milksad
/
rust-secp256k1-unsafe-fast
14
0
Fork 0
Code Issues Pull Requests Activity
rust-secp256k1-unsafe-fast/src/key.rs

589 lines
21 KiB
Rust
Raw Normal View History

Add CC0 license and header to all files
2014-08-12 02:26:14 +00:00
// Bitcoin secp256k1 bindings
// Written in 2014 by
// Dawid Ciężarkiewicz
// Andrew Poelstra
//
// To the extent possible under law, the author(s) have dedicated all
// copyright and related and neighboring rights to this software to
// the public domain worldwide. This software is distributed without
// any warranty.
//
// You should have received a copy of the CC0 Public Domain Dedication
// along with this software.
// If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
//
Minor documentation fixes
2015-10-09 16:39:42 +00:00
//! # Public and secret keys
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
make `rand` crate optional
2017-12-19 20:49:01 +00:00
#[cfg(any(test, feature = "rand"))] use rand::Rng;
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
expose 2-key version of PublicKey::combine
2017-12-21 00:59:22 +00:00
use std::mem;
[BREAKING CHANGE] Make PK::from_secret_key() return a Result; change from_ffi functions to From impls If you try to call PublicKey::from_secret() key with an incapable context it will now return an error. Before it would pass through to the underlying library which would terminate the process, something we strive to never expose. Also change the from_ffi functions on various types to impl's of From to be more Rustic. We cannot change the from_slice functions because they have error returns. Also add a Secp256k1::without_caps() function which creates a capability-less context. I find myself using this in so many places downstream that it seems appropriate.
2015-10-14 14:35:02 +00:00
use super::{Secp256k1, ContextFlag};
impl Error for error type; remove `Unknown` error variant
2015-10-17 14:49:19 +00:00
use super::Error::{self, IncapableContext, InvalidPublicKey, InvalidSecretKey};
Also make PublicKey encodable
2014-09-05 01:21:09 +00:00
use constants;
use ffi;
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
/// Secret 256-bit key used as `x` in an ECDSA signature
Update for rustc changes We can compile now, but not link -- there have been too many changes in libsecp256k1 behind the scenes. Next commit :)
2015-01-17 16:13:45 +00:00
pub struct SecretKey([u8; constants::SECRET_KEY_SIZE]);
impl_array_newtype!(SecretKey, u8, constants::SECRET_KEY_SIZE);
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
impl_pretty_debug!(SecretKey);
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
Revert "Overhaul interface to use zero-on-free SecretKeys" This reverts commit 98890907849326a0e265d0ee12d3caa232b19602. This is not ready for primetime -- the move prevention also prevents reborrowing, which makes secret keys nearly unusable.
2014-09-12 13:28:35 +00:00
/// The number 1 encoded as a secret key
Add ZERO_KEY and ONE_KEY constants Turns out you cannot initialize constant SecretKeys in any way; these two constants should cover most sane use cases (other good choices are the SECG generator and the Alpha CT generator, but these will wait for a major CT-supporting upgrade, unless demand for them appears.)
2016-08-07 21:33:38 +00:00
/// Deprecated; `static` is not what I want; use `ONE_KEY` instead
Revert "Overhaul interface to use zero-on-free SecretKeys" This reverts commit 98890907849326a0e265d0ee12d3caa232b19602. This is not ready for primetime -- the move prevention also prevents reborrowing, which makes secret keys nearly unusable.
2014-09-12 13:28:35 +00:00
pub static ONE: SecretKey = SecretKey([0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 1]);
Add a `Sequence` iterator for generating sequential keypairs; fix tests
2014-09-01 16:13:31 +00:00
Add ZERO_KEY and ONE_KEY constants Turns out you cannot initialize constant SecretKeys in any way; these two constants should cover most sane use cases (other good choices are the SECG generator and the Alpha CT generator, but these will wait for a major CT-supporting upgrade, unless demand for them appears.)
2016-08-07 21:33:38 +00:00
/// The number 0 encoded as a secret key
pub const ZERO_KEY: SecretKey = SecretKey([0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0]);
/// The number 1 encoded as a secret key
pub const ONE_KEY: SecretKey = SecretKey([0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 1]);
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
/// A Secp256k1 public key, used for verification of signatures
Implement Ord for arrays
2018-05-22 09:33:11 +00:00
#[derive(Copy, Clone, PartialEq, Eq, Debug, PartialOrd, Ord, Hash)]
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
pub struct PublicKey(ffi::PublicKey);
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
make `rand` crate optional
2017-12-19 20:49:01 +00:00
#[cfg(any(test, feature = "rand"))]
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
fn random_32_bytes<R: Rng>(rng: &mut R) -> [u8; 32] {
Update for rustc changes We can compile now, but not link -- there have been too many changes in libsecp256k1 behind the scenes. Next commit :)
2015-01-17 16:13:45 +00:00
let mut ret = [0u8; 32];
rng.fill_bytes(&mut ret);
Simpler `random_32_bytes`.
2014-08-16 09:21:35 +00:00
ret
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
}
Revert "Overhaul interface to use zero-on-free SecretKeys" This reverts commit 98890907849326a0e265d0ee12d3caa232b19602. This is not ready for primetime -- the move prevention also prevents reborrowing, which makes secret keys nearly unusable.
2014-09-12 13:28:35 +00:00
impl SecretKey {
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
/// Creates a new random secret key
#[inline]
make `rand` crate optional
2017-12-19 20:49:01 +00:00
#[cfg(any(test, feature = "rand"))]
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
pub fn new<R: Rng>(secp: &Secp256k1, rng: &mut R) -> SecretKey {
let mut data = random_32_bytes(rng);
Remove error return from `PublicKey::from_secret_key()` Make sure that you cannot create an invalid `SecretKey` in the first place. Unbreaks the API. [unbreaking-change]
2014-08-28 18:11:25 +00:00
unsafe {
[API BREAK] update for libsecp256k1 "explicit context" API break Rather than have global initialization functions, which required expensive synchronization on the part of the Rust library, libsecp256k1 now carries its context in thread-local data which must be passed to every function. What this means for the rust-secp256k1 API is: - Most functions on `PublicKey` and `SecretKey` now require a `Secp256k1` to be given to them. - `Secp256k1::verify` and `::verify_raw` now take a `&self` - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a future commit will allow specifying the Rng in the `Secp256k1` so that functionality is not lost. - The FFI functions have all changed to take a context argument - `secp256k1::init()` is gone, as is the dependency on std::sync - There is a `ffi::Context` type which must be handled carefully by anyone using it directly (hopefully nobody :))
2015-04-11 17:00:20 +00:00
while ffi::secp256k1_ec_seckey_verify(secp.ctx, data.as_ptr()) == 0 {
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
data = random_32_bytes(rng);
Remove error return from `PublicKey::from_secret_key()` Make sure that you cannot create an invalid `SecretKey` in the first place. Unbreaks the API. [unbreaking-change]
2014-08-28 18:11:25 +00:00
}
}
Revert "Overhaul interface to use zero-on-free SecretKeys" This reverts commit 98890907849326a0e265d0ee12d3caa232b19602. This is not ready for primetime -- the move prevention also prevents reborrowing, which makes secret keys nearly unusable.
2014-09-12 13:28:35 +00:00
SecretKey(data)
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
}
Revert "Overhaul interface to use zero-on-free SecretKeys" This reverts commit 98890907849326a0e265d0ee12d3caa232b19602. This is not ready for primetime -- the move prevention also prevents reborrowing, which makes secret keys nearly unusable.
