Commit Graph

664 Commits

Author SHA1 Message Date
Pieter Wuille
73f64ff8f3
Merge pull request #339
9234391 Overhaul flags handling (Pieter Wuille)
1a36898 Make flags more explicit, add runtime checks. (Rusty Russell)
2015-10-25 20:10:41 +01:00
Pieter Wuille
9234391ed4 Overhaul flags handling 2015-10-24 19:47:13 +02:00
Rusty Russell
1a368980c8 Make flags more explicit, add runtime checks.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-10-24 19:39:44 +02:00
Pieter Wuille
1a3e03a348
Merge pull request #340
96be204 Add additional tests for eckey and arg-checks. (Gregory Maxwell)
bb5aa4d Make the tweak function zeroize-output-on-fail behavior consistent. (Gregory Maxwell)
4a243da Move secp256k1_ec_privkey_import/export to contrib. (Gregory Maxwell)
1b3efc1 Move secp256k1_ecdsa_sig_recover into the recovery module. (Gregory Maxwell)
e3cd679 Eliminate all side-effects from VERIFY_CHECK() usage. (Gregory Maxwell)
b30fc85 Avoid nonce_function_rfc6979 algo16 argument emulation. (Gregory Maxwell)
70d4640 Make secp256k1_ec_pubkey_create skip processing invalid secret keys. (Gregory Maxwell)
6c476a8 Minor comment improvements. (Gregory Maxwell)
2015-10-24 19:32:31 +02:00
Gregory Maxwell
96be20463f Add additional tests for eckey and arg-checks.
This gets branch coverage up over 90% for me.
2015-10-22 22:57:33 +00:00
Gregory Maxwell
bb5aa4df55 Make the tweak function zeroize-output-on-fail behavior consistent.
Previously the private key tweak operations left the input unchanged
 on failure but the pubkey versions zeroized on failure.
2015-10-22 22:57:33 +00:00
Gregory Maxwell
4a243da47c Move secp256k1_ec_privkey_import/export to contrib.
These functions are intended for compatibility with legacy software,
 and are not normally needed in new secp256k1 applications.

They also do not obeying any particular standard (and likely cannot
 without without undermining their compatibility), and so are a
 better fit for contrib.
2015-10-22 22:57:33 +00:00
Gregory Maxwell
1b3efc1147 Move secp256k1_ecdsa_sig_recover into the recovery module. 2015-10-22 22:57:33 +00:00
Gregory Maxwell
e3cd679634 Eliminate all side-effects from VERIFY_CHECK() usage.
The side-effects make review somewhat harder because 99.9% of the
 time the macro usage has no sideeffects, so they're easily ignored.

The main motivation for avoiding the side effects is so that the
 macro can be completely stubbed out for branch coverage analysis
 otherwise all the unreachable verify code gets counted against
 coverage.
2015-10-22 22:57:33 +00:00
Gregory Maxwell
b30fc85c9e Avoid nonce_function_rfc6979 algo16 argument emulation.
This avoids data=NULL and data = zeros to producing the same nonce.

Previously the code tried to avoid the case where some data inputs
 aliased algo16 inputs by always padding out the data.

