Bitcoin Core  22.99.0
P2P Digital Currency
bench_internal.c
Go to the documentation of this file.
1 /***********************************************************************
2  * Copyright (c) 2014-2015 Pieter Wuille *
3  * Distributed under the MIT software license, see the accompanying *
4  * file COPYING or https://www.opensource.org/licenses/mit-license.php.*
5  ***********************************************************************/
6 #include <stdio.h>
7 
8 #include "secp256k1.c"
9 #include "../include/secp256k1.h"
10 
11 #include "assumptions.h"
12 #include "util.h"
13 #include "hash_impl.h"
14 #include "field_impl.h"
15 #include "group_impl.h"
16 #include "scalar_impl.h"
17 #include "ecmult_const_impl.h"
18 #include "ecmult_impl.h"
19 #include "bench.h"
20 
21 typedef struct {
22  secp256k1_scalar scalar[2];
23  secp256k1_fe fe[4];
24  secp256k1_ge ge[2];
25  secp256k1_gej gej[2];
26  unsigned char data[64];
27  int wnaf[256];
28 } bench_inv;
29 
30 void bench_setup(void* arg) {
31  bench_inv *data = (bench_inv*)arg;
32 
33  static const unsigned char init[4][32] = {
34  /* Initializer for scalar[0], fe[0], first half of data, the X coordinate of ge[0],
35  and the (implied affine) X coordinate of gej[0]. */
36  {
37  0x02, 0x03, 0x05, 0x07, 0x0b, 0x0d, 0x11, 0x13,
38  0x17, 0x1d, 0x1f, 0x25, 0x29, 0x2b, 0x2f, 0x35,
39  0x3b, 0x3d, 0x43, 0x47, 0x49, 0x4f, 0x53, 0x59,
40  0x61, 0x65, 0x67, 0x6b, 0x6d, 0x71, 0x7f, 0x83
41  },
42  /* Initializer for scalar[1], fe[1], first half of data, the X coordinate of ge[1],
43  and the (implied affine) X coordinate of gej[1]. */
44  {
45  0x82, 0x83, 0x85, 0x87, 0x8b, 0x8d, 0x81, 0x83,
46  0x97, 0xad, 0xaf, 0xb5, 0xb9, 0xbb, 0xbf, 0xc5,
47  0xdb, 0xdd, 0xe3, 0xe7, 0xe9, 0xef, 0xf3, 0xf9,
48  0x11, 0x15, 0x17, 0x1b, 0x1d, 0xb1, 0xbf, 0xd3
49  },
50  /* Initializer for fe[2] and the Z coordinate of gej[0]. */
51  {
52  0x3d, 0x2d, 0xef, 0xf4, 0x25, 0x98, 0x4f, 0x5d,
53  0xe2, 0xca, 0x5f, 0x41, 0x3f, 0x3f, 0xce, 0x44,
54  0xaa, 0x2c, 0x53, 0x8a, 0xc6, 0x59, 0x1f, 0x38,
55  0x38, 0x23, 0xe4, 0x11, 0x27, 0xc6, 0xa0, 0xe7
56  },
57  /* Initializer for fe[3] and the Z coordinate of gej[1]. */
58  {
59  0xbd, 0x21, 0xa5, 0xe1, 0x13, 0x50, 0x73, 0x2e,
60  0x52, 0x98, 0xc8, 0x9e, 0xab, 0x00, 0xa2, 0x68,
61  0x43, 0xf5, 0xd7, 0x49, 0x80, 0x72, 0xa7, 0xf3,
62  0xd7, 0x60, 0xe6, 0xab, 0x90, 0x92, 0xdf, 0xc5
63  }
64  };
65 
66  secp256k1_scalar_set_b32(&data->scalar[0], init[0], NULL);
67  secp256k1_scalar_set_b32(&data->scalar[1], init[1], NULL);
68  secp256k1_fe_set_b32(&data->fe[0], init[0]);
69  secp256k1_fe_set_b32(&data->fe[1], init[1]);
70  secp256k1_fe_set_b32(&data->fe[2], init[2]);
