NTRU: Optimize S3ToBytes

peterdettman · peterdettman · commit a7a7254f8cd2 · 2024-11-21T11:35:12.000+07:00
diff --git a/core/src/main/java/org/bouncycastle/pqc/math/ntru/Polynomial.java b/core/src/main/java/org/bouncycastle/pqc/math/ntru/Polynomial.java
@@ -147,28 +147,33 @@ public byte[] s3ToBytes(int messageSize)
 
     public void s3ToBytes(byte[] msg, int msgOff)
     {
-        byte c;
+        int degree = params.packDegree(), limit = degree - 5;
 
-        for (int i = 0; i < params.packDegree() / 5; i++)
+        int i = 0;
+        while (i <= limit)
         {
-            c = (byte)(this.coeffs[5 * i + 4] & 255);
-            c = (byte)(3 * c + this.coeffs[5 * i + 3] & 255);
-            c = (byte)(3 * c + this.coeffs[5 * i + 2] & 255);
-            c = (byte)(3 * c + this.coeffs[5 * i + 1] & 255);
-            c = (byte)(3 * c + this.coeffs[5 * i + 0] & 255);
-            msg[i + msgOff] = c;
+            int c0 = (coeffs[i + 0] & 0xFF);
+            int c1 = (coeffs[i + 1] & 0xFF) * 3;
+            int c2 = (coeffs[i + 2] & 0xFF) * 9;
+            int c3 = (coeffs[i + 3] & 0xFF) * 27;
+            int c4 = (coeffs[i + 4] & 0xFF) * 81;
+
+            msg[msgOff++] = (byte)(c0 + c1 + c2 + c3 + c4);
+            i += 5;
         }
 
-        // if 5 does not divide NTRU_N-1
-        if (params.packDegree() > (params.packDegree() / 5) * 5)
+        if (i < degree)
         {
-            int i = params.packDegree() / 5;
-            c = 0;
-            for (int j = params.packDegree() - (5 * i) - 1; j >= 0; j--)
+            int j = degree - 1;
+            int c = coeffs[j] & 0xFF;
+
+            while (--j >= i)
             {
-                c = (byte)(3 * c + this.coeffs[5 * i + j] & 255);
+                c *= 3;
+                c += coeffs[j] & 0xFF;
             }
-            msg[i + msgOff] = c;
+
+            msg[msgOff++] = (byte)c;
         }
     }
 
