Moved I to Curve, pass it in as a parameter

str4d · str4d · commit f5836c848626 · 2014-05-11T11:46:24.000Z
Most FieldElement implementations (in particular, the ref10 implementation)
don't have a generic pow() method, and instead will have I hard-coded.
diff --git a/src/net/i2p/crypto/eddsa/math/Curve.java b/src/net/i2p/crypto/eddsa/math/Curve.java
@@ -13,15 +13,17 @@ public class Curve implements Serializable {
     private final Field f;
     private final FieldElement d;
     private final FieldElement d2;
+    private final FieldElement I;
 
     private final GroupElement zeroP2;
     private final GroupElement zeroP3;
     private final GroupElement zeroPrecomp;
 
-    public Curve(Field f, byte[] d) {
+    public Curve(Field f, byte[] d, FieldElement I) {
         this.f = f;
         this.d = f.fromByteArray(d);
         this.d2 = this.d.add(this.d);
+        this.I = I;
 
         FieldElement zero = f.zero;
         FieldElement one = f.one;
@@ -42,6 +44,10 @@ public FieldElement get2D() {
         return d2;
     }
 
+    public FieldElement getI() {
+        return I;
+    }
+
     public GroupElement getZero(GroupElement.Representation repr) {
         switch (repr) {
         case P2:
diff --git a/src/net/i2p/crypto/eddsa/math/Field.java b/src/net/i2p/crypto/eddsa/math/Field.java
@@ -28,7 +28,6 @@ public class Field implements Serializable {
      */
     private final FieldElement qm5d8;
     private final Encoding enc;
-    private final FieldElement I;
 
     public Field(int b, byte[] q, Encoding enc) {
         this.b = b;
@@ -48,7 +47,6 @@ public Field(int b, byte[] q, Encoding enc) {
         // Precompute values
         qm2 = this.q.subtract(two);
         qm5d8 = this.q.subtract(five).divide(eight);
-        I = two.pow(this.q.subtract(one).divide(four));
     }
 
     public FieldElement fromByteArray(byte[] x) {
@@ -75,10 +73,6 @@ public Encoding getEncoding(){
         return enc;
     }
 
-    public FieldElement getI() {
-        return I;
-    }
-
     @Override
     public int hashCode() {
         return q.hashCode();
diff --git a/src/net/i2p/crypto/eddsa/math/FieldElement.java b/src/net/i2p/crypto/eddsa/math/FieldElement.java
@@ -47,5 +47,5 @@ public FieldElement divide(FieldElement val) {
 
     public abstract FieldElement invert();
 
-    public abstract FieldElement pow(FieldElement e);
+    public abstract FieldElement pow22523();
 }
diff --git a/src/net/i2p/crypto/eddsa/math/GroupElement.java b/src/net/i2p/crypto/eddsa/math/GroupElement.java
@@ -117,7 +117,7 @@ public GroupElement(Curve curve, byte[] s) {
         x = v3.square().multiply(v).multiply(u);	
 
         //  x = (uv^7)^((q-5)/8)
-        x = x.pow(curve.getField().getQm5d8());
+        x = x.pow22523();
 
         // x = uv^3(uv^7)^((q-5)/8)
         x = v3.multiply(u).multiply(x);
@@ -129,7 +129,7 @@ public GroupElement(Curve curve, byte[] s) {
 
             if (check.isNonZero())
                 throw new IllegalArgumentException("not a valid GroupElement");
-            x = x.multiply(curve.getField().getI());
+            x = x.multiply(curve.getI());
         }
 
         if ((x.isNegative() ? 1 : 0) != Utils.bit(s, curve.getField().getb()-1)) {
diff --git a/src/net/i2p/crypto/eddsa/math/bigint/BigIntegerFieldElement.java b/src/net/i2p/crypto/eddsa/math/bigint/BigIntegerFieldElement.java
@@ -89,6 +89,10 @@ public FieldElement pow(FieldElement e){
         return modPow(e, f.getQ());
     }
 
+    public FieldElement pow22523(){
+        return pow(f.getQm5d8());
+    }
+
     @Override
     public int hashCode() {
         return bi.hashCode();
diff --git a/src/net/i2p/crypto/eddsa/spec/EdDSANamedCurveTable.java b/src/net/i2p/crypto/eddsa/spec/EdDSANamedCurveTable.java
@@ -5,6 +5,7 @@
 import net.i2p.crypto.eddsa.Utils;
 import net.i2p.crypto.eddsa.math.Curve;
 import net.i2p.crypto.eddsa.math.Field;
+import net.i2p.crypto.eddsa.math.bigint.BigIntegerFieldElement;
 import net.i2p.crypto.eddsa.math.bigint.BigIntegerLittleEndianEncoding;
 import net.i2p.crypto.eddsa.math.ed25519.Ed25519ScalarOps;
 
@@ -22,7 +23,8 @@ public class EdDSANamedCurveTable {
                     new BigIntegerLittleEndianEncoding());
 
     private static final Curve ed25519curve = new Curve(ed25519field,
-            Utils.hexToBytes("a3785913ca4deb75abd841414d0a700098e879777940c78c73fe6f2bee6c0352")); // d
+            Utils.hexToBytes("a3785913ca4deb75abd841414d0a700098e879777940c78c73fe6f2bee6c0352"), // d
+            ((BigIntegerFieldElement)ed25519field.two).pow(ed25519field.getQ().subtractOne().divide(ed25519field.four))); // I
 
     private static final EdDSANamedCurveSpec ed25519sha512 = new EdDSANamedCurveSpec(
             CURVE_ED25519_SHA512,
diff --git a/test/net/i2p/crypto/eddsa/math/ConstantsTest.java b/test/net/i2p/crypto/eddsa/math/ConstantsTest.java
@@ -64,7 +64,7 @@ public void testd() {
     @Test
     public void testI() {
         FieldElement q = curve.getField().getQ();
-        assertThat(curve.getField().getI().modPow(curve.getField().two, q), is(equalTo(q.subtractOne())));
+        assertThat(curve.getI().modPow(curve.getField().two, q), is(equalTo(q.subtractOne())));
     }*/
 
     @Test

Original file line number	Diff line number	Diff line change
`@@ -47,5 +47,5 @@ public FieldElement divide(FieldElement val) {`
`47`	`47`
`48`	`48`	`public abstract FieldElement invert();`
`49`	`49`
`50`		`- public abstract FieldElement pow(FieldElement e);`
	`50`	`+ public abstract FieldElement pow22523();`
`51`	`51`	`}`