diff options
Diffstat (limited to 'core/src/main/java/org/bouncycastle/math/ec/custom/sec/Nat256.java')
| -rw-r--r-- | core/src/main/java/org/bouncycastle/math/ec/custom/sec/Nat256.java | 134 |
1 files changed, 96 insertions, 38 deletions
diff --git a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/Nat256.java b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/Nat256.java index 4bbc687f..6947317b 100644 --- a/core/src/main/java/org/bouncycastle/math/ec/custom/sec/Nat256.java +++ b/core/src/main/java/org/bouncycastle/math/ec/custom/sec/Nat256.java @@ -806,8 +806,9 @@ public abstract class Nat256 long x_0 = x[0] & M; long zz_1; + int c = 0, w; { - int c = 0, i = 7, j = 16; + int i = 7, j = 16; do { long xVal = (x[i--] & M); @@ -821,7 +822,8 @@ public abstract class Nat256 { long p = x_0 * x_0; zz_1 = ((c << 31) & M) | (p >>> 33); - zz[0] = (int)(p >>> 1); + zz[0] = (int)p; + c = (int)(p >>> 32) & 1; } } @@ -830,7 +832,9 @@ public abstract class Nat256 { zz_1 += x_1 * x_0; - zz[1] = (int)zz_1; + w = (int)zz_1; + zz[1] = (w << 1) | c; + c = w >>> 31; zz_2 += zz_1 >>> 32; } @@ -839,7 +843,9 @@ public abstract class Nat256 long zz_4 = zz[4] & M; { zz_2 += x_2 * x_0; - zz[2] = (int)zz_2; + w = (int)zz_2; + zz[2] = (w << 1) | c; + c = w >>> 31; zz_3 += (zz_2 >>> 32) + x_2 * x_1; zz_4 += zz_3 >>> 32; zz_3 &= M; @@ -850,7 +856,9 @@ public abstract class Nat256 long zz_6 = zz[6] & M; { zz_3 += x_3 * x_0; - zz[3] = (int)zz_3; + w = (int)zz_3; + zz[3] = (w << 1) | c; + c = w >>> 31; zz_4 += (zz_3 >>> 32) + x_3 * x_1; zz_5 += (zz_4 >>> 32) + x_3 * x_2; zz_4 &= M; @@ -863,7 +871,9 @@ public abstract class Nat256 long zz_8 = zz[8] & M; { zz_4 += x_4 * x_0; - zz[4] = (int)zz_4; + w = (int)zz_4; + zz[4] = (w << 1) | c; + c = w >>> 31; zz_5 += (zz_4 >>> 32) + x_4 * x_1; zz_6 += (zz_5 >>> 32) + x_4 * x_2; zz_5 &= M; @@ -878,7 +888,9 @@ public abstract class Nat256 long zz_10 = zz[10] & M; { zz_5 += x_5 * x_0; - zz[5] = (int)zz_5; + w = (int)zz_5; + zz[5] = (w << 1) | c; + c = w >>> 31; zz_6 += (zz_5 >>> 32) + x_5 * x_1; zz_7 += (zz_6 >>> 32) + x_5 * x_2; zz_6 &= M; @@ -895,7 +907,9 @@ public abstract class Nat256 long zz_12 = zz[12] & M; { zz_6 += x_6 * x_0; - zz[6] = (int)zz_6; + w = (int)zz_6; + zz[6] = (w << 1) | c; + c = w >>> 31; zz_7 += (zz_6 >>> 32) + x_6 * x_1; zz_8 += (zz_7 >>> 32) + x_6 * x_2; zz_7 &= M; @@ -914,7 +928,9 @@ public abstract class Nat256 long zz_14 = zz[14] & M; { zz_7 += x_7 * x_0; - zz[7] = (int)zz_7; + w = (int)zz_7; + zz[7] = (w << 1) | c; + c = w >>> 31; zz_8 += (zz_7 >>> 32) + x_7 * x_1; zz_9 += (zz_8 >>> 32) + x_7 * x_2; zz_10 += (zz_9 >>> 32) + x_7 * x_3; @@ -924,16 +940,29 @@ public abstract class Nat256 zz_14 += zz_13 >>> 32; } - zz[8] = (int)zz_8; - zz[9] = (int)zz_9; - zz[10] = (int)zz_10; - zz[11] = (int)zz_11; - zz[12] = (int)zz_12; - zz[13] = (int)zz_13; - zz[14] = (int)zz_14; - zz[15] += (int)(zz_14 >>> 32); - - Nat.shiftUpBit(16, zz, (int)x_0 << 31); + w = (int)zz_8; + zz[8] = (w << 1) | c; + c = w >>> 31; + w = (int)zz_9; + zz[9] = (w << 1) | c; + c = w >>> 31; + w = (int)zz_10; + zz[10] = (w << 1) | c; + c = w >>> 31; + w = (int)zz_11; + zz[11] = (w << 1) | c; + c = w >>> 31; + w = (int)zz_12; + zz[12] = (w << 1) | c; + c = w >>> 31; + w = (int)zz_13; + zz[13] = (w << 1) | c; + c = w >>> 31; + w = (int)zz_14; + zz[14] = (w << 1) | c; + c = w >>> 31; + w = zz[15] + (int)(zz_14 >> 32); + zz[15] = (w << 1) | c; } public static void square(int[] x, int xOff, int[] zz, int zzOff) @@ -941,8 +970,9 @@ public abstract class Nat256 long x_0 = x[xOff + 0] & M; long zz_1; + int c = 0, w; { - int c = 0, i = 7, j = 16; + int i = 7, j = 16; do { long xVal = (x[xOff + i--] & M); @@ -956,7 +986,8 @@ public abstract class Nat256 { long p = x_0 * x_0; zz_1 = ((c << 31) & M) | (p >>> 33); - zz[zzOff + 0] = (int)(p >>> 1); + zz[zzOff + 0] = (int)p; + c = (int)(p >>> 32) & 1; } } @@ -965,7 +996,9 @@ public abstract class Nat256 { zz_1 += x_1 * x_0; - zz[zzOff + 1] = (int)zz_1; + w = (int)zz_1; + zz[zzOff + 1] = (w << 1) | c; + c = w >>> 31; zz_2 += zz_1 >>> 32; } @@ -974,7 +1007,9 @@ public abstract class Nat256 long zz_4 = zz[zzOff + 4] & M; { zz_2 += x_2 * x_0; - zz[zzOff + 2] = (int)zz_2; + w = (int)zz_2; + zz[zzOff + 2] = (w << 1) | c; + c = w >>> 31; zz_3 += (zz_2 >>> 32) + x_2 * x_1; zz_4 += zz_3 >>> 32; zz_3 &= M; @@ -985,7 +1020,9 @@ public abstract class Nat256 long zz_6 = zz[zzOff + 6] & M; { zz_3 += x_3 * x_0; - zz[zzOff + 3] = (int)zz_3; + w = (int)zz_3; + zz[zzOff + 3] = (w << 1) | c; + c = w >>> 31; zz_4 += (zz_3 >>> 32) + x_3 * x_1; zz_5 += (zz_4 >>> 32) + x_3 * x_2; zz_4 &= M; @@ -998,7 +1035,9 @@ public abstract class Nat256 long zz_8 = zz[zzOff + 8] & M; { zz_4 += x_4 * x_0; - zz[zzOff + 4] = (int)zz_4; + w = (int)zz_4; + zz[zzOff + 4] = (w << 1) | c; + c = w >>> 31; zz_5 += (zz_4 >>> 32) + x_4 * x_1; zz_6 += (zz_5 >>> 32) + x_4 * x_2; zz_5 &= M; @@ -1013,7 +1052,9 @@ public abstract class Nat256 long zz_10 = zz[zzOff + 10] & M; { zz_5 += x_5 * x_0; - zz[zzOff + 5] = (int)zz_5; + w = (int)zz_5; + zz[zzOff + 5] = (w << 1) | c; + c = w >>> 31; zz_6 += (zz_5 >>> 32) + x_5 * x_1; zz_7 += (zz_6 >>> 32) + x_5 * x_2; zz_6 &= M; @@ -1030,7 +1071,9 @@ public abstract class Nat256 long zz_12 = zz[zzOff + 12] & M; { zz_6 += x_6 * x_0; - zz[zzOff + 6] = (int)zz_6; + w = (int)zz_6; + zz[zzOff + 6] = (w << 1) | c; + c = w >>> 31; zz_7 += (zz_6 >>> 32) + x_6 * x_1; zz_8 += (zz_7 >>> 32) + x_6 * x_2; zz_7 &= M; @@ -1049,7 +1092,9 @@ public abstract class Nat256 long zz_14 = zz[zzOff + 14] & M; { zz_7 += x_7 * x_0; - zz[zzOff + 7] = (int)zz_7; + w = (int)zz_7; + zz[zzOff + 7] = (w << 1) | c; + c = w >>> 31; zz_8 += (zz_7 >>> 32) + x_7 * x_1; zz_9 += (zz_8 >>> 32) + x_7 * x_2; zz_10 += (zz_9 >>> 32) + x_7 * x_3; @@ -1059,16 +1104,29 @@ public abstract class Nat256 zz_14 += zz_13 >>> 32; } - zz[zzOff + 8] = (int)zz_8; - zz[zzOff + 9] = (int)zz_9; - zz[zzOff + 10] = (int)zz_10; - zz[zzOff + 11] = (int)zz_11; - zz[zzOff + 12] = (int)zz_12; - zz[zzOff + 13] = (int)zz_13; - zz[zzOff + 14] = (int)zz_14; - zz[zzOff + 15] += (int)(zz_14 >>> 32); - - Nat.shiftUpBit(16, zz, zzOff, (int)x_0 << 31); + w = (int)zz_8; + zz[zzOff + 8] = (w << 1) | c; + c = w >>> 31; + w = (int)zz_9; + zz[zzOff + 9] = (w << 1) | c; + c = w >>> 31; + w = (int)zz_10; + zz[zzOff + 10] = (w << 1) | c; + c = w >>> 31; + w = (int)zz_11; + zz[zzOff + 11] = (w << 1) | c; + c = w >>> 31; + w = (int)zz_12; + zz[zzOff + 12] = (w << 1) | c; + c = w >>> 31; + w = (int)zz_13; + zz[zzOff + 13] = (w << 1) | c; + c = w >>> 31; + w = (int)zz_14; + zz[zzOff + 14] = (w << 1) | c; + c = w >>> 31; + w = zz[zzOff + 15] + (int)(zz_14 >> 32); + zz[zzOff + 15] = (w << 1) | c; } public static int sub(int[] x, int[] y, int[] z) |