2014-09-12 13:28:35 +00:00
/// Converts a `SECRET_KEY_SIZE`-byte slice to a secret key
Add keypair slice methods and unit tests
2014-08-10 01:46:38 +00:00
#[inline]
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
pub fn from_slice(secp: &Secp256k1, data: &[u8])
Add `Secp256k1::new_deterministic` constructor for applications which don't need randomness
2015-04-11 18:21:58 +00:00
-> Result<SecretKey, Error> {
Add keypair slice methods and unit tests
2014-08-10 01:46:38 +00:00
match data.len() {
constants::SECRET_KEY_SIZE => {
Update for rustc changes We can compile now, but not link -- there have been too many changes in libsecp256k1 behind the scenes. Next commit :)
2015-01-17 16:13:45 +00:00
let mut ret = [0; constants::SECRET_KEY_SIZE];
Add keypair slice methods and unit tests
2014-08-10 01:46:38 +00:00
unsafe {
[API BREAK] update for libsecp256k1 "explicit context" API break Rather than have global initialization functions, which required expensive synchronization on the part of the Rust library, libsecp256k1 now carries its context in thread-local data which must be passed to every function. What this means for the rust-secp256k1 API is: - Most functions on `PublicKey` and `SecretKey` now require a `Secp256k1` to be given to them. - `Secp256k1::verify` and `::verify_raw` now take a `&self` - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a future commit will allow specifying the Rng in the `Secp256k1` so that functionality is not lost. - The FFI functions have all changed to take a context argument - `secp256k1::init()` is gone, as is the dependency on std::sync - There is a `ffi::Context` type which must be handled carefully by anyone using it directly (hopefully nobody :))
2015-04-11 17:00:20 +00:00
if ffi::secp256k1_ec_seckey_verify(secp.ctx, data.as_ptr()) == 0 {
Add verification to SecretKey::from_slice()
2014-08-24 23:13:08 +00:00
return Err(InvalidSecretKey);
}
Add keypair slice methods and unit tests
2014-08-10 01:46:38 +00:00
}
Replace unsafe copy_nonoverlapping() with safe copy_from_slice()
2017-05-08 11:18:35 +00:00
ret[..].copy_from_slice(data);
Revert "Overhaul interface to use zero-on-free SecretKeys" This reverts commit 98890907849326a0e265d0ee12d3caa232b19602. This is not ready for primetime -- the move prevention also prevents reborrowing, which makes secret keys nearly unusable.
2014-09-12 13:28:35 +00:00
Ok(SecretKey(ret))
Add keypair slice methods and unit tests
2014-08-10 01:46:38 +00:00
}
_ => Err(InvalidSecretKey)
}
}
Expose tweak functions in FFI, wrap a couple
2014-08-28 16:16:53 +00:00
#[inline]
/// Adds one secret key to another, modulo the curve order
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
pub fn add_assign(&mut self, secp: &Secp256k1, other: &SecretKey)
-> Result<(), Error> {
Expose tweak functions in FFI, wrap a couple
2014-08-28 16:16:53 +00:00
unsafe {
[API BREAK] update for libsecp256k1 "explicit context" API break Rather than have global initialization functions, which required expensive synchronization on the part of the Rust library, libsecp256k1 now carries its context in thread-local data which must be passed to every function. What this means for the rust-secp256k1 API is: - Most functions on `PublicKey` and `SecretKey` now require a `Secp256k1` to be given to them. - `Secp256k1::verify` and `::verify_raw` now take a `&self` - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a future commit will allow specifying the Rng in the `Secp256k1` so that functionality is not lost. - The FFI functions have all changed to take a context argument - `secp256k1::init()` is gone, as is the dependency on std::sync - There is a `ffi::Context` type which must be handled carefully by anyone using it directly (hopefully nobody :))
2015-04-11 17:00:20 +00:00
if ffi::secp256k1_ec_privkey_tweak_add(secp.ctx, self.as_mut_ptr(), other.as_ptr()) != 1 {
impl Error for error type; remove `Unknown` error variant
2015-10-17 14:49:19 +00:00
Err(InvalidSecretKey)
Expose tweak functions in FFI, wrap a couple
2014-08-28 16:16:53 +00:00
} else {
Ok(())
}
}
}
expose *_tweak_mul functions
2016-08-20 17:00:39 +00:00
#[inline]
/// Multiplies one secret key by another, modulo the curve order
pub fn mul_assign(&mut self, secp: &Secp256k1, other: &SecretKey)
-> Result<(), Error> {
unsafe {
if ffi::secp256k1_ec_privkey_tweak_mul(secp.ctx, self.as_mut_ptr(), other.as_ptr()) != 1 {
Err(InvalidSecretKey)
} else {
Ok(())
}
}
}
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
}
impl PublicKey {
/// Creates a new zeroed out public key
#[inline]
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
pub fn new() -> PublicKey {
PublicKey(ffi::PublicKey::new())
}
/// Determines whether a pubkey is valid
#[inline]
pub fn is_valid(&self) -> bool {
// The only invalid pubkey the API should be able to create is
// the zero one.
self.0[..].iter().any(|&x| x != 0)
}
/// Obtains a raw pointer suitable for use with FFI functions
#[inline]
pub fn as_ptr(&self) -> *const ffi::PublicKey {
&self.0 as *const _
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
}
Remove unsafe markers and just call `init` everywhere It turns out I need to run `init` before pretty-much every FFI function, which means that most everything would have to be marked unsafe if I'm expecting the Rust user to do this. This is unacceptable -- users who need to sacrifice safety for speed can just use the `ffi::` functions instead. Also, I noticed that I was locking up in `PublicKey::from_secret_key`. Fix to return an error value -- unfortunately a breaking change since it changes the function signature. [breaking-change]
2014-08-28 17:59:44 +00:00
/// Creates a new public key from a secret key.
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
#[inline]
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
pub fn from_secret_key(secp: &Secp256k1,
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
sk: &SecretKey)
[BREAKING CHANGE] Make PK::from_secret_key() return a Result; change from_ffi functions to From impls If you try to call PublicKey::from_secret() key with an incapable context it will now return an error. Before it would pass through to the underlying library which would terminate the process, something we strive to never expose. Also change the from_ffi functions on various types to impl's of From to be more Rustic. We cannot change the from_slice functions because they have error returns. Also add a Secp256k1::without_caps() function which creates a capability-less context. I find myself using this in so many places downstream that it seems appropriate.
2015-10-14 14:35:02 +00:00
-> Result<PublicKey, Error> {
if secp.caps == ContextFlag::VerifyOnly || secp.caps == ContextFlag::None {
return Err(IncapableContext);
}
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
let mut pk = unsafe { ffi::PublicKey::blank() };
Remove unsafe markers and just call `init` everywhere It turns out I need to run `init` before pretty-much every FFI function, which means that most everything would have to be marked unsafe if I'm expecting the Rust user to do this. This is unacceptable -- users who need to sacrifice safety for speed can just use the `ffi::` functions instead. Also, I noticed that I was locking up in `PublicKey::from_secret_key`. Fix to return an error value -- unfortunately a breaking change since it changes the function signature. [breaking-change]
2014-08-28 17:59:44 +00:00
unsafe {
Remove error return from `PublicKey::from_secret_key()` Make sure that you cannot create an invalid `SecretKey` in the first place. Unbreaks the API. [unbreaking-change]
2014-08-28 18:11:25 +00:00
// We can assume the return value because it's not possible to construct
// an invalid `SecretKey` without transmute trickery or something
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
let res = ffi::secp256k1_ec_pubkey_create(secp.ctx, &mut pk, sk.as_ptr());
Change inline assertions to debug_asserts All of these were things that are (should be) guaranteed true no matter what input is given to the API, barring unsafe operations on the data.
