|
public Add ( |
||
| b | ||
| return | ||
public override ECPoint Twice()
{
if (this.IsInfinity)
{
return(this);
}
if (this.x.ToBigInteger().SignValue == 0)
{
return(this.curve.Infinity);
}
F2mFieldElement lambda = (F2mFieldElement)this.x.Add(this.y.Divide(this.x));
F2mFieldElement x2 = (F2mFieldElement)lambda.Square().Add(lambda).Add(this.curve.A);
ECFieldElement ONE = this.curve.FromBigInteger(BigInteger.One);
F2mFieldElement y2 = (F2mFieldElement)this.x.Square().Add(
x2.Multiply(lambda.Add(ONE)));
return(new F2mPoint(this.curve, x2, y2, withCompression));
}
/**
* Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2).
*
* @param xEnc
* The encoding of field element xp.
* @param ypBit
* ~yp, an indication bit for the decompression of yp.
* @return the decompressed point.
*/
private ECPoint decompressPoint(
byte[] xEnc,
int ypBit)
{
ECFieldElement xp = new F2mFieldElement(
this.m, this.k1, this.k2, this.k3, new BigInteger(1, xEnc));
ECFieldElement yp = null;
if (xp.x.SignValue == 0)
{
yp = (F2mFieldElement)b;
for (int i = 0; i < m - 1; i++)
{
yp = yp.Square();
}
}
else
{
ECFieldElement beta = xp.Add(a).Add(
b.Multiply(xp.Square().Invert()));
ECFieldElement z = solveQuadradicEquation(beta);
if (z == null)
{
throw new ArithmeticException("Invalid point compression");
}
int zBit = 0;
if (z.x.TestBit(0))
{
zBit = 1;
}
if (zBit != ypBit)
{
z = z.Add(new F2mFieldElement(this.m, this.k1, this.k2,
this.k3, BigInteger.One));
}
yp = xp.Multiply(z);
}
return(new F2mPoint(this, xp, yp));
}
/* (non-Javadoc)
* @see Org.BouncyCastle.Math.EC.ECPoint#twice()
*/
public override ECPoint Twice()
{
// Twice identity element (point at infinity) is identity
if (this.IsInfinity)
{
return(this);
}
// if x1 == 0, then (x1, y1) == (x1, x1 + y1)
// and hence this = -this and thus 2(x1, y1) == infinity
if (this.x.ToBigInteger().SignValue == 0)
{
return(this.curve.Infinity);
}
F2mFieldElement lambda = (F2mFieldElement)this.x.Add(this.y.Divide(this.x));
F2mFieldElement x2 = (F2mFieldElement)lambda.Square().Add(lambda).Add(this.curve.A);
ECFieldElement ONE = this.curve.FromBigInteger(BigInteger.One);
F2mFieldElement y2 = (F2mFieldElement)this.x.Square().Add(
x2.Multiply(lambda.Add(ONE)));
return(new F2mPoint(this.curve, x2, y2, withCompression));
}
/**
* Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2).
*
* @param xEnc
* The encoding of field element xp.
* @param ypBit
* ~yp, an indication bit for the decompression of yp.
* @return the decompressed point.
*/
private ECPoint decompressPoint(
byte[] xEnc,
int ypBit)
{
ECFieldElement xp = new F2mFieldElement(
this.m, this.k1, this.k2, this.k3, new BigInteger(1, xEnc));
ECFieldElement yp = null;
if (xp.x.SignValue == 0)
{
yp = (F2mFieldElement)b;
for (int i = 0; i < m - 1; i++)
{
yp = yp.Square();
}
}
else
{
ECFieldElement beta = xp.Add(a).Add(
b.Multiply(xp.Square().Invert()));
ECFieldElement z = solveQuadradicEquation(beta);
if (z == null)
{
throw new ArithmeticException("Invalid point compression");
}
int zBit = 0;
if (z.x.TestBit(0))
{
zBit = 1;
}
if (zBit != ypBit)
{
z = z.Add(new F2mFieldElement(this.m, this.k1, this.k2,
this.k3, BigInteger.One));
}
yp = xp.Multiply(z);
}
return new F2mPoint(this, xp, yp);
}
