Skip to content

Commit fff412e

Browse files
sipasipa
committed
Merge pull request bitcoin#197
4be8d6f Centralize the definition of uint128_t and use it uniformly. (Gregory Maxwell) d9543c9 Switch scalar code to C89. (Gregory Maxwell)
2 parents 7137be8 + 4be8d6f commit fff412e

File tree

6 files changed

+176
-148
lines changed

6 files changed

+176
-148
lines changed

src/field_5x52_int128_impl.h

Lines changed: 44 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@
1616
#endif
1717

1818
SECP256K1_INLINE static void secp256k1_fe_mul_inner(uint64_t *r, const uint64_t *a, const uint64_t * SECP256K1_RESTRICT b) {
19-
__int128 c, d;
19+
uint128_t c, d;
2020
uint64_t t3, t4, tx, u0;
2121
uint64_t a0 = a[0], a1 = a[1], a2 = a[2], a3 = a[3], a4 = a[4];
2222
const uint64_t M = 0xFFFFFFFFFFFFFULL, R = 0x1000003D10ULL;
@@ -38,13 +38,13 @@ SECP256K1_INLINE static void secp256k1_fe_mul_inner(uint64_t *r, const uint64_t
3838
* Note that [x 0 0 0 0 0] = [x*R].
3939
*/
4040

41-
d = (__int128)a0 * b[3]
42-
+ (__int128)a1 * b[2]
43-
+ (__int128)a2 * b[1]
44-
+ (__int128)a3 * b[0];
41+
d = (uint128_t)a0 * b[3]
42+
+ (uint128_t)a1 * b[2]
43+
+ (uint128_t)a2 * b[1]
44+
+ (uint128_t)a3 * b[0];
4545
VERIFY_BITS(d, 114);
4646
/* [d 0 0 0] = [p3 0 0 0] */
47-
c = (__int128)a4 * b[4];
47+
c = (uint128_t)a4 * b[4];
4848
VERIFY_BITS(c, 112);
4949
/* [c 0 0 0 0 d 0 0 0] = [p8 0 0 0 0 p3 0 0 0] */
5050
d += (c & M) * R; c >>= 52;
@@ -56,11 +56,11 @@ SECP256K1_INLINE static void secp256k1_fe_mul_inner(uint64_t *r, const uint64_t
5656
VERIFY_BITS(d, 63);
5757
/* [c 0 0 0 0 d t3 0 0 0] = [p8 0 0 0 0 p3 0 0 0] */
5858

59-
d += (__int128)a0 * b[4]
60-
+ (__int128)a1 * b[3]
61-
+ (__int128)a2 * b[2]
62-
+ (__int128)a3 * b[1]
63-
+ (__int128)a4 * b[0];
59+
d += (uint128_t)a0 * b[4]
60+
+ (uint128_t)a1 * b[3]
61+
+ (uint128_t)a2 * b[2]
62+
+ (uint128_t)a3 * b[1]
63+
+ (uint128_t)a4 * b[0];
6464
VERIFY_BITS(d, 115);
6565
/* [c 0 0 0 0 d t3 0 0 0] = [p8 0 0 0 p4 p3 0 0 0] */
6666
d += c * R;
@@ -75,13 +75,13 @@ SECP256K1_INLINE static void secp256k1_fe_mul_inner(uint64_t *r, const uint64_t
7575
VERIFY_BITS(t4, 48);
7676
/* [d t4+(tx<<48) t3 0 0 0] = [p8 0 0 0 p4 p3 0 0 0] */
7777

78-
c = (__int128)a0 * b[0];
78+
c = (uint128_t)a0 * b[0];
7979
VERIFY_BITS(c, 112);
8080
/* [d t4+(tx<<48) t3 0 0 c] = [p8 0 0 0 p4 p3 0 0 p0] */
81-
d += (__int128)a1 * b[4]
82-
+ (__int128)a2 * b[3]
83-
+ (__int128)a3 * b[2]
84-
+ (__int128)a4 * b[1];
81+
d += (uint128_t)a1 * b[4]
82+
+ (uint128_t)a2 * b[3]
83+
+ (uint128_t)a3 * b[2]
84+
+ (uint128_t)a4 * b[1];
8585
VERIFY_BITS(d, 115);
8686
/* [d t4+(tx<<48) t3 0 0 c] = [p8 0 0 p5 p4 p3 0 0 p0] */
8787
u0 = d & M; d >>= 52;
@@ -92,21 +92,21 @@ SECP256K1_INLINE static void secp256k1_fe_mul_inner(uint64_t *r, const uint64_t
9292
u0 = (u0 << 4) | tx;
9393
VERIFY_BITS(u0, 56);
9494
/* [d 0 t4+(u0<<48) t3 0 0 c] = [p8 0 0 p5 p4 p3 0 0 p0] */
95-
c += (__int128)u0 * (R >> 4);
95+
c += (uint128_t)u0 * (R >> 4);
9696
VERIFY_BITS(c, 115);
9797
/* [d 0 t4 t3 0 0 c] = [p8 0 0 p5 p4 p3 0 0 p0] */
9898
r[0] = c & M; c >>= 52;
9999
VERIFY_BITS(r[0], 52);
100100
VERIFY_BITS(c, 61);
101101
/* [d 0 t4 t3 0 c r0] = [p8 0 0 p5 p4 p3 0 0 p0] */
102102

