namespace Org.BouncyCastle.Pqc.Crypto.Falcon { internal class FalconCommon { internal uint[] l2bound = new uint[11] { 0, 101498, 208714, 428865, 892039, 1852696, 3842630, 7959734, 16468416, 34034726, 70265242 }; internal void hash_to_point_vartime(SHAKE256 sc, ushort[] xsrc, int x, uint logn) { int num = 1 << (int)logn; while (num > 0) { byte[] array = new byte[2]; sc.i_shake256_extract(array, 0, 2); uint num2 = (uint)((array[0] << 8) | array[1]); if (num2 < 61445) { while (num2 >= 12289) { num2 -= 12289; } xsrc[x++] = (ushort)num2; num--; } } } internal bool is_short(short[] s1src, int s1, short[] s2src, int s2, uint logn) { int num = 1 << (int)logn; uint num2 = 0; uint num3 = 0; for (int i = 0; i < num; i++) { int num4 = s1src[s1 + i]; num2 = (uint)((int)num2 + num4 * num4); num3 |= num2; num4 = s2src[s2 + i]; num2 = (uint)((int)num2 + num4 * num4); num3 |= num2; } num2 = (uint)((int)num2 | (int)(0 - (num3 >> 31))); return num2 <= l2bound[logn]; } internal bool is_short_half(uint sqn, short[] s2src, int s2, uint logn) { int num = 1 << (int)logn; uint num2 = (uint)(0 - (sqn >> 31)); for (int i = 0; i < num; i++) { int num3 = s2src[s2 + i]; sqn = (uint)((int)sqn + num3 * num3); num2 |= sqn; } sqn = (uint)((int)sqn | (int)(0 - (num2 >> 31))); return sqn <= l2bound[logn]; } } }