diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2015-10-14 14:07:03 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2015-10-14 14:07:03 +0700 |
| commit | 1391032b1062eb16f527223d8b9c56216ed5da86 (patch) | |
| tree | 4e39a9022a620ed4415da316053a601c09d9f222 /crypto/src/math | |
| parent | Add ECCDH as valid alias (diff) | |
| download | BouncyCastle.NET-ed25519-1391032b1062eb16f527223d8b9c56216ed5da86.tar.xz | |
Consolidate all F2m decompression methods into AbstractF2m
Diffstat (limited to 'crypto/src/math')
19 files changed, 96 insertions, 1735 deletions
diff --git a/crypto/src/math/ec/ECCurve.cs b/crypto/src/math/ec/ECCurve.cs index 9fe9e32fd..40b46ce72 100644 --- a/crypto/src/math/ec/ECCurve.cs +++ b/crypto/src/math/ec/ECCurve.cs @@ -677,28 +677,110 @@ namespace Org.BouncyCastle.Math.EC switch (this.CoordinateSystem) { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - if (X.IsZero) + case COORD_LAMBDA_AFFINE: + case COORD_LAMBDA_PROJECTIVE: { - if (!Y.Square().Equals(B)) - throw new ArgumentException(); + if (X.IsZero) + { + if (!Y.Square().Equals(B)) + throw new ArgumentException(); + } + else + { + // Y becomes Lambda (X + Y/X) here + Y = Y.Divide(X).Add(X); + } + break; } - else + default: { - // Y becomes Lambda (X + Y/X) here - Y = Y.Divide(X).Add(X); + break; } - break; } - default: + + return CreateRawPoint(X, Y, withCompression); + } + + protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) + { + ECFieldElement xp = FromBigInteger(X1), yp = null; + if (xp.IsZero) { - break; + yp = B.Sqrt(); } + else + { + ECFieldElement beta = xp.Square().Invert().Multiply(B).Add(A).Add(xp); + ECFieldElement z = SolveQuadradicEquation(beta); + + if (z != null) + { + if (z.TestBitZero() != (yTilde == 1)) + { + z = z.AddOne(); + } + + switch (this.CoordinateSystem) + { + case COORD_LAMBDA_AFFINE: + case COORD_LAMBDA_PROJECTIVE: + { + yp = z.Add(xp); + break; + } + default: + { + yp = z.Multiply(xp); + break; + } + } + } } - return CreateRawPoint(X, Y, withCompression); + if (yp == null) + throw new ArgumentException("Invalid point compression"); + + return CreateRawPoint(xp, yp, true); + } + + /** + * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 + * D.1.6) The other solution is <code>z + 1</code>. + * + * @param beta + * The value to solve the qradratic equation for. + * @return the solution for <code>z<sup>2</sup> + z = beta</code> or + * <code>null</code> if no solution exists. + */ + private ECFieldElement SolveQuadradicEquation(ECFieldElement beta) + { + if (beta.IsZero) + return beta; + + ECFieldElement gamma, z, zeroElement = FromBigInteger(BigInteger.Zero); + + int m = FieldSize; + Random rand = new Random(); + do + { + ECFieldElement t = FromBigInteger(new BigInteger(m, rand)); + z = zeroElement; + ECFieldElement w = beta; + for (int i = 1; i < m; i++) + { + ECFieldElement w2 = w.Square(); + z = z.Square().Add(w2.Multiply(t)); + w = w2.Add(beta); + } + if (!w.IsZero) + { + return null; + } + gamma = z.Square().Add(z); + } + while (gamma.IsZero); + + return z; } /** @@ -994,92 +1076,6 @@ namespace Org.BouncyCastle.Math.EC get { return m_infinity; } } - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement xp = FromBigInteger(X1), yp = null; - if (xp.IsZero) - { - yp = m_b.Sqrt(); - } - else - { - ECFieldElement beta = xp.Square().Invert().Multiply(B).Add(A).Add(xp); - ECFieldElement z = SolveQuadradicEquation(beta); - - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - yp = z.Add(xp); - break; - } - default: - { - yp = z.Multiply(xp); - break; - } - } - } - } - - if (yp == null) - throw new ArgumentException("Invalid point compression"); - - return CreateRawPoint(xp, yp, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the qradratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadradicEquation(ECFieldElement beta) - { - if (beta.IsZero) - { - return beta; - } - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(m, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < m; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - { - return null; - } - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public int M { get { return m; } diff --git a/crypto/src/math/ec/custom/sec/SecT113R1Curve.cs b/crypto/src/math/ec/custom/sec/SecT113R1Curve.cs index 04e69e2a8..2705c94aa 100644 --- a/crypto/src/math/ec/custom/sec/SecT113R1Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT113R1Curve.cs @@ -65,101 +65,11 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec return new SecT113R1Point(this, x, y, zs, withCompression); } - public override bool IsKoblitz + public override bool IsKoblitz { get { return false; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - return beta; - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(113, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 113; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 113; } diff --git a/crypto/src/math/ec/custom/sec/SecT113R2Curve.cs b/crypto/src/math/ec/custom/sec/SecT113R2Curve.cs index a02db6b25..abfd26d5b 100644 --- a/crypto/src/math/ec/custom/sec/SecT113R2Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT113R2Curve.cs @@ -70,98 +70,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return false; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - { - return beta; - } - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(113, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 113; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 113; } diff --git a/crypto/src/math/ec/custom/sec/SecT131R1Curve.cs