bench__internal_8c_source.html

 /**********************************************************************
  * Copyright (c) 2014-2015 Pieter Wuille                              *
  * Distributed under the MIT software license, see the accompanying   *
  * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
  **********************************************************************/
 #include <stdio.h>

 #include "include/secp256k1.h"

 #include "assumptions.h"
 #include "util.h"
 #include "hash_impl.h"
 #include "num_impl.h"
 #include "field_impl.h"
 #include "group_impl.h"
 #include "scalar_impl.h"
 #include "ecmult_const_impl.h"
 #include "ecmult_impl.h"
 #include "bench.h"
 #include "secp256k1.c"

 typedef struct {
     secp256k1_scalar scalar[2];
     secp256k1_fe fe[4];
     secp256k1_ge ge[2];
     secp256k1_gej gej[2];
     unsigned char data[64];
     int wnaf[256];
 } bench_inv;

 void bench_setup(void* arg) {
     bench_inv *data = (bench_inv*)arg;

     static const unsigned char init[4][32] = {
         /* Initializer for scalar[0], fe[0], first half of data, the X coordinate of ge[0],
            and the (implied affine) X coordinate of gej[0]. */
         {
             0x02, 0x03, 0x05, 0x07, 0x0b, 0x0d, 0x11, 0x13,
             0x17, 0x1d, 0x1f, 0x25, 0x29, 0x2b, 0x2f, 0x35,
             0x3b, 0x3d, 0x43, 0x47, 0x49, 0x4f, 0x53, 0x59,
             0x61, 0x65, 0x67, 0x6b, 0x6d, 0x71, 0x7f, 0x83
         },
         /* Initializer for scalar[1], fe[1], first half of data, the X coordinate of ge[1],
            and the (implied affine) X coordinate of gej[1]. */
         {
             0x82, 0x83, 0x85, 0x87, 0x8b, 0x8d, 0x81, 0x83,
             0x97, 0xad, 0xaf, 0xb5, 0xb9, 0xbb, 0xbf, 0xc5,
             0xdb, 0xdd, 0xe3, 0xe7, 0xe9, 0xef, 0xf3, 0xf9,
             0x11, 0x15, 0x17, 0x1b, 0x1d, 0xb1, 0xbf, 0xd3
         },
         /* Initializer for fe[2] and the Z coordinate of gej[0]. */
         {
             0x3d, 0x2d, 0xef, 0xf4, 0x25, 0x98, 0x4f, 0x5d,
             0xe2, 0xca, 0x5f, 0x41, 0x3f, 0x3f, 0xce, 0x44,
             0xaa, 0x2c, 0x53, 0x8a, 0xc6, 0x59, 0x1f, 0x38,
             0x38, 0x23, 0xe4, 0x11, 0x27, 0xc6, 0xa0, 0xe7
         },
         /* Initializer for fe[3] and the Z coordinate of gej[1]. */
         {
             0xbd, 0x21, 0xa5, 0xe1, 0x13, 0x50, 0x73, 0x2e,
             0x52, 0x98, 0xc8, 0x9e, 0xab, 0x00, 0xa2, 0x68,
             0x43, 0xf5, 0xd7, 0x49, 0x80, 0x72, 0xa7, 0xf3,
             0xd7, 0x60, 0xe6, 0xab, 0x90, 0x92, 0xdf, 0xc5
         }
     };

     secp256k1_scalar_set_b32(&data->scalar[0], init[0], NULL);
     secp256k1_scalar_set_b32(&data->scalar[1], init[1], NULL);
     secp256k1_fe_set_b32(&data->fe[0], init[0]);
     secp256k1_fe_set_b32(&data->fe[1], init[1]);
     secp256k1_fe_set_b32(&data->fe[2], init[2]);
     secp256k1_fe_set_b32(&data->fe[3], init[3]);
     CHECK(secp256k1_ge_set_xo_var(&data->ge[0], &data->fe[0], 0));
     CHECK(secp256k1_ge_set_xo_var(&data->ge[1], &data->fe[1], 1));
     secp256k1_gej_set_ge(&data->gej[0], &data->ge[0]);
     secp256k1_gej_rescale(&data->gej[0], &data->fe[2]);
     secp256k1_gej_set_ge(&data->gej[1], &data->ge[1]);
     secp256k1_gej_rescale(&data->gej[1], &data->fe[3]);
     memcpy(data->data, init[0], 32);
     memcpy(data->data + 32, init[1], 32);
 }

