int index=0, n=value.length; index < n; index++)
+ value[index] = 0;
+ }
+
+ /**
+ * Set a MutableBigInteger to zero, removing its offset.
+ */
+ void reset() {
+ offset = intLen = 0;
+ }
+
+ /**
+ * Compare the magnitude of two MutableBigIntegers. Returns -1, 0 or 1
+ * as this MutableBigInteger is numerically less than, equal to, or
+ * greater than {@code b}.
+ */
+ final int compare(MutableBigInteger b) {
+ int blen = b.intLen;
+ if (intLen < blen)
+ return -1;
+ if (intLen > blen)
+ return 1;
+
+ // Add Integer.MIN_VALUE to make the comparison act as unsigned integer
+ // comparison.
+ int[] bval = b.value;
+ for (int i = offset, j = b.offset; i < intLen + offset; i++, j++) {
+ int b1 = value[i] + 0x80000000;
+ int b2 = bval[j] + 0x80000000;
+ if (b1 < b2)
+ return -1;
+ if (b1 > b2)
+ return 1;
+ }
+ return 0;
+ }
+
+ /**
+ * Returns a value equal to what {@code b.leftShift(32*ints); return compare(b);}
+ * would return, but doesn't change the value of {@code b}.
+ */
+ private int compareShifted(MutableBigInteger b, int ints) {
+ int blen = b.intLen;
+ int alen = intLen - ints;
+ if (alen < blen)
+ return -1;
+ if (alen > blen)
+ return 1;
+
+ // Add Integer.MIN_VALUE to make the comparison act as unsigned integer
+ // comparison.
+ int[] bval = b.value;
+ for (int i = offset, j = b.offset; i < alen + offset; i++, j++) {
+ int b1 = value[i] + 0x80000000;
+ int b2 = bval[j] + 0x80000000;
+ if (b1 < b2)
+ return -1;
+ if (b1 > b2)
+ return 1;
+ }
+ return 0;
+ }
+
+ /**
+ * Compare this against half of a MutableBigInteger object (Needed for
+ * remainder tests).
+ * Assumes no leading unnecessary zeros, which holds for results
+ * from divide().
+ */
+ final int compareHalf(MutableBigInteger b) {
+ int blen = b.intLen;
+ int len = intLen;
+ if (len <= 0)
+ return blen <= 0 ? 0 : -1;
+ if (len > blen)
+ return 1;
+ if (len < blen - 1)
+ return -1;
+ int[] bval = b.value;
+ int bstart = 0;
+ int carry = 0;
+ // Only 2 cases left:len == blen or len == blen - 1
+ if (len != blen) { // len == blen - 1
+ if (bval[bstart] == 1) {
+ ++bstart;
+ carry = 0x80000000;
+ } else
+ return -1;
+ }
+ // compare values with right-shifted values of b,
+ // carrying shifted-out bits across words
+ int[] val = value;
+ for (int i = offset, j = bstart; i < len + offset;) {
+ int bv = bval[j++];
+ long hb = ((bv >>> 1) + carry) & LONG_MASK;
+ long v = val[i++] & LONG_MASK;
+ if (v != hb)
+ return v < hb ? -1 : 1;
+ carry = (bv & 1) << 31; // carray will be either 0x80000000 or 0
+ }
+ return carry == 0 ? 0 : -1;
+ }
+
+ /**
+ * Return the index of the lowest set bit in this MutableBigInteger. If the
+ * magnitude of this MutableBigInteger is zero, -1 is returned.
+ */
+ private final int getLowestSetBit() {
+ if (intLen == 0)
+ return -1;
+ int j, b;
+ for (j=intLen-1; (j > 0) && (value[j+offset] == 0); j--)
+ ;
+ b = value[j+offset];
+ if (b == 0)
+ return -1;
+ return ((intLen-1-j)<<5) + Integer.numberOfTrailingZeros(b);
+ }
+
+ /**
+ * Return the int in use in this MutableBigInteger at the specified
+ * index. This method is not used because it is not inlined on all
+ * platforms.
+ */
+ private final int getInt(int index) {
+ return value[offset+index];
+ }
+
+ /**
+ * Return a long which is equal to the unsigned value of the int in
+ * use in this MutableBigInteger at the specified index. This method is
+ * not used because it is not inlined on all platforms.
+ */
+ private final long getLong(int index) {
+ return value[offset+index] & LONG_MASK;
+ }
+
+ /**
+ * Ensure that the MutableBigInteger is in normal form, specifically
+ * making sure that there are no leading zeros, and that if the
+ * magnitude is zero, then intLen is zero.
+ */
+ final void normalize() {
+ if (intLen == 0) {
+ offset = 0;
+ return;
+ }
+
+ int index = offset;
+ if (value[index] != 0)
+ return;
+
+ int indexBound = index+intLen;
+ do {
+ index++;
+ } while(index < indexBound && value[index] == 0);
+
+ int numZeros = index - offset;
+ intLen -= numZeros;
+ offset = (intLen == 0 ? 0 : offset+numZeros);
+ }
+
+ /**
+ * If this MutableBigInteger cannot hold len words, increase the size
+ * of the value array to len words.
+ */
+ private final void ensureCapacity(int len) {
+ if (value.length < len) {
+ value = new int[len];
+ offset = 0;
+ intLen = len;
+ }
+ }
+
+ /**
+ * Convert this MutableBigInteger into an int array with no leading
+ * zeros, of a length that is equal to this MutableBigInteger's intLen.
+ */
+ int[] toIntArray() {
+ int[] result = new int[intLen];
+ for(int i=0; i < intLen; i++)
+ result[i] = value[offset+i];
+ return result;
+ }
+
+ /**
+ * Sets the int at index+offset in this MutableBigInteger to val.
+ * This does not get inlined on all platforms so it is not used
+ * as often as originally intended.
+ */
+ void setInt(int index, int val) {
+ value[offset + index] = val;
+ }
+
+ /**
+ * Sets this MutableBigInteger's value array to the specified array.
+ * The intLen is set to the specified length.
+ */
+ void setValue(int[] val, int length) {
+ value = val;
+ intLen = length;
+ offset = 0;
+ }
+
+ /**
+ * Sets this MutableBigInteger's value array to a copy of the specified
+ * array. The intLen is set to the length of the new array.
+ */
+ void copyValue(MutableBigInteger src) {
+ int len = src.intLen;
+ if (value.length < len)
+ value = new int[len];
+ System.arraycopy(src.value, src.offset, value, 0, len);
+ intLen = len;
+ offset = 0;
+ }
+
+ /**
+ * Sets this MutableBigInteger's value array to a copy of the specified
+ * array. The intLen is set to the length of the specified array.
+ */
+ void copyValue(int[] val) {
+ int len = val.length;
+ if (value.length < len)
+ value = new int[len];
+ System.arraycopy(val, 0, value, 0, len);
+ intLen = len;
+ offset = 0;
+ }
+
+ /**
+ * Returns true iff this MutableBigInteger has a value of one.
+ */
+ boolean isOne() {
+ return (intLen == 1) && (value[offset] == 1);
+ }
+
+ /**
+ * Returns true iff this MutableBigInteger has a value of zero.
+ */
+ boolean isZero() {
+ return (intLen == 0);
+ }
+
+ /**
+ * Returns true iff this MutableBigInteger is even.
+ */
+ boolean isEven() {
+ return (intLen == 0) || ((value[offset + intLen - 1] & 1) == 0);
+ }
+
+ /**
+ * Returns true iff this MutableBigInteger is odd.
+ */
+ boolean isOdd() {
+ return isZero() ? false : ((value[offset + intLen - 1] & 1) == 1);
+ }
+
+ /**
+ * Returns true iff this MutableBigInteger is in normal form. A
+ * MutableBigInteger is in normal form if it has no leading zeros
+ * after the offset, and intLen + offset <= value.length.
+ */
+ boolean isNormal() {
+ if (intLen + offset > value.length)
+ return false;
+ if (intLen == 0)
+ return true;
+ return (value[offset] != 0);
+ }
+
+ /**
+ * Returns a String representation of this MutableBigInteger in radix 10.
+ */
+ public String toString() {
+ BigInteger b = toBigInteger(1);
+ return b.toString();
+ }
+
+ /**
+ * Like {@link #rightShift(int)} but {@code n} can be greater than the length of the number.
+ */
+ void safeRightShift(int n) {
+ if (n/32 >= intLen) {
+ reset();
+ } else {
+ rightShift(n);
+ }
+ }
+
+ /**
+ * Right shift this MutableBigInteger n bits. The MutableBigInteger is left
+ * in normal form.
+ */
+ void rightShift(int n) {
+ if (intLen == 0)
+ return;
+ int nInts = n >>> 5;
+ int nBits = n & 0x1F;
+ this.intLen -= nInts;
+ if (nBits == 0)
+ return;
+ int bitsInHighWord = BigInteger.bitLengthForInt(value[offset]);
+ if (nBits >= bitsInHighWord) {
+ this.primitiveLeftShift(32 - nBits);
+ this.intLen--;
+ } else {
+ primitiveRightShift(nBits);
+ }
+ }
+
+ /**
+ * Like {@link #leftShift(int)} but {@code n} can be zero.
+ */
+ void safeLeftShift(int n) {
+ if (n > 0) {
+ leftShift(n);
+ }
+ }
+
+ /**
+ * Left shift this MutableBigInteger n bits.
+ */
+ void leftShift(int n) {
+ /*
+ * If there is enough storage space in this MutableBigInteger already
+ * the available space will be used. Space to the right of the used
+ * ints in the value array is faster to utilize, so the extra space
+ * will be taken from the right if possible.
+ */
+ if (intLen == 0)
+ return;
+ int nInts = n >>> 5;
+ int nBits = n&0x1F;
+ int bitsInHighWord = BigInteger.bitLengthForInt(value[offset]);
+
+ // If shift can be done without moving words, do so
+ if (n <= (32-bitsInHighWord)) {
+ primitiveLeftShift(nBits);
+ return;
+ }
+
+ int newLen = intLen + nInts +1;
+ if (nBits <= (32-bitsInHighWord))
+ newLen--;
+ if (value.length < newLen) {
+ // The array must grow
+ int[] result = new int[newLen];
+ for (int i=0; i < intLen; i++)
+ result[i] = value[offset+i];
+ setValue(result, newLen);
+ } else if (value.length - offset >= newLen) {
+ // Use space on right
+ for(int i=0; i < newLen - intLen; i++)
+ value[offset+intLen+i] = 0;
+ } else {
+ // Must use space on left
+ for (int i=0; i < intLen; i++)
+ value[i] = value[offset+i];
+ for (int i=intLen; i < newLen; i++)
+ value[i] = 0;
+ offset = 0;
+ }
+ intLen = newLen;
+ if (nBits == 0)
+ return;
+ if (nBits <= (32-bitsInHighWord))
+ primitiveLeftShift(nBits);
+ else
+ primitiveRightShift(32 -nBits);
+ }
+
+ /**
+ * A primitive used for division. This method adds in one multiple of the
+ * divisor a back to the dividend result at a specified offset. It is used
+ * when qhat was estimated too large, and must be adjusted.
+ */
+ private int divadd(int[] a, int[] result, int offset) {
+ long carry = 0;
+
+ for (int j=a.length-1; j >= 0; j--) {
+ long sum = (a[j] & LONG_MASK) +
+ (result[j+offset] & LONG_MASK) + carry;
+ result[j+offset] = (int)sum;
+ carry = sum >>> 32;
+ }
+ return (int)carry;
+ }
+
+ /**
+ * This method is used for division. It multiplies an n word input a by one
+ * word input x, and subtracts the n word product from q. This is needed
+ * when subtracting qhat*divisor from dividend.
