summary refs log tree commit diff
path: root/crypto/src/math/ec/rfc8032
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2018-10-09 15:12:47 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2018-10-09 15:12:47 +0700
commite8d418e901ed82a5b9b58c6fb4a85787b995c363 (patch)
treed840f6319134544d0617f10896109d5be2a679f9 /crypto/src/math/ec/rfc8032
parentMerge branch 'fedelippo-comment' (diff)
downloadBouncyCastle.NET-ed25519-e8d418e901ed82a5b9b58c6fb4a85787b995c363.tar.xz
Replace MethodImpl with lock
Diffstat (limited to 'crypto/src/math/ec/rfc8032')
-rw-r--r--crypto/src/math/ec/rfc8032/Ed25519.cs132
-rw-r--r--crypto/src/math/ec/rfc8032/Ed448.cs118
2 files changed, 127 insertions, 123 deletions
diff --git a/crypto/src/math/ec/rfc8032/Ed25519.cs b/crypto/src/math/ec/rfc8032/Ed25519.cs
index f9ba1ff97..403f11f50 100644
--- a/crypto/src/math/ec/rfc8032/Ed25519.cs
+++ b/crypto/src/math/ec/rfc8032/Ed25519.cs
@@ -1,6 +1,5 @@
 using System;
 using System.Diagnostics;
-using System.Runtime.CompilerServices;
 
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Crypto.Digests;
@@ -61,6 +60,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032
         private const int PrecompPoints = 1 << (PrecompTeeth - 1);
         private const int PrecompMask = PrecompPoints - 1;
 
+        private static readonly object precompLock = new object();
         // TODO[ed25519] Convert to PointPrecomp
         private static PointExt[] precompBaseTable = null;
         private static int[] precompBase = null;
@@ -631,98 +631,100 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032
             X25519Field.Zero(p.t);
         }
 
-        [MethodImpl(MethodImplOptions.Synchronized)]
         public static void Precompute()
         {
-            if (precompBase != null)
-                return;
-
-            // Precomputed table for the base point in verification ladder
+            lock (precompLock)
             {
-                PointExt b = new PointExt();
-                X25519Field.Copy(B_x, 0, b.x, 0);
-                X25519Field.Copy(B_y, 0, b.y, 0);
-                PointExtendXY(b);
-
-                precompBaseTable = PointPrecompVar(b, 1 << (WnafWidthBase - 2));
-            }
+                if (precompBase != null)
+                    return;
 
-            PointAccum p = new PointAccum();
-            X25519Field.Copy(B_x, 0, p.x, 0);
-            X25519Field.Copy(B_y, 0, p.y, 0);
-            PointExtendXY(p);
+                // Precomputed table for the base point in verification ladder
+                {
+                    PointExt b = new PointExt();
+                    X25519Field.Copy(B_x, 0, b.x, 0);
+                    X25519Field.Copy(B_y, 0, b.y, 0);
+                    PointExtendXY(b);
 
-            precompBase = new int[PrecompBlocks * PrecompPoints * 3 * X25519Field.Size];
+                    precompBaseTable = PointPrecompVar(b, 1 << (WnafWidthBase - 2));
+                }
 
-            int off = 0;
-            for (int b = 0; b < PrecompBlocks; ++b)
-            {
-                PointExt[] ds = new PointExt[PrecompTeeth];
+                PointAccum p = new PointAccum();
+                X25519Field.Copy(B_x, 0, p.x, 0);
+                X25519Field.Copy(B_y, 0, p.y, 0);
+                PointExtendXY(p);
 
-                PointExt sum = new PointExt();
-                PointSetNeutral(sum);
+                precompBase = new int[PrecompBlocks * PrecompPoints * 3 * X25519Field.Size];
 
-                for (int t = 0; t < PrecompTeeth; ++t)
+                int off = 0;
+                for (int b = 0; b < PrecompBlocks; ++b)
                 {
-                    PointExt q = PointCopy(p);
-                    PointAddVar(true, sum, q, sum);
-                    PointDouble(p);
+                    PointExt[] ds = new PointExt[PrecompTeeth];
 
-                    ds[t] = PointCopy(p);
+                    PointExt sum = new PointExt();
+                    PointSetNeutral(sum);
 
