/**
* D.3.2 pg 101
* @see org.bouncycastle.math.ec.multiplier.ECMultiplier#multiply(org.bouncycastle.math.ec.ECPoint, java.math.BigInteger)
*/
public ECPoint Multiply(ECPoint p, BigInteger k, PreCompInfo preCompInfo)
{
// TODO Probably should try to add this
// BigInteger e = k.Mod(n); // n == order of p
BigInteger e = k;
BigInteger h = e.Multiply(BigInteger.Three);
ECPoint neg = p.Negate();
ECPoint R = p;
for (int i = h.BitLength - 2; i > 0; --i)
{
R = R.Twice();
bool hBit = h.TestBit(i);
bool eBit = e.TestBit(i);
if (hBit != eBit)
{
R = R.Add(hBit ? p : neg);
}
}
return R;
}
public PreCompInfo Precompute(PreCompInfo existing)
{
WNafPreCompInfo result = new WNafPreCompInfo();
ECPoint twiceP = m_wnafPreCompP.Twice;
if (twiceP != null)
{
ECPoint twiceQ = m_pointMap.Map(twiceP);
result.Twice = twiceQ;
}
ECPoint[] preCompP = m_wnafPreCompP.PreComp;
ECPoint[] preCompQ = new ECPoint[preCompP.Length];
for (int i = 0; i < preCompP.Length; ++i)
{
preCompQ[i] = m_pointMap.Map(preCompP[i]);
}
result.PreComp = preCompQ;
if (m_includeNegated)
{
ECPoint[] preCompNegQ = new ECPoint[preCompQ.Length];
for (int i = 0; i < preCompNegQ.Length; ++i)
{
preCompNegQ[i] = preCompQ[i].Negate();
}
result.PreCompNeg = preCompNegQ;
}
return(result);
}
/**
* D.3.2 pg 101
* @see org.bouncycastle.math.ec.multiplier.ECMultiplier#multiply(org.bouncycastle.math.ec.ECPoint, java.math.BigInteger)
*/
public ECPoint Multiply(ECPoint p, BigInteger k, PreCompInfo preCompInfo)
{
// TODO Probably should try to add this
// BigInteger e = k.Mod(n); // n == order of p
BigInteger e = k;
BigInteger h = e.Multiply(BigInteger.Three);
ECPoint neg = p.Negate();
ECPoint R = p;
for (int i = h.BitLength - 2; i > 0; --i)
{
R = R.Twice();
bool hBit = h.TestBit(i);
bool eBit = e.TestBit(i);
if (hBit != eBit)
{
R = R.Add(hBit ? p : neg);
}
}
return(R);
}
public PreCompInfo Precompute(PreCompInfo existing)
{
WNafPreCompInfo existingWNaf = existing as WNafPreCompInfo;
if (null != existingWNaf && existingWNaf.ConfWidth == m_confWidth)
{
existingWNaf.PromotionCountdown = 0;
return(existingWNaf);
}
WNafPreCompInfo result = new WNafPreCompInfo();
result.PromotionCountdown = 0;
result.ConfWidth = m_confWidth;
if (null != existingWNaf)
{
result.PreComp = existingWNaf.PreComp;
result.PreCompNeg = existingWNaf.PreCompNeg;
result.Twice = existingWNaf.Twice;
result.Width = existingWNaf.Width;
}
return(result);
}
/**
* Compute a <code>PreCompInfo</code> for a point on this curve, under a given name. Used by
* <code>ECMultiplier</code>s to save the precomputation for this <code>ECPoint</code> for use
* by subsequent multiplication.
*
* @param point
* The <code>ECPoint</code> to store precomputations for.
* @param name
* A <code>String</code> used to index precomputations of different types.
* @param callback
* Called to calculate the <code>PreCompInfo</code>.
*/
public virtual PreCompInfo Precompute(ECPoint point, string name, IPreCompCallback callback)
{
CheckPoint(point);
IDictionary table;
lock (point)
{
table = point.m_preCompTable;
if (null == table)
{
point.m_preCompTable = table = new Dictionary <object, object>(4);
}
}
lock (table)
{
PreCompInfo existing = (PreCompInfo)table[name];
PreCompInfo result = callback.Precompute(existing);
if (result != existing)
{
table[name] = result;
}
return(result);
}
}
/**
* Compute a <code>PreCompInfo</code> for a point on this curve, under a given name. Used by
* <code>ECMultiplier</code>s to save the precomputation for this <code>ECPoint</code> for use
* by subsequent multiplication.
*
* @param point
* The <code>ECPoint</code> to store precomputations for.
* @param name
* A <code>String</code> used to index precomputations of different types.
* @param callback
* Called to calculate the <code>PreCompInfo</code>.
