remove redundant checks in scalar_inverse and scalar_cadd_bit

`secp256k1_scalar_verify` in VERIFY mode already performs this check in scalar_cadd_bit and scalar_inverse.
bitcoin-core · Jul 6, 2023 · 82995ff · 82995ff
1 parent c53faec
commit 82995ff
Show file tree

Hide file tree

Showing 3 changed files with 0 additions and 18 deletions.
diff --git a/src/scalar_4x64_impl.h b/src/scalar_4x64_impl.h
@@ -840,20 +840,12 @@ static void secp256k1_scalar_from_signed62(secp256k1_scalar *r, const secp256k1_
     r->d[1] = a1 >> 2 | a2 << 60;
     r->d[2] = a2 >> 4 | a3 << 58;
     r->d[3] = a3 >> 6 | a4 << 56;
-
-#ifdef VERIFY
-    VERIFY_CHECK(secp256k1_scalar_impl_check_overflow(r) == 0);
-#endif
 }
 
 static void secp256k1_scalar_to_signed62(secp256k1_modinv64_signed62 *r, const secp256k1_scalar *a) {
     const uint64_t M62 = UINT64_MAX >> 2;
     const uint64_t a0 = a->d[0], a1 = a->d[1], a2 = a->d[2], a3 = a->d[3];
 
-#ifdef VERIFY
-    VERIFY_CHECK(secp256k1_scalar_impl_check_overflow(a) == 0);
-#endif
-
     r->v[0] =  a0                   & M62;
     r->v[1] = (a0 >> 62 | a1 <<  2) & M62;
     r->v[2] = (a1 >> 60 | a2 <<  4) & M62;

diff --git a/src/scalar_8x32_impl.h b/src/scalar_8x32_impl.h
@@ -163,7 +163,6 @@ static void secp256k1_scalar_impl_cadd_bit(secp256k1_scalar *r, unsigned int bit
     r->d[7] = t & 0xFFFFFFFFULL;
 #ifdef VERIFY
     VERIFY_CHECK((t >> 32) == 0);
-    VERIFY_CHECK(secp256k1_scalar_impl_check_overflow(r) == 0);
 #endif
 }
 
@@ -674,21 +673,13 @@ static void secp256k1_scalar_from_signed30(secp256k1_scalar *r, const secp256k1_
     r->d[5] = a5 >> 10 | a6 << 20;
     r->d[6] = a6 >> 12 | a7 << 18;
     r->d[7] = a7 >> 14 | a8 << 16;
-
-#ifdef VERIFY
-    VERIFY_CHECK(secp256k1_scalar_impl_check_overflow(r) == 0);
-#endif
 }
 
 static void secp256k1_scalar_to_signed30(secp256k1_modinv32_signed30 *r, const secp256k1_scalar *a) {
     const uint32_t M30 = UINT32_MAX >> 2;
     const uint32_t a0 = a->d[0], a1 = a->d[1], a2 = a->d[2], a3 = a->d[3],
                    a4 = a->d[4], a5 = a->d[5], a6 = a->d[6], a7 = a->d[7];
 
-#ifdef VERIFY
-    VERIFY_CHECK(secp256k1_scalar_impl_check_overflow(a) == 0);
-#endif
-
     r->v[0] =  a0                   & M30;
     r->v[1] = (a0 >> 30 | a1 <<  2) & M30;
     r->v[2] = (a1 >> 28 | a2 <<  4) & M30;

diff --git a/src/scalar_low_impl.h b/src/scalar_low_impl.h
@@ -45,7 +45,6 @@ static void secp256k1_scalar_impl_cadd_bit(secp256k1_scalar *r, unsigned int bit
     VERIFY_CHECK(bit < 32);
     /* Verify that adding (1 << bit) will not overflow any in-range scalar *r by overflowing the underlying uint32_t. */
     VERIFY_CHECK(((uint32_t)1 << bit) - 1 <= UINT32_MAX - EXHAUSTIVE_TEST_ORDER);
-    VERIFY_CHECK(secp256k1_scalar_impl_check_overflow(r) == 0);
 #endif
 }