 void bench_scalar_add(void* arg, int iters) {
     int i, j = 0;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         j += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
     }
     CHECK(j <= iters);
 }

 void bench_scalar_negate(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_scalar_negate(&data->scalar[0], &data->scalar[0]);
     }
 }

 void bench_scalar_sqr(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_scalar_sqr(&data->scalar[0], &data->scalar[0]);
     }
 }

 void bench_scalar_mul(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_scalar_mul(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
     }
 }

 void bench_scalar_split(void* arg, int iters) {
     int i, j = 0;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_scalar_split_lambda(&data->scalar[0], &data->scalar[1], &data->scalar[0]);
         j += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
     }
     CHECK(j <= iters);
 }

 void bench_scalar_inverse(void* arg, int iters) {
     int i, j = 0;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_scalar_inverse(&data->scalar[0], &data->scalar[0]);
         j += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
     }
     CHECK(j <= iters);
 }

 void bench_scalar_inverse_var(void* arg, int iters) {
     int i, j = 0;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_scalar_inverse_var(&data->scalar[0], &data->scalar[0]);
         j += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
     }
     CHECK(j <= iters);
 }

 void bench_field_normalize(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_fe_normalize(&data->fe[0]);
     }
 }

 void bench_field_normalize_weak(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_fe_normalize_weak(&data->fe[0]);
     }
 }

 void bench_field_mul(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_fe_mul(&data->fe[0], &data->fe[0], &data->fe[1]);
     }
 }

 void bench_field_sqr(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_fe_sqr(&data->fe[0], &data->fe[0]);
     }
 }

 void bench_field_inverse(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_fe_inv(&data->fe[0], &data->fe[0]);
         secp256k1_fe_add(&data->fe[0], &data->fe[1]);
     }
 }

 void bench_field_inverse_var(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_fe_inv_var(&data->fe[0], &data->fe[0]);
         secp256k1_fe_add(&data->fe[0], &data->fe[1]);
     }
 }

 void bench_field_sqrt(void* arg, int iters) {
     int i, j = 0;
     bench_inv *data = (bench_inv*)arg;
     secp256k1_fe t;

     for (i = 0; i < iters; i++) {
         t = data->fe[0];
         j += secp256k1_fe_sqrt(&data->fe[0], &t);
         secp256k1_fe_add(&data->fe[0], &data->fe[1]);
     }
     CHECK(j <= iters);
 }

 void bench_group_double_var(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_gej_double_var(&data->gej[0], &data->gej[0], NULL);
     }
 }

 void bench_group_add_var(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_gej_add_var(&data->gej[0], &data->gej[0], &data->gej[1], NULL);
     }
 }

 void bench_group_add_affine(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_gej_add_ge(&data->gej[0], &data->gej[0], &data->ge[1]);
     }
 }

 void bench_group_add_affine_var(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         secp256k1_gej_add_ge_var(&data->gej[0], &data->gej[0], &data->ge[1], NULL);
     }
 }

 void bench_group_jacobi_var(void* arg, int iters) {
     int i, j = 0;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         j += secp256k1_gej_has_quad_y_var(&data->gej[0]);
         /* Vary the Y and Z coordinates of the input (the X coordinate doesn't matter to
            secp256k1_gej_has_quad_y_var). Note that the resulting coordinates will
            generally not correspond to a point on the curve, but this is not a problem
            for the code being benchmarked here. Adding and normalizing have less
            overhead than EC operations (which could guarantee the point remains on the
            curve). */
         secp256k1_fe_add(&data->gej[0].y, &data->fe[1]);
         secp256k1_fe_add(&data->gej[0].z, &data->fe[2]);
         secp256k1_fe_normalize_var(&data->gej[0].y);
         secp256k1_fe_normalize_var(&data->gej[0].z);
     }
     CHECK(j <= iters);
 }

