ZZn6 shuffle(ZZn3 &first, ZZn3 &second) { // shuffle from a pair ZZn3's to three ZZn2's, as required by ZZn6 ZZn6 w; ZZn x0,x1,x2,x3,x4,x5; ZZn2 t0,t1,t2; first.get(x0,x2,x4); second.get(x1,x3,x5); t0.set(x0,x3); t1.set(x1,x4); t2.set(x2,x5); w.set(t0,t1,t2); return w; }
ZZn6 line(ECn& A,ECn& C,ZZn& slope,ZZn3& Qx,ZZn3& Qy) { ZZn6 w; ZZn3 nn=Qx; ZZn x,y,z,t; extract(A,x,y,z); x*=z; t=z; z*=z; z*=t; x*=slope; t=slope*z; nn*=t; nn-=x; t=z; extract(C,x,x,z); nn+=(z*y); t*=z; w.set(nn,-Qy*t); return w; }