summary refs log tree commit diff
path: root/crypto/src
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2022-07-17 18:49:23 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2022-07-17 18:49:23 +0700
commit16318bb3925447b18b4bf8a392995517d2e68180 (patch)
tree8944dd49c2f6f58d0d7f9b2e2feefbeed186e05d /crypto/src
parentSIKE performance (diff)
downloadBouncyCastle.NET-ed25519-16318bb3925447b18b4bf8a392995517d2e68180.tar.xz
Refactor away redundant method
Diffstat (limited to 'crypto/src')
-rw-r--r--crypto/src/crypto/modes/gcm/BasicGcmMultiplier.cs5


-rw-r--r--crypto/src/crypto/modes/gcm/GcmUtilities.cs38


2 files changed, 4 insertions, 39 deletions
diff --git a/crypto/src/crypto/modes/gcm/BasicGcmMultiplier.cs b/crypto/src/crypto/modes/gcm/BasicGcmMultiplier.cs
index bf19e173d..c93318524 100644
--- a/crypto/src/crypto/modes/gcm/BasicGcmMultiplier.cs
+++ b/crypto/src/crypto/modes/gcm/BasicGcmMultiplier.cs
@@ -14,7 +14,10 @@ namespace Org.BouncyCastle.Crypto.Modes.Gcm
 
         public void MultiplyH(byte[] x)
         {
-            GcmUtilities.Multiply(x, ref H);
+            GcmUtilities.FieldElement T;
+            GcmUtilities.AsFieldElement(x, out T);
+            GcmUtilities.Multiply(ref T, ref H);
+            GcmUtilities.AsBytes(ref T, x);
         }
     }
 }
diff --git a/crypto/src/crypto/modes/gcm/GcmUtilities.cs b/crypto/src/crypto/modes/gcm/GcmUtilities.cs
index 5bbf78d0a..3deed2fc1 100644
--- a/crypto/src/crypto/modes/gcm/GcmUtilities.cs
+++ b/crypto/src/crypto/modes/gcm/GcmUtilities.cs
@@ -161,44 +161,6 @@ namespace Org.BouncyCastle.Crypto.Modes.Gcm
             AsBytes(t1, x);
         }
 
-        internal static void Multiply(byte[] x, ref FieldElement y)
-        {
-            /*
-             * "Three-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein.
-             *
-             * Without access to the high part of a 64x64 product x * y, we use a bit reversal to calculate it:
-             *     rev(x) * rev(y) == rev((x * y) << 1) 
-             */
-
-            ulong x0 = Pack.BE_To_UInt64(x, 0);
-            ulong x1 = Pack.BE_To_UInt64(x, 8);
-            ulong y0 = y.n0, y1 = y.n1;
-            ulong x0r = Longs.Reverse(x0), x1r = Longs.Reverse(x1);
-            ulong y0r = Longs.Reverse(y0), y1r = Longs.Reverse(y1);
-
-            ulong h0 = Longs.Reverse(ImplMul64(x0r, y0r));
-            ulong h1 = ImplMul64(x0, y0) << 1;
-            ulong h2 = Longs.Reverse(ImplMul64(x1r, y1r));
-            ulong h3 = ImplMul64(x1, y1) << 1;
-            ulong h4 = Longs.Reverse(ImplMul64(x0r ^ x1r, y0r ^ y1r));
-            ulong h5 = ImplMul64(x0 ^ x1, y0 ^ y1) << 1;
-
-            ulong z0 = h0;
-            ulong z1 = h1 ^ h0 ^ h2 ^ h4;
-            ulong z2 = h2 ^ h1 ^ h3 ^ h5;
-            ulong z3 = h3;
-
-            z1 ^= z3 ^ (z3 >> 1) ^ (z3 >> 2) ^ (z3 >> 7);
-//          z2 ^= (z3 << 63) ^ (z3 << 62) ^ (z3 << 57);
-            z2 ^= (z3 << 62) ^ (z3 << 57);
-
-            z0 ^= z2 ^ (z2 >> 1) ^ (z2 >> 2) ^ (z2 >> 7);
-            z1 ^= (z2 << 63) ^ (z2 << 62) ^ (z2 << 57);
-
-            Pack.UInt64_To_BE(z0, x, 0);
-            Pack.UInt64_To_BE(z1, x, 8);
-        }
-
         internal static void Multiply(uint[] x, uint[] y)
         {
             uint y0 = y[0], y1 = y[1], y2 = y[2], y3 = y[3];

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-10 10:39:59 +0000