frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,317 Commits 14 Branches 0 Tags
Commit Graph

35 Commits

Author SHA1 Message Date
Gregory Maxwell
ae9e648526 Define SECP256K1_BUILD in secp256k1.c directly. 
This avoids building without it and makes it safer to use a custom
 building environment.  Test harnesses need to #include secp256k1.c
 first now.
 2021-05-01 19:27:27 +00:00
Pieter Wuille
24ad04fc06 Make scalar_inverse{,_var} benchmark scale with SECP256K1_BENCH_ITERS 2021-03-15 13:01:56 -07:00
Pieter Wuille
1f233b3fa0 Remove num/gmp support 
The whole "num" API and its libgmp-based implementation are now unused. Remove them.
 2021-03-15 13:01:52 -07:00
Pieter Wuille
20448b8d09 Remove unused Jacobi symbol support 
No exposed functions rely on Jacobi symbol computation anymore. Remove it; it can always
be brough back later if needed.
 2021-03-12 10:06:18 -08:00
Pieter Wuille
5437e7bdfb Remove unused scalar_sqr 2021-03-12 10:06:18 -08:00
Dimitris Apostolou
07aa4c70ff
Fix insecure links 2020-12-18 00:24:22 +02:00
Pieter Wuille
4232e5b7da Rip out non-endomorphism code 2020-10-13 11:31:13 -07:00
Pieter Wuille
cb5524adc5 Add benchmark for secp256k1_ge_set_gej_var 2020-09-09 18:40:23 -07:00
Pieter Wuille
5c6af60ec5 Make jacobi benchmarks vary inputs 
Also make the num_jacobi benchmark use the scalar order as modulus,
instead of a random number.
 2020-09-09 18:40:16 -07:00
Pieter Wuille
d0fdd5f009 Randomize the Z coordinates in bench_internal 
Also increase the number of fe inputs.
 2020-09-09 18:30:05 -07:00
Pieter Wuille
c7a3424c5f Rename bench_internal variables 
The _x and _y suffices are confusing; they don't actually correspond
to X and Y coordinates. Instead replace them with arrays.
 2020-09-09 18:30:05 -07:00
Pieter Wuille
7c068998ba Compile-time check assumptions on integer types 2020-08-14 16:12:49 -07:00
Elichai Turkel
ca4906b02e
Pass num of iters to benchmarks as variable, and define envvar 2020-03-13 11:48:01 +02:00
Elichai Turkel
362bb25608
Modified bench_scalar_split so it won't get optimized out 2019-10-28 16:50:09 +02:00
Elichai Turkel
73a30c6b58
Added accumulators and checks on benchmarks so they won't get optimized out 2019-10-28 16:50:07 +02:00
Tim Ruffing
8979ec0d9a Pass scalar by reference in secp256k1_wnaf_const() 
After this change, no struct or union is passed by value in the
entire codebase. This makes it easier to compile the library with
CompCert.
 2019-05-14 11:43:54 +02:00
Gregory Maxwell
b76e45d5d6 Make bench_internal obey secp256k1_fe_sqrt's contract wrt aliasing. 
Bench_internal was previously incorrect but wasn't detected by
 -DVERIFY until PR #551.
 2019-02-21 05:58:33 +00:00
Andrew Poelstra
7c1b91ba4b parameterize ecmult_const over input size 2018-04-05 21:05:13 +00:00
Jonas Nick
a58f543f5a Add flags for choosing algorithm in ecmult_multi benchmark 2017-12-07 20:13:04 +00:00
Pieter Wuille
d1dc9dfc0a Get rid of reserved _t in type names 2017-09-27 15:03:20 -07:00
Pieter Wuille
926836ad36 Make secp256k1_fe_sqrt constant time 2016-07-09 14:23:44 +02:00
Pieter Wuille
e6e9805fc4 Add function for testing quadratic residue field/group elements. 2016-07-04 13:55:04 +02:00
Peter Dettman
efd953a7a7 Add Jacobi symbol test via GMP 
Also add native Jacobi symbol test (Andrew)

Rebased-by: Andrew Poelstra
Rebased-by: Pieter Wuille
 2016-07-04 13:16:35 +02:00
Pieter Wuille
dd891e0ed5 Get rid of _t as it is POSIX reserved 2015-09-21 21:03:37 +02:00
Gregory Maxwell
912f203fc5 Eliminate a few unbraced statements that crept into the code. 
Also avoids some easily avoided multiple-returns.
 2015-09-21 17:21:35 +00:00
Pieter Wuille
2f77487012 Add context building benchmarks 2015-08-27 01:14:28 +02:00
Andrew Poelstra
92e53fc4c8 Implement endomorphism optimization for secp256k1_ecmult_const 2015-08-01 10:57:36 -05:00
Andrew Poelstra
ed35d43a0c Make secp256k1_scalar_add_bit conditional; make secp256k1_scalar_split_lambda_var constant time 
This has the effect of making `secp256k1_scalar_mul_shift_var` constant
time in both input scalars. Keep the _var name because it is NOT constant
time in the shift amount.

As used in `secp256k1_scalar_split_lambda_var`, the shift is always
the constant 272, so this function becomes constant time, and it
loses the `_var` suffix.
 2015-08-01 10:57:36 -05:00
Andrew Poelstra
91c0ce95ca Add benchmarks for ECDH and const-time multiplication 2015-08-01 10:57:36 -05:00
Pieter Wuille
3e6f1e20dc Change rfc6979 implementation to be a generic PRNG 2015-07-24 22:07:14 +02:00
Peter Dettman
55399c23f7 Further performance improvements to _ecmult_wnaf 
- Initialize 'wnaf' to zeroes using memset
- Add new 'len' arg to speed up smaller scalars (mostly for endo=yes)
 2015-07-13 22:46:42 +10:00
Peter Dettman
2d5a186cee Apply effective-affine trick to precomp 2015-04-30 09:25:44 -07:00
Peter Dettman
4f9791abba Effective affine addition in EC multiplication 
* Make secp256k1_gej_add_var and secp256k1_gej_double return the
  Z ratio to go from a.z to r.z.
* Use these Z ratios to speed up batch point conversion to affine
  coordinates, and to speed up batch conversion of points to a
  common Z coordinate.
* Add a point addition function that takes a point with a known
  Z inverse.
* Due to secp256k1's endomorphism, all additions in the EC
  multiplication code can work on affine coordinate (with an
  implicit common Z coordinate), correcting the Z coordinate of
  the result afterwards.

Refactoring by Pieter Wuille:
* Move more global-z logic into the group code.
* Separate code for computing the odd multiples from the code to bring it
  to either storage or globalz format.
* Rename functions.
* Make all addition operations return Z ratios, and test them.
* Make the zr table format compatible with future batch chaining
  (the first entry in zr becomes the ratio between the input and the
  first output).

Original idea and code by Peter Dettman.
 2015-04-30 09:23:21 -07:00
Pieter Wuille
1573a102c0 Add ability to pass extra entropy to rfc6979 
Suggested by Greg Maxwell.
 2015-03-23 05:39:56 -07:00
Pieter Wuille
039723d5da Benchmarks for all internal operations 2015-02-02 20:02:39 -08:00