public static AbstractF2mPoint MultiplyTnaf(AbstractF2mPoint p, ZTauElement lambda)
{
AbstractF2mCurve curve = (AbstractF2mCurve)p.Curve;
sbyte[] u = TauAdicNaf(GetMu(curve.A), lambda);
return(MultiplyFromTnaf(p, u));
}
/**
* Computes the norm of an element <code>λ</code> of
* <code><b>Z</b>[τ]</code>.
* @param mu The parameter <code>μ</code> of the elliptic curve.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code>.
* @return The norm of <code>λ</code>.
*/
public static BigInteger Norm(sbyte mu, ZTauElement lambda)
{
BigInteger norm;
// s1 = u^2
BigInteger s1 = lambda.u.Multiply(lambda.u);
// s2 = u * v
BigInteger s2 = lambda.u.Multiply(lambda.v);
// s3 = 2 * v^2
BigInteger s3 = lambda.v.Multiply(lambda.v).ShiftLeft(1);
if (mu == 1)
{
norm = s1.Add(s2).Add(s3);
}
else if (mu == -1)
{
norm = s1.Subtract(s2).Add(s3);
}
else
{
throw new ArgumentException("mu must be 1 or -1");
}
return(norm);
}
/**
* Partial modular reduction modulo
* <code>(τ<sup>m</sup> - 1)/(τ - 1)</code>.
* @param k The integer to be reduced.
* @param m The bitlength of the underlying finite field.
* @param a The parameter <code>a</code> of the elliptic curve.
* @param s The auxiliary values <code>s<sub>0</sub></code> and
* <code>s<sub>1</sub></code>.
* @param mu The parameter μ of the elliptic curve.
* @param c The precision (number of bits of accuracy) of the partial
* modular reduction.
* @return <code>ρ := k partmod (τ<sup>m</sup> - 1)/(τ - 1)</code>
*/
public static ZTauElement PartModReduction(BigInteger k, int m, sbyte a,
BigInteger[] s, sbyte mu, sbyte c)
{
// d0 = s[0] + mu*s[1]; mu is either 1 or -1
BigInteger d0;
if (mu == 1)
{
d0 = s[0].Add(s[1]);
}
else
{
d0 = s[0].Subtract(s[1]);
}
BigInteger[] v = GetLucas(mu, m, true);
BigInteger vm = v[1];
SimpleBigDecimal lambda0 = ApproximateDivisionByN(
k, s[0], vm, a, m, c);
SimpleBigDecimal lambda1 = ApproximateDivisionByN(
k, s[1], vm, a, m, c);
ZTauElement q = Round(lambda0, lambda1, mu);
// r0 = n - d0*q0 - 2*s1*q1
BigInteger r0 = k.Subtract(d0.Multiply(q.u)).Subtract(
BigInteger.ValueOf(2).Multiply(s[1]).Multiply(q.v));
// r1 = s1*q0 - s0*q1
BigInteger r1 = s[1].Multiply(q.u).Subtract(s[0].Multiply(q.v));
return(new ZTauElement(r0, r1));
}
public static AbstractF2mPoint MultiplyTnaf(AbstractF2mPoint p, ZTauElement lambda)
{
AbstractF2mCurve abstractF2mCurve = (AbstractF2mCurve)p.Curve;
sbyte mu = Tnaf.GetMu(abstractF2mCurve.A);
sbyte[] u = Tnaf.TauAdicNaf(mu, lambda);
return(Tnaf.MultiplyFromTnaf(p, u));
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code>
* using the <code>τ</code>-adic NAF (TNAF) method.
* @param p The F2mPoint to Multiply.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code>.
* @return <code>λ * p</code>
*/
public static F2mPoint MultiplyTnaf(F2mPoint p, ZTauElement lambda)
{
F2mCurve curve = (F2mCurve)p.Curve;
sbyte mu = curve.GetMu();
sbyte[] u = TauAdicNaf(mu, lambda);
F2mPoint q = MultiplyFromTnaf(p, u);
return(q);
}
public static sbyte[] TauAdicNaf(sbyte mu, ZTauElement lambda)
{
if (mu != 1 && mu != -1)
{
throw new ArgumentException("mu must be 1 or -1");
}
BigInteger bigInteger = Tnaf.Norm(mu, lambda);
int bitLength = bigInteger.BitLength;
int num = (bitLength > 30) ? (bitLength + 4) : 34;
sbyte[] array = new sbyte[num];
int num2 = 0;
int num3 = 0;
BigInteger bigInteger2 = lambda.u;
BigInteger bigInteger3 = lambda.v;
while (!bigInteger2.Equals(BigInteger.Zero) || !bigInteger3.Equals(BigInteger.Zero))
{
if (bigInteger2.TestBit(0))
{
array[num2] = (sbyte)BigInteger.Two.Subtract(bigInteger2.Subtract(bigInteger3.ShiftLeft(1)).Mod(Tnaf.Four)).IntValue;
if (array[num2] == 1)
{
bigInteger2 = bigInteger2.ClearBit(0);
}
else
{
bigInteger2 = bigInteger2.Add(BigInteger.One);
}
num3 = num2;
}
else
{
array[num2] = 0;
}
BigInteger bigInteger4 = bigInteger2;
BigInteger bigInteger5 = bigInteger2.ShiftRight(1);
if (mu == 1)
{
bigInteger2 = bigInteger3.Add(bigInteger5);
}
else
{
bigInteger2 = bigInteger3.Subtract(bigInteger5);
}
bigInteger3 = bigInteger4.ShiftRight(1).Negate();
num2++;
}
num3++;
sbyte[] array2 = new sbyte[num3];
Array.Copy(array, 0, array2, 0, num3);
return(array2);
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
* by a <code>BigInteger</code> using the reduced <code>τ</code>-adic
* NAF (RTNAF) method.
