Eliminate harmless non-constant time operations on secret data.

There were several places where the code was non-constant time for invalid secret inputs. These are harmless under sane use but get in the way of automatic const-time validation. (Nonce overflow in signing is not addressed, nor is s==0 in signing)
2020-01-11 01:01:05 +00:00
parent 856a01d6ad
commit 34a67c773b
16 changed files with 154 additions and 101 deletions
--- a/src/field_impl.h
+++ b/src/field_impl.h
@@ -315,4 +315,6 @@ static int secp256k1_fe_is_quad_var(const secp256k1_fe *a) {
 #endif
 }

+static const secp256k1_fe secp256k1_fe_one = SECP256K1_FE_CONST(0, 0, 0, 0, 0, 0, 0, 1);
+
 #endif /* SECP256K1_FIELD_IMPL_H */