use bn_is_zero and bn_is_equal where possible

2025-01-09 06:50:58 +00:00 · 2014-11-17 17:17:14 +01:00 · 2014-11-17 17:17:14 +01:00 · 9469a64a0a
commit 9469a64a0a
parent df3606dd5e
1 changed files with 3 additions and 17 deletions
--- a/ecdsa.c
+++ b/ecdsa.c
@ -343,12 +343,7 @@ int ecdsa_sign_digest(const uint8_t *priv_key, const uint8_t *digest, uint8_t *s
 	// r = (rx mod n)
 	bn_mod(&R.x, &order256k1);
 	// if r is zero, we fail
-	for (i = 0; i < 9; i++) {
-		if (R.x.val[i] != 0) break;
-	}
-	if (i == 9) {
-		return 2;
-	}
+	if (bn_is_zero(&R.x)) return 2;
 	bn_inverse(&k, &order256k1);
 	bn_read_be(priv_key, da);
 	bn_multiply(&R.x, da, &order256k1);
@ -360,13 +355,8 @@ int ecdsa_sign_digest(const uint8_t *priv_key, const uint8_t *digest, uint8_t *s
 	da->val[8] += z.val[8];
 	bn_multiply(da, &k, &order256k1);
 	bn_mod(&k, &order256k1);
-	for (i = 0; i < 9; i++) {
-		if (k.val[i] != 0) break;
-	}
 	// if k is zero, we fail
-	if (i == 9) {
-		return 3;
-	}
+	if (bn_is_zero(&k)) return 3;

 	// if S > order/2 => S = -S
 	if (bn_is_less(&order256k1_half, &k)) {
@ -595,11 +585,7 @@ int ecdsa_verify_digest(const uint8_t *pub_key, const uint8_t *sig, const uint8_
 	bn_mod(&(res.x), &order256k1);

 	// signature does not match
-	for (i = 0; i < 9; i++) {
-		if (res.x.val[i] != r.val[i]) {
-			return 5;
-		}
-	}
+	if (!bn_is_equal(&res.x, &r)) return 5;

 	// all OK
 	return 0;