Skip to content

Commit d567b77

Browse files
gmaxwellgmaxwell
committed
Clarify comments about use of rzr on ge functions and abs function.
1 parent 2241ae6 commit d567b77

File tree

2 files changed

+4
-3
lines changed

2 files changed

+4
-3
lines changed

src/ecmult_const_impl.h

+1
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@
1515
/* This is like `ECMULT_TABLE_GET_GE` but is constant time */
1616
#define ECMULT_CONST_TABLE_GET_GE(r,pre,n,w) do { \
1717
int m; \
18+
/* Extract the sign-bit for a constant time absolute-value. */ \
1819
int mask = (n) >> (sizeof(n) * CHAR_BIT - 1); \
1920
int abs_n = ((n) + mask) ^ mask; \
2021
int idx_n = abs_n >> 1; \

src/group.h

+3-3
Original file line numberDiff line numberDiff line change
@@ -98,18 +98,18 @@ static int secp256k1_gej_has_quad_y_var(const secp256k1_gej *a);
9898
/** Set r equal to the double of a, a cannot be infinity. Constant time. */
9999
static void secp256k1_gej_double_nonzero(secp256k1_gej *r, const secp256k1_gej *a);
100100

101-
/** Set r equal to the double of a. If rzr is not-NULL, r->z = a->z * *rzr (where infinity means an implicit z = 0). */
101+
/** Set r equal to the double of a. If rzr is not-NULL this sets *rzr such that r->z == a->z * *rzr (where infinity means an implicit z = 0). */
102102
static void secp256k1_gej_double_var(secp256k1_gej *r, const secp256k1_gej *a, secp256k1_fe *rzr);
103103

104-
/** Set r equal to the sum of a and b. If rzr is non-NULL, r->z = a->z * *rzr (a cannot be infinity in that case). */
104+
/** Set r equal to the sum of a and b. If rzr is non-NULL this sets *rzr such that r->z == a->z * *rzr (a cannot be infinity in that case). */
105105
static void secp256k1_gej_add_var(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_gej *b, secp256k1_fe *rzr);
106106

107107
/** Set r equal to the sum of a and b (with b given in affine coordinates, and not infinity). */
108108
static void secp256k1_gej_add_ge(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_ge *b);
109109

110110
/** Set r equal to the sum of a and b (with b given in affine coordinates). This is more efficient
111111
than secp256k1_gej_add_var. It is identical to secp256k1_gej_add_ge but without constant-time
112-
guarantee, and b is allowed to be infinity. If rzr is non-NULL, r->z = a->z * *rzr (a cannot be infinity in that case). */
112+
guarantee, and b is allowed to be infinity. If rzr is non-NULL this sets *rzr such that r->z == a->z * *rzr (a cannot be infinity in that case). */
113113
static void secp256k1_gej_add_ge_var(secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_ge *b, secp256k1_fe *rzr);
114114

115115
/** Set r equal to the sum of a and b (with the inverse of b's Z coordinate passed as bzinv). */

0 commit comments

Comments
 (0)