UltrafastSecp256k1/docs/tagged__hash_8hpp_source.html

#ifndef SECP256K1_TAGGED_HASH_HPP

#define SECP256K1_TAGGED_HASH_HPP


// ============================================================================

// BIP-340 Tagged Hash -- Shared Utilities

// ============================================================================

// Provides cached tagged-hash midstates for BIP-340 (Schnorr) operations.

// Used by both schnorr.cpp (fast path) and ct_sign.cpp (CT path).

//

// Eliminates duplication of make_tag_midstate / cached_tagged_hash / midstate

// constants between the two translation units.

// ============================================================================


#include "secp256k1/sha256.hpp"

#include <array>

#include <cstddef>

#include <cstdint>

#include <string_view>


namespace secp256k1::detail {


// Build a SHA256 midstate from a BIP-340 tag string.

// The midstate captures H(SHA256(tag) || SHA256(tag)) ready for further data.


inline SHA256 make_tag_midstate(std::string_view tag) {

    auto tag_hash = SHA256::hash(tag.data(), tag.size());

    SHA256 ctx;

    ctx.update(tag_hash.data(), 32);

    ctx.update(tag_hash.data(), 32);

    return ctx;

}


// Pre-computed BIP-340 midstates (constructed once, shared across TUs).

inline const SHA256 g_aux_midstate       = make_tag_midstate("BIP0340/aux");

inline const SHA256 g_nonce_midstate     = make_tag_midstate("BIP0340/nonce");

inline const SHA256 g_challenge_midstate = make_tag_midstate("BIP0340/challenge");


// Fast tagged hash using a cached midstate (avoids re-computing tag prefix).

#if defined(__GNUC__) && !defined(__clang__)

#pragma GCC diagnostic push

#pragma GCC diagnostic ignored "-Warray-bounds"

#endif


inline std::array<uint8_t, 32> cached_tagged_hash(const SHA256& midstate,

                                                    const void* data,

                                                    std::size_t len) {

    SHA256 ctx = midstate;

    ctx.update(data, len);

    return ctx.finalize();

}


#if defined(__GNUC__) && !defined(__clang__)

#pragma GCC diagnostic pop

#endif


} // namespace secp256k1::detail


#endif // SECP256K1_TAGGED_HASH_HPP

secp256k1::SHA256
Definition sha256.hpp:28

secp256k1::SHA256::hash
static digest_type hash(const void *data, std::size_t len) noexcept
Definition sha256.hpp:120

secp256k1::SHA256::finalize
digest_type finalize() noexcept
Definition sha256.hpp:73

secp256k1::SHA256::update
void update(const void *data, std::size_t len) noexcept
Definition sha256.hpp:43

secp256k1::detail
Definition bip39_wordlist.hpp:6

secp256k1::detail::g_nonce_midstate
const SHA256 g_nonce_midstate
Definition tagged_hash.hpp:34

secp256k1::detail::cached_tagged_hash
std::array< uint8_t, 32 > cached_tagged_hash(const SHA256 &midstate, const void *data, std::size_t len)
Definition tagged_hash.hpp:42

secp256k1::detail::g_aux_midstate
const SHA256 g_aux_midstate
Definition tagged_hash.hpp:33

secp256k1::detail::g_challenge_midstate
const SHA256 g_challenge_midstate
Definition tagged_hash.hpp:35

secp256k1::detail::make_tag_midstate
SHA256 make_tag_midstate(std::string_view tag)
Definition tagged_hash.hpp:24

sha256.hpp