Bitcoin Core 29.99.0
P2P Digital Currency
bench_internal.c
Go to the documentation of this file.
1/***********************************************************************
2 * Copyright (c) 2014-2015 Pieter Wuille *
3 * Distributed under the MIT software license, see the accompanying *
4 * file COPYING or https://www.opensource.org/licenses/mit-license.php.*
5 ***********************************************************************/
6#include <stdio.h>
7#include <stdlib.h>
8
9#include "secp256k1.c"
10#include "../include/secp256k1.h"
11
12#include "assumptions.h"
13#include "util.h"
14#include "hash_impl.h"
15#include "field_impl.h"
16#include "group_impl.h"
17#include "scalar_impl.h"
18#include "ecmult_impl.h"
19#include "bench.h"
20
21static void help(int default_iters) {
22 printf("Benchmarks various internal routines.\n");
23 printf("\n");
24 printf("The default number of iterations for each benchmark is %d. This can be\n", default_iters);
25 printf("customized using the SECP256K1_BENCH_ITERS environment variable.\n");
26 printf("\n");
27 printf("Usage: ./bench_internal [args]\n");
28 printf("By default, all benchmarks will be run.\n");
29 printf("args:\n");
30 printf(" help : display this help and exit\n");
31 printf(" scalar : all scalar operations (add, half, inverse, mul, negate, split)\n");
32 printf(" field : all field operations (half, inverse, issquare, mul, normalize, sqr, sqrt)\n");
33 printf(" group : all group operations (add, double, to_affine)\n");
34 printf(" ecmult : all point multiplication operations (ecmult_wnaf) \n");
35 printf(" hash : all hash algorithms (hmac, rng6979, sha256)\n");
36 printf(" context : all context object operations (context_create)\n");
37 printf("\n");
38}
39
40typedef struct {
41 secp256k1_scalar scalar[2];
42 secp256k1_fe fe[4];
43 secp256k1_ge ge[2];
44 secp256k1_gej gej[2];
45 unsigned char data[64];
46 int wnaf[256];
47} bench_inv;
48
49static void bench_setup(void* arg) {
50 bench_inv *data = (bench_inv*)arg;
51
52 static const unsigned char init[4][32] = {
53 /* Initializer for scalar[0], fe[0], first half of data, the X coordinate of ge[0],
54 and the (implied affine) X coordinate of gej[0]. */
55 {
56 0x02, 0x03, 0x05, 0x07, 0x0b, 0x0d, 0x11, 0x13,
57 0x17, 0x1d, 0x1f, 0x25, 0x29, 0x2b, 0x2f, 0x35,
58 0x3b, 0x3d, 0x43, 0x47, 0x49, 0x4f, 0x53, 0x59,
59 0x61, 0x65, 0x67, 0x6b, 0x6d, 0x71, 0x7f, 0x83
60 },
61 /* Initializer for scalar[1], fe[1], first half of data, the X coordinate of ge[1],
62 and the (implied affine) X coordinate of gej[1]. */
63 {
64 0x82, 0x83, 0x85, 0x87, 0x8b, 0x8d, 0x81, 0x83,
65 0x97, 0xad, 0xaf, 0xb5, 0xb9, 0xbb, 0xbf, 0xc5,
66 0xdb, 0xdd, 0xe3, 0xe7, 0xe9, 0xef, 0xf3, 0xf9,
67 0x11, 0x15, 0x17, 0x1b, 0x1d, 0xb1, 0xbf, 0xd3
68 },
69 /* Initializer for fe[2] and the Z coordinate of gej[0]. */
70 {
71 0x3d, 0x2d, 0xef, 0xf4, 0x25, 0x98, 0x4f, 0x5d,
72 0xe2, 0xca, 0x5f, 0x41, 0x3f, 0x3f, 0xce, 0x44,
73 0xaa, 0x2c, 0x53, 0x8a, 0xc6, 0x59, 0x1f, 0x38,
74 0x38, 0x23, 0xe4, 0x11, 0x27, 0xc6, 0xa0, 0xe7
75 },
76 /* Initializer for fe[3] and the Z coordinate of gej[1]. */
77 {
78 0xbd, 0x21, 0xa5, 0xe1, 0x13, 0x50, 0x73, 0x2e,
79 0x52, 0x98, 0xc8, 0x9e, 0xab, 0x00, 0xa2, 0x68,
80 0x43, 0xf5, 0xd7, 0x49, 0x80, 0x72, 0xa7, 0xf3,
81 0xd7, 0x60, 0xe6, 0xab, 0x90, 0x92, 0xdf, 0xc5
