Rebase on upstream e541a90e#66
Closed
apoelstra wants to merge 157 commits intoBlockstreamResearch:secp256k1-zkpfrom
Closed
Rebase on upstream e541a90e#66apoelstra wants to merge 157 commits intoBlockstreamResearch:secp256k1-zkpfrom
e541a90e#66apoelstra wants to merge 157 commits intoBlockstreamResearch:secp256k1-zkpfrom
Conversation
Found thanks to the developer checks from the pkgsrc software distribution (for NetBSD, SmartOS, Minix, MacOS X, Linux, and more).
in case this code should ever be used as an example, a warning is a nice way of helping ensure insecure keys are not generated
the two middle arguments to fread() are easily confused, and cause the checking of return value to fail incorrectly (and possibly succeed incorrectly.)
Move secp256k1_fe_normalize_weak calls out of ECMULT_TABLE_GET_GE and ECMULT_TABLE_GET_GE_STORAGE and into secp256k1_ge_globalz_set_table_gej instead.
static const secp256k1_ge secp256k1_ge_const_g; static const int CURVE_B;
This results in more self-documenting code.
If we’re in the last loop iteration, then `lenleft == 1` and it could be the case that `ret == MAX_SIZE`, and so `ret + lenleft` will overflow to 0 and the sanity check will not catch it. Then we will return `(int) MAX_SIZE`, which should be avoided because this value is implementation-defined. (However, this is harmless because `(int) MAX_SIZE == -1` on all supported platforms.)
Before this commit secp256k1_context_randomize called illegal_callback when called on a context not initialized for signing. This is not documented. Moreover, it is not desirable because non-signing contexts may use randomization in the future. This commit makes secp256k1_context_randomize a noop in this case. This is safe because the context cannot be used for signing anyway. This fixes #573 and it fixes rust-bitcoin/rust-secp256k1#82.
c663397 Use __GNUC_PREREQ for detecting __builtin_expect (Tim Ruffing) Pull request description: Tree-SHA512: 659a721da835eb15966a2a5386d6ae4c3defbb6ad473905f14161a3cf36d1556d44d887602019c89ebeffdfd82ed469ff27914dc2aaee6648d1e0c8a22151c27
This fixes a bug where configure would fail or disable static ecmult tables because it wrongly checks the native compiler using the target CFLAGS (instead of the native CFLAGS_FOR_BUILD), and similar for CPPFLAGS and LDFLAGS. Moreover, this commit adds tests to figure out whether the native compiler supports the warning flags passed during the build, and it contains a few minor improvements to the code that checks the native compiler.
9bd89c8 Optimize secp256k1_fe_normalize_weak calls. Move secp256k1_fe_normalize_weak calls out of ECMULT_TABLE_GET_GE and ECMULT_TABLE_GET_GE_STORAGE and into secp256k1_ge_globalz_set_table_gej instead. (Russell O'Connor) Pull request description: Move secp256k1_fe_normalize_weak calls out of ECMULT_TABLE_GET_GE and ECMULT_TABLE_GET_GE_STORAGE and into secp256k1_ge_globalz_set_table_gej instead. Tree-SHA512: 7bbb1aca8e37a268a26d7061bd1f390db129e697792f1d5ddd10ea34927616edc26ef118b500c3e5e14d1d463196033ef64e4d34b765380325c24835458b7a9b
52ab96f clean dependendies in field_*_impl.h (Russell O'Connor) deff5ed Correct math typos in field_*.h (Russell O'Connor) 4efb3f8 Add check that restrict pointers don't alias with all parameters. (Russell O'Connor) Pull request description: * add more checks for restrict pointers. * correct math typos. * refine dependencies on "num.h" Tree-SHA512: c368f577927db2ace3e7f46850cb2fdf9d7d169b698a9697767e1f82e9e7091f2b2fea0f7cf173048eb4c1bb56824c884fa849c04c595ee97766c01f346a54ec
bf8b86c secp256k1_fe_sqrt: Verify that the arguments don't alias. (Russell O'Connor) Pull request description: Tree-SHA512: 4e9128625817be83a1259e7dbdb82c4be8ee0174af7d5e76eeac3245d23d6bf01378d9697dcb870eb61577afd7c0556cb3c6633e3b27504add14c10b18f7c607
496c5b4 Make constants static: static const secp256k1_ge secp256k1_ge_const_g; static const int CURVE_B; (Russell O'Connor) Pull request description: static const secp256k1_ge secp256k1_ge_const_g; static const int CURVE_B; Tree-SHA512: df8d34777d3b1b90eef875d50c2870e2480f08685b399a22eaf584ce294766e0de3a41523757a23e311e633886c89400313421282beca791326a06695f348940
