public override ECPoint Negate()
{
if (base.IsInfinity)
{
return(this);
}
ECFieldElement rawXCoord = base.RawXCoord;
if (rawXCoord.IsZero)
{
return(this);
}
ECFieldElement rawYCoord = base.RawYCoord;
ECFieldElement eCFieldElement = base.RawZCoords[0];
return(new SecT571K1Point(Curve, rawXCoord, rawYCoord.Add(eCFieldElement), new ECFieldElement[1]
{
eCFieldElement
}, base.IsCompressed));
}
public override ECPoint ScaleY(ECFieldElement scale)
{
if (base.IsInfinity)
{
return(this);
}
switch (CurveCoordinateSystem)
{
case 5:
case 6:
{
ECFieldElement rawXCoord = base.RawXCoord;
ECFieldElement rawYCoord = base.RawYCoord;
ECFieldElement y = rawYCoord.Add(rawXCoord).Multiply(scale).Add(rawXCoord);
return(Curve.CreateRawPoint(rawXCoord, y, base.RawZCoords, base.IsCompressed));
}
default:
return(base.ScaleY(scale));
}
}
/**
* Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2).
*
* @param yTilde
* ~yp, an indication bit for the decompression of yp.
* @param X1
* The field element xp.
* @return the decompressed point.
*/
protected override ECPoint DecompressPoint(int yTilde, BigInteger X1)
{
ECFieldElement x = FromBigInteger(X1), y = null;
if (x.IsZero)
{
y = B.Sqrt();
}
else
{
ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x);
ECFieldElement z = SolveQuadraticEquation(beta);
if (z != null)
{
if (z.TestBitZero() != (yTilde == 1))
{
z = z.AddOne();
}
switch (this.CoordinateSystem)
{
case COORD_LAMBDA_AFFINE:
case COORD_LAMBDA_PROJECTIVE:
{
y = z.Add(x);
break;
}
default:
{
y = z.Multiply(x);
break;
}
}
}
}
if (y == null)
throw new ArgumentException("Invalid point compression");
return this.CreateRawPoint(x, y, true);
}
protected override ECPoint DecompressPoint(int yTilde, BigInteger X1)
{
ECFieldElement eCFieldElement = FromBigInteger(X1);
ECFieldElement eCFieldElement2 = null;
if (eCFieldElement.IsZero)
{
eCFieldElement2 = B.Sqrt();
}
else
{
ECFieldElement beta = eCFieldElement.Square().Invert().Multiply(B)
.Add(A)
.Add(eCFieldElement);
ECFieldElement eCFieldElement3 = SolveQuadradicEquation(beta);
if (eCFieldElement3 != null)
{
if (eCFieldElement3.TestBitZero() != (yTilde == 1))
{
eCFieldElement3 = eCFieldElement3.AddOne();
}
switch (CoordinateSystem)
{
case 5:
case 6:
eCFieldElement2 = eCFieldElement3.Add(eCFieldElement);
break;
default:
eCFieldElement2 = eCFieldElement3.Multiply(eCFieldElement);
break;
}
}
}
if (eCFieldElement2 == null)
{
throw new ArgumentException("Invalid point compression");
}
return(CreateRawPoint(eCFieldElement, eCFieldElement2, withCompression: true));
}
public override ECPoint Twice()
{
if (this.IsInfinity)
{
return(this);
}
ECCurve curve = this.Curve;
ECFieldElement X1 = this.RawXCoord;
if (X1.IsZero)
{
// A point with X == 0 is it's own Additive inverse
return(curve.Infinity);
}
ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
bool Z1IsOne = Z1.IsOne;
ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1);
ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
ECFieldElement T = L1.Square().Add(L1Z1).Add(Z1Sq);
