protected virtual ECFieldElement GetDenominator(int coordinateSystem, ECPoint p)
{
switch (coordinateSystem)
{
case 1:
case 6:
case 7:
return(p.GetZCoord(0));
case 2:
case 3:
case 4:
return(p.GetZCoord(0).Square());
}
return(null);
}
protected virtual ECFieldElement GetDenominator(int coordinateSystem, ECPoint p)
{
switch (coordinateSystem)
{
case ECCurve.COORD_HOMOGENEOUS:
case ECCurve.COORD_LAMBDA_PROJECTIVE:
case ECCurve.COORD_SKEWED:
return(p.GetZCoord(0));
case ECCurve.COORD_JACOBIAN:
case ECCurve.COORD_JACOBIAN_CHUDNOVSKY:
case ECCurve.COORD_JACOBIAN_MODIFIED:
return(p.GetZCoord(0).Square());
default:
return(null);
}
}
/**
* Normalization ensures that any projective coordinate is 1, and therefore that the x, y
* coordinates reflect those of the equivalent point in an affine coordinate system. Where more
* than one point is to be normalized, this method will generally be more efficient than
* normalizing each point separately. An (optional) z-scaling factor can be applied; effectively
* each z coordinate is scaled by this value prior to normalization (but only one
* actual multiplication is needed).
*
* @param points
* An array of points that will be updated in place with their normalized versions,
* where necessary
* @param off
* The start of the range of points to normalize
* @param len
* The length of the range of points to normalize
* @param iso
* The (optional) z-scaling factor - can be null
*/
public virtual void NormalizeAll(ECPoint[] points, int off, int len, ECFieldElement iso)
{
CheckPoints(points, off, len);
switch (this.CoordinateSystem)
{
case ECCurve.COORD_AFFINE:
case ECCurve.COORD_LAMBDA_AFFINE:
{
if (iso != null)
{
throw new ArgumentException("not valid for affine coordinates", "iso");
}
return;
}
}
/*
* Figure out which of the points actually need to be normalized
*/
ECFieldElement[] zs = new ECFieldElement[len];
int[] indices = new int[len];
int count = 0;
for (int i = 0; i < len; ++i)
{
ECPoint p = points[off + i];
if (null != p && (iso != null || !p.IsNormalized()))
{
zs[count] = p.GetZCoord(0);
indices[count++] = off + i;
}
}
if (count == 0)
{
return;
}
ECAlgorithms.MontgomeryTrick(zs, 0, count, iso);
for (int j = 0; j < count; ++j)
{
int index = indices[j];
points[index] = points[index].Normalize(zs[j]);
}
}
public override ECPoint ImportPoint(ECPoint p)
{
if (this != p.Curve && CoordinateSystem == 2 && !p.IsInfinity)
{
switch (p.Curve.CoordinateSystem)
{
case 2:
case 3:
case 4:
return(new FpPoint(this, FromBigInteger(p.RawXCoord.ToBigInteger()), FromBigInteger(p.RawYCoord.ToBigInteger()), new ECFieldElement[1] {
FromBigInteger(p.GetZCoord(0).ToBigInteger())
}, p.IsCompressed));
}
}
return(base.ImportPoint(p));
}
public override ECPoint ImportPoint(ECPoint p)
{
if (this != p.Curve && this.CoordinateSystem == COORD_JACOBIAN && !p.IsInfinity)
{
switch (p.Curve.CoordinateSystem)
{
case COORD_JACOBIAN:
case COORD_JACOBIAN_CHUDNOVSKY:
case COORD_JACOBIAN_MODIFIED:
return(new FpPoint(this,
FromBigInteger(p.RawXCoord.ToBigInteger()),
FromBigInteger(p.RawYCoord.ToBigInteger()),
new[] { FromBigInteger(p.GetZCoord(0).ToBigInteger()) },
p.IsCompressed));
}
}
return(base.ImportPoint(p));
}
/**
* Normalization ensures that any projective coordinate is 1, and therefore that the x, y
* coordinates reflect those of the equivalent point in an affine coordinate system. Where more
* than one point is to be normalized, this method will generally be more efficient than
* normalizing each point separately.