 void bench_group_to_affine_var(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; ++i) {
         secp256k1_ge_set_gej_var(&data->ge[1], &data->gej[0]);
         /* Use the output affine X/Y coordinates to vary the input X/Y/Z coordinates.
            Similar to bench_group_jacobi_var, this approach does not result in
            coordinates of points on the curve. */
         secp256k1_fe_add(&data->gej[0].x, &data->ge[1].y);
         secp256k1_fe_add(&data->gej[0].y, &data->fe[2]);
         secp256k1_fe_add(&data->gej[0].z, &data->ge[1].x);
         secp256k1_fe_normalize_var(&data->gej[0].x);
         secp256k1_fe_normalize_var(&data->gej[0].y);
         secp256k1_fe_normalize_var(&data->gej[0].z);
     }
 }

 void bench_ecmult_wnaf(void* arg, int iters) {
     int i, bits = 0, overflow = 0;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         bits += secp256k1_ecmult_wnaf(data->wnaf, 256, &data->scalar[0], WINDOW_A);
         overflow += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
     }
     CHECK(overflow >= 0);
     CHECK(bits <= 256*iters);
 }

 void bench_wnaf_const(void* arg, int iters) {
     int i, bits = 0, overflow = 0;
     bench_inv *data = (bench_inv*)arg;

     for (i = 0; i < iters; i++) {
         bits += secp256k1_wnaf_const(data->wnaf, &data->scalar[0], WINDOW_A, 256);
         overflow += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
     }
     CHECK(overflow >= 0);
     CHECK(bits <= 256*iters);
 }


 void bench_sha256(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;
     secp256k1_sha256 sha;

     for (i = 0; i < iters; i++) {
         secp256k1_sha256_initialize(&sha);
         secp256k1_sha256_write(&sha, data->data, 32);
         secp256k1_sha256_finalize(&sha, data->data);
     }
 }

 void bench_hmac_sha256(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;
     secp256k1_hmac_sha256 hmac;

     for (i = 0; i < iters; i++) {
         secp256k1_hmac_sha256_initialize(&hmac, data->data, 32);
         secp256k1_hmac_sha256_write(&hmac, data->data, 32);
         secp256k1_hmac_sha256_finalize(&hmac, data->data);
     }
 }

 void bench_rfc6979_hmac_sha256(void* arg, int iters) {
     int i;
     bench_inv *data = (bench_inv*)arg;
     secp256k1_rfc6979_hmac_sha256 rng;

     for (i = 0; i < iters; i++) {
         secp256k1_rfc6979_hmac_sha256_initialize(&rng, data->data, 64);
         secp256k1_rfc6979_hmac_sha256_generate(&rng, data->data, 32);
     }
 }

 void bench_context_verify(void* arg, int iters) {
     int i;
     (void)arg;
     for (i = 0; i < iters; i++) {
         secp256k1_context_destroy(secp256k1_context_create(SECP256K1_CONTEXT_VERIFY));
     }
 }

 void bench_context_sign(void* arg, int iters) {
     int i;
     (void)arg;
     for (i = 0; i < iters; i++) {
         secp256k1_context_destroy(secp256k1_context_create(SECP256K1_CONTEXT_SIGN));
     }
 }

