private static void SavePubKey(PubKey pubkey, Ge ge) { Field.NormalizeVar(ge.X); Field.NormalizeVar(ge.Y); Field.GetB32(pubkey.Data, ge.X); Field.GetB32(pubkey.Data, 32, ge.Y); }
public static void secp256k1_gej_set_ge(GeJ r, Ge a) { r.Infinity = a.Infinity; r.X = a.X.Clone(); r.Y = a.Y.Clone(); Field.SetInt(r.Z, 1U); }
private static bool LoadPubKey(Ge ge, PubKey pubkey) { var fe1 = new Fe(); Field.SetB32(fe1, pubkey.Data); var fe2 = new Fe(); Field.SetB32(fe2, pubkey.Data, 32); Group.SetXY(ge, fe1, fe2); return(true); }
public static void secp256k1_ge_set_gej_zinv(Ge r, GeJ a, Fe zi) { var fe1 = new Fe(); var fe2 = new Fe(); Field.Sqr(fe1, zi); Field.Mul(fe2, fe1, zi); Field.Mul(r.X, a.X, fe1); Field.Mul(r.Y, a.Y, fe2); r.Infinity = a.Infinity; }
public static void ToStorage(GeStorage r, Ge a) { var fe1 = a.X.Clone(); Field.Normalize(fe1); var fe2 = a.Y.Clone(); Field.Normalize(fe2); Field.ToStorage(r.X, fe1); Field.ToStorage(r.Y, fe2); }
public static bool secp256k1_ge_set_xo_var(Ge r, Fe x, bool odd) { if (!Group.secp256k1_ge_set_xquad(r, x)) { return(false); } Field.NormalizeVar(r.Y); if (Field.IsOdd(r.Y) != odd) { Field.Negate(r.Y, r.Y, 1U); } return(true); }
public static void SetGeJ(Ge r, GeJ a) { var fe1 = new Fe(); var fe2 = new Fe(); r.Infinity = a.Infinity; Field.Inv(a.Z, a.Z); Field.Sqr(fe1, a.Z); Field.Mul(fe2, a.Z, fe1); Field.Mul(a.X, a.X, fe1); Field.Mul(a.Y, a.Y, fe2); Field.SetInt(a.Z, 1U); r.X = a.X.Clone(); r.Y = a.Y.Clone(); }
public static bool EcPubKeyCreate(Context ctx, PubKey pubkey, byte[] seckey) { var r = new GeJ(); var ge = new Ge(); var scalar = new Scalar(); var num = !Scalar.SetB32(scalar, seckey) & !Scalar.IsZero(scalar) ? 1 : 0; if (num != 0) { EcMultGen.secp256k1_ecmult_gen(ctx.EcMultGenCtx, out r, scalar); Group.SetGeJ(ge, r); Secp256K1T.SavePubKey(pubkey, ge); } Scalar.Clear(scalar); return(num != 0); }
public static bool secp256k1_ge_set_xquad(Ge r, Fe x) { r.X = x.Clone(); var fe1 = new Fe(); Field.Sqr(fe1, x); var fe2 = new Fe(); Field.Mul(fe2, x, fe1); r.Infinity = false; var fe3 = new Fe(); Field.SetInt(fe3, 7U); Field.Add(fe3, fe2); return(Field.Sqrt(r.Y, fe3)); }
public static bool EcPubkeySerialize(byte[] output, ref int outputlen, PubKey pubkey, Options flags) { var ge = new Ge(); var flag = false; var size = outputlen; outputlen = 0; if (Secp256K1T.LoadPubKey(ge, pubkey)) { flag = ECKey.PubkeySerialize(ge, output, ref size, flags.HasFlag((Enum)Options.FlagsBitContextVerify)); if (flag) { outputlen = size; } } return(flag); }
public static void secp256k1_ecmult_odd_multiples_table_storage_var(int n, GeStorage[] pre, GeJ a, EventHandler <Callback> cb) { var geJArray = new GeJ[n]; var r = new Ge[n]; var zr = new Fe[n]; for (var index = 0; index < n; ++index) { geJArray[index] = new GeJ(); r[index] = new Ge(); zr[index] = new Fe(); } EcMult.secp256k1_ecmult_odd_multiples_table(n, geJArray, zr, a); Group.secp256k1_ge_set_table_gej_var(r, geJArray, zr, n); for (var index = 0; index < n; ++index) { Group.ToStorage(pre[index], r[index]); } }
