github.com/kisexp/xdchain@v0.0.0-20211206025815-490d6b732aa7/crypto/secp256k1/libsecp256k1/src/scalar_low_impl.h (about) 1 /********************************************************************** 2 * Copyright (c) 2015 Andrew Poelstra * 3 * Distributed under the MIT software license, see the accompanying * 4 * file COPYING or http://www.opensource.org/licenses/mit-license.php.* 5 **********************************************************************/ 6 7 #ifndef _SECP256K1_SCALAR_REPR_IMPL_H_ 8 #define _SECP256K1_SCALAR_REPR_IMPL_H_ 9 10 #include "scalar.h" 11 12 #include <string.h> 13 14 SECP256K1_INLINE static int secp256k1_scalar_is_even(const secp256k1_scalar *a) { 15 return !(*a & 1); 16 } 17 18 SECP256K1_INLINE static void secp256k1_scalar_clear(secp256k1_scalar *r) { *r = 0; } 19 SECP256K1_INLINE static void secp256k1_scalar_set_int(secp256k1_scalar *r, unsigned int v) { *r = v; } 20 21 SECP256K1_INLINE static unsigned int secp256k1_scalar_get_bits(const secp256k1_scalar *a, unsigned int offset, unsigned int count) { 22 if (offset < 32) 23 return ((*a >> offset) & ((((uint32_t)1) << count) - 1)); 24 else 25 return 0; 26 } 27 28 SECP256K1_INLINE static unsigned int secp256k1_scalar_get_bits_var(const secp256k1_scalar *a, unsigned int offset, unsigned int count) { 29 return secp256k1_scalar_get_bits(a, offset, count); 30 } 31 32 SECP256K1_INLINE static int secp256k1_scalar_check_overflow(const secp256k1_scalar *a) { return *a >= EXHAUSTIVE_TEST_ORDER; } 33 34 static int secp256k1_scalar_add(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b) { 35 *r = (*a + *b) % EXHAUSTIVE_TEST_ORDER; 36 return *r < *b; 37 } 38 39 static void secp256k1_scalar_cadd_bit(secp256k1_scalar *r, unsigned int bit, int flag) { 40 if (flag && bit < 32) 41 *r += (1 << bit); 42 #ifdef VERIFY 43 VERIFY_CHECK(secp256k1_scalar_check_overflow(r) == 0); 44 #endif 45 } 46 47 static void secp256k1_scalar_set_b32(secp256k1_scalar *r, const unsigned char *b32, int *overflow) { 48 const int base = 0x100 % EXHAUSTIVE_TEST_ORDER; 49 int i; 50 *r = 0; 51 for (i = 0; i < 32; i++) { 52 *r = ((*r * base) + b32[i]) % EXHAUSTIVE_TEST_ORDER; 53 } 54 /* just deny overflow, it basically always happens */ 55 if (overflow) *overflow = 0; 56 } 57 58 static void secp256k1_scalar_get_b32(unsigned char *bin, const secp256k1_scalar* a) { 59 memset(bin, 0, 32); 60 bin[28] = *a >> 24; bin[29] = *a >> 16; bin[30] = *a >> 8; bin[31] = *a; 61 } 62 63 SECP256K1_INLINE static int secp256k1_scalar_is_zero(const secp256k1_scalar *a) { 64 return *a == 0; 65 } 66 67 static void secp256k1_scalar_negate(secp256k1_scalar *r, const secp256k1_scalar *a) { 68 if (*a == 0) { 69 *r = 0; 70 } else { 71 *r = EXHAUSTIVE_TEST_ORDER - *a; 72 } 73 } 74 75 SECP256K1_INLINE static int secp256k1_scalar_is_one(const secp256k1_scalar *a) { 76 return *a == 1; 77 } 78 79 static int secp256k1_scalar_is_high(const secp256k1_scalar *a) { 80 return *a > EXHAUSTIVE_TEST_ORDER / 2; 81 } 82 83 static int secp256k1_scalar_cond_negate(secp256k1_scalar *r, int flag) { 84 if (flag) secp256k1_scalar_negate(r, r); 85 return flag ? -1 : 1; 86 } 87 88 static void secp256k1_scalar_mul(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b) { 89 *r = (*a * *b) % EXHAUSTIVE_TEST_ORDER; 90 } 91 92 static int secp256k1_scalar_shr_int(secp256k1_scalar *r, int n) { 93 int ret; 94 VERIFY_CHECK(n > 0); 95 VERIFY_CHECK(n < 16); 96 ret = *r & ((1 << n) - 1); 97 *r >>= n; 98 return ret; 99 } 100 101 static void secp256k1_scalar_sqr(secp256k1_scalar *r, const secp256k1_scalar *a) { 102 *r = (*a * *a) % EXHAUSTIVE_TEST_ORDER; 103 } 104 105 static void secp256k1_scalar_split_128(secp256k1_scalar *r1, secp256k1_scalar *r2, const secp256k1_scalar *a) { 106 *r1 = *a; 107 *r2 = 0; 108 } 109 110 SECP256K1_INLINE static int secp256k1_scalar_eq(const secp256k1_scalar *a, const secp256k1_scalar *b) { 111 return *a == *b; 112 } 113 114 #endif