Commit Graph

1170 Commits

Author SHA1 Message Date
Andrew Poelstra c9310884b6
Merge rust-bitcoin/rust-secp256k1#582: implement `insecure-erase` feature (was: `Zeroize`)
8fffbeab13 implement "non_secure_erase" methods (kwantam)

Pull request description:

  This PR adds [`Zeroize`](https://docs.rs/zeroize) derivations for the following structs:

  - `SecretKey`
  - `KeyPair`
  - `SharedSecret`
  - `Scalar`
  - `DisplaySecret`

  This is *only* a Zeroize impl, and does not make Zeroize happen automatically on drop (doing that would be a breaking change because it would preclude deriving `Copy`). But this is still useful, because it allows downstream libraries to implement `ZeroizeOnDrop` for structs that contain such secrets and/or simply to use the `Zeroizing` container struct.

  Because these new impls are never invoked automatically, performance impact should be zero. Safety-wise, the `Zeroize` library appears to be widely used in cryptographic code. For example, Supranational's [blst](https://github.com/supranational/blst) Rust bindings use it, and in turn are used in one of the most popular eth2 validator implementations.

  Thanks for maintaining a really great library!

ACKs for top commit:
  tcharding:
    FWIW ACK 8fffbeab13
  apoelstra:
    ACK 8fffbeab13

Tree-SHA512: 28d2cdcc6bd2d2d6330b67ae8635561882e869199d8fef9a3ebc3f368a7a0c2c00b818281190133f551b099e9c5226f104a56edc14c9b6f699ceba49e4b24563
2023-02-22 15:57:38 +00:00
kwantam 8fffbeab13
implement "non_secure_erase" methods
This PR implements a `non_secure_erase()` method on SecretKey,
KeyPair, SharedSecret, Scalar, and DisplaySecret. The purpose
of this method is to (attempt to) overwrite secret data with
valid default values. This method can be used by libraries
to implement Zeroize on structs containing secret values.

`non_secure_erase()` attempts to avoid being optimized away or
reordered using the same mechanism as the zeroize crate: first,
using `std::ptr::write_volatile` (which will not be optimized
away) to overwrite the memory, then using a memory fence to
prevent subtle issues due to load or store reordering.

Note, however, that this method is *very unlikely* to do anything
useful on its own. Effective use involves carefully placing these
values inside non-Copy structs and pinning those structs in place.
See the [`zeroize`](https://docs.rs/zeroize) documentation for tips
and tricks, and for further discussion.

[this commit includes a squashed-in commit from tcharding to fix docs
and helpful suggestions from apoelstra and Kixunil]
2023-02-21 08:56:03 -05:00
Andrew Poelstra 6ec968a522
Merge rust-bitcoin/rust-secp256k1#561: Fully describe safety requirements
e705bcffb5 Fully describe safety requirements (Tobin C. Harding)

Pull request description:

  Currently we have a wildcard on safety requirements, saying more or less "plus a bunch of other stuff we don't mention". This is not helpful.

  Attempt to fully describe the safety requirements of creating a context from a raw context (all, signing only, and verification only).

  Fix: #544

  ## Note

  This is best effort only, will require some thought to review. To do this I read https://doc.rust-lang.org/reference/behavior-considered-undefined.html and then I flicked through `depend/secp256k1/src/secp256k1.c` and `util.h` to look for things that could cause things in the linked to list of UB.

ACKs for top commit:
  apoelstra:
    ACK e705bcffb5
  Kixunil:
    ACK e705bcffb5

Tree-SHA512: 0180d196f6d528e3c7a06da54ef58d015df19c351d98030453ae5c5e62e0565797b06169f27f5d8b40ea0b9adba377cadd45dd306c8213d0bdc98b20651766c7
2023-02-06 13:50:47 +00:00
Andrew Poelstra 11001f43e5
Merge rust-bitcoin/rust-secp256k1#579: Followup: Disallow missing `Debug` implementations for `Scalar` type.
e597860a64 Followup: Disallow missing `Debug` implementations for `Scalar` type. (Arik Sosman)

Pull request description:

  Because `Scalar` now implements it, that carveout is no longer necessary.