82 }
83 };
84
85 secp256k1_scalar_set_b32(&data->scalar[0], init[0], NULL);
86 secp256k1_scalar_set_b32(&data->scalar[1], init[1], NULL);
87 secp256k1_fe_set_b32_limit(&data->fe[0], init[0]);
88 secp256k1_fe_set_b32_limit(&data->fe[1], init[1]);
89 secp256k1_fe_set_b32_limit(&data->fe[2], init[2]);
90 secp256k1_fe_set_b32_limit(&data->fe[3], init[3]);
91 CHECK(secp256k1_ge_set_xo_var(&data->ge[0], &data->fe[0], 0));
92 CHECK(secp256k1_ge_set_xo_var(&data->ge[1], &data->fe[1], 1));
93 secp256k1_gej_set_ge(&data->gej[0], &data->ge[0]);
94 secp256k1_gej_rescale(&data->gej[0], &data->fe[2]);
95 secp256k1_gej_set_ge(&data->gej[1], &data->ge[1]);
96 secp256k1_gej_rescale(&data->gej[1], &data->fe[3]);
97 memcpy(data->data, init[0], 32);
98 memcpy(data->data + 32, init[1], 32);
99}
100
101static void bench_scalar_add(void* arg, int iters) {
102 int i, j = 0;
103 bench_inv *data = (bench_inv*)arg;
104
105 for (i = 0; i < iters; i++) {
106 j += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
107 }
108 CHECK(j <= iters);
109}
110
111static void bench_scalar_negate(void* arg, int iters) {
112 int i;
113 bench_inv *data = (bench_inv*)arg;
114
115 for (i = 0; i < iters; i++) {
116 secp256k1_scalar_negate(&data->scalar[0], &data->scalar[0]);
117 }
118}
119
120static void bench_scalar_half(void* arg, int iters) {
121 int i;
122 bench_inv *data = (bench_inv*)arg;
123 secp256k1_scalar s = data->scalar[0];
124
125 for (i = 0; i < iters; i++) {
126 secp256k1_scalar_half(&s, &s);
127 }
128
129 data->scalar[0] = s;
130}
131
132static void bench_scalar_mul(void* arg, int iters) {
133 int i;
134 bench_inv *data = (bench_inv*)arg;
135
136 for (i = 0; i < iters; i++) {
137 secp256k1_scalar_mul(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
138 }
139}
140
141static void bench_scalar_split(void* arg, int iters) {
142 int i, j = 0;
143 bench_inv *data = (bench_inv*)arg;
144 secp256k1_scalar tmp;
145
146 for (i = 0; i < iters; i++) {
147 secp256k1_scalar_split_lambda(&tmp, &data->scalar[1], &data->scalar[0]);
148 j += secp256k1_scalar_add(&data->scalar[0], &tmp, &data->scalar[1]);
149 }
150 CHECK(j <= iters);
151}
152
153static void bench_scalar_inverse(void* arg, int iters) {
154 int i, j = 0;
155 bench_inv *data = (bench_inv*)arg;
156
157 for (i = 0; i < iters; i++) {
158 secp256k1_scalar_inverse(&data->scalar[0], &data->scalar[0]);
159 j += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
160 }
161 CHECK(j <= iters);
162}
163
164static void bench_scalar_inverse_var(void* arg, int iters) {
165 int i, j = 0;
166 bench_inv *data = (bench_inv*)arg;
167
168 for (i = 0; i < iters; i++) {
169 secp256k1_scalar_inverse_var(&data->scalar[0], &data->scalar[0]);
170 j += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
171 }
172 CHECK(j <= iters);
173}
174
175static void bench_field_half(void* arg, int iters) {
176 int i;
177 bench_inv *data = (bench_inv*)arg;
178
179 for (i = 0; i < iters; i++) {
180 secp256k1_fe_half(&data->fe[0]);
181 }
182}
183
184static void bench_field_normalize(void* arg, int iters) {
185 int i;
186 bench_inv *data = (bench_inv*)arg;
187
188 for (i = 0; i < iters; i++) {
189 secp256k1_fe_normalize(&data->fe[0]);
190 }
191}
192
193static void bench_field_normalize_weak(void* arg, int iters) {
194 int i;