 #ifndef USE_NUM_NONE
 void bench_num_jacobi(void* arg, int iters) {
     int i, j = 0;
     bench_inv *data = (bench_inv*)arg;
     secp256k1_num nx, na, norder;

     secp256k1_scalar_get_num(&nx, &data->scalar[0]);
     secp256k1_scalar_order_get_num(&norder);
     secp256k1_scalar_get_num(&na, &data->scalar[1]);

     for (i = 0; i < iters; i++) {
         j += secp256k1_num_jacobi(&nx, &norder);
         secp256k1_num_add(&nx, &nx, &na);
     }
     CHECK(j <= iters);
 }
 #endif

 int main(int argc, char **argv) {
     bench_inv data;
     int iters = get_iters(20000);

     if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "add")) run_benchmark("scalar_add", bench_scalar_add, bench_setup, NULL, &data, 10, iters*100);
     if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "negate")) run_benchmark("scalar_negate", bench_scalar_negate, bench_setup, NULL, &data, 10, iters*100);
     if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "sqr")) run_benchmark("scalar_sqr", bench_scalar_sqr, bench_setup, NULL, &data, 10, iters*10);
     if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "mul")) run_benchmark("scalar_mul", bench_scalar_mul, bench_setup, NULL, &data, 10, iters*10);
     if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "split")) run_benchmark("scalar_split", bench_scalar_split, bench_setup, NULL, &data, 10, iters);
     if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "inverse")) run_benchmark("scalar_inverse", bench_scalar_inverse, bench_setup, NULL, &data, 10, 2000);
     if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "inverse")) run_benchmark("scalar_inverse_var", bench_scalar_inverse_var, bench_setup, NULL, &data, 10, 2000);

     if (have_flag(argc, argv, "field") || have_flag(argc, argv, "normalize")) run_benchmark("field_normalize", bench_field_normalize, bench_setup, NULL, &data, 10, iters*100);
     if (have_flag(argc, argv, "field") || have_flag(argc, argv, "normalize")) run_benchmark("field_normalize_weak", bench_field_normalize_weak, bench_setup, NULL, &data, 10, iters*100);
     if (have_flag(argc, argv, "field") || have_flag(argc, argv, "sqr")) run_benchmark("field_sqr", bench_field_sqr, bench_setup, NULL, &data, 10, iters*10);
     if (have_flag(argc, argv, "field") || have_flag(argc, argv, "mul")) run_benchmark("field_mul", bench_field_mul, bench_setup, NULL, &data, 10, iters*10);
     if (have_flag(argc, argv, "field") || have_flag(argc, argv, "inverse")) run_benchmark("field_inverse", bench_field_inverse, bench_setup, NULL, &data, 10, iters);
     if (have_flag(argc, argv, "field") || have_flag(argc, argv, "inverse")) run_benchmark("field_inverse_var", bench_field_inverse_var, bench_setup, NULL, &data, 10, iters);
     if (have_flag(argc, argv, "field") || have_flag(argc, argv, "sqrt")) run_benchmark("field_sqrt", bench_field_sqrt, bench_setup, NULL, &data, 10, iters);

     if (have_flag(argc, argv, "group") || have_flag(argc, argv, "double")) run_benchmark("group_double_var", bench_group_double_var, bench_setup, NULL, &data, 10, iters*10);
     if (have_flag(argc, argv, "group") || have_flag(argc, argv, "add")) run_benchmark("group_add_var", bench_group_add_var, bench_setup, NULL, &data, 10, iters*10);
     if (have_flag(argc, argv, "group") || have_flag(argc, argv, "add")) run_benchmark("group_add_affine", bench_group_add_affine, bench_setup, NULL, &data, 10, iters*10);
     if (have_flag(argc, argv, "group") || have_flag(argc, argv, "add")) run_benchmark("group_add_affine_var", bench_group_add_affine_var, bench_setup, NULL, &data, 10, iters*10);
     if (have_flag(argc, argv, "group") || have_flag(argc, argv, "jacobi")) run_benchmark("group_jacobi_var", bench_group_jacobi_var, bench_setup, NULL, &data, 10, iters);
     if (have_flag(argc, argv, "group") || have_flag(argc, argv, "to_affine")) run_benchmark("group_to_affine_var", bench_group_to_affine_var, bench_setup, NULL, &data, 10, iters);