*
* @param points
* An array of points that will be updated in place with their normalized versions,
* where necessary
*/
public virtual void NormalizeAll(ECPoint[] points)
{
CheckPoints(points);
if (this.CoordinateSystem == ECCurve.COORD_AFFINE)
{
return;
}
/*
* Figure out which of the points actually need to be normalized
*/
ECFieldElement[] zs = new ECFieldElement[points.Length];
int[] indices = new int[points.Length];
int count = 0;
for (int i = 0; i < points.Length; ++i)
{
ECPoint p = points[i];
if (null != p && !p.IsNormalized())
{
zs[count] = p.GetZCoord(0);
indices[count++] = i;
}
}
if (count == 0)
{
return;
}
ECAlgorithms.MontgomeryTrick(zs, 0, count);
for (int j = 0; j < count; ++j)
{
int index = indices[j];
points[index] = points[index].Normalize(zs[j]);
}
}
public virtual void NormalizeAll(ECPoint[] points, int off, int len, ECFieldElement iso)
{
CheckPoints(points, off, len);
int coordinateSystem = CoordinateSystem;
if (coordinateSystem == 0 || coordinateSystem == 5)
{
if (iso != null)
{
throw new ArgumentException("not valid for affine coordinates", "iso");
}
return;
}
ECFieldElement[] array = new ECFieldElement[len];
int[] array2 = new int[len];
int num = 0;
for (int i = 0; i < len; i++)
{
ECPoint eCPoint = points[off + i];
if (eCPoint != null && (iso != null || !eCPoint.IsNormalized()))
{
array[num] = eCPoint.GetZCoord(0);
array2[num++] = off + i;
}
}
if (num != 0)
{
ECAlgorithms.MontgomeryTrick(array, 0, num, iso);
for (int j = 0; j < num; j++)
{
int num3 = array2[j];
points[num3] = points[num3].Normalize(array[j]);
}
}
}
public static WNafPreCompInfo Precompute(ECPoint p, int width, bool includeNegated)
{
ECCurve c = p.Curve;
WNafPreCompInfo wnafPreCompInfo = GetWNafPreCompInfo(c.GetPreCompInfo(p, PRECOMP_NAME));
int iniPreCompLen = 0, reqPreCompLen = 1 << System.Math.Max(0, width - 2);
ECPoint[] preComp = wnafPreCompInfo.PreComp;
if (preComp == null)
{
preComp = EMPTY_POINTS;
}
else
{
iniPreCompLen = preComp.Length;
}
if (iniPreCompLen < reqPreCompLen)
{
preComp = ResizeTable(preComp, reqPreCompLen);
if (reqPreCompLen == 1)
{
preComp[0] = p.Normalize();
}
else
{
int curPreCompLen = iniPreCompLen;
if (curPreCompLen == 0)
{
preComp[0] = p;
curPreCompLen = 1;
}
ECFieldElement iso = null;
if (reqPreCompLen == 2)
{
preComp[1] = p.ThreeTimes();
}
else
{
ECPoint twiceP = wnafPreCompInfo.Twice, last = preComp[curPreCompLen - 1];
if (twiceP == null)
{
twiceP = preComp[0].Twice();
wnafPreCompInfo.Twice = twiceP;
/*
* For Fp curves with Jacobian projective coordinates, use a (quasi-)isomorphism
* where 'twiceP' is "affine", so that the subsequent additions are cheaper. This
* also requires scaling the initial point's X, Y coordinates, and reversing the
* isomorphism as part of the subsequent normalization.
*
* NOTE: The correctness of this optimization depends on:
* 1) additions do not use the curve's A, B coefficients.
* 2) no special cases (i.e. Q +/- Q) when calculating 1P, 3P, 5P, ...
