Skip to content

Commit 2489c59

Browse files
theStacktheStack
committed
introduce and use SECP256K1_SCALAR_VERIFY macro
By providing an uppercase variant of these verification functions, it is better visible that it is test code.
1 parent b67c325 commit 2489c59

5 files changed

+122
-121
lines changed

src/scalar.h

+1
Original file line numberDiff line numberDiff line change
@@ -101,5 +101,6 @@ static void secp256k1_scalar_cmov(secp256k1_scalar *r, const secp256k1_scalar *a
101101

102102
/** Check invariants on a scalar (no-op unless VERIFY is enabled). */
103103
static void secp256k1_scalar_verify(const secp256k1_scalar *r);
104+
#define SECP256K1_SCALAR_VERIFY(r) secp256k1_scalar_verify(r)
104105

105106
#endif /* SECP256K1_SCALAR_H */

src/scalar_4x64_impl.h

+40-40
Original file line numberDiff line numberDiff line change
@@ -42,18 +42,18 @@ SECP256K1_INLINE static void secp256k1_scalar_set_int(secp256k1_scalar *r, unsig
4242
r->d[2] = 0;
4343
r->d[3] = 0;
4444

45-
secp256k1_scalar_verify(r);
45+
SECP256K1_SCALAR_VERIFY(r);
4646
}
4747

4848
SECP256K1_INLINE static unsigned int secp256k1_scalar_get_bits(const secp256k1_scalar *a, unsigned int offset, unsigned int count) {
49-
secp256k1_scalar_verify(a);
49+
SECP256K1_SCALAR_VERIFY(a);
5050
VERIFY_CHECK((offset + count - 1) >> 6 == offset >> 6);
5151

5252
return (a->d[offset >> 6] >> (offset & 0x3F)) & ((((uint64_t)1) << count) - 1);
5353
}
5454

5555
SECP256K1_INLINE static unsigned int secp256k1_scalar_get_bits_var(const secp256k1_scalar *a, unsigned int offset, unsigned int count) {
56-
secp256k1_scalar_verify(a);
56+
SECP256K1_SCALAR_VERIFY(a);
5757
VERIFY_CHECK(count < 32);
5858
VERIFY_CHECK(offset + count <= 256);
5959

@@ -93,15 +93,15 @@ SECP256K1_INLINE static int secp256k1_scalar_reduce(secp256k1_scalar *r, unsigne
9393
secp256k1_u128_accum_u64(&t, r->d[3]);
9494
r->d[3] = secp256k1_u128_to_u64(&t);
9595

96-
secp256k1_scalar_verify(r);
96+
SECP256K1_SCALAR_VERIFY(r);
9797
return overflow;
9898
}
9999

100100
static int secp256k1_scalar_add(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b) {
101101
int overflow;
102102
secp256k1_uint128 t;
103-
secp256k1_scalar_verify(a);
104-
secp256k1_scalar_verify(b);
103+
SECP256K1_SCALAR_VERIFY(a);
104+
SECP256K1_SCALAR_VERIFY(b);
105105

106106
secp256k1_u128_from_u64(&t, a->d[0]);
107107
secp256k1_u128_accum_u64(&t, b->d[0]);
@@ -119,14 +119,14 @@ static int secp256k1_scalar_add(secp256k1_scalar *r, const secp256k1_scalar *a,
119119
VERIFY_CHECK(overflow == 0 || overflow == 1);
120120
secp256k1_scalar_reduce(r, overflow);
121121

122-
secp256k1_scalar_verify(r);
122+
SECP256K1_SCALAR_VERIFY(r);
123123
return overflow;
124124
}
125125

126126
static void secp256k1_scalar_cadd_bit(secp256k1_scalar *r, unsigned int bit, int flag) {
127127
secp256k1_uint128 t;
128128
volatile int vflag = flag;
129-
secp256k1_scalar_verify(r);
129+
SECP256K1_SCALAR_VERIFY(r);
130130
VERIFY_CHECK(bit < 256);
131131

132132
bit += ((uint32_t) vflag - 1) & 0x100; /* forcing (bit >> 6) > 3 makes this a noop */
@@ -143,7 +143,7 @@ static void secp256k1_scalar_cadd_bit(secp256k1_scalar *r, unsigned int bit, int
143143
secp256k1_u128_accum_u64(&t, ((uint64_t)((bit >> 6) == 3)) << (bit & 0x3F));
144144
r->d[3] = secp256k1_u128_to_u64(&t);
145145