-                    if (b + t != PrecompBlocks + PrecompTeeth - 2)
+                    for (int t = 0; t < PrecompTeeth; ++t)
                     {
-                        for (int s = 1; s < PrecompSpacing; ++s)
+                        PointExt q = PointCopy(p);
+                        PointAddVar(true, sum, q, sum);
+                        PointDouble(p);
+
+                        ds[t] = PointCopy(p);
+
+                        if (b + t != PrecompBlocks + PrecompTeeth - 2)
                         {
-                            PointDouble(p);
+                            for (int s = 1; s < PrecompSpacing; ++s)
+                            {
+                                PointDouble(p);
+                            }
                         }
                     }
-                }
 
-                PointExt[] points = new PointExt[PrecompPoints];
-                int k = 0;
-                points[k++] = sum;
+                    PointExt[] points = new PointExt[PrecompPoints];
+                    int k = 0;
+                    points[k++] = sum;
 
-                for (int t = 0; t < (PrecompTeeth - 1); ++t)
-                {
-                    int size = 1 << t;
-                    for (int j = 0; j < size; ++j, ++k)
+                    for (int t = 0; t < (PrecompTeeth - 1); ++t)
                     {
-                        PointAddVar(false, points[k - size], ds[t], points[k] = new PointExt());
+                        int size = 1 << t;
+                        for (int j = 0; j < size; ++j, ++k)
+                        {
+                            PointAddVar(false, points[k - size], ds[t], points[k] = new PointExt());
+                        }
                     }
-                }
 
-                Debug.Assert(k == PrecompPoints);
+                    Debug.Assert(k == PrecompPoints);
 
-                for (int i = 0; i < PrecompPoints; ++i)
-                {
-                    PointExt q = points[i];
+                    for (int i = 0; i < PrecompPoints; ++i)
+                    {
+                        PointExt q = points[i];
 
-                    int[] x = X25519Field.Create();
-                    int[] y = X25519Field.Create();
+                        int[] x = X25519Field.Create();
+                        int[] y = X25519Field.Create();
 
-                    X25519Field.Add(q.z, q.z, x);
-                    // TODO[ed25519] Batch inversion
-                    X25519Field.Inv(x, y);
-                    X25519Field.Mul(q.x, y, x);
-                    X25519Field.Mul(q.y, y, y);
+                        X25519Field.Add(q.z, q.z, x);
+                        // TODO[ed25519] Batch inversion
+                        X25519Field.Inv(x, y);
+                        X25519Field.Mul(q.x, y, x);
+                        X25519Field.Mul(q.y, y, y);
 
-                    PointPrecomp r = new PointPrecomp();
-                    X25519Field.Apm(y, x, r.ypx_h, r.ymx_h);
-                    X25519Field.Mul(x, y, r.xyd);
-                    X25519Field.Mul(r.xyd, C_d4, r.xyd);
+                        PointPrecomp r = new PointPrecomp();
+                        X25519Field.Apm(y, x, r.ypx_h, r.ymx_h);
+                        X25519Field.Mul(x, y, r.xyd);
+                        X25519Field.Mul(r.xyd, C_d4, r.xyd);
 
-                    X25519Field.Normalize(r.ypx_h);
-                    X25519Field.Normalize(r.ymx_h);
-                    //X25519Field.Normalize(r.xyd);
+                        X25519Field.Normalize(r.ypx_h);
+                        X25519Field.Normalize(r.ymx_h);
+                        //X25519Field.Normalize(r.xyd);
 
-                    X25519Field.Copy(r.ypx_h, 0, precompBase, off); off += X25519Field.Size;
-                    X25519Field.Copy(r.ymx_h, 0, precompBase, off); off += X25519Field.Size;
-                    X25519Field.Copy(r.xyd, 0, precompBase, off);   off += X25519Field.Size;
+                        X25519Field.Copy(r.ypx_h, 0, precompBase, off); off += X25519Field.Size;
+                        X25519Field.Copy(r.ymx_h, 0, precompBase, off); off += X25519Field.Size;
+                        X25519Field.Copy(r.xyd, 0, precompBase, off); off += X25519Field.Size;
+                    }
                 }
-            }
 
-            Debug.Assert(off == precompBase.Length);
+                Debug.Assert(off == precompBase.Length);
+            }
         }
 
         private static void PruneScalar(byte[] n, int nOff, byte[] r)
diff --git a/crypto/src/math/ec/rfc8032/Ed448.cs b/crypto/src/math/ec/rfc8032/Ed448.cs
index a1f0e93b0..10ebe8f15 100644
--- a/crypto/src/math/ec/rfc8032/Ed448.cs
+++ b/crypto/src/math/ec/rfc8032/Ed448.cs
@@ -1,6 +1,5 @@
 using System;
 using System.Diagnostics;
-using System.Runtime.CompilerServices;
 
