mirror of
https://github.com/seigler/dash-docs
synced 2025-07-27 17:56:16 +00:00
148 lines
60 KiB
HTML
148 lines
60 KiB
HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
|
|
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
|
|
<meta name="generator" content="Doxygen 1.8.14"/>
|
|
<meta name="viewport" content="width=device-width, initial-scale=1"/>
|
|
<title>Dash Core: src/secp256k1/src/ecmult_const_impl.h Source File</title>
|
|
<link href="tabs.css" rel="stylesheet" type="text/css"/>
|
|
<script type="text/javascript" src="jquery.js"></script>
|
|
<script type="text/javascript" src="dynsections.js"></script>
|
|
<link href="navtree.css" rel="stylesheet" type="text/css"/>
|
|
<script type="text/javascript" src="resize.js"></script>
|
|
<script type="text/javascript" src="navtreedata.js"></script>
|
|
<script type="text/javascript" src="navtree.js"></script>
|
|
<script type="text/javascript">
|
|
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&dn=gpl-2.0.txt GPL-v2 */
|
|
$(document).ready(initResizable);
|
|
/* @license-end */</script>
|
|
<link href="search/search.css" rel="stylesheet" type="text/css"/>
|
|
<script type="text/javascript" src="search/searchdata.js"></script>
|
|
<script type="text/javascript" src="search/search.js"></script>
|
|
<link href="doxygen.css" rel="stylesheet" type="text/css" />
|
|
</head>
|
|
<body>
|
|
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
|
|
<div id="titlearea">
|
|
<table cellspacing="0" cellpadding="0">
|
|
<tbody>
|
|
<tr style="height: 56px;">
|
|
<td id="projectlogo"><img alt="Logo" src="bitcoin_logo_doxygen.png"/></td>
|
|
<td id="projectalign" style="padding-left: 0.5em;">
|
|
<div id="projectname">Dash Core
|
|
 <span id="projectnumber">0.12.2.1</span>
|
|
</div>
|
|
<div id="projectbrief">P2P Digital Currency</div>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
<!-- end header part -->
|
|
<!-- Generated by Doxygen 1.8.14 -->
|
|
<script type="text/javascript">
|
|
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&dn=gpl-2.0.txt GPL-v2 */
|
|
var searchBox = new SearchBox("searchBox", "search",false,'Search');
|
|
/* @license-end */
|
|
</script>
|
|
<script type="text/javascript" src="menudata.js"></script>
|
|
<script type="text/javascript" src="menu.js"></script>
|
|
<script type="text/javascript">
|
|
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&dn=gpl-2.0.txt GPL-v2 */
|
|
$(function() {
|
|
initMenu('',true,false,'search.php','Search');
|
|
$(document).ready(function() { init_search(); });
|
|
});
|
|
/* @license-end */</script>
|
|
<div id="main-nav"></div>
|
|
</div><!-- top -->
|
|
<div id="side-nav" class="ui-resizable side-nav-resizable">
|
|
<div id="nav-tree">
|
|
<div id="nav-tree-contents">
|
|
<div id="nav-sync" class="sync"></div>
|
|
</div>
|
|
</div>
|
|
<div id="splitbar" style="-moz-user-select:none;"
|
|
class="ui-resizable-handle">
|
|
</div>
|
|
</div>
|
|
<script type="text/javascript">
|
|
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&dn=gpl-2.0.txt GPL-v2 */
|
|
$(document).ready(function(){initNavTree('ecmult__const__impl_8h_source.html','');});
|
|
/* @license-end */
|
|
</script>
|
|
<div id="doc-content">
|
|
<!-- window showing the filter options -->
|
|
<div id="MSearchSelectWindow"
|
|
onmouseover="return searchBox.OnSearchSelectShow()"
|
|
onmouseout="return searchBox.OnSearchSelectHide()"
|
|
onkeydown="return searchBox.OnSearchSelectKey(event)">
|
|
</div>
|
|
|
|
<!-- iframe showing the search results (closed by default) -->
|
|
<div id="MSearchResultsWindow">
|
|
<iframe src="javascript:void(0)" frameborder="0"
|
|
name="MSearchResults" id="MSearchResults">
|
|
</iframe>
|
|
</div>
|
|
|
|
<div class="header">
|
|
<div class="headertitle">
|
|
<div class="title">ecmult_const_impl.h</div> </div>
|
|
</div><!--header-->
|
|
<div class="contents">
|
|
<a href="ecmult__const__impl_8h.html">Go to the documentation of this file.</a><div class="fragment"><div class="line"><a name="l00001"></a><span class="lineno"> 1</span> <span class="comment">/**********************************************************************</span></div><div class="line"><a name="l00002"></a><span class="lineno"> 2</span> <span class="comment"> * Copyright (c) 2015 Pieter Wuille, Andrew Poelstra *</span></div><div class="line"><a name="l00003"></a><span class="lineno"> 3</span> <span class="comment"> * Distributed under the MIT software license, see the accompanying *</span></div><div class="line"><a name="l00004"></a><span class="lineno"> 4</span> <span class="comment"> * file COPYING or http://www.opensource.org/licenses/mit-license.php.*</span></div><div class="line"><a name="l00005"></a><span class="lineno"> 5</span> <span class="comment"> **********************************************************************/</span></div><div class="line"><a name="l00006"></a><span class="lineno"> 6</span> </div><div class="line"><a name="l00007"></a><span class="lineno"> 7</span> <span class="preprocessor">#ifndef _SECP256K1_ECMULT_CONST_IMPL_</span></div><div class="line"><a name="l00008"></a><span class="lineno"> 8</span> <span class="preprocessor">#define _SECP256K1_ECMULT_CONST_IMPL_</span></div><div class="line"><a name="l00009"></a><span class="lineno"> 9</span> </div><div class="line"><a name="l00010"></a><span class="lineno"> 10</span> <span class="preprocessor">#include "<a class="code" href="scalar_8h.html">scalar.h</a>"</span></div><div class="line"><a name="l00011"></a><span class="lineno"> 11</span> <span class="preprocessor">#include "<a class="code" href="group_8h.html">group.h</a>"</span></div><div class="line"><a name="l00012"></a><span class="lineno"> 12</span> <span class="preprocessor">#include "<a class="code" href="ecmult__const_8h.html">ecmult_const.h</a>"</span></div><div class="line"><a name="l00013"></a><span class="lineno"> 13</span> <span class="preprocessor">#include "<a class="code" href="ecmult__impl_8h.html">ecmult_impl.h</a>"</span></div><div class="line"><a name="l00014"></a><span class="lineno"> 14</span> </div><div class="line"><a name="l00015"></a><span class="lineno"> 15</span> <span class="preprocessor">#ifdef USE_ENDOMORPHISM</span></div><div class="line"><a name="l00016"></a><span class="lineno"> 16</span> <span class="preprocessor"> #define WNAF_BITS 128</span></div><div class="line"><a name="l00017"></a><span class="lineno"> 17</span> <span class="preprocessor">#else</span></div><div class="line"><a name="l00018"></a><span class="lineno"><a class="line" href="ecmult__const__impl_8h.html#a7ca5efdae3396a6261bcc836e4a32739"> 18</a></span> <span class="preprocessor"> #define WNAF_BITS 256</span></div><div class="line"><a name="l00019"></a><span class="lineno"> 19</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00020"></a><span class="lineno"><a class="line" href="ecmult__const__impl_8h.html#a23d9fb349265ae338b9977f7f7aab065"> 20</a></span> <span class="preprocessor">#define WNAF_SIZE(w) ((WNAF_BITS + (w) - 1) / (w))</span></div><div class="line"><a name="l00021"></a><span class="lineno"> 21</span> </div><div class="line"><a name="l00022"></a><span class="lineno"> 22</span> <span class="comment">/* This is like `ECMULT_TABLE_GET_GE` but