frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix interaction between magnitudes and negation

Browse Source 
Magnitude m means values are allowed to be up to 2 * 0xFFF...FFF * m,
while the argument passed to secp256k1_fe_negate didn't take the 2 into
account. Fix this.
This commit is contained in:
Pieter Wuille 2014-11-02 01:22:20 -08:00
parent b0295868f4
commit 7a8e385d74
2 changed files with 15 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/field_10x26_impl.h
View File

@ -188,16 +188,16 @@ void static inline secp256k1_fe_negate(secp256k1_fe_t *r, const secp256k1_fe_t *
VERIFY_CHECK(a->magnitude <= m); VERIFY_CHECK(a->magnitude <= m);
secp256k1_fe_verify(a); secp256k1_fe_verify(a);
#endif #endif
r->n[0] = 0x3FFFC2FUL * (m + 1) - a->n[0]; r->n[0] = 0x3FFFC2FUL * 2 * (m + 1) - a->n[0];
r->n[1] = 0x3FFFFBFUL * (m + 1) - a->n[1]; r->n[1] = 0x3FFFFBFUL * 2 * (m + 1) - a->n[1];
r->n[2] = 0x3FFFFFFUL * (m + 1) - a->n[2]; r->n[2] = 0x3FFFFFFUL * 2 * (m + 1) - a->n[2];
r->n[3] = 0x3FFFFFFUL * (m + 1) - a->n[3]; r->n[3] = 0x3FFFFFFUL * 2 * (m + 1) - a->n[3];
r->n[4] = 0x3FFFFFFUL * (m + 1) - a->n[4]; r->n[4] = 0x3FFFFFFUL * 2 * (m + 1) - a->n[4];
r->n[5] = 0x3FFFFFFUL * (m + 1) - a->n[5]; r->n[5] = 0x3FFFFFFUL * 2 * (m + 1) - a->n[5];
r->n[6] = 0x3FFFFFFUL * (m + 1) - a->n[6]; r->n[6] = 0x3FFFFFFUL * 2 * (m + 1) - a->n[6];
r->n[7] = 0x3FFFFFFUL * (m + 1) - a->n[7]; r->n[7] = 0x3FFFFFFUL * 2 * (m + 1) - a->n[7];
r->n[8] = 0x3FFFFFFUL * (m + 1) - a->n[8]; r->n[8] = 0x3FFFFFFUL * 2 * (m + 1) - a->n[8];
r->n[9] = 0x03FFFFFUL * (m + 1) - a->n[9]; r->n[9] = 0x03FFFFFUL * 2 * (m + 1) - a->n[9];
#ifdef VERIFY #ifdef VERIFY
r->magnitude = m + 1; r->magnitude = m + 1;
r->normalized = 0; r->normalized = 0;

10
src/field_5x52_impl.h
View File

@ -185,11 +185,11 @@ void static inline secp256k1_fe_negate(secp256k1_fe_t *r, const secp256k1_fe_t *
VERIFY_CHECK(a->magnitude <= m); VERIFY_CHECK(a->magnitude <= m);
secp256k1_fe_verify(a); secp256k1_fe_verify(a);
#endif #endif
r->n[0] = 0xFFFFEFFFFFC2FULL * (m + 1) - a->n[0]; r->n[0] = 0xFFFFEFFFFFC2FULL * 2 * (m + 1) - a->n[0];
r->n[1] = 0xFFFFFFFFFFFFFULL * (m + 1) - a->n[1]; r->n[1] = 0xFFFFFFFFFFFFFULL * 2 * (m + 1) - a->n[1];
r->n[2] = 0xFFFFFFFFFFFFFULL * (m + 1) - a->n[2]; r->n[2] = 0xFFFFFFFFFFFFFULL * 2 * (m + 1) - a->n[2];
r->n[3] = 0xFFFFFFFFFFFFFULL * (m + 1) - a->n[3]; r->n[3] = 0xFFFFFFFFFFFFFULL * 2 * (m + 1) - a->n[3];
r->n[4] = 0x0FFFFFFFFFFFFULL * (m + 1) - a->n[4]; r->n[4] = 0x0FFFFFFFFFFFFULL * 2 * (m + 1) - a->n[4];
#ifdef VERIFY #ifdef VERIFY
r->magnitude = m + 1; r->magnitude = m + 1;
r->normalized = 0; r->normalized = 0;