Fix an overflow bug in the square root implementation on 32-bit platforms.
Co-authored-by: Greg Pfeil <greg@electriccoin.co> Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
2b3623018f
commit
0009d0b444
|
@ -6,6 +6,9 @@ and this project adheres to Rust's notion of
|
||||||
[Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
[Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
||||||
|
|
||||||
## [Unreleased]
|
## [Unreleased]
|
||||||
|
### Fixed
|
||||||
|
- Fix a bug on 32-bit platforms that could cause the square root implementation
|
||||||
|
to return an incorrect result.
|
||||||
|
|
||||||
## [0.5.0] - 2022-12-06
|
## [0.5.0] - 2022-12-06
|
||||||
### Added
|
### Added
|
||||||
|
|
|
@ -226,7 +226,7 @@ impl<F: SqrtTableHelpers> SqrtTables<F> {
|
||||||
|
|
||||||
t_ += inv(alpha) << 24; // = t << 1
|
t_ += inv(alpha) << 24; // = t << 1
|
||||||
// 1 == x3 * ROOT_OF_UNITY^t_
|
// 1 == x3 * ROOT_OF_UNITY^t_
|
||||||
t_ = (t_ + 1) >> 1;
|
t_ = (((t_ as u64) + 1) >> 1) as usize;
|
||||||
assert!(t_ <= 0x80000000);
|
assert!(t_ <= 0x80000000);
|
||||||
|
|
||||||
*uv * self.g0[t_ & 0xFF]
|
*uv * self.g0[t_ & 0xFF]
|
||||||
|
|
|
@ -798,6 +798,11 @@ fn test_sqrt() {
|
||||||
assert!(v == Fp::TWO_INV || (-v) == Fp::TWO_INV);
|
assert!(v == Fp::TWO_INV || (-v) == Fp::TWO_INV);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn test_sqrt_32bit_overflow() {
|
||||||
|
assert!((Fp::from(5)).sqrt().is_none().unwrap_u8() == 1);
|
||||||
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_pow_by_t_minus1_over2() {
|
fn test_pow_by_t_minus1_over2() {
|
||||||
// NB: TWO_INV is standing in as a "random" field element
|
// NB: TWO_INV is standing in as a "random" field element
|
||||||
|
|
|
@ -797,6 +797,11 @@ fn test_sqrt() {
|
||||||
assert!(v == Fq::TWO_INV || (-v) == Fq::TWO_INV);
|
assert!(v == Fq::TWO_INV || (-v) == Fq::TWO_INV);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn test_sqrt_32bit_overflow() {
|
||||||
|
assert!((Fq::from(5)).sqrt().is_none().unwrap_u8() == 1);
|
||||||
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_pow_by_t_minus1_over2() {
|
fn test_pow_by_t_minus1_over2() {
|
||||||
// NB: TWO_INV is standing in as a "random" field element
|
// NB: TWO_INV is standing in as a "random" field element
|
||||||
|
|
Loading…
Reference in New Issue