crypto/src/math/ec/multiplier/FixedPointUtilities.cs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95

using System;

namespace Org.BouncyCastle.Math.EC.Multiplier
{
    public class FixedPointUtilities
    {
        public static readonly string PRECOMP_NAME = "bc_fixed_point";

        public static int GetCombSize(ECCurve c)
        {
            BigInteger order = c.Order;
            return order == null ? c.FieldSize + 1 : order.BitLength;
        }

        public static FixedPointPreCompInfo GetFixedPointPreCompInfo(PreCompInfo preCompInfo)
        {
            return preCompInfo as FixedPointPreCompInfo;
        }

        public static FixedPointPreCompInfo Precompute(ECPoint p)
        {
            return (FixedPointPreCompInfo)p.Curve.Precompute(p, PRECOMP_NAME, new FixedPointCallback(p));
        }

        private class FixedPointCallback
            : IPreCompCallback
        {
            private readonly ECPoint m_p;

            internal FixedPointCallback(ECPoint p)
            {
                this.m_p = p;
            }

            public PreCompInfo Precompute(PreCompInfo existing)
            {
                FixedPointPreCompInfo existingFP = (existing is FixedPointPreCompInfo) ? (FixedPointPreCompInfo)existing : null;

                ECCurve c = m_p.Curve;
                int bits = FixedPointUtilities.GetCombSize(c);
                int minWidth = bits > 250 ? 6 : 5;
                int n = 1 << minWidth;

                if (CheckExisting(existingFP, n))
                    return existingFP;

                int d = (bits + minWidth - 1) / minWidth;

                ECPoint[] pow2Table = new ECPoint[minWidth + 1];
                pow2Table[0] = m_p;
                for (int i = 1; i < minWidth; ++i)
                {
                    pow2Table[i] = pow2Table[i - 1].TimesPow2(d);
                }

                // This will be the 'offset' value 
                pow2Table[minWidth] = pow2Table[0].Subtract(pow2Table[1]);

                c.NormalizeAll(pow2Table);

                ECPoint[] lookupTable = new ECPoint[n];
                lookupTable[0] = pow2Table[0];

                for (int bit = minWidth - 1; bit >= 0; --bit)
                {
                    ECPoint pow2 = pow2Table[bit];

                    int step = 1 << bit;
                    for (int i = step; i < n; i += (step << 1))
                    {
                        lookupTable[i] = lookupTable[i - step].Add(pow2);
                    }
                }

                c.NormalizeAll(lookupTable);

                FixedPointPreCompInfo result = new FixedPointPreCompInfo();
                result.LookupTable = c.CreateCacheSafeLookupTable(lookupTable, 0, lookupTable.Length);
                result.Offset = pow2Table[minWidth];
                result.Width = minWidth;
                return result;
            }

            private bool CheckExisting(FixedPointPreCompInfo existingFP, int n)
            {
                return existingFP != null && CheckTable(existingFP.LookupTable, n);
            }

            private bool CheckTable(ECLookupTable table, int n)
            {
                return table != null && table.Size >= n;
            }
        }
    }
}