Bitcoin Core 29.99.0
P2P Digital Currency
bench_internal.c
Go to the documentation of this file.
1/***********************************************************************
2 * Copyright (c) 2014-2015 Pieter Wuille *
3 * Distributed under the MIT software license, see the accompanying *
4 * file COPYING or https://www.opensource.org/licenses/mit-license.php.*
5 ***********************************************************************/
6#include <stdio.h>
7
8#include "secp256k1.c"
9#include "../include/secp256k1.h"
10
11#include "assumptions.h"
12#include "util.h"
13#include "hash_impl.h"
14#include "field_impl.h"
15#include "group_impl.h"
16#include "scalar_impl.h"
17#include "ecmult_impl.h"
18#include "bench.h"
19
20static void help(int default_iters) {
21 printf("Benchmarks various internal routines.\n");
22 printf("\n");
23 printf("The default number of iterations for each benchmark is %d. This can be\n", default_iters);
24 printf("customized using the SECP256K1_BENCH_ITERS environment variable.\n");
25 printf("\n");
26 printf("Usage: ./bench_internal [args]\n");
27 printf("By default, all benchmarks will be run.\n");
28 printf("args:\n");
29 printf(" help : display this help and exit\n");
30 printf(" scalar : all scalar operations (add, half, inverse, mul, negate, split)\n");
31 printf(" field : all field operations (half, inverse, issquare, mul, normalize, sqr, sqrt)\n");
32 printf(" group : all group operations (add, double, to_affine)\n");
33 printf(" ecmult : all point multiplication operations (ecmult_wnaf) \n");
34 printf(" hash : all hash algorithms (hmac, rng6979, sha256)\n");
35 printf(" context : all context object operations (context_create)\n");
36 printf("\n");
37}
38
39typedef struct {
40 secp256k1_scalar scalar[2];
41 secp256k1_fe fe[4];
42 secp256k1_ge ge[2];
43 secp256k1_gej gej[2];
44 unsigned char data[64];
45 int wnaf[256];
46} bench_inv;
47
48static void bench_setup(void* arg) {
49 bench_inv *data = (bench_inv*)arg;
50
51 static const unsigned char init[4][32] = {
52 /* Initializer for scalar[0], fe[0], first half of data, the X coordinate of ge[0],
53 and the (implied affine) X coordinate of gej[0]. */
54 {
55 0x02, 0x03, 0x05, 0x07, 0x0b, 0x0d, 0x11, 0x13,
56 0x17, 0x1d, 0x1f, 0x25, 0x29, 0x2b, 0x2f, 0x35,
57 0x3b, 0x3d, 0x43, 0x47, 0x49, 0x4f, 0x53, 0x59,
58 0x61, 0x65, 0x67, 0x6b, 0x6d, 0x71, 0x7f, 0x83
59 },
60 /* Initializer for scalar[1], fe[1], first half of data, the X coordinate of ge[1],
61 and the (implied affine) X coordinate of gej[1]. */
62 {
63 0x82, 0x83, 0x85, 0x87, 0x8b, 0x8d, 0x81, 0x83,
64 0x97, 0xad, 0xaf, 0xb5, 0xb9, 0xbb, 0xbf, 0xc5,
65 0xdb, 0xdd, 0xe3, 0xe7, 0xe9, 0xef, 0xf3, 0xf9,
66 0x11, 0x15, 0x17, 0x1b, 0x1d, 0xb1, 0xbf, 0xd3
67 },
68 /* Initializer for fe[2] and the Z coordinate of gej[0]. */
69 {
70 0x3d, 0x2d, 0xef, 0xf4, 0x25, 0x98, 0x4f, 0x5d,
71 0xe2, 0xca, 0x5f, 0x41, 0x3f, 0x3f, 0xce, 0x44,
72 0xaa, 0x2c, 0x53, 0x8a, 0xc6, 0x59, 0x1f, 0x38,
73 0x38, 0x23, 0xe4, 0x11, 0x27, 0xc6, 0xa0, 0xe7
74 },
75 /* Initializer for fe[3] and the Z coordinate of gej[1]. */
76 {
77 0xbd, 0x21, 0xa5, 0xe1, 0x13, 0x50, 0x73, 0x2e,
78 0x52, 0x98, 0xc8, 0x9e, 0xab, 0x00, 0xa2, 0x68,
79 0x43, 0xf5, 0xd7, 0x49, 0x80, 0x72, 0xa7, 0xf3,
80 0xd7, 0x60, 0xe6, 0xab, 0x90, 0x92, 0xdf, 0xc5
