a mistake 'or' on variable retry

Question

a mistake 'or' on variable retry

garyyu opened this issue 6 years ago · comments

https://github.com/mimblewimble/secp256k1-zkp/blob/master/src/modules/aggsig/main_impl.h#L137-L138

int secp256k1_aggsig_generate_nonce_single(const secp256k1_context* ctx, secp256k1_scalar *secnonce, secp256k1_gej* pubnonce, secp256k1_rfc6979_hmac_sha256* rng) {
    int retry;
    ...
    /* generate nonce from the RNG */
    do {
        secp256k1_rfc6979_hmac_sha256_generate(rng, data, 32);
        secp256k1_scalar_set_b32(secnonce, data, &retry);
        retry |= secp256k1_scalar_is_zero(secnonce);
    } while (retry); /* This branch true is cryptographically unreachable. Requires sha256_hmac output > Fp. */
    ...

2 problems here:

Variable retry should give zero initialization
The while loop looks like a trap to infinite loop. If retry becomes not zero, then loop forever.

I guess retry |= should be retry = . Please confirm if it's.