71  secp256k1_fe_set_b32(&data->fe[3], init[3]);
72  CHECK(secp256k1_ge_set_xo_var(&data->ge[0], &data->fe[0], 0));
73  CHECK(secp256k1_ge_set_xo_var(&data->ge[1], &data->fe[1], 1));
74  secp256k1_gej_set_ge(&data->gej[0], &data->ge[0]);
75  secp256k1_gej_rescale(&data->gej[0], &data->fe[2]);
76  secp256k1_gej_set_ge(&data->gej[1], &data->ge[1]);
77  secp256k1_gej_rescale(&data->gej[1], &data->fe[3]);
78  memcpy(data->data, init[0], 32);
79  memcpy(data->data + 32, init[1], 32);
80 }
81 
82 void bench_scalar_add(void* arg, int iters) {
83  int i, j = 0;
84  bench_inv *data = (bench_inv*)arg;
85 
86  for (i = 0; i < iters; i++) {
87  j += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
88  }
89  CHECK(j <= iters);
90 }
91 
92 void bench_scalar_negate(void* arg, int iters) {
93  int i;
94  bench_inv *data = (bench_inv*)arg;
95 
96  for (i = 0; i < iters; i++) {
97  secp256k1_scalar_negate(&data->scalar[0], &data->scalar[0]);
98  }
99 }
100 
101 void bench_scalar_mul(void* arg, int iters) {
102  int i;
103  bench_inv *data = (bench_inv*)arg;
104 
105  for (i = 0; i < iters; i++) {
106  secp256k1_scalar_mul(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
107  }
108 }
109 
110 void bench_scalar_split(void* arg, int iters) {
111  int i, j = 0;
112  bench_inv *data = (bench_inv*)arg;
113 
114  for (i = 0; i < iters; i++) {
115  secp256k1_scalar_split_lambda(&data->scalar[0], &data->scalar[1], &data->scalar[0]);
116  j += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
117  }
118  CHECK(j <= iters);
119 }
120 
121 void bench_scalar_inverse(void* arg, int iters) {
122  int i, j = 0;
123  bench_inv *data = (bench_inv*)arg;
124 
125  for (i = 0; i < iters; i++) {
126  secp256k1_scalar_inverse(&data->scalar[0], &data->scalar[0]);
127  j += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
128  }
129  CHECK(j <= iters);
130 }
131 
132 void bench_scalar_inverse_var(void* arg, int iters) {
133  int i, j = 0;
134  bench_inv *data = (bench_inv*)arg;
135 
136  for (i = 0; i < iters; i++) {
137  secp256k1_scalar_inverse_var(&data->scalar[0], &data->scalar[0]);
138  j += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
139  }
140  CHECK(j <= iters);
141 }
142 
143 void bench_field_normalize(void* arg, int iters) {
144  int i;
145  bench_inv *data = (bench_inv*)arg;
146 
147  for (i = 0; i < iters; i++) {
148  secp256k1_fe_normalize(&data->fe[0]);
149  }
150 }
151 
152 void bench_field_normalize_weak(void* arg, int iters) {
153  int i;
154  bench_inv *data = (bench_inv*)arg;
155 
156  for (i = 0; i < iters; i++) {
157  secp256k1_fe_normalize_weak(&data->fe[0]);
158  }
159 }
160 
161 void bench_field_mul(void* arg, int iters) {
