From 7516ca138d624fd9022485e5235ea59ce654cdfe Mon Sep 17 00:00:00 2001
From: Tim Ruffing <crypto@timruffing.de>
Date: Thu, 17 Sep 2020 13:29:55 +0200
Subject: [PATCH] Add static assertion that uint32_t is unsigned int or wider

Summary:
This is a backport of secp256k1 [[https://github.com/bitcoin-core/secp256k1/pull/818 | PR818]]

Depends on D7632

Test Plan:
  ninja check-secp256k1

Reviewers: #bitcoin_abc, Fabien

Reviewed By: #bitcoin_abc, Fabien

Differential Revision: https://reviews.bitcoinabc.org/D7635
---
 src/assumptions.h | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/assumptions.h b/src/assumptions.h
index f9d4e8e7..77204de2 100644
--- a/src/assumptions.h
+++ b/src/assumptions.h
@@ -7,6 +7,8 @@
 #ifndef SECP256K1_ASSUMPTIONS_H
 #define SECP256K1_ASSUMPTIONS_H
 
+#include <limits.h>
+
 #include "util.h"
 
 /* This library, like most software, relies on a number of compiler implementation defined (but not undefined)
@@ -19,7 +21,11 @@ struct secp256k1_assumption_checker {
        allowed. */
     int dummy_array[(
         /* Bytes are 8 bits. */
-        CHAR_BIT == 8 &&
+        (CHAR_BIT == 8) &&
+
+        /* No integer promotion for uint32_t. This ensures that we can multiply uintXX_t values where XX >= 32
+           without signed overflow, which would be undefined behaviour. */
+        (UINT_MAX <= UINT32_MAX) &&
 
         /* Conversions from unsigned to signed outside of the bounds of the signed type are
            implementation-defined. Verify that they function as reinterpreting the lower