musig: Use _ge_set_all_gej for own public nonces

real-or-random · real-or-random · commit 64228a648fa1 · 2024-11-01T23:33:53.000+01:00
diff --git a/src/modules/musig/session_impl.h b/src/modules/musig/session_impl.h
@@ -395,6 +395,7 @@ static void secp256k1_nonce_function_musig(secp256k1_scalar *k, const unsigned c
 int secp256k1_musig_nonce_gen_internal(const secp256k1_context* ctx, secp256k1_musig_secnonce *secnonce, secp256k1_musig_pubnonce *pubnonce, const unsigned char *input_nonce, const unsigned char *seckey, const secp256k1_pubkey *pubkey, const unsigned char *msg32, const secp256k1_musig_keyagg_cache *keyagg_cache, const unsigned char *extra_input32) {
     secp256k1_scalar k[2];
     secp256k1_ge nonce_pts[2];
+    secp256k1_gej nonce_ptj[2];
     int i;
     unsigned char pk_ser[33];
     size_t pk_ser_len = sizeof(pk_ser);
@@ -445,12 +446,13 @@ int secp256k1_musig_nonce_gen_internal(const secp256k1_context* ctx, secp256k1_m
     secp256k1_musig_secnonce_invalidate(ctx, secnonce, !ret);
 
     for (i = 0; i < 2; i++) {
-        secp256k1_gej nonce_ptj;
-        secp256k1_ecmult_gen(&ctx->ecmult_gen_ctx, &nonce_ptj, &k[i]);
-        secp256k1_ge_set_gej(&nonce_pts[i], &nonce_ptj);
-        secp256k1_declassify(ctx, &nonce_pts[i], sizeof(nonce_pts[i]));
+        secp256k1_ecmult_gen(&ctx->ecmult_gen_ctx, &nonce_ptj[i], &k[i]);
         secp256k1_scalar_clear(&k[i]);
     }
+    secp256k1_ge_set_all_gej(nonce_pts, nonce_ptj, 2);
+    for (i = 0; i < 2; i++) {
+        secp256k1_declassify(ctx, &nonce_pts[i], sizeof(nonce_pts[i]));
+    }
     /* None of the nonce_pts will be infinity because k != 0 with overwhelming
      * probability */
     secp256k1_musig_pubnonce_save(pubnonce, nonce_pts);
