foster/bitcoin-bitcoin-core
0
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-02-11 11:16:09 -05:00
Code Issues Activity
bitcoin-bitcoin-core/src/ecmult.h

51 lines
2.3 KiB
C
Raw Normal View History

Squashed 'src/secp256k1/' changes from 3967d96bf1..efad3506a8 efad3506a8 Merge #906: Use modified divsteps with initial delta=1/2 for constant-time cc2c09e3a7 Merge #918: Clean up configuration in gen_context 07067967ee add ECMULT_GEN_PREC_BITS to basic_config.h a3aa2628c7 gen_context: Don't include basic-config.h be0609fd54 Add unit tests for edge cases with delta=1/2 variant of divsteps cd393ce228 Optimization: only do 59 hddivsteps per iteration instead of 62 277b224b6a Use modified divsteps with initial delta=1/2 for constant-time 376ca366db Fix typo in explanation 1e5d50fa93 Merge #889: fix uninitialized read in tests c083cc6e52 Merge #903: Make argument of fe_normalizes_to_zero{_var} const 6e898534ff Merge #907: changed import to use brackets <> for openssl 4504472269 changed import to use brackets <> for openssl as they are not local to the project 26de4dfeb1 Merge #831: Safegcd inverses, drop Jacobi symbols, remove libgmp 23c3fb629b Make argument of fe_normalizes_to_zero{_var} const 24ad04fc06 Make scalar_inverse{,_var} benchmark scale with SECP256K1_BENCH_ITERS ebc1af700f Optimization: track f,g limb count and pass to new variable-time update_fg_var b306935ac1 Optimization: use formulas instead of lookup tables for cancelling g bits 9164a1b658 Optimization: special-case zero modulus limbs in modinv64 1f233b3fa0 Remove num/gmp support 20448b8d09 Remove unused Jacobi symbol support 5437e7bdfb Remove unused scalar_sqr aa9cc52180 Improve field/scalar inverse tests 1e0e885c8a Make field/scalar code use the new modinv modules for inverses 436281afdc Move secp256k1_fe_inverse{_var} to per-impl files aa404d53be Move secp256k1_scalar_{inverse{_var},is_even} to per-impl files 08d54964e5 Improve bounds checks in modinv modules 151aac00d3 Add tests for modinv modules d8a92fcc4c Add extensive comments on the safegcd algorithm and implementation 8e415acba2 Add safegcd based modular inverse modules de0a643c3d Add secp256k1_ctz{32,64}_var functions 4c3ba88c3a Merge #901: ci: Switch all Linux builds to Debian and more improvements 9361f360bb ci: Select number of parallel make jobs depending on CI environment 28eccdf806 ci: Split output of logs into multiple sections c7f754fe4d ci: Run PRs on merge result instead of on the source branch b994a8be3c ci: Print information about binaries using "file" f24e122d13 ci: Switch all Linux builds to Debian ebdba03cb5 Merge #891: build: Add workaround for automake 1.13 and older 3a8b47bc6d Merge #894: ctime_test: move context randomization test to the end 7d3497cdc4 ctime_test: move context randomization test to the end 99a1cfec17 print warnings for conditional-uninitialized 3d2cf6c5bd initialize variable in tests f329bba244 build: Add workaround for automake 1.13 and older 24d1656c32 Merge #882: Use bit ops instead of int mult for constant-time logic in gej_add_ge e491d06b98 Use bit ops instead of int mult for constant-time logic in gej_add_ge f8c0b57e6b Merge #864: Add support for Cirrus CI cc2a5451dc ci: Refactor Nix shell files 2480e55c8f ci: Remove support for Travis CI 2b359f1c1d ci: Enable simple cache for brewing valgrind on macOS 8c02e465c5 ci: Add support for Cirrus CI 659d0d4798 Merge #880: Add parens around ROUND_TO_ALIGN's parameter. b6f649889a Add parens around ROUND_TO_ALIGN's parameter. This makes the macro robust against a hypothetical ROUND_TO_ALIGN(foo ? sizeA : size B) invocation. a4abaab793 Merge #877: Add missing secp256k1_ge_set_gej_var decl. 5671e5f3fd Merge #874: Remove underscores from header defs. db726782fa Merge #878: Remove unused secp256k1_fe_inv_all_var b732701faa Merge #875: Avoid casting (void**) values. 75d2ae149e Remove unused secp256k1_fe_inv_all_var 482e4a9cfc Add missing secp256k1_ge_set_gej_var decl. 2730618604 Avoid casting (void**) values. Replaced with an expression that only casts (void*) values. fb390c5299 Remove underscores from header defs. This makes them consistent with other files and avoids reserved identifiers. f2d9aeae6d Merge #862: Autoconf improvements 328aaef22a Merge #845: Extract the secret key from a keypair 3c15130709 Improve CC_FOR_BUILD detection 47802a4762 Restructure and tidy configure.ac 252c19dfc6 Ask brew for valgrind include path 8c727b9087 Merge #860: fixed trivial typo b7bc3a4aaa fixed typo 33cb3c2b1f Add secret key extraction from keypair to constant time tests 36d9dc1e8e Add seckey extraction from keypair to the extrakeys tests fc96aa73f5 Add a function to extract the secretkey from a keypair 98dac87839 Merge #858: Fix insecure links 07aa4c70ff Fix insecure links b61f9da54e Merge #857: docs: fix simple typo, dependecy -> dependency 18aadf9d28 docs: fix simple typo, dependecy -> dependency 2d9e7175c6 Merge #852: Add sage script for generating scalar_split_lambda constants dc6e5c3a5c Merge #854: Rename msg32 to msghash32 in ecdsa_sign/verify and add explanation 6e85d675aa Rename tweak to tweak32 in public API f587f04e35 Rename msg32 to msghash32 in ecdsa_sign/verify and add explanation 329a2e0a3f sage: Add script for generating scalar_split_lambda constants 8f0c6f1545 Merge #851: make test count iteration configurable by environment variable f4fa8d226a forbid a test iteration of 0 or less f554dfc708 sage: Reorganize files 3a106966aa Merge #849: Convert Sage code to Python 3 (as used by Sage >= 9) 13c88efed0 Convert Sage code to Python 3 (as used by Sage >= 9) 0ce4554881 make test count iteration configurable by environment variable 9e5939d284 Merge #835: Don't use reserved identifiers memczero and benchmark_verify_t d0a83f7328 Merge #839: Prevent arithmetic on NULL pointer if the scratch space is too small 903b16aa6c Merge #840: Return NULL early in context_preallocated_create if flags invalid 1f4dd03838 Typedef (u)int128_t only when they're not provided by the compiler ebfa2058e9 Return NULL early in context_preallocated_create if flags invalid 29a299e373 Run the undefined behaviour sanitizer on Travis 7506e064d7 Prevent arithmetic on NULL pointer if the scratch space is too small e89278f211 Don't use reserved identifiers memczero and benchmark_verify_t git-subtree-dir: src/secp256k1 git-subtree-split: efad3506a8937162e8010f5839fdf3771dfcf516
2021-04-23 11:35:15 -07:00
/***********************************************************************
* Copyright (c) 2013, 2014, 2017 Pieter Wuille, Andrew Poelstra *
* Distributed under the MIT software license, see the accompanying *
* file COPYING or https://www.opensource.org/licenses/mit-license.php.*
***********************************************************************/
Squashed 'src/secp256k1/' content from commit ad2028f git-subtree-dir: src/secp256k1 git-subtree-split: ad2028f9890ca40bdd32055aa0fe5c1c9af0e485
2014-11-18 18:06:36 +01:00