*/
public virtual PreCompInfo Precompute(ECPoint point, string name, IPreCompCallback callback)
{
CheckPoint(point);
IDictionary table;
lock (point)
{
table = point.m_preCompTable;
if (null == table)
{
point.m_preCompTable = table = BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.CreateHashtable(4);
}
}
lock (table)
{
PreCompInfo existing = (PreCompInfo)table[name];
PreCompInfo result = callback.Precompute(existing);
if (result != existing)
{
table[name] = result;
}
return(result);
}
}
public static WNafPreCompInfo GetWNafPreCompInfo(PreCompInfo preCompInfo)
{
if (preCompInfo != null && preCompInfo is WNafPreCompInfo)
{
return((WNafPreCompInfo)preCompInfo);
}
return(new WNafPreCompInfo());
}
public static FixedPointPreCompInfo GetFixedPointPreCompInfo(PreCompInfo preCompInfo)
{
if (preCompInfo != null && preCompInfo is FixedPointPreCompInfo)
{
return((FixedPointPreCompInfo)preCompInfo);
}
return(new FixedPointPreCompInfo());
}
private AbstractF2mPoint MultiplyWTnaf(AbstractF2mPoint p, ZTauElement lambda, PreCompInfo preCompInfo, sbyte a, sbyte mu)
{
ZTauElement[] alpha = (a == 0) ? Tnaf.Alpha0 : Tnaf.Alpha1;
BigInteger tw = Tnaf.GetTw(mu, 4);
sbyte[] u = Tnaf.TauAdicWNaf(mu, lambda, 4, BigInteger.ValueOf(16L), tw, alpha);
return(MultiplyFromWTnaf(p, u, preCompInfo));
}
public static FixedPointPreCompInfo GetFixedPointPreCompInfo(PreCompInfo preCompInfo)
{
if ((preCompInfo != null) && (preCompInfo is FixedPointPreCompInfo))
{
return (FixedPointPreCompInfo)preCompInfo;
}
return new FixedPointPreCompInfo();
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code> using
* the <code>τ</code>-adic NAF (TNAF) method.
* @param p The F2mPoint to multiply.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code> of which to compute the
* <code>[τ]</code>-adic NAF.
* @return <code>p</code> multiplied by <code>λ</code>.
*/
private F2mPoint MultiplyWTnaf(F2mPoint p, ZTauElement lambda,
PreCompInfo preCompInfo, sbyte a, sbyte mu)
{
ZTauElement[] alpha = (a == 0) ? Tnaf.Alpha0 : Tnaf.Alpha1;
BigInteger tw = Tnaf.GetTw(mu, Tnaf.Width);
sbyte[] u = Tnaf.TauAdicWNaf(mu, lambda, Tnaf.Width,
BigInteger.ValueOf(Tnaf.Pow2Width), tw, alpha);
return(MultiplyFromWTnaf(p, u, preCompInfo));
}
/**
* Adds <code>PreCompInfo</code> for a point on this curve, under a given name. Used by
* <code>ECMultiplier</code>s to save the precomputation for this <code>ECPoint</code> for use
* by subsequent multiplication.
*
* @param point
* The <code>ECPoint</code> to store precomputations for.
* @param name
* A <code>String</code> used to index precomputations of different types.
* @param preCompInfo
* The values precomputed by the <code>ECMultiplier</code>.
*/
public virtual void SetPreCompInfo(ECPoint point, string name, PreCompInfo preCompInfo)
{
CheckPoint(point);
lock (point) {
IDictionary table = point.m_preCompTable;
if (null == table)
{
point.m_preCompTable = table = new Hashtable(4);
}
table[name] = preCompInfo;
}
}
/**
* Multiplies a {@link NBitcoin.BouncyCastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
* by an element
* <code>λ</code>
* of
* <code><b>Z</b>[τ]</code>
* using the window
* <code>τ</code>
* -adic NAF (TNAF) method, given the
* WTNAF of
* <code>λ</code>
* .
* @param p The AbstractF2mPoint to multiply.
* @param u The the WTNAF of
* <code>λ</code>
* ..
* @return
* <code>λ * p</code>
*/
static AbstractF2mPoint MultiplyFromWTnaf(AbstractF2mPoint p, sbyte[] u, PreCompInfo preCompInfo)
{
var curve = (AbstractF2mCurve)p.Curve;
var a = (sbyte)curve.A.ToBigInteger().IntValue;
AbstractF2mPoint[] pu;
if (preCompInfo == null || !(preCompInfo is WTauNafPreCompInfo))
{
pu = Tnaf.GetPreComp(p, a);
var pre = new WTauNafPreCompInfo();
pre.PreComp = pu;
curve.SetPreCompInfo(p, PRECOMP_NAME, pre);
}
else
{
pu = ((WTauNafPreCompInfo)preCompInfo).PreComp;
}
// TODO Include negations in precomp (optionally) and use from here
var puNeg = new AbstractF2mPoint[pu.Length];
for (var i = 0; i < pu.Length; ++i)
{
puNeg[i] = (AbstractF2mPoint)pu[i].Negate();
}
// q = infinity
var q = (AbstractF2mPoint)p.Curve.Infinity;
var tauCount = 0;
for (var i = u.Length - 1; i >= 0; i--)
{
++tauCount;
int ui = u[i];
if (ui != 0)
{
q = q.TauPow(tauCount);
tauCount = 0;
ECPoint x = ui > 0 ? pu[ui >> 1] : puNeg[-ui >> 1];
q = (AbstractF2mPoint)q.Add(x);
}
}
if (tauCount > 0)
{
q = q.TauPow(tauCount);
}
return(q);
}
public PreCompInfo Precompute(PreCompInfo existing)
{
if (existing is WTauNafPreCompInfo)
{
return(existing);
}
WTauNafPreCompInfo result = new WTauNafPreCompInfo();
result.PreComp = Tnaf.GetPreComp(m_p, m_a);
return(result);
}
/**
* Multiplies a {@link NBitcoin.BouncyCastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
* by an element
* <code>λ</code>
* of
* <code><b>Z</b>[τ]</code>
* using
* the
* <code>τ</code>
* -adic NAF (TNAF) method.
* @param p The AbstractF2mPoint to multiply.
* @param lambda The element
* <code>λ</code>
* of
* <code><b>Z</b>[τ]</code>
* of which to compute the
* <code>[τ]</code>
* -adic NAF.
* @return
* <code>p</code>
* multiplied by
* <code>λ</code>
* .