81 }
82 };
83
84 secp256k1_scalar_set_b32(&data->scalar[0], init[0], NULL);
85 secp256k1_scalar_set_b32(&data->scalar[1], init[1], NULL);
86 secp256k1_fe_set_b32_limit(&data->fe[0], init[0]);
87 secp256k1_fe_set_b32_limit(&data->fe[1], init[1]);
88 secp256k1_fe_set_b32_limit(&data->fe[2], init[2]);
89 secp256k1_fe_set_b32_limit(&data->fe[3], init[3]);
90 CHECK(secp256k1_ge_set_xo_var(&data->ge[0], &data->fe[0], 0));
91 CHECK(secp256k1_ge_set_xo_var(&data->ge[1], &data->fe[1], 1));
92 secp256k1_gej_set_ge(&data->gej[0], &data->ge[0]);
93 secp256k1_gej_rescale(&data->gej[0], &data->fe[2]);
94 secp256k1_gej_set_ge(&data->gej[1], &data->ge[1]);
95 secp256k1_gej_rescale(&data->gej[1], &data->fe[3]);
96 memcpy(data->data, init[0], 32);
97 memcpy(data->data + 32, init[1], 32);
98}
99
100static void bench_scalar_add(void* arg, int iters) {
101 int i, j = 0;
102 bench_inv *data = (bench_inv*)arg;
103
104 for (i = 0; i < iters; i++) {
105 j += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
106 }
107 CHECK(j <= iters);
108}
109
110static void bench_scalar_negate(void* arg, int iters) {
111 int i;
112 bench_inv *data = (bench_inv*)arg;
113
114 for (i = 0; i < iters; i++) {
115 secp256k1_scalar_negate(&data->scalar[0], &data->scalar[0]);
116 }
117}
118
119static void bench_scalar_half(void* arg, int iters) {
120 int i;
121 bench_inv *data = (bench_inv*)arg;
122 secp256k1_scalar s = data->scalar[0];
123
124 for (i = 0; i < iters; i++) {
125 secp256k1_scalar_half(&s, &s);
126 }
127
128 data->scalar[0] = s;
129}
130
131static void bench_scalar_mul(void* arg, int iters) {
132 int i;
133 bench_inv *data = (bench_inv*)arg;
134
135 for (i = 0; i < iters; i++) {
136 secp256k1_scalar_mul(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
137 }
138}
139
140static void bench_scalar_split(void* arg, int iters) {
141 int i, j = 0;
142 bench_inv *data = (bench_inv*)arg;
143 secp256k1_scalar tmp;
144
145 for (i = 0; i < iters; i++) {
146 secp256k1_scalar_split_lambda(&tmp, &data->scalar[1], &data->scalar[0]);
147 j += secp256k1_scalar_add(&data->scalar[0], &tmp, &data->scalar[1]);
148 }
149 CHECK(j <= iters);
150}
151
152static void bench_scalar_inverse(void* arg, int iters) {
153 int i, j = 0;
154 bench_inv *data = (bench_inv*)arg;
155
156 for (i = 0; i < iters; i++) {
157 secp256k1_scalar_inverse(&data->scalar[0], &data->scalar[0]);
158 j += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
159 }
160 CHECK(j <= iters);
161}
162
163static void bench_scalar_inverse_var(void* arg, int iters) {
164 int i, j = 0;
165 bench_inv *data = (bench_inv*)arg;
166
167 for (i = 0; i < iters; i++) {
168 secp256k1_scalar_inverse_var(&data->scalar[0], &data->scalar[0]);
169 j += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
170 }
171 CHECK(j <= iters);
172}
173
174static void bench_field_half(void* arg, int iters) {
175 int i;
176 bench_inv *data = (bench_inv*)arg;
177
178 for (i = 0; i < iters; i++) {
179 secp256k1_fe_half(&data->fe[0]);
180 }
181}
182
183static void bench_field_normalize(void* arg, int iters) {
184 int i;
185 bench_inv *data = (bench_inv*)arg;
186
187 for (i = 0; i < iters; i++) {
188 secp256k1_fe_normalize(&data->fe[0]);
189 }
190}
191
192static void bench_field_normalize_weak(void* arg, int iters) {
193 int i;
