diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-01-23 14:50:10 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-01-23 14:50:10 +0700 |
| commit | 40d318fb8c3da32fa16251aa160dd4876910fc63 (patch) | |
| tree | ba536e7782d757a28ad0a9bab749a825886feb15 /crypto | |
| parent | Add Nat/Mod classes and use instead of (slow) BigInteger.ModInverse implement... (diff) | |
| download | BouncyCastle.NET-ed25519-40d318fb8c3da32fa16251aa160dd4876910fc63.tar.xz | |
Use residue-based reduction for more curves, in particular P-256
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/src/math/ec/ECFieldElement.cs | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/crypto/src/math/ec/ECFieldElement.cs b/crypto/src/math/ec/ECFieldElement.cs index 93f63a435..f29d1f1b0 100644 --- a/crypto/src/math/ec/ECFieldElement.cs +++ b/crypto/src/math/ec/ECFieldElement.cs @@ -79,8 +79,14 @@ namespace Org.BouncyCastle.Math.EC int bitLength = p.BitLength; if (bitLength > 128) { - BigInteger firstWord = p.ShiftRight(bitLength - 64); - if (firstWord.LongValue == -1L) + /* + * NOTE: Due to poor performance of BigInteger.Mod in C#, the residue-based reduction is + * currently faster even for e.g. P-256, where the prime has 32 leading 1 bits. + */ + //BigInteger firstWord = p.ShiftRight(bitLength - 64); + //if (firstWord.LongValue == -1L) + BigInteger firstWord = p.ShiftRight(bitLength - 32); + if (firstWord.IntValue == -1) { return BigInteger.One.ShiftLeft(bitLength).Subtract(p); } |