diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-03-10 16:19:23 +0400 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-03-10 16:19:23 +0400 |
| commit | 77d8f8487e76e81a612cd40e838cba63f271fcbf (patch) | |
| tree | 4407971828569c006d09cab40485b778b9a7d97d /core/src/main/java/org/bouncycastle | |
| parent | 13fc3cb082bb4d3147ad0ca80e0b26f496ae93c8 (diff) | |
Optimize some of the addition/doubling internals
Diffstat (limited to 'core/src/main/java/org/bouncycastle')
8 files changed, 114 insertions, 92 deletions
diff --git a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP192K1Point.java b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP192K1Point.java index 44f8c7fe..d3802086 100644 --- a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP192K1Point.java +++ b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP192K1Point.java @@ -93,8 +93,9 @@ public class SecP192K1Point extends ECPoint SecP192K1FieldElement Z1 = (SecP192K1FieldElement)this.zs[0]; SecP192K1FieldElement Z2 = (SecP192K1FieldElement)b.getZCoord(0); + int c; int[] tt1 = Nat192.createExt(); - int[] tt2 = Nat192.createExt(); + int[] t2 = Nat192.create(); int[] t3 = Nat192.create(); int[] t4 = Nat192.create(); @@ -110,7 +111,7 @@ public class SecP192K1Point extends ECPoint S2 = t3; SecP192K1Field.square(Z1.x, S2); - U2 = tt2; + U2 = t2; SecP192K1Field.multiply(S2, X2.x, U2); SecP192K1Field.multiply(S2, Z1.x, S2); @@ -139,7 +140,7 @@ public class SecP192K1Point extends ECPoint int[] H = Nat192.create(); SecP192K1Field.subtract(U1, U2, H); - int[] R = tt2; + int[] R = t2; SecP192K1Field.subtract(S1, S2, R); // Check if b == this or b == -this @@ -164,19 +165,20 @@ public class SecP192K1Point extends ECPoint int[] V = t3; SecP192K1Field.multiply(HSquared, U1, V); + SecP192K1Field.negate(G, G); Nat192.mul(S1, G, tt1); + c = Nat192.addBothTo(V, V, G); + SecP192K1Field.reduce32(c, G); + SecP192K1FieldElement X3 = new SecP192K1FieldElement(t4); SecP192K1Field.square(R, X3.x); - SecP192K1Field.add(X3.x, G, X3.x); - SecP192K1Field.subtract(X3.x, V, X3.x); - SecP192K1Field.subtract(X3.x, V, X3.x); + SecP192K1Field.subtract(X3.x, G, X3.x); SecP192K1FieldElement Y3 = new SecP192K1FieldElement(G); SecP192K1Field.subtract(V, X3.x, Y3.x); - Nat192.mul(Y3.x, R, tt2); - SecP192K1Field.subtractExt(tt2, tt1, tt2); - SecP192K1Field.reduce(tt2, Y3.x); + SecP192K1Field.multiplyAddToExt(Y3.x, R, tt1); + SecP192K1Field.reduce(tt1, Y3.x); SecP192K1FieldElement Z3 = new SecP192K1FieldElement(H); if (!Z1IsOne) @@ -211,24 +213,25 @@ public class SecP192K1Point extends ECPoint SecP192K1FieldElement X1 = (SecP192K1FieldElement)this.x, Z1 = (SecP192K1FieldElement)this.zs[0]; + int c; + int[] Y1Squared = Nat192.create(); SecP192K1Field.square(Y1.x, Y1Squared); int[] T = Nat192.create(); SecP192K1Field.square(Y1Squared, T); - int[] t1 = Nat192.create(); - SecP192K1Field.square(X1.x, t1); - int[] M = Nat192.create(); - SecP192K1Field.twice(t1, M); - SecP192K1Field.add(M, t1, M); + SecP192K1Field.square(X1.x, M); + c = Nat192.addBothTo(M, M, M); + SecP192K1Field.reduce32(c, M); int[] S = Y1Squared; SecP192K1Field.multiply(Y1Squared, X1.x, S); - int c = Nat.shiftUpBits(6, S, 2, 0); + c = Nat.shiftUpBits(6, S, 2, 0); SecP192K1Field.reduce32(c, S); + int[] t1 = Nat192.create(); c = Nat.shiftUpBits(6, T, 3, 0, t1); SecP192K1Field.reduce32(c, t1); diff --git