From 84c959313d35eecceb2cd4b745a103433a78e0f9 Mon Sep 17 00:00:00 2001
From: Paul Driver <frodwith@gmail.com>
Date: Tue, 4 Aug 2020 13:10:30 -0700
Subject: [PATCH] begin move to u3r_unpack() (new function) for consistency in
 crypto jets

combining the padding and length checking into one function helps make
the crypto jets really boring and easy to scan, improving auditability.
---
 pkg/urbit/include/noun/retrieve.h           |  9 +++++++
 pkg/urbit/jets/e/ed_add_double_scalarmult.c | 29 +++++++--------------
 pkg/urbit/noun/retrieve.c                   | 17 ++++++++++++
 3 files changed, 35 insertions(+), 20 deletions(-)

diff --git a/pkg/urbit/include/noun/retrieve.h b/pkg/urbit/include/noun/retrieve.h
index eed2bcc916..c17877d9df 100644
--- a/pkg/urbit/include/noun/retrieve.h
+++ b/pkg/urbit/include/noun/retrieve.h
@@ -346,6 +346,15 @@
                   c3_y*   c_y,
                   u3_atom d);
 
+      /* u3r_unpack():
+      **
+      **   Copy (len_w) bytes of (a) into (buf_y) if it fits, returning overage
+      */
+        c3_w
+        u3r_unpack(c3_w len_w,
+                   c3_y *buf_y,
+                   u3_atom a);
+
       /* u3r_chop():
       **
       **   Into the bloq space of `met`, from position `fum` for a
diff --git a/pkg/urbit/jets/e/ed_add_double_scalarmult.c b/pkg/urbit/jets/e/ed_add_double_scalarmult.c
index b177d826d3..a89ed34d19 100644
--- a/pkg/urbit/jets/e/ed_add_double_scalarmult.c
+++ b/pkg/urbit/jets/e/ed_add_double_scalarmult.c
@@ -12,29 +12,18 @@
                              u3_atom c,
                              u3_atom d)
   {
-    c3_w ate_w, bet_w, get_w, det_w;
+    c3_y a_y[32], b_y[32], c_y[32], d_y[32], out_y[32];
 
-    if ( ((ate_w = u3r_met(3, a)) > 32) ||
-         ((bet_w = u3r_met(3, b)) > 32) ||
-         ((get_w = u3r_met(3, c)) > 32) ||
-         ((det_w = u3r_met(3, d)) > 32) ) {
-      return u3_none;
+    if ( (0 == u3r_unpack(32, a_y, a)) &&
+         (0 == u3r_unpack(32, b_y, b)) &&
+         (0 == u3r_unpack(32, c_y, c)) &&
+         (0 == u3r_unpack(32, d_y, d)) &&
+         (0 == urcrypt_ed_add_double_scalarmult(a_y, b_y, c_y, d_y, out_y)) )
+    {
+      return u3i_bytes(32, out_y);
     }
     else {
-      c3_y a_y[32], b_y[32], c_y[32], d_y[32], out_y[32];
-
-      memset(a_y, 0, 32);
-      memset(b_y, 0, 32);
-      memset(c_y, 0, 32);
-      memset(d_y, 0, 32);
-      u3r_bytes(0, ate_w, a_y, a);
-      u3r_bytes(0, bet_w, b_y, b);
-      u3r_bytes(0, get_w, c_y, c);
-      u3r_bytes(0, det_w, d_y, d);
-
-      return ( 0 == urcrypt_ed_add_double_scalarmult(a_y, b_y, c_y, d_y, out_y) )
-        ? u3i_bytes(32, out_y)
-        : u3_none;
+      return u3_none;
     }
   }
 
diff --git a/pkg/urbit/noun/retrieve.c b/pkg/urbit/noun/retrieve.c
index 63589ab1e1..36fed5073b 100644
--- a/pkg/urbit/noun/retrieve.c
+++ b/pkg/urbit/noun/retrieve.c
@@ -1076,6 +1076,23 @@ u3r_bytes(c3_w    a_w,
   }
 }
 
+/* u3r_unpack():
+**
+**  Copy (len_w) bytes of (a) into (buf_y) if it fits, returning overage
+*/
+c3_w
+u3r_unpack(c3_w len_w, c3_y *buf_y, u3_atom a)
+{
+  c3_w met_w = u3r_met(3, a);
+  if ( met_w <= len_w ) {
+    u3r_bytes(0, len_w, buf_y, a);
+    return 0;
+  }
+  else {
+    return len_w - met_w;
+  }
+}
+
 /* u3r_mp():
 **
 **   Copy (b) into (a_mp).