| public static Sqr ( Array x, Array z ) : void | ||
| x | Array | |
| z | Array | |
| Результат | void | |
public static void Sqr(int[] x, int[] z)
{
int x0 = x[0];
int x1 = x[1];
int x2 = x[2];
int x3 = x[3];
int x4 = x[4];
int u0 = x[5];
int u1 = x[6];
int u2 = x[7];
int u3 = x[8];
int u4 = x[9];
int x1_2 = x1 * 2;
int x2_2 = x2 * 2;
int x3_2 = x3 * 2;
int x4_2 = x4 * 2;
long a0 = (long)x0 * x0;
long a1 = (long)x0 * x1_2;
long a2 = (long)x0 * x2_2
+ (long)x1 * x1;
long a3 = (long)x1_2 * x2_2
+ (long)x0 * x3_2;
long a4 = (long)x2 * x2_2
+ (long)x0 * x4_2
+ (long)x1 * x3_2;
long a5 = (long)x1_2 * x4_2
+ (long)x2_2 * x3_2;
long a6 = (long)x2_2 * x4_2
+ (long)x3 * x3;
long a7 = (long)x3 * x4_2;
long a8 = (long)x4 * x4_2;
int u1_2 = u1 * 2;
int u2_2 = u2 * 2;
int u3_2 = u3 * 2;
int u4_2 = u4 * 2;
long b0 = (long)u0 * u0;
long b1 = (long)u0 * u1_2;
long b2 = (long)u0 * u2_2
+ (long)u1 * u1;
long b3 = (long)u1_2 * u2_2
+ (long)u0 * u3_2;
long b4 = (long)u2 * u2_2
+ (long)u0 * u4_2
+ (long)u1 * u3_2;
long b5 = (long)u1_2 * u4_2
+ (long)u2_2 * u3_2;
long b6 = (long)u2_2 * u4_2
+ (long)u3 * u3;
long b7 = (long)u3 * u4_2;
long b8 = (long)u4 * u4_2;
a0 -= b5 * 38;
a1 -= b6 * 38;
a2 -= b7 * 38;
a3 -= b8 * 38;
a5 -= b0;
a6 -= b1;
a7 -= b2;
a8 -= b3;
//long a9 = -b4;
x0 += u0;
x1 += u1;
x2 += u2;
x3 += u3;
x4 += u4;
x1_2 = x1 * 2;
x2_2 = x2 * 2;
x3_2 = x3 * 2;
x4_2 = x4 * 2;
long c0 = (long)x0 * x0;
long c1 = (long)x0 * x1_2;
long c2 = (long)x0 * x2_2
+ (long)x1 * x1;
long c3 = (long)x1_2 * x2_2
+ (long)x0 * x3_2;
long c4 = (long)x2 * x2_2
+ (long)x0 * x4_2
+ (long)x1 * x3_2;
long c5 = (long)x1_2 * x4_2
+ (long)x2_2 * x3_2;
long c6 = (long)x2_2 * x4_2
+ (long)x3 * x3;
long c7 = (long)x3 * x4_2;
long c8 = (long)x4 * x4_2;
int z8, z9;
long t;
t = a8 + (c3 - a3);
z8 = (int)t & M26; t >>= 26;
//t += a9 + (c4 - a4);
t += (c4 - a4) - b4;
//z9 = (int)t & M24; t >>= 24;
//t = a0 + (t + ((c5 - a5) << 1)) * 19;
z9 = (int)t & M25; t >>= 25;
t = a0 + (t + c5 - a5) * 38;
z[0] = (int)t & M26; t >>= 26;
t += a1 + (c6 - a6) * 38;
z[1] = (int)t & M26; t >>= 26;
t += a2 + (c7 - a7) * 38;
z[2] = (int)t & M25; t >>= 25;
t += a3 + (c8 - a8) * 38;
z[3] = (int)t & M26; t >>= 26;
//t += a4 - a9 * 38;
t += a4 + b4 * 38;
z[4] = (int)t & M25; t >>= 25;
t += a5 + (c0 - a0);
z[5] = (int)t & M26; t >>= 26;
t += a6 + (c1 - a1);
z[6] = (int)t & M26; t >>= 26;
t += a7 + (c2 - a2);
z[7] = (int)t & M25; t >>= 25;
t += z8;
z[8] = (int)t & M26; t >>= 26;
z[9] = z9 + (int)t;
}
| X25519Field::Sqr ( Array x, int n, Array z ) : void |
public static void ScalarMult(byte[] k, int kOff, byte[] u, int uOff, byte[] r, int rOff)
{
uint[] n = new uint[8]; DecodeScalar(k, kOff, n);
int[] x1 = X25519Field.Create(); X25519Field.Decode(u, uOff, x1);
int[] x2 = X25519Field.Create(); X25519Field.Copy(x1, 0, x2, 0);
int[] z2 = X25519Field.Create(); z2[0] = 1;
int[] x3 = X25519Field.Create(); x3[0] = 1;
int[] z3 = X25519Field.Create();
int[] t1 = X25519Field.Create();
int[] t2 = X25519Field.Create();
Debug.Assert(n[7] >> 30 == 1U);
int bit = 254, swap = 1;
do
{
X25519Field.Apm(x3, z3, t1, x3);
X25519Field.Apm(x2, z2, z3, x2);
X25519Field.Mul(t1, x2, t1);
X25519Field.Mul(x3, z3, x3);
X25519Field.Sqr(z3, z3);
X25519Field.Sqr(x2, x2);
X25519Field.Sub(z3, x2, t2);
X25519Field.Mul(t2, C_A24, z2);
X25519Field.Add(z2, x2, z2);
X25519Field.Mul(z2, t2, z2);
X25519Field.Mul(x2, z3, x2);
X25519Field.Apm(t1, x3, x3, z3);
X25519Field.Sqr(x3, x3);
X25519Field.Sqr(z3, z3);
X25519Field.Mul(z3, x1, z3);
--bit;
int word = bit >> 5, shift = bit & 0x1F;
int kt = (int)(n[word] >> shift) & 1;
swap ^= kt;
X25519Field.CSwap(swap, x2, x3);
X25519Field.CSwap(swap, z2, z3);
swap = kt;
}while (bit >= 3);
Debug.Assert(swap == 0);
for (int i = 0; i < 3; ++i)
{
PointDouble(x2, z2);
}
X25519Field.Inv(z2, z2);
X25519Field.Mul(x2, z2, x2);
X25519Field.Normalize(x2);
X25519Field.Encode(x2, r, rOff);
}
