protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
{
//IL_001c: Unknown result type (might be due to invalid IL or missing references)
ECCurve curve = p.Curve;
int combSize = FixedPointUtilities.GetCombSize(curve);
if (k.BitLength > combSize)
{
throw new InvalidOperationException("fixed-point comb doesn't support scalars larger than the curve order");
}
int widthForCombSize = GetWidthForCombSize(combSize);
FixedPointPreCompInfo fixedPointPreCompInfo = FixedPointUtilities.Precompute(p, widthForCombSize);
ECPoint[] preComp = fixedPointPreCompInfo.PreComp;
int width = fixedPointPreCompInfo.Width;
int num = (combSize + width - 1) / width;
ECPoint eCPoint = curve.Infinity;
int num2 = num * width - 1;
for (int i = 0; i < num; i++)
{
int num3 = 0;
for (int num4 = num2 - i; num4 >= 0; num4 -= num)
{
num3 <<= 1;
if (k.TestBit(num4))
{
num3 |= 1;
}
}
eCPoint = eCPoint.TwicePlus(preComp[num3]);
}
return(eCPoint);
}
protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
{
ECCurve c = p.Curve;
int combSize = FixedPointUtilities.GetCombSize(c);
if (k.BitLength > combSize)
{
throw new InvalidOperationException("fixed-point comb doesn't support scalars larger than the curve order");
}
int widthForCombSize = this.GetWidthForCombSize(combSize);
FixedPointPreCompInfo info = FixedPointUtilities.Precompute(p, widthForCombSize);
ECPoint[] preComp = info.PreComp;
int width = info.Width;
int num4 = ((combSize + width) - 1) / width;
ECPoint infinity = c.Infinity;
int num5 = (num4 * width) - 1;
for (int i = 0; i < num4; i++)
{
int index = 0;
for (int j = num5 - i; j >= 0; j -= num4)
{
index = index << 1;
if (k.TestBit(j))
{
index |= 1;
}
}
infinity = infinity.TwicePlus(preComp[index]);
}
return(infinity);
}
public PreCompInfo Precompute(PreCompInfo existing)
{
FixedPointPreCompInfo existingFP = (existing is FixedPointPreCompInfo) ? (FixedPointPreCompInfo)existing : null;
ECCurve c = m_p.Curve;
int bits = FixedPointUtilities.GetCombSize(c);
int minWidth = bits > 250 ? 6 : 5;
int n = 1 << minWidth;
if (CheckExisting(existingFP, n))
{
return(existingFP);
}
int d = (bits + minWidth - 1) / minWidth;
ECPoint[] pow2Table = new ECPoint[minWidth + 1];
pow2Table[0] = m_p;
for (int i = 1; i < minWidth; ++i)
{
pow2Table[i] = pow2Table[i - 1].TimesPow2(d);
}
// This will be the 'offset' value
pow2Table[minWidth] = pow2Table[0].Subtract(pow2Table[1]);
c.NormalizeAll(pow2Table);
ECPoint[] lookupTable = new ECPoint[n];
lookupTable[0] = pow2Table[0];
for (int bit = minWidth - 1; bit >= 0; --bit)
{
ECPoint pow2 = pow2Table[bit];
int step = 1 << bit;
for (int i = step; i < n; i += (step << 1))
{
lookupTable[i] = lookupTable[i - step].Add(pow2);
}
}
c.NormalizeAll(lookupTable);
FixedPointPreCompInfo result = new FixedPointPreCompInfo();
result.LookupTable = c.CreateCacheSafeLookupTable(lookupTable, 0, lookupTable.Length);
result.Offset = pow2Table[minWidth];
result.Width = minWidth;
return(result);
}
protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
{
ECCurve c = p.Curve;
int size = FixedPointUtilities.GetCombSize(c);
if (k.BitLength > size)
{
/*
* TODO The comb works best when the scalars are less than the (possibly unknown) order.
* Still, if we want to handle larger scalars, we could allow customization of the comb
* size, or alternatively we could deal with the 'extra' bits either by running the comb
* multiple times as necessary, or by using an alternative multiplier as prelude.
*/
throw new InvalidOperationException("fixed-point comb doesn't support scalars larger than the curve order");
}
FixedPointPreCompInfo info = FixedPointUtilities.Precompute(p);
ECLookupTable lookupTable = info.LookupTable;
int width = info.Width;
int d = (size + width - 1) / width;
ECPoint R = c.Infinity;
int fullComb = d * width;
uint[] K = Nat.FromBigInteger(fullComb, k);
int top = fullComb - 1;
for (int i = 0; i < d; ++i)
{
uint secretIndex = 0;
for (int j = top - i; j >= 0; j -= d)
{
uint secretBit = K[j >> 5] >> (j & 0x1F);
secretIndex ^= secretBit >> 1;
secretIndex <<= 1;
secretIndex ^= secretBit;
}
ECPoint add = lookupTable.Lookup((int)secretIndex);
R = R.TwicePlus(add);
}
return(R.Add(info.Offset));
}
protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
{
ECCurve c = p.Curve;
int size = FixedPointUtilities.GetCombSize(c);
if (k.BitLength > size)
{
/*
* TODO The comb works best when the scalars are less than the (possibly unknown) order.
* Still, if we want to handle larger scalars, we could allow customization of the comb
* size, or alternatively we could deal with the 'extra' bits either by running the comb
* multiple times as necessary, or by using an alternative multiplier as prelude.
*/
throw new InvalidOperationException("fixed-point comb doesn't support scalars larger than the curve order");
}
// TODO Call method to let subclasses select width
int width = size > 257 ? 6 : 5;
FixedPointPreCompInfo info = FixedPointUtilities.Precompute(p, width);
ECPoint[] lookupTable = info.PreComp;
int d = (size + width - 1) / width;
ECPoint R = c.Infinity;
int top = d * width - 1;
for (int i = 0; i < d; ++i)
{
int index = 0;
for (int j = top - i; j >= 0; j -= d)
{
index <<= 1;
if (k.TestBit(j))
{
index |= 1;
}
}
R = R.TwicePlus(lookupTable[index]);
}
return(R);
}
public static FixedPointPreCompInfo Precompute(ECPoint p, int minWidth)
{
ECCurve curve = p.Curve;
int num = 1 << minWidth;
FixedPointPreCompInfo fixedPointPreCompInfo = FixedPointUtilities.GetFixedPointPreCompInfo(curve.GetPreCompInfo(p, FixedPointUtilities.PRECOMP_NAME));
ECPoint[] array = fixedPointPreCompInfo.PreComp;
if (array == null || array.Length < num)
{
int combSize = FixedPointUtilities.GetCombSize(curve);
int e = (combSize + minWidth - 1) / minWidth;
ECPoint[] array2 = new ECPoint[minWidth];
array2[0] = p;
for (int i = 1; i < minWidth; i++)
{
array2[i] = array2[i - 1].TimesPow2(e);
}
curve.NormalizeAll(array2);
array = new ECPoint[num];
array[0] = curve.Infinity;
for (int j = minWidth - 1; j >= 0; j--)
{
ECPoint b = array2[j];
int num2 = 1 << j;
for (int k = num2; k < num; k += num2 << 1)
{
array[k] = array[k - num2].Add(b);
}
}
curve.NormalizeAll(array);
fixedPointPreCompInfo.PreComp = array;
fixedPointPreCompInfo.Width = minWidth;
curve.SetPreCompInfo(p, FixedPointUtilities.PRECOMP_NAME, fixedPointPreCompInfo);
}
return(fixedPointPreCompInfo);
}