ACKs for top commit:
  tcharding:
    ACK e597860a64
  apoelstra:
    ACK e597860a64

Tree-SHA512: fd9682550cc6bd2d3d59d067d3a0c7faf5767b4c127d86f95c7355ff795189272f399ce2df7d870f85fa3a3d6727fa6debc058171aab965a8f0aa5b5aecff581
2023-02-03 13:51:42 +00:00
Arik Sosman e597860a64
Followup: Disallow missing `Debug` implementations for `Scalar` type. 2023-02-02 13:29:05 -08:00
Andrew Poelstra 8603719a93
Merge rust-bitcoin/rust-secp256k1#578: Implement `Debug` trait for `Scalar` type
8ed8cac2fe Implement `Debug` trait for `Scalar` type. (Arik Sosman)

Pull request description:

  Currently, `Scalar` types do not implement the `Debug` trait, whereas most other types in the library do. Besides that being an upstream requirement for us, I believe it would also be quite useful for users of that type.

  Also implements the `Index` traits for `Scalar`.

ACKs for top commit:
  apoelstra:
    ACK 8ed8cac2fe

Tree-SHA512: f254859144850e40badf6ace2b2a1b231e5ed224ec60861586cd5f2042167d89c759dc16a1075702bce90d810ac60db924ea8cb20d82099a42fddb2718da12db
2023-02-02 18:40:18 +00:00
Arik Sosman 8ed8cac2fe
Implement `Debug` trait for `Scalar` type. 2023-02-02 09:34:00 -08:00
Tobin C. Harding e705bcffb5 Fully describe safety requirements
Currently we have a wildcard on safety requirements, saying more or less
"plus a bunch of other stuff we don't mention". This is not helpful.

Attempt to fully describe the safety requirements of creating a context
from a raw context (all, signing only, and verification only).

Fix: #544
2023-01-31 17:20:22 +11:00
Andrew Poelstra 65eb166c09
Merge rust-bitcoin/rust-secp256k1#576: Fix CI
d1184156c6 Fix CI (Tobin C. Harding)

Pull request description:

  Currently CI is broken because we use the latest version of `rustfmt` and `clippy` in CI. We can resolve the `rustfmt` issue permanently by removing the `required_version` config option. We also need to fix the latest clippy warnings.

  Done as a single patch so that all patches pass CI.

ACKs for top commit:
  apoelstra:
    ACK d1184156c6

Tree-SHA512: 846d78d974f40f63ee605faf095f000b14057eb04450c3612054673594ea6ef3a110033d20bc57d3a943b3c8853fbad3102e2fdc6863227cb684c22f7fa6ffc7
2023-01-30 21:19:58 +00:00
Tobin C. Harding d1184156c6 Fix CI
Currently CI is broken because we use the latest version of `rustfmt`
and `clippy` in CI. We can resolve the `rustfmt` issue permanently by
removing the `required_version` config option. We also need to fix the
latest clippy warnings.

Done as a single patch so that all patches pass CI.
2023-01-31 08:14:08 +11:00
Andrew Poelstra 92c4923289
Merge rust-bitcoin/rust-secp256k1#573: Use library `to_hex` function
bdfa0ffcd0 Use library to_hex function (Tobin C. Harding)

Pull request description:

  We do not need to use the `hex` module from `bitcoin_hashes` to encode into hex, we have a function in this library.

  Use library hex encoding logic, removes dependency on the `hex` module of `bitcoin_hashes` entirely from this crate.

ACKs for top commit:
  apoelstra:
    ACK bdfa0ffcd0

Tree-SHA512: 0923939cfeb3cb4f8a3c2fad3961f2b17d3083d85232b3992d9efef59e622fa18f6ecf3c93b064518a7cb6ac4b704480a59ecdc3bcc016811758b4a13b00d31f
2023-01-25 12:38:23 +00:00
Tobin C. Harding bdfa0ffcd0
Use library to_hex function
We do not need to use the `hex` module from `bitcoin_hashes` to encode
into hex, we have a function in this library.

Use library hex encoding logic, removes dependency on the `hex` module
of `bitcoin_hashes` entirely from this crate.
2023-01-25 07:36:33 +11:00
Andrew Poelstra 0e689c7992
Merge rust-bitcoin/rust-secp256k1#574: Overcome ASAN false positive regression
5a3f13eecf Overcome ASAN false positive regression (Tobin C. Harding)

Pull request description:

  The Memory Sanitizer is giving a false positive at the moment in `nightly`. Adding compiler flags resolves the issue. I didn't grok the exact root cause but this fixes it (cut'n'pasta from the issue [0]).

