1 /***********************************************************************
2 * Copyright (c) 2015 Gregory Maxwell *
3 * Distributed under the MIT software license, see the accompanying *
4 * file COPYING or http://www.opensource.org/licenses/mit-license.php. *
5 ***********************************************************************/
6
7 #ifndef _SECP256K1_PEDERSEN_IMPL_H_
8 #define _SECP256K1_PEDERSEN_IMPL_H_
9
10 #include <string.h>
11
12 #include "eckey.h"
13 #include "ecmult_const.h"
14 #include "ecmult_gen.h"
15 #include "group.h"
16 #include "field.h"
17 #include "scalar.h"
18 #include "util.h"
19
secp256k1_pedersen_scalar_set_u64(secp256k1_scalar * sec,uint64_t value)20 static void secp256k1_pedersen_scalar_set_u64(secp256k1_scalar *sec, uint64_t value) {
21 unsigned char data[32];
22 int i;
23 for (i = 0; i < 24; i++) {
24 data[i] = 0;
25 }
26 for (; i < 32; i++) {
27 data[i] = value >> 56;
28 value <<= 8;
29 }
30 secp256k1_scalar_set_b32(sec, data, NULL);
31 memset(data, 0, 32);
32 }
33
secp256k1_pedersen_ecmult_small(secp256k1_gej * r,uint64_t gn,const secp256k1_ge * genp)34 static void secp256k1_pedersen_ecmult_small(secp256k1_gej *r, uint64_t gn, const secp256k1_ge* genp) {
35 secp256k1_scalar s;
36 secp256k1_pedersen_scalar_set_u64(&s, gn);
37 secp256k1_ecmult_const(r, genp, &s, 64);
38 secp256k1_scalar_clear(&s);
39 }
40
41 /* sec * G + value * G2. */
secp256k1_pedersen_ecmult(const secp256k1_ecmult_gen_context * ecmult_gen_ctx,secp256k1_gej * rj,const secp256k1_scalar * sec,uint64_t value,const secp256k1_ge * genp)42 SECP256K1_INLINE static void secp256k1_pedersen_ecmult(const secp256k1_ecmult_gen_context *ecmult_gen_ctx, secp256k1_gej *rj, const secp256k1_scalar *sec, uint64_t value, const secp256k1_ge* genp) {
43 secp256k1_gej vj;
44 secp256k1_ecmult_gen(ecmult_gen_ctx, rj, sec);
45 secp256k1_pedersen_ecmult_small(&vj, value, genp);
46 /* FIXME: constant time. */
47 secp256k1_gej_add_var(rj, rj, &vj, NULL);
48 secp256k1_gej_clear(&vj);
49 }
50
51 #endif
52