194 bench_inv *data = (bench_inv*)arg;
195
196 for (i = 0; i < iters; i++) {
197 secp256k1_fe_normalize_weak(&data->fe[0]);
198 }
199}
200
201static void bench_field_mul(void* arg, int iters) {
202 int i;
203 bench_inv *data = (bench_inv*)arg;
204
205 for (i = 0; i < iters; i++) {
206 secp256k1_fe_mul(&data->fe[0], &data->fe[0], &data->fe[1]);
207 }
208}
209
210static void bench_field_sqr(void* arg, int iters) {
211 int i;
212 bench_inv *data = (bench_inv*)arg;
213
214 for (i = 0; i < iters; i++) {
215 secp256k1_fe_sqr(&data->fe[0], &data->fe[0]);
216 }
217}
218
219static void bench_field_inverse(void* arg, int iters) {
220 int i;
221 bench_inv *data = (bench_inv*)arg;
222
223 for (i = 0; i < iters; i++) {
224 secp256k1_fe_inv(&data->fe[0], &data->fe[0]);
225 secp256k1_fe_add(&data->fe[0], &data->fe[1]);
226 }
227}
228
229static void bench_field_inverse_var(void* arg, int iters) {
230 int i;
231 bench_inv *data = (bench_inv*)arg;
232
233 for (i = 0; i < iters; i++) {
234 secp256k1_fe_inv_var(&data->fe[0], &data->fe[0]);
235 secp256k1_fe_add(&data->fe[0], &data->fe[1]);
236 }
237}
238
239static void bench_field_sqrt(void* arg, int iters) {
240 int i, j = 0;
241 bench_inv *data = (bench_inv*)arg;
242 secp256k1_fe t;
243
244 for (i = 0; i < iters; i++) {
245 t = data->fe[0];
246 j += secp256k1_fe_sqrt(&data->fe[0], &t);
247 secp256k1_fe_add(&data->fe[0], &data->fe[1]);
248 }
249 CHECK(j <= iters);
250}
251
252static void bench_field_is_square_var(void* arg, int iters) {
253 int i, j = 0;
254 bench_inv *data = (bench_inv*)arg;
255 secp256k1_fe t = data->fe[0];
256
257 for (i = 0; i < iters; i++) {
258 j += secp256k1_fe_is_square_var(&t);
259 secp256k1_fe_add(&t, &data->fe[1]);
260 secp256k1_fe_normalize_var(&t);
261 }
262 CHECK(j <= iters);
263}
264
265static void bench_group_double_var(void* arg, int iters) {
266 int i;
267 bench_inv *data = (bench_inv*)arg;
268
269 for (i = 0; i < iters; i++) {
270 secp256k1_gej_double_var(&data->gej[0], &data->gej[0], NULL);
271 }
272}
273
274static void bench_group_add_var(void* arg, int iters) {
275 int i;
276 bench_inv *data = (bench_inv*)arg;
277
278 for (i = 0; i < iters; i++) {
279 secp256k1_gej_add_var(&data->gej[0], &data->gej[0], &data->gej[1], NULL);
280 }
281}
282
283static void bench_group_add_affine(void* arg, int iters) {
284 int i;
285 bench_inv *data = (bench_inv*)arg;
286
287 for (i = 0; i < iters; i++) {
288 secp256k1_gej_add_ge(&data->gej[0], &data->gej[0], &data->ge[1]);
289 }
290}
291
292static void bench_group_add_affine_var(void* arg, int iters) {
293 int i;
294 bench_inv *data = (bench_inv*)arg;
295
296 for (i = 0; i < iters; i++) {
297 secp256k1_gej_add_ge_var(&data->gej[0], &data->gej[0], &data->ge[1], NULL);
298 }
299}
300
301static void bench_group_add_zinv_var(void* arg, int iters) {
302 int i;
303 bench_inv *data = (bench_inv*)arg;
304
305 for (i = 0; i < iters; i++) {
306 secp256k1_gej_add_zinv_var(&data->gej[0], &data->gej[0], &data->ge[1], &data->gej[0].y);
307 }
308}
309
310static void bench_group_to_affine_var(void* arg, int iters) {
311 int i;
312 bench_inv *data = (bench_inv*)arg;
313
314 for (i = 0; i < iters; ++i) {
315 secp256k1_ge_set_gej_var(&data->ge[1], &data->gej[0]);
316 /* Use the output affine X/Y coordinates to vary the input X/Y/Z coordinates.
