Skip to content

Java/JNI: Add native bindings for Schnorr signatures #47

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
guggero wants to merge 60 commits into from
Closed

Java/JNI: Add native bindings for Schnorr signatures #47

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
60 commits
Select commit Hold shift + click to select a range
efc61dc
Add 64-bit integer utilities
gmaxwell Aug 5, 2015
ae1e576
Pedersen commitments, borromean ring signatures, and ZK range proofs.
gmaxwell Aug 5, 2015
6d28767
Get rid of precomputed H tables (Pieter Wuille)
apoelstra Mar 13, 2018
cf40b1b
[RANGEPROOF BREAK] Use quadratic residue for tie break and modularity…
apoelstra Jul 4, 2016
d46fc3c
rangeproof: expose sidechannel message field in the signing API
apoelstra Jul 5, 2016
f4620de
Constant-time generator module
sipa Jul 6, 2016
21bfb3c
Expose generator in pedersen/rangeproof API
sipa Jul 6, 2016
a2bc660
rangeproof: several API changes
apoelstra Jul 6, 2016
c174f0c
Implement ring-signature based whitelist delegation scheme
apoelstra Apr 21, 2016
0c17f79
add surjection proof module
apoelstra Jul 1, 2016
e609591
rangeproof: fix memory leak in unit tests
apoelstra Apr 22, 2017
7878a29
surjectionproof: tests_impl.h s/assert/CHECK/g
apoelstra May 2, 2017
1e2d5c1
surjectionproof: add API unit tests
apoelstra May 2, 2017
417bb06
surjectionproof: rename unit test functions to be more consistent wit…
apoelstra May 3, 2017
0d81702
rangeproof: add API tests
apoelstra May 3, 2017
7f17515
Fix include/secp256k1_rangeproof.h function argument documentation.
jonasnick May 8, 2017
9b8a9d9
whitelist: fix serialize/parse API to take serialized length
apoelstra Jun 26, 2017
37c57de
Fix checks of whitelist serialize/parse arguments
jonasnick Jun 27, 2017
b51886e
Add n_keys argument to whitelist_verify
jonasnick Jul 10, 2017
526c654
Fix pedersen_blind_generator_blind_sum return value documentation
jonasnick Jul 10, 2017
b0e9aa8
Fix generator makefile
instagibbs Aug 16, 2017
ec1ef04
generator: remove unnecessary ARG_CHECK from generate()
apoelstra Aug 30, 2017
a707865
generator: add API tests
apoelstra Aug 30, 2017
52a9f8f
add whitelist_impl.h to include for dist
instagibbs Feb 13, 2018
b1f31bc
Add whitelisting benchmark
jonasnick Mar 16, 2018
0c77ae9
Minor bugfix. Wrong length due to NUL character.
datavetaren May 16, 2018
a3a1800
Reject surjection proofs with trailing garbage
real-or-random May 23, 2018
9b2cf17
Test for rejection of trailing bytes in surjection proofs
real-or-random May 23, 2018
fb75faa
Test for rejection of trailing bytes in range proofs
real-or-random May 24, 2018
fb1ba32
fix spelling in documentation
instagibbs Jun 20, 2018
e065d7d
Expose generator in shared library
FrankC01 Jul 25, 2018
44fe43d
rangeproof: add fixed vector test case
apoelstra Oct 2, 2018
ae14e8a
rangeproof: check that points deserialize correctly when verifying ra…
apoelstra Oct 2, 2018
32d7526
generator: verify correctness of point when parsing
apoelstra Oct 2, 2018
60c173b
rangeproof: verify correctness of pedersen commitments when parsing
apoelstra Oct 2, 2018
2ccf885
rangeproof: fix serialization of pedersen commintments
apoelstra Oct 8, 2018
85fd42f
add unit test for generator and pedersen commitment roundtripping
apoelstra Oct 8, 2018
71c5fe0
Add comment to explain effect of max_n_iterations in surjectionproof_…
jonasnick Apr 17, 2018
53ad841
Add explanation about how BIP32 unhardened derivation can be used to …
jonasnick Nov 19, 2018
ed59fbe
Add trivial ecmult_multi algorithm. It is selected when no scratch sp…
jonasnick Dec 20, 2018
8c444ee
use proper types for rangeproof min/max
instagibbs Jan 3, 2019
12b0e5d
Enable more builds with rest of experimental flags
