From e7c2c2029676b6dd0f13560b56aa9611c51c99f7 Mon Sep 17 00:00:00 2001
From: Peter Dettman <peter.dettman@bouncycastle.org>
Date: Fri, 31 Jan 2014 19:05:46 +0700
Subject: Avoid modifying the input to the Reduce() methods

---
 crypto/src/math/ec/custom/sec/Nat192.cs         | 33 ++++++++++----------
 crypto/src/math/ec/custom/sec/Nat256.cs         | 41 +++++++++++++------------
 crypto/src/math/ec/custom/sec/SecP192K1Field.cs | 12 +++-----
 crypto/src/math/ec/custom/sec/SecP256K1Field.cs | 12 +++-----
 4 files changed, 48 insertions(+), 50 deletions(-)

(limited to 'crypto')

diff --git a/crypto/src/math/ec/custom/sec/Nat192.cs b/crypto/src/math/ec/custom/sec/Nat192.cs
index b61c7a468..29f6f28e6 100644
--- a/crypto/src/math/ec/custom/sec/Nat192.cs
+++ b/crypto/src/math/ec/custom/sec/Nat192.cs
@@ -321,37 +321,38 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec
             }
         }
 
-        public static ulong Mul33AddExt(uint x, uint[] yy, int yyOff, uint[] zz, int zzOff)
+        public static ulong Mul33AddExt(uint w, uint[] xx, int xxOff, uint[] yy, int yyOff, uint[] zz, int zzOff)
         {
-            Debug.Assert(x >> 31 == 0);
+            Debug.Assert(w >> 31 == 0);
+            Debug.Assert(xxOff <= 6);
             Debug.Assert(yyOff <= 6);
             Debug.Assert(zzOff <= 6);
-            ulong c = 0, xVal = x;
-            ulong yy00 = yy[yyOff + 0];
-            c += xVal * yy00 + zz[zzOff + 0];
+            ulong c = 0, wVal = w;
+            ulong xx00 = xx[xxOff + 0];
+            c += wVal * xx00 + yy[yyOff + 0];
             zz[zzOff + 0] = (uint)c;
             c >>= 32;
-            ulong yy01 = yy[yyOff + 1];
-            c += xVal * yy01 + yy00 + zz[zzOff + 1];
+            ulong xx01 = xx[xxOff + 1];
+            c += wVal * xx01 + xx00 + yy[yyOff + 1];
             zz[zzOff + 1] = (uint)c;
             c >>= 32;
-            ulong yy02 = yy[yyOff + 2];
-            c += xVal * yy02 + yy01 + zz[zzOff + 2];
+            ulong xx02 = xx[xxOff + 2];
+            c += wVal * xx02 + xx01 + yy[yyOff + 2];
             zz[zzOff + 2] = (uint)c;
             c >>= 32;
-            ulong yy03 = yy[yyOff + 3];
-            c += xVal * yy03 + yy02 + zz[zzOff + 3];
+            ulong xx03 = xx[xxOff + 3];
+            c += wVal * xx03 + xx02 + yy[yyOff + 3];
             zz[zzOff + 3] = (uint)c;
             c >>= 32;
-            ulong yy04 = yy[yyOff + 4];
-            c += xVal * yy04 + yy03 + zz[zzOff + 4];
+            ulong xx04 = xx[xxOff + 4];
+            c += wVal * xx04 + xx03 + yy[yyOff + 4];
             zz[zzOff + 4] = (uint)c;
             c >>= 32;
-            ulong yy05 = yy[yyOff + 5];
-            c += xVal * yy05 + yy04 + zz[zzOff + 5];
+            ulong xx05 = xx[xxOff + 5];
+            c += wVal * xx05 + xx04 + yy[yyOff + 5];
             zz[zzOff + 5] = (uint)c;
             c >>= 32;
-            c += yy05;
+            c += xx05;
             return c;
         }
 
diff --git a/crypto/src/math/ec/custom/sec/Nat256.cs b/crypto/src/math/ec/custom/sec/Nat256.cs
index c71bc8322..5837a8820 100644
--- a/crypto/src/math/ec/custom/sec/Nat256.cs
+++ b/crypto/src/math/ec/custom/sec/Nat256.cs
@@ -353,45 +353,46 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec
             }
         }
 