146-
secp256k1_scalar_verify(r);
146+
SECP256K1_SCALAR_VERIFY(r);
147147
VERIFY_CHECK(secp256k1_u128_hi_u64(&t) == 0);
148148
}
149149

@@ -158,11 +158,11 @@ static void secp256k1_scalar_set_b32(secp256k1_scalar *r, const unsigned char *b
158158
*overflow = over;
159159
}
160160

161-
secp256k1_scalar_verify(r);
161+
SECP256K1_SCALAR_VERIFY(r);
162162
}
163163

164164
static void secp256k1_scalar_get_b32(unsigned char *bin, const secp256k1_scalar* a) {
165-
secp256k1_scalar_verify(a);
165+
SECP256K1_SCALAR_VERIFY(a);
166166

167167
secp256k1_write_be64(&bin[0], a->d[3]);
168168
secp256k1_write_be64(&bin[8], a->d[2]);
@@ -171,15 +171,15 @@ static void secp256k1_scalar_get_b32(unsigned char *bin, const secp256k1_scalar*
171171
}
172172

173173
SECP256K1_INLINE static int secp256k1_scalar_is_zero(const secp256k1_scalar *a) {
174-
secp256k1_scalar_verify(a);
174+
SECP256K1_SCALAR_VERIFY(a);
175175

176176
return (a->d[0] | a->d[1] | a->d[2] | a->d[3]) == 0;
177177
}
178178

179179
static void secp256k1_scalar_negate(secp256k1_scalar *r, const secp256k1_scalar *a) {
180180
uint64_t nonzero = 0xFFFFFFFFFFFFFFFFULL * (secp256k1_scalar_is_zero(a) == 0);
181181
secp256k1_uint128 t;
182-
secp256k1_scalar_verify(a);
182+
SECP256K1_SCALAR_VERIFY(a);
183183

184184
secp256k1_u128_from_u64(&t, ~a->d[0]);
185185
secp256k1_u128_accum_u64(&t, SECP256K1_N_0 + 1);
@@ -194,19 +194,19 @@ static void secp256k1_scalar_negate(secp256k1_scalar *r, const secp256k1_scalar
194194
secp256k1_u128_accum_u64(&t, SECP256K1_N_3);
195195
r->d[3] = secp256k1_u128_to_u64(&t) & nonzero;
196196

197-
secp256k1_scalar_verify(r);
197+
SECP256K1_SCALAR_VERIFY(r);
198198
}
199199

200200
SECP256K1_INLINE static int secp256k1_scalar_is_one(const secp256k1_scalar *a) {
201-
secp256k1_scalar_verify(a);
201+
SECP256K1_SCALAR_VERIFY(a);
202202

203203
return ((a->d[0] ^ 1) | a->d[1] | a->d[2] | a->d[3]) == 0;
204204
}
205205

206206
static int secp256k1_scalar_is_high(const secp256k1_scalar *a) {
207207
int yes = 0;
208208
int no = 0;
209-
secp256k1_scalar_verify(a);
209+
SECP256K1_SCALAR_VERIFY(a);
210210

211211
no |= (a->d[3] < SECP256K1_N_H_3);
212212
yes |= (a->d[3] > SECP256K1_N_H_3) & ~no;
@@ -224,7 +224,7 @@ static int secp256k1_scalar_cond_negate(secp256k1_scalar *r, int flag) {
224224
uint64_t mask = -vflag;
225225
uint64_t nonzero = (secp256k1_scalar_is_zero(r) != 0) - 1;
226226
secp256k1_uint128 t;
227-
secp256k1_scalar_verify(r);
227+
SECP256K1_SCALAR_VERIFY(r);
228228

229229
secp256k1_u128_from_u64(&t, r->d[0] ^ mask);
230230
secp256k1_u128_accum_u64(&t, (SECP256K1_N_0 + 1) & mask);
@@ -239,7 +239,7 @@ static int secp256k1_scalar_cond_negate(secp256k1_scalar *r, int flag) {
239239
secp256k1_u128_accum_u64(&t, SECP256K1_N_3 & mask);
240240
r->d[3] = secp256k1_u128_to_u64(&t) & nonzero;
241241