* @param p The AbstractF2mPoint to Multiply.
* @param k The <code>BigInteger</code> by which to Multiply <code>p</code>.
* @return <code>k * p</code>
*/
public static AbstractF2mPoint MultiplyRTnaf(AbstractF2mPoint p, BigInteger k)
{
AbstractF2mCurve curve = (AbstractF2mCurve)p.Curve;
int m = curve.FieldSize;
int a = curve.A.ToBigInteger().IntValue;
sbyte mu = GetMu(a);
BigInteger[] s = curve.GetSi();
ZTauElement rho = PartModReduction(k, m, (sbyte)a, s, mu, (sbyte)10);
return(MultiplyTnaf(p, rho));
}
public static AbstractF2mPoint MultiplyRTnaf(AbstractF2mPoint p, BigInteger k)
{
AbstractF2mCurve abstractF2mCurve = (AbstractF2mCurve)p.Curve;
int fieldSize = abstractF2mCurve.FieldSize;
int intValue = abstractF2mCurve.A.ToBigInteger().IntValue;
sbyte mu = Tnaf.GetMu(intValue);
BigInteger[] si = abstractF2mCurve.GetSi();
ZTauElement lambda = Tnaf.PartModReduction(k, fieldSize, (sbyte)intValue, si, mu, 10);
return(Tnaf.MultiplyTnaf(p, lambda));
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code> using
* the <code>τ</code>-adic NAF (TNAF) method.
* @param p The AbstractF2mPoint to multiply.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code> of which to compute the
* <code>[τ]</code>-adic NAF.
* @return <code>p</code> multiplied by <code>λ</code>.
*/
private AbstractF2mPoint MultiplyWTnaf(AbstractF2mPoint p, ZTauElement lambda,
PreCompInfo preCompInfo, sbyte a, sbyte mu)
{
ZTauElement[] alpha = (a == 0) ? Tnaf.Alpha0 : Tnaf.Alpha1;
BigInteger tw = Tnaf.GetTw(mu, Tnaf.Width);
sbyte[]u = Tnaf.TauAdicWNaf(mu, lambda, Tnaf.Width,
BigInteger.ValueOf(Tnaf.Pow2Width), tw, alpha);
return MultiplyFromWTnaf(p, u, preCompInfo);
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by a <code>BigInteger</code> using the reduced <code>τ</code>-adic
* NAF (RTNAF) method.
* @param p The F2mPoint to Multiply.
* @param k The <code>BigInteger</code> by which to Multiply <code>p</code>.
* @return <code>k * p</code>
*/
public static F2mPoint MultiplyRTnaf(F2mPoint p, BigInteger k)
{
F2mCurve curve = (F2mCurve)p.Curve;
int m = curve.M;
sbyte a = (sbyte)curve.A.ToBigInteger().IntValue;
sbyte mu = curve.GetMu();
BigInteger[] s = curve.GetSi();
ZTauElement rho = PartModReduction(k, m, a, s, mu, (sbyte)10);
return(MultiplyTnaf(p, rho));
}
public static sbyte[] TauAdicNaf(sbyte mu, ZTauElement lambda)
{
if ((mu != 1) && (mu != -1))
{
throw new ArgumentException("mu must be 1 or -1");
}
int bitLength = Norm(mu, lambda).BitLength;
int num2 = (bitLength <= 30) ? 0x22 : (bitLength + 4);
sbyte[] sourceArray = new sbyte[num2];
int index = 0;
int length = 0;
BigInteger u = lambda.u;
BigInteger v = lambda.v;
while (!u.Equals(BigInteger.Zero) || !v.Equals(BigInteger.Zero))
{
if (u.TestBit(0))
{
sourceArray[index] = (sbyte)BigInteger.Two.Subtract(u.Subtract(v.ShiftLeft(1)).Mod(Four)).IntValue;
if (sourceArray[index] == 1)
{
u = u.ClearBit(0);
}
else
{
u = u.Add(BigInteger.One);
}
length = index;
}
else
{
sourceArray[index] = 0;
}
BigInteger integer4 = u;
BigInteger integer5 = u.ShiftRight(1);
if (mu == 1)
{
u = v.Add(integer5);
}
else
{
u = v.Subtract(integer5);
}
