/**
* Does the precomputation for WTNAF multiplication.
* @param p The <code>ECPoint</code> for which to do the precomputation.
* @param a The parameter <code>a</code> of the elliptic curve.
* @return The precomputation array for <code>p</code>.
*/
public static F2MPoint[] GetPreComp(F2MPoint p, sbyte a)
{
F2MPoint[] pu;
pu = new F2MPoint[16];
pu[1] = p;
sbyte[][] alphaTnaf;
if (a == 0)
{
alphaTnaf = Tnaf.Alpha0Tnaf;
}
else
{
// a == 1
alphaTnaf = Tnaf.Alpha1Tnaf;
}
int precompLen = alphaTnaf.Length;
for (int i = 3; i < precompLen; i = i + 2)
{
pu[i] = Tnaf.MultiplyFromTnaf(p, alphaTnaf[i]);
}
return(pu);
}
/**
* Test encoding with and without point compression.
*
* @param p
* The point to be encoded and decoded.
*/
private void implTestEncoding(ECPoint p)
{
// Not Point Compression
ECPoint unCompP;
// Point compression
ECPoint compP;
if (p is FPPoint)
{
unCompP = new FPPoint(p.Curve, p.X, p.Y, false);
compP = new FPPoint(p.Curve, p.X, p.Y, true);
}
else
{
unCompP = new F2MPoint(p.Curve, p.X, p.Y, false);
compP = new F2MPoint(p.Curve, p.X, p.Y, true);
}
byte[] unCompBarr = unCompP.GetEncoded();
ECPoint decUnComp = p.Curve.DecodePoint(unCompBarr);
Assert.AreEqual(p, decUnComp, "Error decoding uncompressed point");
byte[] compBarr = compP.GetEncoded();
ECPoint decComp = p.Curve.DecodePoint(compBarr);
Assert.AreEqual(p, decComp, "Error decoding compressed point");
}
/**
* Creates the points on the curve with literature values.
*/
internal static void CreatePoints()
{
for (var i = 0; i < PointSource.Length / 2; i++)
{
var x = new F2MFieldElement(M, K1, new BigInteger(PointSource[2 * i], 16));
var y = new F2MFieldElement(M, K1, new BigInteger(PointSource[2 * i + 1], 16));
P[i] = new F2MPoint(Curve, x, y);
}
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code>
* using the <code>τ</code>-adic NAF (TNAF) method.
* @param p The F2mPoint to Multiply.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code>.
* @return <code>λ * p</code>
*/
public static F2MPoint MultiplyTnaf(F2MPoint p, ZTauElement lambda)
{
F2MCurve curve = (F2MCurve)p.Curve;
sbyte mu = curve.GetMu();
sbyte[] u = TauAdicNaf(mu, lambda);
F2MPoint q = MultiplyFromTnaf(p, u);
return(q);
}
/**
* Applies the operation <code>τ()</code> to an
* <code>F2mPoint</code>.
* @param p The F2mPoint to which <code>τ()</code> is applied.
* @return <code>τ(p)</code>
*/
public static F2MPoint Tau(F2MPoint p)
{
if (p.IsInfinity)
{
return(p);
}
ECFieldElement x = p.X;
ECFieldElement y = p.Y;
return(new F2MPoint(p.Curve, x.Square(), y.Square(), p.IsCompressed));
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by a <code>BigInteger</code> using the reduced <code>τ</code>-adic
* NAF (RTNAF) method.
* @param p The F2mPoint to Multiply.
* @param k The <code>BigInteger</code> by which to Multiply <code>p</code>.
* @return <code>k * p</code>
*/
public static F2MPoint MultiplyRTnaf(F2MPoint p, IBigInteger k)
{
F2MCurve curve = (F2MCurve)p.Curve;
int m = curve.M;
sbyte a = (sbyte)curve.A.ToBigInteger().IntValue;
sbyte mu = curve.GetMu();
IBigInteger[] s = curve.GetSi();
ZTauElement rho = PartModReduction(k, m, a, s, mu, (sbyte)10);
return(MultiplyTnaf(p, rho));
}
public void TestPointCreationConsistency()
{
try
{
var bad = new FPPoint(Fp.Curve, new FPFieldElement(
Fp.Q, new BigInteger("12")), null);
Assert.Fail();
}
catch (ArgumentException)
{
// Expected
}
try
{
var bad = new FPPoint(Fp.Curve, null,
new FPFieldElement(Fp.Q, new BigInteger("12")));
Assert.Fail();
}
catch (ArgumentException)
{
// Expected
}
try
{
var bad = new F2MPoint(F2M.Curve, new F2MFieldElement(
F2M.M, F2M.K1, new BigInteger("1011")), null);
Assert.Fail();
}
catch (ArgumentException)
{
// Expected
}
try
{
var bad = new F2MPoint(F2M.Curve, null,
new F2MFieldElement(F2M.M, F2M.K1,
new BigInteger("1011")));
Assert.Fail();
}
catch (ArgumentException)
{
// Expected
}
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code>
* using the <code>τ</code>-adic NAF (TNAF) method, given the TNAF
* of <code>λ</code>.