is constant time */</span></div><div class="line"><a name="l00023"></a><span class="lineno"><a class="line" href="ecmult__const__impl_8h.html#a541e7c0e2d2f68e2b1b03729d93b4ca7"> 23</a></span> <span class="preprocessor">#define ECMULT_CONST_TABLE_GET_GE(r,pre,n,w) do { \</span></div><div class="line"><a name="l00024"></a><span class="lineno"> 24</span> <span class="preprocessor"> int m; \</span></div><div class="line"><a name="l00025"></a><span class="lineno"> 25</span> <span class="preprocessor"> int abs_n = (n) * (((n) > 0) * 2 - 1); \</span></div><div class="line"><a name="l00026"></a><span class="lineno"> 26</span> <span class="preprocessor"> int idx_n = abs_n / 2; \</span></div><div class="line"><a name="l00027"></a><span class="lineno"> 27</span> <span class="preprocessor"> secp256k1_fe neg_y; \</span></div><div class="line"><a name="l00028"></a><span class="lineno"> 28</span> <span class="preprocessor"> VERIFY_CHECK(((n) & 1) == 1); \</span></div><div class="line"><a name="l00029"></a><span class="lineno"> 29</span> <span class="preprocessor"> VERIFY_CHECK((n) >= -((1 << ((w)-1)) - 1)); \</span></div><div class="line"><a name="l00030"></a><span class="lineno"> 30</span> <span class="preprocessor"> VERIFY_CHECK((n) <= ((1 << ((w)-1)) - 1)); \</span></div><div class="line"><a name="l00031"></a><span class="lineno"> 31</span> <span class="preprocessor"> VERIFY_SETUP(secp256k1_fe_clear(&(r)->x)); \</span></div><div class="line"><a name="l00032"></a><span class="lineno"> 32</span> <span class="preprocessor"> VERIFY_SETUP(secp256k1_fe_clear(&(r)->y)); \</span></div><div class="line"><a name="l00033"></a><span class="lineno"> 33</span> <span class="preprocessor"> for (m = 0; m < ECMULT_TABLE_SIZE(w); m++) { \</span></div><div class="line"><a name="l00034"></a><span class="lineno"> 34</span> <span class="preprocessor"> </span><span class="comment">/* This loop is used to avoid secret data in array indices. See</span></div><div class="line"><a name="l00035"></a><span class="lineno"> 35</span> <span class="comment"> * the comment in ecmult_gen_impl.h for rationale. */</span><span class="preprocessor"> \</span></div><div class="line"><a name="l00036"></a><span class="lineno"> 36</span> <span class="preprocessor"> secp256k1_fe_cmov(&(r)->x, &(pre)[m].x, m == idx_n); \</span></div><div class="line"><a name="l00037"></a><span class="lineno"> 37</span> <span class="preprocessor"> secp256k1_fe_cmov(&(r)->y, &(pre)[m].y, m == idx_n); \</span></div><div class="line"><a name="l00038"></a><span class="lineno"> 38</span> <span class="preprocessor"> } \</span></div><div class="line"><a name="l00039"></a><span class="lineno"> 39</span> <span class="preprocessor"> (r)->infinity = 0; \</span></div><div class="line"><a name="l00040"></a><span class="lineno"> 40</span> <span class="preprocessor"> secp256k1_fe_negate(&neg_y, &(r)->y, 1); \</span></div><div class="line"><a name="l00041"></a><span class="lineno"> 41</span> <span class="preprocessor"> secp256k1_fe_cmov(&(r)->y, &neg_y, (n) != abs_n); \</span></div><div class="line"><a name="l00042"></a><span class="lineno"> 42</span> <span class="preprocessor">} while(0)</span></div><div class="line"><a name="l00043"></a><span class="lineno"> 43</span> </div><div class="line"><a name="l00044"></a><span class="lineno"> 44</span> </div><div class="line"><a name="l00057"></a><span class="lineno"><a class="line" href="ecmult__const__impl_8h.html#ac252ac4f8c905ddc178ce056bd45b8ec"> 57</a></span> <span class="keyword">static</span> <span class="keywordtype">int</span> <a class="code" href="ecmult__const__impl_8h.html#ac252ac4f8c905ddc178ce056bd45b8ec">secp256k1_wnaf_const</a>(<span class="keywordtype">int</span> *wnaf, <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> s, <span class="keywordtype">int</span> w) {</div><div class="line"><a name="l00058"></a><span class="lineno"> 58</span>  <span class="keywordtype">int</span> global_sign;</div><div class="line"><a name="l00059"></a><span class="lineno"> 59</span>  <span class="keywordtype">int</span> skew = 0;</div><div class="line"><a name="l00060"></a><span class="lineno"> 60</span>  <span class="keywordtype">int</span> word = 0;</div><div class="line"><a name="l00061"></a><span class="lineno"> 61</span>  <span class="comment">/* 1 2 3 */</span></div><div class="line"><a name="l00062"></a><span class="lineno"> 62</span>  <span class="keywordtype">int</span> u_last;</div><div class="line"><a name="l00063"></a><span class="lineno"> 63</span>  <span class="keywordtype">int</span> u;</div><div class="line"><a name="l00064"></a><span class="lineno"> 64</span> </div><div class="line"><a name="l00065"></a><span class="lineno"> 65</span> <span class="preprocessor">#ifdef USE_ENDOMORPHISM</span></div><div class="line"><a name="l00066"></a><span class="lineno"> 66</span>  <span class="keywordtype">int</span> flip;</div><div class="line"><a name="l00067"></a><span class="lineno"> 67</span>  <span class="keywordtype">int</span> bit;</div><div class="line"><a name="l00068"></a><span class="lineno"> 68</span>  <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> neg_s;</div><div class="line"><a name="l00069"></a><span class="lineno"> 69</span>  <span class="keywordtype">int</span> not_neg_one;</div><div class="line"><a name="l00070"></a><span class="lineno"> 70</span>  <span class="comment">/* If we are using the endomorphism, we cannot handle even numbers by negating</span></div><div class="line"><a name="l00071"></a><span class="lineno"> 71</span> <span class="comment"> * them, since we are working with 128-bit numbers whose negations would be 256</span></div><div class="line"><a name="l00072"></a><span class="lineno"> 72</span> <span class="comment"> * bits, eliminating the performance advantage. Instead we use a technique from</span></div><div class="line"><a name="l00073"></a><span class="lineno"> 73</span> <span class="comment"> * Section 4.2 of the Okeya/Tagaki paper, which is to add either 1 (for even)</span></div><div class="line"><a name="l00074"></a><span class="lineno"> 74</span> <span class="comment"> * or 2 (for odd) to the number we are encoding, then compensating after the</span></div><div class="line"><a name="l00075"></a><span class="lineno"> 75</span> <span class="comment"> * multiplication. */</span></div><div class="line"><a name="l00076"></a><span class="lineno"> 76</span>  <span class="comment">/* Negative 128-bit numbers will be negated, since otherwise they are 256-bit */</span></div><div class="line"><a name="l00077"></a><span class="lineno"> 77</span>  flip = <a class="code" href="scalar_8h.html#aab66620cbbe49bec3c7c02f4a1219c05">secp256k1_scalar_is_high</a>(&s);</div><div class="line"><a name="l00078"></a><span class="lineno"> 78</span>  <span class="comment">/* We add 1 to even numbers, 2 to odd ones, noting that negation flips parity */</span></div><div class="line"><a name="l00079"></a><span class="lineno"> 79</span>  bit = flip ^ (s.