github.com/ethereumproject/go-ethereum@v5.5.2+incompatible/crypto/secp256k1/libsecp256k1/src/scalar.h

github.com/ethereumproject/go-ethereum@v5.5.2+incompatible/crypto/secp256k1/libsecp256k1/src/scalar.h (about)

     1  /**********************************************************************
     2   * Copyright (c) 2014 Pieter Wuille                                   *
     3   * Distributed under the MIT software license, see the accompanying   *
     4   * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
     5   **********************************************************************/
     6  
     7  #ifndef _SECP256K1_SCALAR_
     8  #define _SECP256K1_SCALAR_
     9  
    10  #include "num.h"
    11  
    12  #if defined HAVE_CONFIG_H
    13  #include "libsecp256k1-config.h"
    14  #endif
    15  
    16  #if defined(USE_SCALAR_4X64)
    17  #include "scalar_4x64.h"
    18  #elif defined(USE_SCALAR_8X32)
    19  #include "scalar_8x32.h"
    20  #else
    21  #error "Please select scalar implementation"
    22  #endif
    23  
    24  /** Clear a scalar to prevent the leak of sensitive data. */
    25  static void secp256k1_scalar_clear(secp256k1_scalar *r);
    26  
    27  /** Access bits from a scalar. All requested bits must belong to the same 32-bit limb. */
    28  static unsigned int secp256k1_scalar_get_bits(const secp256k1_scalar *a, unsigned int offset, unsigned int count);
    29  
    30  /** Access bits from a scalar. Not constant time. */
    31  static unsigned int secp256k1_scalar_get_bits_var(const secp256k1_scalar *a, unsigned int offset, unsigned int count);
    32  
    33  /** Set a scalar from a big endian byte array. */
    34  static void secp256k1_scalar_set_b32(secp256k1_scalar *r, const unsigned char *bin, int *overflow);
    35  
    36  /** Set a scalar to an unsigned integer. */
    37  static void secp256k1_scalar_set_int(secp256k1_scalar *r, unsigned int v);
    38  
    39  /** Convert a scalar to a byte array. */
    40  static void secp256k1_scalar_get_b32(unsigned char *bin, const secp256k1_scalar* a);
    41  
    42  /** Add two scalars together (modulo the group order). Returns whether it overflowed. */
    43  static int secp256k1_scalar_add(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b);
    44  
    45  /** Conditionally add a power of two to a scalar. The result is not allowed to overflow. */
    46  static void secp256k1_scalar_cadd_bit(secp256k1_scalar *r, unsigned int bit, int flag);
    47  
    48  /** Multiply two scalars (modulo the group order). */
    49  static void secp256k1_scalar_mul(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b);
    50  
    51  /** Shift a scalar right by some amount strictly between 0 and 16, returning
    52   *  the low bits that were shifted off */
    53  static int secp256k1_scalar_shr_int(secp256k1_scalar *r, int n);
    54  
    55  /** Compute the square of a scalar (modulo the group order). */
    56  static void secp256k1_scalar_sqr(secp256k1_scalar *r, const secp256k1_scalar *a);
    57  
    58  /** Compute the inverse of a scalar (modulo the group order). */
    59  static void secp256k1_scalar_inverse(secp256k1_scalar *r, const secp256k1_scalar *a);
    60  
    61  /** Compute the inverse of a scalar (modulo the group order), without constant-time guarantee. */
    62  static void secp256k1_scalar_inverse_var(secp256k1_scalar *r, const secp256k1_scalar *a);
    63  
    64  /** Compute the complement of a scalar (modulo the group order). */
    65  static void secp256k1_scalar_negate(secp256k1_scalar *r, const secp256k1_scalar *a);
    66  
    67  /** Check whether a scalar equals zero. */
    68  static int secp256k1_scalar_is_zero(const secp256k1_scalar *a);
    69  
    70  /** Check whether a scalar equals one. */
    71  static int secp256k1_scalar_is_one(const secp256k1_scalar *a);
    72  
    73  /** Check whether a scalar, considered as an nonnegative integer, is even. */
    74  static int secp256k1_scalar_is_even(const secp256k1_scalar *a);
    75  
    76  /** Check whether a scalar is higher than the group order divided by 2. */
    77  static int secp256k1_scalar_is_high(const secp256k1_scalar *a);
    78  
    79  /** Conditionally negate a number, in constant time.
    80   * Returns -1 if the number was negated, 1 otherwise */
    81  static int secp256k1_scalar_cond_negate(secp256k1_scalar *a, int flag);
    82  
    83  #ifndef USE_NUM_NONE
    84  /** Convert a scalar to a number. */
    85  static void secp256k1_scalar_get_num(secp256k1_num *r, const secp256k1_scalar *a);
    86  
    87  /** Get the order of the group as a number. */
    88  static void secp256k1_scalar_order_get_num(secp256k1_num *r);
    89  #endif
    90  
    91  /** Compare two scalars. */
    92  static int secp256k1_scalar_eq(const secp256k1_scalar *a, const secp256k1_scalar *b);
    93  
    94  #ifdef USE_ENDOMORPHISM
    95  /** Find r1 and r2 such that r1+r2*2^128 = a. */
    96  static void secp256k1_scalar_split_128(secp256k1_scalar *r1, secp256k1_scalar *r2, const secp256k1_scalar *a);
    97  /** Find r1 and r2 such that r1+r2*lambda = a, and r1 and r2 are maximum 128 bits long (see secp256k1_gej_mul_lambda). */
    98  static void secp256k1_scalar_split_lambda(secp256k1_scalar *r1, secp256k1_scalar *r2, const secp256k1_scalar *a);
    99  #endif
   100  
   101  /** Multiply a and b (without taking the modulus!), divide by 2**shift, and round to the nearest integer. Shift must be at least 256. */
   102  static void secp256k1_scalar_mul_shift_var(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b, unsigned int shift);
   103  
   104  #endif