Add function to compute optimal ecmult_multi scratch space size for a given number of points

jonasnick · jonasnick · commit 83fb0875ffd7 · 2019-06-16T19:57:04.000Z
diff --git a/src/ecmult_impl.h b/src/ecmult_impl.h
@@ -1323,4 +1323,20 @@ static int secp256k1_ecmult_multi_var(const secp256k1_callback* error_callback,
     return 1;
 }
 
+/**
+ * Returns the optimal scratch space size for a given number of points
+ * excluding base point G.
+ */
+static size_t secp256k1_ecmult_multi_scratch_size(size_t n_points) {
+    if (n_points > ECMULT_MAX_POINTS_PER_BATCH) {
+        n_points = ECMULT_MAX_POINTS_PER_BATCH;
+    }
+    if (n_points >= ECMULT_PIPPENGER_THRESHOLD) {
+        int bucket_window = secp256k1_pippenger_bucket_window(n_points);
+        return secp256k1_pippenger_scratch_size(n_points, bucket_window);
+    } else {
+        return secp256k1_strauss_scratch_size(n_points);
+    }
+}
+
 #endif /* SECP256K1_ECMULT_IMPL_H */
diff --git a/src/tests.c b/src/tests.c
@@ -3154,11 +3154,10 @@ void test_ecmult_multi_batching(void) {
 
     for(i = 1; i <= n_points; i++) {
         if (i >= ECMULT_PIPPENGER_THRESHOLD) {
-            int bucket_window = secp256k1_pippenger_bucket_window(i);
-            size_t scratch_size = secp256k1_pippenger_scratch_size(i, bucket_window);
+            size_t scratch_size = secp256k1_ecmult_multi_scratch_size(i);
             scratch = secp256k1_scratch_create(&ctx->error_callback, scratch_size);
         } else {
-            size_t scratch_size = secp256k1_strauss_scratch_size(i);
+            size_t scratch_size = secp256k1_ecmult_multi_scratch_size(i);
             scratch = secp256k1_scratch_create(&ctx->error_callback, scratch_size);
         }
         CHECK(secp256k1_ecmult_multi_var(&ctx->error_callback, &ctx->ecmult_ctx, scratch, &r, &scG, ecmult_multi_callback, &data, n_points));
@@ -3170,6 +3169,15 @@ void test_ecmult_multi_batching(void) {
     free(pt);
 }
 
+void test_ecmult_multi_scratch_size(void) {
+    /* test ECMULT_MAX_POINTS_PER_BATCH limit */
+    size_t n_points = ECMULT_MAX_POINTS_PER_BATCH + 1;
+    size_t scratch_size = secp256k1_ecmult_multi_scratch_size(n_points);
+    int expected_bucket_window = secp256k1_pippenger_bucket_window(n_points - 1);
+    size_t expected_scratch_size = secp256k1_pippenger_scratch_size(n_points - 1, expected_bucket_window);
+    CHECK(expected_scratch_size == scratch_size);
+}
+
 void run_ecmult_multi_tests(void) {
     secp256k1_scratch *scratch;
 
@@ -3193,6 +3201,7 @@ void run_ecmult_multi_tests(void) {
 
     test_ecmult_multi_batch_size_helper();
     test_ecmult_multi_batching();
+    test_ecmult_multi_scratch_size();
 }
 
 void test_wnaf(const secp256k1_scalar *number, int w) {
