status-im
/
secp256k1
mirror of https://github.com/status-im/secp256k1.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,638 Commits 1 Branch 0 Tags 12 MiB
Commit Graph

17 Commits

Author SHA1 Message Date
Peter Dettman 2f984ffc45 Save negations in var-time group addition 
- Updated _gej_add_var, _gej_add_ge_var, _gej_add_zinv_var
- 2 fewer _fe_negate in each method
- Updated operation counts and standardize layout
- Added internal benchmark for _gej_add_zinv_var
- Update sage files (fixed by Tim Ruffing)
 2022-03-28 23:40:55 +07:00
Tim Ruffing 1253a27756
Merge bitcoin-core/secp256k1#1033: Add _fe_half and use in _gej_add_ge and _gej_double 
e848c3799c Update sage files for new formulae (Peter Dettman)
d64bb5d4f3 Add fe_half tests for worst-case inputs (Peter Dettman)
4eb8b932ff Further improve doubling formula using fe_half (Peter Dettman)
557b31fac3 Doubling formula using fe_half (Pieter Wuille)
2cbb4b1a42 Run more iterations of run_field_misc (Pieter Wuille)
9cc5c257ed Add test for secp256k1_fe_half (Pieter Wuille)
925f78d55e Add _fe_half and use in _gej_add_ge (Peter Dettman)

Pull request description:

  - Trades 1 _half for 3 _mul_int and 2 _normalize_weak

  Gives around 2-3% faster signing and ECDH, depending on compiler/platform.

ACKs for top commit:
  sipa:
    utACK e848c3799c
  jonasnick:
    ACK e848c3799c
  real-or-random:
    ACK e848c3799c

Tree-SHA512: 81a6c93b3d983f1b48ec8e8b6f262ba914215045a95415147f41ee6e85296aa4d0cbbad9f370cdf475571447baad861d2cc8e0b04a71202d48959cb8a098f584
 2022-02-21 11:00:08 +01:00
Tim Ruffing ebb1beea78 sage: Ensure that constraints are always fastfracs 
Even if they are constants created in the formula functions. We now
lift integer constants to fastfracs.
 2022-02-04 15:39:44 +01:00
Tim Ruffing 77cfa98dbc sage: Normalize sign of polynomial factors in prover 
The prover, when run on recent sage versions,  failed to prove some of its
goals due to a change in sage. This commit adapts our code accordingly.
The prover passes again after this commit.
 2022-02-04 15:37:32 +01:00
Tim Ruffing eae75869cf sage: Exit with non-zero status in case of failures 2022-02-04 15:37:32 +01:00
Peter Dettman e848c3799c Update sage files for new formulae 
- formula_secp256k1_gej_double_var
- formula_secp256k1_gej_add_ge
 2022-02-01 17:51:13 +07:00
Tim Ruffing b54d843eac sage: Fix printing of errors 
Python 3 often returns iterable map objects where Python 2 returned
list. We can just them down to lists explicitly.

Overlooked in 13c88efed0.
 2022-01-31 15:17:46 +01:00
Tim Ruffing e108d0039c sage: Fix incompatibility with sage 9.4 
`allexprs` is already the product all numerators. Don't take it's
numerator again.

Fixes #1067.
 2022-01-31 12:15:16 +01:00
Pieter Wuille 044d956305 Fix G.y parity in sage code 2021-10-20 10:14:13 -04:00
Dimitris Apostolou 07aa4c70ff
Fix insecure links 2020-12-18 00:24:22 +02:00
Tim Ruffing 329a2e0a3f sage: Add script for generating scalar_split_lambda constants 2020-12-03 11:56:09 +01:00
Tim Ruffing f554dfc708 sage: Reorganize files 
* Move curve parameters to separate file
 * Rename main prover script for clarity
 2020-11-25 13:50:40 +01:00
Frédéric Chapoton 13c88efed0 Convert Sage code to Python 3 (as used by Sage >= 9) 
Co-authored-by: Tim Ruffing <crypto@timruffing.de>
 2020-11-23 15:56:22 +01:00
Pieter Wuille b110c106fa Change exhaustive test groups so they have a point with X=1 
This enables testing overflow is correctly encoded in the recid, and
likely triggers more edge cases.

Also introduce a Sage script to generate the parameters.
 2020-09-18 14:01:15 -07:00
Dimitris Tsapakidis 8c7ea22d54 Fixed multiple typos 2017-09-24 17:53:13 -07:00
practicalswift 73aca8364f Fix typo: "exectured" → "executed" 2017-01-29 18:36:08 +01:00
Pieter Wuille 03d4611c81 Add sage verification script for the group laws 2015-11-29 16:03:07 +01:00