But because algo16 and data are different lengths they cannot
 emulate each other, and the padding would match a data value of
 all zeros.
2015-10-22 22:57:33 +00:00
Gregory Maxwell
70d4640172 Make secp256k1_ec_pubkey_create skip processing invalid secret keys.
This makes it somewhat less constant time in error conditions, but
 avoids encountering an internal assertion failure when trying
 to write out the point at infinity.
2015-10-22 22:57:33 +00:00
Gregory Maxwell
6c476a8a9b Minor comment improvements. 2015-10-22 22:57:33 +00:00
Pieter Wuille
131afe5bf5
Merge pull request #334
0c6ab2f Introduce explicit lower-S normalization (Pieter Wuille)
fea19e7 Add contrib/lax_der_parsing.h (Pieter Wuille)
3bb9c44 Rewrite ECDSA signature parsing code (Pieter Wuille)
fa57f1b Use secp256k1_rand_int and secp256k1_rand_bits more (Pieter Wuille)
49b3749 Add new tests for the extra testrand functions (Pieter Wuille)
f684d7d Faster secp256k1_rand_int implementation (Pieter Wuille)
251b1a6 Improve testrand: add extra random functions (Pieter Wuille)
2015-10-23 00:23:54 +02:00
Pieter Wuille
0c6ab2ff18 Introduce explicit lower-S normalization
ECDSA signature verification now requires normalized signatures (with S in the
lower half of the range). In case the input cannot be guaranteed to provide this,
a new function secp256k1_ecdsa_signature_normalize is provided to preprocess it.
2015-10-21 16:14:42 +02:00
Pieter Wuille
fea19e7bb7 Add contrib/lax_der_parsing.h
This shows a snippet of code to do lax DER parsing, without obeying to any
particular standard.
2015-10-21 16:14:35 +02:00
Pieter Wuille
3bb9c44719 Rewrite ECDSA signature parsing code
There are now 2 encoding formats supported: 64-byte "compact" and DER.
The latter is strict: the data has to be exact DER, though the values
inside don't need to be valid.
2015-10-21 16:13:37 +02:00
Pieter Wuille
fa57f1bdf1 Use secp256k1_rand_int and secp256k1_rand_bits more
Update the unit tests to make use of the new RNG functions.
2015-10-21 16:13:37 +02:00
Pieter Wuille
49b374985d Add new tests for the extra testrand functions 2015-10-21 16:13:37 +02:00
Pieter Wuille
f684d7d987 Faster secp256k1_rand_int implementation 2015-10-21 16:13:37 +02:00
Pieter Wuille
251b1a62d3 Improve testrand: add extra random functions
This commit adds functions:
* secp256k1_rand_bits, which works like secp256k1_rand32, but consumes
  less randomness
* secp256k1_rand_int, which produces a uniform integer over any range
* secp256k1_rand_bytes_test, which works like secp256k1_rand256_test
  but for arbitrary byte array
2015-10-21 16:13:37 +02:00
Pieter Wuille
31994c8e5b
Merge pull request #338
f79aa88 Bugfix: swap arguments to noncefp (Pieter Wuille)
2015-10-21 16:11:44 +02:00
Pieter Wuille
f79aa88373 Bugfix: swap arguments to noncefp 2015-10-21 03:40:37 +02:00
Pieter Wuille
c98df263ed
Merge pull request #319
67f7da4 Extensive interface and operations tests for secp256k1_ec_pubkey_parse. (Gregory Maxwell)
ee2cb40 Add ARG_CHECKs to secp256k1_ec_pubkey_parse/secp256k1_ec_pubkey_serialize (Gregory Maxwell)
2015-10-14 14:32:26 +02:00
Gregory Maxwell
67f7da4087 Extensive interface and operations tests for secp256k1_ec_pubkey_parse.
This also makes use of optional valgrind instrumentation if -DVALGRIND
 is set.

This also moves secp256k1.c above secp256k1.h in tests.c or otherwise
 we get non-null macros on the public functions which may defeat some
 of the VERIFY checks.
2015-10-13 19:47:55 +00:00
Gregory Maxwell
ee2cb4007d Add ARG_CHECKs to secp256k1_ec_pubkey_parse/secp256k1_ec_pubkey_serialize
This also makes secp256k1_ec_pubkey_parse's init of pubkey more unconditional.
2015-10-13 19:39:58 +00:00
Pieter Wuille
7450ef171d
Merge pull request #328
7c823e3 travis: fixup module configs (Cory Fields)
2015-10-11 17:16:34 +02:00
Pieter Wuille
68a3c766ad
Merge pull request #329
b13d749 Fix couple of typos in API comments (Gustav Simonsson)
2015-10-11 17:15:32 +02:00
Pieter Wuille
98135ee3d2
Merge pull request #332
37100d7 improve ECDH header-doc (Jonas Schnelli)
2015-10-11 16:47:10 +02:00
Jonas Schnelli
37100d7284
improve ECDH header-doc
- use pubkey instead of point
- use privkey instead of scalar
2015-10-05 20:50:59 +02:00
Gustav Simonsson
b13d749947 Fix couple of typos in API comments 2015-09-30 17:23:13 +02:00
Cory Fields
7c823e3030 travis: fixup module configs 2015-09-29 20:37:50 -04:00
Pieter Wuille
cc3141a003
Merge pull request #325
338fc8b Add API exports to secp256k1_nonce_function_default and secp256k1_nonce_function_rfc6979. (Gregory Maxwell)
2015-09-30 00:51:46 +02:00
Pieter Wuille
ee58fae4f8
Merge pull request #326
213aa67 Do not force benchmarks to be statically linked. (Gregory Maxwell)
2015-09-30 00:49:38 +02:00
Gregory Maxwell
213aa67397 Do not force benchmarks to be statically linked.
Libtool will do the right thing and use whatever is available
 based on --enable-shared/--enable-static.