242-
secp256k1_scalar_verify(r);
242+
SECP256K1_SCALAR_VERIFY(r);
243243
return 2 * (mask == 0) - 1;
244244
}
245245

@@ -798,18 +798,18 @@ static void secp256k1_scalar_mul_512(uint64_t l[8], const secp256k1_scalar *a, c
798798

799799
static void secp256k1_scalar_mul(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b) {
800800
uint64_t l[8];
801-
secp256k1_scalar_verify(a);
802-
secp256k1_scalar_verify(b);
801+
SECP256K1_SCALAR_VERIFY(a);
802+
SECP256K1_SCALAR_VERIFY(b);
803803

804804
secp256k1_scalar_mul_512(l, a, b);
805805
secp256k1_scalar_reduce_512(r, l);
806806

807-
secp256k1_scalar_verify(r);
807+
SECP256K1_SCALAR_VERIFY(r);
808808
}
809809

810810
static int secp256k1_scalar_shr_int(secp256k1_scalar *r, int n) {
811811
int ret;
812-
secp256k1_scalar_verify(r);
812+
SECP256K1_SCALAR_VERIFY(r);
813813
VERIFY_CHECK(n > 0);
814814
VERIFY_CHECK(n < 16);
815815

@@ -819,12 +819,12 @@ static int secp256k1_scalar_shr_int(secp256k1_scalar *r, int n) {
819819
r->d[2] = (r->d[2] >> n) + (r->d[3] << (64 - n));
820820
r->d[3] = (r->d[3] >> n);
821821

822-
secp256k1_scalar_verify(r);
822+
SECP256K1_SCALAR_VERIFY(r);
823823
return ret;
824824
}
825825

826826
static void secp256k1_scalar_split_128(secp256k1_scalar *r1, secp256k1_scalar *r2, const secp256k1_scalar *k) {
827-
secp256k1_scalar_verify(k);
827+
SECP256K1_SCALAR_VERIFY(k);
828828

829829
r1->d[0] = k->d[0];
830830
r1->d[1] = k->d[1];
@@ -835,13 +835,13 @@ static void secp256k1_scalar_split_128(secp256k1_scalar *r1, secp256k1_scalar *r
835835
r2->d[2] = 0;
836836
r2->d[3] = 0;
837837

838-
secp256k1_scalar_verify(r1);
839-
secp256k1_scalar_verify(r2);
838+
SECP256K1_SCALAR_VERIFY(r1);
839+
SECP256K1_SCALAR_VERIFY(r2);
840840
}
841841

842842
SECP256K1_INLINE static int secp256k1_scalar_eq(const secp256k1_scalar *a, const secp256k1_scalar *b) {
843-
secp256k1_scalar_verify(a);
844-
secp256k1_scalar_verify(b);
843+
SECP256K1_SCALAR_VERIFY(a);
844+
SECP256K1_SCALAR_VERIFY(b);
845845

846846
return ((a->d[0] ^ b->d[0]) | (a->d[1] ^ b->d[1]) | (a->d[2] ^ b->d[2]) | (a->d[3] ^ b->d[3])) == 0;
847847
}
@@ -851,8 +851,8 @@ SECP256K1_INLINE static void secp256k1_scalar_mul_shift_var(secp256k1_scalar *r,
851851
unsigned int shiftlimbs;
852852
unsigned int shiftlow;
853853
unsigned int shifthigh;
854-
secp256k1_scalar_verify(a);
855-
secp256k1_scalar_verify(b);
854+
SECP256K1_SCALAR_VERIFY(a);
855+
SECP256K1_SCALAR_VERIFY(b);
856856
VERIFY_CHECK(shift >= 256);
857857

858858
secp256k1_scalar_mul_512(l, a, b);
@@ -865,13 +865,13 @@ SECP256K1_INLINE static void secp256k1_scalar_mul_shift_var(secp256k1_scalar *r,
865865
r->d[3] = shift < 320 ? (l[3 + shiftlimbs] >> shiftlow) : 0;
866866
secp256k1_scalar_cadd_bit(r, 0, (l[(shift - 1) >> 6] >> ((shift - 1) & 0x3f)) & 1);
867867