317 Note that the resulting coordinates will generally not correspond to a point
318 on the curve, but this is not a problem for the code being benchmarked here.
319 Adding and normalizing have less overhead than EC operations (which could
320 guarantee the point remains on the curve). */
321 secp256k1_fe_add(&data->gej[0].x, &data->ge[1].y);
322 secp256k1_fe_add(&data->gej[0].y, &data->fe[2]);
323 secp256k1_fe_add(&data->gej[0].z, &data->ge[1].x);
324 secp256k1_fe_normalize_var(&data->gej[0].x);
325 secp256k1_fe_normalize_var(&data->gej[0].y);
326 secp256k1_fe_normalize_var(&data->gej[0].z);
327 }
328}
329
330static void bench_ecmult_wnaf(void* arg, int iters) {
331 int i, bits = 0, overflow = 0;
332 bench_inv *data = (bench_inv*)arg;
333
334 for (i = 0; i < iters; i++) {
335 bits += secp256k1_ecmult_wnaf(data->wnaf, 256, &data->scalar[0], WINDOW_A);
336 overflow += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
337 }
338 CHECK(overflow >= 0);
339 CHECK(bits <= 256*iters);
340}
341
342static void bench_sha256(void* arg, int iters) {
343 int i;
344 bench_inv *data = (bench_inv*)arg;
345 secp256k1_sha256 sha;
346
347 for (i = 0; i < iters; i++) {
348 secp256k1_sha256_initialize(&sha);
349 secp256k1_sha256_write(&sha, data->data, 32);
350 secp256k1_sha256_finalize(&sha, data->data);
351 }
352}
353
354static void bench_hmac_sha256(void* arg, int iters) {
355 int i;
356 bench_inv *data = (bench_inv*)arg;
357 secp256k1_hmac_sha256 hmac;
358
359 for (i = 0; i < iters; i++) {
360 secp256k1_hmac_sha256_initialize(&hmac, data->data, 32);
361 secp256k1_hmac_sha256_write(&hmac, data->data, 32);
362 secp256k1_hmac_sha256_finalize(&hmac, data->data);
363 }
364}
365
366static void bench_rfc6979_hmac_sha256(void* arg, int iters) {
367 int i;
368 bench_inv *data = (bench_inv*)arg;
369 secp256k1_rfc6979_hmac_sha256 rng;
370
371 for (i = 0; i < iters; i++) {
372 secp256k1_rfc6979_hmac_sha256_initialize(&rng, data->data, 64);
373 secp256k1_rfc6979_hmac_sha256_generate(&rng, data->data, 32);
374 }
375}
376
377static void bench_context(void* arg, int iters) {
378 int i;
379 (void)arg;
380 for (i = 0; i < iters; i++) {
381 secp256k1_context_destroy(secp256k1_context_create(SECP256K1_CONTEXT_NONE));
382 }
383}
384
385int main(int argc, char **argv) {
386 bench_inv data;
387 int default_iters = 20000;
388 int iters = get_iters(default_iters);
389 int d = argc == 1; /* default */
390
391 if (argc > 1) {
392 if (have_flag(argc, argv, "-h")
393 || have_flag(argc, argv, "--help")
394 || have_flag(argc, argv, "help")) {
395 help(default_iters);
396 return 0;
397 }
398 }
399
400 print_output_table_header_row();
401
402 if (d || have_flag(argc, argv, "scalar") || have_flag(argc, argv, "half")) run_benchmark("scalar_half", bench_scalar_half, bench_setup, NULL, &data, 10, iters*100);
403 if (d || have_flag(argc, argv, "scalar") || have_flag(argc, argv, "add")) run_benchmark("scalar_add", bench_scalar_add, bench_setup, NULL, &data, 10, iters*100);
404 if (d || have_flag(argc, argv, "scalar") || have_flag(argc, argv, "negate")) run_benchmark("scalar_negate", bench_scalar_negate, bench_setup, NULL, &data, 10, iters*100);
405 if (d || have_flag(argc, argv, "scalar") || have_flag(argc, argv, "mul")) run_benchmark("scalar_mul", bench_scalar_mul, bench_setup, NULL, &data, 10, iters*10);
406 if (d || have_flag(argc, argv, "scalar") || have_flag(argc, argv, "split")) run_benchmark("scalar_split", bench_scalar_split, bench_setup, NULL, &data, 10, iters);