-        public static ulong Mul33AddExt(uint x, uint[] yy, int yyOff, uint[] zz, int zzOff)
+        public static ulong Mul33AddExt(uint w, uint[] xx, int xxOff, uint[] yy, int yyOff, uint[] zz, int zzOff)
         {
-            Debug.Assert(x >> 31 == 0);
+            Debug.Assert(w >> 31 == 0);
+            Debug.Assert(xxOff <= 8);
             Debug.Assert(yyOff <= 8);
             Debug.Assert(zzOff <= 8);
-            ulong c = 0, xVal = x;
-            ulong yy00 = yy[yyOff + 0];
-            c += xVal * yy00 + zz[zzOff + 0];
+            ulong c = 0, wVal = w;
+            ulong xx00 = xx[xxOff + 0];
+            c += wVal * xx00 + yy[yyOff + 0];
             zz[zzOff + 0] = (uint)c;
             c >>= 32;
-            ulong yy01 = yy[yyOff + 1];
-            c += xVal * yy01 + yy00 + zz[zzOff + 1];
+            ulong xx01 = xx[xxOff + 1];
+            c += wVal * xx01 + xx00 + yy[yyOff + 1];
             zz[zzOff + 1] = (uint)c;
             c >>= 32;
-            ulong yy02 = yy[yyOff + 2];
-            c += xVal * yy02 + yy01 + zz[zzOff + 2];
+            ulong xx02 = xx[xxOff + 2];
+            c += wVal * xx02 + xx01 + yy[yyOff + 2];
             zz[zzOff + 2] = (uint)c;
             c >>= 32;
-            ulong yy03 = yy[yyOff + 3];
-            c += xVal * yy03 + yy02 + zz[zzOff + 3];
+            ulong xx03 = xx[xxOff + 3];
+            c += wVal * xx03 + xx02 + yy[yyOff + 3];
             zz[zzOff + 3] = (uint)c;
             c >>= 32;
-            ulong yy04 = yy[yyOff + 4];
-            c += xVal * yy04 + yy03 + zz[zzOff + 4];
+            ulong xx04 = xx[xxOff + 4];
+            c += wVal * xx04 + xx03 + yy[yyOff + 4];
             zz[zzOff + 4] = (uint)c;
             c >>= 32;
-            ulong yy05 = yy[yyOff + 5];
-            c += xVal * yy05 + yy04 + zz[zzOff + 5];
+            ulong xx05 = xx[xxOff + 5];
+            c += wVal * xx05 + xx04 + yy[yyOff + 5];
             zz[zzOff + 5] = (uint)c;
             c >>= 32;
-            ulong yy06 = yy[yyOff + 6];
-            c += xVal * yy06 + yy05 + zz[zzOff + 6];
+            ulong xx06 = xx[xxOff + 6];
+            c += wVal * xx06 + xx05 + yy[yyOff + 6];
             zz[zzOff + 6] = (uint)c;
             c >>= 32;
-            ulong yy07 = yy[yyOff + 7];
-            c += xVal * yy07 + yy06 + zz[zzOff + 7];
+            ulong xx07 = xx[xxOff + 7];
+            c += wVal * xx07 + xx06 + yy[yyOff + 7];
             zz[zzOff + 7] = (uint)c;
             c >>= 32;
-            c += yy07;
+            c += xx07;
             return c;
         }
 
diff --git a/crypto/src/math/ec/custom/sec/SecP192K1Field.cs b/crypto/src/math/ec/custom/sec/SecP192K1Field.cs
index 9da3c0257..11bc11d8d 100644
--- a/crypto/src/math/ec/custom/sec/SecP192K1Field.cs
+++ b/crypto/src/math/ec/custom/sec/SecP192K1Field.cs
@@ -84,19 +84,17 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec
             }
         }
 
-        public static void Reduce(uint[] tt, uint[] z)
+        public static void Reduce(uint[] xx, uint[] z)
         {
-            ulong c = Nat192.Mul33AddExt(PInv33, tt, 6, tt, 0);
-            c = Nat192.Mul33DWordAdd(PInv33, c, tt, 0);
+            ulong c = Nat192.Mul33AddExt(PInv33, xx, 6, xx, 0, z, 0);
+            c = Nat192.Mul33DWordAdd(PInv33, c, z, 0);
 
             Debug.Assert(c == 0 || c == 1);
 
-            if (c != 0 || (tt[5] == P5 && Nat192.Gte(tt, P)))
+            if (c != 0 || (z[5] == P5 && Nat192.Gte(z, P)))
             {
-                Nat192.AddDWord(PInv, tt, 0);
+                Nat192.AddDWord(PInv, z, 0);
             }
-
-            Array.Copy(tt, 0, z, 0, 6);
         }
 
         public static void Square(uint[] x, uint[] z)
diff --git a/crypto/src/math/ec/custom/sec/SecP256K1Field.cs b/crypto/src/math/ec/custom/sec/SecP256K1Field.cs
index e7a73359f..3f5437d4d 100644
--- a/crypto/src/math/ec/custom/sec/SecP256K1Field.cs
+++ b/crypto/src/math/ec/custom/sec/SecP256K1Field.cs
@@ -86,19 +86,17 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec
             }
         }
 
-        public static void Reduce(uint[] tt, uint[] z)
+        public static void Reduce(uint[] xx, uint[] z)
         {
-            ulong c = Nat256.Mul33AddExt(PInv33, tt, 8, tt, 0);
-            c = Nat256.Mul33DWordAdd(PInv33, c, tt, 0);
+            ulong c = Nat256.Mul33AddExt(PInv33, xx, 8, xx, 0, z, 0);
+            c = Nat256.Mul33DWordAdd(PInv33, c, z, 0);
 
             Debug.Assert(c == 0 || c == 1);
 
-            if (c != 0 || (tt[7] == P7 && Nat256.Gte(tt, P)))
+            if (c != 0 || (z[7] == P7 && Nat256.Gte(z, P)))
             {
-                Nat256.AddDWord(PInv, tt, 0);
+                Nat256.AddDWord(PInv, z, 0);
             }
-
-            Array.Copy(tt, 0, z, 0, 8);
         }
 
         public static void Square(uint[] x, uint[] z)
-- 
cgit 1.4.1