v = integer4.ShiftRight(1).Negate();
index++;
}
length++;
sbyte[] destinationArray = new sbyte[length];
Array.Copy(sourceArray, 0, destinationArray, 0, length);
return(destinationArray);
}
public static sbyte[] TauAdicWNaf(sbyte mu, ZTauElement lambda, sbyte width, BigInteger pow2w, BigInteger tw, ZTauElement[] alpha)
{
//IL_000d: Unknown result type (might be due to invalid IL or missing references)
if (mu != 1 && mu != -1)
{
throw new ArgumentException("mu must be 1 or -1");
}
BigInteger bigInteger = Norm(mu, lambda);
int bitLength = bigInteger.BitLength;
int num = ((bitLength > 30) ? (bitLength + 4 + width) : (34 + width));
sbyte[] array = new sbyte[num];
BigInteger value = pow2w.ShiftRight(1);
BigInteger bigInteger2 = lambda.u;
BigInteger bigInteger3 = lambda.v;
int num2 = 0;
while (!bigInteger2.Equals(BigInteger.Zero) || !bigInteger3.Equals(BigInteger.Zero))
{
if (bigInteger2.TestBit(0))
{
BigInteger bigInteger4 = bigInteger2.Add(bigInteger3.Multiply(tw)).Mod(pow2w);
sbyte b = (array[num2] = ((bigInteger4.CompareTo(value) < 0) ? ((sbyte)bigInteger4.IntValue) : ((sbyte)bigInteger4.Subtract(pow2w).IntValue)));
bool flag = true;
if (b < 0)
{
flag = false;
b = (sbyte)(-b);
}
if (flag)
{
bigInteger2 = bigInteger2.Subtract(alpha[b].u);
bigInteger3 = bigInteger3.Subtract(alpha[b].v);
}
else
{
bigInteger2 = bigInteger2.Add(alpha[b].u);
bigInteger3 = bigInteger3.Add(alpha[b].v);
}
}
else
{
array[num2] = 0;
}
BigInteger bigInteger5 = bigInteger2;
bigInteger2 = ((mu != 1) ? bigInteger3.Subtract(bigInteger2.ShiftRight(1)) : bigInteger3.Add(bigInteger2.ShiftRight(1)));
bigInteger3 = bigInteger5.ShiftRight(1).Negate();
num2++;
}
return(array);
}
public static ZTauElement PartModReduction(BigInteger k, int m, sbyte a, BigInteger[] s, sbyte mu, sbyte c)
{
BigInteger bigInteger = ((mu != 1) ? s[0].Subtract(s[1]) : s[0].Add(s[1]));
BigInteger[] lucas = GetLucas(mu, m, doV: true);
BigInteger vm = lucas[1];
SimpleBigDecimal lambda = ApproximateDivisionByN(k, s[0], vm, a, m, c);
SimpleBigDecimal lambda2 = ApproximateDivisionByN(k, s[1], vm, a, m, c);
ZTauElement zTauElement = Round(lambda, lambda2, mu);
BigInteger u = k.Subtract(bigInteger.Multiply(zTauElement.u)).Subtract(BigInteger.ValueOf(2L).Multiply(s[1]).Multiply(zTauElement.v));
BigInteger v = s[1].Multiply(zTauElement.u).Subtract(s[0].Multiply(zTauElement.v));
return(new ZTauElement(u, v));
}
public static BigInteger Norm(sbyte mu, ZTauElement lambda)
{
BigInteger integer2 = lambda.u.Multiply(lambda.u);
BigInteger integer3 = lambda.u.Multiply(lambda.v);
BigInteger integer4 = lambda.v.Multiply(lambda.v).ShiftLeft(1);
if (mu == 1)
{
return(integer2.Add(integer3).Add(integer4));
}
if (mu != -1)
{
throw new ArgumentException("mu must be 1 or -1");
}
return(integer2.Subtract(integer3).Add(integer4));
}
public static BigInteger Norm(sbyte mu, ZTauElement lambda)
{
BigInteger bigInteger = lambda.u.Multiply(lambda.u);
BigInteger bigInteger2 = lambda.u.Multiply(lambda.v);
BigInteger value = lambda.v.Multiply(lambda.v).ShiftLeft(1);
if (mu == 1)
{
return(bigInteger.Add(bigInteger2).Add(value));
}
if (mu != -1)
{
