mleku/libsecp256k1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

musig: Use _ge_set_all_gej for own public nonces

Browse Source
This commit is contained in:
Tim Ruffing
2024-10-08 13:59:05 +02:00
committed by Tim Ruffing
parent 300aab1c05
commit 64228a648f
1 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/modules/musig/session_impl.h
View File

@@ -395,6 +395,7 @@ static void secp256k1_nonce_function_musig(secp256k1_scalar *k, const unsigned c
int secp256k1_musig_nonce_gen_internal(const secp256k1_context* ctx, secp256k1_musig_secnonce *secnonce, secp256k1_musig_pubnonce *pubnonce, const unsigned char *input_nonce, const unsigned char *seckey, const secp256k1_pubkey *pubkey, const unsigned char *msg32, const secp256k1_musig_keyagg_cache *keyagg_cache, const unsigned char *extra_input32) { int secp256k1_musig_nonce_gen_internal(const secp256k1_context* ctx, secp256k1_musig_secnonce *secnonce, secp256k1_musig_pubnonce *pubnonce, const unsigned char *input_nonce, const unsigned char *seckey, const secp256k1_pubkey *pubkey, const unsigned char *msg32, const secp256k1_musig_keyagg_cache *keyagg_cache, const unsigned char *extra_input32) {
secp256k1_scalar k[2]; secp256k1_scalar k[2];
secp256k1_ge nonce_pts[2]; secp256k1_ge nonce_pts[2];
secp256k1_gej nonce_ptj[2];
int i; int i;
unsigned char pk_ser[33]; unsigned char pk_ser[33];
size_t pk_ser_len = sizeof(pk_ser); size_t pk_ser_len = sizeof(pk_ser);
@@ -445,12 +446,13 @@ int secp256k1_musig_nonce_gen_internal(const secp256k1_context* ctx, secp256k1_m
secp256k1_musig_secnonce_invalidate(ctx, secnonce, !ret); secp256k1_musig_secnonce_invalidate(ctx, secnonce, !ret);
for (i = 0; i < 2; i++) { for (i = 0; i < 2; i++) {
secp256k1_gej nonce_ptj; secp256k1_ecmult_gen(&ctx->ecmult_gen_ctx, &nonce_ptj[i], &k[i]);
secp256k1_ecmult_gen(&ctx->ecmult_gen_ctx, &nonce_ptj, &k[i]);
secp256k1_ge_set_gej(&nonce_pts[i], &nonce_ptj);
secp256k1_declassify(ctx, &nonce_pts[i], sizeof(nonce_pts[i]));
secp256k1_scalar_clear(&k[i]); secp256k1_scalar_clear(&k[i]);
} }
secp256k1_ge_set_all_gej(nonce_pts, nonce_ptj, 2);
for (i = 0; i < 2; i++) {
secp256k1_declassify(ctx, &nonce_pts[i], sizeof(nonce_pts[i]));
}
/* None of the nonce_pts will be infinity because k != 0 with overwhelming /* None of the nonce_pts will be infinity because k != 0 with overwhelming
* probability */ * probability */
secp256k1_musig_pubnonce_save(pubnonce, nonce_pts); secp256k1_musig_pubnonce_save(pubnonce, nonce_pts);