Skip to content

Commit

Permalink
Separate secp256k1_fe_set_int( . , 0 ) from secp256k1_fe_clear()
Browse files Browse the repository at this point in the history
There are two uses of the secp256k1_fe_clear() function that are now separated
into these two functions in order to reflect the intent:

1) initializing the memory prior to being used -> converted to fe_set_int( . , 0 )
2) zeroing the memory after being used such that no sensitive data remains. ->
    remains as fe_clear()

In the latter case, 'magnitude' and 'normalized' need to be overwritten when
VERIFY is enabled.

Co-Authored-By: isle2983 <isle2983@yahoo.com>
  • Loading branch information
2 people authored and theStack committed Oct 25, 2024
1 parent 1c08126 commit d79a6cc
Show file tree
Hide file tree
Showing 4 changed files with 8 additions and 12 deletions.
6 changes: 1 addition & 5 deletions src/field.h
Original file line number Diff line number Diff line change
Expand Up @@ -144,11 +144,7 @@ static int secp256k1_fe_normalizes_to_zero_var(const secp256k1_fe *r);
*/
static void secp256k1_fe_set_int(secp256k1_fe *r, int a);

/** Set a field element to 0.
*
* On input, a does not need to be initialized.
* On output, a represents 0, is normalized and has magnitude 0.
*/
/** Clear a field element to prevent leaking sensitive information. */
static void secp256k1_fe_clear(secp256k1_fe *a);

/** Determine whether a represents field element 0.
Expand Down
2 changes: 1 addition & 1 deletion src/field_impl.h
Original file line number Diff line number Diff line change
Expand Up @@ -235,7 +235,7 @@ SECP256K1_INLINE static void secp256k1_fe_add_int(secp256k1_fe *r, int a) {
static void secp256k1_fe_impl_clear(secp256k1_fe *a);
SECP256K1_INLINE static void secp256k1_fe_clear(secp256k1_fe *a) {
a->magnitude = 0;
a->normalized = 1;
a->normalized = 0;
secp256k1_fe_impl_clear(a);

SECP256K1_FE_VERIFY(a);
Expand Down
10 changes: 5 additions & 5 deletions src/group_impl.h
Original file line number Diff line number Diff line change
Expand Up @@ -283,17 +283,17 @@ static void secp256k1_ge_table_set_globalz(size_t len, secp256k1_ge *a, const se

static void secp256k1_gej_set_infinity(secp256k1_gej *r) {
r->infinity = 1;
secp256k1_fe_clear(&r->x);
secp256k1_fe_clear(&r->y);
secp256k1_fe_clear(&r->z);
secp256k1_fe_set_int(&r->x, 0);
secp256k1_fe_set_int(&r->y, 0);
secp256k1_fe_set_int(&r->z, 0);

SECP256K1_GEJ_VERIFY(r);
}

static void secp256k1_ge_set_infinity(secp256k1_ge *r) {
r->infinity = 1;
secp256k1_fe_clear(&r->x);
secp256k1_fe_clear(&r->y);
secp256k1_fe_set_int(&r->x, 0);
secp256k1_fe_set_int(&r->y, 0);

SECP256K1_GE_VERIFY(r);
}
Expand Down
2 changes: 1 addition & 1 deletion src/testutil.h
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ static void testutil_random_fe_magnitude(secp256k1_fe *fe, int m) {
if (n == 0) {
return;
}
secp256k1_fe_clear(&zero);
secp256k1_fe_set_int(&zero, 0);
secp256k1_fe_negate(&zero, &zero, 0);
secp256k1_fe_mul_int_unchecked(&zero, n - 1);
secp256k1_fe_add(fe, &zero);
Expand Down

0 comments on commit d79a6cc

Please sign in to comment.