frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,021 Commits 14 Branches 0 Tags
Commit Graph

2021 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pieter Wuille
ee1eaa792d
Merge pull request #141 
7c6fed2 Add a few more additional tests. (Gregory Maxwell)
8d11164 Add some additional tests. (Gregory Maxwell)
 2014-12-09 01:38:01 +01:00
Pieter Wuille
c88e2b8cca Compile with -O3 by default 2014-12-09 01:30:43 +01:00
Pieter Wuille
6558a26770 Make the benchmarks print out stats 2014-12-09 01:27:39 +01:00
Pieter Wuille
000bdf6dc3 Rename bench_verify to bench_recovery 2014-12-09 00:12:02 +01:00
Gregory Maxwell
7c6fed2857 Add a few more additional tests. 2014-12-08 14:15:09 -08:00
Cory Fields
992e03bc28 travis: add clang to the test matrix 2014-12-08 17:06:41 -05:00
Pieter Wuille
b43b79a5b1
Merge pull request #143 
e06a924 Include time.h header for time(). (Pavel Janík)
 2014-12-08 23:03:31 +01:00
Pavel Janík
e06a9244bf Include time.h header for time(). 2014-12-08 20:48:58 +01:00
Gregory Maxwell
8d11164bc0 Add some additional tests. 2014-12-08 09:13:35 -08:00
Pieter Wuille
3545627acb
Merge pull request #118 
3ce74b1 Tweak precomputed table size for G (Pieter Wuille)
 2014-12-07 14:37:12 +01:00
Pieter Wuille
6a9901e15b
Merge pull request #137 
39bd94d Variable time normalize (Pieter Wuille)
 2014-12-07 14:35:23 +01:00
Pieter Wuille
376b28b096
Merge pull request #128 
b2c9681 Make {mul,sqr}_inner use the same argument order as {mul,sqr} (Pieter Wuille)
6793505 Convert YASM code into inline assembly (Pieter Wuille)
f048615 Rewrite field assembly to match the C version (Pieter Wuille)
 2014-12-07 14:34:20 +01:00
Pieter Wuille
17288069fb
Merge pull request #138 
a5759c5 Check return value of malloc (Pieter Wuille)
2b9388b Remove unused secp256k1_fe_inv_all (Pieter Wuille)
f461b76 Allocate precomputation arrays on the heap (Pieter Wuille)
 2014-12-07 13:19:21 +01:00
Pieter Wuille
a5759c572e Check return value of malloc 2014-12-07 02:58:24 +01:00
Pieter Wuille
39bd94d86d Variable time normalize 2014-12-06 18:18:28 +01:00
Pieter Wuille
ad86bdf1f2
Merge pull request #140 
54b768c Another redundant secp256k1_fe_normalize (Pieter Wuille)
 2014-12-06 18:18:06 +01:00
Pieter Wuille
54b768c6da Another redundant secp256k1_fe_normalize 2014-12-06 17:30:08 +01:00
Pieter Wuille
69dcaab08d
Merge pull request #139 
1c29f2e Remove redundant secp256k1_fe_normalize from secp256k1_gej_add_ge_var. (Gregory Maxwell)
 2014-12-06 17:27:33 +01:00
Gregory Maxwell
1c29f2eb49 Remove redundant secp256k1_fe_normalize from secp256k1_gej_add_ge_var. 
This was a missed optimization in the extraction of gej+ge from gej+gej.
 2014-12-06 05:09:57 -08:00
Pieter Wuille
2b9388b647 Remove unused secp256k1_fe_inv_all 2014-12-05 18:13:51 +01:00
Pieter Wuille
f461b76925 Allocate precomputation arrays on the heap 2014-12-05 18:13:28 +01:00
Pieter Wuille
b0210a95da
Merge pull request #135 
ee3eb4b Fix a memory leak and add a number of small tests. (Gregory Maxwell)
 2014-12-04 19:16:09 +01:00
Gregory Maxwell
ee3eb4be9e Fix a memory leak and add a number of small tests. 
This fixes a simple copy and paste induced memory leak for the ecdsa init.