throw new ArgumentException("mu must be 1 or -1");
}
return(bigInteger.Subtract(bigInteger2).Add(value));
}
static Tnaf()
{
ZTauElement[] elementArray1 = new ZTauElement[9];
elementArray1[1] = new ZTauElement(BigInteger.One, BigInteger.Zero);
elementArray1[3] = new ZTauElement(MinusThree, MinusOne);
elementArray1[5] = new ZTauElement(MinusOne, MinusOne);
elementArray1[7] = new ZTauElement(BigInteger.One, MinusOne);
Alpha0 = elementArray1;
sbyte[][] numArrayArray1 = new sbyte[8][];
numArrayArray1[1] = new sbyte[] { 1 };
sbyte[] numArray2 = new sbyte[3];
numArray2[0] = -1;
numArray2[2] = 1;
numArrayArray1[3] = numArray2;
sbyte[] numArray3 = new sbyte[3];
numArray3[0] = 1;
numArray3[2] = 1;
numArrayArray1[5] = numArray3;
sbyte[] numArray4 = new sbyte[4];
numArray4[0] = -1;
numArray4[3] = 1;
numArrayArray1[7] = numArray4;
Alpha0Tnaf = numArrayArray1;
ZTauElement[] elementArray2 = new ZTauElement[9];
elementArray2[1] = new ZTauElement(BigInteger.One, BigInteger.Zero);
elementArray2[3] = new ZTauElement(MinusThree, BigInteger.One);
elementArray2[5] = new ZTauElement(MinusOne, BigInteger.One);
elementArray2[7] = new ZTauElement(BigInteger.One, BigInteger.One);
Alpha1 = elementArray2;
sbyte[][] numArrayArray2 = new sbyte[8][];
numArrayArray2[1] = new sbyte[] { 1 };
sbyte[] numArray6 = new sbyte[3];
numArray6[0] = -1;
numArray6[2] = 1;
numArrayArray2[3] = numArray6;
sbyte[] numArray7 = new sbyte[3];
numArray7[0] = 1;
numArray7[2] = 1;
numArrayArray2[5] = numArray7;
sbyte[] numArray8 = new sbyte[4];
numArray8[0] = -1;
numArray8[3] = -1;
numArrayArray2[7] = numArray8;
Alpha1Tnaf = numArrayArray2;
}
public static BigInteger Norm(sbyte mu, ZTauElement lambda)
{
//IL_0069: Unknown result type (might be due to invalid IL or missing references)
BigInteger bigInteger = lambda.u.Multiply(lambda.u);
BigInteger bigInteger2 = lambda.u.Multiply(lambda.v);
BigInteger value = lambda.v.Multiply(lambda.v).ShiftLeft(1);
switch (mu)
{
case 1:
return(bigInteger.Add(bigInteger2).Add(value));
case -1:
return(bigInteger.Subtract(bigInteger2).Add(value));
default:
throw new ArgumentException("mu must be 1 or -1");
}
}
public static ZTauElement PartModReduction(BigInteger k, int m, sbyte a, BigInteger[] s, sbyte mu, sbyte c)
{
BigInteger integer;
if (mu == 1)
{
integer = s[0].Add(s[1]);
}
else
{
integer = s[0].Subtract(s[1]);
}
BigInteger vm = GetLucas(mu, m, true)[1];
SimpleBigDecimal num = ApproximateDivisionByN(k, s[0], vm, a, m, (int)c);
SimpleBigDecimal num2 = ApproximateDivisionByN(k, s[1], vm, a, m, (int)c);
ZTauElement element = Round(num, num2, mu);
BigInteger u = k.Subtract(integer.Multiply(element.u)).Subtract(BigInteger.ValueOf(2L).Multiply(s[1]).Multiply(element.v));
return(new ZTauElement(u, s[1].Multiply(element.u).Subtract(s[0].Multiply(element.v))));
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code> using
* the <code>τ</code>-adic NAF (TNAF) method.
* @param p The F2mPoint to multiply.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code> of which to compute the
* <code>[τ]</code>-adic NAF.
* @return <code>p</code> multiplied by <code>λ</code>.
