/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by an element <code>λ</code> of <code><b>Z</b>[τ]</code>
* using the <code>τ</code>-adic NAF (TNAF) method.
* @param p The F2mPoint to Multiply.
* @param lambda The element <code>λ</code> of
* <code><b>Z</b>[τ]</code>.
* @return <code>λ * p</code>
*/
public static F2mPoint MultiplyTnaf(F2mPoint p, ZTauElement lambda)
{
F2mCurve curve = (F2mCurve)p.Curve;
sbyte mu = curve.GetMu();
sbyte[] u = TauAdicNaf(mu, lambda);
F2mPoint q = MultiplyFromTnaf(p, u);
return(q);
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by a <code>BigInteger</code> using the reduced <code>τ</code>-adic
* NAF (RTNAF) method.
* @param p The F2mPoint to Multiply.
* @param k The <code>BigInteger</code> by which to Multiply <code>p</code>.
* @return <code>k * p</code>
*/
public static F2mPoint MultiplyRTnaf(F2mPoint p, BigInteger k)
{
F2mCurve curve = (F2mCurve)p.Curve;
int m = curve.M;
sbyte a = (sbyte)curve.A.ToBigInteger().IntValue;
sbyte mu = curve.GetMu();
BigInteger[] s = curve.GetSi();
ZTauElement rho = PartModReduction(k, m, a, s, mu, (sbyte)10);
return(MultiplyTnaf(p, rho));
}
/**
* Computes the auxiliary values <code>s<sub>0</sub></code> and
* <code>s<sub>1</sub></code> used for partial modular reduction.
* @param curve The elliptic curve for which to compute
* <code>s<sub>0</sub></code> and <code>s<sub>1</sub></code>.
* @throws ArgumentException if <code>curve</code> is not a
* Koblitz curve (Anomalous Binary Curve, ABC).
*/
public static BigInteger[] GetSi(F2mCurve curve)
{
if (!curve.IsKoblitz)
{
throw new ArgumentException("si is defined for Koblitz curves only");
}
int m = curve.M;
int a = curve.A.ToBigInteger().IntValue;
sbyte mu = curve.GetMu();
int h = curve.H.IntValue;
int index = m + 3 - a;
BigInteger[] ui = GetLucas(mu, index, false);
BigInteger dividend0;
BigInteger dividend1;
if (mu == 1)
{
dividend0 = BigInteger.One.Subtract(ui[1]);
dividend1 = BigInteger.One.Subtract(ui[0]);
}
else if (mu == -1)
{
dividend0 = BigInteger.One.Add(ui[1]);
dividend1 = BigInteger.One.Add(ui[0]);
}
else
{
throw new ArgumentException("mu must be 1 or -1");
}
BigInteger[] si = new BigInteger[2];
if (h == 2)
{
si[0] = dividend0.ShiftRight(1);
si[1] = dividend1.ShiftRight(1).Negate();
}
else if (h == 4)
{
si[0] = dividend0.ShiftRight(2);
si[1] = dividend1.ShiftRight(2).Negate();
}
else
{
throw new ArgumentException("h (Cofactor) must be 2 or 4");
}
return(si);
}
/**
* Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint}
* by <code>k</code> using the reduced <code>τ</code>-adic NAF (RTNAF)
* method.
* @param p The F2mPoint to multiply.
* @param k The integer by which to multiply <code>k</code>.
* @return <code>p</code> multiplied by <code>k</code>.
*/
protected override ECPoint MultiplyPositive(ECPoint point, BigInteger k)
{
if (!(point is F2mPoint))
{
throw new ArgumentException("Only F2mPoint can be used in WTauNafMultiplier");
}
F2mPoint p = (F2mPoint)point;
F2mCurve curve = (F2mCurve)p.Curve;
int m = curve.M;
sbyte a = (sbyte)curve.A.ToBigInteger().IntValue;
sbyte mu = curve.GetMu();
BigInteger[] s = curve.GetSi();
ZTauElement rho = Tnaf.PartModReduction(k, m, a, s, mu, (sbyte)10);
return(MultiplyWTnaf(p, rho, curve.GetPreCompInfo(p, PRECOMP_NAME), a, mu));
}
/**
* Multiplies a {@link Al.Security.math.ec.F2mPoint F2mPoint}
* by <code>k</code> using the reduced <code>τ</code>-adic NAF (RTNAF)
* method.
* @param p The F2mPoint to multiply.
* @param k The integer by which to multiply <code>k</code>.
* @return <code>p</code> multiplied by <code>k</code>.
*/
public ECPoint Multiply(ECPoint point, BigInteger k, PreCompInfo preCompInfo)
{
if (!(point is F2mPoint))
{
throw new ArgumentException("Only F2mPoint can be used in WTauNafMultiplier");
}
F2mPoint p = (F2mPoint)point;
F2mCurve curve = (F2mCurve)p.Curve;
int m = curve.M;
sbyte a = (sbyte)curve.A.ToBigInteger().IntValue;
sbyte mu = curve.GetMu();
BigInteger[] s = curve.GetSi();
ZTauElement rho = Tnaf.PartModReduction(k, m, a, s, mu, (sbyte)10);
return(MultiplyWTnaf(p, rho, preCompInfo, a, mu));
}
/**
* Computes the auxiliary values <code>s<sub>0</sub></code> and
* <code>s<sub>1</sub></code> used for partial modular reduction.
* @param curve The elliptic curve for which to compute
* <code>s<sub>0</sub></code> and <code>s<sub>1</sub></code>.
* @throws ArgumentException if <code>curve</code> is not a
* Koblitz curve (Anomalous Binary Curve, ABC).
*/
public static BigInteger[] GetSi(F2mCurve curve)
{
if (!curve.IsKoblitz)
throw new ArgumentException("si is defined for Koblitz curves only");
int m = curve.M;
int a = curve.A.ToBigInteger().IntValue;
sbyte mu = curve.GetMu();
int h = curve.H.IntValue;
int index = m + 3 - a;
BigInteger[] ui = GetLucas(mu, index, false);
BigInteger dividend0;
BigInteger dividend1;
if (mu == 1)
{
dividend0 = BigInteger.One.Subtract(ui[1]);
dividend1 = BigInteger.One.Subtract(ui[0]);
}
else if (mu == -1)
{
dividend0 = BigInteger.One.Add(ui[1]);
dividend1 = BigInteger.One.Add(ui[0]);
}
else
{
throw new ArgumentException("mu must be 1 or -1");
}
BigInteger[] si = new BigInteger[2];
if (h == 2)
{
si[0] = dividend0.ShiftRight(1);
si[1] = dividend1.ShiftRight(1).Negate();
}
else if (h == 4)
{
si[0] = dividend0.ShiftRight(2);
si[1] = dividend1.ShiftRight(2).Negate();
}
else
{
throw new ArgumentException("h (Cofactor) must be 2 or 4");
}
return si;
}