b/crypto/src/math/ec/custom/sec/SecT131R1Curve.cs index 789e3c0c3..b73964c39 100644 --- a/crypto/src/math/ec/custom/sec/SecT131R1Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT131R1Curve.cs @@ -70,96 +70,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return false; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - return beta; - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(131, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 131; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 131; } diff --git a/crypto/src/math/ec/custom/sec/SecT131R2Curve.cs b/crypto/src/math/ec/custom/sec/SecT131R2Curve.cs index 2004f84ca..724921c94 100644 --- a/crypto/src/math/ec/custom/sec/SecT131R2Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT131R2Curve.cs @@ -70,98 +70,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return false; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - { - return beta; - } - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(131, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 131; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 131; } diff --git a/crypto/src/math/ec/custom/sec/SecT163K1Curve.cs b/crypto/src/math/ec/custom/sec/SecT163K1Curve.cs index 1cfd09e1c..68ff646ca 100644 --- a/crypto/src/math/ec/custom/sec/SecT163K1Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT163K1Curve.cs @@ -76,96 +76,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return true; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - return beta; - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(163, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 163; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 163; } diff --git a/crypto/src/math/ec/custom/sec/SecT163R1Curve.cs b/crypto/src/math/ec/custom/sec/SecT163R1Curve.cs index fc18e1094..8ae58ccef 100644 --- a/crypto/src/math/ec/custom/sec/SecT163R1Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT163R1Curve.cs @@ -70,98 +70,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return false; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - { - return beta; - } - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(163, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 163; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 163; } diff --git a/crypto/src/math/ec/custom/sec/SecT163R2Curve.cs b/crypto/src/math/ec/custom/sec/SecT163R2Curve.cs index 9efe11c3e..5a4fa5ad1 100644 --- a/crypto/src/math/ec/custom/sec/SecT163R2Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT163R2Curve.cs @@ -70,96 +70,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return false; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - return beta; - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(163, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 163; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 163; } diff --git a/crypto/src/math/ec/custom/sec/SecT193R1Curve.cs b/crypto/src/math/ec/custom/sec/SecT193R1Curve.cs index 802954b01..a2cb5a8ac 100644 --- a/crypto/src/math/ec/custom/sec/SecT193R1Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT193R1Curve.cs @@ -70,98 +70,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return false; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - { - return beta; - } - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(193, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 193; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 193; } diff --git a/crypto/src/math/ec/custom/sec/SecT193R2Curve.cs b/crypto/src/math/ec/custom/sec/SecT193R2Curve.cs index b5345730c..1c84a3eac 100644 --- a/crypto/src/math/ec/custom/sec/SecT193R2Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT193R2Curve.cs @@ -70,98 +70,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return false; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - { - return beta; - } - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(193, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 193; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 193; } diff --git a/crypto/src/math/ec/custom/sec/SecT233K1Curve.cs b/crypto/src/math/ec/custom/sec/SecT233K1Curve.cs index 8768eaa81..72935913d 100644 --- a/crypto/src/math/ec/custom/sec/SecT233K1Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT233K1Curve.cs @@ -76,98 +76,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return true; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - { - return beta; - } - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(233, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 233; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 233; } diff --git a/crypto/src/math/ec/custom/sec/SecT233R1Curve.cs b/crypto/src/math/ec/custom/sec/SecT233R1Curve.cs index 92795b8a7..db6e6e1d4 100644 --- a/crypto/src/math/ec/custom/sec/SecT233R1Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT233R1Curve.cs @@ -70,96 +70,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return false; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - return beta; - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(233, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 233; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 233; } diff --git a/crypto/src/math/ec/custom/sec/SecT239K1Curve.cs b/crypto/src/math/ec/custom/sec/SecT239K1Curve.cs index 2c73d941f..a499d48b4 100644 --- a/crypto/src/math/ec/custom/sec/SecT239K1Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT239K1Curve.cs @@ -76,96 +76,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return true; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - return beta; - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(239, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 239; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 239; } diff --git a/crypto/src/math/ec/custom/sec/SecT283K1Curve.cs b/crypto/src/math/ec/custom/sec/SecT283K1Curve.cs index 42414401f..4053287ec 100644 --- a/crypto/src/math/ec/custom/sec/SecT283K1Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT283K1Curve.cs @@ -76,96 +76,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return true; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - return beta; - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(283, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 283; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 283; } diff --git a/crypto/src/math/ec/custom/sec/SecT283R1Curve.cs b/crypto/src/math/ec/custom/sec/SecT283R1Curve.cs index d8c462eeb..e659675ce 100644 --- a/crypto/src/math/ec/custom/sec/SecT283R1Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT283R1Curve.cs @@ -70,96 +70,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return false; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - return beta; - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(283, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 283; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 283; } diff --git a/crypto/src/math/ec/custom/sec/SecT409K1Curve.cs b/crypto/src/math/ec/custom/sec/SecT409K1Curve.cs index edfe1a293..4f573553e 100644 --- a/crypto/src/math/ec/custom/sec/SecT409K1Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT409K1Curve.cs @@ -76,96 +76,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return true; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - return beta; - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(409, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 409; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 409; } diff --git a/crypto/src/math/ec/custom/sec/SecT409R1Curve.cs b/crypto/src/math/ec/custom/sec/SecT409R1Curve.cs index e679094ad..9212fb5d2 100644 --- a/crypto/src/math/ec/custom/sec/SecT409R1Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT409R1Curve.cs @@ -70,96 +70,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return false; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - return beta; - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(409, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 409; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 409; } diff --git a/crypto/src/math/ec/custom/sec/SecT571K1Curve.cs b/crypto/src/math/ec/custom/sec/SecT571K1Curve.cs index fb136c967..f5806f09c 100644 --- a/crypto/src/math/ec/custom/sec/SecT571K1Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT571K1Curve.cs @@ -76,98 +76,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return true; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - y = B.Sqrt(); - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - { - return beta; - } - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(571, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 571; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 571; } diff --git a/crypto/src/math/ec/custom/sec/SecT571R1Curve.cs b/crypto/src/math/ec/custom/sec/SecT571R1Curve.cs index 05d58863e..082afa5bd 100644 --- a/crypto/src/math/ec/custom/sec/SecT571R1Curve.cs +++ b/crypto/src/math/ec/custom/sec/SecT571R1Curve.cs @@ -74,97 +74,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec get { return false; } } - /** - * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2). - * - * @param yTilde - * ~yp, an indication bit for the decompression of yp. - * @param X1 - * The field element xp. - * @return the decompressed point. - */ - protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) - { - ECFieldElement x = FromBigInteger(X1), y = null; - if (x.IsZero) - { - // y = B.Sqrt(); - y = SecT571R1_B_SQRT; - } - else - { - ECFieldElement beta = x.Square().Invert().Multiply(B).Add(A).Add(x); - ECFieldElement z = SolveQuadraticEquation(beta); - if (z != null) - { - if (z.TestBitZero() != (yTilde == 1)) - { - z = z.AddOne(); - } - - switch (this.CoordinateSystem) - { - case COORD_LAMBDA_AFFINE: - case COORD_LAMBDA_PROJECTIVE: - { - y = z.Add(x); - break; - } - default: - { - y = z.Multiply(x); - break; - } - } - } - } - - if (y == null) - throw new ArgumentException("Invalid point compression"); - - return this.CreateRawPoint(x, y, true); - } - - /** - * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 - * D.1.6) The other solution is <code>z + 1</code>. - * - * @param beta - * The value to solve the quadratic equation for. - * @return the solution for <code>z<sup>2</sup> + z = beta</code> or - * <code>null</code> if no solution exists. - */ - private ECFieldElement SolveQuadraticEquation(ECFieldElement beta) - { - if (beta.IsZero) - return beta; - - ECFieldElement zeroElement = FromBigInteger(BigInteger.Zero); - - ECFieldElement z = null; - ECFieldElement gamma = null; - - Random rand = new Random(); - do - { - ECFieldElement t = FromBigInteger(new BigInteger(571, rand)); - z = zeroElement; - ECFieldElement w = beta; - for (int i = 1; i < 571; i++) - { - ECFieldElement w2 = w.Square(); - z = z.Square().Add(w2.Multiply(t)); - w = w2.Add(beta); - } - if (!w.IsZero) - return null; - gamma = z.Square().Add(z); - } - while (gamma.IsZero); - - return z; - } - public virtual int M { get { return 571; } |