868-
secp256k1_scalar_verify(r);
868+
SECP256K1_SCALAR_VERIFY(r);
869869
}
870870

871871
static SECP256K1_INLINE void secp256k1_scalar_cmov(secp256k1_scalar *r, const secp256k1_scalar *a, int flag) {
872872
uint64_t mask0, mask1;
873873
volatile int vflag = flag;
874-
secp256k1_scalar_verify(a);
874+
SECP256K1_SCALAR_VERIFY(a);
875875
SECP256K1_CHECKMEM_CHECK_VERIFY(r->d, sizeof(r->d));
876876

877877
mask0 = vflag + ~((uint64_t)0);
@@ -881,7 +881,7 @@ static SECP256K1_INLINE void secp256k1_scalar_cmov(secp256k1_scalar *r, const se
881881
r->d[2] = (r->d[2] & mask0) | (a->d[2] & mask1);
882882
r->d[3] = (r->d[3] & mask0) | (a->d[3] & mask1);
883883

884-
secp256k1_scalar_verify(r);
884+
SECP256K1_SCALAR_VERIFY(r);
885885
}
886886

887887
static void secp256k1_scalar_from_signed62(secp256k1_scalar *r, const secp256k1_modinv64_signed62 *a) {
@@ -901,13 +901,13 @@ static void secp256k1_scalar_from_signed62(secp256k1_scalar *r, const secp256k1_
901901
r->d[2] = a2 >> 4 | a3 << 58;
902902
r->d[3] = a3 >> 6 | a4 << 56;
903903

904-
secp256k1_scalar_verify(r);
904+
SECP256K1_SCALAR_VERIFY(r);
905905
}
906906

907907
static void secp256k1_scalar_to_signed62(secp256k1_modinv64_signed62 *r, const secp256k1_scalar *a) {
908908
const uint64_t M62 = UINT64_MAX >> 2;
909909
const uint64_t a0 = a->d[0], a1 = a->d[1], a2 = a->d[2], a3 = a->d[3];
910-
secp256k1_scalar_verify(a);
910+
SECP256K1_SCALAR_VERIFY(a);
911911

912912
r->v[0] = a0 & M62;
913913
r->v[1] = (a0 >> 62 | a1 << 2) & M62;
@@ -926,13 +926,13 @@ static void secp256k1_scalar_inverse(secp256k1_scalar *r, const secp256k1_scalar
926926
#ifdef VERIFY
927927
int zero_in = secp256k1_scalar_is_zero(x);
928928
#endif
929-
secp256k1_scalar_verify(x);
929+
SECP256K1_SCALAR_VERIFY(x);
930930

931931
secp256k1_scalar_to_signed62(&s, x);
932932
secp256k1_modinv64(&s, &secp256k1_const_modinfo_scalar);
933933
secp256k1_scalar_from_signed62(r, &s);
934934

935-
secp256k1_scalar_verify(r);
935+
SECP256K1_SCALAR_VERIFY(r);
936936
VERIFY_CHECK(secp256k1_scalar_is_zero(r) == zero_in);
937937
}
938938

@@ -941,18 +941,18 @@ static void secp256k1_scalar_inverse_var(secp256k1_scalar *r, const secp256k1_sc
941941
#ifdef VERIFY
942942
int zero_in = secp256k1_scalar_is_zero(x);
943943
#endif
944-
secp256k1_scalar_verify(x);
944+
SECP256K1_SCALAR_VERIFY(x);
945945

946946
secp256k1_scalar_to_signed62(&s, x);
947947
secp256k1_modinv64_var(&s, &secp256k1_const_modinfo_scalar);
948948
secp256k1_scalar_from_signed62(r, &s);
949949

950-
secp256k1_scalar_verify(r);
950+
SECP256K1_SCALAR_VERIFY(r);
951951
VERIFY_CHECK(secp256k1_scalar_is_zero(r) == zero_in);
952952
}
953953

954954
SECP256K1_INLINE static int secp256k1_scalar_is_even(const secp256k1_scalar *a) {
955-
secp256k1_scalar_verify(a);
955+
SECP256K1_SCALAR_VERIFY(a);
956956

957957
return !(a->d[0] & 1);
958958
}

0 commit comments

Comments
 (0)