diff options
Diffstat (limited to 'crypto/src/math/ec/custom/sec/SecT113Field.cs')
| -rw-r--r-- | crypto/src/math/ec/custom/sec/SecT113Field.cs | 33 |
1 files changed, 19 insertions, 14 deletions
diff --git a/crypto/src/math/ec/custom/sec/SecT113Field.cs b/crypto/src/math/ec/custom/sec/SecT113Field.cs index 1b3fcc542..65249562a 100644 --- a/crypto/src/math/ec/custom/sec/SecT113Field.cs +++ b/crypto/src/math/ec/custom/sec/SecT113Field.cs @@ -170,6 +170,25 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz) { +#if NETCOREAPP3_0_OR_GREATER + if (Pclmulqdq.IsSupported) + { + var X01 = Vector128.Create(x[0], x[1]); + var Y01 = Vector128.Create(y[0], y[1]); + + var Z01 = Pclmulqdq.CarrylessMultiply(X01, Y01, 0x00); + var Z12 = Sse2.Xor(Pclmulqdq.CarrylessMultiply(X01, Y01, 0x01), + Pclmulqdq.CarrylessMultiply(X01, Y01, 0x10)); + var Z23 = Pclmulqdq.CarrylessMultiply(X01, Y01, 0x11); + + zz[0] = Z01.GetElement(0); + zz[1] = Z01.GetElement(1) ^ Z12.GetElement(0); + zz[2] = Z23.GetElement(0) ^ Z12.GetElement(1); + zz[3] = Z23.GetElement(1); + return; + } +#endif + /* * "Three-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein. */ @@ -206,20 +225,6 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec Debug.Assert(x >> 57 == 0); Debug.Assert(y >> 57 == 0); -#if NETCOREAPP3_0_OR_GREATER - if (Pclmulqdq.IsSupported) - { - var X = Vector128.CreateScalar(x); - var Y = Vector128.CreateScalar(y); - var Z = Pclmulqdq.CarrylessMultiply(X, Y, 0x00); - ulong z0 = Z.GetElement(0); - ulong z1 = Z.GetElement(1); - z[zOff ] = z0 & M57; - z[zOff + 1] = (z0 >> 57) ^ (z1 << 7); - return; - } -#endif - //u[0] = 0; u[1] = y; u[2] = u[1] << 1; |