frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implement current magnitude assumptions

Browse Source 
Remove also the explicit magnitude restriction `a->x.magnitude <= 31`
in `secp256k1_gej_eq_x_var` (introduced in commit
07c0e8b82e2cea87f85263512945fed7adffea18), as this is implied by the
new limits.

Co-authored-by: Sebastian Falbesoner <sebastian.falbesoner@gmail.com>
This commit is contained in:
Peter Dettman 2021-12-05 16:27:56 +07:00 committed by Sebastian Falbesoner
parent 49afd2f5d8
commit 173e8d061a
2 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/group.h
View File

@ -44,6 +44,14 @@ typedef struct {
#define SECP256K1_GE_STORAGE_CONST_GET(t) SECP256K1_FE_STORAGE_CONST_GET(t.x), SECP256K1_FE_STORAGE_CONST_GET(t.y) #define SECP256K1_GE_STORAGE_CONST_GET(t) SECP256K1_FE_STORAGE_CONST_GET(t.x), SECP256K1_FE_STORAGE_CONST_GET(t.y)
/** Maximum allowed magnitudes for group element coordinates
* in affine (x, y) and jacobian (x, y, z) representation. */
#define SECP256K1_GE_X_MAGNITUDE_MAX 8
#define SECP256K1_GE_Y_MAGNITUDE_MAX 8
#define SECP256K1_GEJ_X_MAGNITUDE_MAX 8
#define SECP256K1_GEJ_Y_MAGNITUDE_MAX 8
#define SECP256K1_GEJ_Z_MAGNITUDE_MAX 8
/** Set a group element equal to the point with given X and Y coordinates */ /** Set a group element equal to the point with given X and Y coordinates */
static void secp256k1_ge_set_xy(secp256k1_ge *r, const secp256k1_fe *x, const secp256k1_fe *y); static void secp256k1_ge_set_xy(secp256k1_ge *r, const secp256k1_fe *x, const secp256k1_fe *y);

6
src/group_impl.h
View File

@ -77,6 +77,8 @@ static void secp256k1_ge_verify(const secp256k1_ge *a) {
#ifdef VERIFY #ifdef VERIFY
secp256k1_fe_verify(&a->x); secp256k1_fe_verify(&a->x);
secp256k1_fe_verify(&a->y); secp256k1_fe_verify(&a->y);
secp256k1_fe_verify_magnitude(&a->x, SECP256K1_GE_X_MAGNITUDE_MAX);
secp256k1_fe_verify_magnitude(&a->y, SECP256K1_GE_Y_MAGNITUDE_MAX);
VERIFY_CHECK(a->infinity == 0 || a->infinity == 1); VERIFY_CHECK(a->infinity == 0 || a->infinity == 1);
#endif #endif
(void)a; (void)a;
@ -87,6 +89,9 @@ static void secp256k1_gej_verify(const secp256k1_gej *a) {
secp256k1_fe_verify(&a->x); secp256k1_fe_verify(&a->x);
secp256k1_fe_verify(&a->y); secp256k1_fe_verify(&a->y);
secp256k1_fe_verify(&a->z); secp256k1_fe_verify(&a->z);
secp256k1_fe_verify_magnitude(&a->x, SECP256K1_GEJ_X_MAGNITUDE_MAX);
secp256k1_fe_verify_magnitude(&a->y, SECP256K1_GEJ_Y_MAGNITUDE_MAX);
secp256k1_fe_verify_magnitude(&a->z, SECP256K1_GEJ_Z_MAGNITUDE_MAX);
VERIFY_CHECK(a->infinity == 0 || a->infinity == 1); VERIFY_CHECK(a->infinity == 0 || a->infinity == 1);
#endif #endif
(void)a; (void)a;
@ -358,7 +363,6 @@ static int secp256k1_gej_eq_x_var(const secp256k1_fe *x, const secp256k1_gej *a)
secp256k1_fe_verify(x); secp256k1_fe_verify(x);
secp256k1_gej_verify(a); secp256k1_gej_verify(a);
#ifdef VERIFY #ifdef VERIFY
VERIFY_CHECK(a->x.magnitude <= 31);
VERIFY_CHECK(!a->infinity); VERIFY_CHECK(!a->infinity);
#endif #endif