+ */
+ private int mulsub(int[] q, int[] a, int x, int len, int offset) {
+ long xLong = x & LONG_MASK;
+ long carry = 0;
+ offset += len;
+
+ for (int j=len-1; j >= 0; j--) {
+ long product = (a[j] & LONG_MASK) * xLong + carry;
+ long difference = q[offset] - product;
+ q[offset--] = (int)difference;
+ carry = (product >>> 32)
+ + (((difference & LONG_MASK) >
+ (((~(int)product) & LONG_MASK))) ? 1:0);
+ }
+ return (int)carry;
+ }
+
+ /**
+ * The method is the same as mulsun, except the fact that q array is not
+ * updated, the only result of the method is borrow flag.
+ */
+ private int mulsubBorrow(int[] q, int[] a, int x, int len, int offset) {
+ long xLong = x & LONG_MASK;
+ long carry = 0;
+ offset += len;
+ for (int j=len-1; j >= 0; j--) {
+ long product = (a[j] & LONG_MASK) * xLong + carry;
+ long difference = q[offset--] - product;
+ carry = (product >>> 32)
+ + (((difference & LONG_MASK) >
+ (((~(int)product) & LONG_MASK))) ? 1:0);
+ }
+ return (int)carry;
+ }
+
+ /**
+ * Right shift this MutableBigInteger n bits, where n is
+ * less than 32.
+ * Assumes that intLen > 0, n > 0 for speed
+ */
+ private final void primitiveRightShift(int n) {
+ int[] val = value;
+ int n2 = 32 - n;
+ for (int i=offset+intLen-1, c=val[i]; i > offset; i--) {
+ int b = c;
+ c = val[i-1];
+ val[i] = (c << n2) | (b >>> n);
+ }
+ val[offset] >>>= n;
+ }
+
+ /**
+ * Left shift this MutableBigInteger n bits, where n is
+ * less than 32.
+ * Assumes that intLen > 0, n > 0 for speed
+ */
+ private final void primitiveLeftShift(int n) {
+ int[] val = value;
+ int n2 = 32 - n;
+ for (int i=offset, c=val[i], m=i+intLen-1; i < m; i++) {
+ int b = c;
+ c = val[i+1];
+ val[i] = (b << n) | (c >>> n2);
+ }
+ val[offset+intLen-1] <<= n;
+ }
+
+ /**
+ * Returns a {@code BigInteger} equal to the {@code n}
+ * low ints of this number.
+ */
+ private BigInteger getLower(int n) {
+ if (isZero()) {
+ return BigInteger.ZERO;
+ } else if (intLen < n) {
+ return toBigInteger(1);
+ } else {
+ // strip zeros
+ int len = n;
+ while (len > 0 && value[offset+intLen-len] == 0)
+ len--;
+ int sign = len > 0 ? 1 : 0;
+ return new BigInteger(Arrays.copyOfRange(value, offset+intLen-len, offset+intLen), sign);
+ }
+ }
+
+ /**
+ * Discards all ints whose index is greater than {@code n}.
+ */
+ private void keepLower(int n) {
+ if (intLen >= n) {
+ offset += intLen - n;
+ intLen = n;
+ }
+ }
+
+ /**
+ * Adds the contents of two MutableBigInteger objects.The result
+ * is placed within this MutableBigInteger.
+ * The contents of the addend are not changed.
+ */
+ void add(MutableBigInteger addend) {
+ int x = intLen;
+ int y = addend.intLen;
+ int resultLen = (intLen > addend.intLen ? intLen : addend.intLen);
+ int[] result = (value.length < resultLen ? new int[resultLen] : value);
+
+ int rstart = result.length-1;
+ long sum;
+ long carry = 0;
+
+ // Add common parts of both numbers
+ while(x > 0 && y > 0) {
+ x--; y--;
+ sum = (value[x+offset] & LONG_MASK) +
+ (addend.value[y+addend.offset] & LONG_MASK) + carry;
+ result[rstart--] = (int)sum;
+ carry = sum >>> 32;
+ }
+
+ // Add remainder of the longer number
+ while(x > 0) {
+ x--;
+ if (carry == 0 && result == value && rstart == (x + offset))
+ return;
+ sum = (value[x+offset] & LONG_MASK) + carry;
+ result[rstart--] = (int)sum;
+ carry = sum >>> 32;
+ }
+ while(y > 0) {
+ y--;
+ sum = (addend.value[y+addend.offset] & LONG_MASK) + carry;
+ result[rstart--] = (int)sum;
+ carry = sum >>> 32;
+ }
+
+ if (carry > 0) { // Result must grow in length
+ resultLen++;
+ if (result.length < resultLen) {
+ int temp[] = new int[resultLen];
+ // Result one word longer from carry-out; copy low-order
+ // bits into new result.
+ System.arraycopy(result, 0, temp, 1, result.length);
+ temp[0] = 1;
+ result = temp;
+ } else {
+ result[rstart--] = 1;
+ }
+ }
+
+ value = result;
+ intLen = resultLen;
+ offset = result.length - resultLen;
+ }
+
+ /**
+ * Adds the value of {@code addend} shifted {@code n} ints to the left.
+ * Has the same effect as {@code addend.leftShift(32*ints); add(addend);}
+ * but doesn't change the value of {@code addend}.
+ */
+ void addShifted(MutableBigInteger addend, int n) {
+ if (addend.isZero()) {
+ return;
+ }
+
+ int x = intLen;
+ int y = addend.intLen + n;
+ int resultLen = (intLen > y ? intLen : y);
+ int[] result = (value.length < resultLen ? new int[resultLen] : value);
+
+ int rstart = result.length-1;
+ long sum;
+ long carry = 0;
+
+ // Add common parts of both numbers
+ while (x > 0 && y > 0) {
+ x--; y--;
+ int bval = y+addend.offset < addend.value.length ? addend.value[y+addend.offset] : 0;
+ sum = (value[x+offset] & LONG_MASK) +
+ (bval & LONG_MASK) + carry;
+ result[rstart--] = (int)sum;
+ carry = sum >>> 32;
+ }
+
+ // Add remainder of the longer number
+ while (x > 0) {
+ x--;
+ if (carry == 0 && result == value && rstart == (x + offset)) {
+ return;
+ }
+ sum = (value[x+offset] & LONG_MASK) + carry;
+ result[rstart--] = (int)sum;
+ carry = sum >>> 32;
+ }
+ while (y > 0) {
+ y--;
+ int bval = y+addend.offset < addend.value.length ? addend.value[y+addend.offset] : 0;
+ sum = (bval & LONG_MASK) + carry;
+ result[rstart--] = (int)sum;
+ carry = sum >>> 32;
+ }
+
+ if (carry > 0) { // Result must grow in length
+ resultLen++;
+ if (result.length < resultLen) {
+ int temp[] = new int[resultLen];
+ // Result one word longer from carry-out; copy low-order
+ // bits into new result.
+ System.arraycopy(result, 0, temp, 1, result.length);
+ temp[0] = 1;
+ result = temp;
+ } else {
+ result[rstart--] = 1;
+ }
+ }
+
+ value = result;
+ intLen = resultLen;
+ offset = result.length - resultLen;
+ }
+
+ /**
+ * Like {@link #addShifted(MutableBigInteger, int)} but {@code this.intLen} must
+ * not be greater than {@code n}. In other words, concatenates {@code this}
+ * and {@code addend}.
+ */
+ void addDisjoint(MutableBigInteger addend, int n) {
+ if (addend.isZero())
+ return;
+
+ int x = intLen;
+ int y = addend.intLen + n;
+ int resultLen = (intLen > y ? intLen : y);
+ int[] result;
+ if (value.length < resultLen)
+ result = new int[resultLen];
+ else {
+ result = value;
+ Arrays.fill(value, offset+intLen, value.length, 0);
+ }
+
+ int rstart = result.length-1;
+
+ // copy from this if needed
+ System.arraycopy(value, offset, result, rstart+1-x, x);
+ y -= x;
+ rstart -= x;
+
+ int len = Math.min(y, addend.value.length-addend.offset);
+ System.arraycopy(addend.value, addend.offset, result, rstart+1-y, len);
+
+ // zero the gap
+ for (int i=rstart+1-y+len; i < rstart+1; i++)
+ result[i] = 0;
+
+ value = result;
+ intLen = resultLen;
+ offset = result.length - resultLen;
+ }
+
+ /**
+ * Adds the low {@code n} ints of {@code addend}.
+ */
+ void addLower(MutableBigInteger addend, int n) {
+ MutableBigInteger a = new MutableBigInteger(addend);
+ if (a.offset + a.intLen >= n) {
+ a.offset = a.offset + a.intLen - n;
+ a.intLen = n;
+ }
+ a.normalize();
+ add(a);
+ }
+
+ /**
+ * Subtracts the smaller of this and b from the larger and places the
+ * result into this MutableBigInteger.
+ */
+ int subtract(MutableBigInteger b) {
+ MutableBigInteger a = this;
+
+ int[] result = value;
+ int sign = a.compare(b);
+
+ if (sign == 0) {
+ reset();
+ return 0;
+ }
+ if (sign < 0) {
+ MutableBigInteger tmp = a;
+ a = b;
+ b = tmp;
+ }
+
+ int resultLen = a.intLen;
+ if (result.length < resultLen)
+ result = new int[resultLen];
+
+ long diff = 0;
+ int x = a.intLen;
+ int y = b.intLen;
+ int rstart = result.length - 1;
+
+ // Subtract common parts of both numbers
+ while (y > 0) {
+ x--; y--;
+
+ diff = (a.value[x+a.offset] & LONG_MASK) -
+ (b.value[y+b.offset] & LONG_MASK) - ((int)-(diff>>32));
+ result[rstart--] = (int)diff;
+ }
+ // Subtract remainder of longer number
+ while (x > 0) {
+ x--;
+ diff = (a.value[x+a.offset] & LONG_MASK) - ((int)-(diff>>32));
+ result[rstart--] = (int)diff;
+ }
+
+ value = result;
+ intLen = resultLen;
+ offset = value.length - resultLen;
+ normalize();
+ return sign;
+ }
+
+ /**
+ * Subtracts the smaller of a and b from the larger and places the result
+ * into the larger. Returns 1 if the answer is in a, -1 if in b, 0 if no
+ * operation was performed.
+ */
+ private int difference(MutableBigInteger b) {
+ MutableBigInteger a = this;
+ int sign = a.compare(b);
+ if (sign == 0)
+ return 0;
+ if (sign < 0) {
+ MutableBigInteger tmp = a;
+ a = b;
+ b = tmp;
+ }
+
+ long diff = 0;
+ int x = a.intLen;
+ int y = b.intLen;
+
+ // Subtract common parts of both numbers
+ while (y > 0) {
+ x--; y--;
+ diff = (a.value[a.offset+ x] & LONG_MASK) -
+ (b.value[b.offset+ y] & LONG_MASK) - ((int)-(diff>>32));
+ a.value[a.offset+x] = (int)diff;
+ }
+ // Subtract remainder of longer number
+ while (x > 0) {
+ x--;
+ diff = (a.value[a.offset+ x] & LONG_MASK) - ((int)-(diff>>32));
+ a.value[a.offset+x] = (int)diff;
+ }
+
+ a.normalize();
+ return sign;
+ }
+
+ /**
+ * Multiply the contents of two MutableBigInteger objects. The result is
+ * placed into MutableBigInteger z. The contents of y are not changed.
