Skip to content

Commit 5ce3fe8

Browse files
str4dstr4d
committed
Use tweaked longs for unsigned instead of BigIntegers (thanks zzz)
1 parent ac53960 commit 5ce3fe8

File tree

2 files changed

+90
-97
lines changed

2 files changed

+90
-97
lines changed

src/net/i2p/crypto/eddsa/math/ed25519/Ed25519ScalarOps.java

Lines changed: 70 additions & 73 deletions
Original file line numberDiff line numberDiff line change
@@ -1,24 +1,21 @@
11
package net.i2p.crypto.eddsa.math.ed25519;
22

3-
import java.math.BigInteger;
43
import net.i2p.crypto.eddsa.math.ScalarOps;
54

65
public class Ed25519ScalarOps implements ScalarOps {
7-
private static final BigInteger n2097151 = BigInteger.valueOf(2097151);
8-
9-
private BigInteger load_3(byte[] in, int offset) {
10-
BigInteger result = new BigInteger(1, new byte[] {in[offset]});
11-
result = result.or(new BigInteger(1, new byte[] {in[offset+1]}).shiftLeft(8));
12-
result = result.or(new BigInteger(1, new byte[] {in[offset+2]}).shiftLeft(16));
6+
private static long load_3(byte[] in, int offset) {
7+
int result = in[offset++] & 0xff;
8+
result |= (in[offset++] & 0xff) << 8;
9+
result |= (in[offset] & 0xff) << 16;
1310
return result;
1411
}
1512

16-
private BigInteger load_4(byte[] in, int offset) {
17-
BigInteger result = new BigInteger(1, new byte[] {in[offset]});
18-
result = result.or(new BigInteger(1, new byte[] {in[offset+1]}).shiftLeft(8));
19-
result = result.or(new BigInteger(1, new byte[] {in[offset+2]}).shiftLeft(16));
20-
result = result.or(new BigInteger(1, new byte[] {in[offset+3]}).shiftLeft(24));
21-
return result;
13+
private static long load_4(byte[] in, int offset) {
14+
int result = in[offset++] & 0xff;
15+
result |= (in[offset++] & 0xff) << 8;
16+
result |= (in[offset++] & 0xff) << 16;
17+
result |= in[offset] << 24;
18+
return ((long)result) & 0xffffffffL;
2219
}
2320