  Props to elichai for working this out: https://github.com/rust-bitcoin/rust-secp256k1/pull/573#issuecomment-1399465995

  [0] https://github.com/rust-lang/rust/issues/107149

ACKs for top commit:
  apoelstra:
    ACK 5a3f13eecf

Tree-SHA512: 873145b732f7574c93ecc1bbabd9d82a1e501a39d1e2184770f71a07ffb72468783ab1b3fbfef8ef377c7e7a4b8c45253da1fce11660152d3369902136f1c049
2023-01-23 22:17:49 +00:00
Tobin C. Harding 5a3f13eecf
Overcome ASAN false positive regression
The Memory Sanitizer is giving a false positive at the moment in
`nightly`. Adding compiler flags resolves the issue. I didn't grok the
exact root cause but this fixes it (cut'n'pasta from the issue [0]).

[0] https://github.com/rust-lang/rust/issues/107149
2023-01-23 09:53:23 +11:00
Andrew Poelstra be94e6ccc0
Merge rust-bitcoin/rust-secp256k1#572: add redundant features for cargo 1.41 bug
fe828d040d add redundant features for cargo 1.41 bug (Andrew Poelstra)

Pull request description:

  It looks like cargo versions up to 1.45 have a bug that sometimes causes dependency resolution to fail. There is a straightforward, somewhat ugly fix, which this PR implements.

  In #571 we implemented this and rush-merged it into 0.24.x because (a) it was breaking our CI, (b) it was clearly harmless, even if it turn out not to be the best decision. For this PR I'd like somebody other than me and Sanket to take a look and sanity check us.

  If we merged this, it will also need a backport to 0.25.x.

  For more details see #571 and the linked issues there.

ACKs for top commit:
  Kixunil:
    ACK fe828d040d

Tree-SHA512: 1e771137088036ae7331d42c86955a2a8c73c22f2850d03b8a9e9b7aa21315d558cbfe6cb1f4c839fa8df15b24756bc26eda25b1214d27e719abd10af2cef5fc
2023-01-15 14:01:55 +00:00
Andrew Poelstra fe828d040d
add redundant features for cargo 1.41 bug 2023-01-13 14:04:23 +00:00
Andrew Poelstra ca074461d8
Merge rust-bitcoin/rust-secp256k1#569: Add secp256k1_schnorrsig_sign_custom in fuzzing config
43370d8128 Add secp256k1_schnorrsig_sign_custom in fuzzing config (Tibo-lg)

Pull request description:

  Trying to do some fuzz testing I noticed that I had omitted to add `secp256k1_schnorrsig_sign_custom` to the `fuzz_dummy` module of `secp256k1sys` crate in #440. This PR adds it. I just forwarded the call to `secp256k1_schnorrsig_sign` as I didn't have any better idea but open to suggestions.

ACKs for top commit:
  apoelstra:
    ACK 43370d8128

Tree-SHA512: 44789fbf7c0186a7e0c0a445efd48c32e5a23169cd5d723aa19a04c5d0cb1bf6eeefbd2d153e5cb58f25eb823b5ee41a35411af3996722ed389ab18a741b388e
2022-12-23 22:56:18 +00:00
Tibo-lg 43370d8128 Add secp256k1_schnorrsig_sign_custom in fuzzing config 2022-12-22 16:59:59 +09:00
Andrew Poelstra 748dcd9401
Merge rust-bitcoin/rust-secp256k1#567: Upgrade the vendored `libsecp256k1` code to v0.2.0
2dad589394 Upgrade the vendored libsecp256k1 code (Tobin C. Harding)
2d4aacc4ad Update scratch_impl.h patch file (Tobin C. Harding)

Pull request description:

  This bumps `secp256k1` to v0.26.0 and `secp256k1-sys` to v0.8.0

  `libsecp256k1` v0.2.0 was just released.

  Update the vendored code using

   `./vendor-libsecp.sh depend 0_8_0 21ffe4b`

  ```
  git show 21ffe4b
  commit 21ffe4b22a9683cf24ae0763359e401d1284cc7a (tag: v0.2.0)
  Merge: 8c949f5 e025ccd
  Author: Pieter Wuille <pieter@wuille.net>
  Date:   Mon Dec 12 17:00:52 2022 -0500

      Merge bitcoin-core/secp256k1#1055: Prepare initial release

      e025ccdf7473702a76bb13d763dc096548ffefba release: prepare for initial release 0.2.0 (Jonas Nick)
      6d1784a2e2c1c5a8d89ffb08a7f76fa15e84fff5 build: add missing files to EXTRA_DIST (Jonas Nick)
      13bf1b6b324f2ed1c1fb4c8d17a4febd3556839e changelog: make order of change types match keepachangelog.com (Jonas Nick)
      b1f992a552785395d2e60b10862626fd11f66f84 doc: improve release process (Jonas Nick)
      ad39e2dc417f85c1577a6a6a9c519f5c60453def build: change package version to 0.1.0-dev (Jonas Nick)
      90618e9263ebc2a0d73d487d6d94fd3af96b973c doc: move CHANGELOG from doc/ to root directory (Jonas Nick)

      Pull request description:

        Based on #964

      ACKs for top commit:
        sipa:
          ACK e025ccdf7473702a76bb13d763dc096548ffefba

      Tree-SHA512: b9ab71d7362537d383a32b5e321ef44069f00e3e92340375bcd662267bc5a60c2bad60222998e6602cfac24ad65efb23d772eac37c86065036b90ef090b54c49
  ```

