Skip to content

Commit d91408e

Browse files
roconnor-blockstreamroconnor-blockstream
committed
Allow secp256k1_split_lambda_verify to pass even in the prensence of GCC bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95189.
1 parent aa83360 commit d91408e

File tree

1 file changed

+6
-6
lines changed

1 file changed

+6
-6
lines changed

src/scalar_impl.h

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -432,16 +432,16 @@ static void secp256k1_scalar_split_lambda_verify(const secp256k1_scalar *r1, con
432432
0x122E22EAUL, 0x20816678UL, 0xDF02967CUL, 0x1B23BD72UL
433433
);
434434

435-
/* (a1 + a2 + 1)/2 is 0xa2a8918ca85bafe22016d0b917e4dd77 */
435+
/* (a1 + a2 - 1)/2 is 0xa2a8918ca85bafe22016d0b917e4dd76 */
436436
static const unsigned char k1_bound[32] = {
437437
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
438-
0xa2, 0xa8, 0x91, 0x8c, 0xa8, 0x5b, 0xaf, 0xe2, 0x20, 0x16, 0xd0, 0xb9, 0x17, 0xe4, 0xdd, 0x77
438+
0xa2, 0xa8, 0x91, 0x8c, 0xa8, 0x5b, 0xaf, 0xe2, 0x20, 0x16, 0xd0, 0xb9, 0x17, 0xe4, 0xdd, 0x76
439439
};
440440

441-
/* (-b1 + b2)/2 + 1 is 0x8a65287bd47179fb2be08846cea267ed */
441+
/* (-b1 + b2)/2 is 0x8a65287bd47179fb2be08846cea267ec */
442442
static const unsigned char k2_bound[32] = {
443443
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
444-
0x8a, 0x65, 0x28, 0x7b, 0xd4, 0x71, 0x79, 0xfb, 0x2b, 0xe0, 0x88, 0x46, 0xce, 0xa2, 0x67, 0xed
444+
0x8a, 0x65, 0x28, 0x7b, 0xd4, 0x71, 0x79, 0xfb, 0x2b, 0xe0, 0x88, 0x46, 0xce, 0xa2, 0x67, 0xec
445445
};
446446

447447
secp256k1_scalar_mul(&s, &lambda, r2);
@@ -451,12 +451,12 @@ static void secp256k1_scalar_split_lambda_verify(const secp256k1_scalar *r1, con
451451
secp256k1_scalar_negate(&s, r1);
452452
secp256k1_scalar_get_b32(buf1, r1);
453453
secp256k1_scalar_get_b32(buf2, &s);
454-
VERIFY_CHECK(memcmp(buf1, k1_bound, 32) < 0 || memcmp(buf2, k1_bound, 32) < 0);
454+
VERIFY_CHECK(memcmp(buf1, k1_bound, 32) <= 0 || memcmp(buf2, k1_bound, 32) <= 0);
455455

456456
secp256k1_scalar_negate(&s, r2);
457457
secp256k1_scalar_get_b32(buf1, r2);
458458
secp256k1_scalar_get_b32(buf2, &s);
459-
VERIFY_CHECK(memcmp(buf1, k2_bound, 32) < 0 || memcmp(buf2, k2_bound, 32) < 0);
459+
VERIFY_CHECK(memcmp(buf1, k2_bound, 32) <= 0 || memcmp(buf2, k2_bound, 32) <= 0);
460460
}
461461
#endif
462462

0 commit comments

Comments
 (0)