2421
/**
@@ -30,30 +27,30 @@ private BigInteger load_4(byte[] in, int offset) {
3027
* where l = 2^252 + 27742317777372353535851937790883648493.
3128
*/
3229
public byte[] reduce(byte[] s) {
33-
long s0 = n2097151.and(load_3(s, 0)).longValue();
34-
long s1 = n2097151.and(load_4(s, 2).shiftRight(5)).longValue();
35-
long s2 = n2097151.and(load_3(s, 5).shiftRight(2)).longValue();
36-
long s3 = n2097151.and(load_4(s, 7).shiftRight(7)).longValue();
37-
long s4 = n2097151.and(load_4(s, 10).shiftRight(4)).longValue();
38-
long s5 = n2097151.and(load_3(s, 13).shiftRight(1)).longValue();
39-
long s6 = n2097151.and(load_4(s, 15).shiftRight(6)).longValue();
40-
long s7 = n2097151.and(load_3(s, 18).shiftRight(3)).longValue();
41-
long s8 = n2097151.and(load_3(s, 21)).longValue();
42-
long s9 = n2097151.and(load_4(s, 23).shiftRight(5)).longValue();
43-
long s10 = n2097151.and(load_3(s, 26).shiftRight(2)).longValue();
44-
long s11 = n2097151.and(load_4(s, 28).shiftRight(7)).longValue();
45-
long s12 = n2097151.and(load_4(s, 31).shiftRight(4)).longValue();
46-
long s13 = n2097151.and(load_3(s, 34).shiftRight(1)).longValue();
47-
long s14 = n2097151.and(load_4(s, 36).shiftRight(6)).longValue();
48-
long s15 = n2097151.and(load_3(s, 39).shiftRight(3)).longValue();
49-
long s16 = n2097151.and(load_3(s, 42)).longValue();
50-
long s17 = n2097151.and(load_4(s, 44).shiftRight(5)).longValue();
51-
long s18 = n2097151.and(load_3(s, 47).shiftRight(2)).longValue();
52-
long s19 = n2097151.and(load_4(s, 49).shiftRight(7)).longValue();
53-
long s20 = n2097151.and(load_4(s, 52).shiftRight(4)).longValue();
54-
long s21 = n2097151.and(load_3(s, 55).shiftRight(1)).longValue();
55-
long s22 = n2097151.and(load_4(s, 57).shiftRight(6)).longValue();
56-
long s23 = (load_4(s, 60).shiftRight(3)).longValue();
30+
long s0 = 2097151 & load_3(s, 0);
31+
long s1 = 2097151 & (load_4(s, 2) >> 5);
32+
long s2 = 2097151 & (load_3(s, 5) >> 2);
33+
long s3 = 2097151 & (load_4(s, 7) >> 7);
34+
long s4 = 2097151 & (load_4(s, 10) >> 4);
35+
long s5 = 2097151 & (load_3(s, 13) >> 1);
36+
long s6 = 2097151 & (load_4(s, 15) >> 6);
37+
long s7 = 2097151 & (load_3(s, 18) >> 3);
38+
long s8 = 2097151 & load_3(s, 21);
39+
long s9 = 2097151 & (load_4(s, 23) >> 5);
40+
long s10 = 2097151 & (load_3(s, 26) >> 2);
41+
long s11 = 2097151 & (load_4(s, 28) >> 7);
42+
long s12 = 2097151 & (load_4(s, 31) >> 4);
43+
long s13 = 2097151 & (load_3(s, 34) >> 1);
44+
long s14 = 2097151 & (load_4(s, 36) >> 6);
45+
long s15 = 2097151 & (load_3(s, 39) >> 3);
46+
long s16 = 2097151 & load_3(s, 42);
47+
long s17 = 2097151 & (load_4(s, 44) >> 5);
48+
long s18 = 2097151 & (load_3(s, 47) >> 2);
49+
long s19 = 2097151 & (load_4(s, 49) >> 7);
50+
long s20 = 2097151 & (load_4(s, 52) >> 4);
51+
long s21 = 2097151 & (load_3(s, 55) >> 1);
52+
long s22 = 2097151 & (load_4(s, 57) >> 6);
53+
long s23 = (load_4(s, 60) >> 3);
5754
long carry0;
5855
long carry1;
5956
long carry2;
@@ -284,42 +281,42 @@ public byte[] reduce(byte[] s) {
284281
* where l = 2^252 + 27742317777372353535851937790883648493.
285282
*/
286283
public byte[] multiplyAndAdd(byte[] a, byte[] b, byte[] c) {
287-
long a0 = n2097151.and(load_3(a, 0)).longValue();;
288-
long a1 = n2097151.and(load_4(a, 2).shiftRight(5)).longValue();
289-
long a2 = n2097151.and(load_3(a, 5).shiftRight(2)).longValue();
290-
long a3 = n2097151.and(load_4(a, 7).shiftRight(7)).longValue();
291-
long a4 = n2097151.and(load_4(a, 10).shiftRight(4)).longValue();
292-
long a5 = n2097151.and(load_3(a, 13).shiftRight(1)).longValue();
293-
long a6 = n2097151.and(load_4(a, 15).shiftRight(6)).longValue();