instagibbs Jan 3, 2019
2b2429d
rangeproof: reduce iteration count in unit tests
apoelstra Jan 3, 2019
6532fa0
Merge pull request #39 from instagibbs/more_builds
apoelstra Jan 3, 2019
43dd1f4
Merge pull request #40 from instagibbs/size_t
apoelstra Jan 3, 2019
8260800
add chacha20 function
apoelstra Apr 3, 2018
f0e4bb9
Add schnorrsig module which implements BIP-schnorr [0] compatible sig…
apoelstra May 9, 2018
77d5b4a
Add MuSig module which allows creating n-of-n multisignatures and ada…
jonasnick Dec 22, 2018
2fc700a
Add 3-of-3 MuSig example
jonasnick Dec 22, 2018
d5e22a5
Merge pull request #35 from jonasnick/2018-10-musig
apoelstra Feb 7, 2019
6b0b22b
musig: add user documentation
apoelstra Feb 8, 2019
0492592
f replace C by L
apoelstra Feb 12, 2019
8cab1c5
f more nits
apoelstra Feb 12, 2019
0512dd2
f reword adaptor signature stuf
apoelstra Feb 12, 2019
9125c16
f remove markdown indentation
apoelstra Feb 12, 2019
792d504
Update musig.md
ysangkok Feb 18, 2019
89b7f5b
f nits
apoelstra Feb 20, 2019
f6a6bca
musig: remove musig_session API docs about session ID reuse; link to …
apoelstra Feb 21, 2019
1bbad3a
Merge pull request #45 from apoelstra/2019-02-musig-docs
apoelstra Feb 21, 2019
e41b3a4
Java/JNI: Add native bindings for Schnorr signatures
guggero Feb 22, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,14 @@
bench_inv
bench_ecdh
bench_ecmult
bench_schnorrsig
bench_sign
bench_verify
bench_schnorr_verify
bench_recover
bench_internal
tests
exhaustive_tests
example_musig
gen_context
*.exe
*.so
Expand Down Expand Up @@ -48,3 +49,4 @@ build-aux/compile
build-aux/test-driver
src/stamp-h1
libsecp256k1.pc
.idea
6 changes: 4 additions & 2 deletions .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,11 @@ cache:
- src/java/guava/
env:
global:
- FIELD=auto BIGNUM=auto SCALAR=auto ENDOMORPHISM=no STATICPRECOMPUTATION=yes ASM=no BUILD=check EXTRAFLAGS= HOST= ECDH=no RECOVERY=no EXPERIMENTAL=no JNI=no
- FIELD=auto BIGNUM=auto SCALAR=auto ENDOMORPHISM=no STATICPRECOMPUTATION=yes ASM=no BUILD=check EXTRAFLAGS= HOST= ECDH=no RECOVERY=no EXPERIMENTAL=no JNI=no GENERATOR=no RANGEPROOF=no WHITELIST=no
- GUAVA_URL=https://search.maven.org/remotecontent?filepath=com/google/guava/guava/18.0/guava-18.0.jar GUAVA_JAR=src/java/guava/guava-18.0.jar
matrix:
- SCALAR=32bit FIELD=32bit EXPERIMENTAL=yes RANGEPROOF=yes WHITELIST=yes GENERATOR=yes
- FIELD=64bit EXPERIMENTAL=yes RANGEPROOF=yes WHITELIST=yes GENERATOR=yes
- SCALAR=32bit RECOVERY=yes
- SCALAR=32bit FIELD=32bit ECDH=yes EXPERIMENTAL=yes
- SCALAR=64bit
Expand Down Expand Up @@ -65,5 +67,5 @@ before_script: ./autogen.sh
script:
- if [ -n "$HOST" ]; then export USE_HOST="--host=$HOST"; fi
- if [ "x$HOST" = "xi686-linux-gnu" ]; then export CC="$CC -m32"; fi
- ./configure --enable-experimental=$EXPERIMENTAL --enable-endomorphism=$ENDOMORPHISM --with-field=$FIELD --with-bignum=$BIGNUM --with-scalar=$SCALAR --enable-ecmult-static-precomputation=$STATICPRECOMPUTATION --enable-module-ecdh=$ECDH --enable-module-recovery=$RECOVERY --enable-jni=$JNI $EXTRAFLAGS $USE_HOST && make -j2 $BUILD
- ./configure --enable-experimental=$EXPERIMENTAL --enable-endomorphism=$ENDOMORPHISM --with-field=$FIELD --with-bignum=$BIGNUM --with-scalar=$SCALAR --enable-ecmult-static-precomputation=$STATICPRECOMPUTATION --enable-module-ecdh=$ECDH --enable-module-recovery=$RECOVERY --enable-module-rangeproof=$RANGEPROOF --enable-module-whitelist=$WHITELIST --enable-module-generator=$GENERATOR --enable-jni=$JNI $EXTRAFLAGS $USE_HOST && make -j2 $BUILD
os: linux
24 changes: 24 additions & 0 deletions Makefile.am
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -178,6 +178,30 @@ if ENABLE_MODULE_ECDH
include src/modules/ecdh/Makefile.am.include
endif