Squashed 'src/secp256k1/' changes from 84973d393..0b7024185 0b7024185 Merge #474: Fix header guards using reserved identifiers ab1f89f00 Merge #478: Fixed multiple typos 8c7ea22d5 Fixed multiple typos abe2d3e84 Fix header guards using reserved identifiers f532bdc9f Merge #459: Add pubkey prefix constants to include/secp256k1.h cac7c5559 Merge #470: Fix wnaf_const documentation 768514bac Fix wnaf_const documentation with respect to return value and number of words set b8c26a399 Merge #458: Fix typo in API documentation 817fb2013 Merge #440: Fix typos 12230f90e Merge #468: Remove redundant conditional expression 2e1ccdca0 Remove redundant conditional expression bc61b91ac add pubkey prefix constants to include/secp256k1.h b0452e664 Fix typo in API documentation 4c0f32ed5 Fix typo: "Agressive" → "Aggressive" 73aca8364 Fix typo: "exectured" → "executed" git-subtree-dir: src/secp256k1 git-subtree-split: 0b7024185045a49a1a6a4c5615bf31c94f63d9c4
2017-09-29 16:00:20 +02:00
#ifndef SECP256K1_ECMULT_H
#define SECP256K1_ECMULT_H
Squashed 'src/secp256k1/' content from commit ad2028f git-subtree-dir: src/secp256k1 git-subtree-split: ad2028f9890ca40bdd32055aa0fe5c1c9af0e485
2014-11-18 18:06:36 +01:00
#include "group.h"
Squashed 'src/secp256k1/' changes from 0b70241850..b19c000063 b19c000063 Merge #607: Use size_t shifts when computing a size_t 4d01bc2d9c Merge #606: travis: Remove unused sudo:false e6d01e9347 Use size_t shifts when computing a size_t 7667532bd7 travis: Remove unused sudo:false ee99f12f3d Merge #599: Switch x86_64 asm to use "i" instead of "n" for immediate values. d58bc93f2c Switch x86_64 asm to use "i" instead of "n" for immediate values. 05362ee042 Merge #597: Add $(COMMON_LIB) to exhaustive tests to fix ARM asm build 83483869ac Add $(COMMON_LIB) to exhaustive tests to fix ARM asm build aa15154a48 Merge #568: Fix integer overflow in ecmult_multi_var when n is large 2277af5ff0 Fix integer overflow in ecmult_multi_var when n is large 85d0e1bcce Merge #591: Make bench_internal obey secp256k1_fe_sqrt's contract wrt aliasing. 14196379ec Merge #580: Add trivial ecmult_multi algorithm which does not require a scratch space a697d82da9 Add trivial ecmult_multi to the benchmark tool bade617417 Add trivial ecmult_multi algorithm. It is selected when no scratch space is given and just multiplies and adds the points. 5545e13dea Merge #584: configure: Use CFLAGS_FOR_BUILD when checking native compiler 20c5869df2 Merge #516: improvements to random seed in src/tests.c b76e45d5d6 Make bench_internal obey secp256k1_fe_sqrt's contract wrt aliasing. 870a977644 Merge #562: Make use of TAG_PUBKEY constants in secp256k1_eckey_pubkey_parse be40c4d0b5 Fixup for C90 mixed declarations. c71dd2c08f Merge #509: Fix algorithm selection in bench_ecmult 6492bf88cc Merge #518: Summarize build options after running configure 0e9ada1941 Merge #567: Correct order of libs returned on pkg-config --libs --static libsecp2… e96901a4b9 Merge #587: Make randomization of a non-signing context a noop 58df8d03ad Merge #511: Portability fix for the configure scripts generated 2ebdad772a Merge #552: Make constants static: 1c131affd3 Merge #551: secp256k1_fe_sqrt: Verify that the arguments don't alias. ba698f883b Merge #539: Assorted minor corrections 949e85b009 Merge #550: Optimize secp256k1_fe_normalize_weak calls. a34bcaadf1 Actually pass CFLAGS_FOR_BUILD and LDFLAGS_FOR_BUILD to linker 2d5f4cebdc configure: Use CFLAGS_FOR_BUILD when checking native compiler b408c6a8b2 Merge #579: Use __GNUC_PREREQ for detecting __builtin_expect 6198375218 Make randomization of a non-signing context a noop c663397f46 Use __GNUC_PREREQ for detecting __builtin_expect e34ceb333b Merge #557: Eliminate scratch memory used when generating contexts b3bf5f99a3 ecmult_impl: expand comment to explain how effective affine interacts with everything efa783f8f0 Store z-ratios in the 'x' coord they'll recover ffd3b346fe add `secp256k1_ge_set_all_gej_var` test which deals with many infinite points 84740acd2a ecmult_impl: save one fe_inv_var 47045270fa ecmult_impl: eliminate scratch memory used when generating context 7f7a2ed3a8 ecmult_gen_impl: eliminate scratch memory used when generating context 314a61d724 Merge #553: add static context object which has no capabilities 89a20a8945 Correct order of libs returned on pkg-config --libs --static libsecp256k1 call. 1086fda4c1 Merge #354: [ECDH API change] Support custom hash function d3cb1f95eb Make use of TAG_PUBKEY constants in secp256k1_eckey_pubkey_parse 40fde611bd prevent attempts to modify `secp256k1_context_no_precomp` ed7c08417a add static context object which has no capabilities 496c5b43b8 Make constants static: static const secp256k1_ge secp256k1_ge_const_g; static const int CURVE_B; bf8b86cc07 secp256k1_fe_sqrt: Verify that the arguments don't alias. 9bd89c836b Optimize secp256k1_fe_normalize_weak calls. Move secp256k1_fe_normalize_weak calls out of ECMULT_TABLE_GET_GE and ECMULT_TABLE_GET_GE_STORAGE and into secp256k1_ge_globalz_set_table_gej instead. 52ab96fedb clean dependendies in field_*_impl.h deff5edd42 Correct math typos in field_*.h 4efb3f8dd1 Add check that restrict pointers don't alias with all parameters. 1e6f1f5ad5 Merge #529: fix tests.c in the count == 0 case c8fbc3c397 [ECDH API change] Allow pass arbitrary data to hash function b00be65056 [ECDH API change] Support custom hash function 95e99f196f fix tests.c in the count == 0 case 452d8e4d2a Merge #523: scratch: add stack frame support 6fe50439ae scratch: add stack frame support 9bc2e26502 Merge #522: parameterize ecmult_const over input size 7c1b91ba4b parameterize ecmult_const over input size dbc3ddd5e2 Merge #513: Increase sparsity of pippenger fixed window naf representation 3965027c81 Summarize build options in configure script 0f0517369c Fix algorithm selection in bench_ecmult fb9271dcf0 Merge #510: add a couple missing `const`s to ecmult_pippenger_wnaf cd5f6028e5 Merge #515: Fix typo 09146ae854 Merge #512: secp256k1_ec_privkey_negate - fix documentation ec0a7b3ae3 Don't touch leading zeros in wnaf_fixed. 9e36d1bfe2 Fix bug in wnaf_fixed where the wnaf array is not completely zeroed when given a 0 scalar. 96f68a0afc Don't invert scalar in wnaf_fixed when it is even because a caller might intentionally give a scalar with many leading zeros. 