public static void secp256k1_ecmult_gen(EcmultGenContext ctx, out GeJ r, Scalar gn) { var ge = new Ge(); var geStorage = new GeStorage(); r = ctx.Initial.Clone(); var r1 = new Scalar(); Scalar.Add(r1, gn, ctx.Blind); ge.Infinity = false; for (var index1 = 0; index1 < 64; ++index1) { var bits = r1.GetBits(index1 * 4, 4); for (var index2 = 0; index2 < 16; ++index2) { Group.StorageCmov(geStorage, ctx.Prec[index1][index2], (long)index2 == (long)bits); } Group.FromStorage(ge, geStorage); Group.GeJAddGe(r, r, ge); } Group.secp256k1_ge_clear(ge); Scalar.Clear(r1); }
private static void secp256k1_ecmult_odd_multiples_table(int n, GeJ[] prej, Fe[] zr, GeJ a) { var r1 = new GeJ(); Group.secp256k1_gej_double_var(r1, a, (Fe)null); var b = new Ge(); b.X = r1.X.Clone(); b.Y = r1.Y.Clone(); b.Infinity = false; var r2 = new Ge(); Group.secp256k1_ge_set_gej_zinv(r2, a, r1.Z); prej[0].X = r2.X.Clone(); prej[0].Y = r2.Y.Clone(); prej[0].Z = a.Z.Clone(); prej[0].Infinity = false; zr[0] = r1.Z.Clone(); for (var index = 1; index < n; ++index) { Group.secp256k1_gej_add_ge_var(prej[index], prej[index - 1], b, zr[index]); } Field.Mul(prej[n - 1].Z, prej[n - 1].Z, r1.Z); }
public static void GeJAddGe(GeJ r, GeJ a, Ge b) { var arr = new uint[10]; arr[0] = 1U; var a1 = new Fe(arr); if (b.Infinity) { throw new ArithmeticException(); } var fe1 = new Fe(); Field.Sqr(fe1, a.Z); var fe2 = a.X.Clone(); Field.NormalizeWeak(fe2); var fe3 = new Fe(); Field.Mul(fe3, b.X, fe1); var r1 = a.Y.Clone(); Field.NormalizeWeak(r1); var fe4 = new Fe(); Field.Mul(fe4, b.Y, fe1); Field.Mul(fe4, fe4, a.Z); var fe5 = fe2.Clone(); Field.Add(fe5, fe3); var fe6 = r1.Clone(); Field.Add(fe6, fe4); var fe7 = new Fe(); Field.Sqr(fe7, fe5); var fe8 = new Fe(); Field.Negate(fe8, fe3, 1U); var fe9 = new Fe(); Field.Mul(fe9, fe2, fe8); Field.Add(fe7, fe9); var flag1 = Field.NormalizesToZero(fe6) && Field.NormalizesToZero(fe7); var fe10 = r1.Clone(); Field.MulInt(fe10, 2U); Field.Add(fe8, fe2); Field.Cmov(fe10, fe7, !flag1); Field.Cmov(fe8, fe6, !flag1); var fe11 = new Fe(); Field.Sqr(fe11, fe8); var fe12 = new Fe(); Field.Mul(fe12, fe11, fe5); Field.Sqr(fe11, fe11); Field.Cmov(fe11, fe6, flag1); Field.Sqr(fe5, fe10); Field.Mul(r.Z, a.Z, fe8); var flag2 = !a.Infinity && Field.NormalizesToZero(r.Z); Field.MulInt(r.Z, 2U); Field.Negate(fe12, fe12, 1U); Field.Add(fe5, fe12); Field.NormalizeWeak(fe5); r.X = fe5.Clone(); Field.MulInt(fe5, 2U); Field.Add(fe5, fe12); Field.Mul(fe5, fe5, fe10); Field.Add(fe5, fe11); Field.Negate(r.Y, fe5, 3U); Field.NormalizeWeak(r.Y); Field.MulInt(r.X, 4U); Field.MulInt(r.Y, 4U); Field.Cmov(r.X, b.X, a.Infinity); Field.Cmov(r.Y, b.Y, a.Infinity); Field.Cmov(r.Z, a1, a.Infinity); r.Infinity = flag2; }
