crypto/secp256k1: add checking z sign in affineFromJacobian (#18419)

The z == 0 check is hit whenever we Add two points with the same x1/x2
coordinate. crypto/elliptic uses the same check in their affineFromJacobian
function. This change does not affect block processing or tx signature verification
in any way, because it does not use the Add or Double methods.
pull/21864/head
Abd ar-Rahman Hamidi 4 years ago committed by GitHub
parent 844485ec6a
commit db87223269
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 4
      crypto/secp256k1/curve.go

@ -116,6 +116,10 @@ func (BitCurve *BitCurve) IsOnCurve(x, y *big.Int) bool {
// affineFromJacobian reverses the Jacobian transform. See the comment at the
// top of the file.
func (BitCurve *BitCurve) affineFromJacobian(x, y, z *big.Int) (xOut, yOut *big.Int) {
if z.Sign() == 0 {
return new(big.Int), new(big.Int)
}
zinv := new(big.Int).ModInverse(z, BitCurve.P)
zinvsq := new(big.Int).Mul(zinv, zinv)

Loading…
Cancel
Save