diff options
Diffstat (limited to 'crypto/src/math/ec/custom/sec/SecP256R1Field.cs')
| -rw-r--r-- | crypto/src/math/ec/custom/sec/SecP256R1Field.cs | 66 |
1 files changed, 36 insertions, 30 deletions
diff --git a/crypto/src/math/ec/custom/sec/SecP256R1Field.cs b/crypto/src/math/ec/custom/sec/SecP256R1Field.cs index a01cb5840..4d98b5508 100644 --- a/crypto/src/math/ec/custom/sec/SecP256R1Field.cs +++ b/crypto/src/math/ec/custom/sec/SecP256R1Field.cs @@ -8,12 +8,12 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec // 2^256 - 2^224 + 2^192 + 2^96 - 1 internal static readonly uint[] P = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0xFFFFFFFF }; + internal static readonly uint[] PExt = new uint[]{ 0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFF, + 0xFFFFFFFF, 0xFFFFFFFE, 0x00000001, 0xFFFFFFFE, 0x00000001, 0xFFFFFFFE, 0x00000001, 0x00000001, 0xFFFFFFFE, + 0x00000002, 0xFFFFFFFE }; private static readonly uint[] _2P = new uint[]{ 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000001, 0x00000000, 0x00000000, 0x00000002, 0xFFFFFFFE, 0x00000001 }; private const uint P7 = 0xFFFFFFFF; - private static readonly uint[] PExt = new uint[]{ 0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFF, - 0xFFFFFFFF, 0xFFFFFFFE, 0x00000001, 0xFFFFFFFE, 0x00000001, 0xFFFFFFFE, 0x00000001, 0x00000001, 0xFFFFFFFE, - 0x00000002, 0xFFFFFFFE }; public static void Add(uint[] x, uint[] y, uint[] z) { @@ -125,7 +125,7 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec cc >>= 32; int c = (int)cc; - if (c > 0) + if (c >= 0) { Reduce32((uint)c, z); } @@ -144,33 +144,39 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec public static void Reduce32(uint x, uint[] z) { - long xx08 = x; - long cc = 0; - cc += (long)z[0] + xx08; - z[0] = (uint)cc; - cc >>= 32; - cc += (long)z[1]; - z[1] = (uint)cc; - cc >>= 32; - cc += (long)z[2]; - z[2] = (uint)cc; - cc >>= 32; - cc += (long)z[3] - xx08; - z[3] = (uint)cc; - cc >>= 32; - cc += (long)z[4]; - z[4] = (uint)cc; - cc >>= 32; - cc += (long)z[5]; - z[5] = (uint)cc; - cc >>= 32; - cc += (long)z[6] - xx08; - z[6] = (uint)cc; - cc >>= 32; - cc += (long)z[7] + xx08; - z[7] = (uint)cc; - cc >>= 32; + + if (x != 0) + { + long xx08 = x; + + cc += (long)z[0] + xx08; + z[0] = (uint)cc; + cc >>= 32; + cc += (long)z[1]; + z[1] = (uint)cc; + cc >>= 32; + cc += (long)z[2]; + z[2] = (uint)cc; + cc >>= 32; + cc += (long)z[3] - xx08; + z[3] = (uint)cc; + cc >>= 32; + cc += (long)z[4]; + z[4] = (uint)cc; + cc >>= 32; + cc += (long)z[5]; + z[5] = (uint)cc; + cc >>= 32; + cc += (long)z[6] - xx08; + z[6] = (uint)cc; + cc >>= 32; + cc += (long)z[7] + xx08; + z[7] = (uint)cc; + cc >>= 32; + + Debug.Assert(cc == 0 || cc == 1); + } if (cc != 0 || (z[7] == P7 && Nat256.Gte(z, P))) { |