162  int i;
163  bench_inv *data = (bench_inv*)arg;
164 
165  for (i = 0; i < iters; i++) {
166  secp256k1_fe_mul(&data->fe[0], &data->fe[0], &data->fe[1]);
167  }
168 }
169 
170 void bench_field_sqr(void* arg, int iters) {
171  int i;
172  bench_inv *data = (bench_inv*)arg;
173 
174  for (i = 0; i < iters; i++) {
175  secp256k1_fe_sqr(&data->fe[0], &data->fe[0]);
176  }
177 }
178 
179 void bench_field_inverse(void* arg, int iters) {
180  int i;
181  bench_inv *data = (bench_inv*)arg;
182 
183  for (i = 0; i < iters; i++) {
184  secp256k1_fe_inv(&data->fe[0], &data->fe[0]);
185  secp256k1_fe_add(&data->fe[0], &data->fe[1]);
186  }
187 }
188 
189 void bench_field_inverse_var(void* arg, int iters) {
190  int i;
191  bench_inv *data = (bench_inv*)arg;
192 
193  for (i = 0; i < iters; i++) {
194  secp256k1_fe_inv_var(&data->fe[0], &data->fe[0]);
195  secp256k1_fe_add(&data->fe[0], &data->fe[1]);
196  }
197 }
198 
199 void bench_field_sqrt(void* arg, int iters) {
200  int i, j = 0;
201  bench_inv *data = (bench_inv*)arg;
202  secp256k1_fe t;
203 
204  for (i = 0; i < iters; i++) {
205  t = data->fe[0];
206  j += secp256k1_fe_sqrt(&data->fe[0], &t);
207  secp256k1_fe_add(&data->fe[0], &data->fe[1]);
208  }
209  CHECK(j <= iters);
210 }
211 
212 void bench_group_double_var(void* arg, int iters) {
213  int i;
214  bench_inv *data = (bench_inv*)arg;
215 
216  for (i = 0; i < iters; i++) {
217  secp256k1_gej_double_var(&data->gej[0], &data->gej[0], NULL);
218  }
219 }
220 
221 void bench_group_add_var(void* arg, int iters) {
222  int i;
223  bench_inv *data = (bench_inv*)arg;
224 
225  for (i = 0; i < iters; i++) {
226  secp256k1_gej_add_var(&data->gej[0], &data->gej[0], &data->gej[1], NULL);
227  }
228 }
229 
230 void bench_group_add_affine(void* arg, int iters) {
231  int i;
232  bench_inv *data = (bench_inv*)arg;
233 
234  for (i = 0; i < iters; i++) {
235  secp256k1_gej_add_ge(&data->gej[0], &data->gej[0], &data->ge[1]);
236  }
237 }
238 
239 void bench_group_add_affine_var(void* arg, int iters) {
240  int i;
241  bench_inv *data = (bench_inv*)arg;
242 
243  for (i = 0; i < iters; i++) {
244  secp256k1_gej_add_ge_var(&data->gej[0], &data->gej[0], &data->ge[1], NULL);
245  }
246 }
247 
248 void bench_group_to_affine_var(void* arg, int iters) {
249  int i;
250  bench_inv *data = (bench_inv*)arg;
251 
252  for (i = 0; i < iters; ++i) {
253  secp256k1_ge_set_gej_var(&data->ge[1], &data->gej[0]);
254  /* Use the output affine X/Y coordinates to vary the input X/Y/Z coordinates.
255  Note that the resulting coordinates will generally not correspond to a point
256  on the curve, but this is not a problem for the code being benchmarked here.
