PRCYCoin  2.0.0.7rc1
P2P Digital Currency
pedersen_impl.h
Go to the documentation of this file.
1 /***********************************************************************
2  * Copyright (c) 2015 Gregory Maxwell *
3  * Distributed under the MIT software license, see the accompanying *
4  * file COPYING or http://www.opensource.org/licenses/mit-license.php. *
5  ***********************************************************************/
6 
7 #ifndef SECP256K1_MODULE_COMMITMENT_PEDERSEN
8 #define SECP256K1_MODULE_COMMITMENT_PEDERSEN
9 
10 #include <string.h>
11 
12 #include "ecmult_const.h"
13 #include "group.h"
14 #include "scalar.h"
15 
16 /* sec * G + value * G2. */
17 SECP256K1_INLINE static void secp256k1_pedersen_ecmult_scalar(secp256k1_gej *rj, const secp256k1_scalar *sec, const secp256k1_scalar *value, const secp256k1_ge* value_gen, const secp256k1_ge* blind_gen) {
18  secp256k1_gej bj;
19  secp256k1_ge bp;
20  secp256k1_ecmult_const(rj, value_gen, value, 256);
21  secp256k1_ecmult_const(&bj, blind_gen, sec, 256);
22 
23  /* zero blinding factor indicates that we are not trying to be zero-knowledge,
24  * so not being constant-time in this case is OK. */
25  if (!secp256k1_gej_is_infinity(&bj)) {
26  secp256k1_ge_set_gej(&bp, &bj);
27  secp256k1_gej_add_ge(rj, rj, &bp);
28  }
29 
30  secp256k1_gej_clear(&bj);
31  secp256k1_ge_clear(&bp);
32 }
33 
34 SECP256K1_INLINE static void secp256k1_pedersen_ecmult(secp256k1_gej *rj, const secp256k1_scalar *sec, uint64_t value, const secp256k1_ge* value_gen, const secp256k1_ge* blind_gen) {
35  secp256k1_scalar vs;
36  secp256k1_gej bj;
37  secp256k1_ge bp;
38 
39  secp256k1_scalar_set_u64(&vs, value);
40  secp256k1_ecmult_const(rj, value_gen, &vs, 64);
41  secp256k1_ecmult_const(&bj, blind_gen, sec, 256);
42 
43  /* zero blinding factor indicates that we are not trying to be zero-knowledge,
44  * so not being constant-time in this case is OK. */
45  if (!secp256k1_gej_is_infinity(&bj)) {
46  secp256k1_ge_set_gej(&bp, &bj);
47  secp256k1_gej_add_ge(rj, rj, &bp);
48  }
49 
50  secp256k1_gej_clear(&bj);
51  secp256k1_ge_clear(&bp);
52  secp256k1_scalar_clear(&vs);
53 }
54 
55 #endif
secp256k1_scalar
A scalar modulo the group order of the secp256k1 curve.
Definition: scalar_4x64.h:13
secp256k1_gej
A group element of the secp256k1 curve, in jacobian coordinates.
Definition: group.h:24
ecmult_const.h
SECP256K1_INLINE
#define SECP256K1_INLINE
Definition: secp256k1.h:23
secp256k1_ge
A group element of the secp256k1 curve, in affine coordinates.
Definition: group.h:14
Generated on Tue Apr 28 2026 00:02:57 for PRCYCoin by   doxygen 1.8.17