frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Abstract out verify logic for fe_normalize_var

Browse Source
This commit is contained in:
Pieter Wuille 2022-01-28 17:59:36 -05:00
parent e28b51f522
commit 6c31371120
4 changed files with 16 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/field.h
View File

@ -77,6 +77,7 @@ static const secp256k1_fe secp256k1_const_beta = SECP256K1_FE_CONST(
* function call (even though presumably inlinable). */ * function call (even though presumably inlinable). */
# define secp256k1_fe_normalize secp256k1_fe_impl_normalize # define secp256k1_fe_normalize secp256k1_fe_impl_normalize
# define secp256k1_fe_normalize_weak secp256k1_fe_impl_normalize_weak # define secp256k1_fe_normalize_weak secp256k1_fe_impl_normalize_weak
# define secp256k1_fe_normalize_var secp256k1_fe_impl_normalize_var
#endif /* !defined(VERIFY) */ #endif /* !defined(VERIFY) */
/** Normalize a field element. /** Normalize a field element.
@ -93,7 +94,10 @@ static void secp256k1_fe_normalize(secp256k1_fe *r);
*/ */
static void secp256k1_fe_normalize_weak(secp256k1_fe *r); static void secp256k1_fe_normalize_weak(secp256k1_fe *r);
/** Normalize a field element, without constant-time guarantee. */ /** Normalize a field element, without constant-time guarantee.
*
* Identical in behavior to secp256k1_fe_normalize, but not constant time in r.
*/
static void secp256k1_fe_normalize_var(secp256k1_fe *r); static void secp256k1_fe_normalize_var(secp256k1_fe *r);
/** Verify whether a field element represents zero i.e. would normalize to a zero value. */ /** Verify whether a field element represents zero i.e. would normalize to a zero value. */

8
src/field_10x26_impl.h
View File

@ -133,7 +133,7 @@ static void secp256k1_fe_impl_normalize_weak(secp256k1_fe *r) {
r->n[5] = t5; r->n[6] = t6; r->n[7] = t7; r->n[8] = t8; r->n[9] = t9; r->n[5] = t5; r->n[6] = t6; r->n[7] = t7; r->n[8] = t8; r->n[9] = t9;
} }
static void secp256k1_fe_normalize_var(secp256k1_fe *r) { static void secp256k1_fe_impl_normalize_var(secp256k1_fe *r) {
uint32_t t0 = r->n[0], t1 = r->n[1], t2 = r->n[2], t3 = r->n[3], t4 = r->n[4], uint32_t t0 = r->n[0], t1 = r->n[1], t2 = r->n[2], t3 = r->n[3], t4 = r->n[4],
t5 = r->n[5], t6 = r->n[6], t7 = r->n[7], t8 = r->n[8], t9 = r->n[9]; t5 = r->n[5], t6 = r->n[6], t7 = r->n[7], t8 = r->n[8], t9 = r->n[9];
@ -181,12 +181,6 @@ static void secp256k1_fe_normalize_var(secp256k1_fe *r) {
r->n[0] = t0; r->n[1] = t1; r->n[2] = t2; r->n[3] = t3; r->n[4] = t4; r->n[0] = t0; r->n[1] = t1; r->n[2] = t2; r->n[3] = t3; r->n[4] = t4;
r->n[5] = t5; r->n[6] = t6; r->n[7] = t7; r->n[8] = t8; r->n[9] = t9; r->n[5] = t5; r->n[6] = t6; r->n[7] = t7; r->n[8] = t8; r->n[9] = t9;
#ifdef VERIFY
r->magnitude = 1;
r->normalized = 1;
secp256k1_fe_verify(r);
#endif
} }
static int secp256k1_fe_normalizes_to_zero(const secp256k1_fe *r) { static int secp256k1_fe_normalizes_to_zero(const secp256k1_fe *r) {

8
src/field_5x52_impl.h
View File

@ -108,7 +108,7 @@ static void secp256k1_fe_impl_normalize_weak(secp256k1_fe *r) {
r->n[0] = t0; r->n[1] = t1; r->n[2] = t2; r->n[3] = t3; r->n[4] = t4; r->n[0] = t0; r->n[1] = t1; r->n[2] = t2; r->n[3] = t3; r->n[4] = t4;
} }
static void secp256k1_fe_normalize_var(secp256k1_fe *r) { static void secp256k1_fe_impl_normalize_var(secp256k1_fe *r) {
uint64_t t0 = r->n[0], t1 = r->n[1], t2 = r->n[2], t3 = r->n[3], t4 = r->n[4]; uint64_t t0 = r->n[0], t1 = r->n[1], t2 = r->n[2], t3 = r->n[3], t4 = r->n[4];
/* Reduce t4 at the start so there will be at most a single carry from the first pass */ /* Reduce t4 at the start so there will be at most a single carry from the first pass */
@ -144,12 +144,6 @@ static void secp256k1_fe_normalize_var(secp256k1_fe *r) {
} }
r->n[0] = t0; r->n[1] = t1; r->n[2] = t2; r->n[3] = t3; r->n[4] = t4; r->n[0] = t0; r->n[1] = t1; r->n[2] = t2; r->n[3] = t3; r->n[4] = t4;
#ifdef VERIFY
r->magnitude = 1;
r->normalized = 1;
secp256k1_fe_verify(r);
#endif
} }
static int secp256k1_fe_normalizes_to_zero(const secp256k1_fe *r) { static int secp256k1_fe_normalizes_to_zero(const secp256k1_fe *r) {

9
src/field_impl.h
View File

@ -164,6 +164,15 @@ SECP256K1_INLINE static void secp256k1_fe_normalize_weak(secp256k1_fe *r) {
r->magnitude = 1; r->magnitude = 1;
secp256k1_fe_verify(r); secp256k1_fe_verify(r);
} }
static void secp256k1_fe_impl_normalize_var(secp256k1_fe *r);
SECP256K1_INLINE static void secp256k1_fe_normalize_var(secp256k1_fe *r) {
secp256k1_fe_verify(r);
secp256k1_fe_impl_normalize_var(r);
r->magnitude = 1;
r->normalized = 1;
secp256k1_fe_verify(r);
}
#endif /* defined(VERIFY) */ #endif /* defined(VERIFY) */
#endif /* SECP256K1_FIELD_IMPL_H */ #endif /* SECP256K1_FIELD_IMPL_H */