* @param p The F2mPoint to Multiply.
* @param u The the TNAF of <code>λ</code>..
* @return <code>λ * p</code>
*/
public static F2MPoint MultiplyFromTnaf(F2MPoint p, sbyte[] u)
{
F2MCurve curve = (F2MCurve)p.Curve;
F2MPoint q = (F2MPoint)curve.Infinity;
for (int i = u.Length - 1; i >= 0; i--)
{
q = Tau(q);
if (u[i] == 1)
{
q = (F2MPoint)q.AddSimple(p);
}
else if (u[i] == -1)
{
q = (F2MPoint)q.SubtractSimple(p);
}
}
return(q);
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by <code>k</code> using the reduced <code>τ</code>-adic NAF (RTNAF)
* method.
* @param p The F2mPoint to multiply.
* @param k The integer by which to multiply <code>k</code>.
* @return <code>p</code> multiplied by <code>k</code>.
*/
public ECPoint Multiply(ECPoint point, IBigInteger k, IPreCompInfo preCompInfo)
{
if (!(point is F2MPoint))
{
throw new ArgumentException("Only F2mPoint can be used in WTauNafMultiplier");
}
F2MPoint p = (F2MPoint)point;
F2MCurve curve = (F2MCurve)p.Curve;
int m = curve.M;
sbyte a = (sbyte)curve.A.ToBigInteger().IntValue;
sbyte mu = curve.GetMu();
IBigInteger[] s = curve.GetSi();
ZTauElement rho = Tnaf.PartModReduction(k, m, a, s, mu, (sbyte)10);
return(MultiplyWTnaf(p, rho, preCompInfo, a, mu));
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code> using
* the <code>τ</code>-adic NAF (TNAF) method.
* @param p The F2mPoint to multiply.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code> of which to compute the
* <code>[τ]</code>-adic NAF.
* @return <code>p</code> multiplied by <code>λ</code>.
*/
private F2MPoint MultiplyWTnaf(F2MPoint p, ZTauElement lambda,
IPreCompInfo preCompInfo, sbyte a, sbyte mu)
{
ZTauElement[] alpha;
if (a == 0)
{
alpha = Tnaf.Alpha0;
}
else
{
// a == 1
alpha = Tnaf.Alpha1;
}
IBigInteger tw = Tnaf.GetTw(mu, Tnaf.Width);
sbyte[] u = Tnaf.TauAdicWNaf(mu, lambda, Tnaf.Width,
BigInteger.ValueOf(Tnaf.Pow2Width), tw, alpha);
return(MultiplyFromWTnaf(p, u, preCompInfo));
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code>
* using the window <code>τ</code>-adic NAF (TNAF) method, given the
* WTNAF of <code>λ</code>.
* @param p The F2mPoint to multiply.
* @param u The the WTNAF of <code>λ</code>..
* @return <code>λ * p</code>
*/
private static F2MPoint MultiplyFromWTnaf(F2MPoint p, sbyte[] u,
IPreCompInfo preCompInfo)
{
F2MCurve curve = (F2MCurve)p.Curve;
sbyte a = (sbyte)curve.A.ToBigInteger().IntValue;
F2MPoint[] pu;
if ((preCompInfo == null) || !(preCompInfo is WTauNafPreCompInfo))
{
pu = Tnaf.GetPreComp(p, a);
p.PreCompInfo = new WTauNafPreCompInfo(pu);
}
else
{
pu = ((WTauNafPreCompInfo)preCompInfo).GetPreComp();
}
// q = infinity
F2MPoint q = (F2MPoint)p.Curve.Infinity;
for (int i = u.Length - 1; i >= 0; i--)
{
q = Tnaf.Tau(q);
if (u[i] != 0)
{
if (u[i] > 0)
{
q = q.AddSimple(pu[u[i]]);
}
else
{
// u[i] < 0
q = q.SubtractSimple(pu[-u[i]]);
}
}
}
return(q);
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code>
* using the window <code>τ</code>-adic NAF (TNAF) method, given the
* WTNAF of <code>λ</code>.
* @param p The F2mPoint to multiply.
* @param u The the WTNAF of <code>λ</code>..
* @return <code>λ * p</code>
*/
private static F2MPoint MultiplyFromWTnaf(F2MPoint p, sbyte[] u,
IPreCompInfo preCompInfo)
{
F2MCurve curve = (F2MCurve)p.Curve;
sbyte a = (sbyte) curve.A.ToBigInteger().IntValue;
F2MPoint[] pu;
if ((preCompInfo == null) || !(preCompInfo is WTauNafPreCompInfo))
{
pu = Tnaf.GetPreComp(p, a);
p.PreCompInfo = new WTauNafPreCompInfo(pu);
}
else
{
pu = ((WTauNafPreCompInfo)preCompInfo).GetPreComp();
}
// q = infinity
F2MPoint q = (F2MPoint) p.Curve.Infinity;
for (int i = u.Length - 1; i >= 0; i--)
{
q = Tnaf.Tau(q);
if (u[i] != 0)
{
if (u[i] > 0)
{
q = q.AddSimple(pu[u[i]]);
}
else
{
// u[i] < 0
q = q.SubtractSimple(pu[-u[i]]);
}
}
}
return q;
}
/**
* Constructor for <code>WTauNafPreCompInfo</code>
* @param preComp Array holding the precomputed <code>F2mPoint</code>s
* used for the WTNAF multiplication in <code>
* {@link org.bouncycastle.math.ec.multiplier.WTauNafMultiplier.multiply()
* WTauNafMultiplier.multiply()}</code>.