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Crypto.Digests;
@@ -70,6 +69,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032
         private const int PrecompPoints = 1 << (PrecompTeeth - 1);
         private const int PrecompMask = PrecompPoints - 1;
 
+        private static readonly object precompLock = new object();
         // TODO[ed448] Convert to PointPrecomp
         private static PointExt[] precompBaseTable = null;
         private static uint[] precompBase = null;
@@ -463,12 +463,12 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032
             X448Field.Mul(p.y, r.y, D);
             X448Field.Mul(C, D, E);
             X448Field.Mul(E, -C_d, E);
-    //        X448Field.Apm(B, E, F, G);
+            //X448Field.Apm(B, E, F, G);
             X448Field.Add(B, E, f);
             X448Field.Sub(B, E, g);
             X448Field.Add(r.x, r.y, E);
             X448Field.Mul(H, E, H);
-    //        X448Field.Apm(D, C, B, E);
+            //X448Field.Apm(D, C, B, E);
             X448Field.Add(D, C, b);
             X448Field.Sub(D, C, e);
             X448Field.Carry(b);
@@ -495,13 +495,13 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032
             X448Field.Mul(p.y, r.y, D);
             X448Field.Mul(C, D, E);
             X448Field.Mul(E, -C_d, E);
-    //        X448Field.Apm(B, E, F, G);
+            //X448Field.Apm(B, E, F, G);
             X448Field.Add(B, E, F);
             X448Field.Sub(B, E, G);
             X448Field.Add(p.x, p.y, B);
             X448Field.Add(r.x, r.y, E);
             X448Field.Mul(B, E, H);
-    //        X448Field.Apm(D, C, B, E);
+            //X448Field.Apm(D, C, B, E);
             X448Field.Add(D, C, B);
             X448Field.Sub(D, C, E);
             X448Field.Carry(B);
@@ -592,78 +592,80 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032
             X448Field.One(p.z);
         }
 
-        [MethodImpl(MethodImplOptions.Synchronized)]
         public static void Precompute()
         {
-            if (precompBase != null)
-                return;
-
-            PointExt p = new PointExt();
-            X448Field.Copy(B_x, 0, p.x, 0);
-            X448Field.Copy(B_y, 0, p.y, 0);
-            PointExtendXY(p);
-
-            precompBaseTable = PointPrecompVar(p, 1 << (WnafWidthBase - 2));
+            lock (precompLock)
+            {
+                if (precompBase != null)
+                    return;
 
-            precompBase = new uint[PrecompBlocks * PrecompPoints * 2 * X448Field.Size];
+                PointExt p = new PointExt();
+                X448Field.Copy(B_x, 0, p.x, 0);
+                X448Field.Copy(B_y, 0, p.y, 0);
+                PointExtendXY(p);
 
-            int off = 0;
-            for (int b = 0; b < PrecompBlocks; ++b)
-            {
-                PointExt[] ds = new PointExt[PrecompTeeth];
+                precompBaseTable = PointPrecompVar(p, 1 << (WnafWidthBase - 2));
 
-                PointExt sum = new PointExt();
-                PointSetNeutral(sum);
+                precompBase = new uint[PrecompBlocks * PrecompPoints * 2 * X448Field.Size];
 
-                for (int t = 0; t < PrecompTeeth; ++t)
+                int off = 0;
+                for (int b = 0; b < PrecompBlocks; ++b)
                 {
-                    PointAddVar(true, p, sum);
-                    PointDouble(p);
+                    PointExt[] ds = new PointExt[PrecompTeeth];
 
-                    ds[t] = PointCopy(p);
+                    PointExt sum = new PointExt();
+                    PointSetNeutral(sum);
 
-                    if (b + t != PrecompBlocks + PrecompTeeth - 2)
+                    for (int t = 0; t < PrecompTeeth; ++t)
                     {
-                        for (int s = 1; s < PrecompSpacing; ++s)
+                        PointAddVar(true, p, sum);
+                        PointDouble(p);
+
+                        ds[t] = PointCopy(p);
+
+                        if (b + t != PrecompBlocks + PrecompTeeth - 2)
                         {
-                            PointDouble(p);
+                            for (int s = 1; s < PrecompSpacing; ++s)
+                            {
+                                PointDouble(p);
+                            }
                         }
                     }
-                }
 
