doc/dev/field__impl_8h_source.html

/***********************************************************************

 * Copyright (c) 2013, 2014 Pieter Wuille                              *

 * Distributed under the MIT software license, see the accompanying    *

 * file COPYING or https://www.opensource.org/licenses/mit-license.php.*

 ***********************************************************************/


#ifndef SECP256K1_FIELD_IMPL_H

#define SECP256K1_FIELD_IMPL_H


#if defined HAVE_CONFIG_H

#include "libsecp256k1-config.h"

#endif


#include "util.h"


#if defined(SECP256K1_WIDEMUL_INT128)

#include "field_5x52_impl.h"

#elif defined(SECP256K1_WIDEMUL_INT64)

#include "field_10x26_impl.h"

#else

#error "Please select wide multiplication implementation"

#endif


SECP256K1_INLINE static int secp256k1_fe_equal(const secp256k1_fe *a, const secp256k1_fe *b) {

    secp256k1_fe na;

    secp256k1_fe_negate(&na, a, 1);

    secp256k1_fe_add(&na, b);

    return secp256k1_fe_normalizes_to_zero(&na);

}


SECP256K1_INLINE static int secp256k1_fe_equal_var(const secp256k1_fe *a, const secp256k1_fe *b) {

    secp256k1_fe na;

    secp256k1_fe_negate(&na, a, 1);

    secp256k1_fe_add(&na, b);

    return secp256k1_fe_normalizes_to_zero_var(&na);

}


static int secp256k1_fe_sqrt(secp256k1_fe *r, const secp256k1_fe *a) {

    secp256k1_fe x2, x3, x6, x9, x11, x22, x44, x88, x176, x220, x223, t1;

    int j;


    VERIFY_CHECK(r != a);


    secp256k1_fe_sqr(&x2, a);

    secp256k1_fe_mul(&x2, &x2, a);


    secp256k1_fe_sqr(&x3, &x2);

    secp256k1_fe_mul(&x3, &x3, a);


    x6 = x3;

    for (j=0; j<3; j++) {

        secp256k1_fe_sqr(&x6, &x6);

    }

    secp256k1_fe_mul(&x6, &x6, &x3);


    x9 = x6;

    for (j=0; j<3; j++) {

        secp256k1_fe_sqr(&x9, &x9);

    }

    secp256k1_fe_mul(&x9, &x9, &x3);


    x11 = x9;

    for (j=0; j<2; j++) {

        secp256k1_fe_sqr(&x11, &x11);

    }

    secp256k1_fe_mul(&x11, &x11, &x2);


    x22 = x11;

    for (j=0; j<11; j++) {

        secp256k1_fe_sqr(&x22, &x22);

    }

    secp256k1_fe_mul(&x22, &x22, &x11);


    x44 = x22;

    for (j=0; j<22; j++) {

        secp256k1_fe_sqr(&x44, &x44);

    }

    secp256k1_fe_mul(&x44, &x44, &x22);


    x88 = x44;

    for (j=0; j<44; j++) {

        secp256k1_fe_sqr(&x88, &x88);

    }

    secp256k1_fe_mul(&x88, &x88, &x44);


    x176 = x88;

    for (j=0; j<88; j++) {

        secp256k1_fe_sqr(&x176, &x176);

    }

    secp256k1_fe_mul(&x176, &x176, &x88);


    x220 = x176;

    for (j=0; j<44; j++) {

        secp256k1_fe_sqr(&x220, &x220);

    }

    secp256k1_fe_mul(&x220, &x220, &x44);


    x223 = x220;

    for (j=0; j<3; j++) {

        secp256k1_fe_sqr(&x223, &x223);

    }

    secp256k1_fe_mul(&x223, &x223, &x3);


    /* The final result is then assembled using a sliding window over the blocks. */


    t1 = x223;

    for (j=0; j<23; j++) {

        secp256k1_fe_sqr(&t1, &t1);

    }

    secp256k1_fe_mul(&t1, &t1, &x22);

    for (j=0; j<6; j++) {

        secp256k1_fe_sqr(&t1, &t1);

    }

    secp256k1_fe_mul(&t1, &t1, &x2);

    secp256k1_fe_sqr(&t1, &t1);

    secp256k1_fe_sqr(r, &t1);


    /* Check that a square root was actually calculated */


    secp256k1_fe_sqr(&t1, r);

    return secp256k1_fe_equal(&t1, a);

}


static int secp256k1_fe_is_quad_var(const secp256k1_fe *a) {

    secp256k1_fe r;

    return secp256k1_fe_sqrt(&r, a);

}


static const secp256k1_fe secp256k1_fe_one = SECP256K1_FE_CONST(0, 0, 0, 0, 0, 0, 0, 1);


#endif /* SECP256K1_FIELD_IMPL_H */

secp256k1_fe_negate
static void secp256k1_fe_negate(secp256k1_fe *r, const secp256k1_fe *a, int m)
Set a field element equal to the additive inverse of another.

secp256k1_fe_mul
static void secp256k1_fe_mul(secp256k1_fe *r, const secp256k1_fe *a, const secp256k1_fe *SECP256K1_RESTRICT b)
Sets a field element to be the product of two others.

secp256k1_fe_normalizes_to_zero_var
static int secp256k1_fe_normalizes_to_zero_var(secp256k1_fe *r)
Verify whether a field element represents zero i.e.

secp256k1_fe_sqr
static void secp256k1_fe_sqr(secp256k1_fe *r, const secp256k1_fe *a)
Sets a field element to be the square of another.

secp256k1_fe_add
static void secp256k1_fe_add(secp256k1_fe *r, const secp256k1_fe *a)
Adds a field element to another.

secp256k1_fe_normalizes_to_zero
static int secp256k1_fe_normalizes_to_zero(secp256k1_fe *r)
Verify whether a field element represents zero i.e.

SECP256K1_FE_CONST
#define SECP256K1_FE_CONST(d7, d6, d5, d4, d3, d2, d1, d0)
Definition: field_10x26.h:40

field_10x26_impl.h

field_5x52_impl.h

secp256k1_fe_is_quad_var
static int secp256k1_fe_is_quad_var(const secp256k1_fe *a)
Definition: field_impl.h:138

secp256k1_fe_sqrt
static int secp256k1_fe_sqrt(secp256k1_fe *r, const secp256k1_fe *a)
Definition: field_impl.h:38

secp256k1_fe_equal_var
static SECP256K1_INLINE int secp256k1_fe_equal_var(const secp256k1_fe *a, const secp256k1_fe *b)
Definition: field_impl.h:31

secp256k1_fe_one
static const secp256k1_fe secp256k1_fe_one
Definition: field_impl.h:143

secp256k1_fe_equal
static SECP256K1_INLINE int secp256k1_fe_equal(const secp256k1_fe *a, const secp256k1_fe *b)
Definition: field_impl.h:24

VERIFY_CHECK
#define VERIFY_CHECK(cond)
Definition: util.h:68

SECP256K1_INLINE
#define SECP256K1_INLINE
Definition: secp256k1.h:127

secp256k1_fe
Definition: field_10x26.h:12

util.h