if (T.IsZero)
{
//return new SecT163K1Point(curve, T, curve.B.sqrt(), withCompression);
return(new SecT163K1Point(curve, T, curve.B, IsCompressed));
}
ECFieldElement X3 = T.Square();
ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
ECFieldElement t1 = L1.Add(X1).Square();
ECFieldElement L3 = t1.Add(T).Add(Z1Sq).Multiply(t1).Add(X3);
return(new SecT163K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed));
}
public override ECPoint Twice()
{
if (base.IsInfinity)
{
return(this);
}
ECCurve curve = Curve;
ECFieldElement rawXCoord = base.RawXCoord;
if (rawXCoord.IsZero)
{
return(curve.Infinity);
}
ECFieldElement rawYCoord = base.RawYCoord;
ECFieldElement eCFieldElement = base.RawZCoords[0];
bool isOne = eCFieldElement.IsOne;
ECFieldElement eCFieldElement2 = isOne ? eCFieldElement : eCFieldElement.Square();
ECFieldElement eCFieldElement3 = (!isOne) ? rawYCoord.Add(eCFieldElement).Multiply(rawYCoord) : rawYCoord.Square().Add(rawYCoord);
if (eCFieldElement3.IsZero)
{
return(new SecT239K1Point(curve, eCFieldElement3, curve.B, base.IsCompressed));
}
ECFieldElement eCFieldElement4 = eCFieldElement3.Square();
ECFieldElement eCFieldElement5 = isOne ? eCFieldElement3 : eCFieldElement3.Multiply(eCFieldElement2);
ECFieldElement eCFieldElement6 = rawYCoord.Add(rawXCoord).Square();
ECFieldElement b = isOne ? eCFieldElement : eCFieldElement2.Square();
ECFieldElement y = eCFieldElement6.Add(eCFieldElement3).Add(eCFieldElement2).Multiply(eCFieldElement6)
.Add(b)
.Add(eCFieldElement4)
.Add(eCFieldElement5);
return(new SecT239K1Point(curve, eCFieldElement4, y, new ECFieldElement[1]
{
eCFieldElement5
}, base.IsCompressed));
}
protected override ECPoint DecompressPoint(int yTilde, BigInteger X1)
{
ECFieldElement b = this.FromBigInteger(X1);
ECFieldElement y = null;
if (b.IsZero)
{
y = this.B.Sqrt();
}
else
{
ECFieldElement beta = b.Square().Invert().Multiply(this.B).Add(this.A).Add(b);
ECFieldElement element4 = this.SolveQuadraticEquation(beta);
if (element4 != null)
{
if (element4.TestBitZero() != (yTilde == 1))
{
element4 = element4.AddOne();
}
switch (this.CoordinateSystem)
{
case 5:
case 6:
y = element4.Add(b);
goto Label_00A9;
}
y = element4.Multiply(b);
}
}
Label_00A9:
if (y == null)
{
throw new ArgumentException("Invalid point compression");
}
return(this.CreateRawPoint(b, y, true));
}
public override ECPoint Add(ECPoint b)
{
if (this.IsInfinity)
{
return(b);
}
if (b.IsInfinity)
{
return(this);
}
ECCurve curve = this.Curve;
ECFieldElement X1 = this.RawXCoord;
ECFieldElement X2 = b.RawXCoord;
if (X1.IsZero)
{
if (X2.IsZero)
{
return(curve.Infinity);
}
return(b.Add(this));
}
ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
bool Z1IsOne = Z1.IsOne;
ECFieldElement U2 = X2, S2 = L2;
if (!Z1IsOne)
{
U2 = U2.Multiply(Z1);
S2 = S2.Multiply(Z1);
}
bool Z2IsOne = Z2.IsOne;
ECFieldElement U1 = X1, S1 = L1;
if (!Z2IsOne)
{
U1 = U1.Multiply(Z2);
S1 = S1.Multiply(Z2);
}
ECFieldElement A = S1.Add(S2);
ECFieldElement B = U1.Add(U2);
