private static void InversionStep(uint[] p, uint[] u, int uLen, uint[] x, ref int xc)
{
int len = p.Length;
int num = 0;
while (u[0] == 0)
{
Nat.ShiftDownWord(uLen, u, 0u);
num += 32;
}
int trailingZeroes = GetTrailingZeroes(u[0]);
if (trailingZeroes > 0)
{
Nat.ShiftDownBits(uLen, u, trailingZeroes, 0u);
num += trailingZeroes;
}
for (int i = 0; i < num; i++)
{
if ((x[0] & 1) != 0)
{
if (xc < 0)
{
xc += (int)Nat.AddTo(len, p, x);
}
else
{
xc += Nat.SubFrom(len, p, x);
}
}
Nat.ShiftDownBit(len, x, (uint)xc);
}
}
public static void Reduce(uint[] xx, uint[] z)
{
uint c = xx[0x20];
uint num2 = Nat.ShiftDownBits(0x10, xx, 0x10, 9, c, z, 0) >> 0x17;
num2 += c >> 9;
num2 += Nat.AddTo(0x10, xx, z);
if ((num2 > 0x1ff) || ((num2 == 0x1ff) && Nat.Eq(0x10, z, P)))
{
num2 += Nat.Inc(0x10, z);
num2 &= 0x1ff;
}
z[0x10] = num2;
}
public static void Reduce(uint[] xx, uint[] z)
{
uint num = xx[32];
uint num2 = Nat.ShiftDownBits(16, xx, 16, 9, num, z, 0) >> 23;
num2 += num >> 9;
num2 += Nat.AddTo(16, xx, z);
if (num2 > 511 || (num2 == 511 && Nat.Eq(16, z, P)))
{
num2 += Nat.Inc(16, z);
num2 &= 0x1FF;
}
z[16] = num2;
}
public static void Reduce(uint[] xx, uint[] z)
{
Debug.Assert(xx[32] >> 18 == 0);
uint xx32 = xx[32];
uint c = Nat.ShiftDownBits(16, xx, 16, 9, xx32, z, 0) >> 23;
c += xx32 >> 9;
c += Nat.AddTo(16, xx, z);
if (c > P16 || (c == P16 && Nat.Eq(16, z, P)))
{
c += Nat.Inc(16, z);
c &= P16;
}
z[16] = c;
}
private static void ScalarMult(byte[] k, PointAffine p, PointAccum r)
{
uint[] n = new uint[ScalarUints];
DecodeScalar(k, 0, n);
Debug.Assert(0U == (n[0] & 7));
Debug.Assert(1U == n[ScalarUints - 1] >> 30);
Nat.ShiftDownBits(ScalarUints, n, 3, 1U);
// Recode the scalar into signed-digit form
{
uint c1 = Nat.CAdd(ScalarUints, ~(int)n[0] & 1, n, L, n); Debug.Assert(c1 == 0U);
uint c2 = Nat.ShiftDownBit(ScalarUints, n, 0U); Debug.Assert(c2 == (1U << 31));
}
Debug.Assert(1U == n[ScalarUints - 1] >> 28);
int[] table = PointPrecompute(p, 8);
PointExt q = new PointExt();
// Replace first 4 doublings (2^4 * P) with 1 addition (P + 15 * P)
PointCopy(p, r);
PointLookup(table, 7, q);
PointAdd(q, r);
int w = 62;
for (;;)
{
PointLookup(n, w, table, q);
PointAdd(q, r);
PointDouble(r);
PointDouble(r);
PointDouble(r);
if (--w < 0)
{
break;
}
PointDouble(r);
}
}
private static void ScalarMult(byte[] k, PointExt p, PointExt r)
{
uint[] n = new uint[ScalarUints];
DecodeScalar(k, 0, n);
Debug.Assert(0U == (n[0] & 3));
Debug.Assert(1U == n[ScalarUints - 1] >> 31);
Nat.ShiftDownBits(ScalarUints, n, 2, 0U);
// Recode the scalar into signed-digit form
{
uint c1 = Nat.CAdd(ScalarUints, ~(int)n[0] & 1, n, L, n); Debug.Assert(c1 == 0U);
uint c2 = Nat.ShiftDownBit(ScalarUints, n, 1U); Debug.Assert(c2 == (1U << 31));
}
uint[] table = PointPrecompute(p, 8);
PointExt q = new PointExt();
PointLookup(n, 111, table, r);
for (int w = 110; w >= 0; --w)
{
for (int i = 0; i < 4; ++i)
{
PointDouble(r);
}
PointLookup(n, w, table, q);
PointAdd(q, r);
}
for (int i = 0; i < 2; ++i)
{
PointDouble(r);
}
}
private static int Legendre(BigInteger a, BigInteger b)
{
//int r = 0, bits = b.IntValue;
//for (;;)
//{
// int lowestSetBit = a.GetLowestSetBit();
// a = a.ShiftRight(lowestSetBit);
// r ^= (bits ^ (bits >> 1)) & (lowestSetBit << 1);
// int cmp = a.CompareTo(b);
// if (cmp == 0)
// break;
// if (cmp < 0)
// {
// BigInteger t = a; a = b; b = t;
// int oldBits = bits;
// bits = b.IntValue;
// r ^= oldBits & bits;
// }
// a = a.Subtract(b);
//}
//return BigInteger.One.Equals(b) ? (1 - (r & 2)) : 0;
int bitLength = b.BitLength;
uint[] A = Nat.FromBigInteger(bitLength, a);
uint[] B = Nat.FromBigInteger(bitLength, b);
int r = 0;
int len = B.Length;
for (;;)
{
while (A[0] == 0)
{
Nat.ShiftDownWord(len, A, 0);
}
int shift = Integers.NumberOfTrailingZeros((int)A[0]);
if (shift > 0)
{
Nat.ShiftDownBits(len, A, shift, 0);
int bits = (int)B[0];
r ^= (bits ^ (bits >> 1)) & (shift << 1);
}
int cmp = Nat.Compare(len, A, B);
if (cmp == 0)
{
break;
}
if (cmp < 0)
{
r ^= (int)(A[0] & B[0]);
uint[] t = A; A = B; B = t;
}
while (A[len - 1] == 0)
{
len = len - 1;
}
Nat.Sub(len, A, B, A);
}
return(Nat.IsOne(len, B) ? (1 - (r & 2)) : 0);
}
