batch_add: impl batch_reset argument to log transparent verify

siv2r · siv2r · commit 5bb9c2693b6a · 2022-07-04T13:03:20.000+05:30
diff --git a/examples/batch.c b/examples/batch.c
@@ -89,6 +89,7 @@ int main(void) {
      * input data (schnorrsigs, tweak checks) required for the batch */
     secp256k1_context *ctx = secp256k1_context_create(SECP256K1_CONTEXT_SIGN | SECP256K1_CONTEXT_VERIFY);
     secp256k1_batch *batch = secp256k1_batch_create(ctx, N_TERMS);
+    int batch_reset;
 
     assert(ctx != NULL);
     assert(batch != NULL);
@@ -111,7 +112,7 @@ int main(void) {
 
     printf("Adding signatures to the batch object.......");
     for (i = 0; i < N_SIGS; i++) {
-        ret = secp256k1_batch_add_schnorrsig(ctx, batch, sig[i], msg[i], sizeof(msg[i]), &pk);
+        ret = secp256k1_batch_add_schnorrsig(ctx, batch, sig[i], msg[i], sizeof(msg[i]), &pk, &batch_reset);
         if(!ret) {
             printf("FAILED\n");
             return 1;
@@ -128,7 +129,7 @@ int main(void) {
 
     printf("Adding tweak checks to the batch object.....");
     for (i = 0; i < N_CHECKS; i++) {
-        ret = secp256k1_batch_add_xonlypub_tweak_check(ctx, batch, tweaked_pubkey[i], tweaked_pk_parity[i], &pk, tweak[i]);
+        ret = secp256k1_batch_add_xonlypub_tweak_check(ctx, batch, tweaked_pubkey[i], tweaked_pk_parity[i], &pk, tweak[i], &batch_reset);
         if(!ret) {
             printf("FAILED\n");
             return 1;
diff --git a/include/secp256k1_extrakeys.h b/include/secp256k1_extrakeys.h
@@ -261,14 +261,17 @@ SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_keypair_xonly_tweak_add
  *                        this function will fail.
  *       internal_pubkey: pointer to an x-only public key object to apply the tweak to.
  *               tweak32: pointer to a 32-byte tweak.
+ *           batch_reset: non-zero if the batch was cleared (due to insufficient space),
+ *                        zero otherwise (can be NULL).
  */
 SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_batch_add_xonlypub_tweak_check(
     const secp256k1_context* ctx,
     secp256k1_batch *batch,
     const unsigned char *tweaked_pubkey32,
     int tweaked_pk_parity,
     const secp256k1_xonly_pubkey *internal_pubkey,
-    const unsigned char *tweak32
+    const unsigned char *tweak32,
+    int *batch_reset
 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(5) SECP256K1_ARG_NONNULL(6);
 #endif
 
diff --git a/include/secp256k1_schnorrsig.h b/include/secp256k1_schnorrsig.h
@@ -186,14 +186,17 @@ SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_schnorrsig_verify(
  *           msg: the message being verified. Can only be NULL if msglen is 0.
  *        msglen: length of the message.
  *        pubkey: pointer to an x-only public key to verify with (cannot be NULL).
+ *   batch_reset: non-zero if the batch was cleared (due to insufficient space),
+ *                zero otherwise (can be NULL).
  */
 SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_batch_add_schnorrsig(
     const secp256k1_context* ctx,
     secp256k1_batch *batch,
     const unsigned char *sig64,
     const unsigned char *msg,
     size_t msglen,
-    const secp256k1_xonly_pubkey *pubkey
+    const secp256k1_xonly_pubkey *pubkey,
+    int *batch_reset
 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(6);
 #endif
 
diff --git a/src/modules/extrakeys/batch_add_impl.h b/src/modules/extrakeys/batch_add_impl.h
@@ -5,6 +5,10 @@
 #include "src/hash.h"
 #include "src/modules/batch/main_impl.h"
 
+/* The number of objects allocated on the scratch space by
+ * secp256k1_batch_add_schnorrsig*/
+#define BATCH_TWEAK_CHECK_SCRATCH_OBJS 2
+
 static void secp256k1_batch_xonlypub_tweak_randomizer_gen(unsigned char *randomizer32, secp256k1_sha256 *sha256, const unsigned char *tweaked_pubkey32, const unsigned char *tweaked_pk_parity, const unsigned char *internal_pk33, const unsigned char *tweak32) {
     secp256k1_sha256 sha256_cpy;
 