103-
c += (__int128)a0 * b[1]
104-
+ (__int128)a1 * b[0];
103+
c += (uint128_t)a0 * b[1]
104+
+ (uint128_t)a1 * b[0];
105105
VERIFY_BITS(c, 114);
106106
/* [d 0 t4 t3 0 c r0] = [p8 0 0 p5 p4 p3 0 p1 p0] */
107-
d += (__int128)a2 * b[4]
108-
+ (__int128)a3 * b[3]
109-
+ (__int128)a4 * b[2];
107+
d += (uint128_t)a2 * b[4]
108+
+ (uint128_t)a3 * b[3]
109+
+ (uint128_t)a4 * b[2];
110110
VERIFY_BITS(d, 114);
111111
/* [d 0 t4 t3 0 c r0] = [p8 0 p6 p5 p4 p3 0 p1 p0] */
112112
c += (d & M) * R; d >>= 52;
@@ -118,13 +118,13 @@ SECP256K1_INLINE static void secp256k1_fe_mul_inner(uint64_t *r, const uint64_t
118118
VERIFY_BITS(c, 63);
119119
/* [d 0 0 t4 t3 c r1 r0] = [p8 0 p6 p5 p4 p3 0 p1 p0] */
120120

121-
c += (__int128)a0 * b[2]
122-
+ (__int128)a1 * b[1]
123-
+ (__int128)a2 * b[0];
121+
c += (uint128_t)a0 * b[2]
122+
+ (uint128_t)a1 * b[1]
123+
+ (uint128_t)a2 * b[0];
124124
VERIFY_BITS(c, 114);
125125
/* [d 0 0 t4 t3 c r1 r0] = [p8 0 p6 p5 p4 p3 p2 p1 p0] */
126-
d += (__int128)a3 * b[4]
127-
+ (__int128)a4 * b[3];
126+
d += (uint128_t)a3 * b[4]
127+
+ (uint128_t)a4 * b[3];
128128
VERIFY_BITS(d, 114);
129129
/* [d 0 0 t4 t3 c t1 r0] = [p8 p7 p6 p5 p4 p3 p2 p1 p0] */
130130
c += (d & M) * R; d >>= 52;
@@ -153,7 +153,7 @@ SECP256K1_INLINE static void secp256k1_fe_mul_inner(uint64_t *r, const uint64_t
153153
}
154154

155155
SECP256K1_INLINE static void secp256k1_fe_sqr_inner(uint64_t *r, const uint64_t *a) {
156-
__int128 c, d;
156+
uint128_t c, d;
157157
uint64_t a0 = a[0], a1 = a[1], a2 = a[2], a3 = a[3], a4 = a[4];
158158
int64_t t3, t4, tx, u0;
159159
const uint64_t M = 0xFFFFFFFFFFFFFULL, R = 0x1000003D10ULL;
@@ -169,11 +169,11 @@ SECP256K1_INLINE static void secp256k1_fe_sqr_inner(uint64_t *r, const uint64_t
169169
* Note that [x 0 0 0 0 0] = [x*R].
170170
*/
171171

172-
d = (__int128)(a0*2) * a3
173-
+ (__int128)(a1*2) * a2;
172+
d = (uint128_t)(a0*2) * a3
173+
+ (uint128_t)(a1*2) * a2;
174174
VERIFY_BITS(d, 114);
175175
/* [d 0 0 0] = [p3 0 0 0] */
176-
c = (__int128)a4 * a4;
176+
c = (uint128_t)a4 * a4;
177177
VERIFY_BITS(c, 112);
178178
/* [c 0 0 0 0 d 0 0 0] = [p8 0 0 0 0 p3 0 0 0] */
179179
d += (c & M) * R; c >>= 52;
@@ -186,9 +186,9 @@ SECP256K1_INLINE static void secp256k1_fe_sqr_inner(uint64_t *r, const uint64_t
186186
/* [c 0 0 0 0 d t3 0 0 0] = [p8 0 0 0 0 p3 0 0 0] */
187187

188188
a4 *= 2;
189-
d += (__int128)a0 * a4
190-
+ (__int128)(a1*2) * a3
191-
+ (__int128)a2 * a2;
189+
d += (uint128_t)a0 * a4
190+
+ (uint128_t)(a1*2) * a3
191+
+ (uint128_t)a2 * a2;
192192
VERIFY_BITS(d, 115);
193193
/* [c 0 0 0 0 d t3 0 0 0] = [p8 0 0 0 p4 p3 0 0 0] */
194194
d += c * R;
@@ -203,11 +203,11 @@ SECP256K1_INLINE static void secp256k1_fe_sqr_inner(uint64_t *r, const uint64_t
203203
VERIFY_BITS(t4, 48);
204204
/* [d t4+(tx<<48) t3 0 0 0] = [p8 0 0 0 p4 p3 0 0 0] */
205205