if (B.IsZero)
{
if (A.IsZero)
{
return(Twice());
}
return(curve.Infinity);
}
ECFieldElement X3, L3, Z3;
if (X2.IsZero)
{
// TODO This can probably be optimized quite a bit
ECPoint p = this.Normalize();
X1 = p.XCoord;
ECFieldElement Y1 = p.YCoord;
ECFieldElement Y2 = L2;
ECFieldElement L = Y1.Add(Y2).Divide(X1);
//X3 = L.Square().Add(L).Add(X1).Add(curve.A);
X3 = L.Square().Add(L).Add(X1);
if (X3.IsZero)
{
//return new SecT233K1Point(curve, X3, curve.B.sqrt(), IsCompressed);
return(new SecT233K1Point(curve, X3, curve.B, IsCompressed));
}
ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
L3 = Y3.Divide(X3).Add(X3);
Z3 = curve.FromBigInteger(BigInteger.One);
}
else
{
B = B.Square();
ECFieldElement AU1 = A.Multiply(U1);
ECFieldElement AU2 = A.Multiply(U2);
X3 = AU1.Multiply(AU2);
if (X3.IsZero)
{
//return new SecT233K1Point(curve, X3, curve.B.sqrt(), IsCompressed);
return(new SecT233K1Point(curve, X3, curve.B, IsCompressed));
}
ECFieldElement ABZ2 = A.Multiply(B);
if (!Z2IsOne)
{
ABZ2 = ABZ2.Multiply(Z2);
}
L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
Z3 = ABZ2;
if (!Z1IsOne)
{
Z3 = Z3.Multiply(Z1);
}
}
return(new SecT233K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed));
}
public override ECPoint TwicePlus(ECPoint b)
{
if (this.IsInfinity)
{
return(b);
}
if (b.IsInfinity)
{
return(Twice());
}
ECCurve curve = this.Curve;
ECFieldElement X1 = this.RawXCoord;
if (X1.IsZero)
{
// A point with X == 0 is it's own Additive inverse
return(b);
}
// NOTE: TwicePlus() only optimized for lambda-affine argument
ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
if (X2.IsZero || !Z2.IsOne)
{
return(Twice().Add(b));
}
ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
ECFieldElement L2 = b.RawYCoord;
ECFieldElement X1Sq = X1.Square();
ECFieldElement L1Sq = L1.Square();
ECFieldElement Z1Sq = Z1.Square();
ECFieldElement L1Z1 = L1.Multiply(Z1);
//ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1);
ECFieldElement T = L1Sq.Add(L1Z1);
ECFieldElement L2plus1 = L2.AddOne();
//ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
ECFieldElement A = L2plus1.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
ECFieldElement B = X2Z1Sq.Add(T).Square();
if (B.IsZero)
{
if (A.IsZero)
{
return(b.Twice());
}
return(curve.Infinity);
}
if (A.IsZero)
{
//return new SecT233K1Point(curve, A, curve.B.sqrt(), withCompression);
return(new SecT233K1Point(curve, A, curve.B, IsCompressed));
}
ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3);
return(new SecT233K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed));
}
public override ECPoint TwicePlus(ECPoint b)
{
if (this.IsInfinity)
{
return(b);
}
if (b.IsInfinity)
{
return(Twice());
}
ECCurve curve = this.Curve;
ECFieldElement X1 = this.RawXCoord;
if (X1.IsZero)
{
// A point with X == 0 is it's own Additive inverse
return(b);
}
ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
if (X2.IsZero || !Z2.IsOne)
{
return(Twice().Add(b));
}
ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