if ENABLE_MODULE_SCHNORRSIG
include src/modules/schnorrsig/Makefile.am.include
endif

if ENABLE_MODULE_MUSIG
include src/modules/musig/Makefile.am.include
endif

if ENABLE_MODULE_RECOVERY
include src/modules/recovery/Makefile.am.include
endif

if ENABLE_MODULE_GENERATOR
include src/modules/generator/Makefile.am.include
endif

if ENABLE_MODULE_RANGEPROOF
include src/modules/rangeproof/Makefile.am.include
endif

if ENABLE_MODULE_WHITELIST
include src/modules/whitelist/Makefile.am.include
endif

if ENABLE_MODULE_SURJECTIONPROOF
include src/modules/surjection/Makefile.am.include
endif
118 changes: 118 additions & 0 deletions configure.ac
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -129,16 +129,46 @@ AC_ARG_ENABLE(module_ecdh,
[enable_module_ecdh=$enableval],
[enable_module_ecdh=no])

AC_ARG_ENABLE(module_schnorrsig,
AS_HELP_STRING([--enable-module-schnorrsig],[enable schnorrsig module (experimental)]),
[enable_module_schnorrsig=$enableval],
[enable_module_schnorrsig=no])

AC_ARG_ENABLE(module_musig,
AS_HELP_STRING([--enable-module-musig],[enable MuSig module (experimental)]),
[enable_module_musig=$enableval],
[enable_module_musig=no])

AC_ARG_ENABLE(module_recovery,
AS_HELP_STRING([--enable-module-recovery],[enable ECDSA pubkey recovery module (default is no)]),
[enable_module_recovery=$enableval],
[enable_module_recovery=no])

AC_ARG_ENABLE(module_generator,
AS_HELP_STRING([--enable-module-generator],[enable NUMS generator module (default is no)]),
[enable_module_generator=$enableval],
[enable_module_generator=no])

AC_ARG_ENABLE(module_rangeproof,
AS_HELP_STRING([--enable-module-rangeproof],[enable Pedersen / zero-knowledge range proofs module (default is no)]),
[enable_module_rangeproof=$enableval],
[enable_module_rangeproof=no])

AC_ARG_ENABLE(module_whitelist,
AS_HELP_STRING([--enable-module-whitelist],[enable key whitelisting module (default is no)]),
[enable_module_whitelist=$enableval],
[enable_module_whitelist=no])

