frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge bitcoin-core/secp256k1#1217: Add secp256k1_fe_add_int function

Browse Source 
b081f7e4cbfd27edc36e823dcd93537a46f7d2a6 Add secp256k1_fe_add_int function (Pieter Wuille)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK b081f7e4cbfd27edc36e823dcd93537a46f7d2a6
  real-or-random:
    utACK b081f7e4cbfd27edc36e823dcd93537a46f7d2a6

Tree-SHA512: daf9956c81a328505faee7fb59d29ec0c5a326bce7c48159a8e0ed7590505b430785d750d0c34f152b9119ad130030063be999da0c2035747a27fe501e77560a
This commit is contained in:
Jonas Nick 2023-03-07 14:07:06 +00:00
commit 9d1b458d5f
No known key found for this signature in database
GPG Key ID: 4861DBF262123605
5 changed files with 43 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/field.h
View File

@ -85,6 +85,9 @@ static void secp256k1_fe_get_b32(unsigned char *r, const secp256k1_fe *a);
* as an argument. The magnitude of the output is one higher. */ * as an argument. The magnitude of the output is one higher. */
static void secp256k1_fe_negate(secp256k1_fe *r, const secp256k1_fe *a, int m); static void secp256k1_fe_negate(secp256k1_fe *r, const secp256k1_fe *a, int m);
/** Adds a small integer (up to 0x7FFF) to r. The resulting magnitude increases by one. */
static void secp256k1_fe_add_int(secp256k1_fe *r, int a);
/** Multiplies the passed field element with a small integer constant. Multiplies the magnitude by that /** Multiplies the passed field element with a small integer constant. Multiplies the magnitude by that
* small integer. */ * small integer. */
static void secp256k1_fe_mul_int(secp256k1_fe *r, int a); static void secp256k1_fe_mul_int(secp256k1_fe *r, int a);

14
src/field_10x26_impl.h
View File

@ -482,6 +482,20 @@ SECP256K1_INLINE static void secp256k1_fe_add(secp256k1_fe *r, const secp256k1_f
#endif #endif
} }
SECP256K1_INLINE static void secp256k1_fe_add_int(secp256k1_fe *r, int a) {
#ifdef VERIFY
secp256k1_fe_verify(r);
VERIFY_CHECK(a >= 0);
VERIFY_CHECK(a <= 0x7FFF);
#endif
r->n[0] += a;
#ifdef VERIFY
r->magnitude += 1;
r->normalized = 0;
secp256k1_fe_verify(r);
#endif
}
#if defined(USE_EXTERNAL_ASM) #if defined(USE_EXTERNAL_ASM)
/* External assembler implementation */ /* External assembler implementation */

14
src/field_5x52_impl.h
View File

@ -425,6 +425,20 @@ SECP256K1_INLINE static void secp256k1_fe_mul_int(secp256k1_fe *r, int a) {
#endif #endif
} }
SECP256K1_INLINE static void secp256k1_fe_add_int(secp256k1_fe *r, int a) {
#ifdef VERIFY
secp256k1_fe_verify(r);
VERIFY_CHECK(a >= 0);
VERIFY_CHECK(a <= 0x7FFF);
#endif
r->n[0] += a;
#ifdef VERIFY
r->magnitude += 1;
r->normalized = 0;
secp256k1_fe_verify(r);
#endif
}
SECP256K1_INLINE static void secp256k1_fe_add(secp256k1_fe *r, const secp256k1_fe *a) { SECP256K1_INLINE static void secp256k1_fe_add(secp256k1_fe *r, const secp256k1_fe *a) {
#ifdef VERIFY #ifdef VERIFY
secp256k1_fe_verify(a); secp256k1_fe_verify(a);

