From b9c1a7648131c5deec9704ee9acd00ec1820b9ce Mon Sep 17 00:00:00 2001 From: Pieter Wuille Date: Fri, 11 Sep 2020 12:44:08 -0700 Subject: Squashed 'src/secp256k1/' changes from 2ed54da18a..8ab24e8dad 8ab24e8dad Merge #558: Add schnorrsig module which implements BIP-340 compliant signatures f3733c5433 Merge #797: Fix Jacobi benchmarks and other benchmark improvements cb5524adc5 Add benchmark for secp256k1_ge_set_gej_var 5c6af60ec5 Make jacobi benchmarks vary inputs d0fdd5f009 Randomize the Z coordinates in bench_internal c7a3424c5f Rename bench_internal variables 875d68b95f Merge #699: Initialize field elements when resulting in infinity 54caf2e74f Merge #799: Add fallback LE/BE for architectures with known endianness + SHA256 selftest f431b3f28a valgrind_ctime_test: Add schnorrsig_sign 16ffa9d97c schnorrsig: Add taproot test case 8dfd53ee3f schnorrsig: Add benchmark for sign and verify 4e43520026 schnorrsig: Add BIP-340 compatible signing and verification 7332d2db6b schnorrsig: Add BIP-340 nonce function 7a703fd97d schnorrsig: Init empty experimental module eabd9bc46a Allow initializing tagged sha256 6fcb5b845d extrakeys: Add keypair_xonly_tweak_add 58254463f9 extrakeys: Add keypair struct with create, pub and pub_xonly f0010349b8 Separate helper functions for pubkey_create and seckey_tweak_add 910d9c284c extrakeys: Add xonly_pubkey_tweak_add & xonly_pubkey_tweak_add_test 176bfb1110 Separate helper function for ec_pubkey_tweak_add 4cd2ee474d extrakeys: Add xonly_pubkey with serialize, parse and from_pubkey f49c9896b0 Merge #806: Trivial: Add test logs to gitignore aabf00c155 Merge #648: Prevent ints from wrapping around in scratch space functions f5adab16a9 Merge #805: Remove the extremely outdated TODO file. bceefd6547 Add test logs to gitignore 1c325199d5 Remove the extremely outdated TODO file. 47e6618e11 extrakeys: Init empty experimental module 3e08b02e2a Make the secp256k1_declassify argument constant 8bc6aeffa9 Add SHA256 selftest 670cdd3f8b Merge #798: Check assumptions on integer implementation at compile time 5e5fb28b4a Use additional system macros to figure out endianness 7c068998ba Compile-time check assumptions on integer types 02b6c87b52 Add support for (signed) __int128 979961c506 Merge #787: Use preprocessor macros instead of autoconf to detect endianness 887bd1f8b6 Merge #793: Make scalar/field choice depend on C-detected __int128 availability 0dccf98a21 Use preprocessor macros instead of autoconf to detect endianness b2c8c42cf1 Merge #795: Avoid linking libcrypto in the valgrind ct test. 57d3a3c64c Avoid linking libcrypto in the valgrind ct test. 79f1f7a4f1 Autodetect __int128 availability on the C side 0d7727f95e Add SECP256K1_FE_STORAGE_CONST_GET to 5x52 field 805082de11 Merge #696: Run a Travis test on s390x (big endian) 39295362cf Test travis s390x (big endian) 6034a04fb1 Merge #778: secp256k1_gej_double_nonzero supports infinity f60915906d Merge #779: travis: Fix argument quoting for ./configure 9e49a9b255 travis: Fix argument quoting for ./configure 18d36327fd secp256k1_gej_double_nonzero supports infinity 214cb3c321 Merge #772: Improve constant-timeness on PowerPC 40412b1930 Merge #774: tests: Abort if malloc() fails during context cloning tests 2e1b9e0458 tests: Abort if malloc() fails during context cloning tests 67a429f31f Suppress a harmless variable-time optimization by clang in _int_cmov 5b196338f0 Remove redundant "? 1 : 0" after comparisons in scalar code 3e5cfc5c73 Merge #741: Remove unnecessary sign variable from wnaf_const 66bb9320c0 Merge #773: Fix some compile problems on weird/old compilers. 1309c03c45 Fix some compile problems on weird/old compilers. 