257  Adding and normalizing have less overhead than EC operations (which could
258  guarantee the point remains on the curve). */
259  secp256k1_fe_add(&data->gej[0].x, &data->ge[1].y);
260  secp256k1_fe_add(&data->gej[0].y, &data->fe[2]);
261  secp256k1_fe_add(&data->gej[0].z, &data->ge[1].x);
262  secp256k1_fe_normalize_var(&data->gej[0].x);
263  secp256k1_fe_normalize_var(&data->gej[0].y);
264  secp256k1_fe_normalize_var(&data->gej[0].z);
265  }
266 }
267 
268 void bench_ecmult_wnaf(void* arg, int iters) {
269  int i, bits = 0, overflow = 0;
270  bench_inv *data = (bench_inv*)arg;
271 
272  for (i = 0; i < iters; i++) {
273  bits += secp256k1_ecmult_wnaf(data->wnaf, 256, &data->scalar[0], WINDOW_A);
274  overflow += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
275  }
276  CHECK(overflow >= 0);
277  CHECK(bits <= 256*iters);
278 }
279 
280 void bench_wnaf_const(void* arg, int iters) {
281  int i, bits = 0, overflow = 0;
282  bench_inv *data = (bench_inv*)arg;
283 
284  for (i = 0; i < iters; i++) {
285  bits += secp256k1_wnaf_const(data->wnaf, &data->scalar[0], WINDOW_A, 256);
286  overflow += secp256k1_scalar_add(&data->scalar[0], &data->scalar[0], &data->scalar[1]);
287  }
288  CHECK(overflow >= 0);
289  CHECK(bits <= 256*iters);
290 }
291 
292 
293 void bench_sha256(void* arg, int iters) {
294  int i;
295  bench_inv *data = (bench_inv*)arg;
296  secp256k1_sha256 sha;
297 
298  for (i = 0; i < iters; i++) {
299  secp256k1_sha256_initialize(&sha);
300  secp256k1_sha256_write(&sha, data->data, 32);
301  secp256k1_sha256_finalize(&sha, data->data);
302  }
303 }
304 
305 void bench_hmac_sha256(void* arg, int iters) {
306  int i;
307  bench_inv *data = (bench_inv*)arg;
308  secp256k1_hmac_sha256 hmac;
309 
310  for (i = 0; i < iters; i++) {
311  secp256k1_hmac_sha256_initialize(&hmac, data->data, 32);
312  secp256k1_hmac_sha256_write(&hmac, data->data, 32);
313  secp256k1_hmac_sha256_finalize(&hmac, data->data);
314  }
315 }
316 
317 void bench_rfc6979_hmac_sha256(void* arg, int iters) {
318  int i;
319  bench_inv *data = (bench_inv*)arg;
320  secp256k1_rfc6979_hmac_sha256 rng;
321 
322  for (i = 0; i < iters; i++) {
323  secp256k1_rfc6979_hmac_sha256_initialize(&rng, data->data, 64);
324  secp256k1_rfc6979_hmac_sha256_generate(&rng, data->data, 32);
325  }
326 }
327 
328 void bench_context_verify(void* arg, int iters) {
329  int i;
330  (void)arg;
331  for (i = 0; i < iters; i++) {
332  secp256k1_context_destroy(secp256k1_context_create(SECP256K1_CONTEXT_VERIFY));
333  }
334 }
335 
336 void bench_context_sign(void* arg, int iters) {
337  int i;
338  (void)arg;
339  for (i = 0; i < iters; i++) {
340  secp256k1_context_destroy(secp256k1_context_create(SECP256K1_CONTEXT_SIGN));
341  }
342 }
343 
344 int main(int argc, char **argv) {
345  bench_inv data;
346  int iters = get_iters(20000);
347 
348  if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "add")) run_benchmark("scalar_add", bench_scalar_add, bench_setup, NULL, &data, 10, iters*100);
349  if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "negate")) run_benchmark("scalar_negate", bench_scalar_negate, bench_setup, NULL, &data, 10, iters*100);
350  if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "mul")) run_benchmark("scalar_mul", bench_scalar_mul, bench_setup, NULL, &data, 10, iters*10);
351  if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "split")) run_benchmark("scalar_split", bench_scalar_split, bench_setup, NULL, &data, 10, iters);
352  if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "inverse")) run_benchmark("scalar_inverse", bench_scalar_inverse, bench_setup, NULL, &data, 10, iters);
353  if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "inverse")) run_benchmark("scalar_inverse_var", bench_scalar_inverse_var, bench_setup, NULL, &data, 10, iters);
354 