8b3841c91d fix bug in fread() failure check cddef0c0be tests: add warning message when /dev/urandom fails 9b7c47a21e Fix typo 6dbb007869 Increase sparsity of pippenger fixed window naf representation 1646ace4d5 secp256k1_ec_privkey_negate - fix documentation 270f6c80db Portability fix for the configure scripts generated 9b3ff0309d add a couple missing `const`s to ecmult_pippenger_wnaf cd329dbc3e Merge #460: [build] Update ax_jni_include_dir.m4 macro 7f9c1a1565 Merge #498: tests: Avoid calling fclose(...) with an invalid argument f99aa8d4d3 Merge #499: tests: Make sure we get the requested number of bytes from /dev/urandom b549d3d5f7 Merge #472: [build] Set --enable-jni to no by default instead of auto. d333521516 Merge #494: Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS 2ef8ea5d21 Merge #495: Add bench_ecmult to .gitignore 82a96e4587 tests: Make sure we get the requested number of bytes from /dev/urandom 5aae5b5bb2 Avoid calling fclose(...) with an invalid argument cb32940df3 Add bench_ecmult to .gitignore 31abd3ab8d Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS c95f6f1360 Merge #487: fix tests typo, s/changed/unchanged fb46c83881 Merge #463: Reduce usage of hardcoded size constants 02f5001dfc Merge #490: Disambiguate bench functions and types 1f46d6089e Disambiguate bench functions and types f54c6c5083 Merge #480: Enable benchmark building by default c77fc08597 Merge #486: Add pippenger_wnaf for multi-multiplication d2f9c6b5dc Use more precise pippenger bucket windows 4c950bbeaf Save some additions per window in _pippenger_wnaf a58f543f5a Add flags for choosing algorithm in ecmult_multi benchmark 36b22c9337 Use scratch space dependent batching in ecmult_multi 355a38f113 Add pippenger_wnaf ecmult_multi bc65aa794e Add bench_ecmult dba5471b69 Add ecmult_multi tests 8c1c831bdb Generalize Strauss to support multiple points 548de42ecf add resizeable scratch space API 0e96cdc6b6 fix typo, s/changed/unchanged c7680e570f Reduce usage of hardcoded size constants 6ad5cdb42a Merge #479: Get rid of reserved _t in type names 7a78f60598 Print whether we're building benchmarks 4afec9f1ae Build benchmarks by default d1dc9dfc0a Get rid of reserved _t in type names 57752d28b3 [build] Set --enable-jni to no by default instead of auto. e7daa9b3c2 [build] Tweak JNI macro to warn instead of error for JNI not found. 5b22977922 [build] Update ax_jni_include_dir.m4 macro to deal with recent versions of macOS git-subtree-dir: src/secp256k1 git-subtree-split: b19c000063be11018b4d1a6b0a85871ab9d0bdcf
2019-03-31 11:41:05 -07:00
#include "scalar.h"
#include "scratch.h"
Squashed 'src/secp256k1/' content from commit ad2028f git-subtree-dir: src/secp256k1 git-subtree-split: ad2028f9890ca40bdd32055aa0fe5c1c9af0e485
2014-11-18 18:06:36 +01:00
Squashed 'src/secp256k1/' changes from be8d9c262f..0559fc6e41 0559fc6e41 Merge bitcoin-core/secp256k1#988: Make signing table fully static 7dfceceea6 build: Remove #undef hack for ASM in the precomputation programs bb36fe9be0 ci: Test `make precomp` d94a37a20c build: Remove CC_FOR_BUILD stuff ad63bb4c29 build: Prebuild and distribute ecmult_gen table ac49361ed0 prealloc: Get rid of manual memory management for prealloc contexts 6573c08f65 ecmult_gen: Tidy precomputed file and save space 5eba83f17c ecmult_gen: Precompute tables for all values of ECMULT_GEN_PREC_BITS 5d0dbef018 Merge bitcoin-core/secp256k1#942: Verify that secp256k1_ge_set_gej_zinv does not operate on infinity. 486205aa68 Merge bitcoin-core/secp256k1#920: Test all ecmult functions with many j*2^i combinations fdb33dd122 refactor: Make PREC_BITS a parameter of ecmult_gen_build_prec_table 5eb519e1f6 ci: reduce TEST_ITERS in memcheck run e2cf77328a Test ecmult functions for all i*2^j for j=0..255 and odd i=1..255. 61ae37c612 Merge bitcoin-core/secp256k1#1022: build: Windows DLL additions 4f01840b82 Merge bitcoin-core/secp256k1#1027: build: Add a check that Valgrind actually supports a host platform 6ad908aa00 Merge bitcoin-core/secp256k1#1008: bench.c: add `--help` option and ci: move env variables 592661c22f ci: move test environment variable declaration to .cirrus.yml dcbe84b841 bench: add --help option to bench. 099bad945e Comment and check a parameter for inf in secp256k1_ecmult_const. 6c0be857f8 Verify that secp256k1_ge_set_gej_zinv does not operate on infinity. a->x and a->y should not be used if the infinity flag is set. 4900227451 Merge bitcoin-core/secp256k1#1025: build: replace backtick command substitution with $() 7c7ce872a5 build: Add a check that Valgrind actually supports a host platform a4875e30a6 refactor: Move default callbacks to util.h 4c94c55bce doc: Remove obsolete hint for valgrind stack size 5106226991 exhaustive_tests: Fix with ecmult_gen table with custom generator e1a76530db refactor: Make generator a parameter of ecmult_gen_create_prec_table 9ad09f6911 refactor: Rename program that generates static ecmult_gen table 8ae18f1ab3 refactor: Rename file that contains static ecmult_gen table 00d2fa116e ecmult_gen: Make code consistent with comment 3b0c2185ea ecmult_gen: Simplify ecmult_gen context after making table static 2b7c7497ef build: replace backtick command substitution with $() 49f608de47 Merge bitcoin-core/secp256k1#1004: ecmult: fix definition of STRAUSS_SCRATCH_OBJECTS c0cd7de6d4 build: add -no-undefined to libtool LDFLAGS fe32a79d35 build: pass win32-dll to LT_INIT 60bf8890df ecmult: fix definition of STRAUSS_SCRATCH_OBJECTS fecf436d53 Merge bitcoin-core/secp256k1#1019: build: don't append valgrind CPPFLAGS if not installed (macOS) 2e5e4b67df Merge bitcoin-core/secp256k1#1020: doc: remove use of <0xa0> "no break space" 812ff5c747 doc: remove use of 0xa0 "no break space" 214042a170 build: don't append valgrind CPPFLAGS if not installed e43ba02cfc refactor: Decouple table generation and ecmult_gen context 22dc2c0a0d ecmult_gen: Move table creation to new file and force static prec 793ad9016a Merge bitcoin-core/secp256k1#1010: doc: Minor fixes in safegcd_implementation.md dc9b6853b7 doc: Minor fixes in safegcd_implementation.md ea5e8a9c47 Merge bitcoin-core/secp256k1#1012: Fix typos 233297579d Fix typos 7006f1b97f Merge bitcoin-core/secp256k1#1011: ci: Enable -g if we set CFLAGS manually 72de1359e9 ci: Enable -g if we set CFLAGS manually 74c34e727b Merge bitcoin-core/secp256k1#1009: refactor: Use (int)&(int) in boolean context to avoid compiler warning 16d132215c refactor: Use (int)&(int) in boolean context to avoid compiler warning c74a7b7e51 Merge bitcoin-core/secp256k1#1007: doc: Replace apoelstra's GPG key by jonasnick's GPG key 3b157c48ed doc: Suggest keys.openpgp.org as keyserver in SECURITY.md 73a7472cd0 doc: Replace apoelstra's GPG key by jonasnick's GPG key 515a5dbd02 Merge bitcoin-core/secp256k1#991: Merge all "external" benchmarks into a single bench binary af6abcb3d0 Make bench support selecting which benchmarks to run 9f56bdf5b9 Merge bench_schnorrsig into bench 3208557ae1 Merge bench_recover into bench 855e18d8a8 Merge bench_ecdh into bench 2a7be678a6 Combine bench_sign and bench_verify into single bench 8fa41201bd Merge bitcoin-core/secp256k1#1002: Make aux_rnd32==NULL behave identical to 0x0000..00. 5324f8942d Make aux_rnd32==NULL behave identical to 0x0000..00. 