Commit Graph

215 Commits

Author SHA1 Message Date
Andrew Poelstra d94345f721 Generate keys from Fortuna rather than always using the OsRng
When creating a Secp256k1, we attach a Fortuna CSRNG seeded from the
OS RNG, rather than using the OS RNG all the time. This moves the
potential RNG failure to the creation of the object, rather than at
every single place that keys are generated. It also reduces trust
in the operating system RNG.

This does mean that Secp256k1::new() now returns an IoResult while
the generate_* methods no longer return Results, so this is a breaking
change.

Also add a benchmark for key generation. On my system I get:

test tests::generate_compressed   ... bench:    492990 ns/iter (+/- 27981)
test tests::generate_uncompressed ... bench:    495148 ns/iter (+/- 29829)

Contrast the numbers with OsRng:

test tests::generate_compressed   ... bench:     66691 ns/iter (+/- 3640)
test tests::generate_uncompressed ... bench:     67148 ns/iter (+/- 3806)

Not too shabby :)

[breaking-change]
2014-08-31 22:26:02 -05:00
Andrew Poelstra 059c72aa60 Do validation in pubkey::from_slice 2014-08-31 16:04:14 -05:00
Andrew Poelstra 15b8183ea8 Remove error return from `PublicKey::from_secret_key()`
Make sure that you cannot create an invalid `SecretKey` in the first place.
Unbreaks the API.

[unbreaking-change]
2014-08-28 11:11:25 -07:00
Andrew Poelstra a67260eb3a Remove unsafe markers and just call `init` everywhere
It turns out I need to run `init` before pretty-much every FFI function,
which means that most everything would have to be marked unsafe if I'm
expecting the Rust user to do this. This is unacceptable -- users who
need to sacrifice safety for speed can just use the `ffi::` functions
instead.

Also, I noticed that I was locking up in `PublicKey::from_secret_key`.
Fix to return an error value -- unfortunately a breaking change since
it changes the function signature.

[breaking-change]
2014-08-28 10:59:44 -07:00
Andrew Poelstra a5951eff47 Expose tweak functions in FFI, wrap a couple 2014-08-28 09:16:53 -07:00
Andrew Poelstra a0f11d0f92 Travis speaks rust now :D 2014-08-27 10:58:24 -07:00
Andrew Poelstra 83f2ccf5d7 Add verification to SecretKey::from_slice() 2014-08-24 16:13:08 -07:00
Andrew Poelstra 79815e225b Add .travis.yml, update tests and Cargo.toml for upstream changes 2014-08-17 18:58:20 -07:00
Dawid Ciężarkiewicz 1ce6e3fd3b Simpler `random_32_bytes`. 2014-08-16 02:21:35 -07:00
Andrew Poelstra db37829904 Add CC0 license and header to all files 2014-08-11 19:26:45 -07:00
Andrew Poelstra 4be48ecb1b Move Rng failure from `Secp256k1::new` to functions that actually use randomness
Verifying signatures does not require any randomness, but requires the user
to create a `Secp256k1` object nonetheless (this is just a way to guarantee
that `init` is called --- an alternate API would be to have an independent
unsafe `verify` function). If a Rng can't be created, rather than failing
the `Secp256k1` initialization, fail the functions that actually try to use
the Rng.

This way signing and verifying, which require no randomness beyond that input
to them, will work correctly.

To avoid checking for a working Rng on each call to `generate_keypair` and
`generate_nonce` (which is probably trivial next to the cost of actually
generating the randomness, but w/e, user knows best), the user should use
the generation functions in the `key` module, which take an Rng as input.
2014-08-11 19:24:19 -07:00
Andrew Poelstra d6bf4039bd Pull out initialization code so that `PublicKey::from_secret_key` can be used safely 2014-08-11 19:24:19 -07:00
Andrew Poelstra 80df78c9a9 Add slice methods to `Nonce` 2014-08-11 19:24:19 -07:00
Andrew Poelstra 0adc7e1ce2 Add keypair slice methods and unit tests 2014-08-11 19:24:19 -07:00
Andrew Poelstra 5b15918a9a Move FFI and constants into their own modules; replace outptrs with returns 2014-08-11 19:24:19 -07:00