Changeset View
Changeset View
Standalone View
Standalone View
src/secp256k1/src/scalar_impl.h
| Show First 20 Lines • Show All 248 Lines • ▼ Show 20 Lines | #elif defined(USE_SCALAR_INV_NUM) | ||||
| CHECK(secp256k1_scalar_is_one(&t)); | CHECK(secp256k1_scalar_is_one(&t)); | ||||
| #else | #else | ||||
| #error "Please select scalar inverse implementation" | #error "Please select scalar inverse implementation" | ||||
| #endif | #endif | ||||
| } | } | ||||
| #ifdef USE_ENDOMORPHISM | #ifdef USE_ENDOMORPHISM | ||||
| #if defined(EXHAUSTIVE_TEST_ORDER) | #if defined(EXHAUSTIVE_TEST_ORDER) | ||||
| # if EXHAUSTIVE_TEST_ORDER == 13 | |||||
| # define EXHAUSTIVE_TEST_LAMBDA 9 | |||||
| # elif EXHAUSTIVE_TEST_ORDER == 199 | |||||
| # define EXHAUSTIVE_TEST_LAMBDA 92 | |||||
| # else | |||||
| # error No known lambda for the specified exhaustive test group order. | |||||
| # endif | |||||
| /** | /** | ||||
| * Find k1 and k2 given k, such that k1 + k2 * lambda == k mod n; unlike in the | * Find k1 and k2 given k, such that k1 + k2 * lambda == k mod n; unlike in the | ||||
| * full case we don't bother making k1 and k2 be small, we just want them to be | * full case we don't bother making k1 and k2 be small, we just want them to be | ||||
| * nontrivial to get full test coverage for the exhaustive tests. We therefore | * nontrivial to get full test coverage for the exhaustive tests. We therefore | ||||
| * (arbitrarily) set k2 = k + 5 and k1 = k - k2 * lambda. | * (arbitrarily) set k2 = k + 5 and k1 = k - k2 * lambda. | ||||
| */ | */ | ||||
| static void secp256k1_scalar_split_lambda(secp256k1_scalar *r1, secp256k1_scalar *r2, const secp256k1_scalar *a) { | static void secp256k1_scalar_split_lambda(secp256k1_scalar *r1, secp256k1_scalar *r2, const secp256k1_scalar *a) { | ||||
| *r2 = (*a + 5) % EXHAUSTIVE_TEST_ORDER; | *r2 = (*a + 5) % EXHAUSTIVE_TEST_ORDER; | ||||
| ▲ Show 20 Lines • Show All 78 Lines • Show Last 20 Lines | |||||