diff options
Diffstat (limited to 'crypto/src/math/ec')
| -rw-r--r-- | crypto/src/math/ec/rfc7748/X25519.cs | 15 | ||||
| -rw-r--r-- | crypto/src/math/ec/rfc7748/X448.cs | 25 | ||||
| -rw-r--r-- | crypto/src/math/ec/rfc8032/Ed25519.cs | 7 | ||||
| -rw-r--r-- | crypto/src/math/ec/rfc8032/Ed448.cs | 27 |
4 files changed, 41 insertions, 33 deletions
diff --git a/crypto/src/math/ec/rfc7748/X25519.cs b/crypto/src/math/ec/rfc7748/X25519.cs index 9db3a24c6..d8db2527a 100644 --- a/crypto/src/math/ec/rfc7748/X25519.cs +++ b/crypto/src/math/ec/rfc7748/X25519.cs @@ -1,6 +1,7 @@ using System; using System.Diagnostics; -using System.Runtime.CompilerServices; + +using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Math.EC.Rfc7748 { @@ -19,8 +20,15 @@ namespace Org.BouncyCastle.Math.EC.Rfc7748 private static readonly int[] PsubS_x = { 0x03D48290, 0x02C7804D, 0x01207816, 0x028F5A68, 0x00881ED4, 0x00A2B71D, 0x0217D1B7, 0x014CB523, 0x0088EC1A, 0x0042A264 }; + private static readonly object precompLock = new object(); private static int[] precompBase = null; + public static bool CalculateAgreement(byte[] k, int kOff, byte[] u, int uOff, byte[] r, int rOff) + { + ScalarMult(k, kOff, u, uOff, r, rOff); + return !Arrays.AreAllZeroes(r, rOff, PointSize); + } + private static uint Decode32(byte[] bs, int off) { uint n = bs[off]; @@ -57,12 +65,9 @@ namespace Org.BouncyCastle.Math.EC.Rfc7748 X25519Field.Mul(z, A, z); } - // https://stackoverflow.com/questions/2223656/what-does-methodimploptions-synchronized-do - // Not available in lower .net standard versions - //[MethodImpl(MethodImplOptions.Synchronized)] public static void Precompute() { - lock (typeof(X25519)) + lock (precompLock) { if (precompBase != null) return; diff --git a/crypto/src/math/ec/rfc7748/X448.cs b/crypto/src/math/ec/rfc7748/X448.cs index cf581e9fc..63d34d1cf 100644 --- a/crypto/src/math/ec/rfc7748/X448.cs +++ b/crypto/src/math/ec/rfc7748/X448.cs @@ -1,6 +1,7 @@ using System; using System.Diagnostics; -using System.Runtime.CompilerServices; + +using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Math.EC.Rfc7748 { @@ -22,8 +23,15 @@ namespace Org.BouncyCastle.Math.EC.Rfc7748 0x0643ACE1U, 0x03F1BD65U, 0x084C1F82U, 0x0954459DU, 0x081B9672U, 0x0DD1031CU, 0x0EB7BDACU, 0x03881AFFU, 0x0423ACF0U, 0x05013244U, 0x0F0FAB72U }; + private static readonly object precompLock = new object(); private static uint[] precompBase = null; + public static bool CalculateAgreement(byte[] k, int kOff, byte[] u, int uOff, byte[] r, int rOff) + { + ScalarMult(k, kOff, u, uOff, r, rOff); + return !Arrays.AreAllZeroes(r, rOff, PointSize); + } + private static uint Decode32(byte[] bs, int off) { uint n = bs[off]; @@ -61,12 +69,9 @@ namespace Org.BouncyCastle.Math.EC.Rfc7748 X448Field.Mul(z, A, z); } - // https://stackoverflow.com/questions/2223656/what-does-methodimploptions-synchronized-do - // Not available in lower .net standard versions - //[MethodImpl(MethodImplOptions.Synchronized)] public static void Precompute() { - lock (typeof(X448)) + lock (precompLock) { if (precompBase != null) return; @@ -76,8 +81,8 @@ namespace Org.BouncyCastle.Math.EC.Rfc7748 uint[] xs = precompBase; uint[] zs = new uint[X448Field.Size * 445]; - uint[] x = X448Field.Create(); x[0] = 5; - uint[] z = X448Field.Create(); z[0] = 1; + uint[] x = X448Field.Create(); x[0] = 5; + uint[] z = X448Field.Create(); z[0] = 1; uint[] n = X448Field.Create(); uint[] d = X448Field.Create(); @@ -86,10 +91,10 @@ namespace Org.BouncyCastle.Math.EC.Rfc7748 X448Field.Add(x, z, n); X448Field.Sub(x, z, d); - uint[] c = X448Field.Create(); X448Field.Copy(d, 0, c, 0); + uint[] c = X448Field.Create(); X448Field.Copy(d, 0, c, 0); int off = 0; - for (; ; ) + for (;;) { X448Field.Copy(n, 0, xs, off); @@ -112,7 +117,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc7748 uint[] u = X448Field.Create(); X448Field.Inv(c, u); - for (; ; ) + for (;;) { X448Field.Copy(xs, off, x, 0); diff --git a/crypto/src/math/ec/rfc8032/Ed25519.cs b/crypto/src/math/ec/rfc8032/Ed25519.cs index 1154a1021..403f11f50 100644 --- a/crypto/src/math/ec/rfc8032/Ed25519.cs +++ b/crypto/src/math/ec/rfc8032/Ed25519.cs @@ -1,6 +1,5 @@ using System; using System.Diagnostics; -using System.Runtime.CompilerServices; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Digests; @@ -61,6 +60,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 