From efd98c1de225aadc6d9e346903dd49f9e72783e4 Mon Sep 17 00:00:00 2001 From: Benedikt Date: Mon, 29 Jan 2024 12:44:26 +0100 Subject: [PATCH] remove overflow check in aggregation --- src/modules/schnorrsig_halfagg/main_impl.h | 13 ++----------- src/modules/schnorrsig_halfagg/tests_impl.h | 13 +------------ 2 files changed, 3 insertions(+), 23 deletions(-) diff --git a/src/modules/schnorrsig_halfagg/main_impl.h b/src/modules/schnorrsig_halfagg/main_impl.h index d317f4d74..e9a901573 100644 --- a/src/modules/schnorrsig_halfagg/main_impl.h +++ b/src/modules/schnorrsig_halfagg/main_impl.h @@ -25,7 +25,6 @@ void secp256k1_schnorrsig_sha256_tagged_aggregation(secp256k1_sha256 *sha) { int secp256k1_schnorrsig_inc_aggregate(const secp256k1_context *ctx, unsigned char *aggsig, size_t *aggsig_len, const secp256k1_xonly_pubkey *all_pubkeys, const unsigned char *all_msgs32, const unsigned char *new_sigs64, size_t n_before, size_t n_new) { size_t i; size_t n; - int overflow; secp256k1_sha256 hash; secp256k1_scalar s; @@ -64,12 +63,7 @@ int secp256k1_schnorrsig_inc_aggregate(const secp256k1_context *ctx, unsigned ch /* Compute s = s_old + sum_{i = n_before}^{n} z_i*s_i */ /* where s_old = 0 if n_before = 0 */ secp256k1_scalar_set_int(&s, 0); - if (n_before > 0) { - secp256k1_scalar_set_b32(&s, &aggsig[n_before*32], &overflow); - if (overflow) { - return 0; - } - } + if (n_before > 0) secp256k1_scalar_set_b32(&s, &aggsig[n_before*32], NULL); for (i = n_before; i < n; ++i) { unsigned char pk_ser[32]; unsigned char hashoutput[32]; @@ -96,10 +90,7 @@ int secp256k1_schnorrsig_inc_aggregate(const secp256k1_context *ctx, unsigned ch /* Step 2: s := s + zi*si */ /* except if i == 0, then zi = 1 implicitly */ - secp256k1_scalar_set_b32(&si, &new_sigs64[(i-n_before)*64+32], &overflow); - if (overflow) { - return 0; - } + secp256k1_scalar_set_b32(&si, &new_sigs64[(i-n_before)*64+32], NULL); if (i != 0) secp256k1_scalar_mul(&si, &si, &zi); secp256k1_scalar_add(&s, &s, &si); } diff --git a/src/modules/schnorrsig_halfagg/tests_impl.h b/src/modules/schnorrsig_halfagg/tests_impl.h index 768d0c1ea..f1e9bc9cb 100644 --- a/src/modules/schnorrsig_halfagg/tests_impl.h +++ b/src/modules/schnorrsig_halfagg/tests_impl.h @@ -304,18 +304,7 @@ static void test_schnorrsig_aggregate_overflow(void) { unsigned char aggsig[32*(N_MAX + 1)]; size_t n = secp256k1_testrand_int(N_MAX + 1); - /* Test 1: We check that aggregation returns 0 if one s overflows. */ - test_schnorrsig_aggregate_input_helper(pubkeys, msgs32, sigs64, n); - if (n > 0) { - size_t aggsig_len = sizeof(aggsig); - size_t k = secp256k1_testrand_int(n); - /* Make one randomly chosen s overflow */ - memset(&sigs64[k*64+32], 0xFF, 32); - /* Check that aggregating fails */ - CHECK(secp256k1_schnorrsig_aggregate(CTX, aggsig, &aggsig_len, pubkeys, msgs32, sigs64, n) == 0); - } - - /* Test 2: We check that verification returns 0 if the s in aggsig overflows. */ + /* We check that verification returns 0 if the s in aggsig overflows. */ test_schnorrsig_aggregate_input_helper(pubkeys, msgs32, sigs64, n); { size_t aggsig_len = sizeof(aggsig);