2 files changed, 33 insertions, 0 deletions

diff --git a/src/gen/order.c b/src/gen/order.c
index 0bbac77..a9d22b2 100644
--- a/src/gen/order.c
+++ b/src/gen/order.c
@@ -66,6 +66,29 @@ GENERATOR(order_gen_cofactor) {
 	return 1;
 }
 
+GENERATOR(order_gen_smooth) {
+	HAS_ARG(args);
+	pari_ulong smooth_bound = *(pari_ulong *)args->args;
+	pari_sp ltop = avma;
+	GEN order = ellff_get_card(curve->curve);
+
+	GEN factors = factor(order);
+	GEN primes = gel(factors, 1);
+	long uniqs = glength(primes);
+
+	for (long i = 1; i <= uniqs; ++i) {
+		long blen = glength(binary_zv(gel(primes, i)));
+		if (blen > smooth_bound) {
+			avma = ltop;
+			return -4;
+		}
+	}
+
+	curve->order = gerepilecopy(ltop, order);
+	obj_insert_shallow(curve->curve, 1, order);
+	return 1;
+}
+
 GENERATOR(order_gen_prime) {
 	pari_sp ltop = avma;
 	GEN order = ellsea(curve->curve, 1);
diff --git a/src/gen/order.h b/src/gen/order.h
index 45b5e3e..9dc1553 100644
--- a/src/gen/order.h
+++ b/src/gen/order.h
@@ -56,6 +56,16 @@ GENERATOR(order_gen_cofactor);
 
 /**
  * GENERATOR(gen_f)
+ *
+ * @param curve A curve_t being generated
+ * @param args pari_ulong the desired cofactor
+ * @param state
+ * @return state diff
+ */
+GENERATOR(order_gen_smooth);
+
+/**
+ * GENERATOR(gen_f)
  * Calculates the curve order, always using the SEA algorithm,
  * gives up early in case the order is divisible by "something".
  * Succeeds if the curve has a prime order.