  Requires a new version of `secp256k1-sys`, use v0.8.0

  - Update the `secp256k1-sys` manifest (including links field)
  - Update symbols to use 0_8_0
  - Add a changelog entry
  - depend on the new version in `secp256k1`

  Which in turn requires a new version of `secp256k1`, use v0.26.0

ACKs for top commit:
  apoelstra:
    ACK 2dad589394

Tree-SHA512: 58eb5a276a78336e45b1473970f2d68dc2249b4a751deae44d70c2453cf5798b0edc0fdee2eabfb5707053e76e3a49849009b0c2f9dce08bd4bb5bb8d3549a62
2022-12-21 16:10:35 +00:00
Tobin C. Harding 2dad589394 Upgrade the vendored libsecp256k1 code
`libsecp256k1` v0.2.0 was just released.

Update the vendored code using

 `./vendor-libsecp.sh depend 0_8_0 21ffe4b`

```
git show 21ffe4b
commit 21ffe4b22a9683cf24ae0763359e401d1284cc7a (tag: v0.2.0)
Merge: 8c949f5 e025ccd
Author: Pieter Wuille <pieter@wuille.net>
Date:   Mon Dec 12 17:00:52 2022 -0500

    Merge bitcoin-core/secp256k1#1055: Prepare initial release

    e025ccdf7473702a76bb13d763dc096548ffefba release: prepare for initial release 0.2.0 (Jonas Nick)
    6d1784a2e2c1c5a8d89ffb08a7f76fa15e84fff5 build: add missing files to EXTRA_DIST (Jonas Nick)
    13bf1b6b324f2ed1c1fb4c8d17a4febd3556839e changelog: make order of change types match keepachangelog.com (Jonas Nick)
    b1f992a552785395d2e60b10862626fd11f66f84 doc: improve release process (Jonas Nick)
    ad39e2dc417f85c1577a6a6a9c519f5c60453def build: change package version to 0.1.0-dev (Jonas Nick)
    90618e9263ebc2a0d73d487d6d94fd3af96b973c doc: move CHANGELOG from doc/ to root directory (Jonas Nick)

    Pull request description:

      Based on #964

    ACKs for top commit:
      sipa:
        ACK e025ccdf7473702a76bb13d763dc096548ffefba

    Tree-SHA512: b9ab71d7362537d383a32b5e321ef44069f00e3e92340375bcd662267bc5a60c2bad60222998e6602cfac24ad65efb23d772eac37c86065036b90ef090b54c49
    ```

Requires a new version of `secp256k1-sys`, use v0.8.0

- Update the `secp256k1-sys` manifest (including links field)
- Update symbols to use 0_8_0
- Add a changelog entry
- depend on the new version in `secp256k1`

Which in turn requires a new version of `secp256k1`, use v0.26.0
2022-12-21 08:11:14 +11:00
Tobin C. Harding 2d4aacc4ad Update scratch_impl.h patch file
To mirror recent changes to the `scratch_impl.h` file update the patch
file.
2022-12-19 15:12:23 +11:00
Elichai Turkel 2fccf8dccc
Merge pull request #565 from tcharding/12-16-clippy
Remove unnecessary cast
2022-12-16 11:11:28 +02:00
Tobin C. Harding b3cd414a5a Remove unnecessary cast
A recent update to clippy introduced a new class of warning.

Clippy emits:

 warning: casting to the same type is unnecessary (`usize` -> `usize`)

As suggested remove the unnecessary cast.
2022-12-16 11:02:02 +11:00
Andrew Poelstra 48ce60d507
Merge rust-bitcoin/rust-secp256k1#550: Update CHANGELOG for release of v0.25.0
01b1fbcccb Update CHANGELOG for release of v0.25.0 (Tobin C. Harding)

Pull request description:

  We just did a new release of `secp256k1-sys` needed for release of v0.25.0

  Update the CHANGELOG to include secp-sys version bump.

ACKs for top commit:
  apoelstra:
    ACK 01b1fbcccb

Tree-SHA512: 87ffc0f4ce468975b99ea3a0bbc97f8d0d048ecaee9982550bad13f564e0ea0093ce7dfdb7af0b5de8f14ff00eafd29bdb23dcf15ad52e93dc194459de0e15ab
2022-12-12 13:30:55 +00:00
Andrew Poelstra 3a1fd2dfce
Merge rust-bitcoin/rust-secp256k1#549: Bump secp256k1-sys version to 0.7.0
3fa2436272 Bump secp256k1-sys version to 0.7.0 (Tobin C. Harding)

Pull request description:

  We are ready to release a new minor version of `secp256k1-sys`, in order to do so we must make change the symbol names to reflect the new version as well as the usual changelog and version bump.