2015-04-11 18:07:43 +00:00
debug_assert_eq!(res, 1);
Pull out initialization code so that `PublicKey::from_secret_key` can be used safely
2014-08-10 03:34:16 +00:00
}
[BREAKING CHANGE] Make PK::from_secret_key() return a Result; change from_ffi functions to From impls If you try to call PublicKey::from_secret() key with an incapable context it will now return an error. Before it would pass through to the underlying library which would terminate the process, something we strive to never expose. Also change the from_ffi functions on various types to impl's of From to be more Rustic. We cannot change the from_slice functions because they have error returns. Also add a Secp256k1::without_caps() function which creates a capability-less context. I find myself using this in so many places downstream that it seems appropriate.
2015-10-14 14:35:02 +00:00
Ok(PublicKey(pk))
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
}
Add keypair slice methods and unit tests
2014-08-10 01:46:38 +00:00
/// Creates a public key directly from a slice
#[inline]
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
pub fn from_slice(secp: &Secp256k1, data: &[u8])
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
-> Result<PublicKey, Error> {
Add keypair slice methods and unit tests
2014-08-10 01:46:38 +00:00
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
let mut pk = unsafe { ffi::PublicKey::blank() };
unsafe {
if ffi::secp256k1_ec_pubkey_parse(secp.ctx, &mut pk, data.as_ptr(),
Fix for upstream API changes
2015-09-20 19:52:29 +00:00
data.len() as ::libc::size_t) == 1 {
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
Ok(PublicKey(pk))
} else {
Err(InvalidPublicKey)
}
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
}
}
#[inline]
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
/// Serialize the key as a byte-encoded pair of values. In compressed form
/// the y-coordinate is represented by only a single bit, as x determines
/// it up to one bit.
remove arrayvec dependency; rename PublicKey::serialize_vec
2017-12-19 20:36:46 +00:00
pub fn serialize(&self) -> [u8; constants::PUBLIC_KEY_SIZE] {
let secp = Secp256k1::with_caps(ContextFlag::None);
let mut ret = [0; constants::PUBLIC_KEY_SIZE];
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
unsafe {
Update libsecp to latest master, c18b869e58aa4d3bff6958f370f6b643d1223c44
2016-01-14 18:35:54 +00:00
let mut ret_len = constants::PUBLIC_KEY_SIZE as ::libc::size_t;
remove arrayvec dependency; rename PublicKey::serialize_vec
2017-12-19 20:36:46 +00:00
let err = ffi::secp256k1_ec_pubkey_serialize(
secp.ctx,
ret.as_mut_ptr(),
&mut ret_len,
self.as_ptr(),
ffi::SECP256K1_SER_COMPRESSED,
);
Remove side-effect from assertion; add release build to travis
2015-11-19 00:22:16 +00:00
debug_assert_eq!(err, 1);
remove arrayvec dependency; rename PublicKey::serialize_vec
2017-12-19 20:36:46 +00:00
debug_assert_eq!(ret_len, ret.len());
}
ret
}
/// Serialize the key as a byte-encoded pair of values, in uncompressed form
pub fn serialize_uncompressed(&self) -> [u8; constants::UNCOMPRESSED_PUBLIC_KEY_SIZE] {
let secp = Secp256k1::with_caps(ContextFlag::None);
let mut ret = [0; constants::UNCOMPRESSED_PUBLIC_KEY_SIZE];
unsafe {
let mut ret_len = constants::UNCOMPRESSED_PUBLIC_KEY_SIZE as ::libc::size_t;
let err = ffi::secp256k1_ec_pubkey_serialize(
secp.ctx,
ret.as_mut_ptr(),
&mut ret_len,
self.as_ptr(),
ffi::SECP256K1_SER_UNCOMPRESSED,
);
debug_assert_eq!(err, 1);
debug_assert_eq!(ret_len, ret.len());
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
}
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
ret
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
}
Expose tweak functions in FFI, wrap a couple
2014-08-28 16:16:53 +00:00
#[inline]
/// Adds the pk corresponding to `other` to the pk `self` in place
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
pub fn add_exp_assign(&mut self, secp: &Secp256k1, other: &SecretKey)
-> Result<(), Error> {
Improve unit tests for bad secp context
2015-10-14 17:21:15 +00:00
if secp.caps == ContextFlag::SignOnly || secp.caps == ContextFlag::None {
return Err(IncapableContext);
}
Expose tweak functions in FFI, wrap a couple
2014-08-28 16:16:53 +00:00
unsafe {
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
if ffi::secp256k1_ec_pubkey_tweak_add(secp.ctx, &mut self.0 as *mut _,
other.as_ptr()) == 1 {
Expose tweak functions in FFI, wrap a couple
2014-08-28 16:16:53 +00:00
Ok(())
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
} else {
impl Error for error type; remove `Unknown` error variant
2015-10-17 14:49:19 +00:00
Err(InvalidSecretKey)
Expose tweak functions in FFI, wrap a couple
2014-08-28 16:16:53 +00:00
}
}
}
expose *_tweak_mul functions
2016-08-20 17:00:39 +00:00
#[inline]
/// Muliplies the pk `self` in place by the scalar `other`
pub fn mul_assign(&mut self, secp: &Secp256k1, other: &SecretKey)
-> Result<(), Error> {
if secp.caps == ContextFlag::SignOnly || secp.caps == ContextFlag::None {
return Err(IncapableContext);
}
unsafe {
if ffi::secp256k1_ec_pubkey_tweak_mul(secp.ctx, &mut self.0 as *mut _,
other.as_ptr()) == 1 {
Ok(())
} else {
Err(InvalidSecretKey)
}
}
}
expose 2-key version of PublicKey::combine
2017-12-21 00:59:22 +00:00
/// Adds a second key to this one, returning the sum. Returns an error if
/// the result would be the point at infinity, i.e. we are adding this point
/// to its own negation
pub fn combine(&self, secp: &Secp256k1, other: &PublicKey) -> Result<PublicKey, Error> {
unsafe {
let mut ret = mem::uninitialized();
let ptrs = [self.as_ptr(), other.as_ptr()];
if ffi::secp256k1_ec_pubkey_combine(secp.ctx, &mut ret, ptrs.as_ptr(), 2) == 1 {
Ok(PublicKey(ret))
} else {
Err(InvalidPublicKey)
}
}
}
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00
}
[BREAKING CHANGE] Make PK::from_secret_key() return a Result; change from_ffi functions to From impls If you try to call PublicKey::from_secret() key with an incapable context it will now return an error. Before it would pass through to the underlying library which would terminate the process, something we strive to never expose. Also change the from_ffi functions on various types to impl's of From to be more Rustic. We cannot change the from_slice functions because they have error returns. Also add a Secp256k1::without_caps() function which creates a capability-less context. I find myself using this in so many places downstream that it seems appropriate.
2015-10-14 14:35:02 +00:00
/// Creates a new public key from a FFI public key
impl From<ffi::PublicKey> for PublicKey {
#[inline]
fn from(pk: ffi::PublicKey) -> PublicKey {
PublicKey(pk)
}
}
Add keypair slice methods and unit tests
2014-08-10 01:46:38 +00:00
#[cfg(test)]
mod test {
Improve unit tests for bad secp context
2015-10-14 17:21:15 +00:00
use super::super::{Secp256k1, ContextFlag};
[BREAKING CHANGE] Make PK::from_secret_key() return a Result; change from_ffi functions to From impls If you try to call PublicKey::from_secret() key with an incapable context it will now return an error. Before it would pass through to the underlying library which would terminate the process, something we strive to never expose. Also change the from_ffi functions on various types to impl's of From to be more Rustic. We cannot change the from_slice functions because they have error returns. Also add a Secp256k1::without_caps() function which creates a capability-less context. I find myself using this in so many places downstream that it seems appropriate.