*/
AbstractF2mPoint MultiplyWTnaf(AbstractF2mPoint p, ZTauElement lambda,
PreCompInfo preCompInfo, sbyte a, sbyte mu)
{
var alpha = a == 0 ? Tnaf.Alpha0 : Tnaf.Alpha1;
var tw = Tnaf.GetTw(mu, Tnaf.Width);
var u = Tnaf.TauAdicWNaf(mu, lambda, Tnaf.Width,
BigInteger.ValueOf(Tnaf.Pow2Width), tw, alpha);
return(MultiplyFromWTnaf(p, u, preCompInfo));
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code> using
* the <code>τ</code>-adic NAF (TNAF) method.
* @param p The AbstractF2mPoint to multiply.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code> of which to compute the
* <code>[τ]</code>-adic NAF.
* @return <code>p</code> multiplied by <code>λ</code>.
*/
private AbstractF2mPoint MultiplyWTnaf(AbstractF2mPoint p, ZTauElement lambda,
PreCompInfo preCompInfo, sbyte a, sbyte mu)
{
ZTauElement[] alpha = (a == 0) ? Tnaf.Alpha0 : Tnaf.Alpha1;
BigInteger tw = Tnaf.GetTw(mu, Tnaf.Width);
sbyte[]u = Tnaf.TauAdicWNaf(mu, lambda, Tnaf.Width,
BigInteger.ValueOf(Tnaf.Pow2Width), tw, alpha);
return MultiplyFromWTnaf(p, u, preCompInfo);
}
/**
* Adds
* <code>PreCompInfo</code>
* for a point on this curve, under a given name. Used by
* <code>ECMultiplier</code>
* s to save the precomputation for this
* <code>ECPoint</code>
* for use
* by subsequent multiplication.
*
* @param point
* The
* <code>ECPoint</code>
* to store precomputations for.
* @param name
* A
* <code>String</code>
* used to index precomputations of different types.
* @param preCompInfo
* The values precomputed by the
* <code>ECMultiplier</code>
* .
*/
public virtual void SetPreCompInfo(ECPoint point, string name, PreCompInfo preCompInfo)
{
CheckPoint(point);
lock (point)
{
var table = point.m_preCompTable;
if (null == table)
{
point.m_preCompTable = table = Platform.CreateHashtable(4);
}
table[name] = preCompInfo;
}
}
/**
* Adds <code>PreCompInfo</code> for a point on this curve, under a given name. Used by
* <code>ECMultiplier</code>s to save the precomputation for this <code>ECPoint</code> for use
* by subsequent multiplication.
*
* @param point
* The <code>ECPoint</code> to store precomputations for.
* @param name
* A <code>String</code> used to index precomputations of different types.
* @param preCompInfo
* The values precomputed by the <code>ECMultiplier</code>.
*/
public virtual void SetPreCompInfo(ECPoint point, string name, PreCompInfo preCompInfo)
{
CheckPoint(point);
lock (point)
{
IDictionary table = point.m_preCompTable;
if (null == table)
{
point.m_preCompTable = table = Org.BouncyCastle.Utilities.Platform.CreateHashtable(4);
}
table[name] = preCompInfo;
}
}
public virtual void SetPreCompInfo(ECPoint point, string name, PreCompInfo preCompInfo)
{
this.CheckPoint(point);
lock (point)
{
IDictionary dictionary = point.m_preCompTable;
if (dictionary == null)
{
dictionary = (point.m_preCompTable = Platform.CreateHashtable(4));
}
dictionary[name] = preCompInfo;
}
}
public virtual void SetPreCompInfo(ECPoint point, string name, PreCompInfo preCompInfo)
{
CheckPoint(point);
lock (point)
{
IDictionary val = point.m_preCompTable;
if (val == null)
{
val = (point.m_preCompTable = Platform.CreateHashtable(4));
}
val.set_Item((object)name, (object)preCompInfo);
}
}
public PreCompInfo Precompute(PreCompInfo existing)
{
FixedPointPreCompInfo existingFP = (existing is FixedPointPreCompInfo) ? (FixedPointPreCompInfo)existing : null;
ECCurve c = m_p.Curve;
int bits = FixedPointUtilities.GetCombSize(c);
int minWidth = bits > 250 ? 6 : 5;
int n = 1 << minWidth;
if (CheckExisting(existingFP, n))
{
return(existingFP);
}
int d = (bits + minWidth - 1) / minWidth;
ECPoint[] pow2Table = new ECPoint[minWidth + 1];
pow2Table[0] = m_p;
for (int i = 1; i < minWidth; ++i)
{
pow2Table[i] = pow2Table[i - 1].TimesPow2(d);
}
// This will be the 'offset' value
pow2Table[minWidth] = pow2Table[0].Subtract(pow2Table[1]);
c.NormalizeAll(pow2Table);
ECPoint[] lookupTable = new ECPoint[n];
lookupTable[0] = pow2Table[0];
for (int bit = minWidth - 1; bit >= 0; --bit)
{
ECPoint pow2 = pow2Table[bit];
int step = 1 << bit;
for (int i = step; i < n; i += (step << 1))
{
lookupTable[i] = lookupTable[i - step].Add(pow2);
}
}
c.NormalizeAll(lookupTable);
FixedPointPreCompInfo result = new FixedPointPreCompInfo();
result.LookupTable = c.CreateCacheSafeLookupTable(lookupTable, 0, lookupTable.Length);
result.Offset = pow2Table[minWidth];
result.Width = minWidth;
return(result);
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code>
* using the window <code>τ</code>-adic NAF (TNAF) method, given the
* WTNAF of <code>λ</code>.
