Merge branch 'secp256r1-mod'

diff --cc ChangeLog
index e1bc071ae79feb9d02e607e6d6663e70e5d21f74,d448aacbaeb9d203484bc3c3b2afb61cc5e0b44c..02ffdc8174d4cf9d616d33793e875a2a00de2905
--- 1/ChangeLog
--- 2/ChangeLog
+++ b/ChangeLog
@@@ -1,21 -1,11 +1,29 @@@
 +2021-10-26  Niels Möller  <nisse@lysator.liu.se>
 +
 +      * ecc-mod-arith.c (ecc_mod_zero_p): New function.
 +      * ecc-curve25519.c (ecc_curve25519_zero_p): Use it.
 +      * ecc-curve448.c (ecc_curve448_zero_p): Deleted, usage replaced
 +      with ecc_mod_zero_p.
 +      * testsuite/ecc-modinv-test.c (mod_eq_p): Rewritten to use
 +      ecc_mod_zero_p, and require that one input is canonically reduced.
 +      (zero_p): Deleted, usage replaced with ecc_mod_zero_p.
 +
 +2021-10-23  Niels Möller  <nisse@lysator.liu.se>
 +
 +      * gmp-glue.c (sec_zero_p): New function.
 +      * ecc-curve25519.c (ecc_curve25519_zero_p): Use it.
 +      * ecc-curve448.c (ecc_curve448_zero_p): Use it.
 +      * ecc-random.c (ecdsa_in_range): Use it.
 +      (zero_p): Delete static function.
 +
+ 2021-10-22  Niels Möller  <nisse@lysator.liu.se>
+ 
+       * ecc-secp256r1.c: Rework ad-hoc reduction functions. In
+       particular, arranged to always use single-limb quotients, no q2
+       quotient carry.
+       (ecc_secp256r1_modp): Reimplemented, closer to 2/1 division,
+       (ecc_secp256r1_modq): Reimplemented, closer to divappr2 division.
+ 
  2021-10-06  Niels Möller  <nisse@lysator.liu.se>
  
        * testsuite/ecc-mod-test.c: Extend tests to give better coverage