2015-10-14 14:35:02 +00:00
use super::super::Error::{InvalidPublicKey, InvalidSecretKey, IncapableContext};
Update bindings to current secp256k1 library rust-secp256k1 was based off of https://github.com/sipa/secp256k1, which has been inactive nearly as long as this repository (prior to a couple days ago anyway). The correct repository is https://github.com/bitcoin/secp256k1 This is a major breaking change to the library for one reason: there are no longer any Nonce types in the safe interface. The signing functions do not take a nonce; this is generated internally. This also means that I was able to drop all my RFC6979 code, since libsecp256k1 has its own implementation. If you need to generate your own nonces, you need to create an unsafe function of type `ffi::NonceFn`, then pass it to the appropriate functions in the `ffi` module. There is no safe interface for doing this, deliberately: there is basically no need to directly fiddle with nonces ever.
2015-04-06 05:13:38 +00:00
use super::{PublicKey, SecretKey};
[minor API BREAK] Add unit tests to cover all error cases This comes with a couple bugfixes and the following API changes: - Secp256k1::sign and ::sign_compact no longer return Result; it is impossible to trigger their failure modes with safe code since the `Message` and `SecretKey` types validate when they are created. - constants::MAX_COMPACT_SIGNATURE_SIZE loses the MAX_; signatures are always constant size - the Debug output for everything is now hex-encoded rather than being a list of base-10 ints. It's just easier to read this way. kcov v26 now reports 100% test coverage; however, this does not guarantee that test coverage is actually complete. Patches are always welcome for improved unit tests.
2015-04-12 15:51:15 +00:00
use super::super::constants;
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
use rand::{Rng, thread_rng};
Add slice methods to `Nonce`
2014-08-10 02:02:09 +00:00
Remove all serde/rustc-serialize stuff
2018-03-21 22:01:08 +00:00
macro_rules! hex {
($hex:expr) => {
{
let mut vec = Vec::new();
let mut b = 0;
for (idx, c) in $hex.as_bytes().iter().enumerate() {
b <<= 4;
match *c {
b'A'...b'F' => b |= c - b'A' + 10,
b'a'...b'f' => b |= c - b'a' + 10,
b'0'...b'9' => b |= c - b'0',
_ => panic!("Bad hex"),
}
if (idx & 1) == 1 {
vec.push(b);
b = 0;
}
}
vec
}
}
}
expose 2-key version of PublicKey::combine
2017-12-21 00:59:22 +00:00
Add slice methods to `Nonce`
2014-08-10 02:02:09 +00:00
#[test]
fn skey_from_slice() {
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
let s = Secp256k1::new();
[API BREAK] update for libsecp256k1 "explicit context" API break Rather than have global initialization functions, which required expensive synchronization on the part of the Rust library, libsecp256k1 now carries its context in thread-local data which must be passed to every function. What this means for the rust-secp256k1 API is: - Most functions on `PublicKey` and `SecretKey` now require a `Secp256k1` to be given to them. - `Secp256k1::verify` and `::verify_raw` now take a `&self` - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a future commit will allow specifying the Rng in the `Secp256k1` so that functionality is not lost. - The FFI functions have all changed to take a context argument - `secp256k1::init()` is gone, as is the dependency on std::sync - There is a `ffi::Context` type which must be handled carefully by anyone using it directly (hopefully nobody :))
2015-04-11 17:00:20 +00:00
let sk = SecretKey::from_slice(&s, &[1; 31]);
Revert "Overhaul interface to use zero-on-free SecretKeys" This reverts commit 98890907849326a0e265d0ee12d3caa232b19602. This is not ready for primetime -- the move prevention also prevents reborrowing, which makes secret keys nearly unusable.
2014-09-12 13:28:35 +00:00
assert_eq!(sk, Err(InvalidSecretKey));
[API BREAK] update for libsecp256k1 "explicit context" API break Rather than have global initialization functions, which required expensive synchronization on the part of the Rust library, libsecp256k1 now carries its context in thread-local data which must be passed to every function. What this means for the rust-secp256k1 API is: - Most functions on `PublicKey` and `SecretKey` now require a `Secp256k1` to be given to them. - `Secp256k1::verify` and `::verify_raw` now take a `&self` - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a future commit will allow specifying the Rng in the `Secp256k1` so that functionality is not lost. - The FFI functions have all changed to take a context argument - `secp256k1::init()` is gone, as is the dependency on std::sync - There is a `ffi::Context` type which must be handled carefully by anyone using it directly (hopefully nobody :))
2015-04-11 17:00:20 +00:00
let sk = SecretKey::from_slice(&s, &[1; 32]);
Revert "Overhaul interface to use zero-on-free SecretKeys" This reverts commit 98890907849326a0e265d0ee12d3caa232b19602. This is not ready for primetime -- the move prevention also prevents reborrowing, which makes secret keys nearly unusable.
2014-09-12 13:28:35 +00:00
assert!(sk.is_ok());
Add slice methods to `Nonce`
2014-08-10 02:02:09 +00:00
}
#[test]
fn pubkey_from_slice() {
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
let s = Secp256k1::new();
[API BREAK] update for libsecp256k1 "explicit context" API break Rather than have global initialization functions, which required expensive synchronization on the part of the Rust library, libsecp256k1 now carries its context in thread-local data which must be passed to every function. What this means for the rust-secp256k1 API is: - Most functions on `PublicKey` and `SecretKey` now require a `Secp256k1` to be given to them. - `Secp256k1::verify` and `::verify_raw` now take a `&self` - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a future commit will allow specifying the Rng in the `Secp256k1` so that functionality is not lost. - The FFI functions have all changed to take a context argument - `secp256k1::init()` is gone, as is the dependency on std::sync - There is a `ffi::Context` type which must be handled carefully by anyone using it directly (hopefully nobody :))
2015-04-11 17:00:20 +00:00
assert_eq!(PublicKey::from_slice(&s, &[]), Err(InvalidPublicKey));
assert_eq!(PublicKey::from_slice(&s, &[1, 2, 3]), Err(InvalidPublicKey));
Add keypair slice methods and unit tests
2014-08-10 01:46:38 +00:00
[API BREAK] update for libsecp256k1 "explicit context" API break Rather than have global initialization functions, which required expensive synchronization on the part of the Rust library, libsecp256k1 now carries its context in thread-local data which must be passed to every function. What this means for the rust-secp256k1 API is: - Most functions on `PublicKey` and `SecretKey` now require a `Secp256k1` to be given to them. - `Secp256k1::verify` and `::verify_raw` now take a `&self` - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a future commit will allow specifying the Rng in the `Secp256k1` so that functionality is not lost. - The FFI functions have all changed to take a context argument - `secp256k1::init()` is gone, as is the dependency on std::sync - There is a `ffi::Context` type which must be handled carefully by anyone using it directly (hopefully nobody :))
2015-04-11 17:00:20 +00:00
let uncompressed = PublicKey::from_slice(&s, &[4, 54, 57, 149, 239, 162, 148, 175, 246, 254, 239, 75, 154, 152, 10, 82, 234, 224, 85, 220, 40, 100, 57, 121, 30, 162, 94, 156, 135, 67, 74, 49, 179, 57, 236, 53, 162, 124, 149, 144, 168, 77, 74, 30, 72, 211, 229, 110, 111, 55, 96, 193, 86, 227, 183, 152, 195, 155, 51, 247, 123, 113, 60, 228, 188]);
Add keypair slice methods and unit tests
2014-08-10 01:46:38 +00:00
assert!(uncompressed.is_ok());
[API BREAK] update for libsecp256k1 "explicit context" API break Rather than have global initialization functions, which required expensive synchronization on the part of the Rust library, libsecp256k1 now carries its context in thread-local data which must be passed to every function. What this means for the rust-secp256k1 API is: - Most functions on `PublicKey` and `SecretKey` now require a `Secp256k1` to be given to them. - `Secp256k1::verify` and `::verify_raw` now take a `&self` - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a future commit will allow specifying the Rng in the `Secp256k1` so that functionality is not lost. - The FFI functions have all changed to take a context argument - `secp256k1::init()` is gone, as is the dependency on std::sync - There is a `ffi::Context` type which must be handled carefully by anyone using it directly (hopefully nobody :))