407 if (d || have_flag(argc, argv, "scalar") || have_flag(argc, argv, "inverse")) run_benchmark("scalar_inverse", bench_scalar_inverse, bench_setup, NULL, &data, 10, iters);
408 if (d || have_flag(argc, argv, "scalar") || have_flag(argc, argv, "inverse")) run_benchmark("scalar_inverse_var", bench_scalar_inverse_var, bench_setup, NULL, &data, 10, iters);
409
410 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "half")) run_benchmark("field_half", bench_field_half, bench_setup, NULL, &data, 10, iters*100);
411 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "normalize")) run_benchmark("field_normalize", bench_field_normalize, bench_setup, NULL, &data, 10, iters*100);
412 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "normalize")) run_benchmark("field_normalize_weak", bench_field_normalize_weak, bench_setup, NULL, &data, 10, iters*100);
413 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "sqr")) run_benchmark("field_sqr", bench_field_sqr, bench_setup, NULL, &data, 10, iters*10);
414 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "mul")) run_benchmark("field_mul", bench_field_mul, bench_setup, NULL, &data, 10, iters*10);
415 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "inverse")) run_benchmark("field_inverse", bench_field_inverse, bench_setup, NULL, &data, 10, iters);
416 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "inverse")) run_benchmark("field_inverse_var", bench_field_inverse_var, bench_setup, NULL, &data, 10, iters);
417 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "issquare")) run_benchmark("field_is_square_var", bench_field_is_square_var, bench_setup, NULL, &data, 10, iters);
418 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "sqrt")) run_benchmark("field_sqrt", bench_field_sqrt, bench_setup, NULL, &data, 10, iters);
419
420 if (d || have_flag(argc, argv, "group") || have_flag(argc, argv, "double")) run_benchmark("group_double_var", bench_group_double_var, bench_setup, NULL, &data, 10, iters*10);
421 if (d || have_flag(argc, argv, "group") || have_flag(argc, argv, "add")) run_benchmark("group_add_var", bench_group_add_var, bench_setup, NULL, &data, 10, iters*10);
422 if (d || have_flag(argc, argv, "group") || have_flag(argc, argv, "add")) run_benchmark("group_add_affine", bench_group_add_affine, bench_setup, NULL, &data, 10, iters*10);
423 if (d || have_flag(argc, argv, "group") || have_flag(argc, argv, "add")) run_benchmark("group_add_affine_var", bench_group_add_affine_var, bench_setup, NULL, &data, 10, iters*10);
424 if (d || have_flag(argc, argv, "group") || have_flag(argc, argv, "add")) run_benchmark("group_add_zinv_var", bench_group_add_zinv_var, bench_setup, NULL, &data, 10, iters*10);
425 if (d || have_flag(argc, argv, "group") || have_flag(argc, argv, "to_affine")) run_benchmark("group_to_affine_var", bench_group_to_affine_var, bench_setup, NULL, &data, 10, iters);
426
427 if (d || have_flag(argc, argv, "ecmult") || have_flag(argc, argv, "wnaf")) run_benchmark("ecmult_wnaf", bench_ecmult_wnaf, bench_setup, NULL, &data, 10, iters);
428
429 if (d || have_flag(argc, argv, "hash") || have_flag(argc, argv, "sha256")) run_benchmark("hash_sha256", bench_sha256, bench_setup, NULL, &data, 10, iters);
430 if (d || have_flag(argc, argv, "hash") || have_flag(argc, argv, "hmac")) run_benchmark("hash_hmac_sha256", bench_hmac_sha256, bench_setup, NULL, &data, 10, iters);
431 if (d || have_flag(argc, argv, "hash") || have_flag(argc, argv, "rng6979")) run_benchmark("hash_rfc6979_hmac_sha256", bench_rfc6979_hmac_sha256, bench_setup, NULL, &data, 10, iters);
432
433 if (d || have_flag(argc, argv, "context")) run_benchmark("context_create", bench_context, bench_setup, NULL, &data, 10, iters);