355  if (have_flag(argc, argv, "field") || have_flag(argc, argv, "normalize")) run_benchmark("field_normalize", bench_field_normalize, bench_setup, NULL, &data, 10, iters*100);
356  if (have_flag(argc, argv, "field") || have_flag(argc, argv, "normalize")) run_benchmark("field_normalize_weak", bench_field_normalize_weak, bench_setup, NULL, &data, 10, iters*100);
357  if (have_flag(argc, argv, "field") || have_flag(argc, argv, "sqr")) run_benchmark("field_sqr", bench_field_sqr, bench_setup, NULL, &data, 10, iters*10);
358  if (have_flag(argc, argv, "field") || have_flag(argc, argv, "mul")) run_benchmark("field_mul", bench_field_mul, bench_setup, NULL, &data, 10, iters*10);
359  if (have_flag(argc, argv, "field") || have_flag(argc, argv, "inverse")) run_benchmark("field_inverse", bench_field_inverse, bench_setup, NULL, &data, 10, iters);
360  if (have_flag(argc, argv, "field") || have_flag(argc, argv, "inverse")) run_benchmark("field_inverse_var", bench_field_inverse_var, bench_setup, NULL, &data, 10, iters);
361  if (have_flag(argc, argv, "field") || have_flag(argc, argv, "sqrt")) run_benchmark("field_sqrt", bench_field_sqrt, bench_setup, NULL, &data, 10, iters);
362 
363  if (have_flag(argc, argv, "group") || have_flag(argc, argv, "double")) run_benchmark("group_double_var", bench_group_double_var, bench_setup, NULL, &data, 10, iters*10);
364  if (have_flag(argc, argv, "group") || have_flag(argc, argv, "add")) run_benchmark("group_add_var", bench_group_add_var, bench_setup, NULL, &data, 10, iters*10);
365  if (have_flag(argc, argv, "group") || have_flag(argc, argv, "add")) run_benchmark("group_add_affine", bench_group_add_affine, bench_setup, NULL, &data, 10, iters*10);
366  if (have_flag(argc, argv, "group") || have_flag(argc, argv, "add")) run_benchmark("group_add_affine_var", bench_group_add_affine_var, bench_setup, NULL, &data, 10, iters*10);
367  if (have_flag(argc, argv, "group") || have_flag(argc, argv, "to_affine")) run_benchmark("group_to_affine_var", bench_group_to_affine_var, bench_setup, NULL, &data, 10, iters);
368 
369  if (have_flag(argc, argv, "ecmult") || have_flag(argc, argv, "wnaf")) run_benchmark("wnaf_const", bench_wnaf_const, bench_setup, NULL, &data, 10, iters);
370  if (have_flag(argc, argv, "ecmult") || have_flag(argc, argv, "wnaf")) run_benchmark("ecmult_wnaf", bench_ecmult_wnaf, bench_setup, NULL, &data, 10, iters);
371 
372  if (have_flag(argc, argv, "hash") || have_flag(argc, argv, "sha256")) run_benchmark("hash_sha256", bench_sha256, bench_setup, NULL, &data, 10, iters);
373  if (have_flag(argc, argv, "hash") || have_flag(argc, argv, "hmac")) run_benchmark("hash_hmac_sha256", bench_hmac_sha256, bench_setup, NULL, &data, 10, iters);
374  if (have_flag(argc, argv, "hash") || have_flag(argc, argv, "rng6979")) run_benchmark("hash_rfc6979_hmac_sha256", bench_rfc6979_hmac_sha256, bench_setup, NULL, &data, 10, iters);
375 
376  if (have_flag(argc, argv, "context") || have_flag(argc, argv, "verify")) run_benchmark("context_verify", bench_context_verify, bench_setup, NULL, &data, 10, 1 + iters/1000);
377  if (have_flag(argc, argv, "context") || have_flag(argc, argv, "sign")) run_benchmark("context_sign", bench_context_sign, bench_setup, NULL, &data, 10, 1 + iters/100);
378 
379  return 0;
380 }
bench_inv::ge
secp256k1_ge ge[2]
Definition: bench_internal.c:28
secp256k1_scalar_negate
static void secp256k1_scalar_negate(secp256k1_scalar *r, const secp256k1_scalar *a)
Compute the complement of a scalar (modulo the group order).
secp256k1_fe_inv
static void secp256k1_fe_inv(secp256k1_fe *r, const secp256k1_fe *a)
Sets a field element to be the (modular) inverse of another.
bench_inv::wnaf
int wnaf[256]
Definition: bench_internal.c:31
SECP256K1_CONTEXT_VERIFY
#define SECP256K1_CONTEXT_VERIFY
Flags to pass to secp256k1_context_create, secp256k1_context_preallocated_size, and secp256k1_context...