<a class="code" href="structsecp256k1__scalar.html#a4aba1d263d205acdd537ed9a995393cd">d</a>[0] & 1);</div><div class="line"><a name="l00080"></a><span class="lineno"> 80</span>  <span class="comment">/* We check for negative one, since adding 2 to it will cause an overflow */</span></div><div class="line"><a name="l00081"></a><span class="lineno"> 81</span>  <a class="code" href="scalar_8h.html#aa3f1c1d4536adf835ee256878c222968">secp256k1_scalar_negate</a>(&neg_s, &s);</div><div class="line"><a name="l00082"></a><span class="lineno"> 82</span>  not_neg_one = !<a class="code" href="scalar_8h.html#aa1118b3273d3c9d15541f29373b93e97">secp256k1_scalar_is_one</a>(&neg_s);</div><div class="line"><a name="l00083"></a><span class="lineno"> 83</span>  <a class="code" href="scalar_8h.html#ad6596a0249548deb678f0b630204254f">secp256k1_scalar_cadd_bit</a>(&s, bit, not_neg_one);</div><div class="line"><a name="l00084"></a><span class="lineno"> 84</span>  <span class="comment">/* If we had negative one, flip == 1, s.d[0] == 0, bit == 1, so caller expects</span></div><div class="line"><a name="l00085"></a><span class="lineno"> 85</span> <span class="comment"> * that we added two to it and flipped it. In fact for -1 these operations are</span></div><div class="line"><a name="l00086"></a><span class="lineno"> 86</span> <span class="comment"> * identical. We only flipped, but since skewing is required (in the sense that</span></div><div class="line"><a name="l00087"></a><span class="lineno"> 87</span> <span class="comment"> * the skew must be 1 or 2, never zero) and flipping is not, we need to change</span></div><div class="line"><a name="l00088"></a><span class="lineno"> 88</span> <span class="comment"> * our flags to claim that we only skewed. */</span></div><div class="line"><a name="l00089"></a><span class="lineno"> 89</span>  global_sign = <a class="code" href="scalar_8h.html#a520b78be2bca742daa8d5efa5c343291">secp256k1_scalar_cond_negate</a>(&s, flip);</div><div class="line"><a name="l00090"></a><span class="lineno"> 90</span>  global_sign *= not_neg_one * 2 - 1;</div><div class="line"><a name="l00091"></a><span class="lineno"> 91</span>  skew = 1 << bit;</div><div class="line"><a name="l00092"></a><span class="lineno"> 92</span> <span class="preprocessor">#else</span></div><div class="line"><a name="l00093"></a><span class="lineno"> 93</span>  <span class="comment">/* Otherwise, we just negate to force oddness */</span></div><div class="line"><a name="l00094"></a><span class="lineno"> 94</span>  <span class="keywordtype">int</span> is_even = <a class="code" href="scalar_8h.html#a3eb65cf9bfad7c430cbb3dc26d494a95">secp256k1_scalar_is_even</a>(&s);</div><div class="line"><a name="l00095"></a><span class="lineno"> 95</span>  global_sign = <a class="code" href="scalar_8h.html#a520b78be2bca742daa8d5efa5c343291">secp256k1_scalar_cond_negate</a>(&s, is_even);</div><div class="line"><a name="l00096"></a><span class="lineno"> 96</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00097"></a><span class="lineno"> 97</span> </div><div class="line"><a name="l00098"></a><span class="lineno"> 98</span>  <span class="comment">/* 4 */</span></div><div class="line"><a name="l00099"></a><span class="lineno"> 99</span>  u_last = <a class="code" href="scalar_8h.html#ae9fcdf1db22cb93c2a2f06b0a9c957d3">secp256k1_scalar_shr_int</a>(&s, w);</div><div class="line"><a name="l00100"></a><span class="lineno"> 100</span>  <span class="keywordflow">while</span> (word * w < <a class="code" href="ecmult__const__impl_8h.html#a7ca5efdae3396a6261bcc836e4a32739">WNAF_BITS</a>) {</div><div class="line"><a name="l00101"></a><span class="lineno"> 101</span>  <span class="keywordtype">int</span> sign;</div><div class="line"><a name="l00102"></a><span class="lineno"> 102</span>  <span class="keywordtype">int</span> even;</div><div class="line"><a name="l00103"></a><span class="lineno"> 103</span> </div><div class="line"><a name="l00104"></a><span class="lineno"> 104</span>  <span class="comment">/* 4.1 4.4 */</span></div><div class="line"><a name="l00105"></a><span class="lineno"> 105</span>  u = <a class="code" href="scalar_8h.html#ae9fcdf1db22cb93c2a2f06b0a9c957d3">secp256k1_scalar_shr_int</a>(&s, w);</div><div class="line"><a name="l00106"></a><span class="lineno"> 106</span>  <span class="comment">/* 4.2 */</span></div><div class="line"><a name="l00107"></a><span class="lineno"> 107</span>  even = ((u & 1) == 0);</div><div class="line"><a name="l00108"></a><span class="lineno"> 108</span>  sign = 2 * (u_last > 0) - 1;</div><div class="line"><a name="l00109"></a><span class="lineno"> 109</span>  u += sign * even;</div><div class="line"><a name="l00110"></a><span class="lineno"> 110</span>  u_last -= sign * even * (1 << w);</div><div class="line"><a name="l00111"></a><span class="lineno"> 111</span> </div><div class="line"><a name="l00112"></a><span class="lineno"> 112</span>  <span class="comment">/* 4.3, adapted for global sign change */</span></div><div class="line"><a name="l00113"></a><span class="lineno"> 113</span>  wnaf[word++] = u_last * global_sign;</div><div class="line"><a name="l00114"></a><span class="lineno"> 114</span> </div><div class="line"><a name="l00115"></a><span class="lineno"> 115</span>  u_last = u;</div><div class="line"><a name="l00116"></a><span class="lineno"> 116</span>  }</div><div class="line"><a name="l00117"></a><span class="lineno"> 117</span>  wnaf[word] = u * global_sign;</div><div class="line"><a name="l00118"></a><span class="lineno"> 118</span> </div><div class="line"><a name="l00119"></a><span class="lineno"> 119</span>  <a class="code" href="secp256k1_2src_2util_8h.html#aca8ac5ae73fd966db106de59160a178b">VERIFY_CHECK</a>(<a class="code" href="scalar_8h.html#a3f0ac84fe49a1c1f51212582a2c149d4">secp256k1_scalar_is_zero</a>(&s));</div><div class="line"><a name="l00120"></a><span class="lineno"> 120</span>  <a class="code" href="secp256k1_2src_2util_8h.html#aca8ac5ae73fd966db106de59160a178b">VERIFY_CHECK</a>(word == <a class="code" href="ecmult__const__impl_8h.html#a23d9fb349265ae338b9977f7f7aab065">WNAF_SIZE</a>(w));</div><div class="line"><a name="l00121"></a><span class="lineno"> 121</span>  <span class="keywordflow">return</span> skew;</div><div class="line"><a name="l00122"></a><span class="lineno"> 122</span> }</div><div class="line"><a name="l00123"></a><span class="lineno"> 123</span> </div><div class="line"><a name="l00124"></a><span class="lineno"> 124</span> </div><div class="line"><a name="l00125"></a><span class="lineno"><a class="line" href="ecmult__const__impl_8h.html#a89f4e02fa2a4630ae0c5e302457f7931"> 125</a></span> <span class="keyword">static</span> <span class="keywordtype">void</span> <a class="code" href="ecmult__const__impl_8h.html#a89f4e02fa2a4630ae0c5e302457f7931">secp256k1_ecmult_const</a>(<a class="code" href="structsecp256k1__gej.html">secp256k1_gej</a> *r, <span class="keyword">const</span> <a class="code" href="structsecp256k1__ge.html">secp256k1_ge</a> *a, <span class="keyword">const</span> <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *scalar) {</div><div class="line"><a name="l00126"></a><span class="lineno"> 126</span>  <a class="code" href="structsecp256k1__ge.html">secp256k1_ge</a> pre_a[<a class="code" href="ecmult__impl_8h.html#a97c6c6e5aa98f202eec77c4c931e02f1">ECMULT_TABLE_SIZE</a>(<a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a>)];</div><div class="line"><a