*/
if (ECAlgorithms.IsFpCurve(c) && c.FieldSize >= 64)
{
switch (c.CoordinateSystem)
{
case ECCurve.COORD_JACOBIAN:
case ECCurve.COORD_JACOBIAN_CHUDNOVSKY:
case ECCurve.COORD_JACOBIAN_MODIFIED:
{
iso = twiceP.GetZCoord(0);
twiceP = c.CreatePoint(twiceP.XCoord.ToBigInteger(),
twiceP.YCoord.ToBigInteger());
ECFieldElement iso2 = iso.Square(), iso3 = iso2.Multiply(iso);
last = last.ScaleX(iso2).ScaleY(iso3);
if (iniPreCompLen == 0)
{
preComp[0] = last;
}
break;
}
}
}
}
while (curPreCompLen < reqPreCompLen)
{
/*
* Compute the new ECPoints for the precomputation array. The values 1, 3,
* 5, ..., 2^(width-1)-1 times p are computed
*/
preComp[curPreCompLen++] = last = last.Add(twiceP);
}
}
/*
* Having oft-used operands in affine form makes operations faster.
*/
c.NormalizeAll(preComp, iniPreCompLen, reqPreCompLen - iniPreCompLen, iso);
}
}
wnafPreCompInfo.PreComp = preComp;
if (includeNegated)
{
ECPoint[] preCompNeg = wnafPreCompInfo.PreCompNeg;
int pos;
if (preCompNeg == null)
{
pos = 0;
preCompNeg = new ECPoint[reqPreCompLen];
}
else
{
pos = preCompNeg.Length;
if (pos < reqPreCompLen)
{
preCompNeg = ResizeTable(preCompNeg, reqPreCompLen);
}
}
while (pos < reqPreCompLen)
{
preCompNeg[pos] = preComp[pos].Negate();
++pos;
}
wnafPreCompInfo.PreCompNeg = preCompNeg;
}
c.SetPreCompInfo(p, PRECOMP_NAME, wnafPreCompInfo);
return(wnafPreCompInfo);
}
public static WNafPreCompInfo Precompute(ECPoint p, int width, bool includeNegated)
{
ECCurve curve = p.Curve;
WNafPreCompInfo wNafPreCompInfo = WNafUtilities.GetWNafPreCompInfo(curve.GetPreCompInfo(p, WNafUtilities.PRECOMP_NAME));
int num = 0;
int num2 = 1 << Math.Max(0, width - 2);
ECPoint[] array = wNafPreCompInfo.PreComp;
if (array == null)
{
array = WNafUtilities.EMPTY_POINTS;
}
else
{
num = array.Length;
}
if (num < num2)
{
array = WNafUtilities.ResizeTable(array, num2);
if (num2 == 1)
{
array[0] = p.Normalize();
}
else
{
int i = num;
if (i == 0)
{
array[0] = p;
i = 1;
}
ECFieldElement eCFieldElement = null;
if (num2 == 2)
{
array[1] = p.ThreeTimes();
}
else
{
ECPoint eCPoint = wNafPreCompInfo.Twice;
ECPoint eCPoint2 = array[i - 1];
if (eCPoint == null)
{
eCPoint = array[0].Twice();
wNafPreCompInfo.Twice = eCPoint;
if (ECAlgorithms.IsFpCurve(curve) && curve.FieldSize >= 64)
{
switch (curve.CoordinateSystem)
{
case 2:
case 3:
case 4:
{
eCFieldElement = eCPoint.GetZCoord(0);
eCPoint = curve.CreatePoint(eCPoint.XCoord.ToBigInteger(), eCPoint.YCoord.ToBigInteger());
ECFieldElement eCFieldElement2 = eCFieldElement.Square();
ECFieldElement scale = eCFieldElement2.Multiply(eCFieldElement);
eCPoint2 = eCPoint2.ScaleX(eCFieldElement2).ScaleY(scale);
if (num == 0)
{
array[0] = eCPoint2;
}
break;
}
}
}
}
while (i < num2)
{
eCPoint2 = (array[i++] = eCPoint2.Add(eCPoint));
}
}
curve.NormalizeAll(array, num, num2 - num, eCFieldElement);