-                PointExt[] points = new PointExt[PrecompPoints];
-                int k = 0;
-                points[k++] = sum;
+                    PointExt[] points = new PointExt[PrecompPoints];
+                    int k = 0;
+                    points[k++] = sum;
 
-                for (int t = 0; t < (PrecompTeeth - 1); ++t)
-                {
-                    int size = 1 << t;
-                    for (int j = 0; j < size; ++j, ++k)
+                    for (int t = 0; t < (PrecompTeeth - 1); ++t)
                     {
-                        points[k] = PointCopy(points[k - size]);
-                        PointAddVar(false, ds[t], points[k]);
+                        int size = 1 << t;
+                        for (int j = 0; j < size; ++j, ++k)
+                        {
+                            points[k] = PointCopy(points[k - size]);
+                            PointAddVar(false, ds[t], points[k]);
+                        }
                     }
-                }
 
-                Debug.Assert(k == PrecompPoints);
+                    Debug.Assert(k == PrecompPoints);
 
-                for (int i = 0; i < PrecompPoints; ++i)
-                {
-                    PointExt q = points[i];
-                    // TODO[ed448] Batch inversion
-                    X448Field.Inv(q.z, q.z);
-                    X448Field.Mul(q.x, q.z, q.x);
-                    X448Field.Mul(q.y, q.z, q.y);
+                    for (int i = 0; i < PrecompPoints; ++i)
+                    {
+                        PointExt q = points[i];
+                        // TODO[ed448] Batch inversion
+                        X448Field.Inv(q.z, q.z);
+                        X448Field.Mul(q.x, q.z, q.x);
+                        X448Field.Mul(q.y, q.z, q.y);
 
-    //                X448Field.Normalize(q.x);
-    //                X448Field.Normalize(q.y);
+                        //X448Field.Normalize(q.x);
+                        //X448Field.Normalize(q.y);
 
-                    X448Field.Copy(q.x, 0, precompBase, off);   off += X448Field.Size;
-                    X448Field.Copy(q.y, 0, precompBase, off);   off += X448Field.Size;
+                        X448Field.Copy(q.x, 0, precompBase, off); off += X448Field.Size;
+                        X448Field.Copy(q.y, 0, precompBase, off); off += X448Field.Size;
+                    }
                 }
-            }
 
-            Debug.Assert(off == precompBase.Length);
+                Debug.Assert(off == precompBase.Length);
+            }
         }
 
         private static void PruneScalar(byte[] n, int nOff, byte[] r)
@@ -731,7 +733,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032
             x21 += x31 * L4_6;                          // x21:55/53
             x22 += x31 * L4_7;                          // x22:57/53
 
-    //        x30 += (x29 >> 28); x29 &= M28UL;
+            //x30 += (x29 >> 28); x29 &= M28UL;
             x14 += x30 * L4_0;                          // x14:54/--
             x15 += x30 * L4_1;                          // x15:54/53
             x16 += x30 * L4_2;                          // x16:56/--
@@ -751,7 +753,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032
             x19 += x29 * L4_6;                          // x19:57/52
             x20 += x29 * L4_7;                          // x20:58/52
 
-    //        x28 += (x27 >> 28); x27 &= M28UL;
+            //x28 += (x27 >> 28); x27 &= M28UL;
             x12 += x28 * L4_0;                          // x12:54/--
             x13 += x28 * L4_1;                          // x13:54/53
             x14 += x28 * L4_2;                          // x14:56/--
@@ -771,7 +773,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032
             x17 += x27 * L4_6;                          // x17:58/56
             x18 += x27 * L4_7;                          // x18:59/--
 
-    //        x26 += (x25 >> 28); x25 &= M28UL;
+            //x26 += (x25 >> 28); x25 &= M28UL;
             x10 += x26 * L4_0;                          // x10:54/--
             x11 += x26 * L4_1;                          // x11:54/53
             x12 += x26 * L4_2;                          // x12:56/--
@@ -948,7 +950,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032
             Encode56(x10 | (x11 << 28), r, 35);
             Encode56(x12 | (x13 << 28), r, 42);
             Encode56(x14 | (x15 << 28), r, 49);
-    //        r[ScalarBytes - 1] = 0;
+            //r[ScalarBytes - 1] = 0;
             return r;
         }