*/
internal WTauNafPreCompInfo(F2MPoint[] preComp)
{
_preComp = preComp;
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code> using
* the <code>τ</code>-adic NAF (TNAF) method.
* @param p The F2mPoint to multiply.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code> of which to compute the
* <code>[τ]</code>-adic NAF.
* @return <code>p</code> multiplied by <code>λ</code>.
*/
private F2MPoint MultiplyWTnaf(F2MPoint p, ZTauElement lambda,
IPreCompInfo preCompInfo, sbyte a, sbyte mu)
{
ZTauElement[] alpha;
if (a == 0)
{
alpha = Tnaf.Alpha0;
}
else
{
// a == 1
alpha = Tnaf.Alpha1;
}
IBigInteger tw = Tnaf.GetTw(mu, Tnaf.Width);
sbyte[]u = Tnaf.TauAdicWNaf(mu, lambda, Tnaf.Width,
BigInteger.ValueOf(Tnaf.Pow2Width), tw, alpha);
return MultiplyFromWTnaf(p, u, preCompInfo);
}
/**
* Applies the operation <code>τ()</code> to an
* <code>F2mPoint</code>.
* @param p The F2mPoint to which <code>τ()</code> is applied.
* @return <code>τ(p)</code>
*/
public static F2MPoint Tau(F2MPoint p)
{
if (p.IsInfinity)
return p;
ECFieldElement x = p.X;
ECFieldElement y = p.Y;
return new F2MPoint(p.Curve, x.Square(), y.Square(), p.IsCompressed);
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code>
* using the <code>τ</code>-adic NAF (TNAF) method.
* @param p The F2mPoint to Multiply.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code>.
* @return <code>λ * p</code>
*/
public static F2MPoint MultiplyTnaf(F2MPoint p, ZTauElement lambda)
{
F2MCurve curve = (F2MCurve)p.Curve;
sbyte mu = curve.GetMu();
sbyte[] u = TauAdicNaf(mu, lambda);
F2MPoint q = MultiplyFromTnaf(p, u);
return q;
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by a <code>BigInteger</code> using the reduced <code>τ</code>-adic
* NAF (RTNAF) method.
* @param p The F2mPoint to Multiply.
* @param k The <code>BigInteger</code> by which to Multiply <code>p</code>.
* @return <code>k * p</code>
*/
public static F2MPoint MultiplyRTnaf(F2MPoint p, IBigInteger k)
{
F2MCurve curve = (F2MCurve) p.Curve;
int m = curve.M;
sbyte a = (sbyte) curve.A.ToBigInteger().IntValue;
sbyte mu = curve.GetMu();
IBigInteger[] s = curve.GetSi();
ZTauElement rho = PartModReduction(k, m, a, s, mu, (sbyte)10);
return MultiplyTnaf(p, rho);
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code>
* using the <code>τ</code>-adic NAF (TNAF) method, given the TNAF
* of <code>λ</code>.
* @param p The F2mPoint to Multiply.
* @param u The the TNAF of <code>λ</code>..
* @return <code>λ * p</code>
*/
public static F2MPoint MultiplyFromTnaf(F2MPoint p, sbyte[] u)
{
F2MCurve curve = (F2MCurve)p.Curve;
F2MPoint q = (F2MPoint) curve.Infinity;
for (int i = u.Length - 1; i >= 0; i--)
{
q = Tau(q);
if (u[i] == 1)
{
q = (F2MPoint)q.AddSimple(p);
}
else if (u[i] == -1)
{
q = (F2MPoint)q.SubtractSimple(p);
}
}
return q;
}
/**
* Does the precomputation for WTNAF multiplication.
* @param p The <code>ECPoint</code> for which to do the precomputation.
* @param a The parameter <code>a</code> of the elliptic curve.
* @return The precomputation array for <code>p</code>.
*/
public static F2MPoint[] GetPreComp(F2MPoint p, sbyte a)
{
F2MPoint[] pu;
pu = new F2MPoint[16];
pu[1] = p;
sbyte[][] alphaTnaf;
if (a == 0)
{
alphaTnaf = Tnaf.Alpha0Tnaf;
}
else
{
// a == 1
alphaTnaf = Tnaf.Alpha1Tnaf;
}
int precompLen = alphaTnaf.Length;
for (int i = 3; i < precompLen; i = i + 2)
{
pu[i] = Tnaf.MultiplyFromTnaf(p, alphaTnaf[i]);
}
return pu;
}