}
}
wNafPreCompInfo.PreComp = array;
if (includeNegated)
{
ECPoint[] array2 = wNafPreCompInfo.PreCompNeg;
int j;
if (array2 == null)
{
j = 0;
array2 = new ECPoint[num2];
}
else
{
j = array2.Length;
if (j < num2)
{
array2 = WNafUtilities.ResizeTable(array2, num2);
}
}
while (j < num2)
{
array2[j] = array[j].Negate();
j++;
}
wNafPreCompInfo.PreCompNeg = array2;
}
curve.SetPreCompInfo(p, WNafUtilities.PRECOMP_NAME, wNafPreCompInfo);
return(wNafPreCompInfo);
}
public static WNafPreCompInfo Precompute(ECPoint p, int width, bool includeNegated)
{
ECCurve c = p.Curve;
WNafPreCompInfo wNafPreCompInfo = GetWNafPreCompInfo(c.GetPreCompInfo(p, PRECOMP_NAME));
int off = 0;
int length = ((int)1) << Math.Max(0, width - 2);
ECPoint[] preComp = wNafPreCompInfo.PreComp;
if (preComp == null)
{
preComp = EMPTY_POINTS;
}
else
{
off = preComp.Length;
}
if (off < length)
{
preComp = ResizeTable(preComp, length);
if (length == 1)
{
preComp[0] = p.Normalize();
}
else
{
int num3 = off;
if (num3 == 0)
{
preComp[0] = p;
num3 = 1;
}
ECFieldElement b = null;
if (length == 2)
{
preComp[1] = p.ThreeTimes();
}
else
{
ECPoint twice = wNafPreCompInfo.Twice;
ECPoint point2 = preComp[num3 - 1];
if (twice == null)
{
twice = preComp[0].Twice();
wNafPreCompInfo.Twice = twice;
if (ECAlgorithms.IsFpCurve(c) && (c.FieldSize >= 0x40))
{
switch (c.CoordinateSystem)
{
case 2:
case 3:
case 4:
{
b = twice.GetZCoord(0);
twice = c.CreatePoint(twice.XCoord.ToBigInteger(), twice.YCoord.ToBigInteger());
ECFieldElement scale = b.Square();
ECFieldElement element3 = scale.Multiply(b);
point2 = point2.ScaleX(scale).ScaleY(element3);
if (off == 0)
{
preComp[0] = point2;
}
break;
}
}
}
}
while (num3 < length)
{
preComp[num3++] = point2 = point2.Add(twice);
}
}
c.NormalizeAll(preComp, off, length - off, b);
}
}
wNafPreCompInfo.PreComp = preComp;
if (includeNegated)
{
int num5;
ECPoint[] preCompNeg = wNafPreCompInfo.PreCompNeg;
if (preCompNeg == null)
{
num5 = 0;
preCompNeg = new ECPoint[length];
}
else
{
num5 = preCompNeg.Length;
if (num5 < length)
{
preCompNeg = ResizeTable(preCompNeg, length);
}
}
while (num5 < length)
{
preCompNeg[num5] = preComp[num5].Negate();
num5++;
}
wNafPreCompInfo.PreCompNeg = preCompNeg;
}
c.SetPreCompInfo(p, PRECOMP_NAME, wNafPreCompInfo);
return(wNafPreCompInfo);
}
public PreCompInfo Precompute(PreCompInfo existing)
{
WNafPreCompInfo existingWNaf = existing as WNafPreCompInfo;
int width = System.Math.Max(2, System.Math.Min(MAX_WIDTH, m_minWidth));
int reqPreCompLen = 1 << (width - 2);
if (CheckExisting(existingWNaf, width, reqPreCompLen, m_includeNegated))
{
existingWNaf.DecrementPromotionCountdown();
return(existingWNaf);
}
WNafPreCompInfo result = new WNafPreCompInfo();
ECCurve c = m_p.Curve;
ECPoint[] preComp = null, preCompNeg = null;
ECPoint twiceP = null;
if (null != existingWNaf)
{
