Avoid infinity appearing in lookup table for FixedPointCombMultiplier

author: Peter Dettman <peter.dettman@bouncycastle.org> 2017-09-17 11:53:45 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2017-09-17 11:53:45 +0700
commit: 992f73598ec5b8325286616515536a5f6f40fa51 (patch)
tree: e423d7ae6222a2d48db0b5fc0e67dd1f497436ef /crypto/src/math
parent: Added GmSSL test vectors for SM3 (diff)
download: BouncyCastle.NET-ed25519-992f73598ec5b8325286616515536a5f6f40fa51.tar.xz
3 files changed, 17 insertions, 5 deletions
diff --git a/crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs b/crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs
index a8ef5a77a..05bb4000b 100644
--- a/crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs
+++ b/crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs
@@ -48,7 +48,7 @@ namespace Org.BouncyCastle.Math.EC.Multiplier
                 R = R.TwicePlus(lookupTable[index]);
             }
 
-            return R;
+            return R.Add(info.Offset);
         }
 
         protected virtual int GetWidthForCombSize(int combSize)
diff --git a/crypto/src/math/ec/multiplier/FixedPointPreCompInfo.cs b/crypto/src/math/ec/multiplier/FixedPointPreCompInfo.cs
index 56a6326a1..11bdadc6f 100644
--- a/crypto/src/math/ec/multiplier/FixedPointPreCompInfo.cs
+++ b/crypto/src/math/ec/multiplier/FixedPointPreCompInfo.cs
@@ -6,11 +6,13 @@
     public class FixedPointPreCompInfo
         : PreCompInfo
     {
+        protected ECPoint m_offset = null;
+
         /**
          * Array holding the precomputed <code>ECPoint</code>s used for a fixed
          * point multiplication.
          */
-        protected ECPoint[] m_preComp = null;
+		protected ECPoint[] m_preComp = null;
 
         /**
          * The width used for the precomputation. If a larger width precomputation
@@ -19,6 +21,12 @@
          */
         protected int m_width = -1;
 
+        public virtual ECPoint Offset
+        {
+			get { return m_offset; }
+			set { this.m_offset = value; }
+		}
+
         public virtual ECPoint[] PreComp
         {
             get { return m_preComp; }
diff --git a/crypto/src/math/ec/multiplier/FixedPointUtilities.cs b/crypto/src/math/ec/multiplier/FixedPointUtilities.cs
index d927d010b..8e129a8f3 100644
--- a/crypto/src/math/ec/multiplier/FixedPointUtilities.cs
+++ b/crypto/src/math/ec/multiplier/FixedPointUtilities.cs
@@ -35,17 +35,20 @@ namespace Org.BouncyCastle.Math.EC.Multiplier
                 int bits = GetCombSize(c);
                 int d = (bits + minWidth - 1) / minWidth;
 
-                ECPoint[] pow2Table = new ECPoint[minWidth];
+                ECPoint[] pow2Table = new ECPoint[minWidth + 1];
                 pow2Table[0] = p;
                 for (int i = 1; i < minWidth; ++i)
                 {
                     pow2Table[i] = pow2Table[i - 1].TimesPow2(d);
                 }
-    
+
+                // This will be the 'offset' value 
+                pow2Table[minWidth] = pow2Table[0].Subtract(pow2Table[1]);
+
                 c.NormalizeAll(pow2Table);
     
                 lookupTable = new ECPoint[n];
-                lookupTable[0] = c.Infinity;
+                lookupTable[0] = pow2Table[0];
 
                 for (int bit = minWidth - 1; bit >= 0; --bit)
                 {
@@ -60,6 +63,7 @@ namespace Org.BouncyCastle.Math.EC.Multiplier
 
                 c.NormalizeAll(lookupTable);
 
+                info.Offset = pow2Table[minWidth];
                 info.PreComp = lookupTable;
                 info.Width = minWidth;
author	Peter Dettman <peter.dettman@bouncycastle.org>	2017-09-17 11:53:45 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2017-09-17 11:53:45 +0700
commit	992f73598ec5b8325286616515536a5f6f40fa51 (patch)
tree	e423d7ae6222a2d48db0b5fc0e67dd1f497436ef /crypto/src/math
parent	Added GmSSL test vectors for SM3 (diff)
download	BouncyCastle.NET-ed25519-992f73598ec5b8325286616515536a5f6f40fa51.tar.xz