The tests are mostly just improving coverage and aren't interesting.
 2014-12-04 07:17:08 -08:00
Pieter Wuille
b2c9681c6f Make {mul,sqr}_inner use the same argument order as {mul,sqr} 2014-12-04 13:54:36 +01:00
Pieter Wuille
67935050e1 Convert YASM code into inline assembly 2014-12-04 13:54:01 +01:00
Pieter Wuille
f048615970 Rewrite field assembly to match the C version 2014-12-04 13:46:09 +01:00
Pieter Wuille
4d879a3a66
Merge pull request #134 
29ae131 Make scalar_add_bit test's overflow detection exact (Pieter Wuille)
 2014-12-04 12:21:06 +01:00
Pieter Wuille
d5e8362ae5
Merge pull request #127 
c35ff1e Convert lambda splitter to pure scalar code. (Pieter Wuille)
cc604e9 Avoid division when decomposing scalars (Peter Dettman)
ff8746d Add secp256k1_scalar_mul_shift_var (Pieter Wuille)
 2014-12-03 21:22:57 +01:00
Pieter Wuille
7b92cf66c7
Merge pull request #132 
efb7d4b Use constant-time conditional moves instead of byte slicing (Pieter Wuille)
 2014-12-03 21:21:42 +01:00
Pieter Wuille
0bf70a5d6c
Merge pull request #133 
9048def Avoid undefined shift behaviour (Pieter Wuille)
 2014-12-03 21:20:26 +01:00
Pieter Wuille
29ae1310ce Make scalar_add_bit test's overflow detection exact 2014-12-03 18:54:01 +01:00
Pieter Wuille
9048def7c7 Avoid undefined shift behaviour 2014-12-03 18:10:52 +01:00
Pieter Wuille
efb7d4b299 Use constant-time conditional moves instead of byte slicing 2014-12-03 02:41:55 +01:00
Pieter Wuille
d220062ac2
Merge pull request #131 
82f9254 Fix typo (Pieter Wuille)
 2014-12-02 18:36:55 +01:00
Pieter Wuille
82f9254cc0 Fix typo 2014-12-02 18:35:33 +01:00
Pieter Wuille
601ca04f9a
Merge pull request #129 
35399e0 Bugfix: b is restricted, not r (Pieter Wuille)
 2014-12-02 17:52:43 +01:00
Pieter Wuille
35399e08c4 Bugfix: b is restricted, not r 2014-12-02 17:43:42 +01:00
Pieter Wuille
c35ff1ea44 Convert lambda splitter to pure scalar code. 
This enables the use of the endomorphism optimization without bignum.
 2014-12-02 16:50:00 +01:00
Peter Dettman
cc604e9842 Avoid division when decomposing scalars 
- In secp256k1_gej_split_exp, there are two divisions used. Since the denominator is a constant known at compile-time, each can be replaced by a multiplication followed by a right-shift (and rounding).
- Add the constants g1, g2 for this purpose and rewrite secp256k1_scalar_split_lambda_var accordingly.
- Remove secp256k1_num_div since no longer used

Rebased-by: Pieter Wuille
 2014-12-02 16:50:00 +01:00
Pieter Wuille
ff8746d457 Add secp256k1_scalar_mul_shift_var 2014-12-02 16:50:00 +01:00
Pieter Wuille
bd313f7d6e
Merge pull request #119 
597128d Make num optional (Pieter Wuille)
659b554 Make constant initializers independent from num (Pieter Wuille)
 2014-12-02 16:42:50 +01:00
Pieter Wuille
276f987d70
Merge pull request #124 
4d4eeea Make secp256k1_fe_mul_inner use the r != property (Pieter Wuille)
be82e92 Require that r and b are different for field multiplication. (Pieter Wuille)
 2014-12-02 16:39:20 +01:00
Pieter Wuille
25d125ec26
Merge pull request #126 
24b3c65 Add a test case for ECDSA recomputing infinity (Pieter Wuille)
32600e5 Add a test for r >= order signature handling (Pieter Wuille)
 2014-12-01 22:41:54 +01:00
Pieter Wuille
24b3c65e0d Add a test case for ECDSA recomputing infinity 2014-12-01 14:45:05 +01:00
Pieter Wuille
32600e5086 Add a test for r >= order signature handling 
Suggested by Greg Maxwell.
 2014-12-01 14:23:09 +01:00
Pieter Wuille
4d4eeea4ac Make secp256k1_fe_mul_inner use the r != property 
Suggested by Peter Dettman.
 2014-12-01 13:40:36 +01:00
Pieter Wuille
be82e92fc4 Require that r and b are different for field multiplication. 
Suggested by Peter Dettman, this prepares for slightly faster muitiplication
which writes results immediately to r before finishing reading b.
 2014-12-01 13:40:34 +01:00
Pieter Wuille
597128d389 Make num optional 2014-12-01 12:38:38 +01:00
Pieter Wuille
659b554d7b Make constant initializers independent from num 2014-12-01 12:38:38 +01:00
Pieter Wuille
0af5b47133
Merge pull request #120 
e3d692f Explain why no y=0 check is necessary for doubling (Pieter Wuille)
f7dc1c6 Optimize doubling: secp256k1 has no y=0 point (Pieter Wuille)
 2014-12-01 12:38:13 +01:00