2015-04-11 17:00:20 +00:00
let compressed = PublicKey::from_slice(&s, &[3, 23, 183, 225, 206, 31, 159, 148, 195, 42, 67, 115, 146, 41, 248, 140, 11, 3, 51, 41, 111, 180, 110, 143, 114, 134, 88, 73, 198, 174, 52, 184, 78]);
Add keypair slice methods and unit tests
2014-08-10 01:46:38 +00:00
assert!(compressed.is_ok());
}
#[test]
fn keypair_slice_round_trip() {
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
let s = Secp256k1::new();
Add keypair slice methods and unit tests
2014-08-10 01:46:38 +00:00
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
let (sk1, pk1) = s.generate_keypair(&mut thread_rng()).unwrap();
[API BREAK] update for libsecp256k1 "explicit context" API break Rather than have global initialization functions, which required expensive synchronization on the part of the Rust library, libsecp256k1 now carries its context in thread-local data which must be passed to every function. What this means for the rust-secp256k1 API is: - Most functions on `PublicKey` and `SecretKey` now require a `Secp256k1` to be given to them. - `Secp256k1::verify` and `::verify_raw` now take a `&self` - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a future commit will allow specifying the Rng in the `Secp256k1` so that functionality is not lost. - The FFI functions have all changed to take a context argument - `secp256k1::init()` is gone, as is the dependency on std::sync - There is a `ffi::Context` type which must be handled carefully by anyone using it directly (hopefully nobody :))
2015-04-11 17:00:20 +00:00
assert_eq!(SecretKey::from_slice(&s, &sk1[..]), Ok(sk1));
remove arrayvec dependency; rename PublicKey::serialize_vec
2017-12-19 20:36:46 +00:00
assert_eq!(PublicKey::from_slice(&s, &pk1.serialize()[..]), Ok(pk1));
assert_eq!(PublicKey::from_slice(&s, &pk1.serialize_uncompressed()[..]), Ok(pk1));
Add keypair slice methods and unit tests
2014-08-10 01:46:38 +00:00
}
Add slice methods to `Nonce`
2014-08-10 02:02:09 +00:00
Add verification to SecretKey::from_slice()
2014-08-24 23:13:08 +00:00
#[test]
fn invalid_secret_key() {
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
let s = Secp256k1::new();
Add verification to SecretKey::from_slice()
2014-08-24 23:13:08 +00:00
// Zero
[API BREAK] update for libsecp256k1 "explicit context" API break Rather than have global initialization functions, which required expensive synchronization on the part of the Rust library, libsecp256k1 now carries its context in thread-local data which must be passed to every function. What this means for the rust-secp256k1 API is: - Most functions on `PublicKey` and `SecretKey` now require a `Secp256k1` to be given to them. - `Secp256k1::verify` and `::verify_raw` now take a `&self` - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a future commit will allow specifying the Rng in the `Secp256k1` so that functionality is not lost. - The FFI functions have all changed to take a context argument - `secp256k1::init()` is gone, as is the dependency on std::sync - There is a `ffi::Context` type which must be handled carefully by anyone using it directly (hopefully nobody :))
2015-04-11 17:00:20 +00:00
assert_eq!(SecretKey::from_slice(&s, &[0; 32]), Err(InvalidSecretKey));
Add verification to SecretKey::from_slice()
2014-08-24 23:13:08 +00:00
// -1
[API BREAK] update for libsecp256k1 "explicit context" API break Rather than have global initialization functions, which required expensive synchronization on the part of the Rust library, libsecp256k1 now carries its context in thread-local data which must be passed to every function. What this means for the rust-secp256k1 API is: - Most functions on `PublicKey` and `SecretKey` now require a `Secp256k1` to be given to them. - `Secp256k1::verify` and `::verify_raw` now take a `&self` - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a future commit will allow specifying the Rng in the `Secp256k1` so that functionality is not lost. - The FFI functions have all changed to take a context argument - `secp256k1::init()` is gone, as is the dependency on std::sync - There is a `ffi::Context` type which must be handled carefully by anyone using it directly (hopefully nobody :))
2015-04-11 17:00:20 +00:00
assert_eq!(SecretKey::from_slice(&s, &[0xff; 32]), Err(InvalidSecretKey));
Add verification to SecretKey::from_slice()
2014-08-24 23:13:08 +00:00
// Top of range
[API BREAK] update for libsecp256k1 "explicit context" API break Rather than have global initialization functions, which required expensive synchronization on the part of the Rust library, libsecp256k1 now carries its context in thread-local data which must be passed to every function. What this means for the rust-secp256k1 API is: - Most functions on `PublicKey` and `SecretKey` now require a `Secp256k1` to be given to them. - `Secp256k1::verify` and `::verify_raw` now take a `&self` - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a future commit will allow specifying the Rng in the `Secp256k1` so that functionality is not lost. - The FFI functions have all changed to take a context argument - `secp256k1::init()` is gone, as is the dependency on std::sync - There is a `ffi::Context` type which must be handled carefully by anyone using it directly (hopefully nobody :))
2015-04-11 17:00:20 +00:00
assert!(SecretKey::from_slice(&s,
&[0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
Update for rustc changes We can compile now, but not link -- there have been too many changes in libsecp256k1 behind the scenes. Next commit :)
2015-01-17 16:13:45 +00:00
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B,
0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x40]).is_ok());
Add verification to SecretKey::from_slice()
2014-08-24 23:13:08 +00:00
// One past top of range
[API BREAK] update for libsecp256k1 "explicit context" API break Rather than have global initialization functions, which required expensive synchronization on the part of the Rust library, libsecp256k1 now carries its context in thread-local data which must be passed to every function. What this means for the rust-secp256k1 API is: - Most functions on `PublicKey` and `SecretKey` now require a `Secp256k1` to be given to them. - `Secp256k1::verify` and `::verify_raw` now take a `&self` - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a future commit will allow specifying the Rng in the `Secp256k1` so that functionality is not lost. - The FFI functions have all changed to take a context argument - `secp256k1::init()` is gone, as is the dependency on std::sync - There is a `ffi::Context` type which must be handled carefully by anyone using it directly (hopefully nobody :))
2015-04-11 17:00:20 +00:00
assert!(SecretKey::from_slice(&s,
&[0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
Update for rustc changes We can compile now, but not link -- there have been too many changes in libsecp256k1 behind the scenes. Next commit :)
2015-01-17 16:13:45 +00:00
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B,
0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41]).is_err());
Add verification to SecretKey::from_slice()
2014-08-24 23:13:08 +00:00
}
Expose tweak functions in FFI, wrap a couple
2014-08-28 16:16:53 +00:00
[BREAKING CHANGE] Make PK::from_secret_key() return a Result; change from_ffi functions to From impls If you try to call PublicKey::from_secret() key with an incapable context it will now return an error. Before it would pass through to the underlying library which would terminate the process, something we strive to never expose. Also change the from_ffi functions on various types to impl's of From to be more Rustic. We cannot change the from_slice functions because they have error returns. Also add a Secp256k1::without_caps() function which creates a capability-less context. I find myself using this in so many places downstream that it seems appropriate.