195 bench_inv *data = (bench_inv*)arg;
196
197 for (i = 0; i < iters; i++) {
198 secp256k1_fe_normalize_weak(&data->fe[0]);
199 }
200}
201
202static void bench_field_mul(void* arg, int iters) {
203 int i;
204 bench_inv *data = (bench_inv*)arg;
205
206 for (i = 0; i < iters; i++) {
207 secp256k1_fe_mul(&data->fe[0], &data->fe[0], &data->fe[1]);
208 }
209}
210
211static void bench_field_sqr(void* arg, int iters) {
212 int i;
213 bench_inv *data = (bench_inv*)arg;
214
215 for (i = 0; i < iters; i++) {
216 secp256k1_fe_sqr(&data->fe[0], &data->fe[0]);
217 }
218}
219
220static void bench_field_inverse(void* arg, int iters) {
221 int i;
222 bench_inv *data = (bench_inv*)arg;
223
224 for (i = 0; i < iters; i++) {
225 secp256k1_fe_inv(&data->fe[0], &data->fe[0]);
226 secp256k1_fe_add(&data->fe[0], &data->fe[1]);
227 }
228}
229
230static void bench_field_inverse_var(void* arg, int iters) {
231 int i;
232 bench_inv *data = (bench_inv*)arg;
233
234 for (i = 0; i < iters; i++) {
235 secp256k1_fe_inv_var(&data->fe[0], &data->fe[0]);
236 secp256k1_fe_add(&data->fe[0], &data->fe[1]);
237 }
238}
239
240static void bench_field_sqrt(void* arg, int iters) {
241 int i, j = 0;
242 bench_inv *data = (bench_inv*)arg;
243 secp256k1_fe t;
244
245 for (i = 0; i < iters; i++) {
246 t = data->fe[0];
247 j += secp256k1_fe_sqrt(&data->fe[0], &t);
248 secp256k1_fe_add(&data->fe[0], &data->fe[1]);
249 }
250 CHECK(j <= iters);
251}
252
253static void bench_field_is_square_var(void* arg, int iters) {
254 int i, j = 0;
255 bench_inv *data = (bench_inv*)arg;
256 secp256k1_fe t = data->fe[0];
257
258 for (i = 0; i < iters; i++) {
259 j += secp256k1_fe_is_square_var(&t);
260 secp256k1_fe_add(&t, &data->fe[1]);
261 secp256k1_fe_normalize_var(&t);
262 }
263 CHECK(j <= iters);
264}
265
266static void bench_group_double_var(void* arg, int iters) {
267 int i;
268 bench_inv *data = (bench_inv*)arg;
269
270 for (i = 0; i < iters; i++) {
271 secp256k1_gej_double_var(&data->gej[0], &data->gej[0], NULL);
272 }
273}
274
275static void bench_group_add_var(void* arg, int iters) {
276 int i;
277 bench_inv *data = (bench_inv*)arg;
278
279 for (i = 0; i < iters; i++) {
280 secp256k1_gej_add_var(&data->gej[0], &data->gej[0], &data->gej[1], NULL);
281 }
282}
283
284static void bench_group_add_affine(void* arg, int iters) {
285 int i;
286 bench_inv *data = (bench_inv*)arg;
287
288 for (i = 0; i < iters; i++) {
289 secp256k1_gej_add_ge(&data->gej[0], &data->gej[0], &data->ge[1]);
290 }
291}
292
293static void bench_group_add_affine_var(void* arg, int iters) {
294 int i;
295 bench_inv *data = (bench_inv*)arg;
296
297 for (i = 0; i < iters; i++) {
298 secp256k1_gej_add_ge_var(&data->gej[0], &data->gej[0], &data->ge[1], NULL);
299 }
300}
301
302static void bench_group_add_zinv_var(void* arg, int iters) {
303 int i;
304 bench_inv *data = (bench_inv*)arg;
305
306 for (i = 0; i < iters; i++) {
307 secp256k1_gej_add_zinv_var(&data->gej[0], &data->gej[0], &data->ge[1], &data->gej[0].y);
308 }
309}
310
311static void bench_group_to_affine_var(void* arg, int iters) {
312 int i;
313 bench_inv *data = (bench_inv*)arg;
314
315 for (i = 0; i < iters; ++i) {
316 secp256k1_ge_set_gej_var(&data->ge[1], &data->gej[0]);
317 /* Use the output affine X/Y coordinates to vary the input X/Y/Z coordinates.