+ */
+ void multiply(MutableBigInteger y, MutableBigInteger z) {
+ int xLen = intLen;
+ int yLen = y.intLen;
+ int newLen = xLen + yLen;
+
+ // Put z into an appropriate state to receive product
+ if (z.value.length < newLen)
+ z.value = new int[newLen];
+ z.offset = 0;
+ z.intLen = newLen;
+
+ // The first iteration is hoisted out of the loop to avoid extra add
+ long carry = 0;
+ for (int j=yLen-1, k=yLen+xLen-1; j >= 0; j--, k--) {
+ long product = (y.value[j+y.offset] & LONG_MASK) *
+ (value[xLen-1+offset] & LONG_MASK) + carry;
+ z.value[k] = (int)product;
+ carry = product >>> 32;
+ }
+ z.value[xLen-1] = (int)carry;
+
+ // Perform the multiplication word by word
+ for (int i = xLen-2; i >= 0; i--) {
+ carry = 0;
+ for (int j=yLen-1, k=yLen+i; j >= 0; j--, k--) {
+ long product = (y.value[j+y.offset] & LONG_MASK) *
+ (value[i+offset] & LONG_MASK) +
+ (z.value[k] & LONG_MASK) + carry;
+ z.value[k] = (int)product;
+ carry = product >>> 32;
+ }
+ z.value[i] = (int)carry;
+ }
+
+ // Remove leading zeros from product
+ z.normalize();
+ }
+
+ /**
+ * Multiply the contents of this MutableBigInteger by the word y. The
+ * result is placed into z.
+ */
+ void mul(int y, MutableBigInteger z) {
+ if (y == 1) {
+ z.copyValue(this);
+ return;
+ }
+
+ if (y == 0) {
+ z.clear();
+ return;
+ }
+
+ // Perform the multiplication word by word
+ long ylong = y & LONG_MASK;
+ int[] zval = (z.value.length < intLen+1 ? new int[intLen + 1]
+ : z.value);
+ long carry = 0;
+ for (int i = intLen-1; i >= 0; i--) {
+ long product = ylong * (value[i+offset] & LONG_MASK) + carry;
+ zval[i+1] = (int)product;
+ carry = product >>> 32;
+ }
+
+ if (carry == 0) {
+ z.offset = 1;
+ z.intLen = intLen;
+ } else {
+ z.offset = 0;
+ z.intLen = intLen + 1;
+ zval[0] = (int)carry;
+ }
+ z.value = zval;
+ }
+
+ /**
+ * This method is used for division of an n word dividend by a one word
+ * divisor. The quotient is placed into quotient. The one word divisor is
+ * specified by divisor.
+ *
+ * @return the remainder of the division is returned.
+ *
+ */
+ int divideOneWord(int divisor, MutableBigInteger quotient) {
+ long divisorLong = divisor & LONG_MASK;
+
+ // Special case of one word dividend
+ if (intLen == 1) {
+ long dividendValue = value[offset] & LONG_MASK;
+ int q = (int) (dividendValue / divisorLong);
+ int r = (int) (dividendValue - q * divisorLong);
+ quotient.value[0] = q;
+ quotient.intLen = (q == 0) ? 0 : 1;
+ quotient.offset = 0;
+ return r;
+ }
+
+ if (quotient.value.length < intLen)
+ quotient.value = new int[intLen];
+ quotient.offset = 0;
+ quotient.intLen = intLen;
+
+ // Normalize the divisor
+ int shift = Integer.numberOfLeadingZeros(divisor);
+
+ int rem = value[offset];
+ long remLong = rem & LONG_MASK;
+ if (remLong < divisorLong) {
+ quotient.value[0] = 0;
+ } else {
+ quotient.value[0] = (int)(remLong / divisorLong);
+ rem = (int) (remLong - (quotient.value[0] * divisorLong));
+ remLong = rem & LONG_MASK;
+ }
+ int xlen = intLen;
+ while (--xlen > 0) {
+ long dividendEstimate = (remLong << 32) |
+ (value[offset + intLen - xlen] & LONG_MASK);
+ int q;
+ if (dividendEstimate >= 0) {
+ q = (int) (dividendEstimate / divisorLong);
+ rem = (int) (dividendEstimate - q * divisorLong);
+ } else {
+ long tmp = divWord(dividendEstimate, divisor);
+ q = (int) (tmp & LONG_MASK);
+ rem = (int) (tmp >>> 32);
+ }
+ quotient.value[intLen - xlen] = q;
+ remLong = rem & LONG_MASK;
+ }
+
+ quotient.normalize();
+ // Unnormalize
+ if (shift > 0)
+ return rem % divisor;
+ else
+ return rem;
+ }
+
+ /**
+ * Calculates the quotient of this div b and places the quotient in the
+ * provided MutableBigInteger objects and the remainder object is returned.
+ *
+ */
+ MutableBigInteger divide(MutableBigInteger b, MutableBigInteger quotient) {
+ return divide(b,quotient,true);
+ }
+
+ MutableBigInteger divide(MutableBigInteger b, MutableBigInteger quotient, boolean needRemainder) {
+ if (b.intLen < BigInteger.BURNIKEL_ZIEGLER_THRESHOLD ||
+ intLen - b.intLen < BigInteger.BURNIKEL_ZIEGLER_OFFSET) {
+ return divideKnuth(b, quotient, needRemainder);
+ } else {
+ return divideAndRemainderBurnikelZiegler(b, quotient);
+ }
+ }
+
+ /**
+ * @see #divideKnuth(MutableBigInteger, MutableBigInteger, boolean)
+ */
+ MutableBigInteger divideKnuth(MutableBigInteger b, MutableBigInteger quotient) {
+ return divideKnuth(b,quotient,true);
+ }
+
+ /**
+ * Calculates the quotient of this div b and places the quotient in the
+ * provided MutableBigInteger objects and the remainder object is returned.
+ *
+ * Uses Algorithm D from Knuth TAOCP Vol. 2, 3rd edition, section 4.3.1.
+ * Many optimizations to that algorithm have been adapted from the Colin
+ * Plumb C library.
+ * It special cases one word divisors for speed. The content of b is not
+ * changed.
+ *
+ */
+ MutableBigInteger divideKnuth(MutableBigInteger b, MutableBigInteger quotient, boolean needRemainder) {
+ if (b.intLen == 0)
+ throw new ArithmeticException("BigInteger divide by zero");
+
+ // Dividend is zero
+ if (intLen == 0) {
+ quotient.intLen = quotient.offset = 0;
+ return needRemainder ? new MutableBigInteger() : null;
+ }
+
+ int cmp = compare(b);
+ // Dividend less than divisor
+ if (cmp < 0) {
+ quotient.intLen = quotient.offset = 0;
+ return needRemainder ? new MutableBigInteger(this) : null;
+ }
+ // Dividend equal to divisor
+ if (cmp == 0) {
+ quotient.value[0] = quotient.intLen = 1;
+ quotient.offset = 0;
+ return needRemainder ? new MutableBigInteger() : null;
+ }
+
+ quotient.clear();
+ // Special case one word divisor
+ if (b.intLen == 1) {
+ int r = divideOneWord(b.value[b.offset], quotient);
+ if(needRemainder) {
+ if (r == 0)
+ return new MutableBigInteger();
+ return new MutableBigInteger(r);
+ } else {
+ return null;
+ }
+ }
+
+ // Cancel common powers of two if we're above the KNUTH_POW2_* thresholds
+ if (intLen >= KNUTH_POW2_THRESH_LEN) {
+ int trailingZeroBits = Math.min(getLowestSetBit(), b.getLowestSetBit());
+ if (trailingZeroBits >= KNUTH_POW2_THRESH_ZEROS*32) {
+ MutableBigInteger a = new MutableBigInteger(this);
+ b = new MutableBigInteger(b);
+ a.rightShift(trailingZeroBits);
+ b.rightShift(trailingZeroBits);
+ MutableBigInteger r = a.divideKnuth(b, quotient);
+ r.leftShift(trailingZeroBits);
+ return r;
+ }
+ }
+
+ return divideMagnitude(b, quotient, needRemainder);
+ }
+
+ /**
+ * Computes {@code this/b} and {@code this%b} using the
+ * Burnikel-Ziegler algorithm.
+ * This method implements algorithm 3 from pg. 9 of the Burnikel-Ziegler paper.
+ * The parameter beta was chosen to b 232 so almost all shifts are
+ * multiples of 32 bits. > 5; i < numWords; i++) {
+ // V = R * c (mod 2^j)
+ int v = r * c.value[c.offset + c.intLen-1];
+ // c = c + (v * p)
+ p.mul(v, temp);
+ c.add(temp);
+ // c = c / 2^j
+ c.intLen--;
+ }
+ int numBits = k & 0x1f;
+ if (numBits != 0) {
+ // V = R * c (mod 2^j)
+ int v = r * c.value[c.offset + c.intLen-1];
+ v &= ((1<(thisexponent).
+ * Note that {@code exponent} is an integer rather than a BigInteger.
+ *
+ * @param exponent exponent to which this BigInteger is to be raised.
+ * @return thisexponent
+ * @throws ArithmeticException {@code exponent} is negative. (This would
+ * cause the operation to yield a non-integer value.)
+ */
+ public BigInteger pow(int exponent) {
+ if (exponent < 0) {
+ throw new ArithmeticException("Negative exponent");
+ }
+ if (signum == 0) {
+ return (exponent == 0 ? ONE : this);
+ }
+
+ BigInteger partToSquare = this.abs();
+
+ // Factor out powers of two from the base, as the exponentiation of
+ // these can be done by left shifts only.
+ // The remaining part can then be exponentiated faster. The
+ // powers of two will be multiplied back at the end.
+ int powersOfTwo = partToSquare.getLowestSetBit();
+ long bitsToShiftLong = (long)powersOfTwo * exponent;
+ if (bitsToShiftLong > Integer.MAX_VALUE) {
+ reportOverflow();
+ }
+ int bitsToShift = (int)bitsToShiftLong;
+
+ int remainingBits;
+
+ // Factor the powers of two out quickly by shifting right, if needed.
+ if (powersOfTwo > 0) {
+ partToSquare = partToSquare.shiftRight(powersOfTwo);
+ remainingBits = partToSquare.bitLength();
+ if (remainingBits == 1) { // Nothing left but +/- 1?
+ if (signum < 0 && (exponent&1) == 1) {
+ return NEGATIVE_ONE.shiftLeft(bitsToShift);
+ } else {
+ return ONE.shiftLeft(bitsToShift);
+ }
+ }
+ } else {
+ remainingBits = partToSquare.bitLength();
+ if (remainingBits == 1) { // Nothing left but +/- 1?
+ if (signum < 0 && (exponent&1) == 1) {
+ return NEGATIVE_ONE;
+ } else {
+ return ONE;
+ }
+ }
+ }
+
+ // This is a quick way to approximate the size of the result,
+ // similar to doing log2[n] * exponent. This will give an upper bound
+ // of how big the result can be, and which algorithm to use.
+ long scaleFactor = (long)remainingBits * exponent;
+
+ // Use slightly different algorithms for small and large operands.
+ // See if the result will safely fit into a long. (Largest 2^63-1)
+ if (partToSquare.mag.length == 1 && scaleFactor <= 62) {
+ // Small number algorithm. Everything fits into a long.
+ int newSign = (signum <0 && (exponent&1) == 1 ? -1 : 1);
+ long result = 1;
+ long baseToPow2 = partToSquare.mag[0] & LONG_MASK;
+
+ int workingExponent = exponent;
+
+ // Perform exponentiation using repeated squaring trick
+ while (workingExponent != 0) {
+ if ((workingExponent & 1) == 1) {
+ result = result * baseToPow2;
+ }
+
+ if ((workingExponent >>>= 1) != 0) {
+ baseToPow2 = baseToPow2 * baseToPow2;
+ }
+ }
+
+ // Multiply back the powers of two (quickly, by shifting left)
+ if (powersOfTwo > 0) {
+ if (bitsToShift + scaleFactor <= 62) { // Fits in long?