21c188b3c5 Merge bitcoin-core/secp256k1#943: VERIFY_CHECK precondition for secp256k1_fe_set_int. 3e7b2ea194 Merge bitcoin-core/secp256k1#999: bench_ecmult: improve clarity of output 23e2f66726 bench: don't return 1 in have_flag() if argc = 1 96b1ad2ea9 bench_ecmult: improve clarity of output 20d791edfb Merge bitcoin-core/secp256k1#989: Shared benchmark format for command line and CSV outputs aa1b889b61 Merge bitcoin-core/secp256k1#996: Fix G.y parity in sage code 044d956305 Fix G.y parity in sage code b4b130678d create csv file from the benchmark output 26a255beb6 Shared benchmark format for command line and CSV outputs 9526874d14 Merge bitcoin-core/secp256k1#810: Avoid overly-wide multiplications in 5x52 field mul/sqr 920a0e5fa6 Merge bitcoin-core/secp256k1#952: Avoid computing out-of-bounds pointer. f34b5cae03 Merge bitcoin-core/secp256k1#983: [RFC] Remove OpenSSL testing support 297ce82091 Merge bitcoin-core/secp256k1#966: Make aux_rand32 arg to secp256k1_schnorrsig_sign const 2888640132 VERIFY_CHECK precondition for secp256k1_fe_set_int. d49011f54c Make _set_fe_int( . , 0 ) set magnitude to 0 bc08599e77 Remove OpenSSL testing support 10f9bd84f4 Merge bitcoin-core/secp256k1#987: Fix unused parameter warnings when building without VERIFY 189f6bcfef Fix unused parameter warnings when building without VERIFY da0092bccc Merge bitcoin-core/secp256k1#986: tests: remove `secp256k1_fe_verify` from tests.c and modify `_fe_from_storage` to call `_fe_verify` d43993724d tests: remove `secp256k1_fe_verify` from tests.c and modify `secp256k1_fe_from_storage` to call `secp256k1_fe_verify` 2a3a97c665 Merge bitcoin-core/secp256k1#976: `secp256k1_schnorrsig_sign_internal` should be static aa5d34a8fe Merge bitcoin-core/secp256k1#783: Make the public API docs more consistent and explicit 72713872a8 Add missing static to secp256k1_schnorrsig_sign_internal db4667d5e0 Make aux_rand32 arg to secp256k1_schnorrsig_sign const 9a5a87e0f1 Merge bitcoin-core/secp256k1#956: Replace ecmult_context with a generated static array. 20abd52c2e Add tests for pre_g tables. 6815761cf5 Remove ecmult_context. f20dcbbad1 Correct typo. 16a3cc07e8 Generate ecmult_static_pre_g.h 8de2d86a06 Bump memory limits in advance of making the ecmult context static. d7ec49a689 Merge bitcoin-core/secp256k1#969: ci: Fixes after Debian release 5d5c74a057 tests: Rewrite code to circument potential bug in clang 3d2f492ceb ci: Install libasan6 (instead of 5) after Debian upgrade adec5a1638 Add missing null check for ctx and input keys in the public API f4edfc7581 Improve consistency for NULL arguments in the public interface 9be7b0f083 Avoid computing out-of-bounds pointer. b53e0cd61f Avoid overly-wide multiplications git-subtree-dir: src/secp256k1 git-subtree-split: 0559fc6e41b65af6e52c32eb9b1286494412a162
2021-12-15 09:19:50 -05:00
/* Noone will ever need more than a window size of 24. The code might
* be correct for larger values of ECMULT_WINDOW_SIZE but this is not
* tested.
*
* The following limitations are known, and there are probably more:
* If WINDOW_G > 27 and size_t has 32 bits, then the code is incorrect
* because the size of the memory object that we allocate (in bytes)
* will not fit in a size_t.
* If WINDOW_G > 31 and int has 32 bits, then the code is incorrect
* because certain expressions will overflow.
*/
#if ECMULT_WINDOW_SIZE < 2 || ECMULT_WINDOW_SIZE > 24
# error Set ECMULT_WINDOW_SIZE to an integer in range [2..24].
#endif
/** The number of entries a table with precomputed multiples needs to have. */
#define ECMULT_TABLE_SIZE(w) (1L << ((w)-2))
Squashed 'src/secp256k1/' content from commit ad2028f git-subtree-dir: src/secp256k1 git-subtree-split: ad2028f9890ca40bdd32055aa0fe5c1c9af0e485
2014-11-18 18:06:36 +01:00
/** Double multiply: R = na*A + ng*G */
Squashed 'src/secp256k1/' changes from be8d9c262f..0559fc6e41 0559fc6e41 Merge bitcoin-core/secp256k1#988: Make signing table fully static 7dfceceea6 build: Remove #undef hack for ASM in the precomputation programs bb36fe9be0 ci: Test `make precomp` d94a37a20c build: Remove CC_FOR_BUILD stuff ad63bb4c29 build: Prebuild and distribute ecmult_gen table ac49361ed0 prealloc: Get rid of manual memory management for prealloc contexts 6573c08f65 ecmult_gen: Tidy precomputed file and save space 5eba83f17c ecmult_gen: Precompute tables for all values of ECMULT_GEN_PREC_BITS 5d0dbef018 Merge bitcoin-core/secp256k1#942: Verify that secp256k1_ge_set_gej_zinv does not operate on infinity. 486205aa68 Merge bitcoin-core/secp256k1#920: Test all ecmult functions with many j*2^i combinations fdb33dd122 refactor: Make PREC_BITS a parameter of ecmult_gen_build_prec_table 5eb519e1f6 ci: reduce TEST_ITERS in memcheck run e2cf77328a Test ecmult functions for all i*2^j for j=0..255 and odd i=1..255. 61ae37c612 Merge bitcoin-core/secp256k1#1022: build: Windows DLL additions 4f01840b82 Merge bitcoin-core/secp256k1#1027: build: Add a check that Valgrind actually supports a host platform 6ad908aa00 Merge bitcoin-core/secp256k1#1008: bench.c: add `--help` option and ci: move env variables 592661c22f ci: move test environment variable declaration to .cirrus.yml dcbe84b841 bench: add --help option to bench. 099bad945e Comment and check a parameter for inf in secp256k1_ecmult_const. 6c0be857f8 Verify that secp256k1_ge_set_gej_zinv does not operate on infinity. a->x and a->y should not be used if the infinity flag is set. 4900227451 Merge bitcoin-core/secp256k1#1025: build: replace backtick command substitution with $() 7c7ce872a5 build: Add a check that Valgrind actually supports a host platform a4875e30a6 refactor: Move default callbacks to util.h 4c94c55bce doc: Remove obsolete hint for valgrind stack size 5106226991 exhaustive_tests: Fix with ecmult_gen table with custom generator e1a76530db refactor: Make generator a parameter of ecmult_gen_create_prec_table 9ad09f6911 refactor: Rename program that generates static ecmult_gen table 8ae18f1ab3 refactor: Rename file that contains static ecmult_gen table 00d2fa116e ecmult_gen: Make code consistent with comment 3b0c2185ea ecmult_gen: Simplify ecmult_gen context after making table static 2b7c7497ef build: replace backtick command substitution with $() 49f608de47 Merge bitcoin-core/secp256k1#1004: ecmult: fix definition of STRAUSS_SCRATCH_OBJECTS c0cd7de6d4 build: add -no-undefined to libtool LDFLAGS fe32a79d35 build: pass win32-dll to LT_INIT 60bf8890df ecmult: fix definition of STRAUSS_SCRATCH_OBJECTS fecf436d53 Merge bitcoin-core/secp256k1#1019: build: don't append valgrind CPPFLAGS if not installed (macOS) 2e5e4b67df Merge bitcoin-core/secp256k1#1020: doc: remove use of <0xa0> "no break space" 812ff5c747 doc: remove use of 0xa0 "no break space" 214042a170 build: don't append valgrind CPPFLAGS if not installed e43ba02cfc refactor: Decouple table generation and ecmult_gen context 22dc2c0a0d ecmult_gen: Move table creation to new file and force static prec 793ad9016a Merge bitcoin-core/secp256k1#1010: doc: Minor fixes in safegcd_implementation.md dc9b6853b7 doc: Minor fixes in safegcd_implementation.md ea5e8a9c47 Merge bitcoin-core/secp256k1#1012: Fix typos 233297579d Fix typos 7006f1b97f Merge bitcoin-core/secp256k1#1011: ci: Enable -g if we set CFLAGS manually 72de1359e9 ci: Enable -g if we set CFLAGS manually 74c34e727b Merge bitcoin-core/secp256k1#1009: refactor: Use (int)&(int) in boolean context to avoid compiler warning 16d132215c refactor: Use (int)&(int) in boolean context to avoid compiler warning c74a7b7e51 Merge bitcoin-core/secp256k1#1007: doc: Replace apoelstra's GPG key by jonasnick's GPG key 3b157c48ed doc: Suggest keys.openpgp.org as keyserver in SECURITY.md 73a7472cd0 doc: Replace apoelstra's GPG key by jonasnick's GPG key 515a5dbd02 Merge bitcoin-core/secp256k1#991: Merge all "external" benchmarks into a single bench binary af6abcb3d0 Make bench support selecting which benchmarks to run 9f56bdf5b9 Merge bench_schnorrsig into bench 3208557ae1 Merge bench_recover into bench 855e18d8a8 Merge bench_ecdh into bench 2a7be678a6 Combine bench_sign and bench_verify into single bench 8fa41201bd Merge bitcoin-core/secp256k1#1002: Make aux_rnd32==NULL behave identical to 0x0000..00. 5324f8942d Make aux_rnd32==NULL behave identical to 0x0000..00. 21c188b3c5 Merge bitcoin-core/secp256k1#943: VERIFY_CHECK precondition for secp256k1_fe_set_int. 3e7b2ea194 Merge bitcoin-core/secp256k1#999: bench_ecmult: improve clarity of output 23e2f66726 bench: don't return 1 in have_flag() if argc = 1 96b1ad2ea9 bench_ecmult: improve clarity of output 20d791edfb Merge bitcoin-core/secp256k1#989: Shared benchmark format for command line and CSV outputs aa1b889b61 Merge bitcoin-core/secp256k1#996: Fix G.y parity in sage code 044d956305 Fix G.y parity in sage code b4b130678d create csv file from the benchmark output 26a255beb6 Shared benchmark format for command line and CSV outputs 9526874d14 Merge bitcoin-core/secp256k1#810: Avoid overly-wide multiplications in 5x52 field mul/sqr 920a0e5fa6 Merge bitcoin-core/secp256k1#952: Avoid computing out-of-bounds pointer. f34b5cae03 Merge bitcoin-core/secp256k1#983: [RFC] Remove OpenSSL testing support 297ce82091 Merge bitcoin-core/secp256k1#966: Make aux_rand32 arg to secp256k1_schnorrsig_sign const 2888640132 VERIFY_CHECK precondition for secp256k1_fe_set_int. d49011f54c Make _set_fe_int( . , 0 ) set magnitude to 0 bc08599e77 Remove OpenSSL testing support 10f9bd84f4 Merge bitcoin-core/secp256k1#987: Fix unused parameter warnings when building without VERIFY 189f6bcfef Fix unused parameter warnings when building without VERIFY da0092bccc Merge bitcoin-core/secp256k1#986: tests: remove `secp256k1_fe_verify` from tests.c and modify `_fe_from_storage` to call `_fe_verify` d43993724d tests: remove `secp256k1_fe_verify` from tests.c and modify `secp256k1_fe_from_storage` to call `secp256k1_fe_verify` 2a3a97c665 Merge bitcoin-core/secp256k1#976: `secp256k1_schnorrsig_sign_internal` should be static aa5d34a8fe Merge bitcoin-core/secp256k1#783: Make the public API docs more consistent and explicit 72713872a8 Add missing static to secp256k1_schnorrsig_sign_internal db4667d5e0 Make aux_rand32 arg to secp256k1_schnorrsig_sign const 9a5a87e0f1 Merge bitcoin-core/secp256k1#956: Replace ecmult_context with a generated static array. 20abd52c2e Add tests for pre_g tables. 6815761cf5 Remove ecmult_context. f20dcbbad1 Correct typo. 16a3cc07e8 Generate ecmult_static_pre_g.h 8de2d86a06 Bump memory limits in advance of making the ecmult context static. d7ec49a689 Merge bitcoin-core/secp256k1#969: ci: Fixes after Debian release 5d5c74a057 tests: Rewrite code to circument potential bug in clang 3d2f492ceb ci: Install libasan6 (instead of 5) after Debian upgrade adec5a1638 Add missing null check for ctx and input keys in the public API f4edfc7581 Improve consistency for NULL arguments in the public interface 9be7b0f083 Avoid computing out-of-bounds pointer. b53e0cd61f Avoid overly-wide multiplications git-subtree-dir: src/secp256k1 git-subtree-split: 0559fc6e41b65af6e52c32eb9b1286494412a162
2021-12-15 09:19:50 -05:00
static void secp256k1_ecmult(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_scalar *na, const secp256k1_scalar *ng);
Squashed 'src/secp256k1/' content from commit ad2028f git-subtree-dir: src/secp256k1 git-subtree-split: ad2028f9890ca40bdd32055aa0fe5c1c9af0e485
2014-11-18 18:06:36 +01:00
Squashed 'src/secp256k1/' changes from 0b70241850..b19c000063 b19c000063 Merge #607: Use size_t shifts when computing a size_t 4d01bc2d9c Merge #606: travis: Remove unused sudo:false e6d01e9347 Use size_t shifts when computing a size_t 7667532bd7 travis: Remove unused sudo:false ee99f12f3d Merge #599: Switch x86_64 asm to use "i" instead of "n" for immediate values. d58bc93f2c Switch x86_64 asm to use "i" instead of "n" for immediate values. 05362ee042 Merge #597: Add $(COMMON_LIB) to exhaustive tests to fix ARM asm build 83483869ac Add $(COMMON_LIB) to exhaustive tests to fix ARM asm build aa15154a48 Merge #568: Fix integer overflow in ecmult_multi_var when n is large 2277af5ff0 Fix integer overflow in ecmult_multi_var when n is large 85d0e1bcce Merge #591: Make bench_internal obey secp256k1_fe_sqrt's contract wrt aliasing. 14196379ec Merge #580: Add trivial ecmult_multi algorithm which does not require a scratch space a697d82da9 Add trivial ecmult_multi to the benchmark tool bade617417 Add trivial ecmult_multi algorithm. It is selected when no scratch space is given and just multiplies and adds the points. 5545e13dea Merge #584: configure: Use CFLAGS_FOR_BUILD when checking native compiler 20c5869df2 Merge #516: improvements to random seed in src/tests.c b76e45d5d6 Make bench_internal obey secp256k1_fe_sqrt's contract wrt aliasing. 870a977644 Merge #562: Make use of TAG_PUBKEY constants in secp256k1_eckey_pubkey_parse be40c4d0b5 Fixup for C90 mixed declarations. c71dd2c08f Merge #509: Fix algorithm selection in bench_ecmult 6492bf88cc Merge #518: Summarize build options after running configure 0e9ada1941 Merge #567: Correct order of libs returned on pkg-config --libs --static libsecp2… e96901a4b9 Merge #587: Make randomization of a non-signing context a noop 58df8d03ad Merge #511: Portability fix for the configure scripts generated 2ebdad772a Merge #552: Make constants static: 1c131affd3 Merge #551: secp256k1_fe_sqrt: Verify that the arguments don't alias. ba698f883b Merge #539: Assorted minor corrections 949e85b009 Merge #550: Optimize secp256k1_fe_normalize_weak calls. a34bcaadf1 Actually pass CFLAGS_FOR_BUILD and LDFLAGS_FOR_BUILD to linker 2d5f4cebdc configure: Use CFLAGS_FOR_BUILD when checking native compiler b408c6a8b2 Merge #579: Use __GNUC_PREREQ for detecting __builtin_expect 6198375218 Make randomization of a non-signing context a noop c663397f46 Use __GNUC_PREREQ for detecting __builtin_expect e34ceb333b Merge #557: Eliminate scratch memory used when generating contexts b3bf5f99a3 ecmult_impl: expand comment to explain how effective affine interacts with everything efa783f8f0 Store z-ratios in the 'x' coord they'll recover ffd3b346fe add `secp256k1_ge_set_all_gej_var` test which deals with many infinite points 84740acd2a ecmult_impl: save one fe_inv_var 47045270fa ecmult_impl: eliminate scratch memory used when generating context 7f7a2ed3a8 ecmult_gen_impl: eliminate scratch memory used when generating context 314a61d724 Merge #553: add static context object which has no capabilities 89a20a8945 Correct order of libs returned on pkg-config --libs --static libsecp256k1 call. 1086fda4c1 Merge #354: [ECDH API change] Support custom hash function d3cb1f95eb Make use of TAG_PUBKEY constants in secp256k1_eckey_pubkey_parse 40fde611bd prevent attempts to modify `secp256k1_context_no_precomp` ed7c08417a add static context object which has no capabilities 496c5b43b8 Make constants static: static const secp256k1_ge secp256k1_ge_const_g; static const int CURVE_B; bf8b86cc07 secp256k1_fe_sqrt: Verify that the arguments don't alias. 9bd89c836b Optimize secp256k1_fe_normalize_weak calls. Move secp256k1_fe_normalize_weak calls out of ECMULT_TABLE_GET_GE and ECMULT_TABLE_GET_GE_STORAGE and into secp256k1_ge_globalz_set_table_gej instead. 52ab96fedb clean dependendies in field_*_impl.h deff5edd42 Correct math typos in field_*.h 4efb3f8dd1 Add check that restrict pointers don't alias with all parameters. 1e6f1f5ad5 Merge #529: fix tests.c in the count == 0 case c8fbc3c397 [ECDH API change] Allow pass arbitrary data to hash function b00be65056 [ECDH API change] Support custom hash function 95e99f196f fix tests.c in the count == 0 case 452d8e4d2a Merge #523: scratch: add stack frame support 6fe50439ae scratch: add stack frame support 9bc2e26502 Merge #522: parameterize ecmult_const over input size 7c1b91ba4b parameterize ecmult_const over input size dbc3ddd5e2 Merge #513: Increase sparsity of pippenger fixed window naf representation 3965027c81 Summarize build options in configure script 0f0517369c Fix algorithm selection in bench_ecmult fb9271dcf0 Merge #510: add a couple missing `const`s to ecmult_pippenger_wnaf cd5f6028e5 Merge #515: Fix typo 09146ae854 Merge #512: secp256k1_ec_privkey_negate - fix documentation ec0a7b3ae3 Don't touch leading zeros in wnaf_fixed. 9e36d1bfe2 Fix bug in wnaf_fixed where the wnaf array is not completely zeroed when given a 0 scalar. 96f68a0afc Don't invert scalar in wnaf_fixed when it is even because a caller might intentionally give a scalar with many leading zeros. 8b3841c91d fix bug in fread() failure check cddef0c0be tests: add warning message when /dev/urandom fails 9b7c47a21e Fix typo 6dbb007869 Increase sparsity of pippenger fixed window naf representation 1646ace4d5 secp256k1_ec_privkey_negate - fix documentation 270f6c80db Portability fix for the configure scripts generated 9b3ff0309d add a couple missing `const`s to ecmult_pippenger_wnaf cd329dbc3e Merge #460: [build] Update ax_jni_include_dir.m4 macro 7f9c1a1565 Merge #498: tests: Avoid calling fclose(...) with an invalid argument f99aa8d4d3 Merge #499: tests: Make sure we get the requested number of bytes from /dev/urandom b549d3d5f7 Merge #472: [build] Set --enable-jni to no by default instead of auto. d333521516 Merge #494: Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS 2ef8ea5d21 Merge #495: Add bench_ecmult to .gitignore 82a96e4587 tests: Make sure we get the requested number of bytes from /dev/urandom 5aae5b5bb2 Avoid calling fclose(...) with an invalid argument cb32940df3 Add bench_ecmult to .gitignore 31abd3ab8d Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS c95f6f1360 Merge #487: fix tests typo, s/changed/unchanged fb46c83881 Merge #463: Reduce usage of hardcoded size constants 02f5001dfc Merge #490: Disambiguate bench functions and types 1f46d6089e Disambiguate bench functions and types f54c6c5083 Merge #480: Enable benchmark building by default c77fc08597 Merge #486: Add pippenger_wnaf for multi-multiplication d2f9c6b5dc Use more precise pippenger bucket windows 4c950bbeaf Save some additions per window in _pippenger_wnaf a58f543f5a Add flags for choosing algorithm in ecmult_multi benchmark 36b22c9337 Use scratch space dependent batching in ecmult_multi 355a38f113 Add pippenger_wnaf ecmult_multi bc65aa794e Add bench_ecmult dba5471b69 Add ecmult_multi tests 8c1c831bdb Generalize Strauss to support multiple points 548de42ecf add resizeable scratch space API 0e96cdc6b6 fix typo, s/changed/unchanged c7680e570f Reduce usage of hardcoded size constants 6ad5cdb42a Merge #479: Get rid of reserved _t in type names 7a78f60598 Print whether we're building benchmarks 4afec9f1ae Build benchmarks by default d1dc9dfc0a Get rid of reserved _t in type names 57752d28b3 [build] Set --enable-jni to no by default instead of auto. e7daa9b3c2 [build] Tweak JNI macro to warn instead of error for JNI not found. 5b22977922 [build] Update ax_jni_include_dir.m4 macro to deal with recent versions of macOS git-subtree-dir: src/secp256k1 git-subtree-split: b19c000063be11018b4d1a6b0a85871ab9d0bdcf
2019-03-31 11:41:05 -07:00
typedef int (secp256k1_ecmult_multi_callback)(secp256k1_scalar *sc, secp256k1_ge *pt, size_t idx, void *data);
/**
* Multi-multiply: R = inp_g_sc * G + sum_i ni * Ai.
* Chooses the right algorithm for a given number of points and scratch space
* size. Resets and overwrites the given scratch space. If the points do not
* fit in the scratch space the algorithm is repeatedly run with batches of
* points. If no scratch space is given then a simple algorithm is used that
* simply multiplies the points with the corresponding scalars and adds them up.
* Returns: 1 on success (including when inp_g_sc is NULL and n is 0)
* 0 if there is not enough scratch space for a single point or
* callback returns 0
*/
Squashed 'src/secp256k1/' changes from be8d9c262f..0559fc6e41 0559fc6e41 Merge bitcoin-core/secp256k1#988: Make signing table fully static 7dfceceea6 build: Remove #undef hack for ASM in the precomputation programs bb36fe9be0 ci: Test `make precomp` d94a37a20c build: Remove CC_FOR_BUILD stuff ad63bb4c29 build: Prebuild and distribute ecmult_gen table ac49361ed0 prealloc: Get rid of manual memory management for prealloc contexts 6573c08f65 ecmult_gen: Tidy precomputed file and save space 5eba83f17c ecmult_gen: Precompute tables for all values of ECMULT_GEN_PREC_BITS 5d0dbef018 Merge bitcoin-core/secp256k1#942: Verify that secp256k1_ge_set_gej_zinv does not operate on infinity. 486205aa68 Merge bitcoin-core/secp256k1#920: Test all ecmult functions with many j*2^i combinations fdb33dd122 refactor: Make PREC_BITS a parameter of ecmult_gen_build_prec_table 5eb519e1f6 ci: reduce TEST_ITERS in memcheck run e2cf77328a Test ecmult functions for all i*2^j for j=0..255 and odd i=1..255. 61ae37c612 Merge bitcoin-core/secp256k1#1022: build: Windows DLL additions 4f01840b82 Merge bitcoin-core/secp256k1#1027: build: Add a check that Valgrind actually supports a host platform 6ad908aa00 Merge bitcoin-core/secp256k1#1008: bench.c: add `--help` option and ci: move env variables 592661c22f ci: move test environment variable declaration to .cirrus.yml dcbe84b841 bench: add --help option to bench. 099bad945e Comment and check a parameter for inf in secp256k1_ecmult_const. 6c0be857f8 Verify that secp256k1_ge_set_gej_zinv does not operate on infinity. a->x and a->y should not be used if the infinity flag is set. 4900227451 Merge bitcoin-core/secp256k1#1025: build: replace backtick command substitution with $() 7c7ce872a5 build: Add a check that Valgrind actually supports a host platform a4875e30a6 refactor: Move default callbacks to util.h 4c94c55bce doc: Remove obsolete hint for valgrind stack size 5106226991 exhaustive_tests: Fix with ecmult_gen table with custom generator e1a76530db refactor: Make generator a parameter of ecmult_gen_create_prec_table 9ad09f6911 refactor: Rename program that generates static ecmult_gen table 8ae18f1ab3 refactor: Rename file that contains static ecmult_gen table 00d2fa116e ecmult_gen: Make code consistent with comment 3b0c2185ea ecmult_gen: Simplify ecmult_gen context after making table static 2b7c7497ef build: replace backtick command substitution with $() 49f608de47 Merge bitcoin-core/secp256k1#1004: ecmult: fix definition of STRAUSS_SCRATCH_OBJECTS c0cd7de6d4 build: add -no-undefined to libtool LDFLAGS fe32a79d35 build: pass win32-dll to LT_INIT 60bf8890df ecmult: fix definition of STRAUSS_SCRATCH_OBJECTS fecf436d53 Merge bitcoin-core/secp256k1#1019: build: don't append valgrind CPPFLAGS if not installed (macOS) 2e5e4b67df Merge bitcoin-core/secp256k1#1020: doc: remove use of <0xa0> "no break space" 812ff5c747 doc: remove use of 0xa0 "no break space" 214042a170 build: don't append valgrind CPPFLAGS if not installed e43ba02cfc refactor: Decouple table generation and ecmult_gen context 22dc2c0a0d ecmult_gen: Move table creation to new file and force static prec 793ad9016a Merge bitcoin-core/secp256k1#1010: doc: Minor fixes in safegcd_implementation.md dc9b6853b7 doc: Minor fixes in safegcd_implementation.md ea5e8a9c47 Merge bitcoin-core/secp256k1#1012: Fix typos 233297579d Fix typos 7006f1b97f Merge bitcoin-core/secp256k1#1011: ci: Enable -g if we set CFLAGS manually 72de1359e9 ci: Enable -g if we set CFLAGS manually 74c34e727b Merge bitcoin-core/secp256k1#1009: refactor: Use (int)&(int) in boolean context to avoid compiler warning 16d132215c refactor: Use (int)&(int) in boolean context to avoid compiler warning c74a7b7e51 Merge bitcoin-core/secp256k1#1007: doc: Replace apoelstra's GPG key by jonasnick's GPG key 3b157c48ed doc: Suggest keys.openpgp.org as keyserver in SECURITY.md 73a7472cd0 doc: Replace apoelstra's GPG key by jonasnick's GPG key 515a5dbd02 Merge bitcoin-core/secp256k1#991: Merge all "external" benchmarks into a single bench binary af6abcb3d0 Make bench support selecting which benchmarks to run 9f56bdf5b9 Merge bench_schnorrsig into bench 3208557ae1 Merge bench_recover into bench 855e18d8a8 Merge bench_ecdh into bench 2a7be678a6 Combine bench_sign and bench_verify into single bench 8fa41201bd Merge bitcoin-core/secp256k1#1002: Make aux_rnd32==NULL behave identical to 0x0000..00. 5324f8942d Make aux_rnd32==NULL behave identical to 0x0000..00. 21c188b3c5 Merge bitcoin-core/secp256k1#943: VERIFY_CHECK precondition for secp256k1_fe_set_int. 3e7b2ea194 Merge bitcoin-core/secp256k1#999: bench_ecmult: improve clarity of output 23e2f66726 bench: don't return 1 in have_flag() if argc = 1 96b1ad2ea9 bench_ecmult: improve clarity of output 20d791edfb Merge bitcoin-core/secp256k1#989: Shared benchmark format for command line and CSV outputs aa1b889b61 Merge bitcoin-core/secp256k1#996: Fix G.y parity in sage code 044d956305 Fix G.y parity in sage code b4b130678d create csv file from the benchmark output 26a255beb6 Shared benchmark format for command line and CSV outputs 9526874d14 Merge bitcoin-core/secp256k1#810: Avoid overly-wide multiplications in 5x52 field mul/sqr 920a0e5fa6 Merge bitcoin-core/secp256k1#952: Avoid computing out-of-bounds pointer. f34b5cae03 Merge bitcoin-core/secp256k1#983: [RFC] Remove OpenSSL testing support 297ce82091 Merge bitcoin-core/secp256k1#966: Make aux_rand32 arg to secp256k1_schnorrsig_sign const 2888640132 VERIFY_CHECK precondition for secp256k1_fe_set_int. d49011f54c Make _set_fe_int( . , 0 ) set magnitude to 0 bc08599e77 Remove OpenSSL testing support 10f9bd84f4 Merge bitcoin-core/secp256k1#987: Fix unused parameter warnings when building without VERIFY 189f6bcfef Fix unused parameter warnings when building without VERIFY da0092bccc Merge bitcoin-core/secp256k1#986: tests: remove `secp256k1_fe_verify` from tests.c and modify `_fe_from_storage` to call `_fe_verify` d43993724d tests: remove `secp256k1_fe_verify` from tests.c and modify `secp256k1_fe_from_storage` to call `secp256k1_fe_verify` 2a3a97c665 Merge bitcoin-core/secp256k1#976: `secp256k1_schnorrsig_sign_internal` should be static aa5d34a8fe Merge bitcoin-core/secp256k1#783: Make the public API docs more consistent and explicit 72713872a8 Add missing static to secp256k1_schnorrsig_sign_internal db4667d5e0 Make aux_rand32 arg to secp256k1_schnorrsig_sign const 9a5a87e0f1 Merge bitcoin-core/secp256k1#956: Replace ecmult_context with a generated static array. 20abd52c2e Add tests for pre_g tables. 6815761cf5 Remove ecmult_context. f20dcbbad1 Correct typo. 16a3cc07e8 Generate ecmult_static_pre_g.h 8de2d86a06 Bump memory limits in advance of making the ecmult context static. d7ec49a689 Merge bitcoin-core/secp256k1#969: ci: Fixes after Debian release 5d5c74a057 tests: Rewrite code to circument potential bug in clang 3d2f492ceb ci: Install libasan6 (instead of 5) after Debian upgrade adec5a1638 Add missing null check for ctx and input keys in the public API f4edfc7581 Improve consistency for NULL arguments in the public interface 9be7b0f083 Avoid computing out-of-bounds pointer. b53e0cd61f Avoid overly-wide multiplications git-subtree-dir: src/secp256k1 git-subtree-split: 0559fc6e41b65af6e52c32eb9b1286494412a162
2021-12-15 09:19:50 -05:00
static int secp256k1_ecmult_multi_var(const secp256k1_callback* error_callback, secp256k1_scratch *scratch, secp256k1_gej *r, const secp256k1_scalar *inp_g_sc, secp256k1_ecmult_multi_callback cb, void *cbdata, size_t n);
Squashed 'src/secp256k1/' changes from 0b70241850..b19c000063 b19c000063 Merge #607: Use size_t shifts when computing a size_t 4d01bc2d9c Merge #606: travis: Remove unused sudo:false e6d01e9347 Use size_t shifts when computing a size_t 7667532bd7 travis: Remove unused sudo:false ee99f12f3d Merge #599: Switch x86_64 asm to use "i" instead of "n" for immediate values. d58bc93f2c Switch x86_64 asm to use "i" instead of "n" for immediate values. 05362ee042 Merge #597: Add $(COMMON_LIB) to exhaustive tests to fix ARM asm build 83483869ac Add $(COMMON_LIB) to exhaustive tests to fix ARM asm build aa15154a48 Merge #568: Fix integer overflow in ecmult_multi_var when n is large 2277af5ff0 Fix integer overflow in ecmult_multi_var when n is large 85d0e1bcce Merge #591: Make bench_internal obey secp256k1_fe_sqrt's contract wrt aliasing. 14196379ec Merge #580: Add trivial ecmult_multi algorithm which does not require a scratch space a697d82da9 Add trivial ecmult_multi to the benchmark tool bade617417 Add trivial ecmult_multi algorithm. It is selected when no scratch space is given and just multiplies and adds the points. 5545e13dea Merge #584: configure: Use CFLAGS_FOR_BUILD when checking native compiler 20c5869df2 Merge #516: improvements to random seed in src/tests.c b76e45d5d6 Make bench_internal obey secp256k1_fe_sqrt's contract wrt aliasing. 