2015-10-14 14:35:02 +00:00
#[test]
fn test_pubkey_from_slice_bad_context() {
let s = Secp256k1::without_caps();
let sk = SecretKey::new(&s, &mut thread_rng());
Improve unit tests for bad secp context
2015-10-14 17:21:15 +00:00
assert_eq!(PublicKey::from_secret_key(&s, &sk), Err(IncapableContext));
let s = Secp256k1::with_caps(ContextFlag::VerifyOnly);
assert_eq!(PublicKey::from_secret_key(&s, &sk), Err(IncapableContext));
let s = Secp256k1::with_caps(ContextFlag::SignOnly);
assert!(PublicKey::from_secret_key(&s, &sk).is_ok());
let s = Secp256k1::with_caps(ContextFlag::Full);
assert!(PublicKey::from_secret_key(&s, &sk).is_ok());
}
#[test]
fn test_add_exp_bad_context() {
let s = Secp256k1::with_caps(ContextFlag::Full);
let (sk, mut pk) = s.generate_keypair(&mut thread_rng()).unwrap();
assert!(pk.add_exp_assign(&s, &sk).is_ok());
let s = Secp256k1::with_caps(ContextFlag::VerifyOnly);
assert!(pk.add_exp_assign(&s, &sk).is_ok());
let s = Secp256k1::with_caps(ContextFlag::SignOnly);
assert_eq!(pk.add_exp_assign(&s, &sk), Err(IncapableContext));
let s = Secp256k1::with_caps(ContextFlag::None);
assert_eq!(pk.add_exp_assign(&s, &sk), Err(IncapableContext));
[BREAKING CHANGE] Make PK::from_secret_key() return a Result; change from_ffi functions to From impls If you try to call PublicKey::from_secret() key with an incapable context it will now return an error. Before it would pass through to the underlying library which would terminate the process, something we strive to never expose. Also change the from_ffi functions on various types to impl's of From to be more Rustic. We cannot change the from_slice functions because they have error returns. Also add a Secp256k1::without_caps() function which creates a capability-less context. I find myself using this in so many places downstream that it seems appropriate.
2015-10-14 14:35:02 +00:00
}
[minor API BREAK] Add unit tests to cover all error cases This comes with a couple bugfixes and the following API changes: - Secp256k1::sign and ::sign_compact no longer return Result; it is impossible to trigger their failure modes with safe code since the `Message` and `SecretKey` types validate when they are created. - constants::MAX_COMPACT_SIGNATURE_SIZE loses the MAX_; signatures are always constant size - the Debug output for everything is now hex-encoded rather than being a list of base-10 ints. It's just easier to read this way. kcov v26 now reports 100% test coverage; however, this does not guarantee that test coverage is actually complete. Patches are always welcome for improved unit tests.
2015-04-12 15:51:15 +00:00
#[test]
fn test_out_of_range() {
struct BadRng(u8);
impl Rng for BadRng {
fn next_u32(&mut self) -> u32 { unimplemented!() }
// This will set a secret key to a little over the
// group order, then decrement with repeated calls
// until it returns a valid key
fn fill_bytes(&mut self, data: &mut [u8]) {
let group_order: [u8; 32] = [
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe,
0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0, 0x3b,
0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41];
assert_eq!(data.len(), 32);
Replace unsafe copy_nonoverlapping() with safe copy_from_slice()
2017-05-08 11:18:35 +00:00
data.copy_from_slice(&group_order[..]);
[minor API BREAK] Add unit tests to cover all error cases This comes with a couple bugfixes and the following API changes: - Secp256k1::sign and ::sign_compact no longer return Result; it is impossible to trigger their failure modes with safe code since the `Message` and `SecretKey` types validate when they are created. - constants::MAX_COMPACT_SIGNATURE_SIZE loses the MAX_; signatures are always constant size - the Debug output for everything is now hex-encoded rather than being a list of base-10 ints. It's just easier to read this way. kcov v26 now reports 100% test coverage; however, this does not guarantee that test coverage is actually complete. Patches are always welcome for improved unit tests.
2015-04-12 15:51:15 +00:00
data[31] = self.0;
self.0 -= 1;
}
}
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
let s = Secp256k1::new();
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
s.generate_keypair(&mut BadRng(0xff)).unwrap();
[minor API BREAK] Add unit tests to cover all error cases This comes with a couple bugfixes and the following API changes: - Secp256k1::sign and ::sign_compact no longer return Result; it is impossible to trigger their failure modes with safe code since the `Message` and `SecretKey` types validate when they are created. - constants::MAX_COMPACT_SIGNATURE_SIZE loses the MAX_; signatures are always constant size - the Debug output for everything is now hex-encoded rather than being a list of base-10 ints. It's just easier to read this way. kcov v26 now reports 100% test coverage; however, this does not guarantee that test coverage is actually complete. Patches are always welcome for improved unit tests.
2015-04-12 15:51:15 +00:00
}
#[test]
fn test_pubkey_from_bad_slice() {
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
let s = Secp256k1::new();
[minor API BREAK] Add unit tests to cover all error cases This comes with a couple bugfixes and the following API changes: - Secp256k1::sign and ::sign_compact no longer return Result; it is impossible to trigger their failure modes with safe code since the `Message` and `SecretKey` types validate when they are created. - constants::MAX_COMPACT_SIGNATURE_SIZE loses the MAX_; signatures are always constant size - the Debug output for everything is now hex-encoded rather than being a list of base-10 ints. It's just easier to read this way. kcov v26 now reports 100% test coverage; however, this does not guarantee that test coverage is actually complete. Patches are always welcome for improved unit tests.
2015-04-12 15:51:15 +00:00
// Bad sizes
remove arrayvec dependency; rename PublicKey::serialize_vec
2017-12-19 20:36:46 +00:00
assert_eq!(PublicKey::from_slice(&s, &[0; constants::PUBLIC_KEY_SIZE - 1]),
[minor API BREAK] Add unit tests to cover all error cases This comes with a couple bugfixes and the following API changes: - Secp256k1::sign and ::sign_compact no longer return Result; it is impossible to trigger their failure modes with safe code since the `Message` and `SecretKey` types validate when they are created. - constants::MAX_COMPACT_SIGNATURE_SIZE loses the MAX_; signatures are always constant size - the Debug output for everything is now hex-encoded rather than being a list of base-10 ints. It's just easier to read this way. kcov v26 now reports 100% test coverage; however, this does not guarantee that test coverage is actually complete. Patches are always welcome for improved unit tests.
2015-04-12 15:51:15 +00:00
Err(InvalidPublicKey));
remove arrayvec dependency; rename PublicKey::serialize_vec
2017-12-19 20:36:46 +00:00
assert_eq!(PublicKey::from_slice(&s, &[0; constants::PUBLIC_KEY_SIZE + 1]),
[minor API BREAK] Add unit tests to cover all error cases This comes with a couple bugfixes and the following API changes: - Secp256k1::sign and ::sign_compact no longer return Result; it is impossible to trigger their failure modes with safe code since the `Message` and `SecretKey` types validate when they are created. - constants::MAX_COMPACT_SIGNATURE_SIZE loses the MAX_; signatures are always constant size - the Debug output for everything is now hex-encoded rather than being a list of base-10 ints. It's just easier to read this way. kcov v26 now reports 100% test coverage; however, this does not guarantee that test coverage is actually complete. Patches are always welcome for improved unit tests.
