From 57d401f1c1919e507eb42ac0964a8b5d61ee6049 Mon Sep 17 00:00:00 2001
From: Peter Dettman <peter.dettman@bouncycastle.org>
Date: Wed, 26 Feb 2014 20:13:52 +0700
Subject: Optimization for custom curve reduction when only a few bits need
 reducing; used to delay reduction in point doubling.

---
 crypto/src/math/ec/custom/sec/SecP192R1Point.cs | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

(limited to 'crypto/src/math/ec/custom/sec/SecP192R1Point.cs')

diff --git a/crypto/src/math/ec/custom/sec/SecP192R1Point.cs b/crypto/src/math/ec/custom/sec/SecP192R1Point.cs
index 0dd81f0c7..29a26c941 100644
--- a/crypto/src/math/ec/custom/sec/SecP192R1Point.cs
+++ b/crypto/src/math/ec/custom/sec/SecP192R1Point.cs
@@ -217,12 +217,11 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec
 
             uint[] S = Y1Squared;
             SecP192R1Field.Multiply(Y1Squared, X1.x, S);
-            SecP192R1Field.Twice(S, S);
-            SecP192R1Field.Twice(S, S);
+            uint c = Nat.ShiftUpBits(6, S, 2, 0);
+            SecP192R1Field.Reduce32(c, S);
 
-            SecP192R1Field.Twice(T, t1);
-            SecP192R1Field.Twice(t1, t1);
-            SecP192R1Field.Twice(t1, t1);
+            c = Nat.ShiftUpBits(6, T, 3, 0, t1);
+            SecP192R1Field.Reduce32(c, t1);
 
             SecP192R1FieldElement X3 = new SecP192R1FieldElement(T);
             SecP192R1Field.Square(M, X3.x);
-- 
cgit 1.4.1