2013-03-08 00:20:41 +00:00
|
|
|
#ifndef _SECP256K1_GROUP_
|
|
|
|
|
#define _SECP256K1_GROUP_
|
|
|
|
|
|
2013-03-16 14:51:55 +00:00
|
|
|
#include <string>
|
|
|
|
|
|
|
|
|
|
#include "num.h"
|
2013-03-08 00:20:41 +00:00
|
|
|
#include "field.h"
|
|
|
|
|
|
2013-03-31 04:34:15 +00:00
|
|
|
extern "C" {
|
|
|
|
|
|
|
|
|
|
typedef struct {
|
|
|
|
|
secp256k1_fe_t x;
|
|
|
|
|
secp256k1_fe_t y;
|
|
|
|
|
int infinity;
|
|
|
|
|
} secp256k1_ge_t;
|
|
|
|
|
|
|
|
|
|
typedef struct {
|
|
|
|
|
secp256k1_fe_t x;
|
|
|
|
|
secp256k1_fe_t y;
|
|
|
|
|
secp256k1_fe_t z;
|
|
|
|
|
int infinity;
|
|
|
|
|
} secp256k1_gej_t;
|
|
|
|
|
|
|
|
|
|
typedef struct {
|
|
|
|
|
secp256k1_num_t order;
|
|
|
|
|
secp256k1_ge_t g;
|
|
|
|
|
secp256k1_fe_t beta;
|
|
|
|
|
secp256k1_num_t lambda, a1b2, b1, a2;
|
|
|
|
|
} secp256k1_ge_consts_t;
|
|
|
|
|
|
|
|
|
|
static secp256k1_ge_consts_t *secp256k1_ge_consts = NULL;
|
|
|
|
|
|
|
|
|
|
void static secp256k1_ge_start(void);
|
|
|
|
|
void static secp256k1_ge_stop(void);
|
|
|
|
|
void static secp256k1_ge_set_infinity(secp256k1_ge_t *r);
|
|
|
|
|
void static secp256k1_ge_set_xy(secp256k1_ge_t *r, const secp256k1_fe_t *x, const secp256k1_fe_t *y);
|
|
|
|
|
int static secp256k1_ge_is_infinity(const secp256k1_ge_t *a);
|
|
|
|
|
void static secp256k1_ge_neg(secp256k1_ge_t *r, const secp256k1_ge_t *a);
|
|
|
|
|
void static secp256k1_ge_get_hex(char *r, int *rlen, const secp256k1_ge_t *a);
|
|
|
|
|
void static secp256k1_ge_set_gej(secp256k1_ge_t *r, const secp256k1_gej_t *a);
|
|
|
|
|
|
|
|
|
|
void static secp256k1_gej_set_infinity(secp256k1_gej_t *r);
|
|
|
|
|
void static secp256k1_gej_set_xy(secp256k1_gej_t *r, const secp256k1_fe_t *x, const secp256k1_fe_t *y);
|
|
|
|
|
void static secp256k1_gej_set_xo(secp256k1_gej_t *r, const secp256k1_fe_t *x, int compressed);
|
|
|
|
|
void static secp256k1_gej_set_ge(secp256k1_gej_t *r, const secp256k1_ge_t *a);
|
|
|
|
|
void static secp256k1_gej_get_x(secp256k1_fe_t *r, const secp256k1_gej_t *a);
|
|
|
|
|
void static secp256k1_gej_neg(secp256k1_gej_t *r, const secp256k1_gej_t *a);
|
|
|
|
|
int static secp256k1_gej_is_infinity(const secp256k1_gej_t *a);
|
|
|
|
|
void static secp256k1_gej_double(secp256k1_gej_t *r, const secp256k1_gej_t *a);
|
|
|
|
|
void static secp256k1_gej_add(secp256k1_gej_t *r, const secp256k1_gej_t *a, const secp256k1_gej_t *b);
|
|
|
|
|
void static secp256k1_gej_add_ge(secp256k1_gej_t *r, const secp256k1_gej_t *a, const secp256k1_ge_t *b);
|
|
|
|
|
void static secp256k1_gej_get_hex(char *r, int *rlen, const secp256k1_gej_t *a);
|
|
|
|
|
