mpn_sec_powm

[Torbjorn Granlund]

nisse at lysator.liu.se (Niels Möller) writes:

  Given the current implementation, it's natural. But we could document
  that it is required that any left over bits in the top limb must be
  zero. Would that be better?
  
My take on this is that asking users to keep that zero isn't a
requirement which is hard or unnatural to meet.  On the other hand, I
could envision problems with some future implementation if there are
non-zero bits to ignore.  I don't have a strong opinion.

You're both a "user" and an "implementator", so perhaps you have a
better picture.


Torbjörn