2015-04-12 15:51:15 +00:00
Err(InvalidPublicKey));
assert_eq!(PublicKey::from_slice(&s, &[0; constants::UNCOMPRESSED_PUBLIC_KEY_SIZE - 1]),
Err(InvalidPublicKey));
assert_eq!(PublicKey::from_slice(&s, &[0; constants::UNCOMPRESSED_PUBLIC_KEY_SIZE + 1]),
Err(InvalidPublicKey));
// Bad parse
assert_eq!(PublicKey::from_slice(&s, &[0xff; constants::UNCOMPRESSED_PUBLIC_KEY_SIZE]),
Err(InvalidPublicKey));
remove arrayvec dependency; rename PublicKey::serialize_vec
2017-12-19 20:36:46 +00:00
assert_eq!(PublicKey::from_slice(&s, &[0x55; constants::PUBLIC_KEY_SIZE]),
[minor API BREAK] Add unit tests to cover all error cases This comes with a couple bugfixes and the following API changes: - Secp256k1::sign and ::sign_compact no longer return Result; it is impossible to trigger their failure modes with safe code since the `Message` and `SecretKey` types validate when they are created. - constants::MAX_COMPACT_SIGNATURE_SIZE loses the MAX_; signatures are always constant size - the Debug output for everything is now hex-encoded rather than being a list of base-10 ints. It's just easier to read this way. kcov v26 now reports 100% test coverage; however, this does not guarantee that test coverage is actually complete. Patches are always welcome for improved unit tests.
2015-04-12 15:51:15 +00:00
Err(InvalidPublicKey));
}
#[test]
fn test_debug_output() {
struct DumbRng(u32);
impl Rng for DumbRng {
fn next_u32(&mut self) -> u32 {
self.0 = self.0.wrapping_add(1);
self.0
}
}
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
let s = Secp256k1::new();
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
let (sk, _) = s.generate_keypair(&mut DumbRng(0)).unwrap();
[minor API BREAK] Add unit tests to cover all error cases This comes with a couple bugfixes and the following API changes: - Secp256k1::sign and ::sign_compact no longer return Result; it is impossible to trigger their failure modes with safe code since the `Message` and `SecretKey` types validate when they are created. - constants::MAX_COMPACT_SIGNATURE_SIZE loses the MAX_; signatures are always constant size - the Debug output for everything is now hex-encoded rather than being a list of base-10 ints. It's just easier to read this way. kcov v26 now reports 100% test coverage; however, this does not guarantee that test coverage is actually complete. Patches are always welcome for improved unit tests.
2015-04-12 15:51:15 +00:00
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
assert_eq!(&format!("{:?}", sk),
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
"SecretKey(0200000001000000040000000300000006000000050000000800000007000000)");
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
}
#[test]
fn test_pubkey_serialize() {
struct DumbRng(u32);
impl Rng for DumbRng {
fn next_u32(&mut self) -> u32 {
self.0 = self.0.wrapping_add(1);
self.0
}
}
let s = Secp256k1::new();
let (_, pk1) = s.generate_keypair(&mut DumbRng(0)).unwrap();
remove arrayvec dependency; rename PublicKey::serialize_vec
2017-12-19 20:36:46 +00:00
assert_eq!(&pk1.serialize_uncompressed()[..],
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
&[4, 149, 16, 196, 140, 38, 92, 239, 179, 65, 59, 224, 230, 183, 91, 238, 240, 46, 186, 252, 175, 102, 52, 249, 98, 178, 123, 72, 50, 171, 196, 254, 236, 1, 189, 143, 242, 227, 16, 87, 247, 183, 162, 68, 237, 140, 92, 205, 151, 129, 166, 58, 111, 96, 123, 64, 180, 147, 51, 12, 209, 89, 236, 213, 206][..]);
remove arrayvec dependency; rename PublicKey::serialize_vec
2017-12-19 20:36:46 +00:00
assert_eq!(&pk1.serialize()[..],
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
&[2, 149, 16, 196, 140, 38, 92, 239, 179, 65, 59, 224, 230, 183, 91, 238, 240, 46, 186, 252, 175, 102, 52, 249, 98, 178, 123, 72, 50, 171, 196, 254, 236][..]);
[minor API BREAK] Add unit tests to cover all error cases This comes with a couple bugfixes and the following API changes: - Secp256k1::sign and ::sign_compact no longer return Result; it is impossible to trigger their failure modes with safe code since the `Message` and `SecretKey` types validate when they are created. - constants::MAX_COMPACT_SIGNATURE_SIZE loses the MAX_; signatures are always constant size - the Debug output for everything is now hex-encoded rather than being a list of base-10 ints. It's just easier to read this way. kcov v26 now reports 100% test coverage; however, this does not guarantee that test coverage is actually complete. Patches are always welcome for improved unit tests.
2015-04-12 15:51:15 +00:00
}
Expose tweak functions in FFI, wrap a couple
2014-08-28 16:16:53 +00:00
#[test]
fn test_addition() {
[API BREAK] Remove Rng from Secp256k1 and associated code The Rng was only used for key generation, and for BIP32 users not even then; thus hauling around a Rng is a waste of space in addition to causing a massive amount of syntactic noise. For example rust-bitcoin almost always uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>` then means even more syntactic noise, rather than less. Now key generation functions take a Rng as a parameter, and the rest can forget about having a Rng. This also means that the Secp256k1 context never needs a mutable reference and can be easily put into an Arc if so desired.
2015-04-12 20:54:22 +00:00
let s = Secp256k1::new();
Expose tweak functions in FFI, wrap a couple
2014-08-28 16:16:53 +00:00
[API BREAK] Update for new libsecp256k1 API
2015-07-28 16:03:10 +00:00
let (mut sk1, mut pk1) = s.generate_keypair(&mut thread_rng()).unwrap();
let (mut sk2, mut pk2) = s.generate_keypair(&mut thread_rng()).unwrap();
Expose tweak functions in FFI, wrap a couple
2014-08-28 16:16:53 +00:00
[BREAKING CHANGE] Make PK::from_secret_key() return a Result; change from_ffi functions to From impls If you try to call PublicKey::from_secret() key with an incapable context it will now return an error. Before it would pass through to the underlying library which would terminate the process, something we strive to never expose. Also change the from_ffi functions on various types to impl's of From to be more Rustic. We cannot change the from_slice functions because they have error returns. Also add a Secp256k1::without_caps() function which creates a capability-less context. I find myself using this in so many places downstream that it seems appropriate.
2015-10-14 14:35:02 +00:00
assert_eq!(PublicKey::from_secret_key(&s, &sk1).unwrap(), pk1);
[API BREAK] update for libsecp256k1 "explicit context" API break Rather than have global initialization functions, which required expensive synchronization on the part of the Rust library, libsecp256k1 now carries its context in thread-local data which must be passed to every function. What this means for the rust-secp256k1 API is: - Most functions on `PublicKey` and `SecretKey` now require a `Secp256k1` to be given to them. - `Secp256k1::verify` and `::verify_raw` now take a `&self` - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a future commit will allow specifying the Rng in the `Secp256k1` so that functionality is not lost. - The FFI functions have all changed to take a context argument - `secp256k1::init()` is gone, as is the dependency on std::sync - There is a `ffi::Context` type which must be handled carefully by anyone using it directly (hopefully nobody :))
2015-04-11 17:00:20 +00:00
assert!(sk1.add_assign(&s, &sk2).is_ok());
assert!(pk1.add_exp_assign(&s, &sk2).is_ok());
[BREAKING CHANGE] Make PK::from_secret_key() return a Result; change from_ffi functions to From impls If you try to call PublicKey::from_secret() key with an incapable context it will now return an error. Before it would pass through to the underlying library which would terminate the process, something we strive to never expose. Also change the from_ffi functions on various types to impl's of From to be more Rustic. We cannot change the from_slice functions because they have error returns. Also add a Secp256k1::without_caps() function which creates a capability-less context. I find myself using this in so many places downstream that it seems appropriate.
