Changeset View
Changeset View
Standalone View
Standalone View
src/secp256k1/src/scalar_4x64_impl.h
/********************************************************************** | /********************************************************************** | ||||
* Copyright (c) 2013, 2014 Pieter Wuille * | * Copyright (c) 2013, 2014 Pieter Wuille * | ||||
* Distributed under the MIT software license, see the accompanying * | * Distributed under the MIT software license, see the accompanying * | ||||
* file COPYING or http://www.opensource.org/licenses/mit-license.php.* | * file COPYING or http://www.opensource.org/licenses/mit-license.php.* | ||||
**********************************************************************/ | **********************************************************************/ | ||||
#ifndef _SECP256K1_SCALAR_REPR_IMPL_H_ | #ifndef SECP256K1_SCALAR_REPR_IMPL_H | ||||
#define _SECP256K1_SCALAR_REPR_IMPL_H_ | #define SECP256K1_SCALAR_REPR_IMPL_H | ||||
/* Limbs of the secp256k1 order. */ | /* Limbs of the secp256k1 order. */ | ||||
#define SECP256K1_N_0 ((uint64_t)0xBFD25E8CD0364141ULL) | #define SECP256K1_N_0 ((uint64_t)0xBFD25E8CD0364141ULL) | ||||
#define SECP256K1_N_1 ((uint64_t)0xBAAEDCE6AF48A03BULL) | #define SECP256K1_N_1 ((uint64_t)0xBAAEDCE6AF48A03BULL) | ||||
#define SECP256K1_N_2 ((uint64_t)0xFFFFFFFFFFFFFFFEULL) | #define SECP256K1_N_2 ((uint64_t)0xFFFFFFFFFFFFFFFEULL) | ||||
#define SECP256K1_N_3 ((uint64_t)0xFFFFFFFFFFFFFFFFULL) | #define SECP256K1_N_3 ((uint64_t)0xFFFFFFFFFFFFFFFFULL) | ||||
/* Limbs of 2^256 minus the secp256k1 order. */ | /* Limbs of 2^256 minus the secp256k1 order. */ | ||||
▲ Show 20 Lines • Show All 924 Lines • ▼ Show 20 Lines | SECP256K1_INLINE static void secp256k1_scalar_mul_shift_var(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b, unsigned int shift) { | ||||
shifthigh = 64 - shiftlow; | shifthigh = 64 - shiftlow; | ||||
r->d[0] = shift < 512 ? (l[0 + shiftlimbs] >> shiftlow | (shift < 448 && shiftlow ? (l[1 + shiftlimbs] << shifthigh) : 0)) : 0; | r->d[0] = shift < 512 ? (l[0 + shiftlimbs] >> shiftlow | (shift < 448 && shiftlow ? (l[1 + shiftlimbs] << shifthigh) : 0)) : 0; | ||||
r->d[1] = shift < 448 ? (l[1 + shiftlimbs] >> shiftlow | (shift < 384 && shiftlow ? (l[2 + shiftlimbs] << shifthigh) : 0)) : 0; | r->d[1] = shift < 448 ? (l[1 + shiftlimbs] >> shiftlow | (shift < 384 && shiftlow ? (l[2 + shiftlimbs] << shifthigh) : 0)) : 0; | ||||
r->d[2] = shift < 384 ? (l[2 + shiftlimbs] >> shiftlow | (shift < 320 && shiftlow ? (l[3 + shiftlimbs] << shifthigh) : 0)) : 0; | r->d[2] = shift < 384 ? (l[2 + shiftlimbs] >> shiftlow | (shift < 320 && shiftlow ? (l[3 + shiftlimbs] << shifthigh) : 0)) : 0; | ||||
r->d[3] = shift < 320 ? (l[3 + shiftlimbs] >> shiftlow) : 0; | r->d[3] = shift < 320 ? (l[3 + shiftlimbs] >> shiftlow) : 0; | ||||
secp256k1_scalar_cadd_bit(r, 0, (l[(shift - 1) >> 6] >> ((shift - 1) & 0x3f)) & 1); | secp256k1_scalar_cadd_bit(r, 0, (l[(shift - 1) >> 6] >> ((shift - 1) & 0x3f)) & 1); | ||||
} | } | ||||
#endif | #endif /* SECP256K1_SCALAR_REPR_IMPL_H */ |