diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-01-03 11:33:30 +0400 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-01-03 11:33:30 +0400 |
| commit | 0d5eeadac65474ddefcc88a87b645f0124f42e37 (patch) | |
| tree | b5d2d127dc36243162543a576f12a9c430dc164f | |
| parent | 9f93f7bf294d6dcd4711fa9ab3bd7b5743049e99 (diff) | |
Registerize data in reduce and columnize the addition
| -rw-r--r-- | core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256R1Field.java | 52 |
1 files changed, 33 insertions, 19 deletions
diff --git a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256R1Field.java b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256R1Field.java index 5647e8f5..46e2cf10 100644 --- a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256R1Field.java +++ b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256R1Field.java @@ -4,6 +4,8 @@ import java.math.BigInteger; public class SecP256R1Field { + private static final long M = 0xFFFFFFFFL; + // 2^256 - 2^224 + 2^192 + 2^96 - 1 private static final int[] P = new int[] { 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0xFFFFFFFF }; @@ -59,25 +61,37 @@ public class SecP256R1Field private static void reduce(int[] tt, int[] z) { - int c = 0; - - System.arraycopy(tt, 0, z, 0, 8); //s1 - - int[] s2 = new int[] { 0, 0, 0, tt[11], tt[12], tt[13], tt[14], tt[15] }; - c += Nat256.addBothTo(s2, s2, z); - int[] s3 = new int[] { 0, 0, 0, tt[12], tt[13], tt[14], tt[15], 0 }; - c += Nat256.addBothTo(s3, s3, z); - int[] s4 = new int[] { tt[8], tt[9], tt[10], 0, 0, 0, tt[14], tt[15] }; - int[] s5 = new int[] { tt[9], tt[10], tt[11], tt[13], tt[14], tt[15], tt[13], tt[8] }; - c += Nat256.addBothTo(s4, s5, z); - - int[] s6 = new int[] { tt[11], tt[12], tt[13], 0, 0, 0, tt[8], tt[10] }; - int[] s7 = new int[] { tt[12], tt[13], tt[14], tt[15], 0, 0, tt[9], tt[11] }; - c += Nat256.subBothFrom(s6, s7, z); - int[] s8 = new int[] { tt[13], tt[14], tt[15], tt[8], tt[9], tt[10], 0, tt[12] }; - int[] s9 = new int[] { tt[14], tt[15], 0, tt[9], tt[10], tt[11], 0, tt[13] }; - c += Nat256.subBothFrom(s8, s9, z); - + long t08 = tt[ 8] & M, t09 = tt[ 9] & M, t10 = tt[10] & M, t11 = tt[11] & M; + long t12 = tt[12] & M, t13 = tt[13] & M, t14 = tt[14] & M, t15 = tt[15] & M; + + long cc = 0; + cc += (tt[ 0] & M) + t08 + t09 - t11 - t12 - t13 - t14; + z[0] = (int)cc; + cc >>= 32; + cc += (tt[ 1] & M) + t09 + t10 - t12 - t13 - t14 - t15; + z[1] = (int)cc; + cc >>= 32; + cc += (tt[ 2] & M) + t10 + t11 - t13 - t14 - t15; + z[2] = (int)cc; + cc >>= 32; + cc += (tt[ 3] & M) + ((t11 + t12) << 1) + t13 - t15 - t08 - t09; + z[3] = (int)cc; + cc >>= 32; + cc += (tt[ 4] & M) + ((t12 + t13) << 1) + t14 - t09 - t10; + z[4] = (int)cc; + cc >>= 32; + cc += (tt[ 5] & M) + ((t13 + t14) << 1) + t15 - t10 - t11; + z[5] = (int)cc; + cc >>= 32; + cc += (tt[ 6] & M) + ((t14 + t15) << 1) + t14 + t13 - t08 - t09; + z[6] = (int)cc; + cc >>= 32; + cc += (tt[ 7] & M) + (t15 << 1) + t15 + t08 - t10 - t11 - t12 - t13; + z[7] = (int)cc; + cc >>= 32; + + int c = (int)cc; + if (c > 0) { do |