Definition: secp256k1.h:184
bench_inv::fe
secp256k1_fe fe[4]
Definition: bench_internal.c:27
bench_field_sqrt
void bench_field_sqrt(void *arg, int iters)
Definition: bench_internal.c:199
secp256k1_ge::y
secp256k1_fe y
Definition: group.h:19
field_impl.h
SECP256K1_CONTEXT_SIGN
#define SECP256K1_CONTEXT_SIGN
Definition: secp256k1.h:185
bench_scalar_mul
void bench_scalar_mul(void *arg, int iters)
Definition: bench_internal.c:101
bench_inv::gej
secp256k1_gej gej[2]
Definition: bench_internal.c:29
secp256k1_scalar_split_lambda
static void secp256k1_scalar_split_lambda(secp256k1_scalar *r1, secp256k1_scalar *r2, const secp256k1_scalar *k)
Find r1 and r2 such that r1+r2*lambda = k, where r1 and r2 or their negations are maximum 128 bits lo...
bench_scalar_negate
void bench_scalar_negate(void *arg, int iters)
Definition: bench_internal.c:92
secp256k1_fe_normalize_var
static void secp256k1_fe_normalize_var(secp256k1_fe *r)
Normalize a field element, without constant-time guarantee.
secp256k1_fe_set_b32
static int secp256k1_fe_set_b32(secp256k1_fe *r, const unsigned char *a)
Set a field element equal to 32-byte big endian value.
secp256k1_fe_normalize
static void secp256k1_fe_normalize(secp256k1_fe *r)
Field element module.
secp256k1_rfc6979_hmac_sha256_initialize
static void secp256k1_rfc6979_hmac_sha256_initialize(secp256k1_rfc6979_hmac_sha256 *rng, const unsigned char *key, size_t keylen)
secp256k1_gej::x
secp256k1_fe x
Definition: group.h:24
secp256k1_hmac_sha256_finalize
static void secp256k1_hmac_sha256_finalize(secp256k1_hmac_sha256 *hash, unsigned char *out32)
group_impl.h
bench_scalar_inverse_var
void bench_scalar_inverse_var(void *arg, int iters)
Definition: bench_internal.c:132
secp256k1_wnaf_const
static int secp256k1_wnaf_const(int *wnaf, const secp256k1_scalar *scalar, int w, int size)
Convert a number to WNAF notation.
Definition: ecmult_const_impl.h:55
secp256k1_rfc6979_hmac_sha256_generate
static void secp256k1_rfc6979_hmac_sha256_generate(secp256k1_rfc6979_hmac_sha256 *rng, unsigned char *out, size_t outlen)
ecmult_impl.h
bench_group_add_var
void bench_group_add_var(void *arg, int iters)
Definition: bench_internal.c:221
bench_field_inverse
void bench_field_inverse(void *arg, int iters)
Definition: bench_internal.c:179
util.h
bench.h
secp256k1_sha256
Definition: hash.h:13
ecmult_const_impl.h
secp256k1_gej::z
secp256k1_fe z
Definition: group.h:26
bench_setup
void bench_setup(void *arg)
Definition: bench_internal.c:30
secp256k1_context_destroy
SECP256K1_API void secp256k1_context_destroy(secp256k1_context *ctx)
Destroy a secp256k1 context object (created in dynamically allocated memory).
Definition: secp256k1.c:202
secp256k1_gej_rescale
static void secp256k1_gej_rescale(secp256k1_gej *r, const secp256k1_fe *b)
Rescale a jacobian point by b which must be non-zero.
secp256k1_context_create
SECP256K1_API secp256k1_context * secp256k1_context_create(unsigned int flags) SECP256K1_WARN_UNUSED_RESULT
Create a secp256k1 context object (in dynamically allocated memory).
Definition: secp256k1.c:158
secp256k1_gej_add_ge
static void secp256k1_gej_add_ge(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_ge *b)
Set r equal to the sum of a and b (with b given in affine coordinates, and not infinity).
secp256k1_scalar_add
static int secp256k1_scalar_add(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b)
Add two scalars together (modulo the group order).
secp256k1_scalar
A scalar modulo the group order of the secp256k1 curve.