void static secp256k1_gej_mul_lambda(secp256k1_gej_t *r, const secp256k1_gej_t *a);
|
|
|
|
|
void static secp256k1_gej_split_exp(secp256k1_num_t *r1, secp256k1_num_t *r2, const secp256k1_num_t *a);
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2013-03-08 00:20:41 +00:00
|
|
|
namespace secp256k1 {
|
|
|
|
|
|
2013-03-09 21:47:40 +00:00
|
|
|
class GroupElemJac;
|
|
|
|
|
|
2013-03-08 00:20:41 +00:00
|
|
|
/** Defines a point on the secp256k1 curve (y^2 = x^3 + 7) */
|
|
|
|
|
class GroupElem {
|
|
|
|
|
protected:
|
|
|
|
|
bool fInfinity;
|
2013-03-30 21:32:16 +00:00
|
|
|
secp256k1_fe_t x;
|
|
|
|
|
secp256k1_fe_t y;
|
2013-03-08 00:20:41 +00:00
|
|
|
|
|
|
|
|
public:
|
|
|
|
|
|
|
|
|
|
/** Creates the point at infinity */
|
2013-03-16 14:51:55 +00:00
|
|
|
GroupElem();
|
2013-03-08 00:20:41 +00:00
|
|
|
|
|
|
|
|
/** Creates the point with given affine coordinates */
|
2013-03-30 21:32:16 +00:00
|
|
|
GroupElem(const secp256k1_fe_t &xin, const secp256k1_fe_t &yin);
|
2013-03-08 00:20:41 +00:00
|
|
|
|
|
|
|
|
/** Checks whether this is the point at infinity */
|
2013-03-16 14:51:55 +00:00
|
|
|
bool IsInfinity() const;
|
2013-03-08 00:20:41 +00:00
|
|
|
|
2013-03-16 14:51:55 +00:00
|
|
|
void SetNeg(const GroupElem &p);
|
2013-03-08 00:20:41 +00:00
|
|
|
|
2013-03-30 21:32:16 +00:00
|
|
|
void GetX(secp256k1_fe_t &xout);
|
2013-03-10 04:34:04 +00:00
|
|
|
|
2013-03-30 21:32:16 +00:00
|
|
|
void GetY(secp256k1_fe_t &yout);
|
2013-03-10 04:34:04 +00:00
|
|
|
|
2013-03-16 14:51:55 +00:00
|
|
|
std::string ToString() const;
|
2013-03-08 00:20:41 +00:00
|
|
|
|
2013-03-14 00:20:10 +00:00
|
|
|
void SetJac(GroupElemJac &jac);
|
2013-03-09 21:47:40 +00:00
|
|
|
|
2013-03-08 00:20:41 +00:00
|
|
|
friend class GroupElemJac;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/** Represents a point on the secp256k1 curve, with jacobian coordinates */
|
2013-03-10 00:49:42 +00:00
|
|
|
class GroupElemJac : private GroupElem {
|
2013-03-08 00:20:41 +00:00
|
|
|
protected:
|
2013-03-30 21:32:16 +00:00
|
|
|
secp256k1_fe_t z;
|
2013-03-08 00:20:41 +00:00
|
|
|
|
|
|
|
|
public:
|
|
|
|
|
/** Creates the point at infinity */
|
2013-03-16 14:51:55 +00:00
|
|
|
GroupElemJac();
|
2013-03-08 00:20:41 +00:00
|
|
|
|
|
|
|
|
/** Creates the point with given affine coordinates */
|
2013-03-30 21:32:16 +00:00
|
|
|
GroupElemJac(const secp256k1_fe_t &xin, const secp256k1_fe_t &yin);
|
2013-03-08 00:20:41 +00:00
|
|
|
|
2013-03-16 14:51:55 +00:00
|
|
|
GroupElemJac(const GroupElem &in);
|
2013-03-09 21:47:40 +00:00
|
|
|
|
2013-03-18 01:41:01 +00:00
|
|
|
void SetJac(const GroupElemJac &jac);
|
|
|
|
|
|
|
|
|
|
