Git-Mirrors/monero
1
0
Fork 0
mirror of https://github.com/monero-project/monero.git synced 2025-08-07 12:22:21 -04:00
Code Issues Projects Releases Packages Wiki Activity

fix ge_p3_is_point_at_infinity(), which is evaluating field elements that haven't been reduced by the field order

Browse source
This commit is contained in:
koe 2021-11-08 18:14:17 -06:00
parent eec3a6014c
commit c36ea26e5c
7 changed files with 111 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/ringct/multiexp.cc
View file

@ -235,7 +235,7 @@ rct::key bos_coster_heap_conv_robust(std::vector<MultiexpData> data)
heap.reserve(points);
for (size_t n = 0; n < points; ++n)
{
if (!(data[n].scalar == rct::zero()) && !ge_p3_is_point_at_infinity(&data[n].point))
if (!(data[n].scalar == rct::zero()) && !ge_p3_is_point_at_infinity_vartime(&data[n].point))
heap.push_back(n);
}
points = heap.size();
@ -457,7 +457,7 @@ rct::key straus(const std::vector<MultiexpData> &data, const std::shared_ptr<str
MULTIEXP_PERF(PERF_TIMER_START_UNIT(skip, 1000000));
std::vector<uint8_t> skip(data.size());
for (size_t i = 0; i < data.size(); ++i)
skip[i] = data[i].scalar == rct::zero() || ge_p3_is_point_at_infinity(&data[i].point);
skip[i] = data[i].scalar == rct::zero() || ge_p3_is_point_at_infinity_vartime(&data[i].point);
MULTIEXP_PERF(PERF_TIMER_STOP(skip));
#endif