a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP192R1Point.java b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP192R1Point.java index 49116119..9a629ae4 100644 --- a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP192R1Point.java +++ b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP192R1Point.java @@ -92,8 +92,9 @@ public class SecP192R1Point extends ECPoint SecP192R1FieldElement Z1 = (SecP192R1FieldElement)this.zs[0]; SecP192R1FieldElement Z2 = (SecP192R1FieldElement)b.getZCoord(0); + int c; int[] tt1 = Nat192.createExt(); - int[] tt2 = Nat192.createExt(); + int[] t2 = Nat192.create(); int[] t3 = Nat192.create(); int[] t4 = Nat192.create(); @@ -109,7 +110,7 @@ public class SecP192R1Point extends ECPoint S2 = t3; SecP192R1Field.square(Z1.x, S2); - U2 = tt2; + U2 = t2; SecP192R1Field.multiply(S2, X2.x, U2); SecP192R1Field.multiply(S2, Z1.x, S2); @@ -138,7 +139,7 @@ public class SecP192R1Point extends ECPoint int[] H = Nat192.create(); SecP192R1Field.subtract(U1, U2, H); - int[] R = tt2; + int[] R = t2; SecP192R1Field.subtract(S1, S2, R); // Check if b == this or b == -this @@ -163,19 +164,20 @@ public class SecP192R1Point extends ECPoint int[] V = t3; SecP192R1Field.multiply(HSquared, U1, V); + SecP192R1Field.negate(G, G); Nat192.mul(S1, G, tt1); + c = Nat192.addBothTo(V, V, G); + SecP192R1Field.reduce32(c, G); + SecP192R1FieldElement X3 = new SecP192R1FieldElement(t4); SecP192R1Field.square(R, X3.x); - SecP192R1Field.add(X3.x, G, X3.x); - SecP192R1Field.subtract(X3.x, V, X3.x); - SecP192R1Field.subtract(X3.x, V, X3.x); + SecP192R1Field.subtract(X3.x, G, X3.x); SecP192R1FieldElement Y3 = new SecP192R1FieldElement(G); SecP192R1Field.subtract(V, X3.x, Y3.x); - Nat192.mul(Y3.x, R, tt2); - SecP192R1Field.subtractExt(tt2, tt1, tt2); - SecP192R1Field.reduce(tt2, Y3.x); + SecP192R1Field.multiplyAddToExt(Y3.x, R, tt1); + SecP192R1Field.reduce(tt1, Y3.x); SecP192R1FieldElement Z3 = new SecP192R1FieldElement(H); if (!Z1IsOne) @@ -210,6 +212,7 @@ public class SecP192R1Point extends ECPoint SecP192R1FieldElement X1 = (SecP192R1FieldElement)this.x, Z1 = (SecP192R1FieldElement)this.zs[0]; + int c; int[] t1 = Nat192.create(); int[] t2 = Nat192.create(); @@ -233,12 +236,12 @@ public class SecP192R1Point extends ECPoint int[] M = t2; SecP192R1Field.add(X1.x, Z1Squared, M); SecP192R1Field.multiply(M, t1, M); - SecP192R1Field.twice(M, t1); - SecP192R1Field.add(M, t1, M); + c = Nat192.addBothTo(M, M, M); + SecP192R1Field.reduce32(c, M); int[] S = Y1Squared; SecP192R1Field.multiply(Y1Squared, X1.x, S); - int c = Nat.shiftUpBits(6, S, 2, 0); + c = Nat.shiftUpBits(6, S, 2, 0); SecP192R1Field.reduce32(c, S); c = Nat.shiftUpBits(6, T, 3, 0, t1); diff --git a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP224K1Point.java b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP224K1Point.java index d5eb8294..6b72dbe7 100644 --- a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP224K1Point.java +++ b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP224K1Point.java @@ -93,8 +93,9 @@ public class SecP224K1Point extends ECPoint SecP224K1FieldElement Z1 = (SecP224K1FieldElement)this.zs[0]; SecP224K1FieldElement Z2 = (SecP224K1FieldElement)b.getZCoord(0); + int c; int[] tt1 = Nat224.createExt(); - int[] tt2 = Nat224.createExt(); + int[] t2 = Nat224.create(); int[] t3 = Nat224.create(); int[] t4 = Nat224.create(); @@ -110,7 +111,7 @@ public class SecP224K1Point extends ECPoint S2 = t3; SecP224K1Field.square(Z1.x, S2); - U2 = tt2; + U2 = t2; SecP224K1Field.multiply(S2, X2.x, U2); SecP224K1Field.multiply(S2, Z1.x, S2); @@ -139,7 +140,7 @@ public class SecP224K1Point extends ECPoint int[] H = Nat224.create(); SecP224K1Field.subtract(U1, U2, H); - int[] R = tt2; + int[] R = t2; SecP224K1Field.subtract(S1, S2, R); // Check if b == this or b == -this @@ -164,19 +165,20 @@ public class SecP224K1Point extends ECPoint int[] V = t3; SecP224K1Field.multiply(HSquared, U1, V); + SecP224K1Field.negate(G, G); Nat224.mul(S1, G, tt1); + c = Nat224.addBothTo(V, V, G); + SecP224K1Field.reduce32(c, G); + SecP224K1FieldElement X3 = new SecP224K1FieldElement(t4); SecP224K1Field.square(R, X3.x); - SecP224K1Field.add(X3.x, G, X3.x); - SecP224K1Field.subtract(X3.x, V, X3.x); - SecP224K1Field.subtract(X3.x, V, X3.x); + SecP224K1Field.subtract(X3.x, G, X3.x); SecP224K1FieldElement Y3 = new SecP224K1FieldElement(G); SecP224K1Field.subtract(V, X3.x, Y3.x); - Nat224.mul(Y3.x, R, tt2); - SecP224K1Field.subtractExt(tt2, tt1, tt2); - SecP224K1Field.reduce(tt2, Y3.x); + SecP224K1Field.multiplyAddToExt(Y3.x, R, tt1); + SecP224K1Field.reduce(tt1, Y3.x); SecP224K1FieldElement Z3 = new SecP224K1FieldElement(H); if (!Z1IsOne) @@ -211,24 +213,25 @@ public class SecP224K1Point extends ECPoint SecP224K1FieldElement X1 = (SecP224K1FieldElement)this.x, Z1 = (SecP224K1FieldElement)this.zs[0]; + int c; + int[] Y1Squared = Nat224.create(); SecP224K1Field.square(Y1.x, Y1Squared); int[] T = Nat224.create(); SecP224K1Field.square(Y1Squared, T); - int[] t1 = Nat224.create(); - SecP224K1Field.square(X1.x, t1); - int[] M = Nat224.create(); - SecP224K1Field.twice(t1, M); - SecP224K1Field.add(M, t1, M); + SecP224K1Field.square(X1.x, M); + c = Nat224.addBothTo(M, M, M); + SecP224K1Field.reduce32(c, M); int[] S = Y1Squared; SecP224K1Field.multiply(Y1Squared, X1.x, S); - int c = Nat.shiftUpBits(7, S, 2, 0); + c = Nat.shiftUpBits(7, S, 2, 0); SecP224K1Field.reduce32(c, S); + int[] t1 = Nat224.create(); c = Nat.shiftUpBits(7, T, 3, 0, t1); SecP224K1Field.reduce32(c, t1); diff --git a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP224R1Point.java b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP224R1Point.java index 177b2fec..8b4de02f 100644 --- a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP224R1Point.java +++ b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP224R1Point.java @@ -91,8 +91,9 @@ public class SecP224R1Point extends ECPoint SecP224R1FieldElement Z1 = (SecP224R1FieldElement)this.zs[0]; SecP224R1FieldElement Z2 = (SecP224R1FieldElement)b.getZCoord(0); + int c; int[] tt1 = Nat224.createExt(); - int[] tt2 = Nat224.createExt(); + int[] t2 = Nat224.create(); int[] t3 = Nat224.create(); int[] t4 = Nat224.create(); @@ -108,7 +109,7 @@ public class SecP224R1Point extends ECPoint S2 = t3; SecP224R1Field.square(Z1.x, S2); - U2 = tt2; + U2 = t2; SecP224R1Field.multiply(S2, X2.x, U2); SecP224R1Field.multiply(S2, Z1.x, S2); @@ -137,7 +138,7 @@ public class SecP224R1Point extends ECPoint int[] H = Nat224.create(); SecP224R1Field.subtract(U1, U2, H); - int[] R = tt2; + int[] R = t2; SecP224R1Field.subtract(S1, S2, R); // Check if b == this or b == -this @@ -162,19 +163,20 @@ public class SecP224R1Point extends ECPoint int[] V = t3; SecP224R1Field.multiply(HSquared, U1, V); + SecP224R1Field.negate(G, G); Nat224.mul(S1, G, tt1); + c = Nat224.addBothTo(V, V, G); + SecP224R1Field.reduce32(c, G); + SecP224R1FieldElement X3 = new SecP224R1FieldElement(t4); SecP224R1Field.square(R, X3.x); - SecP224R1Field.add(X3.x, G, X3.x); - SecP224R1Field.subtract(X3.x, V, X3.x); - SecP224R1Field.subtract(X3.x, V, X3.x); + SecP224R1Field.subtract(X3.x, G, X3.x); SecP224R1FieldElement Y3 = new SecP224R1FieldElement(G); SecP224R1Field.subtract(V, X3.x, Y3.x); - Nat224.mul(Y3.x, R, tt2); - SecP224R1Field.subtractExt(tt2, tt1, tt2); - SecP224R1Field.reduce(tt2, Y3.x); + SecP224R1Field.multiplyAddToExt(Y3.x, R, tt1); + SecP224R1Field.reduce(tt1, Y3.x); SecP224R1FieldElement Z3 = new SecP224R1FieldElement(H); if (!Z1IsOne) @@ -208,6 +210,7 @@ public class SecP224R1Point extends ECPoint SecP224R1FieldElement X1 = (SecP224R1FieldElement)this.x, Z1 = (SecP224R1FieldElement)this.zs[0]; + int c; int[] t1 = Nat224.create(); int[] t2 = Nat224.create(); @@ -231,12 +234,12 @@ public class SecP224R1Point extends ECPoint int[] M = t2; SecP224R1Field.add(X1.x, Z1Squared, M); SecP224R1Field.multiply(M, t1, M); - SecP224R1Field.twice(M, t1); - SecP224R1Field.add(M, t1, M); + c = Nat224.addBothTo(M, M, M); + SecP224R1Field.reduce32(c, M); int[] S = Y1Squared; SecP224R1Field.multiply(Y1Squared, X1.x, S); - int c = Nat.shiftUpBits(7, S, 2, 0); + c = Nat.shiftUpBits(7, S, 2, 0); SecP224R1Field.reduce32(c, S); c = Nat.shiftUpBits(7, T, 3, 0, t1); diff --git a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256K1Point.java b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256K1Point.java index d6a42694..9557cb26 100644 --- a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256K1Point.java +++ b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256K1Point.java @@ -93,8 +93,9 @@ public class SecP256K1Point extends ECPoint SecP256K1FieldElement Z1 = (SecP256K1FieldElement)this.zs[0]; SecP256K1FieldElement Z2 = (SecP256K1FieldElement)b.getZCoord(0); + int c; int[] tt1 = Nat256.createExt(); - int[] tt2 = Nat256.createExt(); + int[] t2 = Nat256.create(); int[] t3 = Nat256.create(); int[] t4 = Nat256.create(); @@ -110,7 +111,7 @@ public class SecP256K1Point extends ECPoint S2 = t3; SecP256K1Field.square(Z1.x, S2); - U2 = tt2; + U2 = t2; SecP256K1Field.multiply(S2, X2.x, U2); SecP256K1Field.multiply(S2, Z1.x, S2); @@ -139,7 +140,7 @@ public class SecP256K1Point extends ECPoint int[] H = Nat256.create(); SecP256K1Field.subtract(U1, U2, H); - int[] R = tt2; + int[] R = t2; SecP256K1Field.subtract(S1, S2, R); // Check if b == this or b == -this @@ -164,19 +165,20 @@ public class SecP256K1Point extends ECPoint int[] V = t3; SecP256K1Field.multiply(HSquared, U1, V); + SecP256K1Field.negate(G, G); Nat256.mul(S1, G, tt1); + c = Nat256.addBothTo(V, V, G); + SecP256K1Field.reduce32(c, G); + SecP256K1FieldElement X3 = new SecP256K1FieldElement(t4); SecP256K1Field.square(R, X3.x); - SecP256K1Field.add(X3.x, G, X3.x); - SecP256K1Field.subtract(X3.x, V, X3.x); - SecP256K1Field.subtract(X3.x, V, X3.x); + SecP256K1Field.subtract(X3.x, G, X3.x); SecP256K1FieldElement Y3 = new SecP256K1FieldElement(G); SecP256K1Field.subtract(V, X3.x, Y3.x); - Nat256.mul(Y3.x, R, tt2); - SecP256K1Field.subtractExt(tt2, tt1, tt2); - SecP256K1Field.reduce(tt2, Y3.x); + SecP256K1Field.multiplyAddToExt(Y3.x, R, tt1); + SecP256K1Field.reduce(tt1, Y3.x); SecP256K1FieldElement