frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
756 Commits 14 Branches 0 Tags
Commit Graph

23 Commits

Author SHA1 Message Date
Pieter Wuille
dd891e0ed5 Get rid of _t as it is POSIX reserved 2015-09-21 21:03:37 +02:00
Andrew Poelstra
ed35d43a0c Make secp256k1_scalar_add_bit conditional; make secp256k1_scalar_split_lambda_var constant time 
This has the effect of making `secp256k1_scalar_mul_shift_var` constant
time in both input scalars. Keep the _var name because it is NOT constant
time in the shift amount.

As used in `secp256k1_scalar_split_lambda_var`, the shift is always
the constant 272, so this function becomes constant time, and it
loses the `_var` suffix.
 2015-08-01 10:57:36 -05:00
Andrew Poelstra
4401500060 Add constant-time multiply secp256k1_ecmult_const for ECDH 
Designed with clear separation of the wNAF conversion, precomputation
and exponentiation (since the precomp at least we will probably want
to separate in the API for users who reuse points a lot.

Future work:
  - actually separate precomp in the API
  - do multiexp rather than single exponentiation
 2015-07-31 12:39:09 -05:00
Gregory Maxwell
f735446c4d Convert the rest of the codebase to C89. 
Update build system to enforce -std=c89 -pedantic.
 2015-01-25 17:44:10 +00:00
Pieter Wuille
f1ebfe399f Convert the scalar constant initialization to static consts 2015-01-22 22:44:48 -05:00
Pieter Wuille
4d879a3a66
Merge pull request #134 
29ae131 Make scalar_add_bit test's overflow detection exact (Pieter Wuille)
 2014-12-04 12:21:06 +01:00
Pieter Wuille
29ae1310ce Make scalar_add_bit test's overflow detection exact 2014-12-03 18:54:01 +01:00
Pieter Wuille
ff8746d457 Add secp256k1_scalar_mul_shift_var 2014-12-02 16:50:00 +01:00
Pieter Wuille
597128d389 Make num optional 2014-12-01 12:38:38 +01:00
Pieter Wuille
659b554d7b Make constant initializers independent from num 2014-12-01 12:38:38 +01:00
Pieter Wuille
4285a98722 Move lambda-splitting code to scalar. 
It's not really an operation on group elements.
 2014-11-30 23:38:01 +01:00
Pieter Wuille
f24041d6aa Switch all EC/ECDSA logic from num to scalar 2014-11-30 23:38:01 +01:00
Pieter Wuille
6794be6080 Add scalar splitting functions 
Which currently delegate to the lambda-splitter in group.
 2014-11-30 23:38:01 +01:00
Pieter Wuille
d1502eb459 Add secp256k1_scalar_inverse_var which delegates to GMP 2014-11-30 23:38:01 +01:00
Pieter Wuille
1e6c77c321 Generalize secp256k1_scalar_get_bits 2014-11-30 23:38:01 +01:00
Pieter Wuille
5213207856 Add secp256k1_scalar_add_bit 2014-11-30 23:37:58 +01:00
Gregory Maxwell
71712b27e5 Switch to C89 comments in prep for making the whole codebase C89 compatible. 
This should be whitespace/comment only changes and should produce the same
object code.
 2014-11-15 07:33:07 -08:00
Gregory Maxwell
a4a43d7543 Reorder static to comply with C99 and switch to the inline macro. 2014-11-12 13:07:55 -08:00
Pieter Wuille
1d52a8b155 Implementations for scalar without data-dependent branches. 2014-11-04 03:01:55 -08:00
Pieter Wuille
501d58f098 Get rid of {num,scalar,ecdsa_sig}_{init,free} 2014-11-03 01:31:04 -08:00
Pieter Wuille
79359302fb Add unit tests for scalars. 
Also add a secp256k1_scalar_is_one function.
 2014-10-29 02:11:07 -07:00
Pieter Wuille
eca6cdb123 Switch scalar to use get/set 32-byte arrays 2014-10-29 00:40:56 -07:00
Pieter Wuille
a9f5c8b875 Introduce secp256k1_scalar_t for future constant-time mod order operations 2014-10-28 04:33:23 -07:00