| public static Mul ( Array x, Array y, Array z ) : void | ||
| x | Array | |
| y | Array | |
| z | Array | |
| Результат | void | |
public static void Mul(int[] x, int[] y, int[] z)
{
int x0 = x[0], y0 = y[0];
int x1 = x[1], y1 = y[1];
int x2 = x[2], y2 = y[2];
int x3 = x[3], y3 = y[3];
int x4 = x[4], y4 = y[4];
int u0 = x[5], v0 = y[5];
int u1 = x[6], v1 = y[6];
int u2 = x[7], v2 = y[7];
int u3 = x[8], v3 = y[8];
int u4 = x[9], v4 = y[9];
long a0 = (long)x0 * y0;
long a1 = (long)x0 * y1
+ (long)x1 * y0;
long a2 = (long)x0 * y2
+ (long)x1 * y1
+ (long)x2 * y0;
long a3 = (long)x1 * y2
+ (long)x2 * y1;
a3 <<= 1;
a3 += (long)x0 * y3
+ (long)x3 * y0;
long a4 = (long)x2 * y2;
a4 <<= 1;
a4 += (long)x0 * y4
+ (long)x1 * y3
+ (long)x3 * y1
+ (long)x4 * y0;
long a5 = (long)x1 * y4
+ (long)x2 * y3
+ (long)x3 * y2
+ (long)x4 * y1;
a5 <<= 1;
long a6 = (long)x2 * y4
+ (long)x4 * y2;
a6 <<= 1;
a6 += (long)x3 * y3;
long a7 = (long)x3 * y4
+ (long)x4 * y3;
long a8 = (long)x4 * y4;
a8 <<= 1;
long b0 = (long)u0 * v0;
long b1 = (long)u0 * v1
+ (long)u1 * v0;
long b2 = (long)u0 * v2
+ (long)u1 * v1
+ (long)u2 * v0;
long b3 = (long)u1 * v2
+ (long)u2 * v1;
b3 <<= 1;
b3 += (long)u0 * v3
+ (long)u3 * v0;
long b4 = (long)u2 * v2;
b4 <<= 1;
b4 += (long)u0 * v4
+ (long)u1 * v3
+ (long)u3 * v1
+ (long)u4 * v0;
long b5 = (long)u1 * v4
+ (long)u2 * v3
+ (long)u3 * v2
+ (long)u4 * v1;
//b5 <<= 1;
long b6 = (long)u2 * v4
+ (long)u4 * v2;
b6 <<= 1;
b6 += (long)u3 * v3;
long b7 = (long)u3 * v4
+ (long)u4 * v3;
long b8 = (long)u4 * v4;
//b8 <<= 1;
a0 -= b5 * 76;
a1 -= b6 * 38;
a2 -= b7 * 38;
a3 -= b8 * 76;
a5 -= b0;
a6 -= b1;
a7 -= b2;
a8 -= b3;
//long a9 = -b4;
x0 += u0; y0 += v0;
x1 += u1; y1 += v1;
x2 += u2; y2 += v2;
x3 += u3; y3 += v3;
x4 += u4; y4 += v4;
long c0 = (long)x0 * y0;
long c1 = (long)x0 * y1
+ (long)x1 * y0;
long c2 = (long)x0 * y2
+ (long)x1 * y1
+ (long)x2 * y0;
long c3 = (long)x1 * y2
+ (long)x2 * y1;
c3 <<= 1;
c3 += (long)x0 * y3
+ (long)x3 * y0;
long c4 = (long)x2 * y2;
c4 <<= 1;
c4 += (long)x0 * y4
+ (long)x1 * y3
+ (long)x3 * y1
+ (long)x4 * y0;
long c5 = (long)x1 * y4
+ (long)x2 * y3
+ (long)x3 * y2
+ (long)x4 * y1;
c5 <<= 1;
long c6 = (long)x2 * y4
+ (long)x4 * y2;
c6 <<= 1;
c6 += (long)x3 * y3;
long c7 = (long)x3 * y4
+ (long)x4 * y3;
long c8 = (long)x4 * y4;
c8 <<= 1;
int z8, z9;
long t;
t = a8 + (c3 - a3);
z8 = (int)t & M26; t >>= 26;
//t += a9 + (c4 - a4);
t += (c4 - a4) - b4;
//z9 = (int)t & M24; t >>= 24;
//t = a0 + (t + ((c5 - a5) << 1)) * 19;
z9 = (int)t & M25; t >>= 25;
t = a0 + (t + c5 - a5) * 38;
z[0] = (int)t & M26; t >>= 26;
t += a1 + (c6 - a6) * 38;
z[1] = (int)t & M26; t >>= 26;
t += a2 + (c7 - a7) * 38;
z[2] = (int)t & M25; t >>= 25;
t += a3 + (c8 - a8) * 38;
z[3] = (int)t & M26; t >>= 26;
//t += a4 - a9 * 38;
t += a4 + b4 * 38;
z[4] = (int)t & M25; t >>= 25;
t += a5 + (c0 - a0);
z[5] = (int)t & M26; t >>= 26;
t += a6 + (c1 - a1);
z[6] = (int)t & M26; t >>= 26;
t += a7 + (c2 - a2);
z[7] = (int)t & M25; t >>= 25;
t += z8;
z[8] = (int)t & M26; t >>= 26;
z[9] = z9 + (int)t;
}
| X25519Field::Mul ( Array x, int y, Array z ) : void |
public static void ScalarMult(byte[] k, int kOff, byte[] u, int uOff, byte[] r, int rOff)
{
uint[] n = new uint[8]; DecodeScalar(k, kOff, n);
int[] x1 = X25519Field.Create(); X25519Field.Decode(u, uOff, x1);
int[] x2 = X25519Field.Create(); X25519Field.Copy(x1, 0, x2, 0);
int[] z2 = X25519Field.Create(); z2[0] = 1;
int[] x3 = X25519Field.Create(); x3[0] = 1;
int[] z3 = X25519Field.Create();
int[] t1 = X25519Field.Create();
int[] t2 = X25519Field.Create();
Debug.Assert(n[7] >> 30 == 1U);
int bit = 254, swap = 1;
do
{
X25519Field.Apm(x3, z3, t1, x3);
X25519Field.Apm(x2, z2, z3, x2);
X25519Field.Mul(t1, x2, t1);
X25519Field.Mul(x3, z3, x3);
X25519Field.Sqr(z3, z3);
X25519Field.Sqr(x2, x2);
X25519Field.Sub(z3, x2, t2);
X25519Field.Mul(t2, C_A24, z2);
X25519Field.Add(z2, x2, z2);
X25519Field.Mul(z2, t2, z2);
X25519Field.Mul(x2, z3, x2);
X25519Field.Apm(t1, x3, x3, z3);
X25519Field.Sqr(x3, x3);
X25519Field.Sqr(z3, z3);
X25519Field.Mul(z3, x1, z3);
--bit;
int word = bit >> 5, shift = bit & 0x1F;
int kt = (int)(n[word] >> shift) & 1;
swap ^= kt;
X25519Field.CSwap(swap, x2, x3);
X25519Field.CSwap(swap, z2, z3);
swap = kt;
}while (bit >= 3);
Debug.Assert(swap == 0);
for (int i = 0; i < 3; ++i)
{
PointDouble(x2, z2);
}
X25519Field.Inv(z2, z2);
X25519Field.Mul(x2, z2, x2);
X25519Field.Normalize(x2);
X25519Field.Encode(x2, r, rOff);
}