+ return valueOf((result << bitsToShift) * newSign);
+ } else {
+ return valueOf(result*newSign).shiftLeft(bitsToShift);
+ }
+ } else {
+ return valueOf(result*newSign);
+ }
+ } else {
+ if ((long)bitLength() * exponent / Integer.SIZE > MAX_MAG_LENGTH) {
+ reportOverflow();
+ }
+
+ // Large number algorithm. This is basically identical to
+ // the algorithm above, but calls multiply() and square()
+ // which may use more efficient algorithms for large numbers.
+ BigInteger answer = ONE;
+
+ int workingExponent = exponent;
+ // Perform exponentiation using repeated squaring trick
+ while (workingExponent != 0) {
+ if ((workingExponent & 1) == 1) {
+ answer = answer.multiply(partToSquare);
+ }
+
+ if ((workingExponent >>>= 1) != 0) {
+ partToSquare = partToSquare.square();
+ }
+ }
+ // Multiply back the (exponentiated) powers of two (quickly,
+ // by shifting left)
+ if (powersOfTwo > 0) {
+ answer = answer.shiftLeft(bitsToShift);
+ }
+
+ if (signum < 0 && (exponent&1) == 1) {
+ return answer.negate();
+ } else {
+ return answer;
+ }
+ }
+ }
+
+ /**
+ * Returns the integer square root of this BigInteger. The integer square
+ * root of the corresponding mathematical integer {@code n} is the largest
+ * mathematical integer {@code s} such that {@code s*s <= n}. It is equal
+ * to the value of {@code floor(sqrt(n))}, where {@code sqrt(n)} denotes the
+ * real square root of {@code n} treated as a real. Note that the integer
+ * square root will be less than the real square root if the latter is not
+ * representable as an integral value.
+ *
+ * @return the integer square root of {@code this}
+ * @throws ArithmeticException if {@code this} is negative. (The square
+ * root of a negative integer {@code val} is
+ * {@code (i * sqrt(-val))} where i is the
+ * imaginary unit and is equal to
+ * {@code sqrt(-1)}.)
+ * @since 9
+ */
+ public BigInteger sqrt() {
+ if (this.signum < 0) {
+ throw new ArithmeticException("Negative BigInteger");
+ }
+
+ return new MutableBigInteger(this.mag).sqrt().toBigInteger();
+ }
+
+ /**
+ * Returns an array of two BigIntegers containing the integer square root
+ * {@code s} of {@code this} and its remainder {@code this - s*s},
+ * respectively.
+ *
+ * @return an array of two BigIntegers with the integer square root at
+ * offset 0 and the remainder at offset 1
+ * @throws ArithmeticException if {@code this} is negative. (The square
+ * root of a negative integer {@code val} is
+ * {@code (i * sqrt(-val))} where i is the
+ * imaginary unit and is equal to
+ * {@code sqrt(-1)}.)
+ * @see #sqrt()
+ * @since 9
+ */
+ public BigInteger[] sqrtAndRemainder() {
+ BigInteger s = sqrt();
+ BigInteger r = this.subtract(s.square());
+ assert r.compareTo(BigInteger.ZERO) >= 0;
+ return new BigInteger[] {s, r};
+ }
+
+ /**
+ * Returns a BigInteger whose value is the greatest common divisor of
+ * {@code abs(this)} and {@code abs(val)}. Returns 0 if
+ * {@code this == 0 && val == 0}.
+ *
+ * @param val value with which the GCD is to be computed.
+ * @return {@code GCD(abs(this), abs(val))}
+ */
+ public BigInteger gcd(BigInteger val) {
+ if (val.signum == 0)
+ return this.abs();
+ else if (this.signum == 0)
+ return val.abs();
+
+ MutableBigInteger a = new MutableBigInteger(this);
+ MutableBigInteger b = new MutableBigInteger(val);
+
+ MutableBigInteger result = a.hybridGCD(b);
+
+ return result.toBigInteger(1);
+ }
+
+ /**
+ * Package private method to return bit length for an integer.
+ */
+ static int bitLengthForInt(int n) {
+ return 32 - Integer.numberOfLeadingZeros(n);
+ }
+
+ /**
+ * Left shift int array a up to len by n bits. Returns the array that
+ * results from the shift since space may have to be reallocated.
+ */
+ private static int[] leftShift(int[] a, int len, int n) {
+ int nInts = n >>> 5;
+ int nBits = n&0x1F;
+ int bitsInHighWord = bitLengthForInt(a[0]);
+
+ // If shift can be done without recopy, do so
+ if (n <= (32-bitsInHighWord)) {
+ primitiveLeftShift(a, len, nBits);
+ return a;
+ } else { // Array must be resized
+ if (nBits <= (32-bitsInHighWord)) {
+ int result[] = new int[nInts+len];
+ System.arraycopy(a, 0, result, 0, len);
+ primitiveLeftShift(result, result.length, nBits);
+ return result;
+ } else {
+ int result[] = new int[nInts+len+1];
+ System.arraycopy(a, 0, result, 0, len);
+ primitiveRightShift(result, result.length, 32 - nBits);
+ return result;
+ }
+ }
+ }
+
+ // shifts a up to len right n bits assumes no leading zeros, 0(thisexponent mod m). (Unlike {@code pow}, this
+ * method permits negative exponents.)
+ *
+ * @param exponent the exponent.
+ * @param m the modulus.
+ * @return thisexponent mod m
+ * @throws ArithmeticException {@code m} ≤ 0 or the exponent is
+ * negative and this BigInteger is not relatively
+ * prime to {@code m}.
+ * @see #modInverse
+ */
+ public BigInteger modPow(BigInteger exponent, BigInteger m) {
+ if (m.signum <= 0)
+ throw new ArithmeticException("BigInteger: modulus not positive");
+
+ // Trivial cases
+ if (exponent.signum == 0)
+ return (m.equals(ONE) ? ZERO : ONE);
+
+ if (this.equals(ONE))
+ return (m.equals(ONE) ? ZERO : ONE);
+
+ if (this.equals(ZERO) && exponent.signum >= 0)
+ return ZERO;
+
+ if (this.equals(negConst[1]) && (!exponent.testBit(0)))
+ return (m.equals(ONE) ? ZERO : ONE);
+
+ boolean invertResult;
+ if ((invertResult = (exponent.signum < 0)))
+ exponent = exponent.negate();
+
+ BigInteger base = (this.signum < 0 || this.compareTo(m) >= 0
+ ? this.mod(m) : this);
+ BigInteger result;
+ if (m.testBit(0)) { // odd modulus
+ result = base.oddModPow(exponent, m);
+ } else {
+ /*
+ * Even modulus. Tear it into an "odd part" (m1) and power of two
+ * (m2), exponentiate mod m1, manually exponentiate mod m2, and
+ * use Chinese Remainder Theorem to combine results.
+ */
+
+ // Tear m apart into odd part (m1) and power of 2 (m2)
+ int p = m.getLowestSetBit(); // Max pow of 2 that divides m
+
+ BigInteger m1 = m.shiftRight(p); // m/2**p
+ BigInteger m2 = ONE.shiftLeft(p); // 2**p
+
+ // Calculate new base from m1
+ BigInteger base2 = (this.signum < 0 || this.compareTo(m1) >= 0
+ ? this.mod(m1) : this);
+
+ // Calculate (base ** exponent) mod m1.
+ BigInteger a1 = (m1.equals(ONE) ? ZERO :
+ base2.oddModPow(exponent, m1));
+
+ // Calculate (this ** exponent) mod m2
+ BigInteger a2 = base.modPow2(exponent, p);
+
+ // Combine results using Chinese Remainder Theorem
+ BigInteger y1 = m2.modInverse(m1);
+ BigInteger y2 = m1.modInverse(m2);
+
+ if (m.mag.length < MAX_MAG_LENGTH / 2) {
+ result = a1.multiply(m2).multiply(y1).add(a2.multiply(m1).multiply(y2)).mod(m);
+ } else {
+ MutableBigInteger t1 = new MutableBigInteger();
+ new MutableBigInteger(a1.multiply(m2)).multiply(new MutableBigInteger(y1), t1);
+ MutableBigInteger t2 = new MutableBigInteger();
+ new MutableBigInteger(a2.multiply(m1)).multiply(new MutableBigInteger(y2), t2);
+ t1.add(t2);
+ MutableBigInteger q = new MutableBigInteger();
+ result = t1.divide(new MutableBigInteger(m), q).toBigInteger();
+ }
+ }
+
+ return (invertResult ? result.modInverse(m) : result);
+ }
+
+ // Montgomery multiplication. These are wrappers for
+ // implMontgomeryXX routines which are expected to be replaced by
+ // virtual machine intrinsics. We don't use the intrinsics for
+ // very large operands: MONTGOMERY_INTRINSIC_THRESHOLD should be
+ // larger than any reasonable crypto key.
+ private static int[] montgomeryMultiply(int[] a, int[] b, int[] n, int len, long inv,
+ int[] product) {
+ implMontgomeryMultiplyChecks(a, b, n, len, product);
+ if (len > MONTGOMERY_INTRINSIC_THRESHOLD) {
+ // Very long argument: do not use an intrinsic
+ product = multiplyToLen(a, len, b, len, product);
+ return montReduce(product, n, len, (int)inv);
+ } else {
+ return implMontgomeryMultiply(a, b, n, len, inv, materialize(product, len));
+ }
+ }
+ private static int[] montgomerySquare(int[] a, int[] n, int len, long inv,
+ int[] product) {
+ implMontgomeryMultiplyChecks(a, a, n, len, product);
+ if (len > MONTGOMERY_INTRINSIC_THRESHOLD) {
+ // Very long argument: do not use an intrinsic
+ product = squareToLen(a, len, product);
+ return montReduce(product, n, len, (int)inv);
+ } else {
+ return implMontgomerySquare(a, n, len, inv, materialize(product, len));
+ }
+ }
+
+ // Range-check everything.
+ private static void implMontgomeryMultiplyChecks
+ (int[] a, int[] b, int[] n, int len, int[] product) throws RuntimeException {
+ if (len % 2 != 0) {
+ throw new IllegalArgumentException("input array length must be even: " + len);
+ }
+
+ if (len < 1) {
+ throw new IllegalArgumentException("invalid input length: " + len);
+ }
+
+ if (len > a.length ||
+ len > b.length ||
+ len > n.length ||
+ (product != null && len > product.length)) {
+ throw new IllegalArgumentException("input array length out of bound: " + len);
+ }
+ }
+
+ // Make sure that the int array z (which is expected to contain
+ // the result of a Montgomery multiplication) is present and
+ // sufficiently large.
+ private static int[] materialize(int[] z, int len) {
+ if (z == null || z.length < len)
+ z = new int[len];
+ return z;
+ }
+
+ // These methods are intended to be replaced by virtual machine
+ // intrinsics.
+ // @IntrinsicCandidate
+ private static int[] implMontgomeryMultiply(int[] a, int[] b, int[] n, int len,
+ long inv, int[] product) {
+ product = multiplyToLen(a, len, b, len, product);
+ return montReduce(product, n, len, (int)inv);
+ }
+ // @IntrinsicCandidate
+ private static int[] implMontgomerySquare(int[] a, int[] n, int len,
+ long inv, int[] product) {
+ product = squareToLen(a, len, product);
+ return montReduce(product, n, len, (int)inv);
+ }
+
+ static int[] bnExpModThreshTable = {7, 25, 81, 241, 673, 1793,
+ Integer.MAX_VALUE}; // Sentinel
+
+ /**
+ * Returns a BigInteger whose value is x to the power of y mod z.
+ * Assumes: z is odd && x < z.
+ */
+ private BigInteger oddModPow(BigInteger y, BigInteger z) {
+ /*
+ * The algorithm is adapted from Colin Plumb's C library.
