public static BigInteger[] GetSi(AbstractF2mCurve curve)
{
if (!curve.IsKoblitz)
{
throw new ArgumentException("si is defined for Koblitz curves only");
}
int fieldSize = curve.FieldSize;
int intValue = curve.A.ToBigInteger().IntValue;
sbyte mu = Tnaf.GetMu(intValue);
int shiftsForCofactor = Tnaf.GetShiftsForCofactor(curve.Cofactor);
int k = fieldSize + 3 - intValue;
BigInteger[] lucas = Tnaf.GetLucas(mu, k, false);
if (mu == 1)
{
lucas[0] = lucas[0].Negate();
lucas[1] = lucas[1].Negate();
}
BigInteger bigInteger = BigInteger.One.Add(lucas[1]).ShiftRight(shiftsForCofactor);
BigInteger bigInteger2 = BigInteger.One.Add(lucas[0]).ShiftRight(shiftsForCofactor).Negate();
return(new BigInteger[]
{
bigInteger,
bigInteger2
});
}
/**
* Does the precomputation for WTNAF multiplication.
* @param p The <code>ECPoint</code> for which to do the precomputation.
* @param a The parameter <code>a</code> of the elliptic curve.
* @return The precomputation array for <code>p</code>.
*/
public static F2mPoint[] GetPreComp(F2mPoint p, sbyte a)
{
F2mPoint[] pu;
pu = new F2mPoint[16];
pu[1] = p;
sbyte[][] alphaTnaf;
if (a == 0)
{
alphaTnaf = Tnaf.Alpha0Tnaf;
}
else
{
// a == 1
alphaTnaf = Tnaf.Alpha1Tnaf;
}
int precompLen = alphaTnaf.Length;
for (int i = 3; i < precompLen; i = i + 2)
{
pu[i] = Tnaf.MultiplyFromTnaf(p, alphaTnaf[i]);
}
return(pu);
}
public static AbstractF2mPoint MultiplyTnaf(AbstractF2mPoint p, ZTauElement lambda)
{
AbstractF2mCurve abstractF2mCurve = (AbstractF2mCurve)p.Curve;
sbyte mu = Tnaf.GetMu(abstractF2mCurve.A);
sbyte[] u = Tnaf.TauAdicNaf(mu, lambda);
return(Tnaf.MultiplyFromTnaf(p, u));
}
public static AbstractF2mPoint MultiplyRTnaf(AbstractF2mPoint p, BigInteger k)
{
AbstractF2mCurve abstractF2mCurve = (AbstractF2mCurve)p.Curve;
int fieldSize = abstractF2mCurve.FieldSize;
int intValue = abstractF2mCurve.A.ToBigInteger().IntValue;
sbyte mu = Tnaf.GetMu(intValue);
BigInteger[] si = abstractF2mCurve.GetSi();
ZTauElement lambda = Tnaf.PartModReduction(k, fieldSize, (sbyte)intValue, si, mu, 10);
return(Tnaf.MultiplyTnaf(p, lambda));
}
public static sbyte[] TauAdicNaf(sbyte mu, ZTauElement lambda)
{
if (mu != 1 && mu != -1)
{
throw new ArgumentException("mu must be 1 or -1");
}
BigInteger bigInteger = Tnaf.Norm(mu, lambda);
int bitLength = bigInteger.BitLength;
int num = (bitLength > 30) ? (bitLength + 4) : 34;
sbyte[] array = new sbyte[num];
int num2 = 0;
int num3 = 0;
BigInteger bigInteger2 = lambda.u;
BigInteger bigInteger3 = lambda.v;
while (!bigInteger2.Equals(BigInteger.Zero) || !bigInteger3.Equals(BigInteger.Zero))
{
if (bigInteger2.TestBit(0))
{
array[num2] = (sbyte)BigInteger.Two.Subtract(bigInteger2.Subtract(bigInteger3.ShiftLeft(1)).Mod(Tnaf.Four)).IntValue;
if (array[num2] == 1)
{
bigInteger2 = bigInteger2.ClearBit(0);
}
else
{
bigInteger2 = bigInteger2.Add(BigInteger.One);
}
num3 = num2;
}
else
{
array[num2] = 0;
}
BigInteger bigInteger4 = bigInteger2;
BigInteger bigInteger5 = bigInteger2.ShiftRight(1);
if (mu == 1)
{
bigInteger2 = bigInteger3.Add(bigInteger5);
}
else
{
bigInteger2 = bigInteger3.Subtract(bigInteger5);
}
bigInteger3 = bigInteger4.ShiftRight(1).Negate();
num2++;
}
num3++;
sbyte[] array2 = new sbyte[num3];
Array.Copy(array, 0, array2, 0, num3);
return(array2);
}
public static AbstractF2mPoint[] GetPreComp(AbstractF2mPoint p, sbyte a)
{
sbyte[][] array = (a == 0) ? Tnaf.Alpha0Tnaf : Tnaf.Alpha1Tnaf;
AbstractF2mPoint[] array2 = new AbstractF2mPoint[(uint)(array.Length + 1) >> 1];
array2[0] = p;
uint num = (uint)array.Length;
for (uint num2 = 3u; num2 < num; num2 += 2u)
{
array2[(int)((UIntPtr)(num2 >> 1))] = Tnaf.MultiplyFromTnaf(p, array[(int)((UIntPtr)num2)]);
}
p.Curve.NormalizeAll(array2);
return(array2);
}
public static BigInteger GetTw(sbyte mu, int w)
{
if (w != 4)
{
BigInteger[] lucas = Tnaf.GetLucas(mu, w, false);
BigInteger m = BigInteger.Zero.SetBit(w);
BigInteger val = lucas[1].ModInverse(m);
return(BigInteger.Two.Multiply(lucas[0]).Multiply(val).Mod(m));
}
if (mu == 1)
{
return(BigInteger.ValueOf(6L));
}
return(BigInteger.ValueOf(10L));
}
/**
* Does the precomputation for WTNAF multiplication.