void SetAffine(const GroupElem &aff);
|
2013-03-09 21:47:40 +00:00
|
|
|
|
2013-03-08 00:20:41 +00:00
|
|
|
/** Checks whether this is a non-infinite point on the curve */
|
2013-03-16 14:51:55 +00:00
|
|
|
bool IsValid() const;
|
2013-03-08 00:20:41 +00:00
|
|
|
|
|
|
|
|
/** Returns the affine coordinates of this point */
|
2013-03-16 14:51:55 +00:00
|
|
|
void GetAffine(GroupElem &aff);
|
|
|
|
|
|
2013-03-30 21:32:16 +00:00
|
|
|
void GetX(secp256k1_fe_t &xout);
|
|
|
|
|
void GetY(secp256k1_fe_t &yout);
|
2013-03-16 14:51:55 +00:00
|
|
|
|
|
|
|
|
bool IsInfinity() const;
|
|
|
|
|
|
|
|
|
|
void SetNeg(const GroupElemJac &p);
|
2013-03-09 21:47:40 +00:00
|
|
|
|
2013-03-08 00:20:41 +00:00
|
|
|
/** Sets this point to have a given X coordinate & given Y oddness */
|
2013-03-30 21:32:16 +00:00
|
|
|
void SetCompressed(const secp256k1_fe_t &xin, bool fOdd);
|
2013-03-08 00:20:41 +00:00
|
|
|
|
|
|
|
|
/** Sets this point to be the EC double of another */
|
2013-03-16 14:51:55 +00:00
|
|
|
void SetDouble(const GroupElemJac &p);
|
2013-03-08 00:20:41 +00:00
|
|
|
|
|
|
|
|
/** Sets this point to be the EC addition of two others */
|
2013-03-16 14:51:55 +00:00
|
|
|
void SetAdd(const GroupElemJac &p, const GroupElemJac &q);
|
2013-03-08 00:20:41 +00:00
|
|
|
|
|
|
|
|
/** Sets this point to be the EC addition of two others (one of which is in affine coordinates) */
|
2013-03-16 14:51:55 +00:00
|
|
|
void SetAdd(const GroupElemJac &p, const GroupElem &q);
|
|
|
|
|
|
|
|
|
|
std::string ToString() const;
|
2013-03-10 03:24:00 +00:00
|
|
|
|
|
|
|
|
void SetMulLambda(const GroupElemJac &p);
|
2013-03-08 00:20:41 +00:00
|
|
|
};
|
|
|
|
|
|
2013-03-09 21:47:40 +00:00
|
|
|
class GroupConstants {
|
|
|
|
|
private:
|
2013-03-30 21:32:16 +00:00
|
|
|
secp256k1_fe_t g_x;
|
|
|
|
|
secp256k1_fe_t g_y;
|
2013-03-09 21:47:40 +00:00
|
|
|
|
|
|
|
|
public:
|
2013-03-24 09:38:35 +00:00
|
|
|
secp256k1_num_t order;
|
2013-03-30 21:32:16 +00:00
|
|
|
GroupElem g;
|
|
|
|
|
secp256k1_fe_t beta;
|
2013-03-24 09:38:35 +00:00
|
|
|
secp256k1_num_t lambda, a1b2, b1, a2;
|
2013-03-09 21:47:40 +00:00
|
|
|
|
2013-03-16 14:51:55 +00:00
|
|
|
GroupConstants();
|
2013-03-24 09:38:35 +00:00
|
|
|
~GroupConstants();
|
2013-03-09 21:47:40 +00:00
|
|
|
};
|
|
|
|
|
|
2013-03-16 14:51:55 +00:00
|
|
|
const GroupConstants &GetGroupConst();
|
2013-03-10 03:24:00 +00:00
|
|
|
|
2013-03-24 09:38:35 +00:00
|
|
|
void SplitExp(const secp256k1_num_t &exp, secp256k1_num_t &exp1, secp256k1_num_t &exp2);
|
2013-03-10 03:24:00 +00:00
|
|
|
|
2013-03-08 00:20:41 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#endif
|