name="l00127"></a><span class="lineno"> 127</span>  <a class="code" href="structsecp256k1__ge.html">secp256k1_ge</a> tmpa;</div><div class="line"><a name="l00128"></a><span class="lineno"> 128</span>  <a class="code" href="structsecp256k1__fe.html">secp256k1_fe</a> Z;</div><div class="line"><a name="l00129"></a><span class="lineno"> 129</span> </div><div class="line"><a name="l00130"></a><span class="lineno"> 130</span> <span class="preprocessor">#ifdef USE_ENDOMORPHISM</span></div><div class="line"><a name="l00131"></a><span class="lineno"> 131</span>  <a class="code" href="structsecp256k1__ge.html">secp256k1_ge</a> pre_a_lam[<a class="code" href="ecmult__impl_8h.html#a97c6c6e5aa98f202eec77c4c931e02f1">ECMULT_TABLE_SIZE</a>(<a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a>)];</div><div class="line"><a name="l00132"></a><span class="lineno"> 132</span>  <span class="keywordtype">int</span> wnaf_1[1 + <a class="code" href="ecmult__const__impl_8h.html#a23d9fb349265ae338b9977f7f7aab065">WNAF_SIZE</a>(<a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a> - 1)];</div><div class="line"><a name="l00133"></a><span class="lineno"> 133</span>  <span class="keywordtype">int</span> wnaf_lam[1 + <a class="code" href="ecmult__const__impl_8h.html#a23d9fb349265ae338b9977f7f7aab065">WNAF_SIZE</a>(<a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a> - 1)];</div><div class="line"><a name="l00134"></a><span class="lineno"> 134</span>  <span class="keywordtype">int</span> skew_1;</div><div class="line"><a name="l00135"></a><span class="lineno"> 135</span>  <span class="keywordtype">int</span> skew_lam;</div><div class="line"><a name="l00136"></a><span class="lineno"> 136</span>  <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> q_1, q_lam;</div><div class="line"><a name="l00137"></a><span class="lineno"> 137</span> <span class="preprocessor">#else</span></div><div class="line"><a name="l00138"></a><span class="lineno"> 138</span>  <span class="keywordtype">int</span> wnaf[1 + <a class="code" href="ecmult__const__impl_8h.html#a23d9fb349265ae338b9977f7f7aab065">WNAF_SIZE</a>(<a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a> - 1)];</div><div class="line"><a name="l00139"></a><span class="lineno"> 139</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00140"></a><span class="lineno"> 140</span> </div><div class="line"><a name="l00141"></a><span class="lineno"> 141</span>  <span class="keywordtype">int</span> i;</div><div class="line"><a name="l00142"></a><span class="lineno"> 142</span>  <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> sc = *scalar;</div><div class="line"><a name="l00143"></a><span class="lineno"> 143</span> </div><div class="line"><a name="l00144"></a><span class="lineno"> 144</span>  <span class="comment">/* build wnaf representation for q. */</span></div><div class="line"><a name="l00145"></a><span class="lineno"> 145</span> <span class="preprocessor">#ifdef USE_ENDOMORPHISM</span></div><div class="line"><a name="l00146"></a><span class="lineno"> 146</span>  <span class="comment">/* split q into q_1 and q_lam (where q = q_1 + q_lam*lambda, and q_1 and q_lam are ~128 bit) */</span></div><div class="line"><a name="l00147"></a><span class="lineno"> 147</span>  secp256k1_scalar_split_lambda(&q_1, &q_lam, &sc);</div><div class="line"><a name="l00148"></a><span class="lineno"> 148</span>  <span class="comment">/* no need for zero correction when using endomorphism since even</span></div><div class="line"><a name="l00149"></a><span class="lineno"> 149</span> <span class="comment"> * numbers have one added to them anyway */</span></div><div class="line"><a name="l00150"></a><span class="lineno"> 150</span>  skew_1 = <a class="code" href="ecmult__const__impl_8h.html#ac252ac4f8c905ddc178ce056bd45b8ec">secp256k1_wnaf_const</a>(wnaf_1, q_1, <a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a> - 1);</div><div class="line"><a name="l00151"></a><span class="lineno"> 151</span>  skew_lam = <a class="code" href="ecmult__const__impl_8h.html#ac252ac4f8c905ddc178ce056bd45b8ec">secp256k1_wnaf_const</a>(wnaf_lam, q_lam, <a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a> - 1);</div><div class="line"><a name="l00152"></a><span class="lineno"> 152</span> <span class="preprocessor">#else</span></div><div class="line"><a name="l00153"></a><span class="lineno"> 153</span>  <span class="keywordtype">int</span> is_zero = <a class="code" href="scalar_8h.html#a3f0ac84fe49a1c1f51212582a2c149d4">secp256k1_scalar_is_zero</a>(scalar);</div><div class="line"><a name="l00154"></a><span class="lineno"> 154</span>  <span class="comment">/* the wNAF ladder cannot handle zero, so bump this to one .. we will</span></div><div class="line"><a name="l00155"></a><span class="lineno"> 155</span> <span class="comment"> * correct the result after the fact */</span></div><div class="line"><a name="l00156"></a><span class="lineno"> 156</span>  sc.<a class="code" href="structsecp256k1__scalar.html#a4aba1d263d205acdd537ed9a995393cd">d</a>[0] += is_zero;</div><div class="line"><a name="l00157"></a><span class="lineno"> 157</span>  <a class="code" href="secp256k1_2src_2util_8h.html#aca8ac5ae73fd966db106de59160a178b">VERIFY_CHECK</a>(!<a class="code" href="scalar_8h.html#a3f0ac84fe49a1c1f51212582a2c149d4">secp256k1_scalar_is_zero</a>(&sc));</div><div class="line"><a name="l00158"></a><span class="lineno"> 158</span> </div><div class="line"><a name="l00159"></a><span class="lineno"> 159</span>  <a class="code" href="ecmult__const__impl_8h.html#ac252ac4f8c905ddc178ce056bd45b8ec">secp256k1_wnaf_const</a>(wnaf, sc, <a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a> - 1);</div><div class="line"><a name="l00160"></a><span class="lineno"> 160</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00161"></a><span class="lineno"> 161</span> </div><div class="line"><a name="l00162"></a><span class="lineno"> 162</span>  <span class="comment">/* Calculate odd multiples of a.</span></div><div class="line"><a name="l00163"></a><span class="lineno"> 163</span> <span class="comment"> * All multiples are brought to the same Z 'denominator', which is stored</span></div><div class="line"><a name="l00164"></a><span class="lineno"> 164</span> <span class="comment"> * in Z. Due to secp256k1' isomorphism we can do all operations pretending</span></div><div class="line"><a name="l00165"></a><span class="lineno"> 165</span> <span class="comment"> * that the Z coordinate was 1, use affine addition formulae, and correct</span></div><div class="line"><a name="l00166"></a><span class="lineno"> 166</span> <span class="comment"> * the Z coordinate of the result once at the end.