* @param p The <code>ECPoint</code> for which to do the precomputation.
* @param a The parameter <code>a</code> of the elliptic curve.
* @return The precomputation array for <code>p</code>.
*/
public static AbstractF2mPoint[] GetPreComp(AbstractF2mPoint p, sbyte a)
{
sbyte[][] alphaTnaf = (a == 0) ? Tnaf.Alpha0Tnaf : Tnaf.Alpha1Tnaf;
AbstractF2mPoint[] pu = new AbstractF2mPoint[(uint)(alphaTnaf.Length + 1) >> 1];
pu[0] = p;
uint precompLen = (uint)alphaTnaf.Length;
for (uint i = 3; i < precompLen; i += 2)
{
pu[i >> 1] = Tnaf.MultiplyFromTnaf(p, alphaTnaf[i]);
}
p.Curve.NormalizeAll(pu);
return(pu);
}
public static BigInteger[] GetSi(int fieldSize, int curveA, BigInteger cofactor)
{
sbyte mu = Tnaf.GetMu(curveA);
int shiftsForCofactor = Tnaf.GetShiftsForCofactor(cofactor);
int k = fieldSize + 3 - curveA;
BigInteger[] lucas = Tnaf.GetLucas(mu, k, false);
if (mu == 1)
{
lucas[0] = lucas[0].Negate();
lucas[1] = lucas[1].Negate();
}
BigInteger bigInteger = BigInteger.One.Add(lucas[1]).ShiftRight(shiftsForCofactor);
BigInteger bigInteger2 = BigInteger.One.Add(lucas[0]).ShiftRight(shiftsForCofactor).Negate();
return(new BigInteger[]
{
bigInteger,
bigInteger2
});
}
public static ZTauElement PartModReduction(BigInteger k, int m, sbyte a, BigInteger[] s, sbyte mu, sbyte c)
{
BigInteger bigInteger;
if (mu == 1)
{
bigInteger = s[0].Add(s[1]);
}
else
{
bigInteger = s[0].Subtract(s[1]);
}
BigInteger[] lucas = Tnaf.GetLucas(mu, m, true);
BigInteger vm = lucas[1];
SimpleBigDecimal lambda = Tnaf.ApproximateDivisionByN(k, s[0], vm, a, m, (int)c);
SimpleBigDecimal lambda2 = Tnaf.ApproximateDivisionByN(k, s[1], vm, a, m, (int)c);
ZTauElement zTauElement = Tnaf.Round(lambda, lambda2, mu);
BigInteger u = k.Subtract(bigInteger.Multiply(zTauElement.u)).Subtract(BigInteger.ValueOf(2L).Multiply(s[1]).Multiply(zTauElement.v));
BigInteger v = s[1].Multiply(zTauElement.u).Subtract(s[0].Multiply(zTauElement.v));
return(new ZTauElement(u, v));
}
public static sbyte[] TauAdicWNaf(sbyte mu, ZTauElement lambda, sbyte width, BigInteger pow2w, BigInteger tw, ZTauElement[] alpha)
{
if (mu != 1 && mu != -1)
{
throw new ArgumentException("mu must be 1 or -1");
}
BigInteger bigInteger = Tnaf.Norm(mu, lambda);
int bitLength = bigInteger.BitLength;
int num = (bitLength > 30) ? (bitLength + 4 + (int)width) : ((int)(34 + width));
sbyte[] array = new sbyte[num];
BigInteger value = pow2w.ShiftRight(1);
BigInteger bigInteger2 = lambda.u;
BigInteger bigInteger3 = lambda.v;
int num2 = 0;
while (!bigInteger2.Equals(BigInteger.Zero) || !bigInteger3.Equals(BigInteger.Zero))
{
if (bigInteger2.TestBit(0))
{
BigInteger bigInteger4 = bigInteger2.Add(bigInteger3.Multiply(tw)).Mod(pow2w);
sbyte b;
if (bigInteger4.CompareTo(value) >= 0)
{
b = (sbyte)bigInteger4.Subtract(pow2w).IntValue;
}
else
{
b = (sbyte)bigInteger4.IntValue;
}
array[num2] = b;
bool flag = true;
if (b < 0)
{
flag = false;
b = -b;
}
if (flag)
{
bigInteger2 = bigInteger2.Subtract(alpha[(int)b].u);
bigInteger3 = bigInteger3.Subtract(alpha[(int)b].v);
}
else
{
bigInteger2 = bigInteger2.Add(alpha[(int)b].u);
bigInteger3 = bigInteger3.Add(alpha[(int)b].v);
}
}
else
{
array[num2] = 0;
}
BigInteger bigInteger5 = bigInteger2;
if (mu == 1)
{
bigInteger2 = bigInteger3.Add(bigInteger2.ShiftRight(1));
}
else
{
bigInteger2 = bigInteger3.Subtract(bigInteger2.ShiftRight(1));
}
bigInteger3 = bigInteger5.ShiftRight(1).Negate();
num2++;
}
return(array);
}