  In preparation for releasing `secp256k1-sys` v0.7.0 do:

  - Rename symbols to from `0_6_1` -> `0_7_0`, done mechanically (search and replace)
  - Add changes log notes
  - Bump `secp256k1-sys` crate version 0.6.1 -> 0.7.0, justified because we have added new public methods to various types (e.g., `PublicKey::cmp_fast_unstable`)

  ### Notes

  I based this PR on:
  - https://github.com/rust-bitcoin/rust-secp256k1/pull/490/files
  - https://github.com/rust-bitcoin/rust-secp256k1/pull/457/files

ACKs for top commit:
  apoelstra:
    ACK 3fa2436272

Tree-SHA512: cb16de633865f26613aa29479ac6a6299b1790a00372cca61173f09a753179fa1d619b91ca25ba5872f571d3d9372b46731f9d4b3e8050077ec3c73d583f54ce
2022-12-12 13:19:36 +00:00
Tobin C. Harding 01b1fbcccb Update CHANGELOG for release of v0.25.0
We just did a new release of `secp256k1-sys` needed for release of
v0.25.0

Update the CHANGELOG to include secp-sys version bump.
2022-12-12 09:19:01 +11:00
Tobin C. Harding 3fa2436272 Bump secp256k1-sys version to 0.7.0
We are ready to release a new minor version of `secp256k1-sys`, in order
to do so we must make change the symbol names to reflect the new version
as well as the usual changelog and version bump.

In preparation for releasing `secp256k1-sys` v0.7.0 do:

- Rename symbols to from `0_6_1` -> `0_7_0`, done mechanically (search
  and replace)
- Add changes log notes
- Bump `secp256k1-sys` crate version 0.6.1 -> 0.7.0, justified because
  we have added new public methods to various types (e.g.,
  `PublicKey::cmp_fast_unstable`)
2022-12-12 09:13:00 +11:00
Andrew Poelstra ff4be18e0d
Merge rust-bitcoin/rust-secp256k1#557: Add additional changelog entry
494b07a415 Add changelog entry (Tobin C. Harding)
d0c4af0e26 Add newline after docs heading (Tobin C. Harding)

Pull request description:

  ~Bump version to 0.25.1 ready to release~ Add changelog entry for the recently fixed unsoundness issue.

  Patch 1 is an annoyingly trivial fix to docs.

ACKs for top commit:
  apoelstra:
    ACK 494b07a415

Tree-SHA512: 8de8d735d3dce06683ec8e66b78b966406f42ea0a8e679e8e82143a984251addd74bea3658cc63ba9d9eada3517e461e9c28085d5261d9c0db2dceb15a8cbcc2
2022-12-09 20:50:26 +00:00
Andrew Poelstra 4adbbce264
Merge rust-bitcoin/rust-secp256k1#563: change bitcoin-hashes feature gates to bitcoin_hashes
1d6a46eb6d change bitcoin-hashes feature gates to bitcoin_hashes (Andrew Poelstra)

Pull request description:

  This leaves `bitcoin-hashes` in place everywhere in the documentation, but changes it to `bitcoin_hashes` on the actual feature gates, to ensure that both flags work.

  It's unfortunately a bit hard to test this because the library will be self-consistent pretty-much no matter what we do ... the issue is if the user enables the wrong flag we want to make sure that all the APIs we intend to be visible are actually visible.

  Fixes #562.

ACKs for top commit:
  tcharding:
    ACK 1d6a46eb6d

Tree-SHA512: 1e060aeb2810ef1e23cf5c956023aca586550ba0287bbf7bc1108dc14091e17d7601aac3f057d0313fafd21351cdda1b08b4250f34ecde917be686d0b739e65a
2022-12-09 20:40:38 +00:00
Tobin C. Harding 494b07a415 Add changelog entry
Recently we found and fixed an unsoundness issue in the
`preallocated_gen_new` function. As we have yet to release 0.25.0 we can
just update the changelog to reflect the newly merged fix.
2022-12-09 07:35:04 +11:00
Andrew Poelstra 1d6a46eb6d
change bitcoin-hashes feature gates to bitcoin_hashes
Fixes #562.
2022-12-08 14:20:51 +00:00
Tobin C. Harding d0c4af0e26 Add newline after docs heading
As is customary add a newline between rustdoc heading and content. Done
so that the code is identical to other released code (during backport
