github.com/ethereumproject/go-ethereum@v5.5.2+incompatible/crypto/secp256k1/pubkey_scalar_mul.h

github.com/ethereumproject/go-ethereum@v5.5.2+incompatible/crypto/secp256k1/pubkey_scalar_mul.h (about)

     1  // Copyright 2015 The go-ethereum Authors
     2  // This file is part of the go-ethereum library.
     3  //
     4  // The go-ethereum library is free software: you can redistribute it and/or modify
     5  // it under the terms of the GNU Lesser General Public License as published by
     6  // the Free Software Foundation, either version 3 of the License, or
     7  // (at your option) any later version.
     8  //
     9  // The go-ethereum library is distributed in the hope that it will be useful,
    10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    12  // GNU Lesser General Public License for more details.
    13  //
    14  // You should have received a copy of the GNU Lesser General Public License
    15  // along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
    16  
    17  /** Multiply point by scalar in constant time.
    18   *  Returns: 1: multiplication was successful
    19   *           0: scalar was invalid (zero or overflow)
    20   *  Args:    ctx:      pointer to a context object (cannot be NULL)
    21   *  Out:     point:    the multiplied point (usually secret)
    22   *  In:      point:    pointer to a 64-byte bytepublic point,
    23                         encoded as two 256bit big-endian numbers.
    24   *           scalar:   a 32-byte scalar with which to multiply the point
    25   */
    26  int secp256k1_pubkey_scalar_mul(const secp256k1_context* ctx, unsigned char *point, const unsigned char *scalar) {
    27      int ret = 0;
    28      int overflow = 0;
    29      secp256k1_fe feX, feY;
    30      secp256k1_gej res;
    31      secp256k1_ge ge;
    32      secp256k1_scalar s;
    33      ARG_CHECK(point != NULL);
    34      ARG_CHECK(scalar != NULL);
    35      (void)ctx;
    36  
    37      secp256k1_fe_set_b32(&feX, point);
    38      secp256k1_fe_set_b32(&feY, point+32);
    39      secp256k1_ge_set_xy(&ge, &feX, &feY);
    40      secp256k1_scalar_set_b32(&s, scalar, &overflow);
    41      if (overflow || secp256k1_scalar_is_zero(&s)) {
    42          ret = 0;
    43      } else {
    44          secp256k1_ecmult_const(&res, &ge, &s);
    45          secp256k1_ge_set_gej(&ge, &res);
    46          /* Note: can't use secp256k1_pubkey_save here because it is not constant time. */
    47          secp256k1_fe_normalize(&ge.x);
    48          secp256k1_fe_normalize(&ge.y);
    49          secp256k1_fe_get_b32(point, &ge.x);
    50          secp256k1_fe_get_b32(point+32, &ge.y);
    51          ret = 1;
    52      }
    53      secp256k1_scalar_clear(&s);
    54      return ret;
    55  }
    56