summary refs log tree commit diff
path: root/crypto/src/math/ec/rfc8032/Ed448.cs
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/src/math/ec/rfc8032/Ed448.cs')
-rw-r--r--crypto/src/math/ec/rfc8032/Ed448.cs15
1 files changed, 13 insertions, 2 deletions
diff --git a/crypto/src/math/ec/rfc8032/Ed448.cs b/crypto/src/math/ec/rfc8032/Ed448.cs
index 38bdee83e..774052082 100644
--- a/crypto/src/math/ec/rfc8032/Ed448.cs
+++ b/crypto/src/math/ec/rfc8032/Ed448.cs
@@ -676,11 +676,11 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032
 
         private static void PruneScalar(byte[] n, int nOff, byte[] r)
         {
-            Array.Copy(n, nOff, r, 0, ScalarBytes);
+            Array.Copy(n, nOff, r, 0, ScalarBytes - 1);
 
             r[0] &= 0xFC;
             r[ScalarBytes - 2] |= 0x80;
-            r[ScalarBytes - 1] &= 0x00;
+            r[ScalarBytes - 1]  = 0x00;
         }
 
         private static byte[] ReduceScalar(byte[] n)
@@ -1021,6 +1021,17 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032
             EncodePoint(p, r, rOff);
         }
 
+        internal static void ScalarMultBaseXY(byte[] k, int kOff, uint[] x, uint[] y)
+        {
+            byte[] n = new byte[ScalarBytes];
+            PruneScalar(k, kOff, n);
+
+            PointExt p = new PointExt();
+            ScalarMultBase(n, p);
+            X448Field.Copy(p.x, 0, x, 0);
+            X448Field.Copy(p.y, 0, y, 0);
+        }
+
         private static void ScalarMultStraussVar(uint[] nb, uint[] np, PointExt p, PointExt r)
         {
             Precompute();
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-20 07:30:49 +0000