+ *
+ * The window algorithm:
+ * The idea is to keep a running product of b1 = n^(high-order bits of exp)
+ * and then keep appending exponent bits to it. The following patterns
+ * apply to a 3-bit window (k = 3):
+ * To append 0: square
+ * To append 1: square, multiply by n^1
+ * To append 10: square, multiply by n^1, square
+ * To append 11: square, square, multiply by n^3
+ * To append 100: square, multiply by n^1, square, square
+ * To append 101: square, square, square, multiply by n^5
+ * To append 110: square, square, multiply by n^3, square
+ * To append 111: square, square, square, multiply by n^7
+ *
+ * Since each pattern involves only one multiply, the longer the pattern
+ * the better, except that a 0 (no multiplies) can be appended directly.
+ * We precompute a table of odd powers of n, up to 2^k, and can then
+ * multiply k bits of exponent at a time. Actually, assuming random
+ * exponents, there is on average one zero bit between needs to
+ * multiply (1/2 of the time there's none, 1/4 of the time there's 1,
+ * 1/8 of the time, there's 2, 1/32 of the time, there's 3, etc.), so
+ * you have to do one multiply per k+1 bits of exponent.
+ *
+ * The loop walks down the exponent, squaring the result buffer as
+ * it goes. There is a wbits+1 bit lookahead buffer, buf, that is
+ * filled with the upcoming exponent bits. (What is read after the
+ * end of the exponent is unimportant, but it is filled with zero here.)
+ * When the most-significant bit of this buffer becomes set, i.e.
+ * (buf & tblmask) != 0, we have to decide what pattern to multiply
+ * by, and when to do it. We decide, remember to do it in future
+ * after a suitable number of squarings have passed (e.g. a pattern
+ * of "100" in the buffer requires that we multiply by n^1 immediately;
+ * a pattern of "110" calls for multiplying by n^3 after one more
+ * squaring), clear the buffer, and continue.
+ *
+ * When we start, there is one more optimization: the result buffer
+ * is implcitly one, so squaring it or multiplying by it can be
+ * optimized away. Further, if we start with a pattern like "100"
+ * in the lookahead window, rather than placing n into the buffer
+ * and then starting to square it, we have already computed n^2
+ * to compute the odd-powers table, so we can place that into
+ * the buffer and save a squaring.
+ *
+ * This means that if you have a k-bit window, to compute n^z,
+ * where z is the high k bits of the exponent, 1/2 of the time
+ * it requires no squarings. 1/4 of the time, it requires 1
+ * squaring, ... 1/2^(k-1) of the time, it requires k-2 squarings.
+ * And the remaining 1/2^(k-1) of the time, the top k bits are a
+ * 1 followed by k-1 0 bits, so it again only requires k-2
+ * squarings, not k-1. The average of these is 1. Add that
+ * to the one squaring we have to do to compute the table,
+ * and you'll see that a k-bit window saves k-2 squarings
+ * as well as reducing the multiplies. (It actually doesn't
+ * hurt in the case k = 1, either.)
+ */
+ // Special case for exponent of one
+ if (y.equals(ONE))
+ return this;
+
+ // Special case for base of zero
+ if (signum == 0)
+ return ZERO;
+
+ int[] base = mag.clone();
+ int[] exp = y.mag;
+ int[] mod = z.mag;
+ int modLen = mod.length;
+
+ // Make modLen even. It is conventional to use a cryptographic
+ // modulus that is 512, 768, 1024, or 2048 bits, so this code
+ // will not normally be executed. However, it is necessary for
+ // the correct functioning of the HotSpot intrinsics.
+ if ((modLen & 1) != 0) {
+ int[] x = new int[modLen + 1];
+ System.arraycopy(mod, 0, x, 1, modLen);
+ mod = x;
+ modLen++;
+ }
+
+ // Select an appropriate window size
+ int wbits = 0;
+ int ebits = bitLength(exp, exp.length);
+ // if exponent is 65537 (0x10001), use minimum window size
+ if ((ebits != 17) || (exp[0] != 65537)) {
+ while (ebits > bnExpModThreshTable[wbits]) {
+ wbits++;
+ }
+ }
+
+ // Calculate appropriate table size
+ int tblmask = 1 << wbits;
+
+ // Allocate table for precomputed odd powers of base in Montgomery form
+ int[][] table = new int[tblmask][];
+ for (int i=0; i < tblmask; i++)
+ table[i] = new int[modLen];
+
+ // Compute the modular inverse of the least significant 64-bit
+ // digit of the modulus
+ long n0 = (mod[modLen-1] & LONG_MASK) + ((mod[modLen-2] & LONG_MASK) << 32);
+ long inv = -MutableBigInteger.inverseMod64(n0);
+
+ // Convert base to Montgomery form
+ int[] a = leftShift(base, base.length, modLen << 5);
+
+ MutableBigInteger q = new MutableBigInteger(),
+ a2 = new MutableBigInteger(a),
+ b2 = new MutableBigInteger(mod);
+ b2.normalize(); // MutableBigInteger.divide() assumes that its
+ // divisor is in normal form.
+
+ MutableBigInteger r= a2.divide(b2, q);
+ table[0] = r.toIntArray();
+
+ // Pad table[0] with leading zeros so its length is at least modLen
+ if (table[0].length < modLen) {
+ int offset = modLen - table[0].length;
+ int[] t2 = new int[modLen];
+ System.arraycopy(table[0], 0, t2, offset, table[0].length);
+ table[0] = t2;
+ }
+
+ // Set b to the square of the base
+ int[] b = montgomerySquare(table[0], mod, modLen, inv, null);
+
+ // Set t to high half of b
+ int[] t = Arrays.copyOf(b, modLen);
+
+ // Fill in the table with odd powers of the base
+ for (int i=1; i < tblmask; i++) {
+ table[i] = montgomeryMultiply(t, table[i-1], mod, modLen, inv, null);
+ }
+
+ // Pre load the window that slides over the exponent
+ int bitpos = 1 << ((ebits-1) & (32-1));
+
+ int buf = 0;
+ int elen = exp.length;
+ int eIndex = 0;
+ for (int i = 0; i <= wbits; i++) {
+ buf = (buf << 1) | (((exp[eIndex] & bitpos) != 0)?1:0);
+ bitpos >>>= 1;
+ if (bitpos == 0) {
+ eIndex++;
+ bitpos = 1 << (32-1);
+ elen--;
+ }
+ }
+
+ int multpos = ebits;
+
+ // The first iteration, which is hoisted out of the main loop
+ ebits--;
+ boolean isone = true;
+
+ multpos = ebits - wbits;
+ while ((buf & 1) == 0) {
+ buf >>>= 1;
+ multpos++;
+ }
+
+ int[] mult = table[buf >>> 1];
+
+ buf = 0;
+ if (multpos == ebits)
+ isone = false;
+
+ // The main loop
+ while (true) {
+ ebits--;
+ // Advance the window
+ buf <<= 1;
+
+ if (elen != 0) {
+ buf |= ((exp[eIndex] & bitpos) != 0) ? 1 : 0;
+ bitpos >>>= 1;
+ if (bitpos == 0) {
+ eIndex++;
+ bitpos = 1 << (32-1);
+ elen--;
+ }
+ }
+
+ // Examine the window for pending multiplies
+ if ((buf & tblmask) != 0) {
+ multpos = ebits - wbits;
+ while ((buf & 1) == 0) {
+ buf >>>= 1;
+ multpos++;
+ }
+ mult = table[buf >>> 1];
+ buf = 0;
+ }
+
+ // Perform multiply
+ if (ebits == multpos) {
+ if (isone) {
+ b = mult.clone();
+ isone = false;
+ } else {
+ t = b;
+ a = montgomeryMultiply(t, mult, mod, modLen, inv, a);
+ t = a; a = b; b = t;
+ }
+ }
+
+ // Check if done
+ if (ebits == 0)
+ break;
+
+ // Square the input
+ if (!isone) {
+ t = b;
+ a = montgomerySquare(t, mod, modLen, inv, a);
+ t = a; a = b; b = t;
+ }
+ }
+
+ // Convert result out of Montgomery form and return
+ int[] t2 = new int[2*modLen];
+ System.arraycopy(b, 0, t2, modLen, modLen);
+
+ b = montReduce(t2, mod, modLen, (int)inv);
+
+ t2 = Arrays.copyOf(b, modLen);
+
+ return new BigInteger(1, t2);
+ }
+
+ /**
+ * Montgomery reduce n, modulo mod. This reduces modulo mod and divides
+ * by 2^(32*mlen). Adapted from Colin Plumb's C library.
+ */
+ private static int[] montReduce(int[] n, int[] mod, int mlen, int inv) {
+ int c=0;
+ int len = mlen;
+ int offset=0;
+
+ do {
+ int nEnd = n[n.length-1-offset];
+ int carry = mulAdd(n, mod, offset, mlen, inv * nEnd);
+ c += addOne(n, offset, mlen, carry);
+ offset++;
+ } while (--len > 0);
+
+ while (c > 0)
+ c += subN(n, mod, mlen);
+
+ while (intArrayCmpToLen(n, mod, mlen) >= 0)
+ subN(n, mod, mlen);
+
+ return n;
+ }
+
+
+ /*
+ * Returns -1, 0 or +1 as big-endian unsigned int array arg1 is less than,
+ * equal to, or greater than arg2 up to length len.
+ */
+ private static int intArrayCmpToLen(int[] arg1, int[] arg2, int len) {
+ for (int i=0; i < len; i++) {
+ long b1 = arg1[i] & LONG_MASK;
+ long b2 = arg2[i] & LONG_MASK;
+ if (b1 < b2)
+ return -1;
+ if (b1 > b2)
+ return 1;
+ }
+ return 0;
+ }
+
+ /**
+ * Subtracts two numbers of same length, returning borrow.
+ */
+ private static int subN(int[] a, int[] b, int len) {
+ long sum = 0;
+
+ while (--len >= 0) {
+ sum = (a[len] & LONG_MASK) -
+ (b[len] & LONG_MASK) + (sum >> 32);
+ a[len] = (int)sum;
+ }
+
+ return (int)(sum >> 32);
+ }
+
+ /**
+ * Multiply an array by one word k and add to result, return the carry
+ */
+ static int mulAdd(int[] out, int[] in, int offset, int len, int k) {
+ implMulAddCheck(out, in, offset, len, k);
+ return implMulAdd(out, in, offset, len, k);
+ }
+
+ /**
+ * Parameters validation.
+ */
+ private static void implMulAddCheck(int[] out, int[] in, int offset, int len, int k) {
+ if (len > in.length) {
+ throw new IllegalArgumentException("input length is out of bound: " + len + " > " + in.length);
+ }
+ if (offset < 0) {
+ throw new IllegalArgumentException("input offset is invalid: " + offset);
+ }
+ if (offset > (out.length - 1)) {
+ throw new IllegalArgumentException("input offset is out of bound: " + offset + " > " + (out.length - 1));
+ }
+ if (len > (out.length - offset)) {
+ throw new IllegalArgumentException("input len is out of bound: " + len + " > " + (out.length - offset));
+ }
+ }
+
+ /**
+ * Java Runtime may use intrinsic for this method.
+ */
+ // @IntrinsicCandidate
+ private static int implMulAdd(int[] out, int[] in, int offset, int len, int k) {
+ long kLong = k & LONG_MASK;
+ long carry = 0;
+
+ offset = out.length-offset - 1;
+ for (int j=len-1; j >= 0; j--) {
+ long product = (in[j] & LONG_MASK) * kLong +
+ (out[offset] & LONG_MASK) + carry;
+ out[offset--] = (int)product;
+ carry = product >>> 32;
+ }
+ return (int)carry;
+ }
+
+ /**
+ * Add one word to the number a mlen words into a. Return the resulting
+ * carry.
