Bitcoin Core 28.99.0
P2P Digital Currency
All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Properties Friends Macros Modules Pages Concepts
Macros | Functions | Variables
scalar_4x64_impl.h File Reference
#include "checkmem.h"
#include "int128.h"
#include "modinv64_impl.h"
#include "util.h"
Include dependency graph for scalar_4x64_impl.h:

Go to the source code of this file.

Macros

#define SECP256K1_N_0   ((uint64_t)0xBFD25E8CD0364141ULL)
 
#define SECP256K1_N_1   ((uint64_t)0xBAAEDCE6AF48A03BULL)
 
#define SECP256K1_N_2   ((uint64_t)0xFFFFFFFFFFFFFFFEULL)
 
#define SECP256K1_N_3   ((uint64_t)0xFFFFFFFFFFFFFFFFULL)
 
#define SECP256K1_N_C_0   (~SECP256K1_N_0 + 1)
 
#define SECP256K1_N_C_1   (~SECP256K1_N_1)
 
#define SECP256K1_N_C_2   (1)
 
#define SECP256K1_N_H_0   ((uint64_t)0xDFE92F46681B20A0ULL)
 
#define SECP256K1_N_H_1   ((uint64_t)0x5D576E7357A4501DULL)
 
#define SECP256K1_N_H_2   ((uint64_t)0xFFFFFFFFFFFFFFFFULL)
 
#define SECP256K1_N_H_3   ((uint64_t)0x7FFFFFFFFFFFFFFFULL)
 
#define muladd(a, b)
 Add a*b to the number defined by (c0,c1,c2). More...
 
#define muladd_fast(a, b)
 Add a*b to the number defined by (c0,c1). More...
 
#define sumadd(a)
 Add a to the number defined by (c0,c1,c2). More...
 
#define sumadd_fast(a)
 Add a to the number defined by (c0,c1). More...
 
#define extract(n)
 Extract the lowest 64 bits of (c0,c1,c2) into n, and left shift the number 64 bits. More...
 
#define extract_fast(n)
 Extract the lowest 64 bits of (c0,c1,c2) into n, and left shift the number 64 bits. More...
 

Functions

static SECP256K1_INLINE void secp256k1_scalar_set_int (secp256k1_scalar *r, unsigned int v)
 
static SECP256K1_INLINE uint32_t secp256k1_scalar_get_bits_limb32 (const secp256k1_scalar *a, unsigned int offset, unsigned int count)
 
static SECP256K1_INLINE uint32_t secp256k1_scalar_get_bits_var (const secp256k1_scalar *a, unsigned int offset, unsigned int count)
 
static SECP256K1_INLINE int secp256k1_scalar_check_overflow (const secp256k1_scalar *a)
 
static SECP256K1_INLINE int secp256k1_scalar_reduce (secp256k1_scalar *r, unsigned int overflow)
 
static int secp256k1_scalar_add (secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b)
 
static void secp256k1_scalar_cadd_bit (secp256k1_scalar *r, unsigned int bit, int flag)
 
static void secp256k1_scalar_set_b32 (secp256k1_scalar *r, const unsigned char *b32, int *overflow)
 
static void secp256k1_scalar_get_b32 (unsigned char *bin, const secp256k1_scalar *a)
 
static SECP256K1_INLINE int secp256k1_scalar_is_zero (const secp256k1_scalar *a)
 
static void secp256k1_scalar_negate (secp256k1_scalar *r, const secp256k1_scalar *a)
 
static void secp256k1_scalar_half (secp256k1_scalar *r, const secp256k1_scalar *a)
 
static SECP256K1_INLINE int secp256k1_scalar_is_one (const secp256k1_scalar *a)
 
static int secp256k1_scalar_is_high (const secp256k1_scalar *a)
 
static int secp256k1_scalar_cond_negate (secp256k1_scalar *r, int flag)
 
static void secp256k1_scalar_reduce_512 (secp256k1_scalar *r, const uint64_t *l)
 
static void secp256k1_scalar_mul_512 (uint64_t *l8, const secp256k1_scalar *a, const secp256k1_scalar *b)
 
static void secp256k1_scalar_mul (secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b)
 
static void secp256k1_scalar_split_128 (secp256k1_scalar *r1, secp256k1_scalar *r2, const secp256k1_scalar *k)
 
static SECP256K1_INLINE int secp256k1_scalar_eq (const secp256k1_scalar *a, const secp256k1_scalar *b)
 
static SECP256K1_INLINE void secp256k1_scalar_mul_shift_var (secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b, unsigned int shift)
 
static SECP256K1_INLINE void secp256k1_scalar_cmov (secp256k1_scalar *r, const secp256k1_scalar *a, int flag)
 
static void secp256k1_scalar_from_signed62 (secp256k1_scalar *r, const secp256k1_modinv64_signed62 *a)
 
static void secp256k1_scalar_to_signed62 (secp256k1_modinv64_signed62 *r, const secp256k1_scalar *a)
 
static void secp256k1_scalar_inverse (secp256k1_scalar *r, const secp256k1_scalar *x)
 
static void secp256k1_scalar_inverse_var (secp256k1_scalar *r, const secp256k1_scalar *x)
 
static SECP256K1_INLINE int secp256k1_scalar_is_even (const secp256k1_scalar *a)
 

