doc/html/bip324__ecdh_8cpp_source.html

// Copyright (c) 2022-present The Bitcoin Core developers

// Distributed under the MIT software license, see the accompanying

// file COPYING or http://www.opensource.org/licenses/mit-license.php.


#include <bench/bench.h>

#include <key.h>

#include <pubkey.h>

#include <random.h>

#include <span.h>


#include <algorithm>

#include <array>

#include <cstddef>


static void BIP324_ECDH(benchmark::Bench& bench)

{

    ECC_Context ecc_context{};

    FastRandomContext rng;


    std::array<std::byte, 32> key_data;

    std::array<std::byte, EllSwiftPubKey::size()> our_ellswift_data;

    std::array<std::byte, EllSwiftPubKey::size()> their_ellswift_data;


    rng.fillrand(key_data);

    rng.fillrand(our_ellswift_data);

    rng.fillrand(their_ellswift_data);


    bench.batch(1).unit("ecdh").run([&] {

        CKey key;

        key.Set(key_data.data(), key_data.data() + 32, true);

        EllSwiftPubKey our_ellswift(our_ellswift_data);

        EllSwiftPubKey their_ellswift(their_ellswift_data);


        auto ret = key.ComputeBIP324ECDHSecret(their_ellswift, our_ellswift, true);


        // To make sure that the computation is not the same on every iteration (ellswift decoding

        // is variable-time), distribute bytes from the shared secret over the 3 inputs. The most

        // important one is their_ellswift, because that one is actually decoded, so it's given most

        // bytes. The data is copied into the middle, so that both halves are affected:

        // - Copy 8 bytes from the resulting shared secret into middle of the private key.

        std::copy(ret.begin(), ret.begin() + 8, key_data.begin() + 12);

        // - Copy 8 bytes from the resulting shared secret into the middle of our ellswift key.

        std::copy(ret.begin() + 8, ret.begin() + 16, our_ellswift_data.begin() + 28);

        // - Copy 16 bytes from the resulting shared secret into the middle of their ellswift key.

        std::copy(ret.begin() + 16, ret.end(), their_ellswift_data.begin() + 24);

    });

}


BENCHMARK(BIP324_ECDH);

bench.h

BENCHMARK
#define BENCHMARK(n)
Definition bench.h:68

BIP324_ECDH
static void BIP324_ECDH(benchmark::Bench &bench)
Definition bip324_ecdh.cpp:15

ret
int ret
Definition bitcoin-cli.cpp:1350

ecc_context
ECC_Context ecc_context
Definition bitcoin-wallet.cpp:126

CKey
An encapsulated private key.
Definition key.h:36

CKey::ComputeBIP324ECDHSecret
ECDHSecret ComputeBIP324ECDHSecret(const EllSwiftPubKey &their_ellswift, const EllSwiftPubKey &our_ellswift, bool initiating) const
Compute a BIP324-style ECDH shared secret.
Definition key.cpp:328

CKey::Set
void Set(const T pbegin, const T pend, bool fCompressedIn)
Initialize using begin and end iterators to byte data.
Definition key.h:104

ECC_Context
RAII class initializing and deinitializing global state for elliptic curve support.
Definition key.h:326

FastRandomContext
Fast randomness source.
Definition random.h:386

FastRandomContext::fillrand
void fillrand(std::span< std::byte > output) noexcept
Fill a byte span with random bytes.
Definition random.cpp:626

ankerl::nanobench::Bench
Main entry point to nanobench's benchmarking facility.
Definition nanobench.h:627

key.h

pubkey.h

span.h

EllSwiftPubKey
An ElligatorSwift-encoded public key.
Definition pubkey.h:309

EllSwiftPubKey::size
static constexpr size_t size()
Definition pubkey.h:326

Ticks
constexpr auto Ticks(Dur2 d)
Helper to count the seconds of a duration/time_point.
Definition time.h:73