Pieter Wuille
a9f5c8b875
Introduce secp256k1_scalar_t for future constant-time mod order operations
2014-10-28 04:33:23 -07:00
Pieter Wuille
eb74c36bd2
Abstract out tweak logic to secp256k1_eckey_* functions
2014-10-27 03:27:55 -07:00
Pieter Wuille
ffffc87855
Use internal secp256k1_eckey_ prefix for functions in eckey
2014-10-27 03:01:51 -07:00
Pieter Wuille
e2f71f1efe
Move non-ECDSA operations from ecdsa to eckey
2014-10-27 02:58:09 -07:00
Pieter Wuille
ae6bc76e32
[API CHANGE] Use secp256k1_ec_ prefix for non-ECDSA key operations
2014-10-27 02:51:58 -07:00
Pieter Wuille
dc407ed48c
Avoid valgrind complaints in OpenSSL initialization check
2014-10-27 02:27:58 -07:00
Pieter Wuille
79f599d37f
Tests take too long by default
2014-10-27 02:25:56 -07:00
Pieter Wuille
03bfc07b9e
Avoid uninitialized access in secp256k1_gej_double
2014-10-26 06:51:38 -07:00
Pieter Wuille
bff11e9112
Verify num=openssl initialization and check repeatability
2014-10-26 05:39:13 -07:00
Pieter Wuille
949c1ebb5e
Split up ecmult and ecmult_gen entirely
2014-10-26 03:42:24 -07:00
Pieter Wuille
3fd6253e13
Better randomization for tests
2014-10-17 16:04:00 -07:00
Pieter Wuille
bae6a42be4
Make bench use external interface
2014-09-29 08:21:59 +02:00
Pieter Wuille
c259a7cbc0
Set precomputation table late and unset early.
...
Set the global pointer to the precomputation table only after initializing
it completely, and unset it before doing any uninitialization.
This causes fail-fast behavior in case of race conditions between
initialization and operations using it.
2014-09-13 17:19:30 +02:00
Pieter Wuille
04e34d18c3
Split up signing and verification initialization
2014-09-13 17:14:17 +02:00
Pieter Wuille
da556eb772
Merge pull request #62
...
1136bed
Make secp256k1_ge_set_gej work with the point at infinity (Pieter Wuille)
2014-09-13 16:26:27 +02:00
Pieter Wuille
1136bedbc2
Make secp256k1_ge_set_gej work with the point at infinity
2014-09-13 00:46:32 +02:00
Pieter Wuille
62c3f55a9d
Nothing-up-my-sleeving blinding for a*G
2014-09-01 14:56:12 +02:00
Pieter Wuille
fa492f059d
Fix a signedness mistake in secp256k1_num_set_hex
...
We were using a potentially signed char as index in an array.
2014-08-27 01:21:57 +02:00
Pieter Wuille
e2beb0bd2d
Merge pull request #51
...
364fde6
fix unsigned warning in num_gmp_impl.h (caktux)
2014-08-27 01:20:19 +02:00
Pieter Wuille
1c7fa133a6
Add VERIFY_CHECK/DEBUG_CHECK and use CHECK macros more
2014-08-26 01:23:51 +02:00
Pieter Wuille
87c782f632
Merge pull request #53
...
2f6c801
Try to not leave secret data on the stack or heap. (Gregory Maxwell)
2014-08-23 14:13:10 +02:00
Gregory Maxwell
2f6c801911
Try to not leave secret data on the stack or heap.
...
This makes a basic effort and has not been audited.
Doesn't appear to have a measurable performance impact on bench.
It also adds a secp256k1_num_free to secp256k1_ecdsa_pubkey_create.
2014-08-14 07:06:36 -07:00
caktux
364fde65f6
fix unsigned warning in num_gmp_impl.h
2014-08-11 16:09:09 -04:00
Pieter Wuille
1a749b4a6e
Add secp256k1_num_eq and use it in tests
2014-08-09 19:22:42 +02:00
Pieter Wuille
25f4aec02f
Add high-level secp256k1.c tests
2014-08-03 19:54:41 +02:00
Pieter Wuille
21f81a8469
Correct secp256k1_fe_verify and use it everywhere
2014-07-17 21:07:40 +02:00
Peter Dettman
59447da38d
Test demonstrating discrepancy in sqr output
2014-07-17 21:07:38 +02:00
Peter Dettman
f16be77ffc
Use batch inversion in G precomputation
2014-07-17 15:33:00 +07:00
Peter Dettman
42822baaa8
Improve normalization performance for 32bit
...