Variables

static const secp256k1_modinv64_modinfo secp256k1_const_modinfo_scalar
 

Macro Definition Documentation

◆ extract

#define extract (   n)
Value:
{ \
(n) = c0; \
c0 = c1; \
c1 = c2; \
c2 = 0; \
}

Extract the lowest 64 bits of (c0,c1,c2) into n, and left shift the number 64 bits.

Definition at line 332 of file scalar_4x64_impl.h.

◆ extract_fast

#define extract_fast (   n)
Value:
{ \
(n) = c0; \
c0 = c1; \
c1 = 0; \
VERIFY_CHECK(c2 == 0); \
}

Extract the lowest 64 bits of (c0,c1,c2) into n, and left shift the number 64 bits.

c2 is required to be zero.

Definition at line 340 of file scalar_4x64_impl.h.

◆ muladd

#define muladd (   a,
 
)
Value:
{ \
uint64_t tl, th; \
{ \
secp256k1_uint128 t; \
secp256k1_u128_mul(&t, a, b); \
th = secp256k1_u128_hi_u64(&t); /* at most 0xFFFFFFFFFFFFFFFE */ \
} \
c0 += tl; /* overflow is handled on the next line */ \
th += (c0 < tl); /* at most 0xFFFFFFFFFFFFFFFF */ \
c1 += th; /* overflow is handled on the next line */ \
c2 += (c1 < th); /* never overflows by contract (verified in the next line) */ \
VERIFY_CHECK((c1 >= th) || (c2 != 0)); \
}
static SECP256K1_INLINE uint64_t secp256k1_u128_hi_u64(const secp256k1_uint128 *a)
static SECP256K1_INLINE uint64_t secp256k1_u128_to_u64(const secp256k1_uint128 *a)

Add a*b to the number defined by (c0,c1,c2).

c2 must never overflow.

Definition at line 284 of file scalar_4x64_impl.h.

◆ muladd_fast

#define muladd_fast (   a,
 
)
Value:
{ \
uint64_t tl, th; \
{ \
secp256k1_uint128 t; \
secp256k1_u128_mul(&t, a, b); \
th = secp256k1_u128_hi_u64(&t); /* at most 0xFFFFFFFFFFFFFFFE */ \
} \
c0 += tl; /* overflow is handled on the next line */ \
th += (c0 < tl); /* at most 0xFFFFFFFFFFFFFFFF */ \
c1 += th; /* never overflows by contract (verified in the next line) */ \
VERIFY_CHECK(c1 >= th); \
}

Add a*b to the number defined by (c0,c1).

c1 must never overflow.

Definition at line 300 of file scalar_4x64_impl.h.

◆ SECP256K1_N_0

#define SECP256K1_N_0   ((uint64_t)0xBFD25E8CD0364141ULL)

Definition at line 16 of file scalar_4x64_impl.h.

◆ SECP256K1_N_1

#define SECP256K1_N_1   ((uint64_t)0xBAAEDCE6AF48A03BULL)

Definition at line 17 of file scalar_4x64_impl.h.

◆ SECP256K1_N_2

#define SECP256K1_N_2   ((uint64_t)0xFFFFFFFFFFFFFFFEULL)

Definition at line 18 of file scalar_4x64_impl.h.

◆ SECP256K1_N_3

#define SECP256K1_N_3   ((uint64_t)0xFFFFFFFFFFFFFFFFULL)

Definition at line 19 of file scalar_4x64_impl.h.

◆ SECP256K1_N_C_0

#define SECP256K1_N_C_0   (~SECP256K1_N_0 + 1)

Definition at line 22 of file scalar_4x64_impl.h.

◆ SECP256K1_N_C_1

#define SECP256K1_N_C_1   (~SECP256K1_N_1)

Definition at line 23 of file scalar_4x64_impl.h.

◆ SECP256K1_N_C_2

#define SECP256K1_N_C_2   (1)

Definition at line 24 of file scalar_4x64_impl.h.