+ */
+ static int addOne(int[] a, int offset, int mlen, int carry) {
+ offset = a.length-1-mlen-offset;
+ long t = (a[offset] & LONG_MASK) + (carry & LONG_MASK);
+
+ a[offset] = (int)t;
+ if ((t >>> 32) == 0)
+ return 0;
+ while (--mlen >= 0) {
+ if (--offset < 0) { // Carry out of number
+ return 1;
+ } else {
+ a[offset]++;
+ if (a[offset] != 0)
+ return 0;
+ }
+ }
+ return 1;
+ }
+
+ /**
+ * Returns a BigInteger whose value is (this ** exponent) mod (2**p)
+ */
+ private BigInteger modPow2(BigInteger exponent, int p) {
+ /*
+ * Perform exponentiation using repeated squaring trick, chopping off
+ * high order bits as indicated by modulus.
+ */
+ BigInteger result = ONE;
+ BigInteger baseToPow2 = this.mod2(p);
+ int expOffset = 0;
+
+ int limit = exponent.bitLength();
+
+ if (this.testBit(0))
+ limit = (p-1) < limit ? (p-1) : limit;
+
+ while (expOffset < limit) {
+ if (exponent.testBit(expOffset))
+ result = result.multiply(baseToPow2).mod2(p);
+ expOffset++;
+ if (expOffset < limit)
+ baseToPow2 = baseToPow2.square().mod2(p);
+ }
+
+ return result;
+ }
+
+ /**
+ * Returns a BigInteger whose value is this mod(2**p).
+ * Assumes that this {@code BigInteger >= 0} and {@code p > 0}.
+ */
+ private BigInteger mod2(int p) {
+ if (bitLength() <= p)
+ return this;
+
+ // Copy remaining ints of mag
+ int numInts = (p + 31) >>> 5;
+ int[] mag = new int[numInts];
+ System.arraycopy(this.mag, (this.mag.length - numInts), mag, 0, numInts);
+
+ // Mask out any excess bits
+ int excessBits = (numInts << 5) - p;
+ mag[0] &= (1L << (32-excessBits)) - 1;
+
+ return (mag[0] == 0 ? new BigInteger(1, mag) : new BigInteger(mag, 1));
+ }
+
+ /**
+ * Returns a BigInteger whose value is {@code (this}-1 {@code mod m)}.
+ *
+ * @param m the modulus.
+ * @return {@code this}-1 {@code mod m}.
+ * @throws ArithmeticException {@code m} ≤ 0, or this BigInteger
+ * has no multiplicative inverse mod m (that is, this BigInteger
+ * is not relatively prime to m).
+ */
+ public BigInteger modInverse(BigInteger m) {
+ if (m.signum != 1)
+ throw new ArithmeticException("BigInteger: modulus not positive");
+
+ if (m.equals(ONE))
+ return ZERO;
+
+ // Calculate (this mod m)
+ BigInteger modVal = this;
+ if (signum < 0 || (this.compareMagnitude(m) >= 0))
+ modVal = this.mod(m);
+
+ if (modVal.equals(ONE))
+ return ONE;
+
+ MutableBigInteger a = new MutableBigInteger(modVal);
+ MutableBigInteger b = new MutableBigInteger(m);
+
+ MutableBigInteger result = a.mutableModInverse(b);
+ return result.toBigInteger(1);
+ }
+
+ // Shift Operations
+
+ /**
+ * Returns a BigInteger whose value is {@code (this << n)}.
+ * The shift distance, {@code n}, may be negative, in which case
+ * this method performs a right shift.
+ * (Computes floor(this * 2n).)
+ *
+ * @param n shift distance, in bits.
+ * @return {@code this << n}
+ * @see #shiftRight
+ */
+ public BigInteger shiftLeft(int n) {
+ if (signum == 0)
+ return ZERO;
+ if (n > 0) {
+ return new BigInteger(shiftLeft(mag, n), signum);
+ } else if (n == 0) {
+ return this;
+ } else {
+ // Possible int overflow in (-n) is not a trouble,
+ // because shiftRightImpl considers its argument unsigned
+ return shiftRightImpl(-n);
+ }
+ }
+
+ /**
+ * Returns a magnitude array whose value is {@code (mag << n)}.
+ * The shift distance, {@code n}, is considered unnsigned.
+ * (Computes this * 2n.)
+ *
+ * @param mag magnitude, the most-significant int ({@code mag[0]}) must be non-zero.
+ * @param n unsigned shift distance, in bits.
+ * @return {@code mag << n}
+ */
+ private static int[] shiftLeft(int[] mag, int n) {
+ int nInts = n >>> 5;
+ int nBits = n & 0x1f;
+ int magLen = mag.length;
+ int newMag[] = null;
+
+ if (nBits == 0) {
+ newMag = new int[magLen + nInts];
+ System.arraycopy(mag, 0, newMag, 0, magLen);
+ } else {
+ int i = 0;
+ int nBits2 = 32 - nBits;
+ int highBits = mag[0] >>> nBits2;
+ if (highBits != 0) {
+ newMag = new int[magLen + nInts + 1];
+ newMag[i++] = highBits;
+ } else {
+ newMag = new int[magLen + nInts];
+ }
+ int numIter = magLen - 1;
+ Objects.checkFromToIndex(0, numIter + 1, mag.length);
+ Objects.checkFromToIndex(i, numIter + i + 1, newMag.length);
+ shiftLeftImplWorker(newMag, mag, i, nBits, numIter);
+ newMag[numIter + i] = mag[numIter] << nBits;
+ }
+ return newMag;
+ }
+
+ //@ForceInline
+ //@IntrinsicCandidate
+ private static void shiftLeftImplWorker(int[] newArr, int[] oldArr, int newIdx, int shiftCount, int numIter) {
+ int shiftCountRight = 32 - shiftCount;
+ int oldIdx = 0;
+ while (oldIdx < numIter) {
+ newArr[newIdx++] = (oldArr[oldIdx++] << shiftCount) | (oldArr[oldIdx] >>> shiftCountRight);
+ }
+ }
+
+ /**
+ * Returns a BigInteger whose value is {@code (this >> n)}. Sign
+ * extension is performed. The shift distance, {@code n}, may be
+ * negative, in which case this method performs a left shift.
+ * (Computes floor(this / 2n).)
+ *
+ * @param n shift distance, in bits.
+ * @return {@code this >> n}
+ * @see #shiftLeft
+ */
+ public BigInteger shiftRight(int n) {
+ if (signum == 0)
+ return ZERO;
+ if (n > 0) {
+ return shiftRightImpl(n);
+ } else if (n == 0) {
+ return this;
+ } else {
+ // Possible int overflow in {@code -n} is not a trouble,
+ // because shiftLeft considers its argument unsigned
+ return new BigInteger(shiftLeft(mag, -n), signum);
+ }
+ }
+
+ /**
+ * Returns a BigInteger whose value is {@code (this >> n)}. The shift
+ * distance, {@code n}, is considered unsigned.
+ * (Computes floor(this * 2-n).)
+ *
+ * @param n unsigned shift distance, in bits.
+ * @return {@code this >> n}
+ */
+ private BigInteger shiftRightImpl(int n) {
+ int nInts = n >>> 5;
+ int nBits = n & 0x1f;
+ int magLen = mag.length;
+ int newMag[] = null;
+
+ // Special case: entire contents shifted off the end
+ if (nInts >= magLen)
+ return (signum >= 0 ? ZERO : negConst[1]);
+
+ if (nBits == 0) {
+ int newMagLen = magLen - nInts;
+ newMag = Arrays.copyOf(mag, newMagLen);
+ } else {
+ int i = 0;
+ int highBits = mag[0] >>> nBits;
+ if (highBits != 0) {
+ newMag = new int[magLen - nInts];
+ newMag[i++] = highBits;
+ } else {
+ newMag = new int[magLen - nInts -1];
+ }
+ int numIter = magLen - nInts - 1;
+ Objects.checkFromToIndex(0, numIter + 1, mag.length);
+ Objects.checkFromToIndex(i, numIter + i, newMag.length);
+ shiftRightImplWorker(newMag, mag, i, nBits, numIter);
+ }
+
+ if (signum < 0) {
+ // Find out whether any one-bits were shifted off the end.
+ boolean onesLost = false;
+ for (int i=magLen-1, j=magLen-nInts; i >= j && !onesLost; i--)
+ onesLost = (mag[i] != 0);
+ if (!onesLost && nBits != 0)
+ onesLost = (mag[magLen - nInts - 1] << (32 - nBits) != 0);
+
+ if (onesLost)
+ newMag = javaIncrement(newMag);
+ }
+
+ return new BigInteger(newMag, signum);
+ }
+
+ //@ForceInline
+ //@IntrinsicCandidate
+ private static void shiftRightImplWorker(int[] newArr, int[] oldArr, int newIdx, int shiftCount, int numIter) {
+ int shiftCountLeft = 32 - shiftCount;
+ int idx = numIter;
+ int nidx = (newIdx == 0) ? numIter - 1 : numIter;
+ while (nidx >= newIdx) {
+ newArr[nidx--] = (oldArr[idx--] >>> shiftCount) | (oldArr[idx] << shiftCountLeft);
+ }
+ }
+
+ int[] javaIncrement(int[] val) {
+ int lastSum = 0;
+ for (int i=val.length-1; i >= 0 && lastSum == 0; i--)
+ lastSum = (val[i] += 1);
+ if (lastSum == 0) {
+ val = new int[val.length+1];
+ val[0] = 1;
+ }
+ return val;
+ }
+
+ // Bitwise Operations
+
+ /**
+ * Returns a BigInteger whose value is {@code (this & val)}. (This
+ * method returns a negative BigInteger if and only if this and val are
+ * both negative.)
+ *
+ * @param val value to be AND'ed with this BigInteger.
+ * @return {@code this & val}
+ */
+ public BigInteger and(BigInteger val) {
+ int[] result = new int[Math.max(intLength(), val.intLength())];
+ for (int i=0; i < result.length; i++)
+ result[i] = (getInt(result.length-i-1)
+ & val.getInt(result.length-i-1));
+
+ return valueOf(result);
+ }
+
+ /**
+ * Returns a BigInteger whose value is {@code (this | val)}. (This method
+ * returns a negative BigInteger if and only if either this or val is
+ * negative.)
+ *
+ * @param val value to be OR'ed with this BigInteger.
+ * @return {@code this | val}
+ */
+ public BigInteger or(BigInteger val) {
+ int[] result = new int[Math.max(intLength(), val.intLength())];
+ for (int i=0; i < result.length; i++)
+ result[i] = (getInt(result.length-i-1)
+ | val.getInt(result.length-i-1));
+
+ return valueOf(result);
+ }
+
+ /**
+ * Returns a BigInteger whose value is {@code (this ^ val)}. (This method
+ * returns a negative BigInteger if and only if exactly one of this and
+ * val are negative.)
+ *
+ * @param val value to be XOR'ed with this BigInteger.
+ * @return {@code this ^ val}
+ */
+ public BigInteger xor(BigInteger val) {
+ int[] result = new int[Math.max(intLength(), val.intLength())];
+ for (int i=0; i < result.length; i++)
+ result[i] = (getInt(result.length-i-1)
+ ^ val.getInt(result.length-i-1));
+
+ return valueOf(result);
+ }
+
+ /**
+ * Returns a BigInteger whose value is {@code (~this)}. (This method
+ * returns a negative value if and only if this BigInteger is
+ * non-negative.)