</span></div><div class="line"><a name="l00167"></a><span class="lineno"> 167</span> <span class="comment"> */</span></div><div class="line"><a name="l00168"></a><span class="lineno"> 168</span>  <a class="code" href="group_8h.html#ad5f813e26afb239f03e83f0e61e05498">secp256k1_gej_set_ge</a>(r, a);</div><div class="line"><a name="l00169"></a><span class="lineno"> 169</span>  <a class="code" href="ecmult__impl_8h.html#a33fe27d5aa383017999f80a1cdd8d8ca">secp256k1_ecmult_odd_multiples_table_globalz_windowa</a>(pre_a, &Z, r);</div><div class="line"><a name="l00170"></a><span class="lineno"> 170</span>  <span class="keywordflow">for</span> (i = 0; i < <a class="code" href="ecmult__impl_8h.html#a97c6c6e5aa98f202eec77c4c931e02f1">ECMULT_TABLE_SIZE</a>(<a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a>); i++) {</div><div class="line"><a name="l00171"></a><span class="lineno"> 171</span>  <a class="code" href="field_8h.html#a0aaec7df2f708a451a8e1f41a943d8b1">secp256k1_fe_normalize_weak</a>(&pre_a[i].y);</div><div class="line"><a name="l00172"></a><span class="lineno"> 172</span>  }</div><div class="line"><a name="l00173"></a><span class="lineno"> 173</span> <span class="preprocessor">#ifdef USE_ENDOMORPHISM</span></div><div class="line"><a name="l00174"></a><span class="lineno"> 174</span>  <span class="keywordflow">for</span> (i = 0; i < <a class="code" href="ecmult__impl_8h.html#a97c6c6e5aa98f202eec77c4c931e02f1">ECMULT_TABLE_SIZE</a>(<a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a>); i++) {</div><div class="line"><a name="l00175"></a><span class="lineno"> 175</span>  secp256k1_ge_mul_lambda(&pre_a_lam[i], &pre_a[i]);</div><div class="line"><a name="l00176"></a><span class="lineno"> 176</span>  }</div><div class="line"><a name="l00177"></a><span class="lineno"> 177</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00178"></a><span class="lineno"> 178</span> </div><div class="line"><a name="l00179"></a><span class="lineno"> 179</span>  <span class="comment">/* first loop iteration (separated out so we can directly set r, rather</span></div><div class="line"><a name="l00180"></a><span class="lineno"> 180</span> <span class="comment"> * than having it start at infinity, get doubled several times, then have</span></div><div class="line"><a name="l00181"></a><span class="lineno"> 181</span> <span class="comment"> * its new value added to it) */</span></div><div class="line"><a name="l00182"></a><span class="lineno"> 182</span> <span class="preprocessor">#ifdef USE_ENDOMORPHISM</span></div><div class="line"><a name="l00183"></a><span class="lineno"> 183</span>  i = wnaf_1[<a class="code" href="ecmult__const__impl_8h.html#a23d9fb349265ae338b9977f7f7aab065">WNAF_SIZE</a>(<a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a> - 1)];</div><div class="line"><a name="l00184"></a><span class="lineno"> 184</span>  <a class="code" href="secp256k1_2src_2util_8h.html#aca8ac5ae73fd966db106de59160a178b">VERIFY_CHECK</a>(i != 0);</div><div class="line"><a name="l00185"></a><span class="lineno"> 185</span>  <a class="code" href="ecmult__const__impl_8h.html#a541e7c0e2d2f68e2b1b03729d93b4ca7">ECMULT_CONST_TABLE_GET_GE</a>(&tmpa, pre_a, i, <a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a>);</div><div class="line"><a name="l00186"></a><span class="lineno"> 186</span>  <a class="code" href="group_8h.html#ad5f813e26afb239f03e83f0e61e05498">secp256k1_gej_set_ge</a>(r, &tmpa);</div><div class="line"><a name="l00187"></a><span class="lineno"> 187</span> </div><div class="line"><a name="l00188"></a><span class="lineno"> 188</span>  i = wnaf_lam[<a class="code" href="ecmult__const__impl_8h.html#a23d9fb349265ae338b9977f7f7aab065">WNAF_SIZE</a>(<a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a> - 1)];</div><div class="line"><a name="l00189"></a><span class="lineno"> 189</span>  <a class="code" href="secp256k1_2src_2util_8h.html#aca8ac5ae73fd966db106de59160a178b">VERIFY_CHECK</a>(i != 0);</div><div class="line"><a name="l00190"></a><span class="lineno"> 190</span>  <a class="code" href="ecmult__const__impl_8h.html#a541e7c0e2d2f68e2b1b03729d93b4ca7">ECMULT_CONST_TABLE_GET_GE</a>(&tmpa, pre_a_lam, i, <a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a>);</div><div class="line"><a name="l00191"></a><span class="lineno"> 191</span>  <a class="code" href="group_8h.html#a586b55d5921edcd68799f584c0a3c58d">secp256k1_gej_add_ge</a>(r, r, &tmpa);</div><div class="line"><a name="l00192"></a><span class="lineno"> 192</span> <span class="preprocessor">#else</span></div><div class="line"><a name="l00193"></a><span class="lineno"> 193</span>  i = wnaf[<a class="code" href="ecmult__const__impl_8h.html#a23d9fb349265ae338b9977f7f7aab065">WNAF_SIZE</a>(<a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a> - 1)];</div><div class="line"><a name="l00194"></a><span class="lineno"> 194</span>  <a class="code" href="secp256k1_2src_2util_8h.html#aca8ac5ae73fd966db106de59160a178b">VERIFY_CHECK</a>(i != 0);</div><div class="line"><a name="l00195"></a><span class="lineno"> 195</span>  <a class="code" href="ecmult__const__impl_8h.html#a541e7c0e2d2f68e2b1b03729d93b4ca7">ECMULT_CONST_TABLE_GET_GE</a>(&tmpa, pre_a, i, <a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a>);</div><div class="line"><a name="l00196"></a><span class="lineno"> 196</span>  <a class="code" href="group_8h.html#ad5f813e26afb239f03e83f0e61e05498">secp256k1_gej_set_ge</a>(r, &tmpa);</div><div class="line"><a name="l00197"></a><span class="lineno"> 197</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00198"></a><span class="lineno"> 198</span>  <span class="comment">/* remaining loop iterations */</span></div><div class="line"><a name="l00199"></a><span class="lineno"> 199</span>  <span class="keywordflow">for</span> (i = <a class="code" href="ecmult__const__impl_8h.html#a23d9fb349265ae338b9977f7f7aab065">WNAF_SIZE</a>(<a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a> - 1) - 1; i >= 0; i--) {</div><div class="line"><a name="l00200"></a><span class="lineno"> 200</span>  <span class="keywordtype">int</span> <a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a>;</div><div class="line"><a name="l00201"></a><span class="lineno"> 201</span>  <span class="keywordtype">int</span> j;</div><div class="line"><a name="l00202"></a><span class="lineno"> 202</span>  <span class="keywordflow">for</span> (j = 0; j < <a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a> - 1; ++j) {</div><div class="line"><a name="l00203"></a><span class="lineno"> 203</span>  <a class="code" href="group_8h.html#a4424d01156ea843dad5a8d27b2feec4f">secp256k1_gej_double_nonzero</a>(r, r, NULL);</div><div class="line"><a name="l00204"></a><span class="lineno"> 204</span>  }</div><div class="line"><a name="l00205"></a><span class="lineno"> 205</span> <span class="preprocessor">#ifdef USE_ENDOMORPHISM</span></div><div class="line"><a name="l00206"></a><span class="lineno"> 206</span>  <a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a> = wnaf_1[i];</div><div class="line"><a name="l00207"></a><span class="lineno"> 207</span>  <a class="code" href="ecmult__const__impl_8h.html#a541e7c0e2d2f68e2b1b03729d93b4ca7">ECMULT_CONST_TABLE_GET_GE</a>(&tmpa, pre_a, <a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a>, <a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a>);</div><div class="line"><a name="l00208"></a><span class="lineno"> 208</span>  <a class="code" href="secp256k1_2src_2util_8h.html#aca8ac5ae73fd966db106de59160a178b">VERIFY_CHECK</a>(<a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a> != 0);</div><div class="line"><a name="l00209"></a><span class="lineno"> 209</span>  <a class="code" href="group_8h.html#a586b55d5921edcd68799f584c0a3c58d">secp256k1_gej_add_ge</a>(r, r, &tmpa);</div><div