diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-03-05 14:35:24 +0400 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-03-05 14:35:24 +0400 |
commit | bf1463a349b98d1f696dd9d6c9fb3fac1d3a9467 (patch) | |
tree | 585176afc87a4a6a9a7bbd6d2fcbe910e8f9f898 /core/src/main/java/org/bouncycastle | |
parent | 60d75acb27f43d0c72994a5d33a84413d4996c05 (diff) |
Reduction optimization for secp256r1
Diffstat (limited to 'core/src/main/java/org/bouncycastle')
-rw-r--r-- | core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256R1Field.java | 78 |
1 files changed, 73 insertions, 5 deletions
diff --git a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256R1Field.java b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256R1Field.java index ec388239..46e9d8e2 100644 --- a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256R1Field.java +++ b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP256R1Field.java @@ -24,7 +24,7 @@ public class SecP256R1Field int c = Nat256.add(x, y, z); if (c != 0 || (z[7] == P7 && Nat256.gte(z, P))) { - Nat256.subFrom(P, z); + addPInvTo(z); } } @@ -42,7 +42,7 @@ public class SecP256R1Field int c = Nat.inc(8, x, z); if (c != 0 || (z[7] == P7 && Nat256.gte(z, P))) { - Nat256.subFrom(P, z); + addPInvTo(z); } } @@ -183,7 +183,7 @@ public class SecP256R1Field if (cc != 0 || (z[7] == P7 && Nat256.gte(z, P))) { - Nat256.subFrom(P, z); + addPInvTo(z); } } @@ -214,7 +214,7 @@ public class SecP256R1Field int c = Nat256.sub(x, y, z); if (c != 0) { - Nat256.addTo(P, z); + subPInvFrom(z); } } @@ -232,7 +232,75 @@ public class SecP256R1Field int c = Nat.shiftUpBit(8, x, 0, z); if (c != 0 || (z[7] == P7 && Nat256.gte(z, P))) { - Nat256.subFrom(P, z); + addPInvTo(z); + } + } + + private static void addPInvTo(int[] z) + { + long c = (z[0] & M) + 1; + z[0] = (int)c; + c >>= 32; + if (c != 0) + { + c += (z[1] & M); + z[1] = (int)c; + c >>= 32; + c += (z[2] & M); + z[2] = (int)c; + c >>= 32; + } + c += (z[3] & M) - 1; + z[3] = (int)c; + c >>= 32; + if (c != 0) + { + c += (z[4] & M); + z[4] = (int)c; + c >>= 32; + c += (z[5] & M); + z[5] = (int)c; + c >>= 32; + } + c += (z[6] & M) - 1; + z[6] = (int)c; + c >>= 32; + c += (z[7] & M) + 1; + z[7] = (int)c; +// c >>= 32; + } + + private static void subPInvFrom(int[] z) + { + long c = (z[0] & M) - 1; + z[0] = (int)c; + c >>= 32; + if (c != 0) + { + c += (z[1] & M); + z[1] = (int)c; + c >>= 32; + c += (z[2] & M); + z[2] = (int)c; + c >>= 32; + } + c += (z[3] & M) + 1; + z[3] = (int)c; + c >>= 32; + if (c != 0) + { + c += (z[4] & M); + z[4] = (int)c; + c >>= 32; + c += (z[5] & M); + z[5] = (int)c; + c >>= 32; } + c += (z[6] & M) + 1; + z[6] = (int)c; + c >>= 32; + c += (z[7] & M) - 1; + z[7] = (int)c; +// c >>= 32; } } |