diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2018-09-14 18:04:22 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2018-09-14 18:04:22 +0700 |
| commit | d78d99738fc727f2efea7b99f6bc3cc9a083dca1 (patch) | |
| tree | 22e201dc65a14ad325ab7dddf6a4bb5ab7b47a03 /crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs | |
| parent | RFC 5958: Update PrivateKeyInfo (diff) | |
| download | BouncyCastle.NET-ed25519-d78d99738fc727f2efea7b99f6bc3cc9a083dca1.tar.xz | |
Reduce single-bit extractions from scalars
Diffstat (limited to 'crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs')
| -rw-r--r-- | crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs b/crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs index 505832442..37e5b5c29 100644 --- a/crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs +++ b/crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs @@ -37,15 +37,17 @@ namespace Org.BouncyCastle.Math.EC.Multiplier int top = fullComb - 1; for (int i = 0; i < d; ++i) { - int secretIndex = 0; + uint secretIndex = 0; for (int j = top - i; j >= 0; j -= d) { + uint secretBit = K[j >> 5] >> (j & 0x1F); + secretIndex ^= secretBit >> 1; secretIndex <<= 1; - secretIndex |= (int)Nat.GetBit(K, j); + secretIndex ^= secretBit; } - ECPoint add = lookupTable.Lookup(secretIndex); + ECPoint add = lookupTable.Lookup((int)secretIndex); R = R.TwicePlus(add); } |