ECFieldElement L2 = b.RawYCoord;
ECFieldElement X1Sq = X1.Square();
ECFieldElement L1Sq = L1.Square();
ECFieldElement Z1Sq = Z1.Square();
ECFieldElement L1Z1 = L1.Multiply(Z1);
ECFieldElement T = Z1Sq.Add(L1Sq).Add(L1Z1);
ECFieldElement A = L2.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
ECFieldElement B = X2Z1Sq.Add(T).Square();
if (B.IsZero)
{
if (A.IsZero)
{
return(b.Twice());
}
return(curve.Infinity);
}
if (A.IsZero)
{
return(new SecT571R1Point(curve, A, SecT571R1Curve.SecT571R1_B_SQRT, IsCompressed));
}
ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2.AddOne(), Z3);
return(new SecT571R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed));
}
public override ECPoint Add(ECPoint b)
{
if (base.IsInfinity)
{
return(b);
}
if (b.IsInfinity)
{
return(this);
}
ECCurve curve = this.Curve;
ECFieldElement eCFieldElement = base.RawXCoord;
ECFieldElement rawXCoord = b.RawXCoord;
if (eCFieldElement.IsZero)
{
if (rawXCoord.IsZero)
{
return(curve.Infinity);
}
return(b.Add(this));
}
else
{
ECFieldElement rawYCoord = base.RawYCoord;
ECFieldElement eCFieldElement2 = base.RawZCoords[0];
ECFieldElement rawYCoord2 = b.RawYCoord;
ECFieldElement eCFieldElement3 = b.RawZCoords[0];
bool isOne = eCFieldElement2.IsOne;
ECFieldElement eCFieldElement4 = rawXCoord;
ECFieldElement eCFieldElement5 = rawYCoord2;
if (!isOne)
{
eCFieldElement4 = eCFieldElement4.Multiply(eCFieldElement2);
eCFieldElement5 = eCFieldElement5.Multiply(eCFieldElement2);
}
bool isOne2 = eCFieldElement3.IsOne;
ECFieldElement eCFieldElement6 = eCFieldElement;
ECFieldElement eCFieldElement7 = rawYCoord;
if (!isOne2)
{
eCFieldElement6 = eCFieldElement6.Multiply(eCFieldElement3);
eCFieldElement7 = eCFieldElement7.Multiply(eCFieldElement3);
}
ECFieldElement eCFieldElement8 = eCFieldElement7.Add(eCFieldElement5);
ECFieldElement eCFieldElement9 = eCFieldElement6.Add(eCFieldElement4);
if (!eCFieldElement9.IsZero)
{
ECFieldElement eCFieldElement11;
ECFieldElement y;
ECFieldElement eCFieldElement13;
if (rawXCoord.IsZero)
{
ECPoint eCPoint = this.Normalize();
eCFieldElement = eCPoint.XCoord;
ECFieldElement yCoord = eCPoint.YCoord;
ECFieldElement b2 = rawYCoord2;
ECFieldElement eCFieldElement10 = yCoord.Add(b2).Divide(eCFieldElement);
eCFieldElement11 = eCFieldElement10.Square().Add(eCFieldElement10).Add(eCFieldElement).AddOne();
if (eCFieldElement11.IsZero)
{
return(new SecT409R1Point(curve, eCFieldElement11, curve.B.Sqrt(), base.IsCompressed));
}
ECFieldElement eCFieldElement12 = eCFieldElement10.Multiply(eCFieldElement.Add(eCFieldElement11)).Add(eCFieldElement11).Add(yCoord);
y = eCFieldElement12.Divide(eCFieldElement11).Add(eCFieldElement11);
eCFieldElement13 = curve.FromBigInteger(BigInteger.One);
}
else
{
eCFieldElement9 = eCFieldElement9.Square();
ECFieldElement eCFieldElement14 = eCFieldElement8.Multiply(eCFieldElement6);
ECFieldElement eCFieldElement15 = eCFieldElement8.Multiply(eCFieldElement4);
eCFieldElement11 = eCFieldElement14.Multiply(eCFieldElement15);
