Changeset View
Changeset View
Standalone View
Standalone View
src/secp256k1/src/group_impl.h
| Show First 20 Lines • Show All 668 Lines • ▼ Show 20 Lines | static int secp256k1_gej_has_quad_y_var(const secp256k1_gej *a) { | ||||
| return secp256k1_fe_is_quad_var(&yz); | return secp256k1_fe_is_quad_var(&yz); | ||||
| } | } | ||||
| static int secp256k1_ge_is_in_correct_subgroup(const secp256k1_ge* ge) { | static int secp256k1_ge_is_in_correct_subgroup(const secp256k1_ge* ge) { | ||||
| #ifdef EXHAUSTIVE_TEST_ORDER | #ifdef EXHAUSTIVE_TEST_ORDER | ||||
| secp256k1_gej out; | secp256k1_gej out; | ||||
| int i; | int i; | ||||
| /* A very simple EC multiplication ladder that avoids a dependecy on ecmult. */ | /* A very simple EC multiplication ladder that avoids a dependency on ecmult. */ | ||||
| secp256k1_gej_set_infinity(&out); | secp256k1_gej_set_infinity(&out); | ||||
| for (i = 0; i < 32; ++i) { | for (i = 0; i < 32; ++i) { | ||||
| secp256k1_gej_double_var(&out, &out, NULL); | secp256k1_gej_double_var(&out, &out, NULL); | ||||
| if ((((uint32_t)EXHAUSTIVE_TEST_ORDER) >> (31 - i)) & 1) { | if ((((uint32_t)EXHAUSTIVE_TEST_ORDER) >> (31 - i)) & 1) { | ||||
| secp256k1_gej_add_ge_var(&out, &out, ge, NULL); | secp256k1_gej_add_ge_var(&out, &out, ge, NULL); | ||||
| } | } | ||||
| } | } | ||||
| return secp256k1_gej_is_infinity(&out); | return secp256k1_gej_is_infinity(&out); | ||||
| #else | #else | ||||
| (void)ge; | (void)ge; | ||||
| /* The real secp256k1 group has cofactor 1, so the subgroup is the entire curve. */ | /* The real secp256k1 group has cofactor 1, so the subgroup is the entire curve. */ | ||||
| return 1; | return 1; | ||||
| #endif | #endif | ||||
| } | } | ||||
| #endif /* SECP256K1_GROUP_IMPL_H */ | #endif /* SECP256K1_GROUP_IMPL_H */ | ||||