Definition: scalar_4x64.h:13
bench_inv::scalar
secp256k1_scalar scalar[2]
Definition: bench_internal.c:26
WINDOW_A
#define WINDOW_A
Definition: ecmult_impl.h:34
secp256k1_gej
A group element of the secp256k1 curve, in jacobian coordinates.
Definition: group.h:23
secp256k1_fe_sqrt
static int secp256k1_fe_sqrt(secp256k1_fe *r, const secp256k1_fe *a)
If a has a square root, it is computed in r and 1 is returned.
assumptions.h
bench_inv::data
unsigned char data[64]
Definition: bench_internal.c:30
secp256k1_fe_mul
static void secp256k1_fe_mul(secp256k1_fe *r, const secp256k1_fe *a, const secp256k1_fe *SECP256K1_RESTRICT b)
Sets a field element to be the product of two others.
run_benchmark
void run_benchmark(char *name, void(*benchmark)(void *, int), void(*setup)(void *), void(*teardown)(void *, int), void *data, int count, int iter)
Definition: bench.h:76
secp256k1_hmac_sha256_initialize
static void secp256k1_hmac_sha256_initialize(secp256k1_hmac_sha256 *hash, const unsigned char *key, size_t size)
secp256k1_sha256_write
static void secp256k1_sha256_write(secp256k1_sha256 *hash, const unsigned char *data, size_t size)
secp256k1.c
secp256k1_fe
Definition: field_10x26.h:12
secp256k1_sha256_finalize
static void secp256k1_sha256_finalize(secp256k1_sha256 *hash, unsigned char *out32)
bench_wnaf_const
void bench_wnaf_const(void *arg, int iters)
Definition: bench_internal.c:280
bench_scalar_inverse
void bench_scalar_inverse(void *arg, int iters)
Definition: bench_internal.c:121
bench_sha256
void bench_sha256(void *arg, int iters)
Definition: bench_internal.c:293
secp256k1_gej::y
secp256k1_fe y
Definition: group.h:25
bench_field_inverse_var
void bench_field_inverse_var(void *arg, int iters)
Definition: bench_internal.c:189
hash_impl.h
bench_group_double_var
void bench_group_double_var(void *arg, int iters)
Definition: bench_internal.c:212
secp256k1_scalar_inverse_var
static void secp256k1_scalar_inverse_var(secp256k1_scalar *r, const secp256k1_scalar *a)
Compute the inverse of a scalar (modulo the group order), without constant-time guarantee.
secp256k1_sha256_initialize
static void secp256k1_sha256_initialize(secp256k1_sha256 *hash)
secp256k1_scalar_inverse
static void secp256k1_scalar_inverse(secp256k1_scalar *r, const secp256k1_scalar *a)
Compute the inverse of a scalar (modulo the group order).
secp256k1_ecmult_wnaf
static int secp256k1_ecmult_wnaf(int *wnaf, int len, const secp256k1_scalar *a, int w)
Convert a number to WNAF notation.
Definition: ecmult_impl.h:377
secp256k1_fe_add
static void secp256k1_fe_add(secp256k1_fe *r, const secp256k1_fe *a)
Adds a field element to another.
get_iters
int get_iters(int default_iters)
Definition: bench.h:124
bench_field_normalize_weak
void bench_field_normalize_weak(void *arg, int iters)
Definition: bench_internal.c:152
secp256k1_gej_add_var
static void secp256k1_gej_add_var(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_gej *b, secp256k1_fe *rzr)
Set r equal to the sum of a and b.
bench_hmac_sha256
void bench_hmac_sha256(void *arg, int iters)
Definition: bench_internal.c:305
bench_group_add_affine_var
void bench_group_add_affine_var(void *arg, int iters)
Definition: bench_internal.c:239
secp256k1_fe_sqr
static void secp256k1_fe_sqr(secp256k1_fe *r, const secp256k1_fe *a)
Sets a field element to be the square of another.