if (eCFieldElement11.IsZero)
{
return(new SecT409R1Point(curve, eCFieldElement11, curve.B.Sqrt(), base.IsCompressed));
}
ECFieldElement eCFieldElement16 = eCFieldElement8.Multiply(eCFieldElement9);
if (!isOne2)
{
eCFieldElement16 = eCFieldElement16.Multiply(eCFieldElement3);
}
y = eCFieldElement15.Add(eCFieldElement9).SquarePlusProduct(eCFieldElement16, rawYCoord.Add(eCFieldElement2));
eCFieldElement13 = eCFieldElement16;
if (!isOne)
{
eCFieldElement13 = eCFieldElement13.Multiply(eCFieldElement2);
}
}
return(new SecT409R1Point(curve, eCFieldElement11, y, new ECFieldElement[]
{
eCFieldElement13
}, base.IsCompressed));
}
if (eCFieldElement8.IsZero)
{
return(this.Twice());
}
return(curve.Infinity);
}
}
public override ECPoint Add(ECPoint b)
{
ECFieldElement element13;
ECFieldElement element14;
ECFieldElement element15;
if (base.IsInfinity)
{
return(b);
}
if (b.IsInfinity)
{
return(this);
}
ECCurve curve = this.Curve;
ECFieldElement rawXCoord = base.RawXCoord;
ECFieldElement element2 = b.RawXCoord;
if (rawXCoord.IsZero)
{
if (element2.IsZero)
{
return(curve.Infinity);
}
return(b.Add(this));
}
ECFieldElement rawYCoord = base.RawYCoord;
ECFieldElement element4 = base.RawZCoords[0];
ECFieldElement element5 = b.RawYCoord;
ECFieldElement element6 = b.RawZCoords[0];
bool isOne = element4.IsOne;
ECFieldElement element7 = element2;
ECFieldElement element8 = element5;
if (!isOne)
{
element7 = element7.Multiply(element4);
element8 = element8.Multiply(element4);
}
bool flag2 = element6.IsOne;
ECFieldElement element9 = rawXCoord;
ECFieldElement element10 = rawYCoord;
if (!flag2)
{
element9 = element9.Multiply(element6);
element10 = element10.Multiply(element6);
}
ECFieldElement element11 = element10.Add(element8);
ECFieldElement element12 = element9.Add(element7);
if (element12.IsZero)
{
if (element11.IsZero)
{
return(this.Twice());
}
return(curve.Infinity);
}
if (element2.IsZero)
{
ECPoint point = this.Normalize();
rawXCoord = point.XCoord;
ECFieldElement yCoord = point.YCoord;
ECFieldElement element17 = element5;
ECFieldElement element18 = yCoord.Add(element17).Divide(rawXCoord);
element13 = element18.Square().Add(element18).Add(rawXCoord);
if (element13.IsZero)
{
return(new SecT283K1Point(curve, element13, curve.B, base.IsCompressed));
}
element14 = element18.Multiply(rawXCoord.Add(element13)).Add(element13).Add(yCoord).Divide(element13).Add(element13);
element15 = curve.FromBigInteger(BigInteger.One);
}
else
{
element12 = element12.Square();
ECFieldElement element20 = element11.Multiply(element9);
ECFieldElement element21 = element11.Multiply(element7);
element13 = element20.Multiply(element21);
if (element13.IsZero)
{
return(new SecT283K1Point(curve, element13, curve.B, base.IsCompressed));
}
ECFieldElement x = element11.Multiply(element12);
if (!flag2)
{
x = x.Multiply(element6);
}
element14 = element21.Add(element12).SquarePlusProduct(x, rawYCoord.Add(element4));
element15 = x;
if (!isOne)
{
element15 = element15.Multiply(element4);
}
}
