Merge pull request #92

137e77a Address 'constant-time' TODOs in field impls (Peter Dettman)
pull/11871/head
Pieter Wuille 10 years ago
commit aee112a24e
No known key found for this signature in database
GPG Key ID: 57896D2FF8F0B657

@ -110,13 +110,13 @@ void static inline secp256k1_fe_set_int(secp256k1_fe_t *r, int a) {
#endif
}
// TODO: not constant time!
int static inline secp256k1_fe_is_zero(const secp256k1_fe_t *a) {
#ifdef VERIFY
VERIFY_CHECK(a->normalized);
secp256k1_fe_verify(a);
#endif
return (a->n[0] == 0 && a->n[1] == 0 && a->n[2] == 0 && a->n[3] == 0 && a->n[4] == 0 && a->n[5] == 0 && a->n[6] == 0 && a->n[7] == 0 && a->n[8] == 0 && a->n[9] == 0);
const uint32_t *t = a->n;
return (t[0] | t[1] | t[2] | t[3] | t[4] | t[5] | t[6] | t[7] | t[8] | t[9]) == 0;
}
int static inline secp256k1_fe_is_odd(const secp256k1_fe_t *a) {
@ -137,7 +137,6 @@ void static inline secp256k1_fe_clear(secp256k1_fe_t *a) {
}
}
// TODO: not constant time!
int static inline secp256k1_fe_equal(const secp256k1_fe_t *a, const secp256k1_fe_t *b) {
#ifdef VERIFY
VERIFY_CHECK(a->normalized);
@ -145,8 +144,9 @@ int static inline secp256k1_fe_equal(const secp256k1_fe_t *a, const secp256k1_fe
secp256k1_fe_verify(a);
secp256k1_fe_verify(b);
#endif
return (a->n[0] == b->n[0] && a->n[1] == b->n[1] && a->n[2] == b->n[2] && a->n[3] == b->n[3] && a->n[4] == b->n[4] &&
a->n[5] == b->n[5] && a->n[6] == b->n[6] && a->n[7] == b->n[7] && a->n[8] == b->n[8] && a->n[9] == b->n[9]);
const uint32_t *t = a->n, *u = b->n;
return ((t[0]^u[0]) | (t[1]^u[1]) | (t[2]^u[2]) | (t[3]^u[3]) | (t[4]^u[4])
| (t[5]^u[5]) | (t[6]^u[6]) | (t[7]^u[7]) | (t[8]^u[8]) | (t[9]^u[9])) == 0;
}
void static secp256k1_fe_set_b32(secp256k1_fe_t *r, const unsigned char *a) {
@ -166,7 +166,7 @@ void static secp256k1_fe_set_b32(secp256k1_fe_t *r, const unsigned char *a) {
#endif
}
/** Convert a field element to a 32-byte big endian value. Requires the input to be normalized */
/** Convert a field element to a 32-bote big endian value. Requires the input to be normalized */
void static secp256k1_fe_get_b32(unsigned char *r, const secp256k1_fe_t *a) {
#ifdef VERIFY
VERIFY_CHECK(a->normalized);

@ -109,13 +109,13 @@ void static inline secp256k1_fe_set_int(secp256k1_fe_t *r, int a) {
#endif
}
// TODO: not constant time!
int static inline secp256k1_fe_is_zero(const secp256k1_fe_t *a) {
#ifdef VERIFY
VERIFY_CHECK(a->normalized);
secp256k1_fe_verify(a);
#endif
return (a->n[0] == 0 && a->n[1] == 0 && a->n[2] == 0 && a->n[3] == 0 && a->n[4] == 0);
const uint64_t *t = a->n;
return (t[0] | t[1] | t[2] | t[3] | t[4]) == 0;
}
int static inline secp256k1_fe_is_odd(const secp256k1_fe_t *a) {
@ -136,7 +136,6 @@ void static inline secp256k1_fe_clear(secp256k1_fe_t *a) {
}
}
// TODO: not constant time!
int static inline secp256k1_fe_equal(const secp256k1_fe_t *a, const secp256k1_fe_t *b) {
#ifdef VERIFY
VERIFY_CHECK(a->normalized);
@ -144,7 +143,8 @@ int static inline secp256k1_fe_equal(const secp256k1_fe_t *a, const secp256k1_fe
secp256k1_fe_verify(a);
secp256k1_fe_verify(b);
#endif
return (a->n[0] == b->n[0] && a->n[1] == b->n[1] && a->n[2] == b->n[2] && a->n[3] == b->n[3] && a->n[4] == b->n[4]);
const uint64_t *t = a->n, *u = b->n;
return ((t[0]^u[0]) | (t[1]^u[1]) | (t[2]^u[2]) | (t[3]^u[3]) | (t[4]^u[4])) == 0;
}
void static secp256k1_fe_set_b32(secp256k1_fe_t *r, const unsigned char *a) {

Loading…
Cancel
Save