BlockstreamResearch
diff --git a/‎.travis.yml
+4-2 b/‎.travis.yml
+4-2
diff --git a/‎Makefile.am
+4 b/‎Makefile.am
+4
diff --git a/‎configure.ac
+44 b/‎configure.ac
+44
diff --git a/‎src/scalar.h
+14-4 b/‎src/scalar.h
+14-4
diff --git a/‎src/scalar_4x64.h
+15 b/‎src/scalar_4x64.h
+15
@@ -6,8 +6,10 @@ install:
   - if [ "$FIELD" = "64bit_asm" ]; then sudo apt-get install -qq yasm; fi
 env:
   global:
-    - FIELD=auto  BIGNUM=auto  ENDOMORPHISM=no  BUILD=check
+    - FIELD=auto  BIGNUM=auto  SCALAR=auto  ENDOMORPHISM=no  BUILD=check
   matrix:
+    - SCALAR=32bit
+    - SCALAR=64bit
     - FIELD=gmp
     - FIELD=gmp       ENDOMORPHISM=yes
     - FIELD=64bit_asm
@@ -18,5 +20,5 @@ env:
     - FIELD=32bit     ENDOMORPHISM=yes
     - BUILD=distcheck
 before_script: ./autogen.sh
-script: ./configure --enable-endomorphism=$ENDOMORPHISM --with-field=$FIELD --with-bignum=$BIGNUM && make -j2 $BUILD
+script: ./configure --enable-endomorphism=$ENDOMORPHISM --with-field=$FIELD --with-bignum=$BIGNUM --with-scalar=$SCALAR && make -j2 $BUILD
 os: linux
@@ -10,7 +10,11 @@ noinst_LTLIBRARIES = $(COMMON_LIB)
 include_HEADERS = include/secp256k1.h
 noinst_HEADERS =
 noinst_HEADERS += src/scalar.h
+noinst_HEADERS += src/scalar_4x64.h
+noinst_HEADERS += src/scalar_8x32.h
 noinst_HEADERS += src/scalar_impl.h
+noinst_HEADERS += src/scalar_4x64_impl.h
+noinst_HEADERS += src/scalar_8x32_impl.h
 noinst_HEADERS += src/group.h
 noinst_HEADERS += src/group_impl.h
 noinst_HEADERS += src/num_gmp.h
 
@@ -64,13 +64,19 @@ AC_ARG_WITH([field], [AS_HELP_STRING([--with-field=gmp|64bit|64bit_asm|32bit|aut
 AC_ARG_WITH([bignum], [AS_HELP_STRING([--with-bignum=gmp|auto],
 [Specify Bignum Implementation. Default is auto])],[req_bignum=$withval], [req_bignum=auto])
 
+AC_ARG_WITH([scalar], [AS_HELP_STRING([--with-scalar=64bit|32bit|auto],
+[Specify scalar implementation. Default is auto])],[req_scalar=$withval], [req_scalar=auto])
+
 AC_CHECK_TYPES([__int128])
 
 AC_DEFUN([SECP_INT128_CHECK],[
 has_int128=$ac_cv_type___int128
 if test x"$has_int128" != x"yes" && test x"$set_field" = x"64bit"; then
   AC_MSG_ERROR([$set_field field support explicitly requested but is not compatible with this host])
 fi
+if test x"$has_int128" != x"yes" && test x"$set_scalar" = x"64bit"; then
+  AC_MSG_ERROR([$set_scalar scalar support explicitly requested but is not compatible with this host])
+fi
 ])
 
 AC_DEFUN([SECP_64BIT_ASM_CHECK],[
@@ -194,6 +200,30 @@ else
   esac
 fi
 
+if test x"$req_scalar" = x"auto"; then
+  if test x"$set_scalar" = x; then
+    SECP_INT128_CHECK
+    if test x"$has_int128" = x"yes"; then
+      set_scalar=64bit
+    fi
+  fi
+  if test x"$set_scalar" = x; then
+    set_scalar=32bit
+  fi
+else
+  set_scalar=$req_scalar
+  case $set_scalar in
+  64bit)
+    SECP_INT128_CHECK
+    ;;
+  32bit)
+    ;;
+  *)
+    AC_MSG_ERROR([invalid scalar implementation selected])
+    ;;
+  esac
+fi
+
 if test x"$req_bignum" = x"auto"; then
   SECP_GMP_CHECK
   if test x"$has_gmp" = x"yes"; then
@@ -252,6 +282,19 @@ gmp)
   ;;
 esac
 
+#select scalar implementation
+case $set_scalar in
+64bit)
+  AC_DEFINE(USE_SCALAR_4X64, 1, [Define this symbol to use the 4x64 scalar implementation])
+  ;;
+32bit)
+  AC_DEFINE(USE_SCALAR_8X32, 1, [Define this symbol to use the 8x32 scalar implementation])
+  ;;
+*)
+  AC_MSG_ERROR([invalid scalar implementation])
+  ;;
+esac
+
 if test x"$use_tests" = x"yes"; then
   SECP_OPENSSL_CHECK
   if test x"$has_openssl_ec" == x"yes"; then
@@ -278,6 +321,7 @@ fi
 
 AC_MSG_NOTICE([Using field implementation: $set_field])
 AC_MSG_NOTICE([Using bignum implementation: $set_bignum])
+AC_MSG_NOTICE([Using scalar implementation: $set_scalar])
 
 AC_CONFIG_HEADERS([src/libsecp256k1-config.h])
 AC_CONFIG_FILES([Makefile libsecp256k1.pc])
 
@@ -7,10 +7,17 @@
 
 #include "num.h"
 
-/** A scalar modulo the group order of the secp256k1 curve. */
-typedef struct {
-    secp256k1_num_t n;
-} secp256k1_scalar_t;
+#if defined HAVE_CONFIG_H
+#include "libsecp256k1-config.h"
+#endif
+
+#if defined(USE_SCALAR_4X64)
+#include "scalar_4x64.h"
+#elif defined(USE_SCALAR_8X32)
+#include "scalar_8x32.h"
+#else
+#error "Please select scalar implementation"
+#endif
 
 /** Clear a scalar to prevent the leak of sensitive data. */
 void static secp256k1_scalar_clear(secp256k1_scalar_t *r);
@@ -30,6 +37,9 @@ void static secp256k1_scalar_add(secp256k1_scalar_t *r, const secp256k1_scalar_t
 /** Multiply two scalars (modulo the group order). */
 void static secp256k1_scalar_mul(secp256k1_scalar_t *r, const secp256k1_scalar_t *a, const secp256k1_scalar_t *b);
 
+/** Compute the square of a scalar (modulo the group order). */
+void static secp256k1_scalar_sqr(secp256k1_scalar_t *r, const secp256k1_scalar_t *a);
+
 /** Compute the inverse of a scalar (modulo the group order). */
 void static secp256k1_scalar_inverse(secp256k1_scalar_t *r, const secp256k1_scalar_t *a);
 
 
@@ -0,0 +1,15 @@
+// Copyright (c) 2014 Pieter Wuille
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#ifndef _SECP256K1_SCALAR_REPR_
+#define _SECP256K1_SCALAR_REPR_
+
+#include <stdint.h>
+
+/** A scalar modulo the group order of the secp256k1 curve. */
+typedef struct {
+    uint64_t d[4];
+} secp256k1_scalar_t;
+
+#endif