270f6c8 Portability fix for the configure scripts generated (Pierre Pronchery) Pull request description: Found thanks to the developer checks from the pkgsrc software distribution (for NetBSD, SmartOS, Minix, MacOS X, Linux, and more). Tree-SHA512: 2589545aa4d0620db66e79df1dc148a487384b5169ba7323937490d802973388859d30d45b35ee3e614be6d49cb694f37f585a16caa87ad1e500a0b7368dcc0a
6198375 Make randomization of a non-signing context a noop (Tim Ruffing) Pull request description: Before this commit secp256k1_context_randomize called illegal_callback when called on a context not initialized for signing. This is not documented. Moreover, it is not desirable because non-signing contexts may use randomization in the future. This commit makes secp256k1_context_randomize a noop in this case. This is safe because the context cannot be used for signing anyway. This fixes #573 and it fixes rust-bitcoin/rust-secp256k1#82. Tree-SHA512: 34ddfeb004d9da8f4a77c739fa2110544c28939378e779226da52f410a0e36b3aacb3ebd2e3f3918832a9027684c161789cfdc27a133f2f0e0f1c47e8363029c
…tic libsecp2… 89a20a8 Correct order of libs returned on pkg-config --libs --static libsecp256k1 call. (Phillip Mienk) Pull request description: …56k1 call. Tree-SHA512: 095f5e71837e63a2bb6e9cf04cabe7f1ec55cf0fc32b44c80a89c232efb7d74bf0f148a8cd29f9fa2999f02bbc638d9a086ffd50888aab6f9fd5db74e37ae4d4
3965027 Summarize build options in configure script (Evan Klitzke) Pull request description: This is a trivial build system change to summarize the build options after running configure. Example output: ``` $ ./configure .... <many lines omitted> ... config.status: src/libsecp256k1-config.h is unchanged config.status: executing depfiles commands config.status: executing libtool commands Build Options: with endomorphism = no with ecmult precomp = yes with jni = no module ecdh = no module recovery = no asm = x86_64 bignum = gmp field = 64bit scalar = 64bit CC = gcc CFLAGS = -g -O2 -W -std=c89 -pedantic -Wall -Wextra -Wcast-align -Wnested-externs -Wshadow -Wstrict-prototypes -Wno-unused-function -Wno-long-long -Wno-overlength-strings -fvisibility=hidden -O3 CPPFLAGS = LDFLAGS = ``` I tried to just include the configure options that looked interesting; let me know if there are any I didn't include that I should have. Tree-SHA512: 428381654d772f76bc81210d39ba5c3f07a94dc6a6378a02ccc6f23ebce7f501896268bcd2e94e2b0d8aea54c9c70c44a9238a0f0960600f463b1e2847c7ed1f
0f05173 Fix algorithm selection in bench_ecmult (Jonas Nick) Pull request description: Without this commit using an unknown argument results in a segmentation fault. Tree-SHA512: 85b8f977e62fa360ff6dc923bd86f08725c30e178d58f43d33cbd8eb69e54fa4ec76e4407624611a80554cf9961689bce6b216da735ac95b256d0d2f60fe3328
Reported-by: Jonas Nick <jonasd.nick@gmail.com>
…y_parse d3cb1f9 Make use of TAG_PUBKEY constants in secp256k1_eckey_pubkey_parse (Ben Woosley) Pull request description: This results in more self-documenting code. Constants defined here: https://github.com/bitcoin-core/secp256k1/blob/1e6f1f5ad5e7f1e3ef79313ec02023902bf8175c/include/secp256k1.h#L175-L180 Tree-SHA512: 2026103c487a5ebdea9a2f5ec2be96d74e38d5b2269b4df11e354bb54aba2925b47c3185f530205019840b00fc3501121acfa5234faf1d095d71777826414f69
Was failing linking to `*.so` library
…simplify whitelisting
…ning, verification and batch verification. [0] https://github.com/sipa/bips/blob/bip-schnorr/bip-schnorr.mediawiki
The comments with 'XXX' was intended to indicate that the listed concerns was subject to review and change, but the code with these comments was merged straight away. This commit replaces comments with more complete text describing the issues. This also signifies that the commit that this code was introduced in is not anymore 'work in progress'.
Contributor
Author
|
Closing in favor of #67 |
tomtau
pushed a commit
to crypto-com/secp256k1-zkp
that referenced
this pull request
Jul 9, 2020
…ocs-fix attempt to fix docs.rs docs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
PR'ing to run CI and to get an ack from @real-or-random who did this rebase in parallel (in about ten stages), confirming at each stage that our diffs were identical.