434
435 return 0;
436}
bench_setup
static void bench_setup(void *arg)
Definition: bench_internal.c:48
bench_scalar_inverse
static void bench_scalar_inverse(void *arg, int iters)
Definition: bench_internal.c:152
bench_scalar_inverse_var
static void bench_scalar_inverse_var(void *arg, int iters)
Definition: bench_internal.c:163
bench_field_mul
static void bench_field_mul(void *arg, int iters)
Definition: bench_internal.c:201
bench_sha256
static void bench_sha256(void *arg, int iters)
Definition: bench_internal.c:342
bench_rfc6979_hmac_sha256
static void bench_rfc6979_hmac_sha256(void *arg, int iters)
Definition: bench_internal.c:366
bench_scalar_negate
static void bench_scalar_negate(void *arg, int iters)
Definition: bench_internal.c:110
bench_scalar_split
static void bench_scalar_split(void *arg, int iters)
Definition: bench_internal.c:140
bench_scalar_add
static void bench_scalar_add(void *arg, int iters)
Definition: bench_internal.c:100
main
int main(int argc, char **argv)
Definition: bench_internal.c:385
help
static void help(int default_iters)
Definition: bench_internal.c:20
bench_field_normalize
static void bench_field_normalize(void *arg, int iters)
Definition: bench_internal.c:183
bench_ecmult_wnaf
static void bench_ecmult_wnaf(void *arg, int iters)
Definition: bench_internal.c:330
bench_group_add_zinv_var
static void bench_group_add_zinv_var(void *arg, int iters)
Definition: bench_internal.c:301
bench_group_double_var
static void bench_group_double_var(void *arg, int iters)
Definition: bench_internal.c:265
bench_field_inverse
static void bench_field_inverse(void *arg, int iters)
Definition: bench_internal.c:219
bench_group_to_affine_var
static void bench_group_to_affine_var(void *arg, int iters)
Definition: bench_internal.c:310
bench_field_sqr
static void bench_field_sqr(void *arg, int iters)
Definition: bench_internal.c:210
bench_scalar_mul
static void bench_scalar_mul(void *arg, int iters)
Definition: bench_internal.c:131
bench_field_normalize_weak
static void bench_field_normalize_weak(void *arg, int iters)
Definition: bench_internal.c:192
bench_group_add_affine_var
static void bench_group_add_affine_var(void *arg, int iters)
Definition: bench_internal.c:292
bench_field_is_square_var
static void bench_field_is_square_var(void *arg, int iters)
Definition: bench_internal.c:252
bench_group_add_affine
static void bench_group_add_affine(void *arg, int iters)
Definition: bench_internal.c:283
bench_context
static void bench_context(void *arg, int iters)
Definition: bench_internal.c:377
bench_field_half
static void bench_field_half(void *arg, int iters)
Definition: bench_internal.c:174
bench_group_add_var
static void bench_group_add_var(void *arg, int iters)
Definition: bench_internal.c:274
bench_field_inverse_var
static void bench_field_inverse_var(void *arg, int iters)
Definition: bench_internal.c:229
bench_hmac_sha256
static void bench_hmac_sha256(void *arg, int iters)
Definition: bench_internal.c:354
bench_field_sqrt
static void bench_field_sqrt(void *arg, int iters)
Definition: bench_internal.c:239
bench_scalar_half
static void bench_scalar_half(void *arg, int iters)
Definition: bench_internal.c:119
run_benchmark
static void run_benchmark(char *name, void(*benchmark)(void *), void(*setup)(void *), void(*teardown)(void *), void *data, int count, int iter)
Definition: bench.c:26
ecmult_impl.h
secp256k1_ecmult_wnaf
static int secp256k1_ecmult_wnaf(int *wnaf, int len, const secp256k1_scalar *a, int w)
Convert a number to WNAF notation.
