Skip to content

Commit

Permalink
Fixup skew before global Z fixup
Browse files Browse the repository at this point in the history
  • Loading branch information
peterdettman committed Dec 26, 2021
1 parent 40b624c commit e82144e
Showing 1 changed file with 9 additions and 12 deletions.
21 changes: 9 additions & 12 deletions src/ecmult_const_impl.h
Original file line number Diff line number Diff line change
Expand Up @@ -213,25 +213,22 @@ static void secp256k1_ecmult_const(secp256k1_gej *r, const secp256k1_ge *a, cons
}
}

secp256k1_fe_mul(&r->z, &r->z, &Z);

{
/* Correct for wNAF skew */
secp256k1_gej tmp;
secp256k1_ge a_1;
secp256k1_ge_neg(&a_1, a);
secp256k1_gej tmpj;

secp256k1_gej_add_ge(&tmp, r, &a_1);
secp256k1_gej_cmov(r, &tmp, skew_1);
secp256k1_ge_neg(&tmpa, &pre_a[0]);
secp256k1_gej_add_ge(&tmpj, r, &tmpa);
secp256k1_gej_cmov(r, &tmpj, skew_1);

if (size > 128) {
secp256k1_ge a_lam;
secp256k1_ge_mul_lambda(&a_lam, &a_1);

secp256k1_gej_add_ge(&tmp, r, &a_lam);
secp256k1_gej_cmov(r, &tmp, skew_lam);
secp256k1_ge_neg(&tmpa, &pre_a_lam[0]);
secp256k1_gej_add_ge(&tmpj, r, &tmpa);
secp256k1_gej_cmov(r, &tmpj, skew_lam);
}
}

secp256k1_fe_mul(&r->z, &r->z, &Z);
}

#endif /* SECP256K1_ECMULT_CONST_IMPL_H */

0 comments on commit e82144e

Please sign in to comment.