Bitcoin Core  0.20.99
P2P Digital Currency
Functions
field.h File Reference
#include "util.h"
#include "field_10x26.h"
Include dependency graph for field.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

static void secp256k1_fe_normalize (secp256k1_fe *r)
 Field element module. More...
 
static void secp256k1_fe_normalize_weak (secp256k1_fe *r)
 Weakly normalize a field element: reduce its magnitude to 1, but don't fully normalize. More...
 
static void secp256k1_fe_normalize_var (secp256k1_fe *r)
 Normalize a field element, without constant-time guarantee. More...
 
static int secp256k1_fe_normalizes_to_zero (secp256k1_fe *r)
 Verify whether a field element represents zero i.e. More...
 
static int secp256k1_fe_normalizes_to_zero_var (secp256k1_fe *r)
 Verify whether a field element represents zero i.e. More...
 
static void secp256k1_fe_set_int (secp256k1_fe *r, int a)
 Set a field element equal to a small integer. More...
 
static void secp256k1_fe_clear (secp256k1_fe *a)
 Sets a field element equal to zero, initializing all fields. More...
 
static int secp256k1_fe_is_zero (const secp256k1_fe *a)
 Verify whether a field element is zero. More...
 
static int secp256k1_fe_is_odd (const secp256k1_fe *a)
 Check the "oddness" of a field element. More...
 
static int secp256k1_fe_equal (const secp256k1_fe *a, const secp256k1_fe *b)
 Compare two field elements. More...
 
static int secp256k1_fe_equal_var (const secp256k1_fe *a, const secp256k1_fe *b)
 Same as secp256k1_fe_equal, but may be variable time. More...
 
static int secp256k1_fe_cmp_var (const secp256k1_fe *a, const secp256k1_fe *b)
 Compare two field elements. More...
 
static int secp256k1_fe_set_b32 (secp256k1_fe *r, const unsigned char *a)
 Set a field element equal to 32-byte big endian value. More...
 
static void secp256k1_fe_get_b32 (unsigned char *r, const secp256k1_fe *a)
 Convert a field element to a 32-byte big endian value. More...
 
static void secp256k1_fe_negate (secp256k1_fe *r, const secp256k1_fe *a, int m)
 Set a field element equal to the additive inverse of another. More...
 
static void secp256k1_fe_mul_int (secp256k1_fe *r, int a)
 Multiplies the passed field element with a small integer constant. More...
 
static void secp256k1_fe_add (secp256k1_fe *r, const secp256k1_fe *a)
 Adds a field element to another. More...
 
static void secp256k1_fe_mul (secp256k1_fe *r, const secp256k1_fe *a, const secp256k1_fe *SECP256K1_RESTRICT b)
 Sets a field element to be the product of two others. More...
 
static void secp256k1_fe_sqr (secp256k1_fe *r, const secp256k1_fe *a)
 Sets a field element to be the square of another. More...
 
static int secp256k1_fe_sqrt (secp256k1_fe *r, const secp256k1_fe *a)
 If a has a square root, it is computed in r and 1 is returned. More...
 
static int secp256k1_fe_is_quad_var (const secp256k1_fe *a)
 Checks whether a field element is a quadratic residue. More...
 
static void secp256k1_fe_inv (secp256k1_fe *r, const secp256k1_fe *a)
 Sets a field element to be the (modular) inverse of another. More...
 
static void secp256k1_fe_inv_var (secp256k1_fe *r, const secp256k1_fe *a)
 Potentially faster version of secp256k1_fe_inv, without constant-time guarantee. More...
 
static void secp256k1_fe_inv_all_var (secp256k1_fe *r, const secp256k1_fe *a, size_t len)
 Calculate the (modular) inverses of a batch of field elements. More...
 
static void secp256k1_fe_to_storage (secp256k1_fe_storage *r, const secp256k1_fe *a)
 Convert a field element to the storage type. More...
 
static void secp256k1_fe_from_storage (secp256k1_fe *r, const secp256k1_fe_storage *a)
 Convert a field element back from the storage type. More...
 
static void secp256k1_fe_storage_cmov (secp256k1_fe_storage *r, const secp256k1_fe_storage *a, int flag)
 If flag is true, set *r equal to *a; otherwise leave it. More...
 
static void secp256k1_fe_cmov (secp256k1_fe *r, const secp256k1_fe *a, int flag)
 If flag is true, set *r equal to *a; otherwise leave it. More...
 

