From 099bad945e9a7c5237cdd764eca420285a9de279 Mon Sep 17 00:00:00 2001 From: Russell O'Connor Date: Fri, 3 Dec 2021 13:57:38 -0500 Subject: [PATCH] Comment and check a parameter for inf in secp256k1_ecmult_const. --- src/ecmult_const.h | 1 + src/ecmult_const_impl.h | 1 + 2 files changed, 2 insertions(+) diff --git a/src/ecmult_const.h b/src/ecmult_const.h index d6f0ea22275a6..f891f3f306709 100644 --- a/src/ecmult_const.h +++ b/src/ecmult_const.h @@ -14,6 +14,7 @@ * Multiply: R = q*A (in constant-time) * Here `bits` should be set to the maximum bitlength of the _absolute value_ of `q`, plus * one because we internally sometimes add 2 to the number during the WNAF conversion. + * A must not be infinity. */ static void secp256k1_ecmult_const(secp256k1_gej *r, const secp256k1_ge *a, const secp256k1_scalar *q, int bits); diff --git a/src/ecmult_const_impl.h b/src/ecmult_const_impl.h index 0e1fb965cbdef..30b151ff9abdd 100644 --- a/src/ecmult_const_impl.h +++ b/src/ecmult_const_impl.h @@ -168,6 +168,7 @@ static void secp256k1_ecmult_const(secp256k1_gej *r, const secp256k1_ge *a, cons * that the Z coordinate was 1, use affine addition formulae, and correct * the Z coordinate of the result once at the end. */ + VERIFY_CHECK(!a->infinity); secp256k1_gej_set_ge(r, a); secp256k1_ecmult_odd_multiples_table_globalz_windowa(pre_a, &Z, r); for (i = 0; i < ECMULT_TABLE_SIZE(WINDOW_A); i++) {