+ *
+ * @return {@code ~this}
+ */
+ public BigInteger not() {
+ int[] result = new int[intLength()];
+ for (int i=0; i < result.length; i++)
+ result[i] = ~getInt(result.length-i-1);
+
+ return valueOf(result);
+ }
+
+ /**
+ * Returns a BigInteger whose value is {@code (this & ~val)}. This
+ * method, which is equivalent to {@code and(val.not())}, is provided as
+ * a convenience for masking operations. (This method returns a negative
+ * BigInteger if and only if {@code this} is negative and {@code val} is
+ * positive.)
+ *
+ * @param val value to be complemented and AND'ed with this BigInteger.
+ * @return {@code this & ~val}
+ */
+ public BigInteger andNot(BigInteger val) {
+ int[] result = new int[Math.max(intLength(), val.intLength())];
+ for (int i=0; i < result.length; i++)
+ result[i] = (getInt(result.length-i-1)
+ & ~val.getInt(result.length-i-1));
+
+ return valueOf(result);
+ }
+
+
+ // Single Bit Operations
+
+ /**
+ * Returns {@code true} if and only if the designated bit is set.
+ * (Computes {@code ((this & (1<
+ * {@code this} and {@code b} must be nonnegative.
+ * @param b the divisor
+ * @param quotient output parameter for {@code this/b}
+ * @return the remainder
+ */
+ MutableBigInteger divideAndRemainderBurnikelZiegler(MutableBigInteger b, MutableBigInteger quotient) {
+ int r = intLen;
+ int s = b.intLen;
+
+ // Clear the quotient
+ quotient.offset = quotient.intLen = 0;
+
+ if (r < s) {
+ return this;
+ } else {
+ // Unlike Knuth division, we don't check for common powers of two here because
+ // BZ already runs faster if both numbers contain powers of two and cancelling them has no
+ // additional benefit.
+
+ // step 1: let m = min{2^k | (2^k)*BURNIKEL_ZIEGLER_THRESHOLD > s}
+ int m = 1 << (32-Integer.numberOfLeadingZeros(s/BigInteger.BURNIKEL_ZIEGLER_THRESHOLD));
+
+ int j = (s+m-1) / m; // step 2a: j = ceil(s/m)
+ int n = j * m; // step 2b: block length in 32-bit units
+ long n32 = 32L * n; // block length in bits
+ int sigma = (int) Math.max(0, n32 - b.bitLength()); // step 3: sigma = max{T | (2^T)*B < beta^n}
+ MutableBigInteger bShifted = new MutableBigInteger(b);
+ bShifted.safeLeftShift(sigma); // step 4a: shift b so its length is a multiple of n
+ MutableBigInteger aShifted = new MutableBigInteger (this);
+ aShifted.safeLeftShift(sigma); // step 4b: shift a by the same amount
+
+ // step 5: t is the number of blocks needed to accommodate a plus one additional bit
+ int t = (int) ((aShifted.bitLength()+n32) / n32);
+ if (t < 2) {
+ t = 2;
+ }
+
+ // step 6: conceptually split a into blocks a[t-1], ..., a[0]
+ MutableBigInteger a1 = aShifted.getBlock(t-1, t, n); // the most significant block of a
+
+ // step 7: z[t-2] = [a[t-1], a[t-2]]
+ MutableBigInteger z = aShifted.getBlock(t-2, t, n); // the second to most significant block
+ z.addDisjoint(a1, n); // z[t-2]
+
+ // do schoolbook division on blocks, dividing 2-block numbers by 1-block numbers
+ MutableBigInteger qi = new MutableBigInteger();
+ MutableBigInteger ri;
+ for (int i=t-2; i > 0; i--) {
+ // step 8a: compute (qi,ri) such that z=b*qi+ri
+ ri = z.divide2n1n(bShifted, qi);
+
+ // step 8b: z = [ri, a[i-1]]
+ z = aShifted.getBlock(i-1, t, n); // a[i-1]
+ z.addDisjoint(ri, n);
+ quotient.addShifted(qi, i*n); // update q (part of step 9)
+ }
+ // final iteration of step 8: do the loop one more time for i=0 but leave z unchanged
+ ri = z.divide2n1n(bShifted, qi);
+ quotient.add(qi);
+
+ ri.rightShift(sigma); // step 9: a and b were shifted, so shift back
+ return ri;
+ }
+ }
+
+ /**
+ * This method implements algorithm 1 from pg. 4 of the Burnikel-Ziegler paper.
+ * It divides a 2n-digit number by a n-digit number.
+ * The parameter beta is 232 so all shifts are multiples of 32 bits.
+ *
+ * {@code this} must be a nonnegative number such that {@code this.bitLength() <= 2*b.bitLength()}
+ * @param b a positive number such that {@code b.bitLength()} is even
+ * @param quotient output parameter for {@code this/b}
+ * @return {@code this%b}
+ */
+ private MutableBigInteger divide2n1n(MutableBigInteger b, MutableBigInteger quotient) {
+ int n = b.intLen;
+
+ // step 1: base case
+ if (n%2 != 0 || n < BigInteger.BURNIKEL_ZIEGLER_THRESHOLD) {
+ return divideKnuth(b, quotient);
+ }
+
+ // step 2: view this as [a1,a2,a3,a4] where each ai is n/2 ints or less
+ MutableBigInteger aUpper = new MutableBigInteger(this);
+ aUpper.safeRightShift(32*(n/2)); // aUpper = [a1,a2,a3]
+ keepLower(n/2); // this = a4
+
+ // step 3: q1=aUpper/b, r1=aUpper%b
+ MutableBigInteger q1 = new MutableBigInteger();
+ MutableBigInteger r1 = aUpper.divide3n2n(b, q1);
+
+ // step 4: quotient=[r1,this]/b, r2=[r1,this]%b
+ addDisjoint(r1, n/2); // this = [r1,this]
+ MutableBigInteger r2 = divide3n2n(b, quotient);
+
+ // step 5: let quotient=[q1,quotient] and return r2
+ quotient.addDisjoint(q1, n/2);
+ return r2;
+ }
+
+ /**
+ * This method implements algorithm 2 from pg. 5 of the Burnikel-Ziegler paper.
+ * It divides a 3n-digit number by a 2n-digit number.
+ * The parameter beta is 232 so all shifts are multiples of 32 bits.
+ *
+ * {@code this} must be a nonnegative number such that {@code 2*this.bitLength() <= 3*b.bitLength()}
+ * @param quotient output parameter for {@code this/b}
+ * @return {@code this%b}
+ */
+ private MutableBigInteger divide3n2n(MutableBigInteger b, MutableBigInteger quotient) {
+ int n = b.intLen / 2; // half the length of b in ints
+
+ // step 1: view this as [a1,a2,a3] where each ai is n ints or less; let a12=[a1,a2]
+ MutableBigInteger a12 = new MutableBigInteger(this);
+ a12.safeRightShift(32*n);
+
+ // step 2: view b as [b1,b2] where each bi is n ints or less
+ MutableBigInteger b1 = new MutableBigInteger(b);
+ b1.safeRightShift(n * 32);
+ BigInteger b2 = b.getLower(n);
+
+ MutableBigInteger r;
+ MutableBigInteger d;
+ if (compareShifted(b, n) < 0) {
+ // step 3a: if a1
+ * Used by Burnikel-Ziegler division.
+ * @param index the block index
+ * @param numBlocks the total number of blocks in {@code this} number
+ * @param blockLength length of one block in units of 32 bits
+ * @return
+ */
+ private MutableBigInteger getBlock(int index, int numBlocks, int blockLength) {
+ int blockStart = index * blockLength;
+ if (blockStart >= intLen) {
+ return new MutableBigInteger();
+ }
+
+ int blockEnd;
+ if (index == numBlocks-1) {
+ blockEnd = intLen;
+ } else {
+ blockEnd = (index+1) * blockLength;
+ }
+ if (blockEnd > intLen) {
+ return new MutableBigInteger();
+ }
+
+ int[] newVal = Arrays.copyOfRange(value, offset+intLen-blockEnd, offset+intLen-blockStart);
+ return new MutableBigInteger(newVal);
+ }
+
+ /** @see BigInteger#bitLength() */
+ long bitLength() {
+ if (intLen == 0)
+ return 0;
+ return intLen*32L - Integer.numberOfLeadingZeros(value[offset]);
+ }
+
+ /**
+ * Internally used to calculate the quotient of this div v and places the
+ * quotient in the provided MutableBigInteger object and the remainder is
+ * returned.
+ *
+ * @return the remainder of the division will be returned.
+ */
+ long divide(long v, MutableBigInteger quotient) {
+ if (v == 0)
+ throw new ArithmeticException("BigInteger divide by zero");
+
+ // Dividend is zero
+ if (intLen == 0) {
+ quotient.intLen = quotient.offset = 0;
+ return 0;
+ }
+ if (v < 0)
+ v = -v;
+
+ int d = (int)(v >>> 32);
+ quotient.clear();
+ // Special case on word divisor
+ if (d == 0)
+ return divideOneWord((int)v, quotient) & LONG_MASK;
+ else {
+ return divideLongMagnitude(v, quotient).toLong();
+ }
+ }
+
+ private static void copyAndShift(int[] src, int srcFrom, int srcLen, int[] dst, int dstFrom, int shift) {
+ int n2 = 32 - shift;
+ int c=src[srcFrom];
+ for (int i=0; i < srcLen-1; i++) {
+ int b = c;
+ c = src[++srcFrom];
+ dst[dstFrom+i] = (b << shift) | (c >>> n2);
+ }
+ dst[dstFrom+srcLen-1] = c << shift;
+ }
+
+ /**
+ * Divide this MutableBigInteger by the divisor.
+ * The quotient will be placed into the provided quotient object &
+ * the remainder object is returned.
