From 26cff2228ddb5b8e2bbef246735199318a3214a9 Mon Sep 17 00:00:00 2001 From: Michael Hamburg Date: Mon, 9 Feb 2015 18:23:08 -0800 Subject: [PATCH] fix decaf decode identity --- src/decaf.c | 10 +++++----- test/test_pointops.c | 1 + 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/src/decaf.c b/src/decaf.c index b2b850d..b52c95e 100644 --- a/src/decaf.c +++ b/src/decaf.c @@ -468,8 +468,8 @@ decaf_bool_t decaf_point_decode ( decaf_bool_t allow_identity ) { gf s, a, b, c, d, e; - decaf_bool_t succ = gf_deser(s, ser); - succ &= allow_identity | ~gf_eq(s, ZERO); + decaf_bool_t succ = gf_deser(s, ser), zero = gf_eq(s, ZERO); + succ &= allow_identity | ~zero; succ &= ~hibit(s); gf_sqr ( a, s ); gf_sub ( p->z, ONE, a ); @@ -490,9 +490,8 @@ decaf_bool_t decaf_point_decode ( gf_mul ( a, b, c ); gf_mul ( p->y,a,p->z ); gf_mul ( p->t,p->x,a ); - /* TODO: do something safe if ~succ? - * TODO: double-check that this works on identity... - */ + p->y[0] -= zero; + /* TODO: do something safe if ~succ? */ return succ; } @@ -692,5 +691,6 @@ decaf_bool_t decaf_point_valid ( gf_sqr(b,p->z); gf_sub(b,b,c); out &= gf_eq(a,b); + out &= ~gf_eq(p->z,ZERO); return out; } diff --git a/test/test_pointops.c b/test/test_pointops.c index f68d37d..65b2eb6 100644 --- a/test/test_pointops.c +++ b/test/test_pointops.c @@ -393,6 +393,7 @@ int test_decaf_evil (void) { || (s_e & ~succ_dec) || (s_e & ~decaf_point_eq(pt_dec, pt_dec2) || (s_e & ~decaf_point_valid(pt_dec)) + || (succ_dec & ~decaf_point_valid(pt_dec2)) || ~succ_nur || ~eq_neg || ~eq_pos)