return(new SecT283K1Point(curve, element13, element14, new ECFieldElement[] { element15 }, base.IsCompressed));
}
public override ECPoint Add(ECPoint b)
{
if (base.IsInfinity)
{
return(b);
}
if (b.IsInfinity)
{
return(this);
}
ECCurve curve = Curve;
ECFieldElement rawXCoord = base.RawXCoord;
ECFieldElement rawXCoord2 = b.RawXCoord;
if (rawXCoord.IsZero)
{
if (rawXCoord2.IsZero)
{
return(curve.Infinity);
}
return(b.Add(this));
}
ECFieldElement rawYCoord = base.RawYCoord;
ECFieldElement eCFieldElement = base.RawZCoords[0];
ECFieldElement rawYCoord2 = b.RawYCoord;
ECFieldElement eCFieldElement2 = b.RawZCoords[0];
bool isOne = eCFieldElement.IsOne;
ECFieldElement eCFieldElement3 = rawXCoord2;
ECFieldElement eCFieldElement4 = rawYCoord2;
if (!isOne)
{
eCFieldElement3 = eCFieldElement3.Multiply(eCFieldElement);
eCFieldElement4 = eCFieldElement4.Multiply(eCFieldElement);
}
bool isOne2 = eCFieldElement2.IsOne;
ECFieldElement eCFieldElement5 = rawXCoord;
ECFieldElement eCFieldElement6 = rawYCoord;
if (!isOne2)
{
eCFieldElement5 = eCFieldElement5.Multiply(eCFieldElement2);
eCFieldElement6 = eCFieldElement6.Multiply(eCFieldElement2);
}
ECFieldElement eCFieldElement7 = eCFieldElement6.Add(eCFieldElement4);
ECFieldElement eCFieldElement8 = eCFieldElement5.Add(eCFieldElement3);
if (eCFieldElement8.IsZero)
{
if (eCFieldElement7.IsZero)
{
return(Twice());
}
return(curve.Infinity);
}
ECFieldElement eCFieldElement10;
ECFieldElement y;
ECFieldElement eCFieldElement12;
if (rawXCoord2.IsZero)
{
ECPoint eCPoint = Normalize();
rawXCoord = eCPoint.XCoord;
ECFieldElement yCoord = eCPoint.YCoord;
ECFieldElement b2 = rawYCoord2;
ECFieldElement eCFieldElement9 = yCoord.Add(b2).Divide(rawXCoord);
eCFieldElement10 = eCFieldElement9.Square().Add(eCFieldElement9).Add(rawXCoord)
.Add(curve.A);
if (eCFieldElement10.IsZero)
{
return(new SecT131R2Point(curve, eCFieldElement10, curve.B.Sqrt(), base.IsCompressed));
}
ECFieldElement eCFieldElement11 = eCFieldElement9.Multiply(rawXCoord.Add(eCFieldElement10)).Add(eCFieldElement10).Add(yCoord);
y = eCFieldElement11.Divide(eCFieldElement10).Add(eCFieldElement10);
eCFieldElement12 = curve.FromBigInteger(BigInteger.One);
}
else
{
eCFieldElement8 = eCFieldElement8.Square();
ECFieldElement eCFieldElement13 = eCFieldElement7.Multiply(eCFieldElement5);
ECFieldElement eCFieldElement14 = eCFieldElement7.Multiply(eCFieldElement3);
eCFieldElement10 = eCFieldElement13.Multiply(eCFieldElement14);
if (eCFieldElement10.IsZero)
{
return(new SecT131R2Point(curve, eCFieldElement10, curve.B.Sqrt(), base.IsCompressed));
}
ECFieldElement eCFieldElement15 = eCFieldElement7.Multiply(eCFieldElement8);
if (!isOne2)
{
eCFieldElement15 = eCFieldElement15.Multiply(eCFieldElement2);
}
y = eCFieldElement14.Add(eCFieldElement8).SquarePlusProduct(eCFieldElement15, rawYCoord.Add(eCFieldElement));
eCFieldElement12 = eCFieldElement15;
if (!isOne)
{
eCFieldElement12 = eCFieldElement12.Multiply(eCFieldElement);
}
}
return(new SecT131R2Point(curve, eCFieldElement10, y, new ECFieldElement[1]