Function Documentation

◆ secp256k1_fe_add()

static void secp256k1_fe_add ( secp256k1_fe r,
const secp256k1_fe a 
)
static

Adds a field element to another.

The result has the sum of the inputs' magnitudes as magnitude.

Here is the caller graph for this function:

◆ secp256k1_fe_clear()

static void secp256k1_fe_clear ( secp256k1_fe a)
static

Sets a field element equal to zero, initializing all fields.

Here is the caller graph for this function:

◆ secp256k1_fe_cmov()

static void secp256k1_fe_cmov ( secp256k1_fe r,
const secp256k1_fe a,
int  flag 
)
static

If flag is true, set *r equal to *a; otherwise leave it.

Constant-time. Both *r and *a must be initialized.

Here is the caller graph for this function:

◆ secp256k1_fe_cmp_var()

static int secp256k1_fe_cmp_var ( const secp256k1_fe a,
const secp256k1_fe b 
)
static

Compare two field elements.

Requires both inputs to be normalized

Here is the caller graph for this function:

◆ secp256k1_fe_equal()

static int secp256k1_fe_equal ( const secp256k1_fe a,
const secp256k1_fe b 
)
static

Compare two field elements.

Requires magnitude-1 inputs.

Here is the caller graph for this function:

◆ secp256k1_fe_equal_var()

static int secp256k1_fe_equal_var ( const secp256k1_fe a,
const secp256k1_fe b 
)
static

Same as secp256k1_fe_equal, but may be variable time.

Here is the caller graph for this function:

◆ secp256k1_fe_from_storage()

static void secp256k1_fe_from_storage ( secp256k1_fe r,
const secp256k1_fe_storage a 
)
static

Convert a field element back from the storage type.

Here is the caller graph for this function:

◆ secp256k1_fe_get_b32()

static void secp256k1_fe_get_b32 ( unsigned char *  r,
const secp256k1_fe a 
)
static

Convert a field element to a 32-byte big endian value.

Requires the input to be normalized

Here is the caller graph for this function:

◆ secp256k1_fe_inv()

static void secp256k1_fe_inv ( secp256k1_fe r,
const secp256k1_fe a 
)
static

Sets a field element to be the (modular) inverse of another.

Requires the input's magnitude to be at most 8. The output magnitude is 1 (but not guaranteed to be normalized).

Here is the caller graph for this function:

◆ secp256k1_fe_inv_all_var()

static void secp256k1_fe_inv_all_var ( secp256k1_fe r,
const secp256k1_fe a,
size_t  len 
)
static

Calculate the (modular) inverses of a batch of field elements.

Requires the inputs' magnitudes to be at most 8. The output magnitudes are 1 (but not guaranteed to be normalized). The inputs and outputs must not overlap in memory.

Here is the caller graph for this function:

◆ secp256k1_fe_inv_var()

static void secp256k1_fe_inv_var ( secp256k1_fe r,
const secp256k1_fe a 
)
static

Potentially faster version of secp256k1_fe_inv, without constant-time guarantee.

Here is the caller graph for this function:

◆ secp256k1_fe_is_odd()

static int secp256k1_fe_is_odd ( const secp256k1_fe a)
static

Check the "oddness" of a field element.

Requires the input to be normalized.

Here is the caller graph for this function:

◆ secp256k1_fe_is_quad_var()

static int secp256k1_fe_is_quad_var ( const secp256k1_fe a)
static

Checks whether a field element is a quadratic residue.

Here is the caller graph for this function:

◆ secp256k1_fe_is_zero()

static int secp256k1_fe_is_zero ( const secp256k1_fe a)
static

Verify whether a field element is zero.

Requires the input to be normalized.

Here is the caller graph for this function:

◆ secp256k1_fe_mul()

static void secp256k1_fe_mul ( secp256k1_fe r,
const secp256k1_fe a,
const secp256k1_fe *SECP256K1_RESTRICT  b 
)
static

Sets a field element to be the product of two others.