4
src/group_impl.h
View File

@ -227,7 +227,7 @@ static int secp256k1_ge_set_xo_var(secp256k1_ge *r, const secp256k1_fe *x, int o
secp256k1_fe_sqr(&x2, x); secp256k1_fe_sqr(&x2, x);
secp256k1_fe_mul(&x3, x, &x2); secp256k1_fe_mul(&x3, x, &x2);
r->infinity = 0; r->infinity = 0;
secp256k1_fe_add(&x3, &secp256k1_fe_const_b); secp256k1_fe_add_int(&x3, SECP256K1_B);
if (!secp256k1_fe_sqrt(&r->y, &x3)) { if (!secp256k1_fe_sqrt(&r->y, &x3)) {
return 0; return 0;
} }
@ -282,7 +282,7 @@ static int secp256k1_ge_is_valid_var(const secp256k1_ge *a) {
/* y^2 = x^3 + 7 */ /* y^2 = x^3 + 7 */
secp256k1_fe_sqr(&y2, &a->y); secp256k1_fe_sqr(&y2, &a->y);
secp256k1_fe_sqr(&x3, &a->x); secp256k1_fe_mul(&x3, &x3, &a->x); secp256k1_fe_sqr(&x3, &a->x); secp256k1_fe_mul(&x3, &x3, &a->x);
secp256k1_fe_add(&x3, &secp256k1_fe_const_b); secp256k1_fe_add_int(&x3, SECP256K1_B);
secp256k1_fe_normalize_weak(&x3); secp256k1_fe_normalize_weak(&x3);
return secp256k1_fe_equal_var(&y2, &x3); return secp256k1_fe_equal_var(&y2, &x3);
} }

11
src/tests.c
View File

@ -3093,6 +3093,7 @@ static void run_field_misc(void) {
secp256k1_fe y; secp256k1_fe y;
secp256k1_fe z; secp256k1_fe z;
secp256k1_fe q; secp256k1_fe q;
int v;
secp256k1_fe fe5 = SECP256K1_FE_CONST(0, 0, 0, 0, 0, 0, 0, 5); secp256k1_fe fe5 = SECP256K1_FE_CONST(0, 0, 0, 0, 0, 0, 0, 5);
int i, j; int i, j;
for (i = 0; i < 1000 * COUNT; i++) { for (i = 0; i < 1000 * COUNT; i++) {
@ -3103,6 +3104,14 @@ static void run_field_misc(void) {
random_fe_test(&x); random_fe_test(&x);
} }
random_fe_non_zero(&y); random_fe_non_zero(&y);
v = secp256k1_testrand_bits(15);
/* Test that fe_add_int is equivalent to fe_set_int + fe_add. */
secp256k1_fe_set_int(&q, v); /* q = v */
z = x; /* z = x */
secp256k1_fe_add(&z, &q); /* z = x+v */
q = x; /* q = x */
secp256k1_fe_add_int(&q, v); /* q = x+v */
CHECK(check_fe_equal(&q, &z));
/* Test the fe equality and comparison operations. */ /* Test the fe equality and comparison operations. */
CHECK(secp256k1_fe_cmp_var(&x, &x) == 0); CHECK(secp256k1_fe_cmp_var(&x, &x) == 0);
CHECK(secp256k1_fe_equal_var(&x, &x)); CHECK(secp256k1_fe_equal_var(&x, &x));
@ -3371,7 +3380,7 @@ static void test_inverse_field(secp256k1_fe* out, const secp256k1_fe* x, int var
(var ? secp256k1_fe_inv_var : secp256k1_fe_inv)(&r, &r); /* r = 1/(x-1) */ (var ? secp256k1_fe_inv_var : secp256k1_fe_inv)(&r, &r); /* r = 1/(x-1) */
secp256k1_fe_add(&l, &fe_minus_one); /* l = 1/x-1 */ secp256k1_fe_add(&l, &fe_minus_one); /* l = 1/x-1 */
(var ? secp256k1_fe_inv_var : secp256k1_fe_inv)(&l, &l); /* l = 1/(1/x-1) */ (var ? secp256k1_fe_inv_var : secp256k1_fe_inv)(&l, &l); /* l = 1/(1/x-1) */
secp256k1_fe_add(&l, &secp256k1_fe_one); /* l = 1/(1/x-1)+1 */ secp256k1_fe_add_int(&l, 1); /* l = 1/(1/x-1)+1 */
secp256k1_fe_add(&l, &r); /* l = 1/(1/x-1)+1 + 1/(x-1) */ secp256k1_fe_add(&l, &r); /* l = 1/(1/x-1)+1 + 1/(x-1) */
CHECK(secp256k1_fe_normalizes_to_zero_var(&l)); /* l == 0 */ CHECK(secp256k1_fe_normalizes_to_zero_var(&l)); /* l == 0 */
} }