318 Note that the resulting coordinates will generally not correspond to a point
319 on the curve, but this is not a problem for the code being benchmarked here.
320 Adding and normalizing have less overhead than EC operations (which could
321 guarantee the point remains on the curve). */
322 secp256k1_fe_add(&data->gej[0].x, &data->ge[1].y);
323 secp256k1_fe_add(&data->gej[0].y, &data->fe[2]);
324 secp256k1_fe_add(&data->gej[0].z, &data->ge[1].x);
325 secp256k1_fe_normalize_var(&data->gej[0].x);
326 secp256k1_fe_normalize_var(&data->gej[0].y);
327 secp256k1_fe_normalize_var(&data->gej[0].z);
328 }
329}
330
331static void bench_ecmult_wnaf(void* arg, int iters) {
332 int i, bits = 0, overflow = 0;
333 bench_inv *data = (bench_inv*)arg;
334
335 for (i = 0; i < iters; i++) {
336 bits += secp256k1_ecmult_wnaf(data->wnaf, 256, &data->scalar[0], WINDOW_A);
337 overflow += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
338 }
339 CHECK(overflow >= 0);
340 CHECK(bits <= 256*iters);
341}
342
343static void bench_sha256(void* arg, int iters) {
344 int i;
345 bench_inv *data = (bench_inv*)arg;
346 secp256k1_sha256 sha;
347
348 for (i = 0; i < iters; i++) {
349 secp256k1_sha256_initialize(&sha);
350 secp256k1_sha256_write(&sha, data->data, 32);
351 secp256k1_sha256_finalize(&sha, data->data);
352 }
353}
354
355static void bench_hmac_sha256(void* arg, int iters) {
356 int i;
357 bench_inv *data = (bench_inv*)arg;
358 secp256k1_hmac_sha256 hmac;
359
360 for (i = 0; i < iters; i++) {
361 secp256k1_hmac_sha256_initialize(&hmac, data->data, 32);
362 secp256k1_hmac_sha256_write(&hmac, data->data, 32);
363 secp256k1_hmac_sha256_finalize(&hmac, data->data);
364 }
365}
366
367static void bench_rfc6979_hmac_sha256(void* arg, int iters) {
368 int i;
369 bench_inv *data = (bench_inv*)arg;
370 secp256k1_rfc6979_hmac_sha256 rng;
371
372 for (i = 0; i < iters; i++) {
373 secp256k1_rfc6979_hmac_sha256_initialize(&rng, data->data, 64);
374 secp256k1_rfc6979_hmac_sha256_generate(&rng, data->data, 32);
375 }
376}
377
378static void bench_context(void* arg, int iters) {
379 int i;
380 (void)arg;
381 for (i = 0; i < iters; i++) {
382 secp256k1_context_destroy(secp256k1_context_create(SECP256K1_CONTEXT_NONE));
383 }
384}
385
386int main(int argc, char **argv) {
387 bench_inv data;
388 int default_iters = 20000;
389 int iters = get_iters(default_iters);
390 int d = argc == 1; /* default */
391
392 if (argc > 1) {
393 if (have_flag(argc, argv, "-h")
394 || have_flag(argc, argv, "--help")
395 || have_flag(argc, argv, "help")) {
396 help(default_iters);
397 return EXIT_SUCCESS;
398 }
399 }
400
401 print_output_table_header_row();
402
403 if (d || have_flag(argc, argv, "scalar") || have_flag(argc, argv, "half")) run_benchmark("scalar_half", bench_scalar_half, bench_setup, NULL, &data, 10, iters*100);
404 if (d || have_flag(argc, argv, "scalar") || have_flag(argc, argv, "add")) run_benchmark("scalar_add", bench_scalar_add, bench_setup, NULL, &data, 10, iters*100);
405 if (d || have_flag(argc, argv, "scalar") || have_flag(argc, argv, "negate")) run_benchmark("scalar_negate", bench_scalar_negate, bench_setup, NULL, &data, 10, iters*100);
406 if (d || have_flag(argc, argv, "scalar") || have_flag(argc, argv, "mul")) run_benchmark("scalar_mul", bench_scalar_mul, bench_setup, NULL, &data, 10, iters*10);
407 if (d || have_flag(argc, argv, "scalar") || have_flag(argc, argv, "split")) run_benchmark("scalar_split", bench_scalar_split, bench_setup, NULL, &data, 10, iters);
408 if (d || have_flag(argc, argv, "scalar") || have_flag(argc, argv, "inverse")) run_benchmark("scalar_inverse", bench_scalar_inverse, bench_setup, NULL, &data, 10, iters);
409 if (d || have_flag(argc, argv, "scalar") || have_flag(argc, argv, "inverse")) run_benchmark("scalar_inverse_var", bench_scalar_inverse_var, bench_setup, NULL, &data, 10, iters);
410
411 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "half")) run_benchmark("field_half", bench_field_half, bench_setup, NULL, &data, 10, iters*100);
412 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "normalize")) run_benchmark("field_normalize", bench_field_normalize, bench_setup, NULL, &data, 10, iters*100);
413 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "normalize")) run_benchmark("field_normalize_weak", bench_field_normalize_weak, bench_setup, NULL, &data, 10, iters*100);
414 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "sqr")) run_benchmark("field_sqr", bench_field_sqr, bench_setup, NULL, &data, 10, iters*10);
415 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "mul")) run_benchmark("field_mul", bench_field_mul, bench_setup, NULL, &data, 10, iters*10);
416 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "inverse")) run_benchmark("field_inverse", bench_field_inverse, bench_setup, NULL, &data, 10, iters);
417 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "inverse")) run_benchmark("field_inverse_var", bench_field_inverse_var, bench_setup, NULL, &data, 10, iters);
418 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "issquare")) run_benchmark("field_is_square_var", bench_field_is_square_var, bench_setup, NULL, &data, 10, iters);
419 if (d || have_flag(argc, argv, "field") || have_flag(argc, argv, "sqrt")) run_benchmark("field_sqrt", bench_field_sqrt, bench_setup, NULL, &data, 10, iters);
420
421 if (d || have_flag(argc, argv, "group") || have_flag(argc, argv, "double")) run_benchmark("group_double_var", bench_group_double_var, bench_setup, NULL, &data, 10, iters*10);
422 if (d || have_flag(argc, argv, "group") || have_flag(argc, argv, "add")) run_benchmark("group_add_var", bench_group_add_var, bench_setup, NULL, &data, 10, iters*10);
423 if (d || have_flag(argc, argv, "group") || have_flag(argc, argv, "add")) run_benchmark("group_add_affine", bench_group_add_affine, bench_setup, NULL, &data, 10, iters*10);
424 if (d || have_flag(argc, argv, "group") || have_flag(argc, argv, "add")) run_benchmark("group_add_affine_var", bench_group_add_affine_var, bench_setup, NULL, &data, 10, iters*10);
425 if (d || have_flag(argc, argv, "group") || have_flag(argc, argv, "add")) run_benchmark("group_add_zinv_var", bench_group_add_zinv_var, bench_setup, NULL, &data, 10, iters*10);
426 if (d || have_flag(argc, argv, "group") || have_flag(argc, argv, "to_affine")) run_benchmark("group_to_affine_var", bench_group_to_affine_var, bench_setup, NULL, &data, 10, iters);
427
428 if (d || have_flag(argc, argv, "ecmult") || have_flag(argc, argv, "wnaf")) run_benchmark("ecmult_wnaf", bench_ecmult_wnaf, bench_setup, NULL, &data, 10, iters);
429
430 if (d || have_flag(argc, argv, "hash") || have_flag(argc, argv, "sha256")) run_benchmark("hash_sha256", bench_sha256, bench_setup, NULL, &data, 10, iters);
431 if (d || have_flag(argc, argv, "hash") || have_flag(argc, argv, "hmac")) run_benchmark("hash_hmac_sha256", bench_hmac_sha256, bench_setup, NULL, &data, 10, iters);
432 if (d || have_flag(argc, argv, "hash") || have_flag(argc, argv, "rng6979")) run_benchmark("hash_rfc6979_hmac_sha256", bench_rfc6979_hmac_sha256, bench_setup, NULL, &data, 10, iters);
433
434 if (d || have_flag(argc, argv, "context")) run_benchmark("context_create", bench_context, bench_setup, NULL, &data, 10, iters);
435
436 return EXIT_SUCCESS;
437}
bench_setup
static void bench_setup(void *arg)
Definition: bench_internal.c:49
bench_scalar_inverse
static void bench_scalar_inverse(void *arg, int iters)
Definition: bench_internal.c:153
bench_scalar_inverse_var
static void bench_scalar_inverse_var(void *arg, int iters)
Definition: bench_internal.c:164
bench_field_mul
static void bench_field_mul(void *arg, int iters)
Definition: bench_internal.c:202
bench_sha256
static void bench_sha256(void *arg, int iters)
Definition: bench_internal.c:343
bench_rfc6979_hmac_sha256
static void bench_rfc6979_hmac_sha256(void *arg, int iters)
Definition: bench_internal.c:367
bench_scalar_negate
static void bench_scalar_negate(void *arg, int iters)
Definition: bench_internal.c:111
bench_scalar_split
static void bench_scalar_split(void *arg, int iters)
Definition: bench_internal.c:141
bench_scalar_add
static void bench_scalar_add(void *arg, int iters)
Definition: bench_internal.c:101
main
int main(int argc, char **argv)
Definition: bench_internal.c:386
help
static void help(int default_iters)
Definition: bench_internal.c:21
bench_field_normalize
static void bench_field_normalize(void *arg, int iters)
Definition: bench_internal.c:184
bench_ecmult_wnaf
static void bench_ecmult_wnaf(void *arg, int iters)
Definition: bench_internal.c:331
bench_group_add_zinv_var
static void bench_group_add_zinv_var(void *arg, int iters)
Definition: bench_internal.c:302
bench_group_double_var
static void bench_group_double_var(void *arg, int iters)
Definition: bench_internal.c:266
bench_field_inverse
static void bench_field_inverse(void *arg, int iters)
Definition: bench_internal.c:220
bench_group_to_affine_var
static void bench_group_to_affine_var(void *arg, int iters)
Definition: bench_internal.c:311
bench_field_sqr
static void bench_field_sqr(void *arg, int iters)
Definition: bench_internal.c:211
bench_scalar_mul
static void bench_scalar_mul(void *arg, int iters)
Definition: bench_internal.c:132
bench_field_normalize_weak
static void bench_field_normalize_weak(void *arg, int iters)
Definition: bench_internal.c:193
bench_group_add_affine_var
static void bench_group_add_affine_var(void *arg, int iters)
Definition: bench_internal.c:293
bench_field_is_square_var
static void bench_field_is_square_var(void *arg, int iters)
Definition: bench_internal.c:253
bench_group_add_affine
static void bench_group_add_affine(void *arg, int iters)
Definition: bench_internal.c:284
bench_context
static void bench_context(void *arg, int iters)
Definition: bench_internal.c:378
bench_field_half
static void bench_field_half(void *arg, int iters)
Definition: bench_internal.c:175
bench_group_add_var
static void bench_group_add_var(void *arg, int iters)
Definition: bench_internal.c:275
bench_field_inverse_var
static void bench_field_inverse_var(void *arg, int iters)
Definition: bench_internal.c:230
bench_hmac_sha256
static void bench_hmac_sha256(void *arg, int iters)
Definition: bench_internal.c:355
bench_field_sqrt
static void bench_field_sqrt(void *arg, int iters)
Definition: bench_internal.c:240
bench_scalar_half
static void bench_scalar_half(void *arg, int iters)
Definition: bench_internal.c:120
EXIT_SUCCESS
return EXIT_SUCCESS
Definition: bitcoin-wallet.cpp:134
run_benchmark
static void run_benchmark(char *name, void(*benchmark)(void *), void(*setup)(void *), void(*teardown)(void *), void *data, int count, int iter)
Definition: bench.c:26
ecmult_impl.h
secp256k1_ecmult_wnaf
static int secp256k1_ecmult_wnaf(int *wnaf, int len, const secp256k1_scalar *a, int w)
Convert a number to WNAF notation.