294-
long a7 = n2097151.and(load_3(a, 18).shiftRight(3)).longValue();
295-
long a8 = n2097151.and(load_3(a, 21)).longValue();
296-
long a9 = n2097151.and(load_4(a, 23).shiftRight(5)).longValue();
297-
long a10 = n2097151.and(load_3(a, 26).shiftRight(2)).longValue();
298-
long a11 = (load_4(a, 28).shiftRight(7)).longValue();
299-
long b0 = n2097151.and(load_3(b, 0)).longValue();;
300-
long b1 = n2097151.and(load_4(b, 2).shiftRight(5)).longValue();
301-
long b2 = n2097151.and(load_3(b, 5).shiftRight(2)).longValue();
302-
long b3 = n2097151.and(load_4(b, 7).shiftRight(7)).longValue();
303-
long b4 = n2097151.and(load_4(b, 10).shiftRight(4)).longValue();
304-
long b5 = n2097151.and(load_3(b, 13).shiftRight(1)).longValue();
305-
long b6 = n2097151.and(load_4(b, 15).shiftRight(6)).longValue();
306-
long b7 = n2097151.and(load_3(b, 18).shiftRight(3)).longValue();
307-
long b8 = n2097151.and(load_3(b, 21)).longValue();
308-
long b9 = n2097151.and(load_4(b, 23).shiftRight(5)).longValue();
309-
long b10 = n2097151.and(load_3(b, 26).shiftRight(2)).longValue();
310-
long b11 = (load_4(b, 28).shiftRight(7)).longValue();
311-
long c0 = n2097151.and(load_3(c, 0)).longValue();;
312-
long c1 = n2097151.and(load_4(c, 2).shiftRight(5)).longValue();
313-
long c2 = n2097151.and(load_3(c, 5).shiftRight(2)).longValue();
314-
long c3 = n2097151.and(load_4(c, 7).shiftRight(7)).longValue();
315-
long c4 = n2097151.and(load_4(c, 10).shiftRight(4)).longValue();
316-
long c5 = n2097151.and(load_3(c, 13).shiftRight(1)).longValue();
317-
long c6 = n2097151.and(load_4(c, 15).shiftRight(6)).longValue();
318-
long c7 = n2097151.and(load_3(c, 18).shiftRight(3)).longValue();
319-
long c8 = n2097151.and(load_3(c, 21)).longValue();
320-
long c9 = n2097151.and(load_4(c, 23).shiftRight(5)).longValue();
321-
long c10 = n2097151.and(load_3(c, 26).shiftRight(2)).longValue();
322-
long c11 = (load_4(c, 28).shiftRight(7)).longValue();
284+
long a0 = 2097151 & load_3(a, 0);
285+
long a1 = 2097151 & (load_4(a, 2) >> 5);
286+
long a2 = 2097151 & (load_3(a, 5) >> 2);
287+
long a3 = 2097151 & (load_4(a, 7) >> 7);
288+
long a4 = 2097151 & (load_4(a, 10) >> 4);
289+
long a5 = 2097151 & (load_3(a, 13) >> 1);
290+
long a6 = 2097151 & (load_4(a, 15) >> 6);
291+
long a7 = 2097151 & (load_3(a, 18) >> 3);
292+
long a8 = 2097151 & load_3(a, 21);
293+
long a9 = 2097151 & (load_4(a, 23) >> 5);
294+
long a10 = 2097151 & (load_3(a, 26) >> 2);
295+
long a11 = (load_4(a, 28) >> 7);
296+
long b0 = 2097151 & load_3(b, 0);
297+
long b1 = 2097151 & (load_4(b, 2) >> 5);
298+
long b2 = 2097151 & (load_3(b, 5) >> 2);
299+
long b3 = 2097151 & (load_4(b, 7) >> 7);
300+
long b4 = 2097151 & (load_4(b, 10) >> 4);
301+
long b5 = 2097151 & (load_3(b, 13) >> 1);
302+
long b6 = 2097151 & (load_4(b, 15) >> 6);
303+
long b7 = 2097151 & (load_3(b, 18) >> 3);
304+
long b8 = 2097151 & load_3(b, 21);
305+
long b9 = 2097151 & (load_4(b, 23) >> 5);
306+
long b10 = 2097151 & (load_3(b, 26) >> 2);
307+
long b11 = (load_4(b, 28) >> 7);
308+
long c0 = 2097151 & load_3(c, 0);
309+
long c1 = 2097151 & (load_4(c, 2) >> 5);
310+
long c2 = 2097151 & (load_3(c, 5) >> 2);
311+
long c3 = 2097151 & (load_4(c, 7) >> 7);
312+
long c4 = 2097151 & (load_4(c, 10) >> 4);
313+
long c5 = 2097151 & (load_3(c, 13) >> 1);
314+
long c6 = 2097151 & (load_4(c, 15) >> 6);
315+
long c7 = 2097151 & (load_3(c, 18) >> 3);
316+
long c8 = 2097151 & load_3(c, 21);
317+
long c9 = 2097151 & (load_4(c, 23) >> 5);
318+
long c10 = 2097151 & (load_3(c, 26) >> 2);
319+
long c11 = (load_4(c, 28) >> 7);
323320
long s0;
324321
long s1;
325322
long s2;