2309c7dd4a Merge #769: Undef HAVE___INT128 in basic-config.h to fix gen_context compilation 22e578bb11 Undef HAVE___INT128 in basic-config.h to fix gen_context compilation 3f4a5a10e4 Merge #765: remove dead store in ecdsa_signature_parse_der_lax f00d6575ca remove dead store in ecdsa_signature_parse_der_lax dbd41db16a Merge #759: Fix uninitialized variables in ecmult_multi test 2e7fc5b537 Fix uninitialized variables in ecmult_multi test 37dba329c6 Remove unnecessary sign variable from wnaf_const 6bb0b77e15 Fix test_constant_wnaf for -1 and add a test for it. 47a7b8382f Clear field elements when writing infinity 61d1ecb028 Added test with additions resulting in infinity 60f7f2de5d Don't assume that ALIGNMENT > 1 in tests ada6361dec Use ROUND_TO_ALIGN in scratch_create 8ecc6ce50e Add check preventing rounding to alignment from wrapping around in scratch_alloc 4edaf06fb0 Add check preventing integer multiplication wrapping around in scratch_max_allocation git-subtree-dir: src/secp256k1 git-subtree-split: 8ab24e8dad9d43fc6661842149899e3cc9213b24 --- src/scalar_8x32_impl.h | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'src/scalar_8x32_impl.h') diff --git a/src/scalar_8x32_impl.h b/src/scalar_8x32_impl.h index 3c372f34fe..f8c7fa7efa 100644 --- a/src/scalar_8x32_impl.h +++ b/src/scalar_8x32_impl.h @@ -271,9 +271,9 @@ static int secp256k1_scalar_cond_negate(secp256k1_scalar *r, int flag) { tl = t; \ } \ c0 += tl; /* overflow is handled on the next line */ \ - th += (c0 < tl) ? 1 : 0; /* at most 0xFFFFFFFF */ \ + th += (c0 < tl); /* at most 0xFFFFFFFF */ \ c1 += th; /* overflow is handled on the next line */ \ - c2 += (c1 < th) ? 1 : 0; /* never overflows by contract (verified in the next line) */ \ + c2 += (c1 < th); /* never overflows by contract (verified in the next line) */ \ VERIFY_CHECK((c1 >= th) || (c2 != 0)); \ } @@ -286,7 +286,7 @@ static int secp256k1_scalar_cond_negate(secp256k1_scalar *r, int flag) { tl = t; \ } \ c0 += tl; /* overflow is handled on the next line */ \ - th += (c0 < tl) ? 1 : 0; /* at most 0xFFFFFFFF */ \ + th += (c0 < tl); /* at most 0xFFFFFFFF */ \ c1 += th; /* never overflows by contract (verified in the next line) */ \ VERIFY_CHECK(c1 >= th); \ } @@ -300,16 +300,16 @@ static int secp256k1_scalar_cond_negate(secp256k1_scalar *r, int flag) { tl = t; \ } \ th2 = th + th; /* at most 0xFFFFFFFE (in case th was 0x7FFFFFFF) */ \ - c2 += (th2 < th) ? 1 : 0; /* never overflows by contract (verified the next line) */ \ + c2 += (th2 < th); /* never overflows by contract (verified the next line) */ \ VERIFY_CHECK((th2 >= th) || (c2 != 0)); \ tl2 = tl + tl; /* at most 0xFFFFFFFE (in case the lowest 63 bits of tl were 0x7FFFFFFF) */ \ - th2 += (tl2 < tl) ? 1 : 0; /* at most 0xFFFFFFFF */ \ + th2 += (tl2 < tl); /* at most 0xFFFFFFFF */ \ c0 += tl2; /* overflow is handled on the next line */ \ - th2 += (c0 < tl2) ? 1 : 0; /* second overflow is handled on the next line */ \ + th2 += (c0 < tl2); /* second overflow is handled on the next line */ \ c2 += (c0 < tl2) & (th2 == 0); /* never overflows by contract (verified the next line) */ \ VERIFY_CHECK((c0 >= tl2) || (th2 != 0) || (c2 != 0)); \ c1 += th2; /* overflow is handled on the next line */ \ - c2 += (c1 < th2) ? 1 : 0; /* never overflows by contract (verified the next line) */ \ + c2 += (c1 < th2); /* never overflows by contract (verified the next line) */ \ VERIFY_CHECK((c1 >= th2) || (c2 != 0)); \ } @@ -317,15 +317,15 @@ static int secp256k1_scalar_cond_negate(secp256k1_scalar *r, int flag) { #define sumadd(a) { \ unsigned int over; \ c0 += (a); /* overflow is handled on the next line */ \ - over = (c0 < (a)) ? 1 : 0; \ + over = (c0 < (a)); \ c1 += over; /* overflow is handled on the next line */ \ - c2 += (c1 < over) ? 1 : 0; /* never overflows by contract */ \ + c2 += (c1 < over); /* never overflows by contract */ \ } /** Add a to the number defined by (c0,c1). c1 must never overflow, c2 must be zero. */ #define sumadd_fast(a) { \ c0 += (a); /* overflow is handled on the next line */ \ - c1 += (c0 < (a)) ? 1 : 0; /* never overflows by contract (verified the next line) */ \ + c1 += (c0 < (a)); /* never overflows by contract (verified the next line) */ \ VERIFY_CHECK((c1 != 0) | (c0 >= (a))); \ VERIFY_CHECK(c2 == 0); \ } -- cgit v1.2.3