*/
private F2mPoint MultiplyWTnaf(F2mPoint p, ZTauElement lambda,
PreCompInfo preCompInfo, sbyte a, sbyte mu)
{
ZTauElement[] alpha;
if (a == 0)
{
alpha = Tnaf.Alpha0;
}
else
{
// a == 1
alpha = Tnaf.Alpha1;
}
BigInteger tw = Tnaf.GetTw(mu, Tnaf.Width);
sbyte[]u = Tnaf.TauAdicWNaf(mu, lambda, Tnaf.Width,
BigInteger.ValueOf(Tnaf.Pow2Width), tw, alpha);
return MultiplyFromWTnaf(p, u, preCompInfo);
}
public static sbyte[] TauAdicNaf(sbyte mu, ZTauElement lambda)
{
//IL_000d: Unknown result type (might be due to invalid IL or missing references)
if (mu != 1 && mu != -1)
{
throw new ArgumentException("mu must be 1 or -1");
}
BigInteger bigInteger = Norm(mu, lambda);
int bitLength = bigInteger.BitLength;
int num = ((bitLength > 30) ? (bitLength + 4) : 34);
sbyte[] array = new sbyte[num];
int num2 = 0;
int num3 = 0;
BigInteger bigInteger2 = lambda.u;
BigInteger bigInteger3 = lambda.v;
while (!bigInteger2.Equals(BigInteger.Zero) || !bigInteger3.Equals(BigInteger.Zero))
{
if (bigInteger2.TestBit(0))
{
array[num2] = (sbyte)BigInteger.Two.Subtract(bigInteger2.Subtract(bigInteger3.ShiftLeft(1)).Mod(Four)).IntValue;
bigInteger2 = ((array[num2] != 1) ? bigInteger2.Add(BigInteger.One) : bigInteger2.ClearBit(0));
num3 = num2;
}
else
{
array[num2] = 0;
}
BigInteger bigInteger4 = bigInteger2;
BigInteger bigInteger5 = bigInteger2.ShiftRight(1);
bigInteger2 = ((mu != 1) ? bigInteger3.Subtract(bigInteger5) : bigInteger3.Add(bigInteger5));
bigInteger3 = bigInteger4.ShiftRight(1).Negate();
num2++;
}
num3++;
sbyte[] array2 = new sbyte[num3];
global::System.Array.Copy((global::System.Array)array, 0, (global::System.Array)array2, 0, num3);
return(array2);
}
public static ZTauElement PartModReduction(BigInteger k, int m, sbyte a, BigInteger[] s, sbyte mu, sbyte c)
{
BigInteger bigInteger;
if (mu == 1)
{
bigInteger = s[0].Add(s[1]);
}
else
{
bigInteger = s[0].Subtract(s[1]);
}
BigInteger[] lucas = Tnaf.GetLucas(mu, m, true);
BigInteger vm = lucas[1];
SimpleBigDecimal lambda = Tnaf.ApproximateDivisionByN(k, s[0], vm, a, m, (int)c);
SimpleBigDecimal lambda2 = Tnaf.ApproximateDivisionByN(k, s[1], vm, a, m, (int)c);
ZTauElement zTauElement = Tnaf.Round(lambda, lambda2, mu);
BigInteger u = k.Subtract(bigInteger.Multiply(zTauElement.u)).Subtract(BigInteger.ValueOf(2L).Multiply(s[1]).Multiply(zTauElement.v));
BigInteger v = s[1].Multiply(zTauElement.u).Subtract(s[0].Multiply(zTauElement.v));
return(new ZTauElement(u, v));
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code>
* using the <code>τ</code>-adic NAF (TNAF) method.
* @param p The F2mPoint to Multiply.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code>.
* @return <code>λ * p</code>
*/
public static F2MPoint MultiplyTnaf(F2MPoint p, ZTauElement lambda)
{
F2MCurve curve = (F2MCurve)p.Curve;
sbyte mu = curve.GetMu();
sbyte[] u = TauAdicNaf(mu, lambda);
F2MPoint q = MultiplyFromTnaf(p, u);
return q;
}
/**
* Computes the <code>τ</code>-adic NAF (non-adjacent form) of an
* element <code>λ</code> of <code><b>Z</b>[τ]</code>.
* @param mu The parameter <code>μ</code> of the elliptic curve.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code>.
* @return The <code>τ</code>-adic NAF of <code>λ</code>.
*/
public static sbyte[] TauAdicNaf(sbyte mu, ZTauElement lambda)
{
if (!((mu == 1) || (mu == -1)))
{
throw new ArgumentException("mu must be 1 or -1");
}
BigInteger norm = Norm(mu, lambda);
// Ceiling of log2 of the norm
int log2Norm = norm.BitLength;
// If length(TNAF) > 30, then length(TNAF) < log2Norm + 3.52
int maxLength = log2Norm > 30 ? log2Norm + 4 : 34;
// The array holding the TNAF
sbyte[] u = new sbyte[maxLength];
int i = 0;
// The actual length of the TNAF
int length = 0;
BigInteger r0 = lambda.u;
BigInteger r1 = lambda.v;
while (!((r0.Equals(BigInteger.Zero)) && (r1.Equals(BigInteger.Zero))))
{
// If r0 is odd
if (r0.TestBit(0))
{
u[i] = (sbyte)BigInteger.Two.Subtract((r0.Subtract(r1.ShiftLeft(1))).Mod(Four)).IntValue;
// r0 = r0 - u[i]
if (u[i] == 1)
{
r0 = r0.ClearBit(0);
}
else
{
// u[i] == -1
r0 = r0.Add(BigInteger.One);
}
length = i;
}
else
{
u[i] = 0;
}
BigInteger t = r0;
BigInteger s = r0.ShiftRight(1);
if (mu == 1)
{
r0 = r1.Add(s);
}
else
{
// mu == -1
r0 = r1.Subtract(s);
}
r1 = t.ShiftRight(1).Negate();
i++;
}
length++;
// Reduce the TNAF array to its actual length
sbyte[] tnaf = new sbyte[length];
Array.Copy(u, 0, tnaf, 0, length);
return(tnaf);
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code>
* using the <code>τ</code>-adic NAF (TNAF) method.
* @param p The AbstractF2mPoint to Multiply.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code>.