* @param p The AbstractF2mPoint to multiply.
* @param u The the WTNAF of <code>λ</code>..
* @return <code>λ * p</code>
*/
private static AbstractF2mPoint MultiplyFromWTnaf(AbstractF2mPoint p, sbyte[] u, PreCompInfo preCompInfo)
{
AbstractF2mCurve curve = (AbstractF2mCurve)p.Curve;
sbyte a = (sbyte)curve.A.ToBigInteger().IntValue;
AbstractF2mPoint[] pu;
if ((preCompInfo == null) || !(preCompInfo is WTauNafPreCompInfo))
{
pu = Tnaf.GetPreComp(p, a);
WTauNafPreCompInfo pre = new WTauNafPreCompInfo();
pre.PreComp = pu;
curve.SetPreCompInfo(p, PRECOMP_NAME, pre);
}
else
{
pu = ((WTauNafPreCompInfo)preCompInfo).PreComp;
}
// TODO Include negations in precomp (optionally) and use from here
AbstractF2mPoint[] puNeg = new AbstractF2mPoint[pu.Length];
for (int i = 0; i < pu.Length; ++i)
{
puNeg[i] = (AbstractF2mPoint)pu[i].Negate();
}
// q = infinity
AbstractF2mPoint q = (AbstractF2mPoint) p.Curve.Infinity;
int tauCount = 0;
for (int i = u.Length - 1; i >= 0; i--)
{
++tauCount;
int ui = u[i];
if (ui != 0)
{
q = q.TauPow(tauCount);
tauCount = 0;
ECPoint x = ui > 0 ? pu[ui >> 1] : puNeg[(-ui) >> 1];
q = (AbstractF2mPoint)q.Add(x);
}
}
if (tauCount > 0)
{
q = q.TauPow(tauCount);
}
return q;
}
public PreCompInfo Precompute(PreCompInfo existing)
{
WNafPreCompInfo existingWNaf = existing as WNafPreCompInfo;
int width = m_fromWNaf.Width;
int reqPreCompLen = m_fromWNaf.PreComp.Length;
if (CheckExisting(existingWNaf, width, reqPreCompLen, m_includeNegated))
{
existingWNaf.DecrementPromotionCountdown();
return(existingWNaf);
}
/*
* TODO Ideally this method would support incremental calculation, but given the
* existing use-cases it would be of little-to-no benefit.
*/
WNafPreCompInfo result = new WNafPreCompInfo();
result.PromotionCountdown = m_fromWNaf.PromotionCountdown;
ECPoint twiceFrom = m_fromWNaf.Twice;
if (null != twiceFrom)
{
ECPoint twice = m_pointMap.Map(twiceFrom);
result.Twice = twice;
}
ECPoint[] preCompFrom = m_fromWNaf.PreComp;
ECPoint[] preComp = new ECPoint[preCompFrom.Length];
for (int i = 0; i < preCompFrom.Length; ++i)
{
preComp[i] = m_pointMap.Map(preCompFrom[i]);
}
result.PreComp = preComp;
result.Width = width;
if (m_includeNegated)
{
ECPoint[] preCompNeg = new ECPoint[preComp.Length];
for (int i = 0; i < preCompNeg.Length; ++i)
{
preCompNeg[i] = preComp[i].Negate();
}
result.PreCompNeg = preCompNeg;
}
return(result);
}
/**
* Simple shift-and-add multiplication. Serves as reference implementation
* to verify (possibly faster) implementations in
* {@link org.bouncycastle.math.ec.ECPoint ECPoint}.
*
* @param p The point to multiply.
* @param k The factor by which to multiply.
* @return The result of the point multiplication <code>k * p</code>.
*/
public ECPoint Multiply(ECPoint p, BigInteger k, PreCompInfo preCompInfo)
{
ECPoint q = p.Curve.Infinity;
int t = k.BitLength;
for (int i = 0; i < t; i++)
{
if (k.TestBit(i))
{
q = q.Add(p);
}
p = p.Twice();
}
return q;
}
/**
* Simple shift-and-add multiplication. Serves as reference implementation
* to verify (possibly faster) implementations in
* {@link org.bouncycastle.math.ec.ECPoint ECPoint}.
*
* @param p The point to multiply.
* @param k The factor by which to multiply.
* @return The result of the point multiplication <code>k * p</code>.
*/
public ECPoint Multiply(ECPoint p, BigInteger k, PreCompInfo preCompInfo)
{
ECPoint q = p.Curve.Infinity;
int t = k.BitLength;
for (int i = 0; i < t; i++)
{
if (k.TestBit(i))
{
q = q.Add(p);
}
p = p.Twice();
}
return(q);
}
public virtual void SetPreCompInfo(ECPoint point, string name, PreCompInfo preCompInfo)
{
this.CheckPoint(point);
object obj2 = point;
lock (obj2)
{
IDictionary preCompTable = point.m_preCompTable;
if (preCompTable == null)
{
point.m_preCompTable = preCompTable = Platform.CreateHashtable(4);
}
preCompTable[name] = preCompInfo;
}
}
public PreCompInfo Precompute(PreCompInfo existing)
{
EndoPreCompInfo existingEndo = existing as EndoPreCompInfo;
if (CheckExisting(existingEndo, m_endomorphism))
{
return(existingEndo);
}
ECPoint mappedPoint = m_endomorphism.PointMap.Map(m_point);
EndoPreCompInfo result = new EndoPreCompInfo();
result.Endomorphism = m_endomorphism;
result.MappedPoint = mappedPoint;
return(result);
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by <code>k</code> using the reduced <code>τ</code>-adic NAF (RTNAF)
* method.
