Make secp256k1_{fe,ge,gej}_verify work as no-op if non-VERIFY

Author: sipa

src/field.h

@@ -143,9 +143,7 @@ static void secp256k1_fe_get_bounds(secp256k1_fe *r, int m);
 /** Determine whether a is a square (modulo p). */
 static int secp256k1_fe_is_square_var(const secp256k1_fe *a);
 
-#ifdef VERIFY
-/** Check invariants on a field element. */
+/** Check invariants on a field element (no-op unless VERIFY is enabled). */
 static void secp256k1_fe_verify(const secp256k1_fe *a);
-#endif
 
 #endif /* SECP256K1_FIELD_H */

src/field_10x26_impl.h

@@ -21,8 +21,8 @@
  *  - 2*M*(2^26-1) is the max (inclusive) of the remaining limbs
  */
 
-#ifdef VERIFY
 static void secp256k1_fe_verify(const secp256k1_fe *a) {
+#ifdef VERIFY
     const uint32_t *d = a->n;
     int m = a->normalized ? 1 : 2 * a->magnitude, r = 1;
     r &= (d[0] <= 0x3FFFFFFUL * m);
@@ -47,8 +47,9 @@ static void secp256k1_fe_verify(const secp256k1_fe *a) {
         }
     }
     VERIFY_CHECK(r == 1);
-}
 #endif
+    (void)a;
+}
 
 static void secp256k1_fe_get_bounds(secp256k1_fe *r, int m) {
     VERIFY_CHECK(m >= 0);
@@ -458,9 +459,7 @@ SECP256K1_INLINE static void secp256k1_fe_mul_int(secp256k1_fe *r, int a) {
 }
 
 SECP256K1_INLINE static void secp256k1_fe_add(secp256k1_fe *r, const secp256k1_fe *a) {
-#ifdef VERIFY
     secp256k1_fe_verify(a);
-#endif
     r->n[0] += a->n[0];
     r->n[1] += a->n[1];
     r->n[2] += a->n[2];
@@ -479,11 +478,9 @@ SECP256K1_INLINE static void secp256k1_fe_add(secp256k1_fe *r, const secp256k1_f
 }
 
 SECP256K1_INLINE static void secp256k1_fe_add_int(secp256k1_fe *r, int a) {
-#ifdef VERIFY
     secp256k1_fe_verify(r);
     VERIFY_CHECK(a >= 0);
     VERIFY_CHECK(a <= 0x7FFF);
-#endif
     r->n[0] += a;
 #ifdef VERIFY
     r->magnitude += 1;

src/field_5x52_impl.h

@@ -33,8 +33,8 @@
  *  0 or 1, and its value is already reduced modulo the order of the field.
  */
 
-#ifdef VERIFY
 static void secp256k1_fe_verify(const secp256k1_fe *a) {
+#ifdef VERIFY
     const uint64_t *d = a->n;
     int m = a->normalized ? 1 : 2 * a->magnitude, r = 1;
    /* secp256k1 'p' value defined in "Standards for Efficient Cryptography" (SEC2) 2.7.1. */
@@ -52,8 +52,9 @@ static void secp256k1_fe_verify(const secp256k1_fe *a) {
         }
     }
     VERIFY_CHECK(r == 1);
-}
 #endif
+    (void)a;
+}
 
 static void secp256k1_fe_get_bounds(secp256k1_fe *r, int m) {
     VERIFY_CHECK(m >= 0);
@@ -422,11 +423,9 @@ SECP256K1_INLINE static void secp256k1_fe_mul_int(secp256k1_fe *r, int a) {
 }
 
 SECP256K1_INLINE static void secp256k1_fe_add_int(secp256k1_fe *r, int a) {
-#ifdef VERIFY
     secp256k1_fe_verify(r);
     VERIFY_CHECK(a >= 0);
     VERIFY_CHECK(a <= 0x7FFF);
-#endif
     r->n[0] += a;
 #ifdef VERIFY
     r->magnitude += 1;
@@ -436,9 +435,7 @@ SECP256K1_INLINE static void secp256k1_fe_add_int(secp256k1_fe *r, int a) {
 }
 
 SECP256K1_INLINE static void secp256k1_fe_add(secp256k1_fe *r, const secp256k1_fe *a) {
-#ifdef VERIFY
     secp256k1_fe_verify(a);
-#endif
     r->n[0] += a->n[0];
     r->n[1] += a->n[1];
     r->n[2] += a->n[2];

src/group.h

@@ -164,12 +164,10 @@ static void secp256k1_gej_rescale(secp256k1_gej *r, const secp256k1_fe *b);
  */
 static int secp256k1_ge_is_in_correct_subgroup(const secp256k1_ge* ge);
 
-#ifdef VERIFY
-/** Check invariants on an affine group element. */
+/** Check invariants on an affine group element (no-op unless VERIFY is enabled). */
 static void secp256k1_ge_verify(const secp256k1_ge *a);
 
-/** Check invariants on a Jacobian group element. */
+/** Check invariants on a Jacobian group element (no-op unless VERIFY is enabled). */
 static void secp256k1_gej_verify(const secp256k1_gej *a);
-#endif
 
 #endif /* SECP256K1_GROUP_H */