Use fixed-point comb for multiplying by the base-point

1 files changed, 18 insertions, 20 deletions

diff --git a/core/src/main/java/org/bouncycastle/crypto/signers/ECDSASigner.java b/core/src/main/java/org/bouncycastle/crypto/signers/ECDSASigner.java
index 2a1f98eb..26fd588e 100644
--- a/core/src/main/java/org/bouncycastle/crypto/signers/ECDSASigner.java
+++ b/core/src/main/java/org/bouncycastle/crypto/signers/ECDSASigner.java
@@ -5,13 +5,16 @@ import java.security.SecureRandom;
 
 import org.bouncycastle.crypto.CipherParameters;
 import org.bouncycastle.crypto.DSA;
+import org.bouncycastle.crypto.params.ECDomainParameters;
 import org.bouncycastle.crypto.params.ECKeyParameters;
 import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
 import org.bouncycastle.crypto.params.ECPublicKeyParameters;
 import org.bouncycastle.crypto.params.ParametersWithRandom;
 import org.bouncycastle.math.ec.ECAlgorithms;
 import org.bouncycastle.math.ec.ECConstants;
+import org.bouncycastle.math.ec.ECMultiplier;
 import org.bouncycastle.math.ec.ECPoint;
+import org.bouncycastle.math.ec.FixedPointCombMultiplier;
 
 /**
  * EC-DSA as described in X9.62
@@ -78,50 +81,44 @@ public class ECDSASigner
     public BigInteger[] generateSignature(
         byte[] message)
     {
-        BigInteger n = key.getParameters().getN();
+        ECDomainParameters ec = key.getParameters();
+        BigInteger n = ec.getN();
         BigInteger e = calculateE(n, message);
-        BigInteger r = null;
-        BigInteger s = null;
+        BigInteger d = ((ECPrivateKeyParameters)key).getD();
 
         if (kCalculator.isDeterministic())
         {
-            kCalculator.init(n, ((ECPrivateKeyParameters)key).getD(), message);
+            kCalculator.init(n, d, message);
         }
         else
         {
             kCalculator.init(n, random);
         }
 
+        BigInteger r, s;
+
+        ECMultiplier basePointMultiplier = new FixedPointCombMultiplier();
+
         // 5.3.2
         do // generate s
         {
-            BigInteger k = null;
-
+            BigInteger k;
             do // generate r
             {
                 k = kCalculator.nextK();
 
-                ECPoint p = key.getParameters().getG().multiply(k).normalize();
+                ECPoint p = basePointMultiplier.multiply(ec.getG(), k).normalize();
 
                 // 5.3.3
-                BigInteger x = p.getAffineXCoord().toBigInteger();
-
-                r = x.mod(n);
+                r = p.getAffineXCoord().toBigInteger().mod(n);
             }
             while (r.equals(ZERO));
 
-            BigInteger d = ((ECPrivateKeyParameters)key).getD();
-
             s = k.modInverse(n).multiply(e.add(d.multiply(r))).mod(n);
         }
         while (s.equals(ZERO));
 
-        BigInteger[]  res = new BigInteger[2];
-
-        res[0] = r;
-        res[1] = s;
-
-        return res;
+        return new BigInteger[]{ r, s };
     }
 
     // 5.4 pg 29
@@ -135,7 +132,8 @@ public class ECDSASigner
         BigInteger  r,
         BigInteger  s)
     {
-        BigInteger n = key.getParameters().getN();
+        ECDomainParameters ec = key.getParameters();
+        BigInteger n = ec.getN();
         BigInteger e = calculateE(n, message);
 
         // r in the range [1,n-1]
@@ -155,7 +153,7 @@ public class ECDSASigner
         BigInteger u1 = e.multiply(c).mod(n);
         BigInteger u2 = r.multiply(c).mod(n);
 
-        ECPoint G = key.getParameters().getG();
+        ECPoint G = ec.getG();
         ECPoint Q = ((ECPublicKeyParameters)key).getQ();
 
         ECPoint point = ECAlgorithms.sumOfTwoMultiplies(G, u1, Q, u2).normalize();