AC_ARG_ENABLE(jni,
AS_HELP_STRING([--enable-jni],[enable libsecp256k1_jni (default is no)]),
[use_jni=$enableval],
[use_jni=no])

AC_ARG_ENABLE(module_surjectionproof,
AS_HELP_STRING([--enable-module-surjectionproof],[enable surjection proof module (default is no)]),
[enable_module_surjectionproof=$enableval],
[enable_module_surjectionproof=no])

AC_ARG_WITH([field], [AS_HELP_STRING([--with-field=64bit|32bit|auto],
[Specify Field Implementation. Default is auto])],[req_field=$withval], [req_field=auto])

Expand Down Expand Up @@ -167,6 +197,12 @@ else
CFLAGS="$CFLAGS -O3"
fi

AC_MSG_CHECKING([for __builtin_popcount])
AC_COMPILE_IFELSE([AC_LANG_SOURCE([[void myfunc() {__builtin_popcount(0);}]])],
[ AC_MSG_RESULT([yes]);AC_DEFINE(HAVE_BUILTIN_POPCOUNT,1,[Define this symbol if __builtin_popcount is available]) ],
[ AC_MSG_RESULT([no])
])

if test x"$use_ecmult_static_precomputation" != x"no"; then
save_cross_compiling=$cross_compiling
cross_compiling=no
Expand Down Expand Up @@ -195,6 +231,12 @@ else
set_precomp=no
fi

AC_MSG_CHECKING([for __builtin_clzll])
AC_COMPILE_IFELSE([AC_LANG_SOURCE([[void myfunc() { __builtin_clzll(1);}]])],
[ AC_MSG_RESULT([yes]);AC_DEFINE(HAVE_BUILTIN_CLZLL,1,[Define this symbol if __builtin_clzll is available]) ],
[ AC_MSG_RESULT([no])
])

if test x"$req_asm" = x"auto"; then
SECP_64BIT_ASM_CHECK
if test x"$has_64bit_asm" = x"yes"; then
Expand Down Expand Up @@ -431,10 +473,34 @@ if test x"$enable_module_ecdh" = x"yes"; then
AC_DEFINE(ENABLE_MODULE_ECDH, 1, [Define this symbol to enable the ECDH module])
fi

if test x"$enable_module_schnorrsig" = x"yes"; then
AC_DEFINE(ENABLE_MODULE_SCHNORRSIG, 1, [Define this symbol to enable the schnorrsig module])
fi

if test x"$enable_module_musig" = x"yes"; then
AC_DEFINE(ENABLE_MODULE_MUSIG, 1, [Define this symbol to enable the MuSig module])
fi

if test x"$enable_module_recovery" = x"yes"; then
AC_DEFINE(ENABLE_MODULE_RECOVERY, 1, [Define this symbol to enable the ECDSA pubkey recovery module])
fi

if test x"$enable_module_generator" = x"yes"; then
AC_DEFINE(ENABLE_MODULE_GENERATOR, 1, [Define this symbol to enable the NUMS generator module])
fi

if test x"$enable_module_rangeproof" = x"yes"; then
AC_DEFINE(ENABLE_MODULE_RANGEPROOF, 1, [Define this symbol to enable the Pedersen / zero knowledge range proof module])
fi

if test x"$enable_module_whitelist" = x"yes"; then
AC_DEFINE(ENABLE_MODULE_WHITELIST, 1, [Define this symbol to enable the key whitelisting module])
fi

if test x"$enable_module_surjectionproof" = x"yes"; then
AC_DEFINE(ENABLE_MODULE_SURJECTIONPROOF, 1, [Define this symbol to enable the surjection proof module])
fi

