secp256k1-zkp/src at 29a299e373d5f0e326be74c514c7c70ddf50cce1 - secp256k1-zkp - Gitea: Git with a cup of rooibos tea

frost/secp256k1-zkp

History

Fabien 7506e064d7 Prevent arithmetic on NULL pointer if the scratch space is too small

If the scratch space is too small when calling
`secp256k1_ecmult_strauss_batch()`, the `state.pre_a` allocation will
fail and the pointer will be `NULL`. This causes `state.pre_a_lam` to be
computed from the `NULL` pointer.

It is also possible that the first allocation to fail is for `state.ps`,
which will cause the failure to occur when in
`secp256k1_ecmult_strauss_wnaf()`.

The issue has been detected by UBSAN using Clang 10:
```
CC=clang \
CFLAGS="-fsanitize=undefined -fno-omit-frame-pointer" \
LDFLAGS="-fsanitize=undefined -fno-omit-frame-pointer" \
../configure

UBSAN_OPTIONS=print_stacktrace=1:halt_on_error=1 make check
```

2020-10-27 08:41:14 +01:00

..

Allow field_10x26_arm.s to compile for ARMv7 architecture

2019-05-07 22:37:35 +03:00

Switch to our own memcmp function

2020-10-11 10:39:20 -07:00

assumptions.h

Add static assertion that uint32_t is unsigned int or wider

2020-09-17 13:35:37 +02:00

basic-config.h

Rip out non-endomorphism code

2020-10-13 11:31:13 -07:00

bench_ecdh.c

Pass num of iters to benchmarks as variable, and define envvar

2020-03-13 11:48:01 +02:00

bench_ecmult.c

Pass num of iters to benchmarks as variable, and define envvar

2020-03-13 11:48:01 +02:00

bench_internal.c

Rip out non-endomorphism code

2020-10-13 11:31:13 -07:00

bench_recover.c

Pass num of iters to benchmarks as variable, and define envvar

2020-03-13 11:48:01 +02:00

bench_schnorrsig.c

schnorrsig: Add benchmark for sign and verify

2020-09-06 19:00:08 +00:00

bench_sign.c

Pass num of iters to benchmarks as variable, and define envvar

2020-03-13 11:48:01 +02:00

bench_verify.c

Pass num of iters to benchmarks as variable, and define envvar

2020-03-13 11:48:01 +02:00

bench.h

Pass num of iters to benchmarks as variable, and define envvar

2020-03-13 11:48:01 +02:00

ecdsa_impl.h

Make ecdsa_sig_sign constant-time again after reverting 25e3cfb

2020-03-31 15:03:58 +02:00

ecdsa.h

Fix header guards using reserved identifiers

2017-08-26 18:44:21 +03:00

eckey_impl.h

Return 0 if the given seckey is invalid in privkey_negate, privkey_tweak_add and privkey_tweak_mul

2020-03-30 20:51:47 +00:00

eckey.h

Fix header guards using reserved identifiers

2017-08-26 18:44:21 +03:00

ecmult_const_impl.h

Rip out non-endomorphism code

2020-10-13 11:31:13 -07:00

ecmult_const.h

Add a descriptive comment for secp256k1_ecmult_const.

2019-06-04 01:52:44 +00:00

ecmult_gen_impl.h

Eliminate harmless non-constant time operations on secret data.

2020-02-20 17:27:03 +00:00

ecmult_gen.h

variable signing precompute table

2019-09-05 09:19:41 +02:00

ecmult_impl.h

Prevent arithmetic on NULL pointer if the scratch space is too small

2020-10-27 08:41:14 +01:00

ecmult.h

Rip out non-endomorphism code

2020-10-13 11:31:13 -07:00

field_5x52_asm_impl.h

Fix header guards using reserved identifiers

2017-08-26 18:44:21 +03:00

field_5x52_impl.h

Add valgrind uninit check to cmovs output

2020-05-26 23:30:56 +03:00

field_5x52_int128_impl.h

Correct math typos in field_*.h

2018-07-06 08:40:35 -04:00

field_5x52.h

Add SECP256K1_FE_STORAGE_CONST_GET to 5x52 field

2020-08-10 14:34:01 -07:00

field_10x26_impl.h

Add valgrind uninit check to cmovs output

2020-05-26 23:30:56 +03:00

field_10x26.h

Correct math typos in field_*.h

2018-07-06 08:40:35 -04:00

field_impl.h

Autodetect __int128 availability on the C side

2020-08-10 14:56:39 -07:00

field.h

Autodetect __int128 availability on the C side

2020-08-10 14:56:39 -07:00

gen_context.c

Compile-time check assumptions on integer types

2020-08-14 16:12:49 -07:00

group_impl.h

Rip out non-endomorphism code

2020-10-13 11:31:13 -07:00

group.h

Rip out non-endomorphism code

2020-10-13 11:31:13 -07:00

hash_impl.h

Allow initializing tagged sha256

2020-09-06 19:00:03 +00:00

hash.h

Get rid of reserved _t in type names

2017-09-27 15:03:20 -07:00

num_gmp_impl.h

Fix header guards using reserved identifiers

2017-08-26 18:44:21 +03:00

num_gmp.h

Fix header guards using reserved identifiers

2017-08-26 18:44:21 +03:00

num_impl.h

Fix header guards using reserved identifiers

2017-08-26 18:44:21 +03:00

num.h

Fix header guards using reserved identifiers

2017-08-26 18:44:21 +03:00

scalar_4x64_impl.h

Rip out non-endomorphism code

2020-10-13 11:31:13 -07:00

scalar_4x64.h

Fix header guards using reserved identifiers

2017-08-26 18:44:21 +03:00

scalar_8x32_impl.h

Rip out non-endomorphism code

2020-10-13 11:31:13 -07:00

scalar_8x32.h

Fix header guards using reserved identifiers

2017-08-26 18:44:21 +03:00

scalar_impl.h

Consistency improvements to the comments

2020-10-13 13:21:50 -07:00

scalar_low_impl.h

Make secp256k1_scalar_b32 detect overflow in scalar_low

2020-09-18 14:01:15 -07:00

scalar_low.h

Eliminate harmless non-constant time operations on secret data.

2020-02-20 17:27:03 +00:00

scalar.h

Rip out non-endomorphism code

2020-10-13 11:31:13 -07:00

scratch_impl.h

Switch to our own memcmp function

2020-10-11 10:39:20 -07:00

scratch.h

scratch: replace frames with "checkpoint" system

2019-05-26 01:05:09 +00:00

secp256k1.c

Make pubkey parsing test whether points are in the correct subgroup

2020-09-18 14:11:38 -07:00

selftest.h

Switch to our own memcmp function

2020-10-11 10:39:20 -07:00

testrand_impl.h

Rename testrand functions to have test in name

2020-09-25 20:50:43 -07:00

testrand.h

Rename testrand functions to have test in name

2020-09-25 20:50:43 -07:00

tests_exhaustive.c

Rip out non-endomorphism code

2020-10-13 11:31:13 -07:00

tests.c

Rip out non-endomorphism code

2020-10-13 11:31:13 -07:00

util.h

Switch to our own memcmp function

2020-10-11 10:39:20 -07:00

valgrind_ctime_test.c

Enable -Wundef warning

2020-09-18 13:39:17 +02:00