+ */
+ private MutableBigInteger divideMagnitude(MutableBigInteger div,
+ MutableBigInteger quotient,
+ boolean needRemainder ) {
+ // assert div.intLen > 1
+ // D1 normalize the divisor
+ int shift = Integer.numberOfLeadingZeros(div.value[div.offset]);
+ // Copy divisor value to protect divisor
+ final int dlen = div.intLen;
+ int[] divisor;
+ MutableBigInteger rem; // Remainder starts as dividend with space for a leading zero
+ if (shift > 0) {
+ divisor = new int[dlen];
+ copyAndShift(div.value,div.offset,dlen,divisor,0,shift);
+ if (Integer.numberOfLeadingZeros(value[offset]) >= shift) {
+ int[] remarr = new int[intLen + 1];
+ rem = new MutableBigInteger(remarr);
+ rem.intLen = intLen;
+ rem.offset = 1;
+ copyAndShift(value,offset,intLen,remarr,1,shift);
+ } else {
+ int[] remarr = new int[intLen + 2];
+ rem = new MutableBigInteger(remarr);
+ rem.intLen = intLen+1;
+ rem.offset = 1;
+ int rFrom = offset;
+ int c=0;
+ int n2 = 32 - shift;
+ for (int i=1; i < intLen+1; i++,rFrom++) {
+ int b = c;
+ c = value[rFrom];
+ remarr[i] = (b << shift) | (c >>> n2);
+ }
+ remarr[intLen+1] = c << shift;
+ }
+ } else {
+ divisor = Arrays.copyOfRange(div.value, div.offset, div.offset + div.intLen);
+ rem = new MutableBigInteger(new int[intLen + 1]);
+ System.arraycopy(value, offset, rem.value, 1, intLen);
+ rem.intLen = intLen;
+ rem.offset = 1;
+ }
+
+ int nlen = rem.intLen;
+
+ // Set the quotient size
+ final int limit = nlen - dlen + 1;
+ if (quotient.value.length < limit) {
+ quotient.value = new int[limit];
+ quotient.offset = 0;
+ }
+ quotient.intLen = limit;
+ int[] q = quotient.value;
+
+
+ // Must insert leading 0 in rem if its length did not change
+ if (rem.intLen == nlen) {
+ rem.offset = 0;
+ rem.value[0] = 0;
+ rem.intLen++;
+ }
+
+ int dh = divisor[0];
+ long dhLong = dh & LONG_MASK;
+ int dl = divisor[1];
+
+ // D2 Initialize j
+ for (int j=0; j < limit-1; j++) {
+ // D3 Calculate qhat
+ // estimate qhat
+ int qhat = 0;
+ int qrem = 0;
+ boolean skipCorrection = false;
+ int nh = rem.value[j+rem.offset];
+ int nh2 = nh + 0x80000000;
+ int nm = rem.value[j+1+rem.offset];
+
+ if (nh == dh) {
+ qhat = ~0;
+ qrem = nh + nm;
+ skipCorrection = qrem + 0x80000000 < nh2;
+ } else {
+ long nChunk = (((long)nh) << 32) | (nm & LONG_MASK);
+ if (nChunk >= 0) {
+ qhat = (int) (nChunk / dhLong);
+ qrem = (int) (nChunk - (qhat * dhLong));
+ } else {
+ long tmp = divWord(nChunk, dh);
+ qhat = (int) (tmp & LONG_MASK);
+ qrem = (int) (tmp >>> 32);
+ }
+ }
+
+ if (qhat == 0)
+ continue;
+
+ if (!skipCorrection) { // Correct qhat
+ long nl = rem.value[j+2+rem.offset] & LONG_MASK;
+ long rs = ((qrem & LONG_MASK) << 32) | nl;
+ long estProduct = (dl & LONG_MASK) * (qhat & LONG_MASK);
+
+ if (unsignedLongCompare(estProduct, rs)) {
+ qhat--;
+ qrem = (int)((qrem & LONG_MASK) + dhLong);
+ if ((qrem & LONG_MASK) >= dhLong) {
+ estProduct -= (dl & LONG_MASK);
+ rs = ((qrem & LONG_MASK) << 32) | nl;
+ if (unsignedLongCompare(estProduct, rs))
+ qhat--;
+ }
+ }
+ }
+
+ // D4 Multiply and subtract
+ rem.value[j+rem.offset] = 0;
+ int borrow = mulsub(rem.value, divisor, qhat, dlen, j+rem.offset);
+
+ // D5 Test remainder
+ if (borrow + 0x80000000 > nh2) {
+ // D6 Add back
+ divadd(divisor, rem.value, j+1+rem.offset);
+ qhat--;
+ }
+
+ // Store the quotient digit
+ q[j] = qhat;
+ } // D7 loop on j
+ // D3 Calculate qhat
+ // estimate qhat
+ int qhat = 0;
+ int qrem = 0;
+ boolean skipCorrection = false;
+ int nh = rem.value[limit - 1 + rem.offset];
+ int nh2 = nh + 0x80000000;
+ int nm = rem.value[limit + rem.offset];
+
+ if (nh == dh) {
+ qhat = ~0;
+ qrem = nh + nm;
+ skipCorrection = qrem + 0x80000000 < nh2;
+ } else {
+ long nChunk = (((long) nh) << 32) | (nm & LONG_MASK);
+ if (nChunk >= 0) {
+ qhat = (int) (nChunk / dhLong);
+ qrem = (int) (nChunk - (qhat * dhLong));
+ } else {
+ long tmp = divWord(nChunk, dh);
+ qhat = (int) (tmp & LONG_MASK);
+ qrem = (int) (tmp >>> 32);
+ }
+ }
+ if (qhat != 0) {
+ if (!skipCorrection) { // Correct qhat
+ long nl = rem.value[limit + 1 + rem.offset] & LONG_MASK;
+ long rs = ((qrem & LONG_MASK) << 32) | nl;
+ long estProduct = (dl & LONG_MASK) * (qhat & LONG_MASK);
+
+ if (unsignedLongCompare(estProduct, rs)) {
+ qhat--;
+ qrem = (int) ((qrem & LONG_MASK) + dhLong);
+ if ((qrem & LONG_MASK) >= dhLong) {
+ estProduct -= (dl & LONG_MASK);
+ rs = ((qrem & LONG_MASK) << 32) | nl;
+ if (unsignedLongCompare(estProduct, rs))
+ qhat--;
+ }
+ }
+ }
+
+
+ // D4 Multiply and subtract
+ int borrow;
+ rem.value[limit - 1 + rem.offset] = 0;
+ if(needRemainder)
+ borrow = mulsub(rem.value, divisor, qhat, dlen, limit - 1 + rem.offset);
+ else
+ borrow = mulsubBorrow(rem.value, divisor, qhat, dlen, limit - 1 + rem.offset);
+
+ // D5 Test remainder
+ if (borrow + 0x80000000 > nh2) {
+ // D6 Add back
+ if(needRemainder)
+ divadd(divisor, rem.value, limit - 1 + 1 + rem.offset);
+ qhat--;
+ }
+
+ // Store the quotient digit
+ q[(limit - 1)] = qhat;
+ }
+
+
+ if (needRemainder) {
+ // D8 Unnormalize
+ if (shift > 0)
+ rem.rightShift(shift);
+ rem.normalize();
+ }
+ quotient.normalize();
+ return needRemainder ? rem : null;
+ }
+
+ /**
+ * Divide this MutableBigInteger by the divisor represented by positive long
+ * value. The quotient will be placed into the provided quotient object &
+ * the remainder object is returned.
+ */
+ private MutableBigInteger divideLongMagnitude(long ldivisor, MutableBigInteger quotient) {
+ // Remainder starts as dividend with space for a leading zero
+ MutableBigInteger rem = new MutableBigInteger(new int[intLen + 1]);
+ System.arraycopy(value, offset, rem.value, 1, intLen);
+ rem.intLen = intLen;
+ rem.offset = 1;
+
+ int nlen = rem.intLen;
+
+ int limit = nlen - 2 + 1;
+ if (quotient.value.length < limit) {
+ quotient.value = new int[limit];
+ quotient.offset = 0;
+ }
+ quotient.intLen = limit;
+ int[] q = quotient.value;
+
+ // D1 normalize the divisor
+ int shift = Long.numberOfLeadingZeros(ldivisor);
+ if (shift > 0) {
+ ldivisor<<=shift;
+ rem.leftShift(shift);
+ }
+
+ // Must insert leading 0 in rem if its length did not change
+ if (rem.intLen == nlen) {
+ rem.offset = 0;
+ rem.value[0] = 0;
+ rem.intLen++;
+ }
+
+ int dh = (int)(ldivisor >>> 32);
+ long dhLong = dh & LONG_MASK;
+ int dl = (int)(ldivisor & LONG_MASK);
+
+ // D2 Initialize j
+ for (int j = 0; j < limit; j++) {
+ // D3 Calculate qhat
+ // estimate qhat
+ int qhat = 0;
+ int qrem = 0;
+ boolean skipCorrection = false;
+ int nh = rem.value[j + rem.offset];
+ int nh2 = nh + 0x80000000;
+ int nm = rem.value[j + 1 + rem.offset];
+
+ if (nh == dh) {
+ qhat = ~0;
+ qrem = nh + nm;
+ skipCorrection = qrem + 0x80000000 < nh2;
+ } else {
+ long nChunk = (((long) nh) << 32) | (nm & LONG_MASK);
+ if (nChunk >= 0) {
+ qhat = (int) (nChunk / dhLong);
+ qrem = (int) (nChunk - (qhat * dhLong));
+ } else {
+ long tmp = divWord(nChunk, dh);
+ qhat =(int)(tmp & LONG_MASK);
+ qrem = (int)(tmp>>>32);
+ }
+ }
+
+ if (qhat == 0)
+ continue;
+
+ if (!skipCorrection) { // Correct qhat
+ long nl = rem.value[j + 2 + rem.offset] & LONG_MASK;
+ long rs = ((qrem & LONG_MASK) << 32) | nl;
+ long estProduct = (dl & LONG_MASK) * (qhat & LONG_MASK);
+
+ if (unsignedLongCompare(estProduct, rs)) {
+ qhat--;
+ qrem = (int) ((qrem & LONG_MASK) + dhLong);
+ if ((qrem & LONG_MASK) >= dhLong) {
+ estProduct -= (dl & LONG_MASK);
+ rs = ((qrem & LONG_MASK) << 32) | nl;
+ if (unsignedLongCompare(estProduct, rs))
+ qhat--;
+ }
+ }
+ }
+
+ // D4 Multiply and subtract
+ rem.value[j + rem.offset] = 0;
+ int borrow = mulsubLong(rem.value, dh, dl, qhat, j + rem.offset);
+
+ // D5 Test remainder
+ if (borrow + 0x80000000 > nh2) {
+ // D6 Add back
+ divaddLong(dh,dl, rem.value, j + 1 + rem.offset);
+ qhat--;
+ }
+
+ // Store the quotient digit
+ q[j] = qhat;
+ } // D7 loop on j
+
+ // D8 Unnormalize
+ if (shift > 0)
+ rem.rightShift(shift);
+
+ quotient.normalize();
+ rem.normalize();
+ return rem;
+ }
+
+ /**
+ * A primitive used for division by long.
+ * Specialized version of the method divadd.
+ * dh is a high part of the divisor, dl is a low part
+ */
+ private int divaddLong(int dh, int dl, int[] result, int offset) {
+ long carry = 0;
+
+ long sum = (dl & LONG_MASK) + (result[1+offset] & LONG_MASK);
+ result[1+offset] = (int)sum;
+
+ sum = (dh & LONG_MASK) + (result[offset] & LONG_MASK) + carry;
+ result[offset] = (int)sum;
+ carry = sum >>> 32;
+ return (int)carry;
+ }
+
+ /**
+ * This method is used for division by long.
+ * Specialized version of the method sulsub.
+ * dh is a high part of the divisor, dl is a low part
+ */
+ private int mulsubLong(int[] q, int dh, int dl, int x, int offset) {
+ long xLong = x & LONG_MASK;
+ offset += 2;
+ long product = (dl & LONG_MASK) * xLong;
+ long difference = q[offset] - product;
+ q[offset--] = (int)difference;
+ long carry = (product >>> 32)
+ + (((difference & LONG_MASK) >
+ (((~(int)product) & LONG_MASK))) ? 1:0);
+ product = (dh & LONG_MASK) * xLong + carry;
+ difference = q[offset] - product;
+ q[offset--] = (int)difference;
+ carry = (product >>> 32)
+ + (((difference & LONG_MASK) >
+ (((~(int)product) & LONG_MASK))) ? 1:0);
+ return (int)carry;
+ }
+
+ /**
+ * Compare two longs as if they were unsigned.
+ * Returns true iff one is bigger than two.
+ */
+ private boolean unsignedLongCompare(long one, long two) {
+ return (one+Long.MIN_VALUE) > (two+Long.MIN_VALUE);
+ }
+
+ /**
+ * This method divides a long quantity by an int to estimate
+ * qhat for two multi precision numbers. It is used when
+ * the signed value of n is less than zero.
+ * Returns long value where high 32 bits contain remainder value and
+ * low 32 bits contain quotient value.
+ */
+ static long divWord(long n, int d) {
+ long dLong = d & LONG_MASK;
+ long r;
+ long q;
+ if (dLong == 1) {
+ q = (int)n;
+ r = 0;
+ return (r << 32) | (q & LONG_MASK);
+ }
+
+ // Approximate the quotient and remainder
+ q = (n >>> 1) / (dLong >>> 1);
+ r = n - q*dLong;
+
+ // Correct the approximation
+ while (r < 0) {
+ r += dLong;
+ q--;
+ }
+ while (r >= dLong) {
+ r -= dLong;
+ q++;
+ }
+ // n - q*dlong == r && 0 <= r