diff options
Diffstat (limited to 'crypto/src/math/ec/rfc7748/X25519Field.cs')
| -rw-r--r-- | crypto/src/math/ec/rfc7748/X25519Field.cs | 37 |
1 files changed, 21 insertions, 16 deletions
diff --git a/crypto/src/math/ec/rfc7748/X25519Field.cs b/crypto/src/math/ec/rfc7748/X25519Field.cs index 3a06941dd..6843e274a 100644 --- a/crypto/src/math/ec/rfc7748/X25519Field.cs +++ b/crypto/src/math/ec/rfc7748/X25519Field.cs @@ -49,6 +49,11 @@ namespace Org.BouncyCastle.Math.EC.Rfc7748 int z0 = z[0], z1 = z[1], z2 = z[2], z3 = z[3], z4 = z[4]; int z5 = z[5], z6 = z[6], z7 = z[7], z8 = z[8], z9 = z[9]; + z2 += (z1 >> 26); z1 &= M26; + z4 += (z3 >> 26); z3 &= M26; + z7 += (z6 >> 26); z6 &= M26; + z9 += (z8 >> 26); z8 &= M26; + z3 += (z2 >> 25); z2 &= M25; z5 += (z4 >> 25); z4 &= M25; z8 += (z7 >> 25); z7 &= M25; @@ -439,22 +444,22 @@ namespace Org.BouncyCastle.Math.EC.Rfc7748 Mul(t, x, rz); } - private static void Reduce(int[] z, int c) - { - int z9 = z[9], t = z9; - z9 = t & M24; t >>= 24; - t += c; - t *= 19; - t += z[0]; z[0] = t & M26; t >>= 26; - t += z[1]; z[1] = t & M26; t >>= 26; - t += z[2]; z[2] = t & M25; t >>= 25; - t += z[3]; z[3] = t & M26; t >>= 26; - t += z[4]; z[4] = t & M25; t >>= 25; - t += z[5]; z[5] = t & M26; t >>= 26; - t += z[6]; z[6] = t & M26; t >>= 26; - t += z[7]; z[7] = t & M25; t >>= 25; - t += z[8]; z[8] = t & M26; t >>= 26; - t += z9; z[9] = t; + private static void Reduce(int[] z, int x) + { + int t = z[9], z9 = t & M24; + t = (t >> 24) + x; + + long cc = t * 19; + cc += z[0]; z[0] = (int)cc & M26; cc >>= 26; + cc += z[1]; z[1] = (int)cc & M26; cc >>= 26; + cc += z[2]; z[2] = (int)cc & M25; cc >>= 25; + cc += z[3]; z[3] = (int)cc & M26; cc >>= 26; + cc += z[4]; z[4] = (int)cc & M25; cc >>= 25; + cc += z[5]; z[5] = (int)cc & M26; cc >>= 26; + cc += z[6]; z[6] = (int)cc & M26; cc >>= 26; + cc += z[7]; z[7] = (int)cc & M25; cc >>= 25; + cc += z[8]; z[8] = (int)cc & M26; cc >>= 26; + z[9] = z9 + (int)cc; } public static void Sqr(int[] x, int[] z) |