* @return <code>λ * p</code>
*/
public static AbstractF2mPoint MultiplyTnaf(AbstractF2mPoint p, ZTauElement lambda)
{
AbstractF2mCurve curve = (AbstractF2mCurve)p.Curve;
sbyte mu = GetMu(curve.A);
sbyte[] u = TauAdicNaf(mu, lambda);
AbstractF2mPoint q = MultiplyFromTnaf(p, u);
return q;
}
static Tnaf()
{
// Note: this type is marked as 'beforefieldinit'.
ZTauElement[] array = new ZTauElement[9];
array[1] = new ZTauElement(BigInteger.One, BigInteger.Zero);
array[3] = new ZTauElement(Tnaf.MinusThree, Tnaf.MinusOne);
array[5] = new ZTauElement(Tnaf.MinusOne, Tnaf.MinusOne);
array[7] = new ZTauElement(BigInteger.One, Tnaf.MinusOne);
Tnaf.Alpha0 = array;
Tnaf.Alpha0Tnaf = new sbyte[][]
{
0,
new sbyte[]
{
1
},
0,
new sbyte[]
{
-1,
0,
1
},
0,
new sbyte[]
{
1,
0,
1
},
0,
new sbyte[]
{
-1,
0,
0,
1
}
};
ZTauElement[] array2 = new ZTauElement[9];
array2[1] = new ZTauElement(BigInteger.One, BigInteger.Zero);
array2[3] = new ZTauElement(Tnaf.MinusThree, BigInteger.One);
array2[5] = new ZTauElement(Tnaf.MinusOne, BigInteger.One);
array2[7] = new ZTauElement(BigInteger.One, BigInteger.One);
Tnaf.Alpha1 = array2;
Tnaf.Alpha1Tnaf = new sbyte[][]
{
0,
new sbyte[]
{
1
},
0,
new sbyte[]
{
-1,
0,
1
},
0,
new sbyte[]
{
1,
0,
1
},
0,
new sbyte[]
{
-1,
0,
0,
-1
}
};
}
public static sbyte[] TauAdicWNaf(sbyte mu, ZTauElement lambda, sbyte width, BigInteger pow2w, BigInteger tw, ZTauElement[] alpha)
{
if (mu != 1 && mu != -1)
{
throw new ArgumentException("mu must be 1 or -1");
}
BigInteger bigInteger = Tnaf.Norm(mu, lambda);
int bitLength = bigInteger.BitLength;
int num = (bitLength > 30) ? (bitLength + 4 + (int)width) : ((int)(34 + width));
sbyte[] array = new sbyte[num];
BigInteger value = pow2w.ShiftRight(1);
BigInteger bigInteger2 = lambda.u;
BigInteger bigInteger3 = lambda.v;
int num2 = 0;
while (!bigInteger2.Equals(BigInteger.Zero) || !bigInteger3.Equals(BigInteger.Zero))
{
if (bigInteger2.TestBit(0))
{
BigInteger bigInteger4 = bigInteger2.Add(bigInteger3.Multiply(tw)).Mod(pow2w);
sbyte b;
if (bigInteger4.CompareTo(value) >= 0)
{
b = (sbyte)bigInteger4.Subtract(pow2w).IntValue;
}
else
{
b = (sbyte)bigInteger4.IntValue;
}
array[num2] = b;
bool flag = true;
if (b < 0)
{
flag = false;
b = -b;
}
if (flag)
{
bigInteger2 = bigInteger2.Subtract(alpha[(int)b].u);
bigInteger3 = bigInteger3.Subtract(alpha[(int)b].v);
}
else
{
bigInteger2 = bigInteger2.Add(alpha[(int)b].u);
bigInteger3 = bigInteger3.Add(alpha[(int)b].v);
}
}
else
{
array[num2] = 0;
}
BigInteger bigInteger5 = bigInteger2;
if (mu == 1)
{
bigInteger2 = bigInteger3.Add(bigInteger2.ShiftRight(1));
}
else
{
bigInteger2 = bigInteger3.Subtract(bigInteger2.ShiftRight(1));
}
bigInteger3 = bigInteger5.ShiftRight(1).Negate();
num2++;
}
return(array);
}
public static sbyte[] TauAdicWNaf(sbyte mu, ZTauElement lambda, sbyte width, BigInteger pow2w, BigInteger tw, ZTauElement[] alpha)
{
if ((mu != 1) && (mu != -1))
{
throw new ArgumentException("mu must be 1 or -1");
}
int bitLength = Norm(mu, lambda).BitLength;
int num2 = (bitLength <= 30) ? (0x22 + width) : ((bitLength + 4) + width);
sbyte[] numArray = new sbyte[num2];
BigInteger integer2 = pow2w.ShiftRight(1);
BigInteger u = lambda.u;
BigInteger v = lambda.v;
for (int i = 0; !u.Equals(BigInteger.Zero) || !v.Equals(BigInteger.Zero); i++)
{
if (u.TestBit(0))
{
sbyte intValue;
BigInteger integer5 = u.Add(v.Multiply(tw)).Mod(pow2w);
if (integer5.CompareTo(integer2) >= 0)
{
intValue = (sbyte)integer5.Subtract(pow2w).IntValue;
}
else
{
intValue = (sbyte)integer5.IntValue;
}
numArray[i] = intValue;
bool flag = true;
if (intValue < 0)
{
flag = false;
intValue = (sbyte)-((int)intValue);
}
if (flag)
{
u = u.Subtract(alpha[(int)intValue].u);
v = v.Subtract(alpha[(int)intValue].v);
}
else
{
u = u.Add(alpha[(int)intValue].u);
v = v.Add(alpha[(int)intValue].v);
}
}
else
{
numArray[i] = 0;
}
BigInteger integer6 = u;
if (mu == 1)
{
u = v.Add(u.ShiftRight(1));
}
else
{
u = v.Subtract(u.ShiftRight(1));
}
v = integer6.ShiftRight(1).Negate();
}
return(numArray);
}
/**
* Computes the <code>[τ]</code>-adic window NAF of an element
* <code>λ</code> of <code><b>Z</b>[τ]</code>.
