aboutsummaryrefslogtreecommitdiff
path: root/src/ringct
diff options
context:
space:
mode:
authorSarang Noether <32460187+SarangNoether@users.noreply.github.com>2021-02-11 20:58:35 -0500
committermoneromooo-monero <moneromooo-monero@users.noreply.github.com>2022-04-04 08:23:21 +0000
commitb535d662b942184e6e1bbaad8181ce615c071fea (patch)
tree76d7bb9b7930c066352acc03db883ff7a625747f /src/ringct
parentPrecompute initial transcript hash (diff)
downloadmonero-b535d662b942184e6e1bbaad8181ce615c071fea.tar.xz
Updates from security audit
https://suyash67.github.io/homepage/assets/pdfs/bulletproofs_plus_audit_report_v1.1.pdf
Diffstat (limited to 'src/ringct')
-rw-r--r--src/ringct/bulletproofs_plus.cc12
1 files changed, 10 insertions, 2 deletions
diff --git a/src/ringct/bulletproofs_plus.cc b/src/ringct/bulletproofs_plus.cc
index 743598b5a..fd2ebfce0 100644
--- a/src/ringct/bulletproofs_plus.cc
+++ b/src/ringct/bulletproofs_plus.cc
@@ -224,9 +224,9 @@ namespace rct
// Output (1,x,x**2,...,x**{n-1})
static rct::keyV vector_of_scalar_powers(const rct::key &x, size_t n)
{
+ CHECK_AND_ASSERT_THROW_MES(n != 0, "Need n > 0");
+
rct::keyV res(n);
- if (n == 0)
- return res;
res[0] = rct::identity();
if (n == 1)
return res;
@@ -244,6 +244,7 @@ namespace rct
static rct::key sum_of_even_powers(const rct::key &x, size_t n)
{
CHECK_AND_ASSERT_THROW_MES((n & (n - 1)) == 0, "Need n to be a power of 2");
+ CHECK_AND_ASSERT_THROW_MES(n != 0, "Need n > 0");
rct::key x1 = copy(x);
sc_mul(x1.bytes, x1.bytes, x1.bytes);
@@ -264,6 +265,8 @@ namespace rct
// Output x**1 + x**2 + x**3 + ... + x**n
static rct::key sum_of_scalar_powers(const rct::key &x, size_t n)
{
+ CHECK_AND_ASSERT_THROW_MES(n != 0, "Need n > 0");
+
rct::key res = ONE;
if (n == 1)
return res;
@@ -764,6 +767,11 @@ try_again:
rct::addKeys2(B, temp2, temp, rct::H);
rct::key e = transcript_update(transcript, A1, B);
+ if (e == rct::zero())
+ {
+ MINFO("e is 0, trying again");
+ goto try_again;
+ }
rct::key e_squared;
sc_mul(e_squared.bytes, e.bytes, e.bytes);