public sbyte[] NonAdjacentForm(int size)
{
sbyte[] naf = new sbyte[256];
var xU64 = Scalar52.GetU64Data(ScalarBytes);
var width = 1 << size;
var window_mask = width - 1;
var pos = 0;
var carry = 0;
while (pos < 256)
{
// Construct a buffer of bits of the scalar, starting at bit `pos`
var u64_idx = pos / 64;
var bit_idx = pos % 64;
ulong bit_buf;
if (bit_idx < 64 - size)
{
// This window's bits are contained in a single u64
bit_buf = xU64[u64_idx] >> bit_idx;
}
else
{
// Combine the current u64's bits with the bits from the next u64
bit_buf = (xU64[u64_idx] >> bit_idx) | (xU64[1 + u64_idx] << (64 - bit_idx));
}
// Add the carry into the current window
var window = (ulong)carry + (bit_buf & (ulong)window_mask);
if ((window & 1) == 0)
{
// If the window value is even, preserve the carry and continue.
// Why is the carry preserved?
// If carry == 0 and window & 1 == 0, then the next carry should be 0
// If carry == 1 and window & 1 == 0, then bit_buf & 1 == 1 so the next carry should be 1
pos += 1;
continue;
}
if (window < (ulong)(width / 2))
{
carry = 0;
naf[pos] = (sbyte)window;
}
else
{
carry = 1;
naf[pos] = (sbyte)((sbyte)window - (sbyte)width);
}
pos += size;
}
return(naf);
}
public void Recalc()
{
ScalarInner = new Scalar52(ScalarBytes);
}