src/net/i2p/crypto/eddsa/math/radix251/Radix251LittleEndianEncoding.java

Lines changed: 20 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,5 @@
11
package net.i2p.crypto.eddsa.math.radix251;
22

3-
import java.math.BigInteger;
4-
53
import net.i2p.crypto.eddsa.math.Encoding;
64
import net.i2p.crypto.eddsa.math.FieldElement;
75

@@ -125,37 +123,35 @@ public byte[] encode(FieldElement x) {
125123
return s;
126124
}
127125

128-
private BigInteger load_3(byte[] in, int offset) {
129-
BigInteger result = new BigInteger(1, new byte[] {in[offset]});
130-
result = result.or(new BigInteger(1, new byte[] {in[offset+1]}).shiftLeft(8));
131-
result = result.or(new BigInteger(1, new byte[] {in[offset+2]}).shiftLeft(16));
126+
private static long load_3(byte[] in, int offset) {
127+
int result = in[offset++] & 0xff;
128+
result |= (in[offset++] & 0xff) << 8;
129+
result |= (in[offset] & 0xff) << 16;
132130
return result;
133131
}
134132

135-
private BigInteger load_4(byte[] in, int offset) {
136-
BigInteger result = new BigInteger(1, new byte[] {in[offset]});
137-
result = result.or(new BigInteger(1, new byte[] {in[offset+1]}).shiftLeft(8));
138-
result = result.or(new BigInteger(1, new byte[] {in[offset+2]}).shiftLeft(16));
139-
result = result.or(new BigInteger(1, new byte[] {in[offset+3]}).shiftLeft(24));
140-
return result;
133+
private static long load_4(byte[] in, int offset) {
134+
int result = in[offset++] & 0xff;
135+
result |= (in[offset++] & 0xff) << 8;
136+
result |= (in[offset++] & 0xff) << 16;
137+
result |= in[offset] << 24;
138+
return ((long)result) & 0xffffffffL;
141139
}
142140

143-
private static final BigInteger n8388607 = BigInteger.valueOf(8388607);
144-
145141
/**
146142
* Ignores top bit.
147143
*/
148144
public FieldElement decode(byte[] in) {
149-
long h0 = load_4(in, 0).longValue();
150-
long h1 = load_3(in, 4).shiftLeft(6).longValue();
151-
long h2 = load_3(in, 7).shiftLeft(5).longValue();
152-
long h3 = load_3(in, 10).shiftLeft(3).longValue();
153-
long h4 = load_3(in, 13).shiftLeft(2).longValue();
154-
long h5 = load_4(in, 16).longValue();
155-
long h6 = load_3(in, 20).shiftLeft(7).longValue();
156-
long h7 = load_3(in, 23).shiftLeft(5).longValue();
157-
long h8 = load_3(in, 26).shiftLeft(4).longValue();
158-
long h9 = load_3(in, 29).and(n8388607).shiftLeft(2).longValue();
145+
long h0 = load_4(in, 0);
146+
long h1 = load_3(in, 4) << 6;
147+
long h2 = load_3(in, 7) << 5;
148+
long h3 = load_3(in, 10) << 3;
149+
long h4 = load_3(in, 13) << 2;
150+
long h5 = load_4(in, 16);
151+
long h6 = load_3(in, 20) << 7;
152+
long h7 = load_3(in, 23) << 5;
153+
long h8 = load_3(in, 26) << 4;
154+
long h9 = (load_3(in, 29) & 8388607) << 2;
159155
long carry0;
160156
long carry1;
161157
long carry2;

0 commit comments

Comments
 (0)