frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,253 Commits 14 Branches 0 Tags
Commit Graph

85 Commits

Author SHA1 Message Date
siv2r
54058d16fe field: remove secp256k1_fe_equal_var 
`fe_equal_var` hits a fast path only when the inputs are unequal, which is
uncommon among its callers (public key parsing, ECDSA verify).
 2023-08-16 17:39:25 +05:30
Sebastian Falbesoner
49afd2f5d8 Take use of _fe_verify_magnitude in field_impl.h 2023-07-22 01:52:06 +02:00
Peter Dettman
4e9661fc42 Add _fe_verify_magnitude (no-op unless VERIFY is enabled) 
Co-authored-by: Tim Ruffing <crypto@timruffing.de>
 2023-07-22 01:52:06 +02:00
Tim Ruffing
b79ba8aa4c field: Use restrict consistently in fe_sqrt 
That is, use it also in the definition and not only the declaration.

I believe this was the intention of commit
be82bd8e0347e090037ff1d30a22a9d614db8c9f, but it was omitted there.
 2023-07-06 16:44:52 +02:00
Tim Ruffing
be8ff3a02a field: Static-assert that int args affecting magnitude are constant 
See #1001.
 2023-06-13 13:34:49 +02:00
Pieter Wuille
31b4bbee1e Make fe_cmov take max of magnitudes 2023-05-15 09:36:55 -04:00
Pieter Wuille
5b32602295 Split fe_set_b32 into reducing and normalizing variants 2023-05-11 13:49:33 -04:00
Pieter Wuille
7fc642fa25 Simplify secp256k1_fe_{impl_,}verify 2023-05-11 06:25:59 -04:00
Pieter Wuille
4e176ad5b9 Abstract out verify logic for fe_is_square_var 2023-05-11 06:25:56 -04:00
Pieter Wuille
4371f98346 Abstract out verify logic for fe_add_int 2023-05-11 06:25:19 -04:00
Pieter Wuille
89e324c6b9 Abstract out verify logic for fe_half 2023-05-11 06:25:15 -04:00
Pieter Wuille
283cd80ab4 Abstract out verify logic for fe_get_bounds 2023-05-11 06:24:26 -04:00
Pieter Wuille
d5aa2f0358 Abstract out verify logic for fe_inv{,_var} 2023-05-11 06:24:26 -04:00
Pieter Wuille
3167646072 Abstract out verify logic for fe_from_storage 2023-05-11 06:24:26 -04:00
Pieter Wuille
76d31e5047 Abstract out verify logic for fe_to_storage 2023-05-11 06:24:26 -04:00
Pieter Wuille
1e6894bdd7 Abstract out verify logic for fe_cmov 2023-05-11 06:24:26 -04:00
Pieter Wuille
be82bd8e03 Improve comments/checks for fe_sqrt 2023-05-11 06:24:22 -04:00
Pieter Wuille
6ab35082ef Abstract out verify logic for fe_sqr 2023-05-11 06:18:40 -04:00
Pieter Wuille
4c25f6efbd Abstract out verify logic for fe_mul 2023-05-11 06:18:40 -04:00
Pieter Wuille
e179e651cb Abstract out verify logic for fe_add 2023-05-11 06:18:40 -04:00
Pieter Wuille
7e7ad7ff57 Abstract out verify logic for fe_mul_int 2023-05-11 06:18:40 -04:00
Pieter Wuille
65d82a3445 Abstract out verify logic for fe_negate 2023-05-11 06:18:40 -04:00
Pieter Wuille
144670893e Abstract out verify logic for fe_get_b32 2023-05-11 06:18:40 -04:00
Pieter Wuille
f7a7666aeb Abstract out verify logic for fe_set_b32 2023-05-11 06:18:40 -04:00
Pieter Wuille
ce4d2093e8 Abstract out verify logic for fe_cmp_var 2023-05-11 06:18:40 -04:00
Pieter Wuille
7d7d43c6dd Improve comments/check for fe_equal{,_var} 2023-05-11 06:18:40 -04:00
Pieter Wuille
c5e788d672 Abstract out verify logic for fe_is_odd 2023-05-11 06:18:40 -04:00
Pieter Wuille
d3f3fe8616 Abstract out verify logic for fe_is_zero 2023-05-11 06:18:40 -04:00
Pieter Wuille
c701d9a471 Abstract out verify logic for fe_clear 2023-05-11 06:18:40 -04:00
Pieter Wuille
19a2bfeeea Abstract out verify logic for fe_set_int 2023-05-11 06:18:40 -04:00
Pieter Wuille
864f9db491 Abstract out verify logic for fe_normalizes_to_zero{,_var} 2023-05-11 06:18:40 -04:00
Pieter Wuille
6c31371120 Abstract out verify logic for fe_normalize_var 2023-05-11 06:18:40 -04:00
Pieter Wuille
e28b51f522 Abstract out verify logic for fe_normalize_weak 2023-05-11 06:18:40 -04:00
Pieter Wuille
b6b6f9cb97 Abstract out verify logic for fe_normalize 2023-05-11 06:18:40 -04:00
Pieter Wuille
b29566c51b Merge magnitude/normalized fields, move/improve comments 
Also split secp256k1_fe_verify into a generic and an implementation
specific part.
 2023-05-11 04:25:19 -04:00
Hennadii Stepanov
b627ba7050
Remove dependency on src/libsecp256k1-config.h 
This change eases the use of alternate build systems by moving
the variables in `src/libsecp256k1-config.h` to compiler macros
for each invocation, preventing duplication of these variables
for each build system.

