Make use of negation optional via COMB_NEGATION

Author: peterdettman

src/ecmult_gen.h

@@ -37,15 +37,19 @@
 #  endif
 
 #  define COMB_SPACING 1
+#  define COMB_NEGATION 1
 
 #else
 
   /* COMB_BLOCKS, COMB_TEETH, COMB_SPACING must all be positive and the product of the three (COMB_BITS)
-   * must evaluate to a value in the range [256, 288]. The resulting memory usage for precomputation
-   * will be COMB_POINTS_TOTAL * sizeof(secp256k1_ge_storage). */
+   * must evaluate to a value in the range [256, 288]. The COMB_NEGATION boolean controls whether the
+   * comb will use negations so that only negative multiples need be precomputed. The resulting memory
+   * usage for precomputation will be COMB_POINTS_TOTAL * sizeof(secp256k1_ge_storage).
+   */
   #define COMB_BLOCKS 4
   #define COMB_TEETH 5
   #define COMB_SPACING 13
+  #define COMB_NEGATION 1
 
 #endif
 
@@ -58,12 +62,15 @@
 #if !(1 <= COMB_SPACING && COMB_SPACING <= 256)
 #  error "COMB_SPACING must be in the range [1, 256]"
 #endif
+#if !(0 <= COMB_NEGATION && COMB_NEGATION <= 1)
+#  error "COMB_NEGATION must be in the range [0, 1]"
+#endif
 
 /* The remaining COMB_* parameters are derived values, don't modify these. */
 #define COMB_BITS (COMB_BLOCKS * COMB_TEETH * COMB_SPACING)
 #define COMB_GROUPED ((COMB_SPACING == 1) && ((32 % COMB_TEETH) == 0))
 #define COMB_OFFSET (COMB_BITS == 256)
-#define COMB_POINTS (1 << (COMB_TEETH - 1))
+#define COMB_POINTS (1 << (COMB_TEETH - COMB_NEGATION))
 #define COMB_POINTS_TOTAL (COMB_BLOCKS * COMB_POINTS)
 #define COMB_MASK (COMB_POINTS - 1)
 

src/ecmult_gen_impl.h

@@ -71,7 +71,7 @@ static void secp256k1_ecmult_gen_context_build(secp256k1_ecmult_gen_context *ctx
                 }
             }
             secp256k1_gej_neg(&vs[vs_pos++], &sum);
-            for (tooth = 0; tooth < (COMB_TEETH - 1); ++tooth) {
+            for (tooth = 0; tooth < (COMB_TEETH - COMB_NEGATION); ++tooth) {
                 stride = 1 << tooth;
                 for (index = 0; index < stride; ++index, ++vs_pos) {
                     secp256k1_gej_add_var(&vs[vs_pos], &vs[vs_pos - stride], &ds[tooth], NULL);
@@ -207,12 +207,15 @@ static void secp256k1_ecmult_gen(const secp256k1_ecmult_gen_context *ctx, secp25
 
 #if USE_COMB
 
-    int abs, bit_pos, block, comb_off, index, sign;
+#if COMB_NEGATION
+    secp256k1_fe neg;
+    int sign;
+#endif
+    int abs, bit_pos, block, comb_off, index;
 #if !COMB_GROUPED
     int bit, tooth;
 #endif
     uint32_t recoded[9];
-    secp256k1_fe neg;
 
     memset(&adds, 0, sizeof(adds));
     *r = ctx->initial;
@@ -238,19 +241,25 @@ static void secp256k1_ecmult_gen(const secp256k1_ecmult_gen_context *ctx, secp25
             }
 #endif
 
+#if COMB_NEGATION
             sign = (bits >> (COMB_TEETH - 1)) & 1;
-            abs = (bits ^ -sign) & COMB_MASK;
-
             VERIFY_CHECK(sign == 0 || sign == 1);
+
+            bits ^= -sign;
+#endif
+
+            abs = bits & COMB_MASK;
             VERIFY_CHECK(0 <= abs && abs < COMB_POINTS);
 
             for (index = 0; index < COMB_POINTS; ++index) {
                 secp256k1_ge_storage_cmov(&adds, &(*ctx->prec)[block][index], index == abs);
             }
 
             secp256k1_ge_from_storage(&add, &adds);
+#if COMB_NEGATION
             secp256k1_fe_negate(&neg, &add.y, 1);
             secp256k1_fe_cmov(&add.y, &neg, sign);
+#endif
 
             secp256k1_gej_add_ge(r, r, &add);
         }
@@ -262,10 +271,12 @@ static void secp256k1_ecmult_gen(const secp256k1_ecmult_gen_context *ctx, secp25
         secp256k1_gej_double(r, r);
     }
 
+#if COMB_NEGATION
     secp256k1_fe_clear(&neg);
+    sign = 0;
+#endif
     memset(recoded, 0, sizeof(recoded));
     abs = 0;
-    sign = 0;
 
 #else
     int i, j;

src/gen_context.c

@@ -66,8 +66,8 @@ int main(int argc, char **argv) {
     fprintf(fp, "   #error configuration mismatch, invalid USE_COMB. Try deleting ecmult_static_context.h before the build.\n");
     fprintf(fp, "#endif\n");
 #if USE_COMB
-    fprintf(fp, "#if COMB_BLOCKS != %i || COMB_TEETH != %i || COMB_SPACING != %i\n", COMB_BLOCKS, COMB_TEETH, COMB_SPACING);
-    fprintf(fp, "   #error configuration mismatch, invalid COMB_BLOCKS, COMB_TEETH, or COMB_SPACING. Try deleting ecmult_static_context.h before the build.\n");
+    fprintf(fp, "#if COMB_BLOCKS != %i || COMB_TEETH != %i || COMB_SPACING != %i || COMB_NEGATION != %i\n", COMB_BLOCKS, COMB_TEETH, COMB_SPACING, COMB_NEGATION);
+    fprintf(fp, "   #error configuration mismatch, invalid COMB_BLOCKS, COMB_TEETH, COMB_SPACING, or COMB_NEGATION. Try deleting ecmult_static_context.h before the build.\n");
     fprintf(fp, "#endif\n");
 #else
     fprintf(fp, "#if ECMULT_GEN_PREC_N != %d || ECMULT_GEN_PREC_G != %d\n", ECMULT_GEN_PREC_N, ECMULT_GEN_PREC_G);