fixed

deatil · deatil · commit e8b926c81e90 · 2025-11-03T13:39:49.000+08:00
diff --git a/elliptic/e521/params.go b/elliptic/e521/params.go
@@ -77,6 +77,9 @@ func (curve *E521Curve) Add(x1, y1, x2, y2 *big.Int) (*big.Int, *big.Int) {
         return x1, y1
     }
 
+    panicIfNotOnCurve(curve, x1, y1)
+    panicIfNotOnCurve(curve, x2, y2)
+
     // x3 = (x1*y2 + y1*x2) / (1 + d*x1*x2*y1*y2)
     // y3 = (y1*y2 - x1*x2) / (1 - d*x1*x2*y1*y2)
 
@@ -110,7 +113,12 @@ func (curve *E521Curve) Add(x1, y1, x2, y2 *big.Int) (*big.Int, *big.Int) {
 
 // Double returns 2*(x,y)
 func (curve *E521Curve) Double(x1, y1 *big.Int) (*big.Int, *big.Int) {
-    return curve.Add(x1, y1, x1, y1)
+    panicIfNotOnCurve(curve, x1, y1)
+
+    x2 := new(big.Int).Set(x1)
+    y2 := new(big.Int).Set(y1)
+
+    return curve.Add(x2, y2, x2, y2)
 }
 
 func (curve *E521Curve) ScalarMult(x, y *big.Int, k []byte) (*big.Int, *big.Int) {
diff --git a/elliptic/kg/params.go b/elliptic/kg/params.go
@@ -72,6 +72,9 @@ func (curve *KGCurve) Add(x1, y1, x2, y2 *big.Int) (*big.Int, *big.Int) {
         return nil, nil
     }
 
+    panicIfNotOnCurve(curve, x1, y1)
+    panicIfNotOnCurve(curve, x2, y2)
+
     y2MinusY1 := new(big.Int).Sub(y2, y1)
     x2MinusX1 := new(big.Int).Sub(x2, x1)
     x2MinusX1Inv := new(big.Int).ModInverse(x2MinusX1, curve.P)
@@ -92,23 +95,27 @@ func (curve *KGCurve) Add(x1, y1, x2, y2 *big.Int) (*big.Int, *big.Int) {
 }
 
 func (curve *KGCurve) Double(x, y *big.Int) (*big.Int, *big.Int) {
-    // 3 * x³ + a
+    panicIfNotOnCurve(curve, x, y)
+
+    // numerator = 3 * x³ + a
     x2 := new(big.Int).Mul(x, x)
     threeX2 := new(big.Int).Mul(big.NewInt(3), x2)
     numerator := new(big.Int).Add(threeX2, curve.A)
 
-    // 2 * y
+    // denomInv = 1 / (2 * y)
     twoY := new(big.Int).Mul(big.NewInt(2), y)
     denomInv := new(big.Int).ModInverse(twoY, curve.P)
 
-    // (3 * x³ + a) * (2 * y)
+    // lambda = (3 * x³ + a) / (2 * y)
     lambda := new(big.Int).Mul(numerator, denomInv)
     lambda.Mod(lambda, curve.P)
 
+    // x3 = lambda^2 - 2 * x
     x3 := new(big.Int).Mul(lambda, lambda)
     x3.Sub(x3, new(big.Int).Mul(big.NewInt(2), x))
     x3.Mod(x3, curve.P)
 
+    // y3 = (x - x^3) * lambda - y
     y3 := new(big.Int).Sub(x, x3)
     y3.Mul(lambda, y3)
     y3.Sub(y3, y)
diff --git a/elliptic/secp256k1/params.go b/elliptic/secp256k1/params.go
@@ -24,6 +24,7 @@ func (crv *secp256k1) IsOnCurve(x, y *big.Int) bool {
     if _, err := p.NewPoint(x, y); err != nil {
         return false
     }
+
     return curve256k1.IsOnCurve(&p)
 }
 

Original file line number	Diff line number	Diff line change
`@@ -24,6 +24,7 @@ func (crv secp256k1) IsOnCurve(x, y big.Int) bool {`
`24`	`24`	`if _, err := p.NewPoint(x, y); err != nil {`
`25`	`25`	`return false`
`26`	`26`	`}`
	`27`	`+`
`27`	`28`	`return curve256k1.IsOnCurve(&p)`
`28`	`29`	`}`
`29`	`30`