     if (have_flag(argc, argv, "ecmult") || have_flag(argc, argv, "wnaf")) run_benchmark("wnaf_const", bench_wnaf_const, bench_setup, NULL, &data, 10, iters);
     if (have_flag(argc, argv, "ecmult") || have_flag(argc, argv, "wnaf")) run_benchmark("ecmult_wnaf", bench_ecmult_wnaf, bench_setup, NULL, &data, 10, iters);

     if (have_flag(argc, argv, "hash") || have_flag(argc, argv, "sha256")) run_benchmark("hash_sha256", bench_sha256, bench_setup, NULL, &data, 10, iters);
     if (have_flag(argc, argv, "hash") || have_flag(argc, argv, "hmac")) run_benchmark("hash_hmac_sha256", bench_hmac_sha256, bench_setup, NULL, &data, 10, iters);
     if (have_flag(argc, argv, "hash") || have_flag(argc, argv, "rng6979")) run_benchmark("hash_rfc6979_hmac_sha256", bench_rfc6979_hmac_sha256, bench_setup, NULL, &data, 10, iters);

     if (have_flag(argc, argv, "context") || have_flag(argc, argv, "verify")) run_benchmark("context_verify", bench_context_verify, bench_setup, NULL, &data, 10, 1 + iters/1000);
     if (have_flag(argc, argv, "context") || have_flag(argc, argv, "sign")) run_benchmark("context_sign", bench_context_sign, bench_setup, NULL, &data, 10, 1 + iters/100);

 #ifndef USE_NUM_NONE
     if (have_flag(argc, argv, "num") || have_flag(argc, argv, "jacobi")) run_benchmark("num_jacobi", bench_num_jacobi, bench_setup, NULL, &data, 10, iters*10);
 #endif
     return 0;
 }
secp256k1_scalar_mul
static void secp256k1_scalar_mul(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b)
Multiply two scalars (modulo the group order).

bench_field_sqrt
void bench_field_sqrt(void *arg, int iters)
Definition: bench_internal.c:209

secp256k1_fe
Definition: field_10x26.h:12

bench_rfc6979_hmac_sha256
void bench_rfc6979_hmac_sha256(void *arg, int iters)
Definition: bench_internal.c:345

secp256k1_gej_add_var
static void secp256k1_gej_add_var(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_gej *b, secp256k1_fe *rzr)
Set r equal to the sum of a and b.

num_impl.h

secp256k1_gej_has_quad_y_var
static int secp256k1_gej_has_quad_y_var(const secp256k1_gej *a)
Check whether a group element&#39;s y coordinate is a quadratic residue.

hash_impl.h

secp256k1_fe_mul
static void secp256k1_fe_mul(secp256k1_fe *r, const secp256k1_fe *a, const secp256k1_fe *SECP256K1_RESTRICT b)
Sets a field element to be the product of two others.

secp256k1_fe_normalize_var
static void secp256k1_fe_normalize_var(secp256k1_fe *r)
Normalize a field element, without constant-time guarantee.

secp256k1_gej::x
secp256k1_fe x
Definition: group.h:25

secp256k1_rfc6979_hmac_sha256_initialize
static void secp256k1_rfc6979_hmac_sha256_initialize(secp256k1_rfc6979_hmac_sha256 *rng, const unsigned char *key, size_t keylen)

bench_inv::scalar
secp256k1_scalar scalar[2]
Definition: bench_internal.c:23

secp256k1_ge_set_gej_var
static void secp256k1_ge_set_gej_var(secp256k1_ge *r, secp256k1_gej *a)
Definition: group_impl.h:102

secp256k1_scalar_get_num
static void secp256k1_scalar_get_num(secp256k1_num *r, const secp256k1_scalar *a)
Convert a scalar to a number.

secp256k1_hmac_sha256_initialize
static void secp256k1_hmac_sha256_initialize(secp256k1_hmac_sha256 *hash, const unsigned char *key, size_t size)

secp256k1_scalar_negate
static void secp256k1_scalar_negate(secp256k1_scalar *r, const secp256k1_scalar *a)
Compute the complement of a scalar (modulo the group order).

