Skip to content

Commit

Permalink
Normalize field elements before checking for is_odd()
Browse files Browse the repository at this point in the history
  • Loading branch information
fjarri committed Mar 14, 2022
1 parent 499efd5 commit 36b5091
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 1 deletion.
1 change: 1 addition & 0 deletions k256/src/arithmetic/affine.rs
Original file line number Diff line number Diff line change
Expand Up @@ -151,6 +151,7 @@ impl DecompressPoint<Secp256k1> for AffinePoint {
let beta = alpha.sqrt();

beta.map(|beta| {
let beta = beta.normalize(); // Need to normalize for is_odd() to be consistent
let y = FieldElement::conditional_select(
&beta.negate(1),
&beta,
Expand Down
2 changes: 1 addition & 1 deletion k256/src/ecdsa/sign.rs
Original file line number Diff line number Diff line change
Expand Up @@ -224,7 +224,7 @@ impl SignPrimitive<Secp256k1> for Scalar {
}

let signature = Signature::from_scalars(r, s)?;
let is_r_odd: bool = R.y.is_odd().into();
let is_r_odd: bool = R.y.normalize().is_odd().into();
let is_s_high: bool = signature.s().is_high().into();
let signature_low = signature.normalize_s().unwrap_or(signature);
let recovery_id = ecdsa_core::RecoveryId::new(is_r_odd ^ is_s_high, false);
Expand Down

0 comments on commit 36b5091

Please sign in to comment.