the space was added).
2022-12-08 12:12:54 +11:00
Andrew Poelstra 29c13638dc
Merge rust-bitcoin/rust-secp256k1#548: fix soundness issue with `preallocated_gen_new`
1e6eb6cb4d shut clippy up (Andrew Poelstra)
f961497e69 context: introduce unsafe `PreallocatedContext` trait (Andrew Poelstra)

Pull request description:

  Stop this from being a generic function over all contexts, to only a function generic over contexts where we can bound the lifetime precisely. Introduces a new unsafe trait. I *believe* the only code this breaks was already unsound:
  * code that tried to use one of the `*Preallocated` context markers with an incorrect lifetime
  * code that tried to use `preallocated_gen_new` with a non-`*Preallocated` marker, which I believe we allowed before (I just noticed this now) and almost certainly would've led to UB on drop

  Fixes #543

ACKs for top commit:
  Kixunil:
    ACK 1e6eb6cb4d
  tcharding:
    ACK 1e6eb6cb4d

Tree-SHA512: 44eb4637a2f86d5b16d40174cb9e27f37cf8eb4f29546159dbbdcd3326d01f9de2f500ba732376dd84e67ebc3528c709d2d4e2aceb8a329bcb9fb9d25c9b89cb
2022-12-04 17:40:48 +00:00
Andrew Poelstra ca2dd9371e
Merge rust-bitcoin/rust-secp256k1#551: secp-sys: Use NonNull in API instead of *mut T
9b07e8e8c5 secp-sys: Use NonNull in API instead of *mut T (Tobin C. Harding)

Pull request description:

  Currently we expect non-null pointers when we take `*mut T` parameters, however we do not check that the pointers are non-null because we never set VERIFY in our C build. We can use the `NonNull` type to enforce no-null-ness as long as we use `NonNull::new`. In a couple of instances we manually check that a buffer is not empty and therefore that the pointer to it is non-null so we can safely use `NonNull::new_unchecked`.

  Replace mutable pointer parameters `*mut T` (e.g. `*mut c_void`) and return types with `NonNull<T>`.

  Fix #546

  ### Note

  The description above fully explains the issue to the best of my knowledge, if the description is not spot on then I'm not fully understanding the issue. Please correct me if this is the case.

  > One unfortunate thing is that this means that we wouldn't be able to implement CPtr for secp256k1::Context, which is our designated "expose types from secp256k1-sys which is not stable" semver escape hatch.

  You've lost me here? `secp256k1::Context` is a trait did you mean `secp256k1::Secp256k1` or `secp256k1_sys::Context`?

ACKs for top commit:
  apoelstra:
    ACK 9b07e8e8c5

Tree-SHA512: 37aceebfa62e590ce8cc282c35b014ad018e5cfbea99402ed3aa1fcbaa69e01a01c1c1f32351f5f15a7d270e31da5b239ee5bc11d2343cf866082ad85df6a622
2022-12-03 13:22:53 +00:00
Andrew Poelstra 1e6eb6cb4d
shut clippy up 2022-12-02 13:23:16 +00:00
Andrew Poelstra f961497e69
context: introduce unsafe `PreallocatedContext` trait
Fixes unsoundness in `preallocated_gen_new` which previously did not
properly constrain the lifetime of the buffer used to back the context
object. We introduce an unsafe marker trait, and impl it for our
existing preallocated-context markers.

Annoyingly the trait has to be public even though it should never be
used directly, and is only used alongside the sealed `Context` trait,
so it is de-facto sealed itself.

Fixes #543
2022-12-02 13:08:56 +00:00
Tobin C. Harding 9b07e8e8c5 secp-sys: Use NonNull in API instead of *mut T
Currently we expect non-null pointers when we take `*mut T` parameters,
however we do not check that the pointers are non-null because we never
set VERIFY in our C build. We can use the `NonNull` type to enforce
no-null-ness as long as we use `NonNull::new`. In a couple of instances
we manually check that a buffer is not empty and therefore that the