AC_C_BIGENDIAN()

if test x"$use_external_asm" = x"yes"; then
Expand All @@ -458,14 +524,60 @@ if test x"$enable_experimental" = x"yes"; then
AC_MSG_NOTICE([WARNING: experimental build])
AC_MSG_NOTICE([Experimental features do not have stable APIs or properties, and may not be safe for production use.])
AC_MSG_NOTICE([Building ECDH module: $enable_module_ecdh])
AC_MSG_NOTICE([Building NUMS generator module: $enable_module_generator])
AC_MSG_NOTICE([Building range proof module: $enable_module_rangeproof])
AC_MSG_NOTICE([Building key whitelisting module: $enable_module_whitelist])
AC_MSG_NOTICE([Building surjection proof module: $enable_module_surjectionproof])
AC_MSG_NOTICE([Building schnorrsig module: $enable_module_schnorrsig])
AC_MSG_NOTICE([Building MuSig module: $enable_module_musig])
AC_MSG_NOTICE([******])


if test x"$enable_module_schnorrsig" != x"yes"; then
if test x"$enable_module_musig" = x"yes"; then
AC_MSG_ERROR([MuSig module requires the schnorrsig module. Use --enable-module-schnorrsig to allow.])
fi
fi

if test x"$enable_module_generator" != x"yes"; then
if test x"$enable_module_rangeproof" = x"yes"; then
AC_MSG_ERROR([Rangeproof module requires the generator module. Use --enable-module-generator to allow.])
fi
fi

if test x"$enable_module_rangeproof" != x"yes"; then
if test x"$enable_module_whitelist" = x"yes"; then
AC_MSG_ERROR([Whitelist module requires the rangeproof module. Use --enable-module-rangeproof to allow.])
fi
if test x"$enable_module_surjectionproof" = x"yes"; then
AC_MSG_ERROR([Surjection proof module requires the rangeproof module. Use --enable-module-rangeproof to allow.])
fi
fi
else
if test x"$enable_module_ecdh" = x"yes"; then
AC_MSG_ERROR([ECDH module is experimental. Use --enable-experimental to allow.])
fi
if test x"$enable_module_schnorrsig" = x"yes"; then
AC_MSG_ERROR([schnorrsig module is experimental. Use --enable-experimental to allow.])
fi
if test x"$enable_module_musig" = x"yes"; then
AC_MSG_ERROR([MuSig module is experimental. Use --enable-experimental to allow.])
fi
if test x"$set_asm" = x"arm"; then
AC_MSG_ERROR([ARM assembly optimization is experimental. Use --enable-experimental to allow.])
fi
if test x"$enable_module_generator" = x"yes"; then
AC_MSG_ERROR([NUMS generator module is experimental. Use --enable-experimental to allow.])
fi
if test x"$enable_module_rangeproof" = x"yes"; then
AC_MSG_ERROR([Range proof module is experimental. Use --enable-experimental to allow.])
fi
if test x"$enable_module_whitelist" = x"yes"; then
AC_MSG_ERROR([Key whitelisting module is experimental. Use --enable-experimental to allow.])
fi
if test x"$enable_module_surjectionproof" = x"yes"; then
AC_MSG_ERROR([Surjection proof module is experimental. Use --enable-experimental to allow.])
fi
fi

AC_CONFIG_HEADERS([src/libsecp256k1-config.h])
Expand All @@ -481,10 +593,16 @@ AM_CONDITIONAL([USE_EXHAUSTIVE_TESTS], [test x"$use_exhaustive_tests" != x"no"])
AM_CONDITIONAL([USE_BENCHMARK], [test x"$use_benchmark" = x"yes"])
AM_CONDITIONAL([USE_ECMULT_STATIC_PRECOMPUTATION], [test x"$set_precomp" = x"yes"])
AM_CONDITIONAL([ENABLE_MODULE_ECDH], [test x"$enable_module_ecdh" = x"yes"])
AM_CONDITIONAL([ENABLE_MODULE_SCHNORRSIG], [test x"$enable_module_schnorrsig" = x"yes"])
AM_CONDITIONAL([ENABLE_MODULE_MUSIG], [test x"$enable_module_musig" = x"yes"])
AM_CONDITIONAL([ENABLE_MODULE_RECOVERY], [test x"$enable_module_recovery" = x"yes"])
AM_CONDITIONAL([ENABLE_MODULE_GENERATOR], [test x"$enable_module_generator" = x"yes"])
AM_CONDITIONAL([ENABLE_MODULE_RANGEPROOF], [test x"$enable_module_rangeproof" = x"yes"])
AM_CONDITIONAL([ENABLE_MODULE_WHITELIST], [test x"$enable_module_whitelist" = x"yes"])
AM_CONDITIONAL([USE_JNI], [test x"$use_jni" == x"yes"])
AM_CONDITIONAL([USE_EXTERNAL_ASM], [test x"$use_external_asm" = x"yes"])
AM_CONDITIONAL([USE_ASM_ARM], [test x"$set_asm" = x"arm"])
AM_CONDITIONAL([ENABLE_MODULE_SURJECTIONPROOF], [test x"$enable_module_surjectionproof" = x"yes"])

