summary refs log tree commit diff
path: root/crypto/src/math/ec/custom/sec/SecP256R1Field.cs
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2016-02-02 18:09:16 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2016-02-02 18:09:16 +0700
commit745143a518d71a026e142007b6a4bc831e2ae13b (patch)
tree3af4cc8143e8c2c2f85816443a0284e58d4baef6 /crypto/src/math/ec/custom/sec/SecP256R1Field.cs
parentJust check the final ReadByte return value (diff)
downloadBouncyCastle.NET-ed25519-745143a518d71a026e142007b6a4bc831e2ae13b.tar.xz
Additional temp values in reduction
Diffstat (limited to 'crypto/src/math/ec/custom/sec/SecP256R1Field.cs')
-rw-r--r--crypto/src/math/ec/custom/sec/SecP256R1Field.cs7
1 files changed, 4 insertions, 3 deletions
diff --git a/crypto/src/math/ec/custom/sec/SecP256R1Field.cs b/crypto/src/math/ec/custom/sec/SecP256R1Field.cs
index 11594b2ba..5b3de6d36 100644
--- a/crypto/src/math/ec/custom/sec/SecP256R1Field.cs
+++ b/crypto/src/math/ec/custom/sec/SecP256R1Field.cs
@@ -110,9 +110,10 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec
             long t4 = xx12 + xx13;
             long t5 = xx13 + xx14;
             long t6 = xx14 + xx15;
+            long t7 = t5 - t0;
 
             long cc = 0;
-            cc += (long)xx[0] + t0 - t3 - t5;
+            cc += (long)xx[0] - t3 - t7;
             z[0] = (uint)cc;
             cc >>= 32;
             cc += (long)xx[1] + t1 - t4 - t6;
@@ -121,7 +122,7 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec
             cc += (long)xx[2] + t2 - t5;
             z[2] = (uint)cc;
             cc >>= 32;
-            cc += (long)xx[3] + (t3 << 1) + xx13 - xx15 - t0;
+            cc += (long)xx[3] + (t3 << 1) + t7 - t6;
             z[3] = (uint)cc;
             cc >>= 32;
             cc += (long)xx[4] + (t4 << 1) + xx14 - t1;
@@ -130,7 +131,7 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec
             cc += (long)xx[5] + (t5 << 1) - t2;
             z[5] = (uint)cc;
             cc >>= 32;
-            cc += (long)xx[6] + (t6 << 1) + t5 - t0;
+            cc += (long)xx[6] + (t6 << 1) + t7;
             z[6] = (uint)cc;
             cc >>= 32;
             cc += (long)xx[7] + (xx15 << 1) + xx08 - t2 - t4;