- Uses a similar approach to the latest 64bit _normalize.
- Add one useful optimization back into the 64bit _normalize too.
Performance of 'bench' improved by around 0.5% for the 32bit field (but tested on a 64-bit machine).
2014-06-23 12:12:58 +07:00
Pieter Wuille
9849c6898c
Merge pull request #31
...
0592d11
Introduce CHECK() for tests that works with NDEBUG. (Pieter Wuille)
2014-06-20 23:25:38 +02:00
Pieter Wuille
0592d117da
Introduce CHECK() for tests that works with NDEBUG.
2014-06-16 01:30:17 +02:00
Pieter Wuille
4d79bebdff
Do not free endomorphism constants when disabled
2014-06-15 23:31:17 +02:00
Pieter Wuille
ebfa43b20a
Merge pull request #25
...
6d6102f
A few improvements to the sqrt tests (Peter Dettman)
2014-06-03 22:01:47 +02:00
Peter Dettman
9037707720
Rewrite 5x52 normalize method to be faster
2014-06-03 18:59:21 +07:00
Peter Dettman
6d6102fee4
A few improvements to the sqrt tests
2014-06-03 17:50:27 +07:00
Pieter Wuille
7740eff28a
Merge pull request #19
...
09ca4f3
secp256k1_fe_sqrt checks for success (Peter Dettman)
2014-06-02 10:46:12 +02:00
Pieter Wuille
3bc866b88f
Merge pull request #20
...
d7fd4d0
Use endomorphism in precomputations (Peter Dettman)
2014-06-02 10:45:44 +02:00
Peter Dettman
17eec032c8
Support 64bit_asm field on OSX
2014-06-02 15:33:35 +07:00
Peter Dettman
d7fd4d0f6b
Use endomorphism in precomputations
2014-05-22 10:17:30 +07:00
Peter Dettman
09ca4f32e2
secp256k1_fe_sqrt checks for success
...
- secp256k1_fe_sqrt now checks that the value it calculated is actually a square root.
- Add return values to secp256k1_fe_sqrt and secp256k1_ge_set_xo.
- Callers of secp256k1_ge_set_xo can use return value instead of explicit validity checks
- Add random value tests for secp256k1_fe_sqrt
2014-05-21 10:22:14 +07:00
Pieter Wuille
78fb796997
Merge pull request #8
...
ba8fc0e
Check signature nonces for validity (William Swanson)
2014-05-08 20:09:09 +02:00
evoskuil
ac274bff23
Fix x64 gmp init on platforms that define UL as 32 bits.
2014-05-08 10:28:20 -07:00
William Swanson
ba8fc0e28f
Check signature nonces for validity
...
The documentation implies that this check is happening, so make it so.
Without this check, passing an invalid nonce will trigger an internal assertion.
2014-04-24 14:18:44 -07:00
Pieter Wuille
11ab562203
Move implementations from impl/*.h to *_impl.h
2014-03-12 18:40:02 +01:00
Pieter Wuille
65a79b300c
Slice bytes of G multiples to avoid cache timings
2014-03-07 00:32:41 +01:00
Peter Dettman
bb7bb81d07
Fix addition chain entry in comments
2014-01-31 11:43:57 +07:00
Peter Dettman
f8ccd9befd
Re-write secp256k1_fe_sqrt and secp256k1_fe_inv to use a sliding window over blocks of 1s
2014-01-30 19:16:20 +07:00
Cory Fields
5a9989c52a
add missing include
2014-01-17 23:24:12 -05:00
Cory Fields
78cd96b151
autotools: autotools'ify libsecp256k1
2014-01-17 23:24:12 -05:00
Pieter Wuille
60442b835f
Remove 5x64 implementation - no actual benefits
2013-12-01 21:16:47 +01:00