bench_scalar_inverse_var
void bench_scalar_inverse_var(void *arg, int iters)
Definition: bench_internal.c:142

run_benchmark
void run_benchmark(char *name, void(*benchmark)(void *, int), void(*setup)(void *), void(*teardown)(void *, int), void *data, int count, int iter)
Definition: bench.h:76

secp256k1_sha256
Definition: hash.h:13

bench_ecmult_wnaf
void bench_ecmult_wnaf(void *arg, int iters)
Definition: bench_internal.c:296

bench_scalar_inverse
void bench_scalar_inverse(void *arg, int iters)
Definition: bench_internal.c:131

secp256k1_wnaf_const
static int secp256k1_wnaf_const(int *wnaf, const secp256k1_scalar *scalar, int w, int size)
Convert a number to WNAF notation.
Definition: ecmult_const_impl.h:57

bench_group_add_affine
void bench_group_add_affine(void *arg, int iters)
Definition: bench_internal.c:240

secp256k1_scalar_set_b32
static void secp256k1_scalar_set_b32(secp256k1_scalar *r, const unsigned char *bin, int *overflow)
Set a scalar from a big endian byte array.

secp256k1_gej
A group element of the secp256k1 curve, in jacobian coordinates.
Definition: group.h:24

bench_field_inverse
void bench_field_inverse(void *arg, int iters)
Definition: bench_internal.c:189

SECP256K1_CONTEXT_SIGN
#define SECP256K1_CONTEXT_SIGN
Definition: secp256k1.h:171

secp256k1_fe_add
static void secp256k1_fe_add(secp256k1_fe *r, const secp256k1_fe *a)
Adds a field element to another.

secp256k1_gej_add_ge_var
static void secp256k1_gej_add_ge_var(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_ge *b, secp256k1_fe *rzr)
Set r equal to the sum of a and b (with b given in affine coordinates).

secp256k1_gej_double_var
static void secp256k1_gej_double_var(secp256k1_gej *r, const secp256k1_gej *a, secp256k1_fe *rzr)
Set r equal to the double of a.

secp256k1_context_destroy
SECP256K1_API void secp256k1_context_destroy(secp256k1_context *ctx)
Destroy a secp256k1 context object (created in dynamically allocated memory).
Definition: secp256k1.c:195

secp256k1_scalar_inverse
static void secp256k1_scalar_inverse(secp256k1_scalar *r, const secp256k1_scalar *a)
Compute the inverse of a scalar (modulo the group order).

field_impl.h

secp256k1_num
Definition: num_gmp.h:14

ecmult_impl.h

bench_scalar_negate
void bench_scalar_negate(void *arg, int iters)
Definition: bench_internal.c:93

secp256k1_num_add
static void secp256k1_num_add(secp256k1_num *r, const secp256k1_num *a, const secp256k1_num *b)
Add two (signed) numbers.

secp256k1_num_jacobi
static int secp256k1_num_jacobi(const secp256k1_num *a, const secp256k1_num *b)
Compute the jacobi symbol (a|b).

secp256k1_hmac_sha256_write
static void secp256k1_hmac_sha256_write(secp256k1_hmac_sha256 *hash, const unsigned char *data, size_t size)

secp256k1_scalar_sqr
static void secp256k1_scalar_sqr(secp256k1_scalar *r, const secp256k1_scalar *a)
Compute the square of a scalar (modulo the group order).

bench_group_add_affine_var
void bench_group_add_affine_var(void *arg, int iters)
Definition: bench_internal.c:249

util.h

bench_scalar_sqr
void bench_scalar_sqr(void *arg, int iters)
Definition: bench_internal.c:102

secp256k1_ge
A group element of the secp256k1 curve, in affine coordinates.
Definition: group.h:14

secp256k1_scalar_split_lambda
static void secp256k1_scalar_split_lambda(secp256k1_scalar *r1, secp256k1_scalar *r2, const secp256k1_scalar *k)
Find r1 and r2 such that r1+r2*lambda = k, where r1 and r2 or their negations are maximum 128 bits lo...