This also means that some of the things we build actually
 test the dynamic library.
2015-09-29 19:03:51 +00:00
Gregory Maxwell
338fc8bd71 Add API exports to secp256k1_nonce_function_default and secp256k1_nonce_function_rfc6979. 2015-09-29 18:56:21 +00:00
Pieter Wuille
52fd03f1ba
Merge pull request #320
9f6993f Remove some dead code. (Gregory Maxwell)
2015-09-28 21:48:09 +02:00
Gregory Maxwell
9f6993f370 Remove some dead code. 2015-09-28 05:43:51 +00:00
Pieter Wuille
357f8cd8f5
Merge pull request #314
118cd82 Use explicit symbol visibility. (Gregory Maxwell)
4e64608 Include public module headers when compiling modules. (Gregory Maxwell)
2015-09-25 21:36:18 +02:00
Gregory Maxwell
118cd8210f Use explicit symbol visibility.
The use of static makes this somewhat redundant currently, though if
 we later have multiple compilation units it will be needed.

This also sets the dllexport needed for shared libraries on win32.
2015-09-25 05:42:20 +00:00
Gregory Maxwell
4e64608082 Include public module headers when compiling modules.
Also fix the nullness requirements for schnorr nonce-pair generation.
2015-09-24 21:50:06 +00:00
Pieter Wuille
1f414378b8
Merge pull request #316
2b199de Use the explicit NULL macro for pointer comparisons. (Gregory Maxwell)
2015-09-24 19:36:54 +02:00
Pieter Wuille
fe0d463494
Merge pull request #317
cfe0ed9 Fix miscellaneous style nits that irritate overactive static analysis. (Gregory Maxwell)
2015-09-24 19:34:39 +02:00
Gregory Maxwell
cfe0ed916a Fix miscellaneous style nits that irritate overactive static analysis.
Also increase consistency with how overflow && zero is tested, and
 avoid some mixed declarations and code that GCC wasn't detecting.
2015-09-24 08:42:37 +00:00
Gregory Maxwell
2b199de888 Use the explicit NULL macro for pointer comparisons.
This makes it more clear that a null check is intended. Avoiding the
 use of a pointer as a test condition alse increases the type-safety
 of the comparisons.

(This is also MISRA C 2012 rules 14.4 and 11.9)
2015-09-23 22:00:43 +00:00
Pieter Wuille
9e9051687c
Merge pull request #294
dd891e0 Get rid of _t as it is POSIX reserved (Pieter Wuille)
2015-09-22 21:26:34 +02:00
Pieter Wuille
dd891e0ed5 Get rid of _t as it is POSIX reserved 2015-09-21 21:03:37 +02:00
Pieter Wuille
201819b3bc
Merge pull request #313
912f203 Eliminate a few unbraced statements that crept into the code. (Gregory Maxwell)
2015-09-21 20:56:31 +02:00
Gregory Maxwell
912f203fc5 Eliminate a few unbraced statements that crept into the code.
Also avoids some easily avoided multiple-returns.
2015-09-21 17:21:35 +00:00
Pieter Wuille
eeab823b70
Merge pull request #299
486b9bb Use a flags bitfield for compressed option to secp256k1_ec_pubkey_serialize and secp256k1_ec_privkey_export (Luke Dashjr)
05732c5 Callback data: Accept pointers to either const or non-const data (Luke Dashjr)
1973c73 Bugfix: Reinitialise buffer lengths that have been used as outputs (Luke Dashjr)
788038d Use size_t for lengths (at least in external API) (Luke Dashjr)
c9d7c2a secp256k1_context_set_{error,illegal}_callback: Restore default handler by passing NULL as function argument (Luke Dashjr)
9aac008 secp256k1_context_destroy: Allow NULL argument as a no-op (Luke Dashjr)
64b730b secp256k1_context_create: Use unsigned type for flags bitfield (Luke Dashjr)
2015-09-20 04:59:30 +02:00
Luke Dashjr
486b9bb8ce Use a flags bitfield for compressed option to secp256k1_ec_pubkey_serialize and secp256k1_ec_privkey_export 2015-09-19 19:33:30 +00:00