bench_group_to_affine_var
void bench_group_to_affine_var(void *arg, int iters)
Definition: bench_internal.c:248
secp256k1_hmac_sha256
Definition: hash.h:23
bench_scalar_split
void bench_scalar_split(void *arg, int iters)
Definition: bench_internal.c:110
bench_inv
Definition: bench_internal.c:21
bench_context_sign
void bench_context_sign(void *arg, int iters)
Definition: bench_internal.c:336
secp256k1_gej_add_ge_var
static void secp256k1_gej_add_ge_var(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_ge *b, secp256k1_fe *rzr)
Set r equal to the sum of a and b (with b given in affine coordinates).
scalar_impl.h
init
Definition: bitcoin-node.cpp:16
bench_ecmult_wnaf
void bench_ecmult_wnaf(void *arg, int iters)
Definition: bench_internal.c:268
secp256k1_rfc6979_hmac_sha256
Definition: hash.h:31
secp256k1_ge_set_gej_var
static void secp256k1_ge_set_gej_var(secp256k1_ge *r, secp256k1_gej *a)
Set a group element equal to another which is given in jacobian coordinates.
secp256k1_gej_double_var
static void secp256k1_gej_double_var(secp256k1_gej *r, const secp256k1_gej *a, secp256k1_fe *rzr)
Set r equal to the double of a.
secp256k1_ge_set_xo_var
static int secp256k1_ge_set_xo_var(secp256k1_ge *r, const secp256k1_fe *x, int odd)
Set a group element (affine) equal to the point with the given X coordinate, and given oddness for Y.
bench_field_mul
void bench_field_mul(void *arg, int iters)
Definition: bench_internal.c:161
bench_rfc6979_hmac_sha256
void bench_rfc6979_hmac_sha256(void *arg, int iters)
Definition: bench_internal.c:317
secp256k1_scalar_mul
static void secp256k1_scalar_mul(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b)
Multiply two scalars (modulo the group order).
bench_field_normalize
void bench_field_normalize(void *arg, int iters)
Definition: bench_internal.c:143
bench_scalar_add
void bench_scalar_add(void *arg, int iters)
Definition: bench_internal.c:82
secp256k1_fe_normalize_weak
static void secp256k1_fe_normalize_weak(secp256k1_fe *r)
Weakly normalize a field element: reduce its magnitude to 1, but don't fully normalize.
secp256k1_ge::x
secp256k1_fe x
Definition: group.h:18
bench_group_add_affine
void bench_group_add_affine(void *arg, int iters)
Definition: bench_internal.c:230
CHECK
#define CHECK(cond)
Definition: util.h:53
secp256k1_scalar_set_b32
static void secp256k1_scalar_set_b32(secp256k1_scalar *r, const unsigned char *bin, int *overflow)
Set a scalar from a big endian byte array.
bench_field_sqr
void bench_field_sqr(void *arg, int iters)
Definition: bench_internal.c:170
bench_context_verify
void bench_context_verify(void *arg, int iters)
Definition: bench_internal.c:328
secp256k1_ge
A group element of the secp256k1 curve, in affine coordinates.
Definition: group.h:13
have_flag
int have_flag(int argc, char **argv, char *flag)
Definition: bench.h:109
secp256k1_fe_inv_var
static void secp256k1_fe_inv_var(secp256k1_fe *r, const secp256k1_fe *a)
Potentially faster version of secp256k1_fe_inv, without constant-time guarantee.
main
int main(int argc, char **argv)
Definition: bench_internal.c:344
secp256k1_gej_set_ge
static void secp256k1_gej_set_ge(secp256k1_gej *r, const secp256k1_ge *a)
Set a group element (jacobian) equal to another which is given in affine coordinates.
secp256k1_hmac_sha256_write
static void secp256k1_hmac_sha256_write(secp256k1_hmac_sha256 *hash, const unsigned char *data, size_t size)
Generated on Sat Sep 18 2021 20:04:30 for Bitcoin Core by   doxygen 1.8.17