2021-06-14 14:55:38 +00:00
|
|
|
/***********************************************************************
|
|
|
|
* Copyright (c) 2020 Peter Dettman *
|
|
|
|
* Distributed under the MIT software license, see the accompanying *
|
|
|
|
* file COPYING or https://www.opensource.org/licenses/mit-license.php.*
|
|
|
|
**********************************************************************/
|
|
|
|
|
|
|
|
#ifndef SECP256K1_MODINV64_H
|
|
|
|
#define SECP256K1_MODINV64_H
|
|
|
|
|
|
|
|
#if defined HAVE_CONFIG_H
|
|
|
|
#include "libsecp256k1-config.h"
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#include "util.h"
|
|
|
|
|
|
|
|
#ifndef SECP256K1_WIDEMUL_INT128
|
|
|
|
#error "modinv64 requires 128-bit wide multiplication support"
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/* A signed 62-bit limb representation of integers.
|
|
|
|
*
|
|
|
|
* Its value is sum(v[i] * 2^(62*i), i=0..4). */
|
|
|
|
typedef struct {
|
|
|
|
int64_t v[5];
|
2022-03-08 19:45:41 +00:00
|
|
|
} rustsecp256k1_v0_5_0_modinv64_signed62;
|
2021-06-14 14:55:38 +00:00
|
|
|
|
|
|
|
typedef struct {
|
|
|
|
/* The modulus in signed62 notation, must be odd and in [3, 2^256]. */
|
2022-03-08 19:45:41 +00:00
|
|
|
rustsecp256k1_v0_5_0_modinv64_signed62 modulus;
|
2021-06-14 14:55:38 +00:00
|
|
|
|
|
|
|
/* modulus^{-1} mod 2^62 */
|
|
|
|
uint64_t modulus_inv62;
|
2022-03-08 19:45:41 +00:00
|
|
|
} rustsecp256k1_v0_5_0_modinv64_modinfo;
|
2021-06-14 14:55:38 +00:00
|
|
|
|
|
|
|
/* Replace x with its modular inverse mod modinfo->modulus. x must be in range [0, modulus).
|
|
|
|
* If x is zero, the result will be zero as well. If not, the inverse must exist (i.e., the gcd of
|
|
|
|
* x and modulus must be 1). These rules are automatically satisfied if the modulus is prime.
|
|
|
|
*
|
|
|
|
* On output, all of x's limbs will be in [0, 2^62).
|
|
|
|
*/
|
2022-03-08 19:45:41 +00:00
|
|
|
static void rustsecp256k1_v0_5_0_modinv64_var(rustsecp256k1_v0_5_0_modinv64_signed62 *x, const rustsecp256k1_v0_5_0_modinv64_modinfo *modinfo);
|
2021-06-14 14:55:38 +00:00
|
|
|
|
2022-03-08 19:45:41 +00:00
|
|
|
/* Same as rustsecp256k1_v0_5_0_modinv64_var, but constant time in x (not in the modulus). */
|
|
|
|
static void rustsecp256k1_v0_5_0_modinv64(rustsecp256k1_v0_5_0_modinv64_signed62 *x, const rustsecp256k1_v0_5_0_modinv64_modinfo *modinfo);
|
2021-06-14 14:55:38 +00:00
|
|
|
|
|
|
|
#endif /* SECP256K1_MODINV64_H */
|