From 66452d48257da576c12e7407ccd788e3720cf8a9 Mon Sep 17 00:00:00 2001 From: csjones Date: Thu, 5 Jun 2025 18:53:45 -0700 Subject: [PATCH 1/4] fix: change w variable type from uint32_t to uint64_t in modinv64 implementation --- src/modinv64_impl.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/modinv64_impl.h b/src/modinv64_impl.h index 548787bedf..24156e6376 100644 --- a/src/modinv64_impl.h +++ b/src/modinv64_impl.h @@ -240,7 +240,7 @@ static int64_t secp256k1_modinv64_divsteps_62_var(int64_t eta, uint64_t f0, uint /* Transformation matrix; see comments in secp256k1_modinv64_divsteps_62. */ uint64_t u = 1, v = 0, q = 0, r = 1; uint64_t f = f0, g = g0, m; - uint32_t w; + uint64_t w; int i = 62, limit, zeros; for (;;) { @@ -326,7 +326,7 @@ static int64_t secp256k1_modinv64_posdivsteps_62_var(int64_t eta, uint64_t f0, u /* Transformation matrix; see comments in secp256k1_modinv64_divsteps_62. */ uint64_t u = 1, v = 0, q = 0, r = 1; uint64_t f = f0, g = g0, m; - uint32_t w; + uint64_t w; int i = 62, limit, zeros; int jac = *jacp; From 3ddc5bedef1206d614de4ee652a35defba66815d Mon Sep 17 00:00:00 2001 From: csjones Date: Wed, 14 Jan 2026 15:44:35 -0800 Subject: [PATCH 2/4] fix: use explicit casts for 'implicit conversion loses integer precision' warnings in scalar_4x64_impl.h --- src/scalar_4x64_impl.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/scalar_4x64_impl.h b/src/scalar_4x64_impl.h index a5bf18feb9..9f64c444a4 100644 --- a/src/scalar_4x64_impl.h +++ b/src/scalar_4x64_impl.h @@ -109,7 +109,7 @@ static int secp256k1_scalar_add(secp256k1_scalar *r, const secp256k1_scalar *a, secp256k1_u128_accum_u64(&t, a->d[3]); secp256k1_u128_accum_u64(&t, b->d[3]); r->d[3] = secp256k1_u128_to_u64(&t); secp256k1_u128_rshift(&t, 64); - overflow = secp256k1_u128_to_u64(&t) + secp256k1_scalar_check_overflow(r); + overflow = (int)secp256k1_u128_to_u64(&t) + secp256k1_scalar_check_overflow(r); VERIFY_CHECK(overflow == 0 || overflow == 1); secp256k1_scalar_reduce(r, overflow); @@ -634,7 +634,7 @@ static void secp256k1_scalar_reduce_512(secp256k1_scalar *r, const uint64_t *l) sumadd_fast(n3); extract_fast(m5); VERIFY_CHECK(c0 <= 1); - m6 = c0; + m6 = (uint32_t)c0; /* Reduce 385 bits into 258. */ /* p[0..4] = m[0..3] + m[4..6] * SECP256K1_N_C. */ @@ -654,7 +654,7 @@ static void secp256k1_scalar_reduce_512(secp256k1_scalar *r, const uint64_t *l) muladd_fast(m6, SECP256K1_N_C_1); sumadd_fast(m5); extract_fast(p3); - p4 = c0 + m6; + p4 = (uint32_t)c0 + m6; VERIFY_CHECK(p4 <= 2); /* Reduce 258 bits into 256. */ @@ -674,7 +674,7 @@ static void secp256k1_scalar_reduce_512(secp256k1_scalar *r, const uint64_t *l) #endif /* Final reduction of r. */ - secp256k1_scalar_reduce(r, c + secp256k1_scalar_check_overflow(r)); + secp256k1_scalar_reduce(r, (unsigned int)c + secp256k1_scalar_check_overflow(r)); } static void secp256k1_scalar_mul_512(uint64_t *l8, const secp256k1_scalar *a, const secp256k1_scalar *b) { From 4a84fb7e4357b8cdc743a3d34d08f4232b75896a Mon Sep 17 00:00:00 2001 From: csjones Date: Wed, 14 Jan 2026 15:50:14 -0800 Subject: [PATCH 3/4] fix: use explicit casts for 'implicit conversion loses integer precision' warnings in hash_impl.h fix: correct cast placement in hash_impl.h to preserve full 64-bit shift operations --- src/hash_impl.