Definition: ecmult_impl.h:162
WINDOW_A
#define WINDOW_A
Definition: ecmult_impl.h:32
secp256k1_fe_normalize_weak
#define secp256k1_fe_normalize_weak
Definition: field.h:79
secp256k1_fe_mul
#define secp256k1_fe_mul
Definition: field.h:93
secp256k1_fe_sqrt
static int secp256k1_fe_sqrt(secp256k1_fe *SECP256K1_RESTRICT r, const secp256k1_fe *SECP256K1_RESTRICT a)
Compute a square root of a field element.
secp256k1_fe_add
#define secp256k1_fe_add
Definition: field.h:92
secp256k1_fe_normalize_var
#define secp256k1_fe_normalize_var
Definition: field.h:80
secp256k1_fe_half
#define secp256k1_fe_half
Definition: field.h:101
secp256k1_fe_inv_var
#define secp256k1_fe_inv_var
Definition: field.h:99
secp256k1_fe_set_b32_limit
#define secp256k1_fe_set_b32_limit
Definition: field.h:88
secp256k1_fe_is_square_var
#define secp256k1_fe_is_square_var
Definition: field.h:103
secp256k1_fe_inv
#define secp256k1_fe_inv
Definition: field.h:98
secp256k1_fe_sqr
#define secp256k1_fe_sqr
Definition: field.h:94
secp256k1_fe_normalize
#define secp256k1_fe_normalize
Definition: field.h:78
field_impl.h
secp256k1_gej_double_var
static void secp256k1_gej_double_var(secp256k1_gej *r, const secp256k1_gej *a, secp256k1_fe *rzr)
Set r equal to the double of a.
secp256k1_gej_add_zinv_var
static void secp256k1_gej_add_zinv_var(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_ge *b, const secp256k1_fe *bzinv)
Set r equal to the sum of a and b (with the inverse of b's Z coordinate passed as bzinv).
secp256k1_ge_set_xo_var
static int secp256k1_ge_set_xo_var(secp256k1_ge *r, const secp256k1_fe *x, int odd)
Set a group element (affine) equal to the point with the given X coordinate, and given oddness for Y.
secp256k1_gej_add_ge_var
static void secp256k1_gej_add_ge_var(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_ge *b, secp256k1_fe *rzr)
Set r equal to the sum of a and b (with b given in affine coordinates).
secp256k1_gej_add_ge
static void secp256k1_gej_add_ge(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_ge *b)
Set r equal to the sum of a and b (with b given in affine coordinates, and not infinity).
secp256k1_gej_add_var
static void secp256k1_gej_add_var(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_gej *b, secp256k1_fe *rzr)
Set r equal to the sum of a and b.
secp256k1_gej_rescale
static void secp256k1_gej_rescale(secp256k1_gej *r, const secp256k1_fe *b)
Rescale a jacobian point by b which must be non-zero.
secp256k1_gej_set_ge
static void secp256k1_gej_set_ge(secp256k1_gej *r, const secp256k1_ge *a)
Set a group element (jacobian) equal to another which is given in affine coordinates.
secp256k1_ge_set_gej_var
static void secp256k1_ge_set_gej_var(secp256k1_ge *r, secp256k1_gej *a)
Set a group element equal to another which is given in jacobian coordinates.
group_impl.h
hash_impl.h
CHECK
#define CHECK(cond)
Unconditional failure on condition failure.
Definition: util.h:35
test_vectors_musig2_generate.s
tuple s
Definition: test_vectors_musig2_generate.py:72
test_vectors_musig2_generate.data
data
Definition: test_vectors_musig2_generate.py:98
tinyformat::printf
void printf(FormatStringCheck< sizeof...(Args)> fmt, const Args &... args)
Format list of arguments to std::cout, according to the given format string.