pointer to it is non-null so we can safely use `NonNull::new_unchecked`.

Replace mutable pointer parameters `*mut T` (e.g. `*mut c_void`) and
return types with `NonNull<T>`.

Fix #546
2022-12-01 15:45:32 +11:00
Andrew Poelstra 525613902c
Merge rust-bitcoin/rust-secp256k1#542: Use NonNull for Secp256k1 inner context field
082c3bdd1c Use NonNull for Secp256k1 inner context field (Tobin C. Harding)

Pull request description:

  For raw pointers that can never be null Rust provides the `core::ptr::NonNull` type. Our `Secp256k1` type has an inner field that is a non-null pointer; use `NonNull` for it.

  Fix: #534

ACKs for top commit:
  apoelstra:
    ACK 082c3bdd1c

Tree-SHA512: 80e6a931bc2efaaa5f9d11f7407b45960f6db669137fbb4f835dff3607b1459d6ea2bc039a649460c14008381a10d095e18df7e3b7b6b4c4b85a360e0127eef0
2022-11-30 19:35:57 +00:00
Andrew Poelstra ca83f9fdcd
Merge rust-bitcoin/rust-secp256k1#523: Tracking PR for release v0.25.0
1dbd7691da secp256k1: Bump crate version to 0.25.0 (Tobin C. Harding)

Pull request description:

  Add changelog notes and bump the crate version to v0.25.0!

ACKs for top commit:
  apoelstra:
    ACK 1dbd7691da

Tree-SHA512: 462f103842d093ca019dea26e3e1bc9faf10d711846afe74562340320cfbd030f121bf834963f347fdeab2f3477dc3c3e15e3653619c634c149cddc059a60042
2022-11-30 19:21:30 +00:00
Tobin C. Harding 082c3bdd1c Use NonNull for Secp256k1 inner context field
For raw pointers that can never be null Rust provides the
`core::ptr::NonNull` type. Our `Secp256k1` type has an inner field that
is a non-null pointer; use `NonNull` for it.

Fix: #534
2022-11-30 12:30:20 +11:00
Tobin C. Harding 1dbd7691da secp256k1: Bump crate version to 0.25.0
Add changelog notes and bump the crate version to v0.25.0!
2022-11-30 12:22:16 +11:00
Andrew Poelstra 3760ef6b0c
Merge rust-bitcoin/rust-secp256k1#541: Remove size field
129ba3cd58 Remove size field (Tobin C. Harding)

Pull request description:

  The `Secp256k1` `size` field is a cached value that we get using `ffi::secp256k1_context_preallocated_size` or
  `ffi::secp256k1_context_preallocated_clone_size`, both of which just return the result of `sizeof(rustsecp256k1_v0_6_1_context)`. Instead of caching this value we can just call
  `ffi::secp256k1_context_preallocated_clone_size` in the `Drop` implementation.

  Fix #537

ACKs for top commit:
  apoelstra:
    ACK 129ba3cd58

Tree-SHA512: 3fce7863065e4b485fd2d1fdbbfe7002fa6188f1a703d89fdda570a1a32471d298e2e33fb8c5951a56a79facb5d2b427d58e473b5cb1d68eb02ffed728392b97
2022-11-29 15:39:19 +00:00
Tobin C. Harding 129ba3cd58 Remove size field
The `Secp256k1` `size` field is a cached value that we get using
`ffi::secp256k1_context_preallocated_size` or
`ffi::secp256k1_context_preallocated_clone_size`, both of which just
return the result of `sizeof(rustsecp256k1_v0_6_1_context)`. Instead of
caching this value we can just call
`ffi::secp256k1_context_preallocated_clone_size` in the `Drop`
implementation.
2022-11-29 14:17:23 +11:00
Andrew Poelstra 8ab0bbccbc
Merge rust-bitcoin/rust-secp256k1#535: call the alloc error handle if we get NULL from the allocator
8b17fc016d call the alloc error handle if we get NULL from the allocator (Elichai Turkel)

Pull request description:

  Found that this was missing in this discussion: https://github.com/rust-bitcoin/rust-secp256k1/issues/529#issuecomment-1324832163

  It is documented here that it returns a NULL on memory exhaustion: https://doc.rust-lang.org/alloc/alloc/trait.GlobalAlloc.html#tymethod.alloc
  And you can see that this is called in this example: https://doc.rust-lang.org/alloc/alloc/fn.alloc.html
  Docs for the handle itself: https://doc.rust-lang.org/alloc/alloc/fn.handle_alloc_error.html