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/hash_impl.h b/src/hash_impl.h index 4341917773..5348823be0 100644 --- a/src/hash_impl.h +++ b/src/hash_impl.h @@ -148,8 +148,8 @@ static void secp256k1_sha256_finalize(secp256k1_sha256 *hash, unsigned char *out int i; /* The maximum message size of SHA256 is 2^64-1 bits. */ VERIFY_CHECK(hash->bytes < ((uint64_t)1 << 61)); - secp256k1_write_be32(&sizedesc[0], hash->bytes >> 29); - secp256k1_write_be32(&sizedesc[4], hash->bytes << 3); + secp256k1_write_be32(&sizedesc[0], (uint32_t)(hash->bytes >> 29)); + secp256k1_write_be32(&sizedesc[4], (uint32_t)(hash->bytes << 3)); secp256k1_sha256_write(hash, pad, 1 + ((119 - (hash->bytes % 64)) % 64)); secp256k1_sha256_write(hash, sizedesc, 8); for (i = 0; i < 8; i++) { From da9db68bc9ebefc0d185093a881fe6a0a8317174 Mon Sep 17 00:00:00 2001 From: csjones Date: Wed, 21 Jan 2026 21:26:00 -0800 Subject: [PATCH 4/4] refactor: preserve unsigned arithmetic and add VERIFY_CHECKs before casts in scalar_4x64_impl.h --- src/scalar_4x64_impl.h | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/scalar_4x64_impl.h b/src/scalar_4x64_impl.h index 9f64c444a4..c4491c5970 100644 --- a/src/scalar_4x64_impl.h +++ b/src/scalar_4x64_impl.h @@ -92,7 +92,7 @@ SECP256K1_INLINE static int secp256k1_scalar_reduce(secp256k1_scalar *r, unsigne } static int secp256k1_scalar_add(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b) { - int overflow; + uint64_t overflow; secp256k1_uint128 t; SECP256K1_SCALAR_VERIFY(a); SECP256K1_SCALAR_VERIFY(b); @@ -109,12 +109,12 @@ static int secp256k1_scalar_add(secp256k1_scalar *r, const secp256k1_scalar *a, secp256k1_u128_accum_u64(&t, a->d[3]); secp256k1_u128_accum_u64(&t, b->d[3]); r->d[3] = secp256k1_u128_to_u64(&t); secp256k1_u128_rshift(&t, 64); - overflow = (int)secp256k1_u128_to_u64(&t) + secp256k1_scalar_check_overflow(r); + overflow = secp256k1_u128_to_u64(&t) + secp256k1_scalar_check_overflow(r); VERIFY_CHECK(overflow == 0 || overflow == 1); - secp256k1_scalar_reduce(r, overflow); + secp256k1_scalar_reduce(r, (unsigned int)overflow); SECP256K1_SCALAR_VERIFY(r); - return overflow; + return (int)overflow; } static void secp256k1_scalar_cadd_bit(secp256k1_scalar *r, unsigned int bit, int flag) { @@ -654,6 +654,7 @@ static void secp256k1_scalar_reduce_512(secp256k1_scalar *r, const uint64_t *l) muladd_fast(m6, SECP256K1_N_C_1); sumadd_fast(m5); extract_fast(p3); + VERIFY_CHECK(c0 <= 2); p4 = (uint32_t)c0 + m6; VERIFY_CHECK(p4 <= 2); @@ -674,6 +675,7 @@ static void secp256k1_scalar_reduce_512(secp256k1_scalar *r, const uint64_t *l) #endif /* Final reduction of r. */ + VERIFY_CHECK(c <= 1); secp256k1_scalar_reduce(r, (unsigned int)c + secp256k1_scalar_check_overflow(r)); }