int promotionCountdown = existingWNaf.DecrementPromotionCountdown();
result.PromotionCountdown = promotionCountdown;
int confWidth = existingWNaf.ConfWidth;
result.ConfWidth = confWidth;
preComp = existingWNaf.PreComp;
preCompNeg = existingWNaf.PreCompNeg;
twiceP = existingWNaf.Twice;
}
width = System.Math.Min(MAX_WIDTH, System.Math.Max(result.ConfWidth, width));
reqPreCompLen = 1 << (width - 2);
int iniPreCompLen = 0;
if (null == preComp)
{
preComp = EMPTY_POINTS;
}
else
{
iniPreCompLen = preComp.Length;
}
if (iniPreCompLen < reqPreCompLen)
{
preComp = WNafUtilities.ResizeTable(preComp, reqPreCompLen);
if (reqPreCompLen == 1)
{
preComp[0] = m_p.Normalize();
}
else
{
int curPreCompLen = iniPreCompLen;
if (curPreCompLen == 0)
{
preComp[0] = m_p;
curPreCompLen = 1;
}
ECFieldElement iso = null;
if (reqPreCompLen == 2)
{
preComp[1] = m_p.ThreeTimes();
}
else
{
ECPoint isoTwiceP = twiceP, last = preComp[curPreCompLen - 1];
if (null == isoTwiceP)
{
isoTwiceP = preComp[0].Twice();
twiceP = isoTwiceP;
/*
* For Fp curves with Jacobian projective coordinates, use a (quasi-)isomorphism
* where 'twiceP' is "affine", so that the subsequent additions are cheaper. This
* also requires scaling the initial point's X, Y coordinates, and reversing the
* isomorphism as part of the subsequent normalization.
*
* NOTE: The correctness of this optimization depends on:
* 1) additions do not use the curve's A, B coefficients.
* 2) no special cases (i.e. Q +/- Q) when calculating 1P, 3P, 5P, ...
*/
if (!twiceP.IsInfinity && ECAlgorithms.IsFpCurve(c) && c.FieldSize >= 64)
{
switch (c.CoordinateSystem)
{
case ECCurve.COORD_JACOBIAN:
case ECCurve.COORD_JACOBIAN_CHUDNOVSKY:
case ECCurve.COORD_JACOBIAN_MODIFIED:
{
iso = twiceP.GetZCoord(0);
isoTwiceP = c.CreatePoint(twiceP.XCoord.ToBigInteger(),
twiceP.YCoord.ToBigInteger());
ECFieldElement iso2 = iso.Square(), iso3 = iso2.Multiply(iso);
last = last.ScaleX(iso2).ScaleY(iso3);
if (iniPreCompLen == 0)
{
preComp[0] = last;
}
break;
}
}
}
}
while (curPreCompLen < reqPreCompLen)
{
/*
* Compute the new ECPoints for the precomputation array. The values 1, 3,
* 5, ..., 2^(width-1)-1 times p are computed
*/
preComp[curPreCompLen++] = last = last.Add(isoTwiceP);
}
}
/*
* Having oft-used operands in affine form makes operations faster.
*/
c.NormalizeAll(preComp, iniPreCompLen, reqPreCompLen - iniPreCompLen, iso);
}
}
if (m_includeNegated)
{
int pos;
if (null == preCompNeg)
{
pos = 0;
preCompNeg = new ECPoint[reqPreCompLen];
}
else
{
pos = preCompNeg.Length;
if (pos < reqPreCompLen)
{
preCompNeg = WNafUtilities.ResizeTable(preCompNeg, reqPreCompLen);
}
}
while (pos < reqPreCompLen)
{
preCompNeg[pos] = preComp[pos].Negate();
++pos;
}
}
result.PreComp = preComp;
result.PreCompNeg = preCompNeg;
result.Twice = twiceP;
result.Width = width;
return(result);
}