dnl make sure nothing new is exported so that we don't break the cache
PKGCONFIG_PATH_TEMP="$PKG_CONFIG_PATH"
Expand Down
93 changes: 93 additions & 0 deletions include/secp256k1_generator.h
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
#ifndef _SECP256K1_GENERATOR_
# define _SECP256K1_GENERATOR_

# include "secp256k1.h"

# ifdef __cplusplus
extern "C" {
# endif

#include <stdint.h>

/** Opaque data structure that stores a base point
*
* The exact representation of data inside is implementation defined and not
* guaranteed to be portable between different platforms or versions. It is
* however guaranteed to be 64 bytes in size, and can be safely copied/moved.
* If you need to convert to a format suitable for storage, transmission, or
* comparison, use secp256k1_generator_serialize and secp256k1_generator_parse.
*/
typedef struct {
unsigned char data[64];
} secp256k1_generator;

/** Parse a 33-byte generator byte sequence into a generator object.
*
* Returns: 1 if input contains a valid generator.
* Args: ctx: a secp256k1 context object.
* Out: commit: pointer to the output generator object
* In: input: pointer to a 33-byte serialized generator
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_generator_parse(
const secp256k1_context* ctx,
secp256k1_generator* commit,
const unsigned char *input
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);

/** Serialize a 33-byte generator into a serialized byte sequence.
*
* Returns: 1 always.
* Args: ctx: a secp256k1 context object.
* Out: output: a pointer to a 33-byte byte array
* In: commit: a pointer to a generator
*/
SECP256K1_API int secp256k1_generator_serialize(
const secp256k1_context* ctx,
unsigned char *output,
const secp256k1_generator* commit
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);

/** Generate a generator for the curve.
*
* Returns: 0 in the highly unlikely case the seed is not acceptable,
* 1 otherwise.
* Args: ctx: a secp256k1 context object
* Out: gen: a generator object
* In: seed32: a 32-byte seed
*
* If successful a valid generator will be placed in gen. The produced
* generators are distributed uniformly over the curve, and will not have a
* known discrete logarithm with respect to any other generator produced,
* or to the base generator G.
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_generator_generate(
const secp256k1_context* ctx,
secp256k1_generator* gen,
const unsigned char *seed32
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);

/** Generate a blinded generator for the curve.
*
* Returns: 0 in the highly unlikely case the seed is not acceptable or when
* blind is out of range. 1 otherwise.
* Args: ctx: a secp256k1 context object, initialized for signing
* Out: gen: a generator object
* In: seed32: a 32-byte seed
* blind32: a 32-byte secret value to blind the generator with.
*
* The result is equivalent to first calling secp256k1_generator_generate,
* converting the result to a public key, calling secp256k1_ec_pubkey_tweak_add,
* and then converting back to generator form.
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_generator_generate_blinded(
const secp256k1_context* ctx,
secp256k1_generator* gen,
const unsigned char *key32,
const unsigned char *blind32
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);

# ifdef __cplusplus
}
# endif

#endif
Loading