{
eCFieldElement12
}, base.IsCompressed));
}
public override ECPoint Add(ECPoint b)
{
if (this.IsInfinity)
{
return(b);
}
if (b.IsInfinity)
{
return(this);
}
ECCurve curve = this.Curve;
SecT571FieldElement X1 = (SecT571FieldElement)this.RawXCoord;
SecT571FieldElement X2 = (SecT571FieldElement)b.RawXCoord;
if (X1.IsZero)
{
if (X2.IsZero)
{
return(curve.Infinity);
}
return(b.Add(this));
}
SecT571FieldElement L1 = (SecT571FieldElement)this.RawYCoord, Z1 = (SecT571FieldElement)this.RawZCoords[0];
SecT571FieldElement L2 = (SecT571FieldElement)b.RawYCoord, Z2 = (SecT571FieldElement)b.RawZCoords[0];
ulong[] t1 = Nat576.Create64();
ulong[] t2 = Nat576.Create64();
ulong[] t3 = Nat576.Create64();
ulong[] t4 = Nat576.Create64();
ulong[] Z1Precomp = Z1.IsOne ? null : SecT571Field.PrecompMultiplicand(Z1.x);
ulong[] U2, S2;
if (Z1Precomp == null)
{
U2 = X2.x;
S2 = L2.x;
}
else
{
SecT571Field.MultiplyPrecomp(X2.x, Z1Precomp, U2 = t2);
SecT571Field.MultiplyPrecomp(L2.x, Z1Precomp, S2 = t4);
}
ulong[] Z2Precomp = Z2.IsOne ? null : SecT571Field.PrecompMultiplicand(Z2.x);
ulong[] U1, S1;
if (Z2Precomp == null)
{
U1 = X1.x;
S1 = L1.x;
}
else
{
SecT571Field.MultiplyPrecomp(X1.x, Z2Precomp, U1 = t1);
SecT571Field.MultiplyPrecomp(L1.x, Z2Precomp, S1 = t3);
}
ulong[] A = t3;
SecT571Field.Add(S1, S2, A);
ulong[] B = t4;
SecT571Field.Add(U1, U2, B);
if (Nat576.IsZero64(B))
{
if (Nat576.IsZero64(A))
{
return(Twice());
}
return(curve.Infinity);
}
SecT571FieldElement X3, L3, Z3;
if (X2.IsZero)
{
// TODO This can probably be optimized quite a bit
ECPoint p = this.Normalize();
X1 = (SecT571FieldElement)p.XCoord;
ECFieldElement Y1 = p.YCoord;
ECFieldElement Y2 = L2;
ECFieldElement L = Y1.Add(Y2).Divide(X1);
X3 = (SecT571FieldElement)L.Square().Add(L).Add(X1).AddOne();
if (X3.IsZero)
{
return(new SecT571R1Point(curve, X3, SecT571R1Curve.SecT571R1_B_SQRT, IsCompressed));
}
ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
L3 = (SecT571FieldElement)Y3.Divide(X3).Add(X3);
Z3 = (SecT571FieldElement)curve.FromBigInteger(BigInteger.One);
}
else
{
SecT571Field.Square(B, B);
ulong[] APrecomp = SecT571Field.PrecompMultiplicand(A);
ulong[] AU1 = t1;
ulong[] AU2 = t2;
SecT571Field.MultiplyPrecomp(U1, APrecomp, AU1);
SecT571Field.MultiplyPrecomp(U2, APrecomp, AU2);
X3 = new SecT571FieldElement(t1);
SecT571Field.Multiply(AU1, AU2, X3.x);
if (X3.IsZero)
{
return(new SecT571R1Point(curve, X3, SecT571R1Curve.SecT571R1_B_SQRT, IsCompressed));
}
Z3 = new SecT571FieldElement(t3);
SecT571Field.MultiplyPrecomp(B, APrecomp, Z3.x);
if (Z2Precomp != null)
{
SecT571Field.MultiplyPrecomp(Z3.x, Z2Precomp, Z3.x);
}
ulong[] tt = Nat576.CreateExt64();
SecT571Field.Add(AU2, B, t4);
SecT571Field.SquareAddToExt(t4, tt);
SecT571Field.Add(L1.x, Z1.x, t4);
SecT571Field.MultiplyAddToExt(t4, Z3.x, tt);
L3 = new SecT571FieldElement(t4);
SecT571Field.Reduce(tt, L3.x);
if (Z1Precomp != null)
{
SecT571Field.MultiplyPrecomp(Z3.x, Z1Precomp, Z3.x);
}
}