◆ SECP256K1_N_H_0

#define SECP256K1_N_H_0   ((uint64_t)0xDFE92F46681B20A0ULL)

Definition at line 27 of file scalar_4x64_impl.h.

◆ SECP256K1_N_H_1

#define SECP256K1_N_H_1   ((uint64_t)0x5D576E7357A4501DULL)

Definition at line 28 of file scalar_4x64_impl.h.

◆ SECP256K1_N_H_2

#define SECP256K1_N_H_2   ((uint64_t)0xFFFFFFFFFFFFFFFFULL)

Definition at line 29 of file scalar_4x64_impl.h.

◆ SECP256K1_N_H_3

#define SECP256K1_N_H_3   ((uint64_t)0x7FFFFFFFFFFFFFFFULL)

Definition at line 30 of file scalar_4x64_impl.h.

◆ sumadd

#define sumadd (   a)
Value:
{ \
unsigned int over; \
c0 += (a); /* overflow is handled on the next line */ \
over = (c0 < (a)); \
c1 += over; /* overflow is handled on the next line */ \
c2 += (c1 < over); /* never overflows by contract */ \
}

Add a to the number defined by (c0,c1,c2).

c2 must never overflow.

Definition at line 315 of file scalar_4x64_impl.h.

◆ sumadd_fast

#define sumadd_fast (   a)
Value:
{ \
c0 += (a); /* overflow is handled on the next line */ \
c1 += (c0 < (a)); /* never overflows by contract (verified the next line) */ \
VERIFY_CHECK((c1 != 0) | (c0 >= (a))); \
VERIFY_CHECK(c2 == 0); \
}

Add a to the number defined by (c0,c1).

c1 must never overflow, c2 must be zero.

Definition at line 324 of file scalar_4x64_impl.h.

Function Documentation

◆ secp256k1_scalar_add()

static int secp256k1_scalar_add ( secp256k1_scalar r,
const secp256k1_scalar a,
const secp256k1_scalar b 
)
static

Definition at line 94 of file scalar_4x64_impl.h.

Here is the call graph for this function:

◆ secp256k1_scalar_cadd_bit()

static void secp256k1_scalar_cadd_bit ( secp256k1_scalar r,
unsigned int  bit,
int  flag 
)
static

Definition at line 120 of file scalar_4x64_impl.h.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ secp256k1_scalar_check_overflow()

static SECP256K1_INLINE int secp256k1_scalar_check_overflow ( const secp256k1_scalar a)
static

Definition at line 62 of file scalar_4x64_impl.h.

Here is the caller graph for this function:

◆ secp256k1_scalar_cmov()

static SECP256K1_INLINE void secp256k1_scalar_cmov ( secp256k1_scalar r,
const secp256k1_scalar a,
int  flag 
)
static

Definition at line 911 of file scalar_4x64_impl.h.

◆ secp256k1_scalar_cond_negate()

static int secp256k1_scalar_cond_negate ( secp256k1_scalar r,
int  flag 
)
static

Definition at line 255 of file scalar_4x64_impl.h.

Here is the call graph for this function:

◆ secp256k1_scalar_eq()

static SECP256K1_INLINE int secp256k1_scalar_eq ( const secp256k1_scalar a,
const secp256k1_scalar b 
)
static

Definition at line 882 of file scalar_4x64_impl.h.

◆ secp256k1_scalar_from_signed62()

static void secp256k1_scalar_from_signed62 ( secp256k1_scalar r,
const secp256k1_modinv64_signed62 a 
)
static

Definition at line 927 of file scalar_4x64_impl.h.

Here is the caller graph for this function:

◆ secp256k1_scalar_get_b32()

static void secp256k1_scalar_get_b32 ( unsigned char *  bin,
const secp256k1_scalar a 
)
static

Definition at line 158 of file scalar_4x64_impl.h.

Here is the call graph for this function:

◆ secp256k1_scalar_get_bits_limb32()

static SECP256K1_INLINE uint32_t secp256k1_scalar_get_bits_limb32 ( const secp256k1_scalar a,
unsigned int  offset,
unsigned int  count 
)
static

Definition at line 41 of file scalar_4x64_impl.h.

Here is the caller graph for this function:

◆ secp256k1_scalar_get_bits_var()

static SECP256K1_INLINE uint32_t secp256k1_scalar_get_bits_var ( const secp256k1_scalar a,
unsigned int  offset,
unsigned int  count 
)
static

Definition at line 49 of file scalar_4x64_impl.h.

Here is the call graph for this function:

◆ secp256k1_scalar_half()

static void secp256k1_scalar_half ( secp256k1_scalar r,
const secp256k1_scalar a 
)
static

Definition at line 194 of file scalar_4x64_impl.h.