870a977644 Merge #562: Make use of TAG_PUBKEY constants in secp256k1_eckey_pubkey_parse be40c4d0b5 Fixup for C90 mixed declarations. c71dd2c08f Merge #509: Fix algorithm selection in bench_ecmult 6492bf88cc Merge #518: Summarize build options after running configure 0e9ada1941 Merge #567: Correct order of libs returned on pkg-config --libs --static libsecp2… e96901a4b9 Merge #587: Make randomization of a non-signing context a noop 58df8d03ad Merge #511: Portability fix for the configure scripts generated 2ebdad772a Merge #552: Make constants static: 1c131affd3 Merge #551: secp256k1_fe_sqrt: Verify that the arguments don't alias. ba698f883b Merge #539: Assorted minor corrections 949e85b009 Merge #550: Optimize secp256k1_fe_normalize_weak calls. a34bcaadf1 Actually pass CFLAGS_FOR_BUILD and LDFLAGS_FOR_BUILD to linker 2d5f4cebdc configure: Use CFLAGS_FOR_BUILD when checking native compiler b408c6a8b2 Merge #579: Use __GNUC_PREREQ for detecting __builtin_expect 6198375218 Make randomization of a non-signing context a noop c663397f46 Use __GNUC_PREREQ for detecting __builtin_expect e34ceb333b Merge #557: Eliminate scratch memory used when generating contexts b3bf5f99a3 ecmult_impl: expand comment to explain how effective affine interacts with everything efa783f8f0 Store z-ratios in the 'x' coord they'll recover ffd3b346fe add `secp256k1_ge_set_all_gej_var` test which deals with many infinite points 84740acd2a ecmult_impl: save one fe_inv_var 47045270fa ecmult_impl: eliminate scratch memory used when generating context 7f7a2ed3a8 ecmult_gen_impl: eliminate scratch memory used when generating context 314a61d724 Merge #553: add static context object which has no capabilities 89a20a8945 Correct order of libs returned on pkg-config --libs --static libsecp256k1 call. 1086fda4c1 Merge #354: [ECDH API change] Support custom hash function d3cb1f95eb Make use of TAG_PUBKEY constants in secp256k1_eckey_pubkey_parse 40fde611bd prevent attempts to modify `secp256k1_context_no_precomp` ed7c08417a add static context object which has no capabilities 496c5b43b8 Make constants static: static const secp256k1_ge secp256k1_ge_const_g; static const int CURVE_B; bf8b86cc07 secp256k1_fe_sqrt: Verify that the arguments don't alias. 9bd89c836b Optimize secp256k1_fe_normalize_weak calls. Move secp256k1_fe_normalize_weak calls out of ECMULT_TABLE_GET_GE and ECMULT_TABLE_GET_GE_STORAGE and into secp256k1_ge_globalz_set_table_gej instead. 52ab96fedb clean dependendies in field_*_impl.h deff5edd42 Correct math typos in field_*.h 4efb3f8dd1 Add check that restrict pointers don't alias with all parameters. 1e6f1f5ad5 Merge #529: fix tests.c in the count == 0 case c8fbc3c397 [ECDH API change] Allow pass arbitrary data to hash function b00be65056 [ECDH API change] Support custom hash function 95e99f196f fix tests.c in the count == 0 case 452d8e4d2a Merge #523: scratch: add stack frame support 6fe50439ae scratch: add stack frame support 9bc2e26502 Merge #522: parameterize ecmult_const over input size 7c1b91ba4b parameterize ecmult_const over input size dbc3ddd5e2 Merge #513: Increase sparsity of pippenger fixed window naf representation 3965027c81 Summarize build options in configure script 0f0517369c Fix algorithm selection in bench_ecmult fb9271dcf0 Merge #510: add a couple missing `const`s to ecmult_pippenger_wnaf cd5f6028e5 Merge #515: Fix typo 09146ae854 Merge #512: secp256k1_ec_privkey_negate - fix documentation ec0a7b3ae3 Don't touch leading zeros in wnaf_fixed. 9e36d1bfe2 Fix bug in wnaf_fixed where the wnaf array is not completely zeroed when given a 0 scalar. 96f68a0afc Don't invert scalar in wnaf_fixed when it is even because a caller might intentionally give a scalar with many leading zeros. 8b3841c91d fix bug in fread() failure check cddef0c0be tests: add warning message when /dev/urandom fails 9b7c47a21e Fix typo 6dbb007869 Increase sparsity of pippenger fixed window naf representation 1646ace4d5 secp256k1_ec_privkey_negate - fix documentation 270f6c80db Portability fix for the configure scripts generated 9b3ff0309d add a couple missing `const`s to ecmult_pippenger_wnaf cd329dbc3e Merge #460: [build] Update ax_jni_include_dir.m4 macro 7f9c1a1565 Merge #498: tests: Avoid calling fclose(...) with an invalid argument f99aa8d4d3 Merge #499: tests: Make sure we get the requested number of bytes from /dev/urandom b549d3d5f7 Merge #472: [build] Set --enable-jni to no by default instead of auto. d333521516 Merge #494: Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS 2ef8ea5d21 Merge #495: Add bench_ecmult to .gitignore 82a96e4587 tests: Make sure we get the requested number of bytes from /dev/urandom 5aae5b5bb2 Avoid calling fclose(...) with an invalid argument cb32940df3 Add bench_ecmult to .gitignore 31abd3ab8d Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS c95f6f1360 Merge #487: fix tests typo, s/changed/unchanged fb46c83881 Merge #463: Reduce usage of hardcoded size constants 02f5001dfc Merge #490: Disambiguate bench functions and types 1f46d6089e Disambiguate bench functions and types f54c6c5083 Merge #480: Enable benchmark building by default c77fc08597 Merge #486: Add pippenger_wnaf for multi-multiplication d2f9c6b5dc Use more precise pippenger bucket windows 4c950bbeaf Save some additions per window in _pippenger_wnaf a58f543f5a Add flags for choosing algorithm in ecmult_multi benchmark 36b22c9337 Use scratch space dependent batching in ecmult_multi 355a38f113 Add pippenger_wnaf ecmult_multi bc65aa794e Add bench_ecmult dba5471b69 Add ecmult_multi tests 8c1c831bdb Generalize Strauss to support multiple points 548de42ecf add resizeable scratch space API 0e96cdc6b6 fix typo, s/changed/unchanged c7680e570f Reduce usage of hardcoded size constants 6ad5cdb42a Merge #479: Get rid of reserved _t in type names 7a78f60598 Print whether we're building benchmarks 4afec9f1ae Build benchmarks by default d1dc9dfc0a Get rid of reserved _t in type names 57752d28b3 [build] Set --enable-jni to no by default instead of auto. e7daa9b3c2 [build] Tweak JNI macro to warn instead of error for JNI not found. 5b22977922 [build] Update ax_jni_include_dir.m4 macro to deal with recent versions of macOS git-subtree-dir: src/secp256k1 git-subtree-split: b19c000063be11018b4d1a6b0a85871ab9d0bdcf
2019-03-31 11:41:05 -07:00
Squashed 'src/secp256k1/' changes from 84973d393..0b7024185 0b7024185 Merge #474: Fix header guards using reserved identifiers ab1f89f00 Merge #478: Fixed multiple typos 8c7ea22d5 Fixed multiple typos abe2d3e84 Fix header guards using reserved identifiers f532bdc9f Merge #459: Add pubkey prefix constants to include/secp256k1.h cac7c5559 Merge #470: Fix wnaf_const documentation 768514bac Fix wnaf_const documentation with respect to return value and number of words set b8c26a399 Merge #458: Fix typo in API documentation 817fb2013 Merge #440: Fix typos 12230f90e Merge #468: Remove redundant conditional expression 2e1ccdca0 Remove redundant conditional expression bc61b91ac add pubkey prefix constants to include/secp256k1.h b0452e664 Fix typo in API documentation 4c0f32ed5 Fix typo: "Agressive" → "Aggressive" 73aca8364 Fix typo: "exectured" → "executed" git-subtree-dir: src/secp256k1 git-subtree-split: 0b7024185045a49a1a6a4c5615bf31c94f63d9c4
2017-09-29 16:00:20 +02:00
#endif /* SECP256K1_ECMULT_H */
Copy permalink