Core-master/ecmult__gen__compute__table__impl_8h_source.html

 /***********************************************************************

  * Copyright (c) 2013, 2014, 2015 Pieter Wuille, Gregory Maxwell       *

  * Distributed under the MIT software license, see the accompanying    *

  * file COPYING or https://www.opensource.org/licenses/mit-license.php.*

  ***********************************************************************/


 #ifndef SECP256K1_ECMULT_GEN_COMPUTE_TABLE_IMPL_H

 #define SECP256K1_ECMULT_GEN_COMPUTE_TABLE_IMPL_H


 #include "ecmult_gen_compute_table.h"

 #include "group_impl.h"

 #include "field_impl.h"

 #include "ecmult_gen.h"

 #include "util.h"


 static void secp256k1_ecmult_gen_compute_table(secp256k1_ge_storage* table, const secp256k1_ge* gen, int bits) {

     int g = ECMULT_GEN_PREC_G(bits);

     int n = ECMULT_GEN_PREC_N(bits);


     secp256k1_ge* prec = checked_malloc(&default_error_callback, n * g * sizeof(*prec));

     secp256k1_gej gj;

     secp256k1_gej nums_gej;

     int i, j;


     VERIFY_CHECK(g > 0);

     VERIFY_CHECK(n > 0);


     /* get the generator */

     secp256k1_gej_set_ge(&gj, gen);


     /* Construct a group element with no known corresponding scalar (nothing up my sleeve). */

     {

         static const unsigned char nums_b32[33] = "The scalar for this x is unknown";

         secp256k1_fe nums_x;

         secp256k1_ge nums_ge;

         int r;

         r = secp256k1_fe_set_b32_limit(&nums_x, nums_b32);

         (void)r;

         VERIFY_CHECK(r);

         r = secp256k1_ge_set_xo_var(&nums_ge, &nums_x, 0);

         (void)r;

         VERIFY_CHECK(r);

         secp256k1_gej_set_ge(&nums_gej, &nums_ge);

         /* Add G to make the bits in x uniformly distributed. */

         secp256k1_gej_add_ge_var(&nums_gej, &nums_gej, gen, NULL);

     }


     /* compute prec. */

     {

         secp256k1_gej gbase;

         secp256k1_gej numsbase;

         secp256k1_gej* precj = checked_malloc(&default_error_callback, n * g * sizeof(*precj));  /* Jacobian versions of prec. */

         gbase = gj; /* PREC_G^j * G */

         numsbase = nums_gej; /* 2^j * nums. */

         for (j = 0; j < n; j++) {

             /* Set precj[j*PREC_G .. j*PREC_G+(PREC_G-1)] to (numsbase, numsbase + gbase, ..., numsbase + (PREC_G-1)*gbase). */

             precj[j*g] = numsbase;

             for (i = 1; i < g; i++) {

                 secp256k1_gej_add_var(&precj[j*g + i], &precj[j*g + i - 1], &gbase, NULL);

             }

             /* Multiply gbase by PREC_G. */

             for (i = 0; i < bits; i++) {

                 secp256k1_gej_double_var(&gbase, &gbase, NULL);

             }

             /* Multiply numbase by 2. */

             secp256k1_gej_double_var(&numsbase, &numsbase, NULL);

             if (j == n - 2) {

                 /* In the last iteration, numsbase is (1 - 2^j) * nums instead. */

                 secp256k1_gej_neg(&numsbase, &numsbase);

                 secp256k1_gej_add_var(&numsbase, &numsbase, &nums_gej, NULL);

             }

         }

         secp256k1_ge_set_all_gej_var(prec, precj, n * g);

         free(precj);

     }

     for (j = 0; j < n; j++) {

         for (i = 0; i < g; i++) {

             secp256k1_ge_to_storage(&table[j*g + i], &prec[j*g + i]);

         }

     }

     free(prec);

 }


 #endif /* SECP256K1_ECMULT_GEN_COMPUTE_TABLE_IMPL_H */

ecmult_gen.h

ECMULT_GEN_PREC_G
#define ECMULT_GEN_PREC_G(bits)
Definition: ecmult_gen.h:28

ECMULT_GEN_PREC_N
#define ECMULT_GEN_PREC_N(bits)
Definition: ecmult_gen.h:29

ecmult_gen_compute_table.h

secp256k1_ecmult_gen_compute_table
static void secp256k1_ecmult_gen_compute_table(secp256k1_ge_storage *table, const secp256k1_ge *gen, int bits)
Definition: ecmult_gen_compute_table_impl.h:16

secp256k1_fe_set_b32_limit
#define secp256k1_fe_set_b32_limit
Definition: field.h:89

field_impl.h

secp256k1_gej_double_var
static void secp256k1_gej_double_var(secp256k1_gej *r, const secp256k1_gej *a, secp256k1_fe *rzr)
Set r equal to the double of a.

secp256k1_ge_set_xo_var
static int secp256k1_ge_set_xo_var(secp256k1_ge *r, const secp256k1_fe *x, int odd)
Set a group element (affine) equal to the point with the given X coordinate, and given oddness for Y.

secp256k1_gej_add_ge_var
static void secp256k1_gej_add_ge_var(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_ge *b, secp256k1_fe *rzr)
Set r equal to the sum of a and b (with b given in affine coordinates).

secp256k1_gej_add_var
static void secp256k1_gej_add_var(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_gej *b, secp256k1_fe *rzr)
Set r equal to the sum of a and b.

secp256k1_ge_set_all_gej_var
static void secp256k1_ge_set_all_gej_var(secp256k1_ge *r, const secp256k1_gej *a, size_t len)
Set a batch of group elements equal to the inputs given in jacobian coordinates.

secp256k1_gej_set_ge
static void secp256k1_gej_set_ge(secp256k1_gej *r, const secp256k1_ge *a)
Set a group element (jacobian) equal to another which is given in affine coordinates.

secp256k1_ge_to_storage
static void secp256k1_ge_to_storage(secp256k1_ge_storage *r, const secp256k1_ge *a)
Convert a group element to the storage type.

secp256k1_gej_neg
static void secp256k1_gej_neg(secp256k1_gej *r, const secp256k1_gej *a)
Set r equal to the inverse of a (i.e., mirrored around the X axis)

group_impl.h

checked_malloc
static SECP256K1_INLINE void * checked_malloc(const secp256k1_callback *cb, size_t size)
Definition: util.h:156

default_error_callback
static const secp256k1_callback default_error_callback
Definition: util.h:111

VERIFY_CHECK
#define VERIFY_CHECK(cond)
Definition: util.h:153

ByteUnit::g
@ g

secp256k1_fe
This field implementation represents the value as 10 uint32_t limbs in base 2^26.
Definition: field_10x26.h:14

secp256k1_ge_storage
Definition: group.h:38

secp256k1_ge
A group element in affine coordinates on the secp256k1 curve, or occasionally on an isomorphic curve ...
Definition: group.h:16

secp256k1_gej
A group element of the secp256k1 curve, in jacobian coordinates.
Definition: group.h:28

util.h