2015-10-14 14:35:02 +00:00
assert_eq!(PublicKey::from_secret_key(&s, &sk1).unwrap(), pk1);
Remove unsafe markers and just call `init` everywhere It turns out I need to run `init` before pretty-much every FFI function, which means that most everything would have to be marked unsafe if I'm expecting the Rust user to do this. This is unacceptable -- users who need to sacrifice safety for speed can just use the `ffi::` functions instead. Also, I noticed that I was locking up in `PublicKey::from_secret_key`. Fix to return an error value -- unfortunately a breaking change since it changes the function signature. [breaking-change]
2014-08-28 17:59:44 +00:00
[BREAKING CHANGE] Make PK::from_secret_key() return a Result; change from_ffi functions to From impls If you try to call PublicKey::from_secret() key with an incapable context it will now return an error. Before it would pass through to the underlying library which would terminate the process, something we strive to never expose. Also change the from_ffi functions on various types to impl's of From to be more Rustic. We cannot change the from_slice functions because they have error returns. Also add a Secp256k1::without_caps() function which creates a capability-less context. I find myself using this in so many places downstream that it seems appropriate.
2015-10-14 14:35:02 +00:00
assert_eq!(PublicKey::from_secret_key(&s, &sk2).unwrap(), pk2);
[API BREAK] update for libsecp256k1 "explicit context" API break Rather than have global initialization functions, which required expensive synchronization on the part of the Rust library, libsecp256k1 now carries its context in thread-local data which must be passed to every function. What this means for the rust-secp256k1 API is: - Most functions on `PublicKey` and `SecretKey` now require a `Secp256k1` to be given to them. - `Secp256k1::verify` and `::verify_raw` now take a `&self` - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a future commit will allow specifying the Rng in the `Secp256k1` so that functionality is not lost. - The FFI functions have all changed to take a context argument - `secp256k1::init()` is gone, as is the dependency on std::sync - There is a `ffi::Context` type which must be handled carefully by anyone using it directly (hopefully nobody :))
2015-04-11 17:00:20 +00:00
assert!(sk2.add_assign(&s, &sk1).is_ok());
assert!(pk2.add_exp_assign(&s, &sk1).is_ok());
[BREAKING CHANGE] Make PK::from_secret_key() return a Result; change from_ffi functions to From impls If you try to call PublicKey::from_secret() key with an incapable context it will now return an error. Before it would pass through to the underlying library which would terminate the process, something we strive to never expose. Also change the from_ffi functions on various types to impl's of From to be more Rustic. We cannot change the from_slice functions because they have error returns. Also add a Secp256k1::without_caps() function which creates a capability-less context. I find myself using this in so many places downstream that it seems appropriate.
2015-10-14 14:35:02 +00:00
assert_eq!(PublicKey::from_secret_key(&s, &sk2).unwrap(), pk2);
Expose tweak functions in FFI, wrap a couple
2014-08-28 16:16:53 +00:00
}
key: Add PubKey hashing test.
2016-01-09 03:45:20 +00:00
expose *_tweak_mul functions
2016-08-20 17:00:39 +00:00
#[test]
fn test_multiplication() {
let s = Secp256k1::new();
let (mut sk1, mut pk1) = s.generate_keypair(&mut thread_rng()).unwrap();
let (mut sk2, mut pk2) = s.generate_keypair(&mut thread_rng()).unwrap();
assert_eq!(PublicKey::from_secret_key(&s, &sk1).unwrap(), pk1);
assert!(sk1.mul_assign(&s, &sk2).is_ok());
assert!(pk1.mul_assign(&s, &sk2).is_ok());
assert_eq!(PublicKey::from_secret_key(&s, &sk1).unwrap(), pk1);
assert_eq!(PublicKey::from_secret_key(&s, &sk2).unwrap(), pk2);
assert!(sk2.mul_assign(&s, &sk1).is_ok());
assert!(pk2.mul_assign(&s, &sk1).is_ok());
assert_eq!(PublicKey::from_secret_key(&s, &sk2).unwrap(), pk2);
}
key: Add PubKey hashing test.
2016-01-09 03:45:20 +00:00
#[test]
fn pubkey_hash() {
Use DefaultHasher in place of the deprecated SipHasher
2017-04-27 19:46:28 +00:00
use std::collections::hash_map::DefaultHasher;
use std::hash::{Hash, Hasher};
key: Add PubKey hashing test.
2016-01-09 03:45:20 +00:00
use std::collections::HashSet;
fn hash<T: Hash>(t: &T) -> u64 {
Use DefaultHasher in place of the deprecated SipHasher
2017-04-27 19:46:28 +00:00
let mut s = DefaultHasher::new();
key: Add PubKey hashing test.
2016-01-09 03:45:20 +00:00
t.hash(&mut s);
s.finish()
}
let s = Secp256k1::new();
let mut set = HashSet::new();
const COUNT : usize = 1024;
let count = (0..COUNT).map(|_| {
let (_, pk) = s.generate_keypair(&mut thread_rng()).unwrap();
let hash = hash(&pk);
assert!(!set.contains(&hash));
set.insert(hash);
}).count();
assert_eq!(count, COUNT);
}
expose 2-key version of PublicKey::combine
2017-12-21 00:59:22 +00:00
#[test]
fn pubkey_combine() {
let s = Secp256k1::with_caps(ContextFlag::None);
let compressed1 = PublicKey::from_slice(
&s,
&hex!("0241cc121c419921942add6db6482fb36243faf83317c866d2a28d8c6d7089f7ba"),
).unwrap();
let compressed2 = PublicKey::from_slice(
&s,
&hex!("02e6642fd69bd211f93f7f1f36ca51a26a5290eb2dd1b0d8279a87bb0d480c8443"),
).unwrap();
let exp_sum = PublicKey::from_slice(
&s,
&hex!("0384526253c27c7aef56c7b71a5cd25bebb66dddda437826defc5b2568bde81f07"),
).unwrap();
let sum1 = compressed1.combine(&s, &compressed2);
assert!(sum1.is_ok());
let sum2 = compressed2.combine(&s, &compressed1);
assert!(sum2.is_ok());
assert_eq!(sum1, sum2);
assert_eq!(sum1.unwrap(), exp_sum);
}
Add tests to detect regressions.
2018-05-29 11:11:18 +00:00
#[test]
fn pubkey_equal() {
let s = Secp256k1::new();
let pk1 = PublicKey::from_slice(
&s,
&hex!("0241cc121c419921942add6db6482fb36243faf83317c866d2a28d8c6d7089f7ba"),
).unwrap();
let pk2 = pk1.clone();
let pk3 = PublicKey::from_slice(
&s,
&hex!("02e6642fd69bd211f93f7f1f36ca51a26a5290eb2dd1b0d8279a87bb0d480c8443"),
).unwrap();
assert!(pk1 == pk2);
assert!(pk1 <= pk2);
assert!(pk2 <= pk1);
assert!(!(pk2 < pk1));
assert!(!(pk1 < pk2));
assert!(pk3 < pk1);
assert!(pk1 > pk3);
assert!(pk3 <= pk1);
assert!(pk1 >= pk3);
}
Add keypair slice methods and unit tests
2014-08-10 01:46:38 +00:00
}
Move FFI and constants into their own modules; replace outptrs with returns
2014-08-10 01:03:17 +00:00