Requires the inputs' magnitudes to be at most 8. The output magnitude is 1 (but not guaranteed to be normalized).

Here is the caller graph for this function:

◆ secp256k1_fe_mul_int()

static void secp256k1_fe_mul_int ( secp256k1_fe r,
int  a 
)
static

Multiplies the passed field element with a small integer constant.

Multiplies the magnitude by that small integer.

Here is the caller graph for this function:

◆ secp256k1_fe_negate()

static void secp256k1_fe_negate ( secp256k1_fe r,
const secp256k1_fe a,
int  m 
)
static

Set a field element equal to the additive inverse of another.

Takes a maximum magnitude of the input as an argument. The magnitude of the output is one higher.

Here is the caller graph for this function:

◆ secp256k1_fe_normalize()

static void secp256k1_fe_normalize ( secp256k1_fe r)
static

Field element module.

Field elements can be represented in several ways, but code accessing it (and implementations) need to take certain properties into account:

  • Each field element can be normalized or not.
  • Each field element has a magnitude, which represents how far away its representation is away from normalization. Normalized elements always have a magnitude of 1, but a magnitude of 1 doesn't imply normality.Normalize a field element. This brings the field element to a canonical representation, reduces its magnitude to 1, and reduces it modulo field size p.
Here is the caller graph for this function:

◆ secp256k1_fe_normalize_var()

static void secp256k1_fe_normalize_var ( secp256k1_fe r)
static

Normalize a field element, without constant-time guarantee.

Here is the caller graph for this function:

◆ secp256k1_fe_normalize_weak()

static void secp256k1_fe_normalize_weak ( secp256k1_fe r)
static

Weakly normalize a field element: reduce its magnitude to 1, but don't fully normalize.

Here is the caller graph for this function:

◆ secp256k1_fe_normalizes_to_zero()

static int secp256k1_fe_normalizes_to_zero ( secp256k1_fe r)
static

Verify whether a field element represents zero i.e.

would normalize to a zero value. The field implementation may optionally normalize the input, but this should not be relied upon.

Here is the caller graph for this function:

◆ secp256k1_fe_normalizes_to_zero_var()

static int secp256k1_fe_normalizes_to_zero_var ( secp256k1_fe r)
static

Verify whether a field element represents zero i.e.

would normalize to a zero value. The field implementation may optionally normalize the input, but this should not be relied upon.

Here is the caller graph for this function:

◆ secp256k1_fe_set_b32()

static int secp256k1_fe_set_b32 ( secp256k1_fe r,
const unsigned char *  a 
)
static

Set a field element equal to 32-byte big endian value.

If successful, the resulting field element is normalized.

Here is the caller graph for this function:

◆ secp256k1_fe_set_int()

static void secp256k1_fe_set_int ( secp256k1_fe r,
int  a 
)
static

Set a field element equal to a small integer.

Resulting field element is normalized.

Here is the caller graph for this function:

◆ secp256k1_fe_sqr()

static void secp256k1_fe_sqr ( secp256k1_fe r,
const secp256k1_fe a 
)
static

Sets a field element to be the square of another.

Requires the input's magnitude to be at most 8. The output magnitude is 1 (but not guaranteed to be normalized).

Here is the caller graph for this function:

◆ secp256k1_fe_sqrt()

static int secp256k1_fe_sqrt ( secp256k1_fe r,
const secp256k1_fe a 
)
static

If a has a square root, it is computed in r and 1 is returned.

If a does not have a square root, the root of its negation is computed and 0 is returned. The input's magnitude can be at most 8. The output magnitude is 1 (but not guaranteed to be normalized). The result in r will always be a square itself.

Here is the caller graph for this function:

◆ secp256k1_fe_storage_cmov()

static void secp256k1_fe_storage_cmov ( secp256k1_fe_storage r,
const secp256k1_fe_storage a,
int  flag 
)
static

If flag is true, set *r equal to *a; otherwise leave it.

Constant-time. Both *r and *a must be initialized.

Here is the caller graph for this function:

◆ secp256k1_fe_to_storage()

static void secp256k1_fe_to_storage ( secp256k1_fe_storage r,
const secp256k1_fe a 
)
static

Convert a field element to the storage type.

Here is the caller graph for this function: