summary refs log tree commit diff
path: root/crypto/src/math/ec
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2014-01-28 15:30:24 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2014-01-28 15:30:24 +0700
commit09e818fcc7677148e507409559bcae743d170d57 (patch)
treef826cdb94aedb6422b4d5c54f7ac86c69516e0c8 /crypto/src/math/ec
parentImplement multi-squaring in-place and use for F2m sqrt() (diff)
downloadBouncyCastle.NET-ed25519-09e818fcc7677148e507409559bcae743d170d57.tar.xz
Avoid division when decompressing a lambda-projective point
Diffstat (limited to 'crypto/src/math/ec')
-rw-r--r--crypto/src/math/ec/ECCurve.cs14
1 files changed, 5 insertions, 9 deletions
diff --git a/crypto/src/math/ec/ECCurve.cs b/crypto/src/math/ec/ECCurve.cs
index ee3bcc69b..0c150848a 100644
--- a/crypto/src/math/ec/ECCurve.cs
+++ b/crypto/src/math/ec/ECCurve.cs
@@ -871,19 +871,16 @@ namespace Org.BouncyCastle.Math.EC
             return si;
         }
 
-        protected override ECPoint DecompressPoint(
-            int			yTilde,
-            BigInteger	X1)
+        protected override ECPoint DecompressPoint(int yTilde, BigInteger X1)
         {
-            ECFieldElement xp = FromBigInteger(X1);
-            ECFieldElement yp;
+            ECFieldElement xp = FromBigInteger(X1), yp;
             if (xp.IsZero)
             {
                 yp = m_b.Sqrt();
             }
             else
             {
-                ECFieldElement beta = xp.Add(m_a).Add(m_b.Multiply(xp.Square().Invert()));
+                ECFieldElement beta = xp.Square().Invert().Multiply(B).Add(A).Add(xp);
                 ECFieldElement z = SolveQuadradicEquation(beta);
 
                 if (z == null)
@@ -894,18 +891,17 @@ namespace Org.BouncyCastle.Math.EC
                     z = z.AddOne();
                 }
 
-                yp = xp.Multiply(z);
-
                 switch (this.CoordinateSystem)
                 {
                     case COORD_LAMBDA_AFFINE:
                     case COORD_LAMBDA_PROJECTIVE:
                     {
-                        yp = yp.Divide(xp).Add(xp);
+                        yp = z.Add(xp);
                         break;
                     }
                     default:
                     {
+                        yp = z.Multiply(xp);
                         break;
                     }
                 }