private const int PrecompPoints = 1 << (PrecompTeeth - 1); private const int PrecompMask = PrecompPoints - 1; + private static readonly object precompLock = new object(); // TODO[ed25519] Convert to PointPrecomp private static PointExt[] precompBaseTable = null; private static int[] precompBase = null; @@ -631,10 +631,9 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 X25519Field.Zero(p.t); } - //[MethodImpl(MethodImplOptions.Synchronized)] public static void Precompute() { - lock (typeof(Ed25519)) + lock (precompLock) { if (precompBase != null) return; @@ -679,7 +678,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 PointDouble(p); } } - } + } PointExt[] points = new PointExt[PrecompPoints]; int k = 0; diff --git a/crypto/src/math/ec/rfc8032/Ed448.cs b/crypto/src/math/ec/rfc8032/Ed448.cs index 12f69b676..10ebe8f15 100644 --- a/crypto/src/math/ec/rfc8032/Ed448.cs +++ b/crypto/src/math/ec/rfc8032/Ed448.cs @@ -1,6 +1,5 @@ using System; using System.Diagnostics; -using System.Runtime.CompilerServices; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Digests; @@ -70,6 +69,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 private const int PrecompPoints = 1 << (PrecompTeeth - 1); private const int PrecompMask = PrecompPoints - 1; + private static readonly object precompLock = new object(); // TODO[ed448] Convert to PointPrecomp private static PointExt[] precompBaseTable = null; private static uint[] precompBase = null; @@ -463,12 +463,12 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 X448Field.Mul(p.y, r.y, D); X448Field.Mul(C, D, E); X448Field.Mul(E, -C_d, E); - // X448Field.Apm(B, E, F, G); + //X448Field.Apm(B, E, F, G); X448Field.Add(B, E, f); X448Field.Sub(B, E, g); X448Field.Add(r.x, r.y, E); X448Field.Mul(H, E, H); - // X448Field.Apm(D, C, B, E); + //X448Field.Apm(D, C, B, E); X448Field.Add(D, C, b); X448Field.Sub(D, C, e); X448Field.Carry(b); @@ -495,13 +495,13 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 X448Field.Mul(p.y, r.y, D); X448Field.Mul(C, D, E); X448Field.Mul(E, -C_d, E); - // X448Field.Apm(B, E, F, G); + //X448Field.Apm(B, E, F, G); X448Field.Add(B, E, F); X448Field.Sub(B, E, G); X448Field.Add(p.x, p.y, B); X448Field.Add(r.x, r.y, E); X448Field.Mul(B, E, H); - // X448Field.Apm(D, C, B, E); + //X448Field.Apm(D, C, B, E); X448Field.Add(D, C, B); X448Field.Sub(D, C, E); X448Field.Carry(B); @@ -592,10 +592,9 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 X448Field.One(p.z); } - //[MethodImpl(MethodImplOptions.Synchronized)] public static void Precompute() { - lock (typeof(Ed448)) + lock (precompLock) { if (precompBase != null) return; @@ -631,7 +630,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 PointDouble(p); } } - } + } PointExt[] points = new PointExt[PrecompPoints]; int k = 0; @@ -657,8 +656,8 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 X448Field.Mul(q.x, q.z, q.x); X448Field.Mul(q.y, q.z, q.y); - // X448Field.Normalize(q.x); - // X448Field.Normalize(q.y); + //X448Field.Normalize(q.x); + //X448Field.Normalize(q.y); X448Field.Copy(q.x, 0, precompBase, off); off += X448Field.Size; X448Field.Copy(q.y, 0, precompBase, off); off += X448Field.Size; @@ -734,7 +733,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 x21 += x31 * L4_6; // x21:55/53 x22 += x31 * L4_7; // x22:57/53 - // x30 += (x29 >> 28); x29 &= M28UL; + //x30 += (x29 >> 28); x29 &= M28UL; x14 += x30 * L4_0; // x14:54/-- x15 += x30 * L4_1; // x15:54/53 x16 += x30 * L4_2; // x16:56/-- @@ -754,7 +753,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 x19 += x29 * L4_6; // x19:57/52 x20 += x29 * L4_7; // x20:58/52 - // x28 += (x27 >> 28); x27 &= M28UL; + //x28 += (x27 >> 28); x27 &= M28UL; x12 += x28 * L4_0; // x12:54/-- x13 += x28 * L4_1; // x13:54/53 x14 += x28 * L4_2; // x14:56/-- @@ -774,7 +773,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 x17 += x27 * L4_6; // x17:58/56 x18 += x27 * L4_7; // x18:59/-- - // x26 += (x25 >> 28); x25 &= M28UL; + //x26 += (x25 >> 28); x25 &= M28UL; x10 += x26 * L4_0; // x10:54/-- x11 += x26 * L4_1; // x11:54/53 x12 += x26 * L4_2; // x12:56/-- @@ -951,7 +950,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 Encode56(x10 | (x11 << 28), r, 35); Encode56(x12 | (x13 << 28), r, 42); Encode56(x14 | (x15 << 28), r, 49); - // r[ScalarBytes - 1] = 0; + //r[ScalarBytes - 1] = 0; return r; } |