Z3 = new SecP256K1FieldElement(H); if (!Z1IsOne) @@ -211,24 +213,25 @@ public class SecP256K1Point extends ECPoint SecP256K1FieldElement X1 = (SecP256K1FieldElement)this.x, Z1 = (SecP256K1FieldElement)this.zs[0]; + int c; + int[] Y1Squared = Nat256.create(); SecP256K1Field.square(Y1.x, Y1Squared); int[] T = Nat256.create(); SecP256K1Field.square(Y1Squared, T); - int[] t1 = Nat256.create(); - SecP256K1Field.square(X1.x, t1); - int[] M = Nat256.create(); - SecP256K1Field.twice(t1, M); - SecP256K1Field.add(M, t1, M); + SecP256K1Field.square(X1.x, M); + c = Nat256.addBothTo(M, M, M); + SecP256K1Field.reduce32(c, M); int[] S = Y1Squared; SecP256K1Field.multiply(Y1Squared, X1.x, S); - int c = Nat.shiftUpBits(8, S, 2, 0); + c = Nat.shiftUpBits(8, S, 2, 0); SecP256K1Field.reduce32(c, S); + int[] t1 = Nat256.create(); c = Nat.shiftUpBits(8, T, 3, 0, t1); SecP256K1Field.reduce32(c, t1); diff --git a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256R1Point.java b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256R1Point.java index acabefe3..46683151 100644 --- a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256R1Point.java +++ b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256R1Point.java @@ -91,8 +91,9 @@ public class SecP256R1Point extends ECPoint SecP256R1FieldElement Z1 = (SecP256R1FieldElement)this.zs[0]; SecP256R1FieldElement Z2 = (SecP256R1FieldElement)b.getZCoord(0); + int c; int[] tt1 = Nat256.createExt(); - int[] tt2 = Nat256.createExt(); + int[] t2 = Nat256.create(); int[] t3 = Nat256.create(); int[] t4 = Nat256.create(); @@ -108,7 +109,7 @@ public class SecP256R1Point extends ECPoint S2 = t3; SecP256R1Field.square(Z1.x, S2); - U2 = tt2; + U2 = t2; SecP256R1Field.multiply(S2, X2.x, U2); SecP256R1Field.multiply(S2, Z1.x, S2); @@ -137,7 +138,7 @@ public class SecP256R1Point extends ECPoint int[] H = Nat256.create(); SecP256R1Field.subtract(U1, U2, H); - int[] R = tt2; + int[] R = t2; SecP256R1Field.subtract(S1, S2, R); // Check if b == this or b == -this @@ -162,19 +163,20 @@ public class SecP256R1Point extends ECPoint int[] V = t3; SecP256R1Field.multiply(HSquared, U1, V); + SecP256R1Field.negate(G, G); Nat256.mul(S1, G, tt1); + c = Nat256.addBothTo(V, V, G); + SecP256R1Field.reduce32(c, G); + SecP256R1FieldElement X3 = new SecP256R1FieldElement(t4); SecP256R1Field.square(R, X3.x); - SecP256R1Field.add(X3.x, G, X3.x); - SecP256R1Field.subtract(X3.x, V, X3.x); - SecP256R1Field.subtract(X3.x, V, X3.x); + SecP256R1Field.subtract(X3.x, G, X3.x); SecP256R1FieldElement Y3 = new SecP256R1FieldElement(G); SecP256R1Field.subtract(V, X3.x, Y3.x); - Nat256.mul(Y3.x, R, tt2); - SecP256R1Field.subtractExt(tt2, tt1, tt2); - SecP256R1Field.reduce(tt2, Y3.x); + SecP256R1Field.multiplyAddToExt(Y3.x, R, tt1); + SecP256R1Field.reduce(tt1, Y3.x); SecP256R1FieldElement Z3 = new SecP256R1FieldElement(H); if (!Z1IsOne) @@ -208,6 +210,7 @@ public class SecP256R1Point extends ECPoint SecP256R1FieldElement X1 = (SecP256R1FieldElement)this.x, Z1 = (SecP256R1FieldElement)this.zs[0]; + int c; int[] t1 = Nat256.create(); int[] t2 = Nat256.create(); @@ -231,12 +234,12 @@ public class SecP256R1Point extends ECPoint int[] M = t2; SecP256R1Field.add(X1.x, Z1Squared, M); SecP256R1Field.multiply(M, t1, M); - SecP256R1Field.twice(M, t1); - SecP256R1Field.add(M, t1, M); + c = Nat256.addBothTo(M, M, M); + SecP256R1Field.reduce32(c, M); int[] S = Y1Squared; SecP256R1Field.multiply(Y1Squared, X1.x, S); - int c = Nat.shiftUpBits(8, S, 2, 0); + c = Nat.shiftUpBits(8, S, 2, 0); SecP256R1Field.reduce32(c, S); c = Nat.shiftUpBits(8, T, 3, 0, t1); diff --git a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP384R1Point.java b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP384R1Point.java index f0076141..f1d79303 100644 --- a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP384R1Point.java +++ b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP384R1Point.java @@ -91,6 +91,7 @@ public class SecP384R1Point extends ECPoint SecP384R1FieldElement Z1 = (SecP384R1FieldElement)this.zs[0]; SecP384R1FieldElement Z2 = (SecP384R1FieldElement)b.getZCoord(0); + int c; int[] tt1 = Nat.create(24); int[] tt2 = Nat.create(24); int[] t3 = Nat.create(12); @@ -137,7 +138,7 @@ public class SecP384R1Point extends ECPoint int[] H = Nat.create(12); SecP384R1Field.subtract(U1, U2, H); - int[] R = Nat.create(12);// tt2; + int[] R = Nat.create(12); SecP384R1Field.subtract(S1, S2, R); // Check if b == this or b == -this @@ -162,19 +163,21 @@ public class SecP384R1Point extends ECPoint int[] V = t3; SecP384R1Field.multiply(HSquared, U1, V); + SecP384R1Field.negate(G, G); Nat384.mul(S1, G, tt1); + c = Nat.addBothTo(12, V, V, G); + SecP384R1Field.reduce32(c, G); + SecP384R1FieldElement X3 = new SecP384R1FieldElement(t4); SecP384R1Field.square(R, X3.x); - SecP384R1Field.add(X3.x, G, X3.x); - SecP384R1Field.subtract(X3.x, V, X3.x); - SecP384R1Field.subtract(X3.x, V, X3.x); + SecP384R1Field.subtract(X3.x, G, X3.x); SecP384R1FieldElement Y3 = new SecP384R1FieldElement(G); SecP384R1Field.subtract(V, X3.x, Y3.x); Nat384.mul(Y3.x, R, tt2); - SecP384R1Field.subtractExt(tt2, tt1, tt2); - SecP384R1Field.reduce(tt2, Y3.x); + SecP384R1Field.addExt(tt1, tt2, tt1); + SecP384R1Field.reduce(tt1, Y3.x); SecP384R1FieldElement Z3 = new SecP384R1FieldElement(H); if (!Z1IsOne) @@ -208,6 +211,7 @@ public class SecP384R1Point extends ECPoint SecP384R1FieldElement X1 = (SecP384R1FieldElement)this.x, Z1 = (SecP384R1FieldElement)this.zs[0]; + int c; int[] t1 = Nat.create(12); int[] t2 = Nat.create(12); @@ -231,12 +235,12 @@ public class SecP384R1Point extends ECPoint int[] M = t2; SecP384R1Field.add(X1.x, Z1Squared, M); SecP384R1Field.multiply(M, t1, M); - SecP384R1Field.twice(M, t1); - SecP384R1Field.add(M, t1, M); + c = Nat.addBothTo(12, M, M, M); + SecP384R1Field.reduce32(c, M); int[] S = Y1Squared; SecP384R1Field.multiply(Y1Squared, X1.x, S); - int c = Nat.shiftUpBits(12, S, 2, 0); + c = Nat.shiftUpBits(12, S, 2, 0); SecP384R1Field.reduce32(c, S); c = Nat.shiftUpBits(12, T, 3, 0, t1); diff --git a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP521R1Point.java b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP521R1Point.java index 4b4e5b3b..12fcecda 100644 --- a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP521R1Point.java +++ b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP521R1Point.java @@ -230,8 +230,8 @@ public class SecP521R1Point extends ECPoint int[] M = t2; SecP521R1Field.add(X1.x, Z1Squared, M); SecP521R1Field.multiply(M, t1, M); - SecP521R1Field.twice(M, t1); - SecP521R1Field.add(M, t1, M); + Nat.addBothTo(17, M, M, M); + SecP521R1Field.reduce23(M); int[] S = Y1Squared; SecP521R1Field.multiply(Y1Squared, X1.x, S); |