private static int CheckPoint(int[] x, int[] y)
{
int[] t = X25519Field.Create();
int[] u = X25519Field.Create();
int[] v = X25519Field.Create();
X25519Field.Sqr(x, u);
X25519Field.Sqr(y, v);
X25519Field.Mul(u, v, t);
X25519Field.Sub(v, u, v);
X25519Field.Mul(t, C_d, t);
X25519Field.AddOne(t);
X25519Field.Sub(t, v, t);
X25519Field.Normalize(t);
return(X25519Field.IsZero(t));
}
private static bool DecodePointVar(byte[] p, int pOff, bool negate, PointExt r)
{
byte[] py = Arrays.CopyOfRange(p, pOff, pOff + PointBytes);
if (!CheckPointVar(py))
{
return(false);
}
int x_0 = (py[PointBytes - 1] & 0x80) >> 7;
py[PointBytes - 1] &= 0x7F;
X25519Field.Decode(py, 0, r.y);
int[] u = X25519Field.Create();
int[] v = X25519Field.Create();
X25519Field.Sqr(r.y, u);
X25519Field.Mul(C_d, u, v);
X25519Field.SubOne(u);
X25519Field.AddOne(v);
if (!X25519Field.SqrtRatioVar(u, v, r.x))
{
return(false);
}
X25519Field.Normalize(r.x);
if (x_0 == 1 && X25519Field.IsZeroVar(r.x))
{
return(false);
}
if (negate ^ (x_0 != (r.x[0] & 1)))
{
X25519Field.Negate(r.x, r.x);
}
PointExtendXY(r);
return(true);
}