* @param mu The parameter μ of the elliptic curve.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code> of which to compute the
* <code>[τ]</code>-adic NAF.
* @param width The window width of the resulting WNAF.
* @param pow2w 2<sup>width</sup>.
* @param tw The auxiliary value <code>t<sub>w</sub></code>.
* @param alpha The <code>α<sub>u</sub></code>'s for the window width.
* @return The <code>[τ]</code>-adic window NAF of
* <code>λ</code>.
*/
public static sbyte[] TauAdicWNaf(sbyte mu, ZTauElement lambda,
sbyte width, IBigInteger pow2w, IBigInteger tw, ZTauElement[] alpha)
{
if (!((mu == 1) || (mu == -1)))
throw new ArgumentException("mu must be 1 or -1");
IBigInteger norm = Norm(mu, lambda);
// Ceiling of log2 of the norm
int log2Norm = norm.BitLength;
// If length(TNAF) > 30, then length(TNAF) < log2Norm + 3.52
int maxLength = log2Norm > 30 ? log2Norm + 4 + width : 34 + width;
// The array holding the TNAF
sbyte[] u = new sbyte[maxLength];
// 2^(width - 1)
IBigInteger pow2wMin1 = pow2w.ShiftRight(1);
// Split lambda into two BigIntegers to simplify calculations
IBigInteger r0 = lambda.u;
IBigInteger r1 = lambda.v;
int i = 0;
// while lambda <> (0, 0)
while (!((r0.Equals(BigInteger.Zero))&&(r1.Equals(BigInteger.Zero))))
{
// if r0 is odd
if (r0.TestBit(0))
{
// uUnMod = r0 + r1*tw Mod 2^width
IBigInteger uUnMod
= r0.Add(r1.Multiply(tw)).Mod(pow2w);
sbyte uLocal;
// if uUnMod >= 2^(width - 1)
if (uUnMod.CompareTo(pow2wMin1) >= 0)
{
uLocal = (sbyte) uUnMod.Subtract(pow2w).IntValue;
}
else
{
uLocal = (sbyte) uUnMod.IntValue;
}
// uLocal is now in [-2^(width-1), 2^(width-1)-1]
u[i] = uLocal;
bool s = true;
if (uLocal < 0)
{
s = false;
uLocal = (sbyte)-uLocal;
}
// uLocal is now >= 0
if (s)
{
r0 = r0.Subtract(alpha[uLocal].u);
r1 = r1.Subtract(alpha[uLocal].v);
}
else
{
r0 = r0.Add(alpha[uLocal].u);
r1 = r1.Add(alpha[uLocal].v);
}
}
else
{
u[i] = 0;
}
IBigInteger t = r0;
if (mu == 1)
{
r0 = r1.Add(r0.ShiftRight(1));
}
else
{
// mu == -1
r0 = r1.Subtract(r0.ShiftRight(1));
}
r1 = t.ShiftRight(1).Negate();
i++;
}
return u;
}
/**
* Computes the <code>τ</code>-adic NAF (non-adjacent form) of an
* element <code>λ</code> of <code><b>Z</b>[τ]</code>.
* @param mu The parameter <code>μ</code> of the elliptic curve.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code>.
* @return The <code>τ</code>-adic NAF of <code>λ</code>.