Definition: ecmult_impl.h:162
WINDOW_A
#define WINDOW_A
Definition: ecmult_impl.h:32
secp256k1_fe_normalize_weak
#define secp256k1_fe_normalize_weak
Definition: field.h:79
secp256k1_fe_mul
#define secp256k1_fe_mul
Definition: field.h:93
secp256k1_fe_sqrt
static int secp256k1_fe_sqrt(secp256k1_fe *SECP256K1_RESTRICT r, const secp256k1_fe *SECP256K1_RESTRICT a)
Compute a square root of a field element.
secp256k1_fe_add
#define secp256k1_fe_add
Definition: field.h:92
secp256k1_fe_normalize_var
#define secp256k1_fe_normalize_var
Definition: field.h:80
secp256k1_fe_half
#define secp256k1_fe_half
Definition: field.h:101
secp256k1_fe_inv_var
#define secp256k1_fe_inv_var
Definition: field.h:99
secp256k1_fe_set_b32_limit
#define secp256k1_fe_set_b32_limit
Definition: field.h:88
secp256k1_fe_is_square_var
#define secp256k1_fe_is_square_var
Definition: field.h:103
secp256k1_fe_inv
#define secp256k1_fe_inv
Definition: field.h:98
secp256k1_fe_sqr
#define secp256k1_fe_sqr
Definition: field.h:94
secp256k1_fe_normalize
#define secp256k1_fe_normalize
Definition: field.h:78
field_impl.h
secp256k1_gej_double_var
static void secp256k1_gej_double_var(secp256k1_gej *r, const secp256k1_gej *a, secp256k1_fe *rzr)
Set r equal to the double of a.
secp256k1_gej_add_zinv_var
static void secp256k1_gej_add_zinv_var(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_ge *b, const secp256k1_fe *bzinv)
Set r equal to the sum of a and b (with the inverse of b's Z coordinate passed as bzinv).
secp256k1_ge_set_xo_var
static int secp256k1_ge_set_xo_var(secp256k1_ge *r, const secp256k1_fe *x, int odd)
Set a group element (affine) equal to the point with the given X coordinate, and given oddness for Y.
secp256k1_gej_add_ge_var
static void secp256k1_gej_add_ge_var(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_ge *b, secp256k1_fe *rzr)
Set r equal to the sum of a and b (with b given in affine coordinates).
secp256k1_gej_add_ge
static void secp256k1_gej_add_ge(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_ge *b)
Set r equal to the sum of a and b (with b given in affine coordinates, and not infinity).
secp256k1_gej_add_var
static void secp256k1_gej_add_var(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_gej *b, secp256k1_fe *rzr)
Set r equal to the sum of a and b.
secp256k1_gej_rescale
static void secp256k1_gej_rescale(secp256k1_gej *r, const secp256k1_fe *b)
Rescale a jacobian point by b which must be non-zero.
secp256k1_gej_set_ge
static void secp256k1_gej_set_ge(secp256k1_gej *r, const secp256k1_ge *a)
Set a group element (jacobian) equal to another which is given in affine coordinates.
secp256k1_ge_set_gej_var
static void secp256k1_ge_set_gej_var(secp256k1_ge *r, secp256k1_gej *a)
Set a group element equal to another which is given in jacobian coordinates.
group_impl.h
hash_impl.h
CHECK
#define CHECK(cond)
Unconditional failure on condition failure.
Definition: util.h:35
test_vectors_musig2_generate.s
tuple s
Definition: test_vectors_musig2_generate.py:72
test_vectors_musig2_generate.data
data
Definition: test_vectors_musig2_generate.py:98
tinyformat::printf
void printf(FormatStringCheck< sizeof...(Args)> fmt, const Args &... args)
Format list of arguments to std::cout, according to the given format string.
Definition: tinyformat.h:1096
secp256k1_scalar_half
static void secp256k1_scalar_half(secp256k1_scalar *r, const secp256k1_scalar *a)
Multiply a scalar with the multiplicative inverse of 2.
secp256k1_scalar_set_b32
static void secp256k1_scalar_set_b32(secp256k1_scalar *r, const unsigned char *bin, int *overflow)
Set a scalar from a big endian byte array.
secp256k1_scalar_inverse_var
static void secp256k1_scalar_inverse_var(secp256k1_scalar *r, const secp256k1_scalar *a)
Compute the inverse of a scalar (modulo the group order), without constant-time guarantee.