ACKs for top commit:
  apoelstra:
    ACK 8b17fc016d
  Kixunil:
    Good argument, ACK 8b17fc016d

Tree-SHA512: 4b8f79ab5f691cb92621a314ceb8556c26fa7e159de359697b766043a0269e1ecf9746e6d4bfd5b45f18bccaff435c1fff491168b8bb77459ae849c38664d563
2022-11-24 15:38:26 +00:00
Andrew Poelstra e4baf79deb
Merge rust-bitcoin/rust-secp256k1#536: secp256k1-sys: Remove unused flags in build.rs
7d3dc354d7 secp256k1-sys: Remove unused flags in build.rs (Elichai Turkel)

Pull request description:

  These are no longer used in upstream, so there's no reason for us to set them

ACKs for top commit:
  apoelstra:
    ACK 7d3dc354d7

Tree-SHA512: 79ecbed19ba9eb61640306bc5413b139e902ee84b7e122e8ae57e451f2b132371440554f21ed075ed34d9d702c4316e4b170ca638c774532ecf5a11456b4e2ad
2022-11-24 14:49:38 +00:00
Andrew Poelstra efb47e9bcf
Merge rust-bitcoin/rust-secp256k1#532: Do trivial docs improvements
ecdad39ef4 context: Improve rustdocs (Tobin C. Harding)
e945751d85 schnorr: Improve rustdocs (Tobin C. Harding)
47f19a78ef Use lowercase for schnorr (Tobin C. Harding)
27b3e92889 Do trivial cleanup to module level docs (Tobin C. Harding)

Pull request description:

  Audit of docs in `rust-secp256k1` and do a few trivial fixes. The docs are in pretty good condition, they just need more content as described in #128 if that issue is still valid.

ACKs for top commit:
  apoelstra:
    ACK ecdad39ef4

Tree-SHA512: 7466090325e02331f11e34cd38625541fbe8e642882afa6ddf2cf5d11ed669c7b2b48fd5b819915392760f4c6ef4ee460c2e622b3af648f99906c3ac408045d4
2022-11-24 14:34:44 +00:00
Andrew Poelstra e4ed848fcd
Merge rust-bitcoin/rust-secp256k1#531: Remove `serde_keypair` module
513144c923 Remove serde_keypair module (Tobin C. Harding)

Pull request description:

  Done while unsuccessfully trying to solve https://github.com/rust-bitcoin/rust-secp256k1/issues/514#

  The `serde_keypair` module appears to be only used for testing, however it is part of the public API for the `key` module?

  serde de/serialization is already implemented on `KeyPair` by way of the normal `serde` traits, there is no obvious reason for the `serde_keypair` and the `KeyPairWrapper`.

  Remove the `KeyPairWrapper` and test `KeyPair` serde impls directly.

ACKs for top commit:
  apoelstra:
    ACK 513144c923

Tree-SHA512: 23891217f3afc7cb3bb03431946e9866ee6ae611153fca8d93fe393b5a4abbd41d4713c6aa5ab24eb2734d8c8d94a9f6aed47316284b4097aa40f49f055f36b6
2022-11-24 13:51:07 +00:00
Andrew Poelstra 5c15a496ee
Merge rust-bitcoin/rust-secp256k1#524: Document unsafe code
6d747301e8 secp256k1: Document safety constraints (Tobin C. Harding)
85681cece7 secp256k1-sys: Document safety constraints (Tobin C. Harding)

Pull request description:

  Functions that are `unsafe` should include a `# Safety` section.

  - Patch 1: Documents `unsafe` methods in `secp256k1-sys`. Please not this includes a minor refactor.
  - Patch 2: Documents the `unsafe` `Context` trait

  Together these two patches remove `#![allow(clippy::missing_safety_doc)]` from the repo.

  Fix: #447

  ## Note to reviewers

  The only function that was curly to understand the safety of was `secp256k1_context_create`, all the other stuff should be trivial to review.

ACKs for top commit:
  apoelstra:
    ACK 6d747301e8

Tree-SHA512: 247216c3f9e655fe8c2854b71613b31b6241318e877e83a1e4873ce84e481975a832d05cd748577f437f88b166ff287a537d26c012568e7378caed458ec55867
2022-11-24 13:42:41 +00:00
Elichai Turkel 7d3dc354d7
secp256k1-sys: Remove unused flags in build.rs 2022-11-24 13:38:40 +02:00
Elichai Turkel 8b17fc016d
call the alloc error handle if we get NULL from the allocator 2022-11-24 13:14:23 +02:00