*/
public static sbyte[] TauAdicNaf(sbyte mu, ZTauElement lambda)
{
if (!((mu == 1) || (mu == -1)))
throw new ArgumentException("mu must be 1 or -1");
IBigInteger norm = Norm(mu, lambda);
// Ceiling of log2 of the norm
int log2Norm = norm.BitLength;
// If length(TNAF) > 30, then length(TNAF) < log2Norm + 3.52
int maxLength = log2Norm > 30 ? log2Norm + 4 : 34;
// The array holding the TNAF
sbyte[] u = new sbyte[maxLength];
int i = 0;
// The actual length of the TNAF
int length = 0;
IBigInteger r0 = lambda.u;
IBigInteger r1 = lambda.v;
while(!((r0.Equals(BigInteger.Zero)) && (r1.Equals(BigInteger.Zero))))
{
// If r0 is odd
if (r0.TestBit(0))
{
u[i] = (sbyte) BigInteger.Two.Subtract((r0.Subtract(r1.ShiftLeft(1))).Mod(Four)).IntValue;
// r0 = r0 - u[i]
if (u[i] == 1)
{
r0 = r0.ClearBit(0);
}
else
{
// u[i] == -1
r0 = r0.Add(BigInteger.One);
}
length = i;
}
else
{
u[i] = 0;
}
IBigInteger t = r0;
IBigInteger s = r0.ShiftRight(1);
if (mu == 1)
{
r0 = r1.Add(s);
}
else
{
// mu == -1
r0 = r1.Subtract(s);
}
r1 = t.ShiftRight(1).Negate();
i++;
}
length++;
// Reduce the TNAF array to its actual length
sbyte[] tnaf = new sbyte[length];
Array.Copy(u, 0, tnaf, 0, length);
return tnaf;
}
/**
* Computes the <code>[τ]</code>-adic window NAF of an element
* <code>λ</code> of <code><b>Z</b>[τ]</code>.
* @param mu The parameter μ of the elliptic curve.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code> of which to compute the
* <code>[τ]</code>-adic NAF.
* @param width The window width of the resulting WNAF.
* @param pow2w 2<sup>width</sup>.
* @param tw The auxiliary value <code>t<sub>w</sub></code>.
* @param alpha The <code>α<sub>u</sub></code>'s for the window width.
* @return The <code>[τ]</code>-adic window NAF of
* <code>λ</code>.
*/
public static sbyte[] TauAdicWNaf(sbyte mu, ZTauElement lambda,
sbyte width, BigInteger pow2w, BigInteger tw, ZTauElement[] alpha)
{
if (!((mu == 1) || (mu == -1)))
{
throw new ArgumentException("mu must be 1 or -1");
}
BigInteger norm = Norm(mu, lambda);
// Ceiling of log2 of the norm
int log2Norm = norm.BitLength;
// If length(TNAF) > 30, then length(TNAF) < log2Norm + 3.52
int maxLength = log2Norm > 30 ? log2Norm + 4 + width : 34 + width;
// The array holding the TNAF
sbyte[] u = new sbyte[maxLength];
// 2^(width - 1)
BigInteger pow2wMin1 = pow2w.ShiftRight(1);
// Split lambda into two BigIntegers to simplify calculations
BigInteger r0 = lambda.u;
BigInteger r1 = lambda.v;
int i = 0;
// while lambda <> (0, 0)
while (!((r0.Equals(BigInteger.Zero)) && (r1.Equals(BigInteger.Zero))))
{
// if r0 is odd
if (r0.TestBit(0))
{
// uUnMod = r0 + r1*tw Mod 2^width
BigInteger uUnMod
= r0.Add(r1.Multiply(tw)).Mod(pow2w);
sbyte uLocal;
// if uUnMod >= 2^(width - 1)
if (uUnMod.CompareTo(pow2wMin1) >= 0)
{
uLocal = (sbyte)uUnMod.Subtract(pow2w).IntValue;
}
else
{
uLocal = (sbyte)uUnMod.IntValue;
}
// uLocal is now in [-2^(width-1), 2^(width-1)-1]
u[i] = uLocal;
bool s = true;
if (uLocal < 0)
{
s = false;
uLocal = (sbyte)-uLocal;
}
// uLocal is now >= 0
if (s)
{
r0 = r0.Subtract(alpha[uLocal].u);
r1 = r1.Subtract(alpha[uLocal].v);
}
else
{
r0 = r0.Add(alpha[uLocal].u);
r1 = r1.Add(alpha[uLocal].v);
}
}
else
{
u[i] = 0;
}
BigInteger t = r0;
if (mu == 1)
{
r0 = r1.Add(r0.ShiftRight(1));
}
else
{
// mu == -1
r0 = r1.Subtract(r0.ShiftRight(1));
}
r1 = t.ShiftRight(1).Negate();
i++;
}
return(u);
}
/**
* Computes the norm of an element <code>λ</code> of
* <code><b>Z</b>[τ]</code>.
* @param mu The parameter <code>μ</code> of the elliptic curve.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code>.
* @return The norm of <code>λ</code>.
*/
public static IBigInteger Norm(sbyte mu, ZTauElement lambda)
{
IBigInteger norm;
// s1 = u^2
IBigInteger s1 = lambda.u.Multiply(lambda.u);
// s2 = u * v
IBigInteger s2 = lambda.u.Multiply(lambda.v);
// s3 = 2 * v^2
IBigInteger s3 = lambda.v.Multiply(lambda.v).ShiftLeft(1);
if (mu == 1)
{
norm = s1.Add(s2).Add(s3);
}
else if (mu == -1)
{
norm = s1.Subtract(s2).Add(s3);
}
else
{
throw new ArgumentException("mu must be 1 or -1");
}
return norm;
}