return(new SecT571R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed));
}
protected override bool SatisfiesCurveEquation()
{
ECCurve curve = Curve;
ECFieldElement rawXCoord = base.RawXCoord;
ECFieldElement rawYCoord = base.RawYCoord;
ECFieldElement eCFieldElement = curve.A;
ECFieldElement eCFieldElement2 = curve.B;
int coordinateSystem = curve.CoordinateSystem;
ECFieldElement eCFieldElement5;
ECFieldElement eCFieldElement4;
if (coordinateSystem == 6)
{
ECFieldElement eCFieldElement3 = base.RawZCoords[0];
bool isOne = eCFieldElement3.IsOne;
if (rawXCoord.IsZero)
{
eCFieldElement4 = rawYCoord.Square();
eCFieldElement5 = eCFieldElement2;
if (!isOne)
{
ECFieldElement b = eCFieldElement3.Square();
eCFieldElement5 = eCFieldElement5.Multiply(b);
}
}
else
{
ECFieldElement eCFieldElement6 = rawYCoord;
ECFieldElement eCFieldElement7 = rawXCoord.Square();
if (isOne)
{
eCFieldElement4 = eCFieldElement6.Square().Add(eCFieldElement6).Add(eCFieldElement);
eCFieldElement5 = eCFieldElement7.Square().Add(eCFieldElement2);
}
else
{
ECFieldElement eCFieldElement8 = eCFieldElement3.Square();
ECFieldElement y = eCFieldElement8.Square();
eCFieldElement4 = eCFieldElement6.Add(eCFieldElement3).MultiplyPlusProduct(eCFieldElement6, eCFieldElement, eCFieldElement8);
eCFieldElement5 = eCFieldElement7.SquarePlusProduct(eCFieldElement2, y);
}
eCFieldElement4 = eCFieldElement4.Multiply(eCFieldElement7);
}
}
else
{
eCFieldElement4 = rawYCoord.Add(rawXCoord).Multiply(rawYCoord);
switch (coordinateSystem)
{
case 1:
{
ECFieldElement eCFieldElement9 = base.RawZCoords[0];
if (!eCFieldElement9.IsOne)
{
ECFieldElement b2 = eCFieldElement9.Square();
ECFieldElement b3 = eCFieldElement9.Multiply(b2);
eCFieldElement4 = eCFieldElement4.Multiply(eCFieldElement9);
eCFieldElement = eCFieldElement.Multiply(eCFieldElement9);
eCFieldElement2 = eCFieldElement2.Multiply(b3);
}
break;
}
default:
throw new InvalidOperationException("unsupported coordinate system");
case 0:
break;
}
eCFieldElement5 = rawXCoord.Add(eCFieldElement).Multiply(rawXCoord.Square()).Add(eCFieldElement2);
}
return(eCFieldElement4.Equals(eCFieldElement5));
}
protected override ECPoint DecompressPoint(int yTilde, BigInteger X1)
{
ECFieldElement eCFieldElement = FromBigInteger(X1);
ECFieldElement eCFieldElement2 = null;
if (eCFieldElement.IsZero)
{
eCFieldElement2 = SecT571R1_B_SQRT;
}
else
{
ECFieldElement beta = eCFieldElement.Square().Invert().Multiply(B)
.Add(A)
.Add(eCFieldElement);
ECFieldElement eCFieldElement3 = SolveQuadraticEquation(beta);
if (eCFieldElement3 != null)
{
if (eCFieldElement3.TestBitZero() != (yTilde == 1))
{
eCFieldElement3 = eCFieldElement3.AddOne();
}
int coordinateSystem = CoordinateSystem;
eCFieldElement2 = ((coordinateSystem != 5 && coordinateSystem != 6) ? eCFieldElement3.Multiply(eCFieldElement) : eCFieldElement3.Add(eCFieldElement));
}
}
if (eCFieldElement2 == null)
{
throw new ArgumentException("Invalid point compression");
}
return(CreateRawPoint(eCFieldElement, eCFieldElement2, withCompression: true));
}