secp256k1_scalar_add
static int secp256k1_scalar_add(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b)
Add two scalars together (modulo the group order).
secp256k1_scalar_mul
static void secp256k1_scalar_mul(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b)
Multiply two scalars (modulo the group order).
secp256k1_scalar_negate
static void secp256k1_scalar_negate(secp256k1_scalar *r, const secp256k1_scalar *a)
Compute the complement of a scalar (modulo the group order).
secp256k1_scalar_split_lambda
static void secp256k1_scalar_split_lambda(secp256k1_scalar *SECP256K1_RESTRICT r1, secp256k1_scalar *SECP256K1_RESTRICT r2, const secp256k1_scalar *SECP256K1_RESTRICT k)
Find r1 and r2 such that r1+r2*lambda = k, where r1 and r2 or their negations are maximum 128 bits lo...
secp256k1_scalar_inverse
static void secp256k1_scalar_inverse(secp256k1_scalar *r, const secp256k1_scalar *a)
Compute the inverse of a scalar (modulo the group order).
scalar_impl.h
get_iters
static int get_iters(int default_iters)
Definition: bench.h:170
print_output_table_header_row
static void print_output_table_header_row(void)
Definition: bench.h:179
have_flag
static int have_flag(int argc, char **argv, char *flag)
Definition: bench.h:132
secp256k1_sha256_initialize
static void secp256k1_sha256_initialize(secp256k1_sha256 *hash)
secp256k1_rfc6979_hmac_sha256_generate
static void secp256k1_rfc6979_hmac_sha256_generate(secp256k1_rfc6979_hmac_sha256 *rng, unsigned char *out, size_t outlen)
secp256k1_hmac_sha256_finalize
static void secp256k1_hmac_sha256_finalize(secp256k1_hmac_sha256 *hash, unsigned char *out32)
secp256k1_hmac_sha256_initialize
static void secp256k1_hmac_sha256_initialize(secp256k1_hmac_sha256 *hash, const unsigned char *key, size_t size)
secp256k1_sha256_finalize
static void secp256k1_sha256_finalize(secp256k1_sha256 *hash, unsigned char *out32)
secp256k1_rfc6979_hmac_sha256_initialize
static void secp256k1_rfc6979_hmac_sha256_initialize(secp256k1_rfc6979_hmac_sha256 *rng, const unsigned char *key, size_t keylen)
secp256k1_hmac_sha256_write
static void secp256k1_hmac_sha256_write(secp256k1_hmac_sha256 *hash, const unsigned char *data, size_t size)
secp256k1_sha256_write
static void secp256k1_sha256_write(secp256k1_sha256 *hash, const unsigned char *data, size_t size)
secp256k1_context_destroy
SECP256K1_API void secp256k1_context_destroy(secp256k1_context *ctx) SECP256K1_ARG_NONNULL(1)
Destroy a secp256k1 context object (created in dynamically allocated memory).
Definition: secp256k1.c:187
secp256k1_context_create
SECP256K1_API secp256k1_context * secp256k1_context_create(unsigned int flags) SECP256K1_WARN_UNUSED_RESULT
Create a secp256k1 context object (in dynamically allocated memory).
Definition: secp256k1.c:141
SECP256K1_CONTEXT_NONE
#define SECP256K1_CONTEXT_NONE
Context flags to pass to secp256k1_context_create, secp256k1_context_preallocated_size,...
Definition: secp256k1.h:202
bench_inv
Definition: bench_internal.c:39
secp256k1_fe
This field implementation represents the value as 10 uint32_t limbs in base 2^26.
Definition: field_10x26.h:14
secp256k1_ge
A group element in affine coordinates on the secp256k1 curve, or occasionally on an isomorphic curve ...
Definition: group.h:16
secp256k1_gej
A group element of the secp256k1 curve, in jacobian coordinates.
Definition: group.h:28
secp256k1_hmac_sha256
Definition: hash.h:24
secp256k1_rfc6979_hmac_sha256
Definition: hash.h:33
secp256k1_scalar
A scalar modulo the group order of the secp256k1 curve.
Definition: scalar_4x64.h:13
secp256k1_sha256
Definition: hash.h:13
Generated on Thu May 8 2025 20:00:11 for Bitcoin Core by doxygen 1.9.4