Co-authored-by: Ali Sherief <ali@notatether.com>
 2022-12-15 10:56:16 +00:00
Russell O'Connor
c9da1baad1 Move secp256k1_fe_one to field.h 
This makes secp256k1_fe_one part of field.h's interface, and allows other modules to appropriately access the constant.
 2022-01-19 09:53:02 -05:00
Pieter Wuille
1f233b3fa0 Remove num/gmp support 
The whole "num" API and its libgmp-based implementation are now unused. Remove them.
 2021-03-15 13:01:52 -07:00
Pieter Wuille
20448b8d09 Remove unused Jacobi symbol support 
No exposed functions rely on Jacobi symbol computation anymore. Remove it; it can always
be brough back later if needed.
 2021-03-12 10:06:18 -08:00
Pieter Wuille
436281afdc Move secp256k1_fe_inverse{_var} to per-impl files 
This temporarily duplicates the inversion code across the 5x52 and 10x26
implementations. Those implementations will be replaced in a next commit.
 2021-03-11 10:25:26 -08:00
Pieter Wuille
75d2ae149e Remove unused secp256k1_fe_inv_all_var 2021-01-23 20:16:51 -08:00
Dimitris Apostolou
07aa4c70ff
Fix insecure links 2020-12-18 00:24:22 +02:00
Pieter Wuille
79f1f7a4f1 Autodetect __int128 availability on the C side 
Instead of supporting configuration of the field and scalar size independently,
both are now controlled by the availability of a 64x64->128 bit multiplication
(currently only through __int128). This is autodetected from the C code through
__SIZEOF_INT128__, but can be overridden using configure's
--with-test-override-wide-multiply, or by defining
USE_FORCE_WIDEMUL_{INT64,INT128} manually.
 2020-08-10 14:56:39 -07:00
Gregory Maxwell
34a67c773b Eliminate harmless non-constant time operations on secret data. 
There were several places where the code was non-constant time
 for invalid secret inputs.  These are harmless under sane use
 but get in the way of automatic const-time validation.

(Nonce overflow in signing is not addressed, nor is s==0 in
 signing)
 2020-02-20 17:27:03 +00:00
Gregory Maxwell
1c131affd3
Merge #551: secp256k1_fe_sqrt: Verify that the arguments don't alias. 
bf8b86c secp256k1_fe_sqrt: Verify that the arguments don't alias. (Russell O'Connor)

Pull request description:

Tree-SHA512: 4e9128625817be83a1259e7dbdb82c4be8ee0174af7d5e76eeac3245d23d6bf01378d9697dcb870eb61577afd7c0556cb3c6633e3b27504add14c10b18f7c607
 2019-02-21 04:23:50 +00:00
Russell O'Connor
bf8b86cc07 secp256k1_fe_sqrt: Verify that the arguments don't alias. 2018-08-14 18:21:13 -04:00
Russell O'Connor
52ab96fedb clean dependendies in field_*_impl.h 2018-07-06 08:40:35 -04:00
Dan Raviv
abe2d3e84b Fix header guards using reserved identifiers 
Identifiers starting with an underscore and followed immediately by a capital letter are reserved by the C++ standard.

The only header guards not fixed are those in the headers auto-generated from java.
 2017-08-26 18:44:21 +03:00
llamasoft
7d893f4980 Fix secp256k1_fe_inv_all_var parameter order 
Rearranged secp256k1_fe_inv_all_var parameters so length is after array.
Text editor removed some trailing whitespaces.
 2016-07-26 12:15:19 -05:00
Pieter Wuille
926836ad36 Make secp256k1_fe_sqrt constant time 2016-07-09 14:23:44 +02:00