class="line"><a name="l00210"></a><span class="lineno"> 210</span> </div><div class="line"><a name="l00211"></a><span class="lineno"> 211</span>  <a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a> = wnaf_lam[i];</div><div class="line"><a name="l00212"></a><span class="lineno"> 212</span>  <a class="code" href="ecmult__const__impl_8h.html#a541e7c0e2d2f68e2b1b03729d93b4ca7">ECMULT_CONST_TABLE_GET_GE</a>(&tmpa, pre_a_lam, <a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a>, <a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a>);</div><div class="line"><a name="l00213"></a><span class="lineno"> 213</span>  <a class="code" href="secp256k1_2src_2util_8h.html#aca8ac5ae73fd966db106de59160a178b">VERIFY_CHECK</a>(<a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a> != 0);</div><div class="line"><a name="l00214"></a><span class="lineno"> 214</span>  <a class="code" href="group_8h.html#a586b55d5921edcd68799f584c0a3c58d">secp256k1_gej_add_ge</a>(r, r, &tmpa);</div><div class="line"><a name="l00215"></a><span class="lineno"> 215</span> <span class="preprocessor">#else</span></div><div class="line"><a name="l00216"></a><span class="lineno"> 216</span>  <a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a> = wnaf[i];</div><div class="line"><a name="l00217"></a><span class="lineno"> 217</span>  <a class="code" href="secp256k1_2src_2util_8h.html#aca8ac5ae73fd966db106de59160a178b">VERIFY_CHECK</a>(<a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a> != 0);</div><div class="line"><a name="l00218"></a><span class="lineno"> 218</span>  <a class="code" href="ecmult__const__impl_8h.html#a541e7c0e2d2f68e2b1b03729d93b4ca7">ECMULT_CONST_TABLE_GET_GE</a>(&tmpa, pre_a, <a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a>, <a class="code" href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a>);</div><div class="line"><a name="l00219"></a><span class="lineno"> 219</span>  <a class="code" href="group_8h.html#a586b55d5921edcd68799f584c0a3c58d">secp256k1_gej_add_ge</a>(r, r, &tmpa);</div><div class="line"><a name="l00220"></a><span class="lineno"> 220</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00221"></a><span class="lineno"> 221</span>  }</div><div class="line"><a name="l00222"></a><span class="lineno"> 222</span> </div><div class="line"><a name="l00223"></a><span class="lineno"> 223</span>  <a class="code" href="field_8h.html#a542b97d2574d9687c563d002587cf9a2">secp256k1_fe_mul</a>(&r-><a class="code" href="structsecp256k1__gej.html#ae41776408dba32cbe28b5e345b5f2286">z</a>, &r-><a class="code" href="structsecp256k1__gej.html#ae41776408dba32cbe28b5e345b5f2286">z</a>, &Z);</div><div class="line"><a name="l00224"></a><span class="lineno"> 224</span> </div><div class="line"><a name="l00225"></a><span class="lineno"> 225</span> <span class="preprocessor">#ifdef USE_ENDOMORPHISM</span></div><div class="line"><a name="l00226"></a><span class="lineno"> 226</span>  {</div><div class="line"><a name="l00227"></a><span class="lineno"> 227</span>  <span class="comment">/* Correct for wNAF skew */</span></div><div class="line"><a name="l00228"></a><span class="lineno"> 228</span>  <a class="code" href="structsecp256k1__ge.html">secp256k1_ge</a> correction = *a;</div><div class="line"><a name="l00229"></a><span class="lineno"> 229</span>  <a class="code" href="structsecp256k1__ge__storage.html">secp256k1_ge_storage</a> correction_1_stor;</div><div class="line"><a name="l00230"></a><span class="lineno"> 230</span>  <a class="code" href="structsecp256k1__ge__storage.html">secp256k1_ge_storage</a> correction_lam_stor;</div><div class="line"><a name="l00231"></a><span class="lineno"> 231</span>  <a class="code" href="structsecp256k1__ge__storage.html">secp256k1_ge_storage</a> a2_stor;</div><div class="line"><a name="l00232"></a><span class="lineno"> 232</span>  <a class="code" href="structsecp256k1__gej.html">secp256k1_gej</a> tmpj;</div><div class="line"><a name="l00233"></a><span class="lineno"> 233</span>  <a class="code" href="group_8h.html#ad5f813e26afb239f03e83f0e61e05498">secp256k1_gej_set_ge</a>(&tmpj, &correction);</div><div class="line"><a name="l00234"></a><span class="lineno"> 234</span>  <a class="code" href="group_8h.html#a033aa434a4d0838f649ad757dd44db46">secp256k1_gej_double_var</a>(&tmpj, &tmpj, NULL);</div><div class="line"><a name="l00235"></a><span class="lineno"> 235</span>  <a class="code" href="group_8h.html#aa511eebf8cd7419763f06555ed4fb62d">secp256k1_ge_set_gej</a>(&correction, &tmpj);</div><div class="line"><a name="l00236"></a><span class="lineno"> 236</span>  <a class="code" href="group_8h.html#ad6499ae629f998e50d8614869ee3c67f">secp256k1_ge_to_storage</a>(&correction_1_stor, a);</div><div class="line"><a name="l00237"></a><span class="lineno"> 237</span>  <a class="code" href="group_8h.html#ad6499ae629f998e50d8614869ee3c67f">secp256k1_ge_to_storage</a>(&correction_lam_stor, a);</div><div class="line"><a name="l00238"></a><span class="lineno"> 238</span>  <a class="code" href="group_8h.html#ad6499ae629f998e50d8614869ee3c67f">secp256k1_ge_to_storage</a>(&a2_stor, &correction);</div><div class="line"><a name="l00239"></a><span class="lineno"> 239</span> </div><div class="line"><a name="l00240"></a><span class="lineno"> 240</span>  <span class="comment">/* For odd numbers this is 2a (so replace it), for even ones a (so no-op) */</span></div><div class="line"><a name="l00241"></a><span class="lineno"> 241</span>  <a class="code" href="group_8h.html#a9a5ec01f9c5a8fcbae1a83217cd96069">secp256k1_ge_storage_cmov</a>(&correction_1_stor, &a2_stor, skew_1 == 2);</div><div class="line"><a name="l00242"></a><span class="lineno"> 242</span>  <a class="code" href="group_8h.html#a9a5ec01f9c5a8fcbae1a83217cd96069">secp256k1_ge_storage_cmov</a>(&correction_lam_stor, &a2_stor, skew_lam == 2);</div><div class="line"><a name="l00243"></a><span class="lineno"> 243</span> </div><div class="line"><a name="l00244"></a><span class="lineno"> 244</span>  <span class="comment">/* Apply the correction */</span></div><div class="line"><a name="l00245"></a><span class="lineno"> 245</span>  <a class="code" href="group_8h.html#a8c1e7f328284d9ba56404bb8d99bf765">secp256k1_ge_from_storage</a>(&correction, &correction_1_stor);</div><div class="line"><a name="l00246"></a><span class="lineno"> 246</span>  <a class="code" href="group_8h.html#abcb34de0cfdf82a125e059f4f98de1d9">secp256k1_ge_neg</a>(&correction, &correction);</div><div class="line"><a name="l00247"></a><span class="lineno"> 247</span>  <a class="code" href="group_8h.html#a586b55d5921edcd68799f584c0a3c58d">secp256k1_gej_add_ge</a>(r, r, &correction);</div><div class="line"><a name="l00248"></a><span class="lineno"> 248</span> </div><div class="line"><a name="l00249"></a><span class="lineno"> 249</span>  <a class="code" href="group_8h.html#a8c1e7f328284d9ba56404bb8d99bf765">secp256k1_ge_from_storage</a>(&correction, &correction_lam_stor);</div><div class="line"><a name="l00250"></a><span class="lineno"> 250</span>  <a class="code" href="group_8h.html#abcb34de0cfdf82a125e059f4f98de1d9">secp256k1_ge_neg</a>(&correction, &correction);</div><div class="line"><a name="l00251"></a><span class="lineno"> 