206-
c = (__int128)a0 * a0;
206+
c = (uint128_t)a0 * a0;
207207
VERIFY_BITS(c, 112);
208208
/* [d t4+(tx<<48) t3 0 0 c] = [p8 0 0 0 p4 p3 0 0 p0] */
209-
d += (__int128)a1 * a4
210-
+ (__int128)(a2*2) * a3;
209+
d += (uint128_t)a1 * a4
210+
+ (uint128_t)(a2*2) * a3;
211211
VERIFY_BITS(d, 114);
212212
/* [d t4+(tx<<48) t3 0 0 c] = [p8 0 0 p5 p4 p3 0 0 p0] */
213213
u0 = d & M; d >>= 52;
@@ -218,7 +218,7 @@ SECP256K1_INLINE static void secp256k1_fe_sqr_inner(uint64_t *r, const uint64_t
218218
u0 = (u0 << 4) | tx;
219219
VERIFY_BITS(u0, 56);
220220
/* [d 0 t4+(u0<<48) t3 0 0 c] = [p8 0 0 p5 p4 p3 0 0 p0] */
221-
c += (__int128)u0 * (R >> 4);
221+
c += (uint128_t)u0 * (R >> 4);
222222
VERIFY_BITS(c, 113);
223223
/* [d 0 t4 t3 0 0 c] = [p8 0 0 p5 p4 p3 0 0 p0] */
224224
r[0] = c & M; c >>= 52;
@@ -227,11 +227,11 @@ SECP256K1_INLINE static void secp256k1_fe_sqr_inner(uint64_t *r, const uint64_t
227227
/* [d 0 t4 t3 0 c r0] = [p8 0 0 p5 p4 p3 0 0 p0] */
228228

229229
a0 *= 2;
230-
c += (__int128)a0 * a1;
230+
c += (uint128_t)a0 * a1;
231231
VERIFY_BITS(c, 114);
232232
/* [d 0 t4 t3 0 c r0] = [p8 0 0 p5 p4 p3 0 p1 p0] */
233-
d += (__int128)a2 * a4
234-
+ (__int128)a3 * a3;
233+
d += (uint128_t)a2 * a4
234+
+ (uint128_t)a3 * a3;
235235
VERIFY_BITS(d, 114);
236236
/* [d 0 t4 t3 0 c r0] = [p8 0 p6 p5 p4 p3 0 p1 p0] */
237237
c += (d & M) * R; d >>= 52;
@@ -243,11 +243,11 @@ SECP256K1_INLINE static void secp256k1_fe_sqr_inner(uint64_t *r, const uint64_t
243243
VERIFY_BITS(c, 63);
244244
/* [d 0 0 t4 t3 c r1 r0] = [p8 0 p6 p5 p4 p3 0 p1 p0] */
245245

246-
c += (__int128)a0 * a2
247-
+ (__int128)a1 * a1;
246+
c += (uint128_t)a0 * a2
247+
+ (uint128_t)a1 * a1;
248248
VERIFY_BITS(c, 114);
249249
/* [d 0 0 t4 t3 c r1 r0] = [p8 0 p6 p5 p4 p3 p2 p1 p0] */
250-
d += (__int128)a3 * a4;
250+
d += (uint128_t)a3 * a4;
251251
VERIFY_BITS(d, 114);
252252
/* [d 0 0 t4 t3 c r1 r0] = [p8 p7 p6 p5 p4 p3 p2 p1 p0] */
253253
c += (d & M) * R; d >>= 52;

src/field_impl.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -202,6 +202,7 @@ static void secp256k1_fe_inv_var(secp256k1_fe_t *r, const secp256k1_fe_t *a) {
202202
#if defined(USE_FIELD_INV_BUILTIN)
203203
secp256k1_fe_inv(r, a);
204204
#elif defined(USE_FIELD_INV_NUM)
205+
secp256k1_num_t n, m;
205206
static const unsigned char prime[32] = {
206207
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
207208
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
@@ -212,7 +213,6 @@ static void secp256k1_fe_inv_var(secp256k1_fe_t *r, const secp256k1_fe_t *a) {
212213
secp256k1_fe_t c = *a;
213214
secp256k1_fe_normalize_var(&c);
214215
secp256k1_fe_get_b32(b, &c);
215-
secp256k1_num_t n, m;
216216
secp256k1_num_set_bin(&n, b, 32);
217217
secp256k1_num_set_bin(&m, prime, 32);
218218
secp256k1_num_mod_inverse(&n, &n, &m);

0 commit comments

Comments
 (0)