From 4efb3f8dd1bc70d1d9cb7c59faf0e1c64794c57b Mon Sep 17 00:00:00 2001 From: Russell O'Connor Date: Fri, 6 Jul 2018 07:26:57 -0400 Subject: [PATCH 1/3] Add check that restrict pointers don't alias with all parameters. --- src/field_10x26_impl.h | 1 + src/field_5x52_impl.h | 1 + src/field_5x52_int128_impl.h | 1 + 3 files changed, 3 insertions(+) diff --git a/src/field_10x26_impl.h b/src/field_10x26_impl.h index 94f8132..5761357 100644 --- a/src/field_10x26_impl.h +++ b/src/field_10x26_impl.h @@ -1069,6 +1069,7 @@ static void secp256k1_fe_mul(secp256k1_fe *r, const secp256k1_fe *a, const secp2 secp256k1_fe_verify(a); secp256k1_fe_verify(b); VERIFY_CHECK(r != b); + VERIFY_CHECK(a != b); #endif secp256k1_fe_mul_inner(r->n, a->n, b->n); #ifdef VERIFY diff --git a/src/field_5x52_impl.h b/src/field_5x52_impl.h index 957c61b..60112b7 100644 --- a/src/field_5x52_impl.h +++ b/src/field_5x52_impl.h @@ -422,6 +422,7 @@ static void secp256k1_fe_mul(secp256k1_fe *r, const secp256k1_fe *a, const secp2 secp256k1_fe_verify(a); secp256k1_fe_verify(b); VERIFY_CHECK(r != b); + VERIFY_CHECK(a != b); #endif secp256k1_fe_mul_inner(r->n, a->n, b->n); #ifdef VERIFY diff --git a/src/field_5x52_int128_impl.h b/src/field_5x52_int128_impl.h index 95a0d17..16f2cac 100644 --- a/src/field_5x52_int128_impl.h +++ b/src/field_5x52_int128_impl.h @@ -32,6 +32,7 @@ SECP256K1_INLINE static void secp256k1_fe_mul_inner(uint64_t *r, const uint64_t VERIFY_BITS(b[3], 56); VERIFY_BITS(b[4], 52); VERIFY_CHECK(r != b); + VERIFY_CHECK(a != b); /* [... a b c] is a shorthand for ... + a<<104 + b<<52 + c<<0 mod n. * px is a shorthand for sum(a[i]*b[x-i], i=0..x). From deff5edd425bf9aee5ecf5439292347a75ce304f Mon Sep 17 00:00:00 2001 From: Russell O'Connor Date: Fri, 6 Jul 2018 07:53:32 -0400 Subject: [PATCH 2/3] Correct math typos in field_*.h --- src/field_10x26.h | 4 +++- src/field_10x26_impl.h | 3 ++- src/field_5x52.h | 4 +++- src/field_5x52_int128_impl.h | 3 ++- 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/src/field_10x26.h b/src/field_10x26.h index 727c526..5ff03c8 100644 --- a/src/field_10x26.h +++ b/src/field_10x26.h @@ -10,7 +10,9 @@ #include typedef struct { - /* X = sum(i=0..9, elem[i]*2^26) mod n */ + /* X = sum(i=0..9, n[i]*2^(i*26)) mod p + * where p = 2^256 - 0x1000003D1 + */ uint32_t n[10]; #ifdef VERIFY int magnitude; diff --git a/src/field_10x26_impl.h b/src/field_10x26_impl.h index 5761357..d840825 100644 --- a/src/field_10x26_impl.h +++ b/src/field_10x26_impl.h @@ -486,7 +486,8 @@ SECP256K1_INLINE static void secp256k1_fe_mul_inner(uint32_t *r, const uint32_t VERIFY_BITS(b[9], 26); /** [... a b c] is a shorthand for ... + a<<52 + b<<26 + c<<0 mod n. - * px is a shorthand for sum(a[i]*b[x-i], i=0..x). + * for 0 <= x <= 9, px is a shorthand for sum(a[i]*b[x-i], i=0..x). + * for 9 <= x <= 18, px is a shorthand for sum(a[i]*b[x-i], i=(x-9)..9) * Note that [x 0 0 0 0 0 0 0 0 0 0] = [x*R1 x*R0]. */ diff --git a/src/field_5x52.h b/src/field_5x52.h index bccd8fe..fc5bfe3 100644 --- a/src/field_5x52.h +++ b/src/field_5x52.h @@ -10,7 +10,9 @@ #include typedef struct { - /* X = sum(i=0..4, elem[i]*2^52) mod n */ + /* X = sum(i=0..4, n[i]*2^(i*52)) mod p + * where p = 2^256 - 0x1000003D1 + */ uint64_t n[5]; #ifdef VERIFY int magnitude; diff --git a/src/field_5x52_int128_impl.h b/src/field_5x52_int128_impl.h index 16f2cac..bcbfb92 100644 --- a/src/field_5x52_int128_impl.h +++ b/src/field_5x52_int128_impl.h @@ -35,7 +35,8 @@ SECP256K1_INLINE static void secp256k1_fe_mul_inner(uint64_t *r, const uint64_t VERIFY_CHECK(a != b); /* [... a b c] is a shorthand for ... + a<<104 + b<<52 + c<<0 mod n. - * px is a shorthand for sum(a[i]*b[x-i], i=0..x). + * for 0 <= x <= 4, px is a shorthand for sum(a[i]*b[x-i], i=0..x). + * for 4 <= x <= 8, px is a shorthand for sum(a[i]*b[x-i], i=(x-4)..4) * Note that [x 0 0 0 0 0] = [x*R]. */ From 52ab96fedb11578b77f7ceb94bcc89c74bb4e481 Mon Sep 17 00:00:00 2001 From: Russell O'Connor Date: Fri, 6 Jul 2018 07:38:03 -0400 Subject: [PATCH 3/3] clean dependendies in field_*_impl.h --- src/field_10x26_impl.h | 1 - src/field_5x52_impl.h | 1 - src/field_impl.h | 1 + 3 files changed, 1 insertion(+), 2 deletions(-) diff --git a/src/field_10x26_impl.h b/src/field_10x26_impl.h index d840825..4ae4fdc 100644 --- a/src/field_10x26_impl.h +++ b/src/field_10x26_impl.h @@ -8,7 +8,6 @@ #define SECP256K1_FIELD_REPR_IMPL_H #include "util.h" -#include "num.h" #include "field.h" #ifdef VERIFY diff --git a/src/field_5x52_impl.h b/src/field_5x52_impl.h index 60112b7..f426332 100644 --- a/src/field_5x52_impl.h +++ b/src/field_5x52_impl.h @@ -12,7 +12,6 @@ #endif #include "util.h" -#include "num.h" #include "field.h" #if defined(USE_ASM_X86_64) diff --git a/src/field_impl.h b/src/field_impl.h index 2042864..f9f0a1c 100644 --- a/src/field_impl.h +++ b/src/field_impl.h @@ -12,6 +12,7 @@ #endif #include "util.h" +#include "num.h" #if defined(USE_FIELD_10X26) #include "field_10x26_impl.h"