251</span>  secp256k1_ge_mul_lambda(&correction, &correction);</div><div class="line"><a name="l00252"></a><span class="lineno"> 252</span>  <a class="code" href="group_8h.html#a586b55d5921edcd68799f584c0a3c58d">secp256k1_gej_add_ge</a>(r, r, &correction);</div><div class="line"><a name="l00253"></a><span class="lineno"> 253</span>  }</div><div class="line"><a name="l00254"></a><span class="lineno"> 254</span> <span class="preprocessor">#else</span></div><div class="line"><a name="l00255"></a><span class="lineno"> 255</span>  <span class="comment">/* correct for zero */</span></div><div class="line"><a name="l00256"></a><span class="lineno"> 256</span>  r-><a class="code" href="structsecp256k1__gej.html#ab3ec8168caf27aa3a092d512eaadaad9">infinity</a> |= is_zero;</div><div class="line"><a name="l00257"></a><span class="lineno"> 257</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00258"></a><span class="lineno"> 258</span> }</div><div class="line"><a name="l00259"></a><span class="lineno"> 259</span> </div><div class="line"><a name="l00260"></a><span class="lineno"> 260</span> <span class="preprocessor">#endif</span></div><div class="ttc" id="secp256k1_2src_2util_8h_html_aca8ac5ae73fd966db106de59160a178b"><div class="ttname"><a href="secp256k1_2src_2util_8h.html#aca8ac5ae73fd966db106de59160a178b">VERIFY_CHECK</a></div><div class="ttdeci">#define VERIFY_CHECK(cond)</div><div class="ttdef"><b>Definition:</b> <a href="secp256k1_2src_2util_8h_source.html#l00064">util.h:64</a></div></div>
|
|
<div class="ttc" id="structsecp256k1__fe_html"><div class="ttname"><a href="structsecp256k1__fe.html">secp256k1_fe</a></div><div class="ttdef"><b>Definition:</b> <a href="field__10x26_8h_source.html#l00012">field_10x26.h:12</a></div></div>
|
|
<div class="ttc" id="scalar_8h_html_a3eb65cf9bfad7c430cbb3dc26d494a95"><div class="ttname"><a href="scalar_8h.html#a3eb65cf9bfad7c430cbb3dc26d494a95">secp256k1_scalar_is_even</a></div><div class="ttdeci">static int secp256k1_scalar_is_even(const secp256k1_scalar *a)</div></div>
|
|
<div class="ttc" id="group_8h_html_abcb34de0cfdf82a125e059f4f98de1d9"><div class="ttname"><a href="group_8h.html#abcb34de0cfdf82a125e059f4f98de1d9">secp256k1_ge_neg</a></div><div class="ttdeci">static void secp256k1_ge_neg(secp256k1_ge *r, const secp256k1_ge *a)</div></div>
|
|
<div class="ttc" id="field_8h_html_a542b97d2574d9687c563d002587cf9a2"><div class="ttname"><a href="field_8h.html#a542b97d2574d9687c563d002587cf9a2">secp256k1_fe_mul</a></div><div class="ttdeci">static void secp256k1_fe_mul(secp256k1_fe *r, const secp256k1_fe *a, const secp256k1_fe *SECP256K1_RESTRICT b)</div></div>
|
|
<div class="ttc" id="group_8h_html"><div class="ttname"><a href="group_8h.html">group.h</a></div></div>
|
|
<div class="ttc" id="ecmult__const_8h_html"><div class="ttname"><a href="ecmult__const_8h.html">ecmult_const.h</a></div></div>
|
|
<div class="ttc" id="group_8h_html_a4424d01156ea843dad5a8d27b2feec4f"><div class="ttname"><a href="group_8h.html#a4424d01156ea843dad5a8d27b2feec4f">secp256k1_gej_double_nonzero</a></div><div class="ttdeci">static void secp256k1_gej_double_nonzero(secp256k1_gej *r, const secp256k1_gej *a, secp256k1_fe *rzr)</div></div>
|
|
<div class="ttc" id="scalar_8h_html_aa3f1c1d4536adf835ee256878c222968"><div class="ttname"><a href="scalar_8h.html#aa3f1c1d4536adf835ee256878c222968">secp256k1_scalar_negate</a></div><div class="ttdeci">static void secp256k1_scalar_negate(secp256k1_scalar *r, const secp256k1_scalar *a)</div></div>
|
|
<div class="ttc" id="scalar_8h_html_a3f0ac84fe49a1c1f51212582a2c149d4"><div class="ttname"><a href="scalar_8h.html#a3f0ac84fe49a1c1f51212582a2c149d4">secp256k1_scalar_is_zero</a></div><div class="ttdeci">static int secp256k1_scalar_is_zero(const secp256k1_scalar *a)</div></div>
|
|
<div class="ttc" id="ecmult__impl_8h_html_a97c6c6e5aa98f202eec77c4c931e02f1"><div class="ttname"><a href="ecmult__impl_8h.html#a97c6c6e5aa98f202eec77c4c931e02f1">ECMULT_TABLE_SIZE</a></div><div class="ttdeci">#define ECMULT_TABLE_SIZE(w)</div><div class="ttdef"><b>Definition:</b> <a href="ecmult__impl_8h_source.html#l00028">ecmult_impl.h:28</a></div></div>
|
|
<div class="ttc" id="scalar_8h_html_ae9fcdf1db22cb93c2a2f06b0a9c957d3"><div class="ttname"><a href="scalar_8h.html#ae9fcdf1db22cb93c2a2f06b0a9c957d3">secp256k1_scalar_shr_int</a></div><div class="ttdeci">static int secp256k1_scalar_shr_int(secp256k1_scalar *r, int n)</div></div>
|
|
<div class="ttc" id="structsecp256k1__gej_html"><div class="ttname"><a href="structsecp256k1__gej.html">secp256k1_gej</a></div><div class="ttdef"><b>Definition:</b> <a href="group_8h_source.html#l00024">group.h:24</a></div></div>
|
|
<div class="ttc" id="group_8h_html_a033aa434a4d0838f649ad757dd44db46"><div class="ttname"><a href="group_8h.html#a033aa434a4d0838f649ad757dd44db46">secp256k1_gej_double_var</a></div><div class="ttdeci">static void secp256k1_gej_double_var(secp256k1_gej *r, const secp256k1_gej *a, secp256k1_fe *rzr)</div></div>
|
|
<div class="ttc" id="ecmult__const__impl_8h_html_a23d9fb349265ae338b9977f7f7aab065"><div class="ttname"><a href="ecmult__const__impl_8h.html#a23d9fb349265ae338b9977f7f7aab065">WNAF_SIZE</a></div><div class="ttdeci">#define WNAF_SIZE(w)</div><div class="ttdef"><b>Definition:</b> <a href="ecmult__const__impl_8h_source.html#l00020">ecmult_const_impl.h:20</a></div></div>
|
|
<div class="ttc" id="namespacefix-copyright-headers_html_aed10e06fbf20b2e50f73ff2d61f59e45"><div class="ttname"><a href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">fix-copyright-headers.n</a></div><div class="ttdeci">int n</div><div class="ttdef"><b>Definition:</b> <a href="fix-copyright-headers_8py_source.html#l00046">fix-copyright-headers.py:46</a></div></div>
|
|
<div class="ttc" id="structsecp256k1__ge__storage_html"><div class="ttname"><a href="structsecp256k1__ge__storage.html">secp256k1_ge_storage</a></div><div class="ttdef"><b>Definition:</b> <a href="group_8h_source.html#l00034">group.h:34</a></div></div>
|
|
<div class="ttc" id="ecmult__impl_8h_html_a33fe27d5aa383017999f80a1cdd8d8ca"><div class="ttname"><a href="ecmult__impl_8h.html#a33fe27d5aa383017999f80a1cdd8d8ca">secp256k1_ecmult_odd_multiples_table_globalz_windowa</a></div><div class="ttdeci">static void secp256k1_ecmult_odd_multiples_table_globalz_windowa(secp256k1_ge *pre, secp256k1_fe *globalz, const secp256k1_gej *a)</div><div class="ttdef"><b>Definition:</b> <a href="ecmult__impl_8h_source.html#l00085">ecmult_impl.h:85</a></div></div>
|
|
<div class="ttc" id="ecmult__impl_8h_html"><div class="ttname"><a href="ecmult__impl_8h.html">ecmult_impl.h</a></div></div>
|
|
<div class="ttc" id="ecmult__const__impl_8h_html_a541e7c0e2d2f68e2b1b03729d93b4ca7"><div class="ttname"><a href="ecmult__const__impl_8h.html#a541e7c0e2d2f68e2b1b03729d93b4ca7">ECMULT_CONST_TABLE_GET_GE</a></div><div class="ttdeci">#define ECMULT_CONST_TABLE_GET_GE(r, pre, n, w)</div><div class="ttdef"><b>Definition:</b> <a href="ecmult__const__impl_8h_source.html#l00023">ecmult_const_impl.h:23</a></div></div>
|
|
<div class="ttc" id="group_8h_html_aa511eebf8cd7419763f06555ed4fb62d"><div class="ttname"><a href="group_8h.html#aa511eebf8cd7419763f06555ed4fb62d">secp256k1_ge_set_gej</a></div><div class="ttdeci">static void secp256k1_ge_set_gej(secp256k1_ge *r, secp256k1_gej *a)</div></div>
