diff options
Diffstat (limited to 'crypto/src/math/ec/custom/sec/SecT409Field.cs')
| -rw-r--r-- | crypto/src/math/ec/custom/sec/SecT409Field.cs | 234 |
1 files changed, 222 insertions, 12 deletions
diff --git a/crypto/src/math/ec/custom/sec/SecT409Field.cs b/crypto/src/math/ec/custom/sec/SecT409Field.cs index c497d0223..6a5afb0dc 100644 --- a/crypto/src/math/ec/custom/sec/SecT409Field.cs +++ b/crypto/src/math/ec/custom/sec/SecT409Field.cs @@ -9,12 +9,16 @@ using Org.BouncyCastle.Math.Raw; namespace Org.BouncyCastle.Math.EC.Custom.Sec { - internal class SecT409Field + internal static class SecT409Field { private const ulong M25 = ulong.MaxValue >> 39; private const ulong M59 = ulong.MaxValue >> 5; +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void Add(ReadOnlySpan<ulong> x, ReadOnlySpan<ulong> y, Span<ulong> z) +#else public static void Add(ulong[] x, ulong[] y, ulong[] z) +#endif { z[0] = x[0] ^ y[0]; z[1] = x[1] ^ y[1]; @@ -25,7 +29,26 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec z[6] = x[6] ^ y[6]; } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void AddBothTo(ReadOnlySpan<ulong> x, ReadOnlySpan<ulong> y, Span<ulong> z) +#else + public static void AddBothTo(ulong[] x, ulong[] y, ulong[] z) +#endif + { + z[0] ^= x[0] ^ y[0]; + z[1] ^= x[1] ^ y[1]; + z[2] ^= x[2] ^ y[2]; + z[3] ^= x[3] ^ y[3]; + z[4] ^= x[4] ^ y[4]; + z[5] ^= x[5] ^ y[5]; + z[6] ^= x[6] ^ y[6]; + } + +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void AddExt(ReadOnlySpan<ulong> xx, ReadOnlySpan<ulong> yy, Span<ulong> zz) +#else public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz) +#endif { for (int i = 0; i < 13; ++i) { @@ -33,7 +56,11 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec } } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void AddOne(ReadOnlySpan<ulong> x, Span<ulong> z) +#else public static void AddOne(ulong[] x, ulong[] z) +#endif { z[0] = x[0] ^ 1UL; z[1] = x[1]; @@ -44,7 +71,11 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec z[6] = x[6]; } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void AddTo(ReadOnlySpan<ulong> x, Span<ulong> z) +#else public static void AddTo(ulong[] x, ulong[] z) +#endif { z[0] ^= x[0]; z[1] ^= x[1]; @@ -60,9 +91,17 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec return Nat.FromBigInteger64(409, x); } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void HalfTrace(ReadOnlySpan<ulong> x, Span<ulong> z) +#else public static void HalfTrace(ulong[] x, ulong[] z) +#endif { +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + Span<ulong> tt = stackalloc ulong[13]; +#else ulong[] tt = Nat.Create64(13); +#endif Nat448.Copy64(x, z); for (int i = 1; i < 409; i += 2) @@ -75,16 +114,26 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec } } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void Invert(ReadOnlySpan<ulong> x, Span<ulong> z) +#else public static void Invert(ulong[] x, ulong[] z) +#endif { if (Nat448.IsZero64(x)) throw new InvalidOperationException(); // Itoh-Tsujii inversion with bases { 2, 3 } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + Span<ulong> t0 = stackalloc ulong[7]; + Span<ulong> t1 = stackalloc ulong[7]; + Span<ulong> t2 = stackalloc ulong[7]; +#else ulong[] t0 = Nat448.Create64(); ulong[] t1 = Nat448.Create64(); ulong[] t2 = Nat448.Create64(); +#endif Square(x, t0); @@ -126,21 +175,55 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec Multiply(t0, t2, z); } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void Multiply(ReadOnlySpan<ulong> x, ReadOnlySpan<ulong> y, Span<ulong> z) +#else public static void Multiply(ulong[] x, ulong[] y, ulong[] z) +#endif { +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + Span<ulong> tt = stackalloc ulong[14]; +#else ulong[] tt = Nat448.CreateExt64(); +#endif ImplMultiply(x, y, tt); Reduce(tt, z); } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void MultiplyAddToExt(ReadOnlySpan<ulong> x, ReadOnlySpan<ulong> y, Span<ulong> zz) +#else public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz) +#endif { +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + Span<ulong> tt = stackalloc ulong[14]; +#else ulong[] tt = Nat448.CreateExt64(); +#endif ImplMultiply(x, y, tt); AddExt(zz, tt, zz); } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void MultiplyExt(ReadOnlySpan<ulong> x, ReadOnlySpan<ulong> y, Span<ulong> zz) +#else + public static void MultiplyExt(ulong[] x, ulong[] y, ulong[] zz) +#endif + { +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + zz[..14].Fill(0UL); +#else + Array.Clear(zz, 0, 10); +#endif + ImplMultiply(x, y, zz); + } + +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void Reduce(ReadOnlySpan<ulong> xx, Span<ulong> z) +#else public static void Reduce(ulong[] xx, ulong[] z) +#endif { ulong x00 = xx[0], x01 = xx[1], x02 = xx[2], x03 = xx[3]; ulong x04 = xx[4], x05 = xx[5], x06 = xx[6], x07 = xx[7]; @@ -193,7 +276,11 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec z[zOff + 6] = z6 & M25; } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void Sqrt(ReadOnlySpan<ulong> x, Span<ulong> z) +#else public static void Sqrt(ulong[] x, ulong[] z) +#endif { ulong c0 = Interleave.Unshuffle(x[0], x[1], out ulong e0); ulong c1 = Interleave.Unshuffle(x[2], x[3], out ulong e1); @@ -211,30 +298,58 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec Debug.Assert((c3 >> 51) == 0); } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void Square(ReadOnlySpan<ulong> x, Span<ulong> z) +#else public static void Square(ulong[] x, ulong[] z) +#endif { +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + Span<ulong> tt = stackalloc ulong[13]; +#else ulong[] tt = Nat.Create64(13); +#endif ImplSquare(x, tt); Reduce(tt, z); } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void SquareAddToExt(ReadOnlySpan<ulong> x, Span<ulong> zz) +#else public static void SquareAddToExt(ulong[] x, ulong[] zz) +#endif { +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + Span<ulong> tt = stackalloc ulong[13]; +#else ulong[] tt = Nat.Create64(13); +#endif ImplSquare(x, tt); AddExt(zz, tt, zz); } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void SquareExt(ReadOnlySpan<ulong> x, Span<ulong> zz) +#else public static void SquareExt(ulong[] x, ulong[] zz) +#endif { ImplSquare(x, zz); } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static void SquareN(ReadOnlySpan<ulong> x, int n, Span<ulong> z) +#else public static void SquareN(ulong[] x, int n, ulong[] z) +#endif { Debug.Assert(n > 0); +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + Span<ulong> tt = stackalloc ulong[13]; +#else ulong[] tt = Nat.Create64(13); +#endif ImplSquare(x, tt); Reduce(tt, z); @@ -245,13 +360,21 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec } } +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + public static uint Trace(ReadOnlySpan<ulong> x) +#else public static uint Trace(ulong[] x) +#endif { // Non-zero-trace bits: 0 return (uint)(x[0]) & 1U; } - protected static void ImplCompactExt(ulong[] zz) +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + private static void ImplCompactExt(Span<ulong> zz) +#else + private static void ImplCompactExt(ulong[] zz) +#endif { ulong z00 = zz[ 0], z01 = zz[ 1], z02 = zz[ 2], z03 = zz[ 3], z04 = zz[ 4], z05 = zz[ 5], z06 = zz[ 6]; ulong z07 = zz[ 7], z08 = zz[ 8], z09 = zz[ 9], z10 = zz[10], z11 = zz[11], z12 = zz[12], z13 = zz[13]; @@ -272,7 +395,11 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec //zz[13] = 0; } - protected static void ImplExpand(ulong[] x, ulong[] z) +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + private static void ImplExpand(ReadOnlySpan<ulong> x, Span<ulong> z) +#else + private static void ImplExpand(ulong[] x, ulong[] z) +#endif { ulong x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3], x4 = x[4], x5 = x[5], x6 = x[6]; z[0] = x0 & M59; @@ -284,7 +411,72 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec z[6] = ((x5 >> 34) ^ (x6 << 30)); } - protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz) +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + private static void ImplMultiply(ReadOnlySpan<ulong> x, ReadOnlySpan<ulong> y, Span<ulong> zz) + { + Span<ulong> a = stackalloc ulong[7], b = stackalloc ulong[7]; + ImplExpand(x, a); + ImplExpand(y, b); + + Span<ulong> u = stackalloc ulong[8]; + for (int i = 0; i < 7; ++i) + { + ImplMulwAcc(u, a[i], b[i], zz[(i << 1)..]); + } + + ulong v0 = zz[0], v1 = zz[1]; + v0 ^= zz[ 2]; zz[1] = v0 ^ v1; v1 ^= zz[ 3]; + v0 ^= zz[ 4]; zz[2] = v0 ^ v1; v1 ^= zz[ 5]; + v0 ^= zz[ 6]; zz[3] = v0 ^ v1; v1 ^= zz[ 7]; + v0 ^= zz[ 8]; zz[4] = v0 ^ v1; v1 ^= zz[ 9]; + v0 ^= zz[10]; zz[5] = v0 ^ v1; v1 ^= zz[11]; + v0 ^= zz[12]; zz[6] = v0 ^ v1; v1 ^= zz[13]; + + ulong w = v0 ^ v1; + zz[ 7] = zz[0] ^ w; + zz[ 8] = zz[1] ^ w; + zz[ 9] = zz[2] ^ w; + zz[10] = zz[3] ^ w; + zz[11] = zz[4] ^ w; + zz[12] = zz[5] ^ w; + zz[13] = zz[6] ^ w; + + ImplMulwAcc(u, a[0] ^ a[1], b[0] ^ b[1], zz[ 1..]); + + ImplMulwAcc(u, a[0] ^ a[2], b[0] ^ b[2], zz[ 2..]); + + ImplMulwAcc(u, a[0] ^ a[3], b[0] ^ b[3], zz[ 3..]); + ImplMulwAcc(u, a[1] ^ a[2], b[1] ^ b[2], zz[ 3..]); + + ImplMulwAcc(u, a[0] ^ a[4], b[0] ^ b[4], zz[ 4..]); + ImplMulwAcc(u, a[1] ^ a[3], b[1] ^ b[3], zz[ 4..]); + + ImplMulwAcc(u, a[0] ^ a[5], b[0] ^ b[5], zz[ 5..]); + ImplMulwAcc(u, a[1] ^ a[4], b[1] ^ b[4], zz[ 5..]); + ImplMulwAcc(u, a[2] ^ a[3], b[2] ^ b[3], zz[ 5..]); + + ImplMulwAcc(u, a[0] ^ a[6], b[0] ^ b[6], zz[ 6..]); + ImplMulwAcc(u, a[1] ^ a[5], b[1] ^ b[5], zz[ 6..]); + ImplMulwAcc(u, a[2] ^ a[4], b[2] ^ b[4], zz[ 6..]); + + ImplMulwAcc(u, a[1] ^ a[6], b[1] ^ b[6], zz[ 7..]); + ImplMulwAcc(u, a[2] ^ a[5], b[2] ^ b[5], zz[ 7..]); + ImplMulwAcc(u, a[3] ^ a[4], b[3] ^ b[4], zz[ 7..]); + + ImplMulwAcc(u, a[2] ^ a[6], b[2] ^ b[6], zz[ 8..]); + ImplMulwAcc(u, a[3] ^ a[5], b[3] ^ b[5], zz[ 8..]); + + ImplMulwAcc(u, a[3] ^ a[6], b[3] ^ b[6], zz[ 9..]); + ImplMulwAcc(u, a[4] ^ a[5], b[4] ^ b[5], zz[ 9..]); + + ImplMulwAcc(u, a[4] ^ a[6], b[4] ^ b[6], zz[10..]); + + ImplMulwAcc(u, a[5] ^ a[6], b[5] ^ b[6], zz[11..]); + + ImplCompactExt(zz); + } +#else + private static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz) { ulong[] a = new ulong[7], b = new ulong[7]; ImplExpand(x, a); @@ -347,8 +539,13 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec ImplCompactExt(zz); } +#endif - protected static void ImplMulwAcc(ulong[] u, ulong x, ulong y, ulong[] z, int zOff) +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + private static void ImplMulwAcc(Span<ulong> u, ulong x, ulong y, Span<ulong> z) +#else + private static void ImplMulwAcc(ulong[] u, ulong x, ulong y, ulong[] z, int zOff) +#endif { Debug.Assert(x >> 59 == 0); Debug.Assert(y >> 59 == 0); @@ -361,8 +558,8 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec var Z = Pclmulqdq.CarrylessMultiply(X, Y, 0x00); ulong z0 = Z.GetElement(0); ulong z1 = Z.GetElement(1); - z[zOff ] ^= z0 & M59; - z[zOff + 1] ^= (z0 >> 59) ^ (z1 << 5); + z[0] ^= z0 & M59; + z[1] ^= (z0 >> 59) ^ (z1 << 5); return; } #endif @@ -377,14 +574,14 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec u[7] = u[6] ^ y; uint j = (uint)x; - ulong g, h = 0, l = u[j & 7] - ^ (u[(j >> 3) & 7] << 3); + ulong g, h = 0, l = u[(int)j & 7] + ^ (u[(int)(j >> 3) & 7] << 3); int k = 54; do { j = (uint)(x >> k); - g = u[j & 7] - ^ u[(j >> 3) & 7] << 3; + g = u[(int)j & 7] + ^ u[(int)(j >> 3) & 7] << 3; l ^= (g << k); h ^= (g >> -k); } @@ -392,11 +589,20 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec Debug.Assert(h >> 53 == 0); +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + z[0] ^= l & M59; + z[1] ^= (l >> 59) ^ (h << 5); +#else z[zOff ] ^= l & M59; z[zOff + 1] ^= (l >> 59) ^ (h << 5); +#endif } - protected static void ImplSquare(ulong[] x, ulong[] zz) +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + private static void ImplSquare(ReadOnlySpan<ulong> x, Span<ulong> zz) +#else + private static void ImplSquare(ulong[] x, ulong[] zz) +#endif { zz[12] = Interleave.Expand32to64((uint)x[6]); @@ -419,7 +625,11 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec } #endif +#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER + Interleave.Expand64To128(x[..6], zz[..12]); +#else Interleave.Expand64To128(x, 0, 6, zz, 0); +#endif } } } |