Definition: tinyformat.h:1096
secp256k1_scalar_half
static void secp256k1_scalar_half(secp256k1_scalar *r, const secp256k1_scalar *a)
Multiply a scalar with the multiplicative inverse of 2.
secp256k1_scalar_set_b32
static void secp256k1_scalar_set_b32(secp256k1_scalar *r, const unsigned char *bin, int *overflow)
Set a scalar from a big endian byte array.
secp256k1_scalar_inverse_var
static void secp256k1_scalar_inverse_var(secp256k1_scalar *r, const secp256k1_scalar *a)
Compute the inverse of a scalar (modulo the group order), without constant-time guarantee.
secp256k1_scalar_add
static int secp256k1_scalar_add(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b)
Add two scalars together (modulo the group order).
secp256k1_scalar_mul
static void secp256k1_scalar_mul(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b)
Multiply two scalars (modulo the group order).
secp256k1_scalar_negate
static void secp256k1_scalar_negate(secp256k1_scalar *r, const secp256k1_scalar *a)
Compute the complement of a scalar (modulo the group order).
secp256k1_scalar_split_lambda
static void secp256k1_scalar_split_lambda(secp256k1_scalar *SECP256K1_RESTRICT r1, secp256k1_scalar *SECP256K1_RESTRICT r2, const secp256k1_scalar *SECP256K1_RESTRICT k)
Find r1 and r2 such that r1+r2*lambda = k, where r1 and r2 or their negations are maximum 128 bits lo...
secp256k1_scalar_inverse
static void secp256k1_scalar_inverse(secp256k1_scalar *r, const secp256k1_scalar *a)
Compute the inverse of a scalar (modulo the group order).
scalar_impl.h
get_iters
static int get_iters(int default_iters)
Definition: bench.h:170
print_output_table_header_row
static void print_output_table_header_row(void)
Definition: bench.h:179
have_flag
static int have_flag(int argc, char **argv, char *flag)
Definition: bench.h:132
secp256k1_sha256_initialize
static void secp256k1_sha256_initialize(secp256k1_sha256 *hash)
secp256k1_rfc6979_hmac_sha256_generate
static void secp256k1_rfc6979_hmac_sha256_generate(secp256k1_rfc6979_hmac_sha256 *rng, unsigned char *out, size_t outlen)
secp256k1_hmac_sha256_finalize
static void secp256k1_hmac_sha256_finalize(secp256k1_hmac_sha256 *hash, unsigned char *out32)
secp256k1_hmac_sha256_initialize
static void secp256k1_hmac_sha256_initialize(secp256k1_hmac_sha256 *hash, const unsigned char *key, size_t size)
secp256k1_sha256_finalize
static void secp256k1_sha256_finalize(secp256k1_sha256 *hash, unsigned char *out32)
secp256k1_rfc6979_hmac_sha256_initialize
static void secp256k1_rfc6979_hmac_sha256_initialize(secp256k1_rfc6979_hmac_sha256 *rng, const unsigned char *key, size_t keylen)
secp256k1_hmac_sha256_write
static void secp256k1_hmac_sha256_write(secp256k1_hmac_sha256 *hash, const unsigned char *data, size_t size)
secp256k1_sha256_write
static void secp256k1_sha256_write(secp256k1_sha256 *hash, const unsigned char *data, size_t size)
secp256k1_context_destroy
SECP256K1_API void secp256k1_context_destroy(secp256k1_context *ctx) SECP256K1_ARG_NONNULL(1)
Destroy a secp256k1 context object (created in dynamically allocated memory).
Definition: secp256k1.c:187
secp256k1_context_create
SECP256K1_API secp256k1_context * secp256k1_context_create(unsigned int flags) SECP256K1_WARN_UNUSED_RESULT
Create a secp256k1 context object (in dynamically allocated memory).
Definition: secp256k1.c:141
SECP256K1_CONTEXT_NONE
#define SECP256K1_CONTEXT_NONE
Context flags to pass to secp256k1_context_create, secp256k1_context_preallocated_size,...
Definition: secp256k1.h:202
bench_inv
Definition: bench_internal.c:40
secp256k1_fe
This field implementation represents the value as 10 uint32_t limbs in base 2^26.
Definition: field_10x26.h:14
secp256k1_ge
A group element in affine coordinates on the secp256k1 curve, or occasionally on an isomorphic curve ...
Definition: group.h:16
secp256k1_gej
A group element of the secp256k1 curve, in jacobian coordinates.
Definition: group.h:28
secp256k1_hmac_sha256
Definition: hash.h:24
secp256k1_rfc6979_hmac_sha256
Definition: hash.h:33
secp256k1_scalar
A scalar modulo the group order of the secp256k1 curve.
Definition: scalar_4x64.h:13
secp256k1_sha256
Definition: hash.h:13
Generated on Thu Jun 26 2025 20:00:11 for Bitcoin Core by doxygen 1.9.4