secp256k1_ge::x
secp256k1_fe x
Definition: group.h:15

secp256k1_fe_normalize_weak
static void secp256k1_fe_normalize_weak(secp256k1_fe *r)
Weakly normalize a field element: reduce its magnitude to 1, but don&#39;t fully normalize.

bench_field_mul
void bench_field_mul(void *arg, int iters)
Definition: bench_internal.c:171

secp256k1.c

secp256k1_hmac_sha256_finalize
static void secp256k1_hmac_sha256_finalize(secp256k1_hmac_sha256 *hash, unsigned char *out32)

bench_field_sqr
void bench_field_sqr(void *arg, int iters)
Definition: bench_internal.c:180

CHECK
#define CHECK(cond)
Definition: util.h:53

secp256k1_scalar
A scalar modulo the group order of the secp256k1 curve.
Definition: scalar_4x64.h:13

WINDOW_A
#define WINDOW_A
Definition: ecmult_impl.h:34

bench_group_jacobi_var
void bench_group_jacobi_var(void *arg, int iters)
Definition: bench_internal.c:258

bench_group_to_affine_var
void bench_group_to_affine_var(void *arg, int iters)
Definition: bench_internal.c:278

secp256k1_sha256_write
static void secp256k1_sha256_write(secp256k1_sha256 *hash, const unsigned char *data, size_t size)

secp256k1_ge_set_xo_var
static int secp256k1_ge_set_xo_var(secp256k1_ge *r, const secp256k1_fe *x, int odd)
Set a group element (affine) equal to the point with the given X coordinate, and given oddness for Y...

secp256k1_fe_sqr
static void secp256k1_fe_sqr(secp256k1_fe *r, const secp256k1_fe *a)
Sets a field element to be the square of another.

secp256k1_fe_set_b32
static int secp256k1_fe_set_b32(secp256k1_fe *r, const unsigned char *a)
Set a field element equal to 32-byte big endian value.

SECP256K1_CONTEXT_VERIFY
#define SECP256K1_CONTEXT_VERIFY
Flags to pass to secp256k1_context_create, secp256k1_context_preallocated_size, and secp256k1_context...
Definition: secp256k1.h:170

bench_field_normalize_weak
void bench_field_normalize_weak(void *arg, int iters)
Definition: bench_internal.c:162

secp256k1.h

bench_inv::data
unsigned char data[64]
Definition: bench_internal.c:27

secp256k1_gej_rescale
static void secp256k1_gej_rescale(secp256k1_gej *r, const secp256k1_fe *b)
Rescale a jacobian point by b which must be non-zero.

secp256k1_scalar_add
static int secp256k1_scalar_add(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b)
Add two scalars together (modulo the group order).

secp256k1_scalar_inverse_var
static void secp256k1_scalar_inverse_var(secp256k1_scalar *r, const secp256k1_scalar *a)
Compute the inverse of a scalar (modulo the group order), without constant-time guarantee.

secp256k1_gej::z
secp256k1_fe z
Definition: group.h:27

secp256k1_rfc6979_hmac_sha256
Definition: hash.h:31

memcpy
void * memcpy(void *a, const void *b, size_t c)
Definition: glibc_compat.cpp:14

bench_wnaf_const
void bench_wnaf_const(void *arg, int iters)
Definition: bench_internal.c:308

secp256k1_fe_normalize
static void secp256k1_fe_normalize(secp256k1_fe *r)
Field element module.