@@ -61,7 +65,7 @@ static int secp256k1_batch_xonlypub_tweak_randomizer_set(const secp256k1_context
  *
  * This function's algorithm is based on secp256k1_xonly_pubkey_tweak_add_check.
  */
-int secp256k1_batch_add_xonlypub_tweak_check(const secp256k1_context* ctx, secp256k1_batch *batch, const unsigned char *tweaked_pubkey32, int tweaked_pk_parity, const secp256k1_xonly_pubkey *internal_pubkey,const unsigned char *tweak32) {
+int secp256k1_batch_add_xonlypub_tweak_check(const secp256k1_context* ctx, secp256k1_batch *batch, const unsigned char *tweaked_pubkey32, int tweaked_pk_parity, const secp256k1_xonly_pubkey *internal_pubkey, const unsigned char *tweak32, int *batch_len_reset) {
     secp256k1_scalar tweak;
     secp256k1_scalar ai;
     secp256k1_scalar tmp;
@@ -90,9 +94,12 @@ int secp256k1_batch_add_xonlypub_tweak_check(const secp256k1_context* ctx, secp2
         return 0;
     }
 
+    if(batch_len_reset) {
+        *batch_len_reset = 0;
+    }
+
     /* run verify if batch object's scratch is full */
-    /* todo: create a function to do this?? */
-    if (batch->capacity - batch->len < 2) {
+    if (batch->capacity - batch->len < BATCH_TWEAK_CHECK_SCRATCH_OBJS) {
         printf("\nbatch_add_xonlypub_tweak: Batch object is full...\n");
         printf("batch_add_xonlypub_tweak: Verifying the batch object...\n");
         if (!secp256k1_batch_verify(ctx, batch)) {
@@ -101,6 +108,9 @@ int secp256k1_batch_add_xonlypub_tweak_check(const secp256k1_context* ctx, secp2
         }
         printf("batch_add_xonlypub_tweak: Clearing the batch object for future use...\n");
         secp256k1_batch_scratch_clear(batch);
+        if(batch_len_reset) {
+            *batch_len_reset = 1;
+        }
     }
 
     i = batch->len;
diff --git a/src/modules/schnorrsig/batch_add_impl.h b/src/modules/schnorrsig/batch_add_impl.h
@@ -5,6 +5,10 @@
 #include "src/hash.h"
 #include "src/modules/batch/main_impl.h"
 
+/* The number of objects allocated on the scratch space by
+ * secp256k1_batch_add_schnorrsig*/
+#define BATCH_SCHNORRSIG_SCRATCH_OBJS 2
+
 static void secp256k1_batch_schnorrsig_randomizer_gen(unsigned char *randomizer32, secp256k1_sha256 *sha256, const unsigned char *sig64, const unsigned char *msg, size_t msglen, const unsigned char *compressed_pk33) {
     secp256k1_sha256 sha256_cpy;
 
@@ -57,7 +61,7 @@ static int secp256k1_batch_schnorrsig_randomizer_set(const secp256k1_context *ct
  *
  * This function's algorithm is based on secp256k1_schnorrsig_verify.
  */
-int secp256k1_batch_add_schnorrsig(const secp256k1_context* ctx, secp256k1_batch *batch, const unsigned char *sig64, const unsigned char *msg, size_t msglen, const secp256k1_xonly_pubkey *pubkey) {
+int secp256k1_batch_add_schnorrsig(const secp256k1_context* ctx, secp256k1_batch *batch, const unsigned char *sig64, const unsigned char *msg, size_t msglen, const secp256k1_xonly_pubkey *pubkey, int *batch_len_reset) {
     secp256k1_scalar s;
     secp256k1_scalar e;
     secp256k1_scalar ai;
@@ -87,8 +91,11 @@ int secp256k1_batch_add_schnorrsig(const secp256k1_context* ctx, secp256k1_batch
         return 0;
     }
 
+    if(batch_len_reset) {
+        *batch_len_reset = 0;
+    }
     /* run verify if batch object's scratch is full */
-    if (batch->capacity - batch->len < 2) {
+    if (batch->capacity - batch->len < BATCH_SCHNORRSIG_SCRATCH_OBJS) {
         printf("\nbatch_add: Batch object is full...\n");
         printf("batch_add: Verifying the batch object...\n");
         if (!secp256k1_batch_verify(ctx, batch)) {
@@ -97,6 +104,9 @@ int secp256k1_batch_add_schnorrsig(const secp256k1_context* ctx, secp256k1_batch
         }
         printf("batch_add: Clearing the batch object for future use...\n");
         secp256k1_batch_scratch_clear(batch);
+        if(batch_len_reset) {
+            *batch_len_reset = 1;
+        }
     }
 
     i = batch->len;