Here is the call graph for this function:

◆ secp256k1_scalar_inverse()

static void secp256k1_scalar_inverse ( secp256k1_scalar r,
const secp256k1_scalar x 
)
static

Definition at line 964 of file scalar_4x64_impl.h.

Here is the call graph for this function:

◆ secp256k1_scalar_inverse_var()

static void secp256k1_scalar_inverse_var ( secp256k1_scalar r,
const secp256k1_scalar x 
)
static

Definition at line 979 of file scalar_4x64_impl.h.

Here is the call graph for this function:

◆ secp256k1_scalar_is_even()

static SECP256K1_INLINE int secp256k1_scalar_is_even ( const secp256k1_scalar a)
static

Definition at line 994 of file scalar_4x64_impl.h.

◆ secp256k1_scalar_is_high()

static int secp256k1_scalar_is_high ( const secp256k1_scalar a)
static

Definition at line 241 of file scalar_4x64_impl.h.

◆ secp256k1_scalar_is_one()

static SECP256K1_INLINE int secp256k1_scalar_is_one ( const secp256k1_scalar a)
static

Definition at line 235 of file scalar_4x64_impl.h.

◆ secp256k1_scalar_is_zero()

static SECP256K1_INLINE int secp256k1_scalar_is_zero ( const secp256k1_scalar a)
static

Definition at line 167 of file scalar_4x64_impl.h.

Here is the caller graph for this function:

◆ secp256k1_scalar_mul()

static void secp256k1_scalar_mul ( secp256k1_scalar r,
const secp256k1_scalar a,
const secp256k1_scalar b 
)
static

Definition at line 855 of file scalar_4x64_impl.h.

Here is the call graph for this function:

◆ secp256k1_scalar_mul_512()

static void secp256k1_scalar_mul_512 ( uint64_t *  l8,
const secp256k1_scalar a,
const secp256k1_scalar b 
)
static

Definition at line 678 of file scalar_4x64_impl.h.

Here is the caller graph for this function:

◆ secp256k1_scalar_mul_shift_var()

static SECP256K1_INLINE void secp256k1_scalar_mul_shift_var ( secp256k1_scalar r,
const secp256k1_scalar a,
const secp256k1_scalar b,
unsigned int  shift 
)
static

Definition at line 889 of file scalar_4x64_impl.h.

Here is the call graph for this function:

◆ secp256k1_scalar_negate()

static void secp256k1_scalar_negate ( secp256k1_scalar r,
const secp256k1_scalar a 
)
static

Definition at line 173 of file scalar_4x64_impl.h.

Here is the call graph for this function:

◆ secp256k1_scalar_reduce()

static SECP256K1_INLINE int secp256k1_scalar_reduce ( secp256k1_scalar r,
unsigned int  overflow 
)
static

Definition at line 74 of file scalar_4x64_impl.h.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ secp256k1_scalar_reduce_512()

static void secp256k1_scalar_reduce_512 ( secp256k1_scalar r,
const uint64_t *  l 
)
static

Definition at line 347 of file scalar_4x64_impl.h.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ secp256k1_scalar_set_b32()

static void secp256k1_scalar_set_b32 ( secp256k1_scalar r,
const unsigned char *  b32,
int *  overflow 
)
static

Definition at line 144 of file scalar_4x64_impl.h.

Here is the call graph for this function:

◆ secp256k1_scalar_set_int()

static SECP256K1_INLINE void secp256k1_scalar_set_int ( secp256k1_scalar r,
unsigned int  v 
)
static

Definition at line 32 of file scalar_4x64_impl.h.

◆ secp256k1_scalar_split_128()

static void secp256k1_scalar_split_128 ( secp256k1_scalar r1,
secp256k1_scalar r2,
const secp256k1_scalar k 
)
static

Definition at line 866 of file scalar_4x64_impl.h.

◆ secp256k1_scalar_to_signed62()

static void secp256k1_scalar_to_signed62 ( secp256k1_modinv64_signed62 r,
const secp256k1_scalar a 
)
static

Definition at line 947 of file scalar_4x64_impl.h.

Here is the caller graph for this function:

Variable Documentation

◆ secp256k1_const_modinfo_scalar

const secp256k1_modinv64_modinfo secp256k1_const_modinfo_scalar
static
Initial value:
= {
{{0x3FD25E8CD0364141LL, 0x2ABB739ABD2280EELL, -0x15LL, 0, 256}},
0x34F20099AA774EC1LL
}

Definition at line 959 of file scalar_4x64_impl.h.