* @param p The F2mPoint to multiply.
* @param k The integer by which to multiply <code>k</code>.
* @return <code>p</code> multiplied by <code>k</code>.
*/
public ECPoint Multiply(ECPoint point, BigInteger k, PreCompInfo preCompInfo)
{
if (!(point is F2mPoint))
throw new ArgumentException("Only F2mPoint can be used in WTauNafMultiplier");
F2mPoint p = (F2mPoint)point;
F2mCurve curve = (F2mCurve) p.Curve;
int m = curve.M;
sbyte a = (sbyte) curve.A.ToBigInteger().IntValue;
sbyte mu = curve.GetMu();
BigInteger[] s = curve.GetSi();
ZTauElement rho = Tnaf.PartModReduction(k, m, a, s, mu, (sbyte)10);
return MultiplyWTnaf(p, rho, preCompInfo, a, mu);
}
private static AbstractF2mPoint MultiplyFromWTnaf(AbstractF2mPoint p, sbyte[] u, PreCompInfo preCompInfo)
{
AbstractF2mCurve abstractF2mCurve = (AbstractF2mCurve)p.Curve;
sbyte a = (sbyte)abstractF2mCurve.A.ToBigInteger().IntValue;
AbstractF2mPoint[] preComp;
if (preCompInfo == null || !(preCompInfo is WTauNafPreCompInfo))
{
preComp = Tnaf.GetPreComp(p, a);
WTauNafPreCompInfo wTauNafPreCompInfo = new WTauNafPreCompInfo();
wTauNafPreCompInfo.PreComp = preComp;
abstractF2mCurve.SetPreCompInfo(p, PRECOMP_NAME, wTauNafPreCompInfo);
}
else
{
preComp = ((WTauNafPreCompInfo)preCompInfo).PreComp;
}
AbstractF2mPoint[] array = new AbstractF2mPoint[preComp.Length];
for (int i = 0; i < preComp.Length; i++)
{
array[i] = (AbstractF2mPoint)preComp[i].Negate();
}
AbstractF2mPoint abstractF2mPoint = (AbstractF2mPoint)p.Curve.Infinity;
int num = 0;
for (int num2 = u.Length - 1; num2 >= 0; num2--)
{
num++;
int num3 = u[num2];
if (num3 != 0)
{
abstractF2mPoint = abstractF2mPoint.TauPow(num);
num = 0;
ECPoint b = (num3 > 0) ? preComp[num3 >> 1] : array[-num3 >> 1];
abstractF2mPoint = (AbstractF2mPoint)abstractF2mPoint.Add(b);
}
}
if (num > 0)
{
abstractF2mPoint = abstractF2mPoint.TauPow(num);
}
return(abstractF2mPoint);
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code>
* using the window <code>τ</code>-adic NAF (TNAF) method, given the
* WTNAF of <code>λ</code>.
* @param p The F2mPoint to multiply.
* @param u The the WTNAF of <code>λ</code>..
* @return <code>λ * p</code>
*/
private static F2mPoint MultiplyFromWTnaf(F2mPoint p, sbyte[] u, PreCompInfo preCompInfo)
{
F2mCurve curve = (F2mCurve)p.Curve;
sbyte a = (sbyte)curve.A.ToBigInteger().IntValue;
F2mPoint[] pu;
if ((preCompInfo == null) || !(preCompInfo is WTauNafPreCompInfo))
{
pu = Tnaf.GetPreComp(p, a);
WTauNafPreCompInfo pre = new WTauNafPreCompInfo();
pre.PreComp = pu;
curve.SetPreCompInfo(p, PRECOMP_NAME, pre);
}
else
{
pu = ((WTauNafPreCompInfo)preCompInfo).PreComp;
}
// q = infinity
F2mPoint q = (F2mPoint)curve.Infinity;
for (int i = u.Length - 1; i >= 0; i--)
{
q = Tnaf.Tau(q);
sbyte ui = u[i];
if (ui != 0)
{
if (ui > 0)
{
q = q.AddSimple(pu[ui]);
}
else
{
// u[i] < 0
q = q.SubtractSimple(pu[-ui]);
}
}
}
return(q);
}
/**
* Multiplies a {@link Al.Security.math.ec.F2mPoint F2mPoint}
* by <code>k</code> using the reduced <code>τ</code>-adic NAF (RTNAF)
* method.
* @param p The F2mPoint to multiply.
* @param k The integer by which to multiply <code>k</code>.
* @return <code>p</code> multiplied by <code>k</code>.
*/
public ECPoint Multiply(ECPoint point, BigInteger k, PreCompInfo preCompInfo)
{
if (!(point is F2mPoint))
{
throw new ArgumentException("Only F2mPoint can be used in WTauNafMultiplier");
}
F2mPoint p = (F2mPoint)point;
F2mCurve curve = (F2mCurve)p.Curve;
int m = curve.M;
sbyte a = (sbyte)curve.A.ToBigInteger().IntValue;
sbyte mu = curve.GetMu();
BigInteger[] s = curve.GetSi();
ZTauElement rho = Tnaf.PartModReduction(k, m, a, s, mu, (sbyte)10);
return(MultiplyWTnaf(p, rho, preCompInfo, a, mu));
}
/**
* Multiplies a {@link NBitcoin.BouncyCastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code>
* using the window <code>τ</code>-adic NAF (TNAF) method, given the
* WTNAF of <code>λ</code>.
* @param p The F2mPoint to multiply.
* @param u The the WTNAF of <code>λ</code>..
* @return <code>λ * p</code>
*/
private static F2mPoint MultiplyFromWTnaf(F2mPoint p, sbyte[] u, PreCompInfo preCompInfo)
{
F2mCurve curve = (F2mCurve)p.Curve;
sbyte a = (sbyte)curve.A.ToBigInteger().IntValue;
F2mPoint[] pu;
if ((preCompInfo == null) || !(preCompInfo is WTauNafPreCompInfo))
{
pu = Tnaf.GetPreComp(p, a);
WTauNafPreCompInfo pre = new WTauNafPreCompInfo();
pre.PreComp = pu;
curve.SetPreCompInfo(p, PRECOMP_NAME, pre);
}
else
{
pu = ((WTauNafPreCompInfo)preCompInfo).PreComp;
}
// q = infinity
F2mPoint q = (F2mPoint)curve.Infinity;
for (int i = u.Length - 1; i >= 0; i--)
{
q = Tnaf.Tau(q);
sbyte ui = u[i];
if (ui != 0)
{
if (ui > 0)
{
q = q.AddSimple(pu[ui]);
}
else
{
// u[i] < 0
q = q.SubtractSimple(pu[-ui]);
}
}
}
return q;
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code> using
* the <code>τ</code>-adic NAF (TNAF) method.
* @param p The F2mPoint to multiply.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code> of which to compute the
* <code>[τ]</code>-adic NAF.
* @return <code>p</code> multiplied by <code>λ</code>.
*/
private F2mPoint MultiplyWTnaf(F2mPoint p, ZTauElement lambda,
PreCompInfo preCompInfo, sbyte a, sbyte mu)
{
ZTauElement[] alpha;
if (a == 0)
{
alpha = Tnaf.Alpha0;
}
else
{
// a == 1
alpha = Tnaf.Alpha1;
}
BigInteger tw = Tnaf.GetTw(mu, Tnaf.Width);
sbyte[]u = Tnaf.TauAdicWNaf(mu, lambda, Tnaf.Width,
BigInteger.ValueOf(Tnaf.Pow2Width), tw, alpha);
return MultiplyFromWTnaf(p, u, preCompInfo);
}
public virtual PreCompInfo GetPreCompInfo(ECPoint point, string name)
{
CheckPoint(point);
lock (point)
{
IDictionary preCompTable = point.m_preCompTable;
object result;
if (preCompTable == null)
{
PreCompInfo preCompInfo = null;
result = preCompInfo;
}
else
{
result = (PreCompInfo)preCompTable[name];
}
return((PreCompInfo)result);
IL_0036:
PreCompInfo result2;
return(result2);
}
}
public static WNafPreCompInfo GetWNafPreCompInfo(PreCompInfo preCompInfo)
{
if ((preCompInfo != null) && (preCompInfo is WNafPreCompInfo))
{
return (WNafPreCompInfo)preCompInfo;
}
return new WNafPreCompInfo();
}
public PreCompInfo Precompute(PreCompInfo existing)
{
WNafPreCompInfo existingWNaf = existing as WNafPreCompInfo;
int reqPreCompLen = 1 << System.Math.Max(0, m_width - 2);
if (CheckExisting(existingWNaf, reqPreCompLen, m_includeNegated))
{
return(existingWNaf);
}
ECCurve c = m_p.Curve;
ECPoint[] preComp = null, preCompNeg = null;
ECPoint twiceP = null;
if (existingWNaf != null)
{
preComp = existingWNaf.PreComp;
preCompNeg = existingWNaf.PreCompNeg;
twiceP = existingWNaf.Twice;
}
int iniPreCompLen = 0;
if (preComp == null)
{
preComp = EMPTY_POINTS;
}
else
{
iniPreCompLen = preComp.Length;
}
if (iniPreCompLen < reqPreCompLen)
{
preComp = WNafUtilities.ResizeTable(preComp, reqPreCompLen);
if (reqPreCompLen == 1)
{
preComp[0] = m_p.Normalize();
}
else
{
int curPreCompLen = iniPreCompLen;
if (curPreCompLen == 0)
{
preComp[0] = m_p;
curPreCompLen = 1;
}
ECFieldElement iso = null;
if (reqPreCompLen == 2)
{
preComp[1] = m_p.ThreeTimes();
}
else
{
ECPoint isoTwiceP = twiceP, last = preComp[curPreCompLen - 1];
if (isoTwiceP == null)
{
isoTwiceP = preComp[0].Twice();
twiceP = isoTwiceP;
/*
* For Fp curves with Jacobian projective coordinates, use a (quasi-)isomorphism
* where 'twiceP' is "affine", so that the subsequent additions are cheaper. This
* also requires scaling the initial point's X, Y coordinates, and reversing the
* isomorphism as part of the subsequent normalization.
*
* NOTE: The correctness of this optimization depends on:
* 1) additions do not use the curve's A, B coefficients.
* 2) no special cases (i.e. Q +/- Q) when calculating 1P, 3P, 5P, ...
*/
if (!twiceP.IsInfinity && ECAlgorithms.IsFpCurve(c) && c.FieldSize >= 64)
{
switch (c.CoordinateSystem)
{
case ECCurve.COORD_JACOBIAN:
case ECCurve.COORD_JACOBIAN_CHUDNOVSKY:
case ECCurve.COORD_JACOBIAN_MODIFIED:
{
iso = twiceP.GetZCoord(0);
isoTwiceP = c.CreatePoint(twiceP.XCoord.ToBigInteger(),
twiceP.YCoord.ToBigInteger());
ECFieldElement iso2 = iso.Square(), iso3 = iso2.Multiply(iso);
last = last.ScaleX(iso2).ScaleY(iso3);
if (iniPreCompLen == 0)
{
preComp[0] = last;
}
break;
}
}
}
}
while (curPreCompLen < reqPreCompLen)
{
/*
* Compute the new ECPoints for the precomputation array. The values 1, 3,
* 5, ..., 2^(width-1)-1 times p are computed
*/
preComp[curPreCompLen++] = last = last.Add(isoTwiceP);
}
}
/*
* Having oft-used operands in affine form makes operations faster.
*/
c.NormalizeAll(preComp, iniPreCompLen, reqPreCompLen - iniPreCompLen, iso);
}
}
if (m_includeNegated)
{
int pos;
if (preCompNeg == null)
{
pos = 0;
preCompNeg = new ECPoint[reqPreCompLen];
}
else
{
pos = preCompNeg.Length;
if (pos < reqPreCompLen)
{
preCompNeg = WNafUtilities.ResizeTable(preCompNeg, reqPreCompLen);
}
}
while (pos < reqPreCompLen)
{
preCompNeg[pos] = preComp[pos].Negate();
++pos;
}
}
WNafPreCompInfo result = new WNafPreCompInfo();
result.PreComp = preComp;
result.PreCompNeg = preCompNeg;
result.Twice = twiceP;
return(result);
}
/**
* Multiplies <code>this</code> by an integer <code>k</code> using the
* Window NAF method.
* @param k The integer by which <code>this</code> is multiplied.
* @return A new <code>ECPoint</code> which equals <code>this</code>
* multiplied by <code>k</code>.
*/
public ECPoint Multiply(ECPoint p, BigInteger k, PreCompInfo preCompInfo)
{
WNafPreCompInfo wnafPreCompInfo;
if ((preCompInfo != null) && (preCompInfo is WNafPreCompInfo))
{
wnafPreCompInfo = (WNafPreCompInfo)preCompInfo;
}
else
{
// Ignore empty PreCompInfo or PreCompInfo of incorrect type
wnafPreCompInfo = new WNafPreCompInfo();
}
// floor(log2(k))
int m = k.BitLength;
// width of the Window NAF
sbyte width;
// Required length of precomputation array
int reqPreCompLen;
// Determine optimal width and corresponding length of precomputation
// array based on literature values
if (m < 13)
{
width = 2;
reqPreCompLen = 1;
}
else
{
if (m < 41)
{
width = 3;
reqPreCompLen = 2;
}
else
{
if (m < 121)
{
width = 4;
reqPreCompLen = 4;
}
else
{
if (m < 337)
{
width = 5;
reqPreCompLen = 8;
}
else
{
if (m < 897)
{
width = 6;
reqPreCompLen = 16;
}
else
{
if (m < 2305)
{
width = 7;
reqPreCompLen = 32;
}
else
{
width = 8;
reqPreCompLen = 127;
}
}
}
}
}
}
// The length of the precomputation array
int preCompLen = 1;
ECPoint[] preComp = wnafPreCompInfo.GetPreComp();
ECPoint twiceP = wnafPreCompInfo.GetTwiceP();
// Check if the precomputed ECPoints already exist
if (preComp == null)
{
// Precomputation must be performed from scratch, create an empty
// precomputation array of desired length
preComp = new ECPoint[] { p };
}
else
{
// Take the already precomputed ECPoints to start with
preCompLen = preComp.Length;
}
if (twiceP == null)
{
// Compute twice(p)
twiceP = p.Twice();
}
if (preCompLen < reqPreCompLen)
{
// Precomputation array must be made bigger, copy existing preComp
// array into the larger new preComp array
ECPoint[] oldPreComp = preComp;
preComp = new ECPoint[reqPreCompLen];
Array.Copy(oldPreComp, 0, preComp, 0, preCompLen);
for (int i = preCompLen; i < reqPreCompLen; i++)
{
// Compute the new ECPoints for the precomputation array.
// The values 1, 3, 5, ..., 2^(width-1)-1 times p are
// computed
preComp[i] = twiceP.Add(preComp[i - 1]);
}
}
// Compute the Window NAF of the desired width
sbyte[] wnaf = WindowNaf(width, k);
int l = wnaf.Length;
// Apply the Window NAF to p using the precomputed ECPoint values.
ECPoint q = p.Curve.Infinity;
for (int i = l - 1; i >= 0; i--)
{
q = q.Twice();
if (wnaf[i] != 0)
{
if (wnaf[i] > 0)
{
q = q.Add(preComp[(wnaf[i] - 1) / 2]);
}
else
{
// wnaf[i] < 0
q = q.Subtract(preComp[(-wnaf[i] - 1) / 2]);
}
}
}
// Set PreCompInfo in ECPoint, such that it is available for next
// multiplication.
wnafPreCompInfo.SetPreComp(preComp);
wnafPreCompInfo.SetTwiceP(twiceP);
p.SetPreCompInfo(wnafPreCompInfo);
return(q);
}
/**
* Multiplies <code>this</code> by an integer <code>k</code> using the
* Window NAF method.
* @param k The integer by which <code>this</code> is multiplied.
* @return A new <code>ECPoint</code> which equals <code>this</code>
* multiplied by <code>k</code>.
*/
public ECPoint Multiply(ECPoint p, BigInteger k, PreCompInfo preCompInfo)
{
WNafPreCompInfo wnafPreCompInfo;
if ((preCompInfo != null) && (preCompInfo is WNafPreCompInfo))
{
wnafPreCompInfo = (WNafPreCompInfo)preCompInfo;
}
else
{
// Ignore empty PreCompInfo or PreCompInfo of incorrect type
wnafPreCompInfo = new WNafPreCompInfo();
}
// floor(log2(k))
int m = k.BitLength;
// width of the Window NAF
sbyte width;
// Required length of precomputation array
int reqPreCompLen;
// Determine optimal width and corresponding length of precomputation
// array based on literature values
if (m < 13)
{
width = 2;
reqPreCompLen = 1;
}
else
{
if (m < 41)
{
width = 3;
reqPreCompLen = 2;
}
else
{
if (m < 121)
{
width = 4;
reqPreCompLen = 4;
}
else
{
if (m < 337)
{
width = 5;
reqPreCompLen = 8;
}
else
{
if (m < 897)
{
width = 6;
reqPreCompLen = 16;
}
else
{
if (m < 2305)
{
width = 7;
reqPreCompLen = 32;
}
else
{
width = 8;
reqPreCompLen = 127;
}
}
}
}
}
}
// The length of the precomputation array
int preCompLen = 1;
ECPoint[] preComp = wnafPreCompInfo.GetPreComp();
ECPoint twiceP = wnafPreCompInfo.GetTwiceP();
// Check if the precomputed ECPoints already exist
if (preComp == null)
{
// Precomputation must be performed from scratch, create an empty
// precomputation array of desired length
preComp = new ECPoint[]{ p };
}
else
{
// Take the already precomputed ECPoints to start with
preCompLen = preComp.Length;
}
if (twiceP == null)
{
// Compute twice(p)
twiceP = p.Twice();
}
if (preCompLen < reqPreCompLen)
{
// Precomputation array must be made bigger, copy existing preComp
// array into the larger new preComp array
ECPoint[] oldPreComp = preComp;
preComp = new ECPoint[reqPreCompLen];
Array.Copy(oldPreComp, 0, preComp, 0, preCompLen);
for (int i = preCompLen; i < reqPreCompLen; i++)
{
// Compute the new ECPoints for the precomputation array.
// The values 1, 3, 5, ..., 2^(width-1)-1 times p are
// computed
preComp[i] = twiceP.Add(preComp[i - 1]);
}
}
// Compute the Window NAF of the desired width
sbyte[] wnaf = WindowNaf(width, k);
int l = wnaf.Length;
// Apply the Window NAF to p using the precomputed ECPoint values.
ECPoint q = p.Curve.Infinity;
for (int i = l - 1; i >= 0; i--)
{
q = q.Twice();
if (wnaf[i] != 0)
{
if (wnaf[i] > 0)
{
q = q.Add(preComp[(wnaf[i] - 1)/2]);
}
else
{
// wnaf[i] < 0
q = q.Subtract(preComp[(-wnaf[i] - 1)/2]);
}
}
}
// Set PreCompInfo in ECPoint, such that it is available for next
// multiplication.
wnafPreCompInfo.SetPreComp(preComp);
wnafPreCompInfo.SetTwiceP(twiceP);
p.SetPreCompInfo(wnafPreCompInfo);
return q;
}
// /**
// * Mainly for testing. Explicitly set the <code>ECMultiplier</code>.
// * @param multiplier The <code>ECMultiplier</code> to be used to multiply
// * this <code>ECPoint</code>.
// */
// internal void SetECMultiplier(
// ECMultiplier multiplier)
// {
// this.multiplier = multiplier;
// }
/**
* Sets the <code>PreCompInfo</code>. Used by <code>ECMultiplier</code>s
* to save the precomputation for this <code>ECPoint</code> to store the
* precomputation result for use by subsequent multiplication.
* @param preCompInfo The values precomputed by the
* <code>ECMultiplier</code>.
*/
internal void SetPreCompInfo(
PreCompInfo preCompInfo)
{
this.preCompInfo = preCompInfo;
}
// /**
// * Mainly for testing. Explicitly set the <code>ECMultiplier</code>.
// * @param multiplier The <code>ECMultiplier</code> to be used to multiply
// * this <code>ECPoint</code>.
// */
// internal void SetECMultiplier(
// ECMultiplier multiplier)
// {
// this.multiplier = multiplier;
// }
/**
* Sets the <code>PreCompInfo</code>. Used by <code>ECMultiplier</code>s
* to save the precomputation for this <code>ECPoint</code> to store the
* precomputation result for use by subsequent multiplication.
* @param preCompInfo The values precomputed by the
* <code>ECMultiplier</code>.
*/
internal void SetPreCompInfo(
PreCompInfo preCompInfo)
{
this.preCompInfo = preCompInfo;
}
public static FixedPointPreCompInfo GetFixedPointPreCompInfo(PreCompInfo preCompInfo)
{
return(preCompInfo as FixedPointPreCompInfo);
}
/**
* Adds <code>PreCompInfo</code> for a point on this curve, under a given name. Used by
* <code>ECMultiplier</code>s to save the precomputation for this <code>ECPoint</code> for use
* by subsequent multiplication.
*
* @param point
* The <code>ECPoint</code> to store precomputations for.
* @param name
* A <code>String</code> used to index precomputations of different types.
* @param preCompInfo
* The values precomputed by the <code>ECMultiplier</code>.
*/
public virtual void SetPreCompInfo(ECPoint point, string name, PreCompInfo preCompInfo)
{
CheckPoint(point);
lock (point)
{
IDictionary table = point.m_preCompTable;
if (null == table)
{
point.m_preCompTable = table = Platform.CreateHashtable(4);
}
table[name] = preCompInfo;
}
}