public static void secp256k1_gej_add_ge_var(GeJ r, GeJ a, Ge b, Fe rzr) { if (a.Infinity) { Group.secp256k1_gej_set_ge(r, b); } else if (b.Infinity) { if (rzr != null) { Field.SetInt(rzr, 1U); } r = a.Clone(); } else { r.Infinity = false; var fe1 = new Fe(); Field.Sqr(fe1, a.Z); var fe2 = a.X.Clone(); Field.NormalizeWeak(fe2); var fe3 = new Fe(); Field.Mul(fe3, b.X, fe1); var fe4 = a.Y.Clone(); Field.NormalizeWeak(fe4); var fe5 = new Fe(); Field.Mul(fe5, b.Y, fe1); Field.Mul(fe5, fe5, a.Z); var fe6 = new Fe(); Field.Negate(fe6, fe2, 1U); Field.Add(fe6, fe3); var fe7 = new Fe(); Field.Negate(fe7, fe4, 1U); Field.Add(fe7, fe5); if (Field.NormalizesToZeroVar(fe6)) { if (Field.NormalizesToZeroVar(fe7)) { Group.secp256k1_gej_double_var(r, a, rzr); } else { if (rzr != null) { Field.SetInt(rzr, 0U); } r.Infinity = true; } } else { var fe8 = new Fe(); Field.Sqr(fe8, fe7); var fe9 = new Fe(); Field.Sqr(fe9, fe6); var fe10 = new Fe(); Field.Mul(fe10, fe6, fe9); if (rzr != null) { rzr = fe6.Clone(); } Field.Mul(r.Z, a.Z, fe6); var fe11 = new Fe(); Field.Mul(fe11, fe2, fe9); r.X = fe11.Clone(); Field.MulInt(r.X, 2U); Field.Add(r.X, fe10); Field.Negate(r.X, r.X, 3U); Field.Add(r.X, fe8); Field.Negate(r.Y, r.X, 5U); Field.Add(r.Y, fe11); Field.Mul(r.Y, r.Y, fe7); Field.Mul(fe10, fe10, fe4); Field.Negate(fe10, fe10, 1U); Field.Add(r.Y, fe10); } } }
public static bool secp256k1_ge_is_infinity(Ge a) { return(a.Infinity); }
public static void FromStorage(Ge r, GeStorage a) { Field.FromStorage(r.X, a.X); Field.FromStorage(r.Y, a.Y); r.Infinity = false; }
public static void secp256k1_ge_clear(Ge r) { r.Infinity = false; Field.Clear(r.X); Field.Clear(r.Y); }
public static void ContextBuild(EcmultGenContext ctx, EventHandler <Callback> cb) { var r1 = new Ge[1024]; var r2 = new GeJ(); var geJ1 = new GeJ(); if (ctx.Prec != null) { return; } ctx.PrecInit(); Group.secp256k1_gej_set_ge(r2, Group.Secp256K1GeConstG); var bytes = Encoding.UTF8.GetBytes("The scalar for this x is unknown"); var fe = new Fe(); var ge = new Ge(); Field.SetB32(fe, bytes); Group.secp256k1_ge_set_xo_var(ge, fe, false); Group.secp256k1_gej_set_ge(geJ1, ge); Group.secp256k1_gej_add_ge_var(geJ1, geJ1, Group.Secp256K1GeConstG, (Fe)null); var a = new GeJ[1024]; for (var index = 0; index < a.Length; ++index) { a[index] = new GeJ(); } var geJ2 = r2.Clone(); var geJ3 = geJ1.Clone(); for (var index1 = 0; index1 < 64; ++index1) { a[index1 * 16] = geJ3.Clone(); for (var index2 = 1; index2 < 16; ++index2) { Group.secp256k1_gej_add_var(a[index1 * 16 + index2], a[index1 * 16 + index2 - 1], geJ2, (Fe)null); } for (var index2 = 0; index2 < 4; ++index2) { Group.secp256k1_gej_double_var(geJ2, geJ2, (Fe)null); } Group.secp256k1_gej_double_var(geJ3, geJ3, (Fe)null); if (index1 == 62) { Group.secp256k1_gej_neg(geJ3, geJ3); Group.secp256k1_gej_add_var(geJ3, geJ3, geJ1, (Fe)null); } } for (var index = 0; index < r1.Length; ++index) { r1[index] = new Ge(); } Group.secp256k1_ge_set_all_gej_var(r1, a, 1024, cb); for (var index1 = 0; index1 < 64; ++index1) { for (var index2 = 0; index2 < 16; ++index2) { Group.ToStorage(ctx.Prec[index1][index2], r1[index1 * 16 + index2]); } } EcMultGen.Blind(ctx, (byte[])null); }
public static void SetXY(Ge r, Fe x, Fe y) { r.Infinity = false; r.X = x; r.Y = y; }