bench_field_normalize
void bench_field_normalize(void *arg, int iters)
Definition: bench_internal.c:153

secp256k1_hmac_sha256
Definition: hash.h:23

bench_field_inverse_var
void bench_field_inverse_var(void *arg, int iters)
Definition: bench_internal.c:199

ecmult_const_impl.h

bench_context_sign
void bench_context_sign(void *arg, int iters)
Definition: bench_internal.c:364

get_iters
int get_iters(int default_iters)
Definition: bench.h:124

bench_setup
void bench_setup(void *arg)
Definition: bench_internal.c:31

bench_context_verify
void bench_context_verify(void *arg, int iters)
Definition: bench_internal.c:356

scalar_impl.h

bench_inv
Definition: bench_internal.c:22

bench_inv::wnaf
int wnaf[256]
Definition: bench_internal.c:28

secp256k1_gej_add_ge
static void secp256k1_gej_add_ge(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_ge *b)
Set r equal to the sum of a and b (with b given in affine coordinates, and not infinity).

bench_hmac_sha256
void bench_hmac_sha256(void *arg, int iters)
Definition: bench_internal.c:333

main
int main(int argc, char **argv)
Definition: bench_internal.c:390

assumptions.h

secp256k1_sha256_initialize
static void secp256k1_sha256_initialize(secp256k1_sha256 *hash)

bench_inv::fe
secp256k1_fe fe[4]
Definition: bench_internal.c:24

secp256k1_gej_set_ge
static void secp256k1_gej_set_ge(secp256k1_gej *r, const secp256k1_ge *a)
Set a group element (jacobian) equal to another which is given in affine coordinates.

bench_sha256
void bench_sha256(void *arg, int iters)
Definition: bench_internal.c:321

secp256k1_gej::y
secp256k1_fe y
Definition: group.h:26

secp256k1_ecmult_wnaf
static int secp256k1_ecmult_wnaf(int *wnaf, int len, const secp256k1_scalar *a, int w)
Convert a number to WNAF notation.
Definition: ecmult_impl.h:377

secp256k1_scalar_order_get_num
static void secp256k1_scalar_order_get_num(secp256k1_num *r)
Get the order of the group as a number.

bench_inv::ge
secp256k1_ge ge[2]
Definition: bench_internal.c:25

secp256k1_fe_sqrt
static int secp256k1_fe_sqrt(secp256k1_fe *r, const secp256k1_fe *a)
If a has a square root, it is computed in r and 1 is returned.

secp256k1_ge::y
secp256k1_fe y
Definition: group.h:16

secp256k1_fe_inv_var
static void secp256k1_fe_inv_var(secp256k1_fe *r, const secp256k1_fe *a)
Potentially faster version of secp256k1_fe_inv, without constant-time guarantee.

bench_scalar_split
void bench_scalar_split(void *arg, int iters)
Definition: bench_internal.c:120

bench_scalar_mul
void bench_scalar_mul(void *arg, int iters)
Definition: bench_internal.c:111

have_flag
int have_flag(int argc, char **argv, char *flag)
Definition: bench.h:109

secp256k1_fe_inv
static void secp256k1_fe_inv(secp256k1_fe *r, const secp256k1_fe *a)
Sets a field element to be the (modular) inverse of another.

secp256k1_context_create
SECP256K1_API secp256k1_context * secp256k1_context_create(unsigned int flags) SECP256K1_WARN_UNUSED_RESULT
Create a secp256k1 context object (in dynamically allocated memory).
Definition: secp256k1.c:151

group_impl.h

secp256k1_sha256_finalize
static void secp256k1_sha256_finalize(secp256k1_sha256 *hash, unsigned char *out32)

bench_inv::gej
secp256k1_gej gej[2]
Definition: bench_internal.c:26

bench_group_add_var
void bench_group_add_var(void *arg, int iters)
Definition: bench_internal.c:231

bench.h

bench_group_double_var
void bench_group_double_var(void *arg, int iters)
Definition: bench_internal.c:222

bench_num_jacobi
void bench_num_jacobi(void *arg, int iters)
Definition: bench_internal.c:373

secp256k1_rfc6979_hmac_sha256_generate
static void secp256k1_rfc6979_hmac_sha256_generate(secp256k1_rfc6979_hmac_sha256 *rng, unsigned char *out, size_t outlen)

bench_scalar_add
void bench_scalar_add(void *arg, int iters)
Definition: bench_internal.c:83