|
|
<div class="ttc" id="structsecp256k1__gej_html_ab3ec8168caf27aa3a092d512eaadaad9"><div class="ttname"><a href="structsecp256k1__gej.html#ab3ec8168caf27aa3a092d512eaadaad9">secp256k1_gej::infinity</a></div><div class="ttdeci">int infinity</div><div class="ttdef"><b>Definition:</b> <a href="group_8h_source.html#l00028">group.h:28</a></div></div>
|
|
<div class="ttc" id="scalar_8h_html_aab66620cbbe49bec3c7c02f4a1219c05"><div class="ttname"><a href="scalar_8h.html#aab66620cbbe49bec3c7c02f4a1219c05">secp256k1_scalar_is_high</a></div><div class="ttdeci">static int secp256k1_scalar_is_high(const secp256k1_scalar *a)</div></div>
|
|
<div class="ttc" id="scalar_8h_html"><div class="ttname"><a href="scalar_8h.html">scalar.h</a></div></div>
|
|
<div class="ttc" id="scalar_8h_html_ad6596a0249548deb678f0b630204254f"><div class="ttname"><a href="scalar_8h.html#ad6596a0249548deb678f0b630204254f">secp256k1_scalar_cadd_bit</a></div><div class="ttdeci">static void secp256k1_scalar_cadd_bit(secp256k1_scalar *r, unsigned int bit, int flag)</div></div>
|
|
<div class="ttc" id="structsecp256k1__ge_html"><div class="ttname"><a href="structsecp256k1__ge.html">secp256k1_ge</a></div><div class="ttdef"><b>Definition:</b> <a href="group_8h_source.html#l00014">group.h:14</a></div></div>
|
|
<div class="ttc" id="field_8h_html_a0aaec7df2f708a451a8e1f41a943d8b1"><div class="ttname"><a href="field_8h.html#a0aaec7df2f708a451a8e1f41a943d8b1">secp256k1_fe_normalize_weak</a></div><div class="ttdeci">static void secp256k1_fe_normalize_weak(secp256k1_fe *r)</div></div>
|
|
<div class="ttc" id="group_8h_html_a9a5ec01f9c5a8fcbae1a83217cd96069"><div class="ttname"><a href="group_8h.html#a9a5ec01f9c5a8fcbae1a83217cd96069">secp256k1_ge_storage_cmov</a></div><div class="ttdeci">static void secp256k1_ge_storage_cmov(secp256k1_ge_storage *r, const secp256k1_ge_storage *a, int flag)</div></div>
|
|
<div class="ttc" id="ecmult__const__impl_8h_html_a7ca5efdae3396a6261bcc836e4a32739"><div class="ttname"><a href="ecmult__const__impl_8h.html#a7ca5efdae3396a6261bcc836e4a32739">WNAF_BITS</a></div><div class="ttdeci">#define WNAF_BITS</div><div class="ttdef"><b>Definition:</b> <a href="ecmult__const__impl_8h_source.html#l00018">ecmult_const_impl.h:18</a></div></div>
|
|
<div class="ttc" id="structsecp256k1__scalar_html"><div class="ttname"><a href="structsecp256k1__scalar.html">secp256k1_scalar</a></div><div class="ttdef"><b>Definition:</b> <a href="scalar__4x64_8h_source.html#l00013">scalar_4x64.h:13</a></div></div>
|
|
<div class="ttc" id="scalar_8h_html_a520b78be2bca742daa8d5efa5c343291"><div class="ttname"><a href="scalar_8h.html#a520b78be2bca742daa8d5efa5c343291">secp256k1_scalar_cond_negate</a></div><div class="ttdeci">static int secp256k1_scalar_cond_negate(secp256k1_scalar *a, int flag)</div></div>
|
|
<div class="ttc" id="ecmult__impl_8h_html_a6216c81c6adbb8796c55fe0c8d3b6718"><div class="ttname"><a href="ecmult__impl_8h.html#a6216c81c6adbb8796c55fe0c8d3b6718">WINDOW_A</a></div><div class="ttdeci">#define WINDOW_A</div><div class="ttdef"><b>Definition:</b> <a href="ecmult__impl_8h_source.html#l00015">ecmult_impl.h:15</a></div></div>
|
|
<div class="ttc" id="structsecp256k1__scalar_html_a4aba1d263d205acdd537ed9a995393cd"><div class="ttname"><a href="structsecp256k1__scalar.html#a4aba1d263d205acdd537ed9a995393cd">secp256k1_scalar::d</a></div><div class="ttdeci">uint64_t d[4]</div><div class="ttdef"><b>Definition:</b> <a href="scalar__4x64_8h_source.html#l00014">scalar_4x64.h:14</a></div></div>
|
|
<div class="ttc" id="structsecp256k1__gej_html_ae41776408dba32cbe28b5e345b5f2286"><div class="ttname"><a href="structsecp256k1__gej.html#ae41776408dba32cbe28b5e345b5f2286">secp256k1_gej::z</a></div><div class="ttdeci">secp256k1_fe z</div><div class="ttdef"><b>Definition:</b> <a href="group_8h_source.html#l00027">group.h:27</a></div></div>
|
|
<div class="ttc" id="group_8h_html_a586b55d5921edcd68799f584c0a3c58d"><div class="ttname"><a href="group_8h.html#a586b55d5921edcd68799f584c0a3c58d">secp256k1_gej_add_ge</a></div><div class="ttdeci">static void secp256k1_gej_add_ge(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_ge *b)</div></div>
|
|
<div class="ttc" id="ecmult__const__impl_8h_html_a89f4e02fa2a4630ae0c5e302457f7931"><div class="ttname"><a href="ecmult__const__impl_8h.html#a89f4e02fa2a4630ae0c5e302457f7931">secp256k1_ecmult_const</a></div><div class="ttdeci">static void secp256k1_ecmult_const(secp256k1_gej *r, const secp256k1_ge *a, const secp256k1_scalar *scalar)</div><div class="ttdef"><b>Definition:</b> <a href="ecmult__const__impl_8h_source.html#l00125">ecmult_const_impl.h:125</a></div></div>
|
|
<div class="ttc" id="group_8h_html_a8c1e7f328284d9ba56404bb8d99bf765"><div class="ttname"><a href="group_8h.html#a8c1e7f328284d9ba56404bb8d99bf765">secp256k1_ge_from_storage</a></div><div class="ttdeci">static void secp256k1_ge_from_storage(secp256k1_ge *r, const secp256k1_ge_storage *a)</div></div>
|
|
<div class="ttc" id="group_8h_html_ad5f813e26afb239f03e83f0e61e05498"><div class="ttname"><a href="group_8h.html#ad5f813e26afb239f03e83f0e61e05498">secp256k1_gej_set_ge</a></div><div class="ttdeci">static void secp256k1_gej_set_ge(secp256k1_gej *r, const secp256k1_ge *a)</div></div>
|
|
<div class="ttc" id="group_8h_html_ad6499ae629f998e50d8614869ee3c67f"><div class="ttname"><a href="group_8h.html#ad6499ae629f998e50d8614869ee3c67f">secp256k1_ge_to_storage</a></div><div class="ttdeci">static void secp256k1_ge_to_storage(secp256k1_ge_storage *r, const secp256k1_ge *a)</div></div>
|
|
<div class="ttc" id="ecmult__const__impl_8h_html_ac252ac4f8c905ddc178ce056bd45b8ec"><div class="ttname"><a href="ecmult__const__impl_8h.html#ac252ac4f8c905ddc178ce056bd45b8ec">secp256k1_wnaf_const</a></div><div class="ttdeci">static int secp256k1_wnaf_const(int *wnaf, secp256k1_scalar s, int w)</div><div class="ttdef"><b>Definition:</b> <a href="ecmult__const__impl_8h_source.html#l00057">ecmult_const_impl.h:57</a></div></div>
|
|
<div class="ttc" id="scalar_8h_html_aa1118b3273d3c9d15541f29373b93e97"><div class="ttname"><a href="scalar_8h.html#aa1118b3273d3c9d15541f29373b93e97">secp256k1_scalar_is_one</a></div><div class="ttdeci">static int secp256k1_scalar_is_one(const secp256k1_scalar *a)</div></div>
|
|
</div><!-- fragment --></div><!-- contents -->
|
|
</div><!-- doc-content -->
|
|
<!-- start footer part -->
|
|
<div id="nav-path" class="navpath"><!-- id is needed for treeview function! -->
|
|
<ul>
|
|
<li class="navelem"><a class="el" href="dir_68267d1309a1af8e8297ef4c3efbcdba.html">src</a></li><li class="navelem"><a class="el" href="dir_44f34d1e62fda08bdb4ca69ab2d205ae.html">secp256k1</a></li><li class="navelem"><a class="el" href="dir_8db2ef784512d48b2a7d00369dfaac28.html">src</a></li><li class="navelem"><a class="el" href="ecmult__const__impl_8h.html">ecmult_const_impl.h</a></li>
|
|
<li class="footer">Generated on Thu Dec 14 2017 13:15:08 for Dash Core by
|
|
<a href="http://www.doxygen.org/index.html">
|
|
<img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.8.14 </li>
|
|
</ul>
|
|
</div>
|
|
</body>
|
|
</html>
|