Commit Graph

208 Commits

Author SHA1 Message Date
Andrew Poelstra 4dacf55ed5
Merge rust-bitcoin/rust-secp256k1#435: Add functional style methods to various keys
12d4583638 Implement negate that consumes self (Tobin Harding)
5eb2d745b7 Rename tweak_add_assign -> add_tweak (Tobin Harding)
b9d08db8eb Replace _assign with _tweak (Tobin Harding)

Pull request description:

  The various `_assign` methods (`add_assign`, `add_expr_assign`, `mul_assign`, `tweak_add_assign`) are cumbersome to use because a local variable that uses these methods changes meaning but keeps the same identifier. It would be more useful if we had methods that consumed `self` and returned the newly modified type.

  We notice also that this API is for adding/multiplying tweaks not arbitraryly adding keys.

  - Patch 1: Changes add/mul_assign -> add/mul_tweak for `PublicKey` and `SecretKey` (incl. re-working unit tests)
  - Patch 2: Changes `tweak_add_assign` -> `add_tweak` for `KeyPair` and `XOnlyPublicKey`
  - Patch 3: Changes `negate_assign` -> `negate`

  All methods changed include:
  - New method consumes self and returns the tweaked key
  - Original  method remains with a `deprecated` attribute, however I've left a TODO in there for adding the `since` field.

  Close: #415

ACKs for top commit:
  apoelstra:
    ACK 12d4583638

Tree-SHA512: 026e8722892f3a0f18956281e4d2356d2789ef535a7ab71a375758201b180663d068397cde2dca5f60858ab7158069e53d7096326bfbd5a364269b0be680940c
2022-06-15 15:39:30 +00:00
Andrew Poelstra 73ad30dda1
Merge rust-bitcoin/rust-secp256k1#409: After MSRV bump: Implemented `TryFrom<{u8, i32}>` for `Parity`
df081bede0 Changed impl `Error::cause()` to `Error::source()` (Martin Habovstiak)
cabb8f9e6f Implemented `TryFrom<{u8, i32}>` for `Parity` (Martin Habovstiak)

Pull request description:

ACKs for top commit:
  tcharding:
    ACK df081bede0
  apoelstra:
    ACK df081bede0

Tree-SHA512: 5587a9684a4bfc1f659548a3787ff3602c56b2d6db72e89783529b85b670b681bce7e99683c751a03697c8faa1c2aa2f314c2c9b28e16e4c53fd07b01e949af2
2022-06-15 15:09:25 +00:00
Tobin Harding b9d08db8eb Replace _assign with _tweak
The key methods `add_assign`, `add_expr_assign`, and `mul_assign` are
cumbersome to use because a local variable that uses these methods
changes meaning but keeps the same identifier. It would be more useful
if we had methods that consumed `self` and returned a new key.

Observe also that these to methods are for adding/multiplying a key by a
tweak, rename the methods appropriately.

Add methods `add_tweak`, `add_expr_tweak`, and `mul_tweak` to the
`SecretKey` and `PublicKey` type. Deprecate `add_assign`,
`add_expr_assign`, and `mul_assign`.
2022-06-14 09:46:17 +10:00
Tobin C. Harding 946cd83106 Improve Error display
The current display code for `Error` is a little unusual. We typically
just implement `Display` and if a `str` is needed use `format!`.

Improve the `Error` type by doing

- Remove the `as_str` function and implement `Display` directly.
- Remove the 'secp: ' prefix of all the error messages.
- Use a newly defined macro `write_err` that writes the error if `std`
  feature is not enabled so that no-std builds do not loose error info.

Note: The `write_err` macro is currently being introduced in
`rust-bitcoin` also. Elect to just duplicate it here and not share it
between the crates.
2022-06-14 09:33:48 +10:00
Martin Habovstiak df081bede0 Changed impl `Error::cause()` to `Error::source()`
This implements `source()` method instead of `cause()` allowing
downcasting.
2022-06-10 13:36:15 +02:00
Martin Habovstiak 5a0332463d Add `Scalar` newtype and use it in tweaking APIs
This adds `Scalar` newtype to better represent values accepted by
tweaking functions. This type is always 32-bytes and guarantees being
within curve order.
2022-06-09 15:08:19 +02:00
Elichai Turkel ebe46a4d4e
Update rand to 0.8 and replace CounterRng with mock::StepRng 2022-06-07 23:59:40 +03:00
Elichai Turkel 626835f540
Update secp256k1 to edition 2018 and fix imports 2022-06-07 23:59:25 +03:00
junderw f93ca81348
Add sign_ecdsa_with_noncedata and sign_ecdsa_recoverable_with_noncedata 2022-03-22 21:13:31 +09:00
Tobin Harding de65fb2f1e
Implement de/serialization for SharedSecret
As we do for other keys implement serde de/serialization for the
`SharedSecret`. Includes implementation of `from_slice` method that is
the borrowed version of `from_bytes` as well as a `FromStr`
implementation that parses a hex string.
2022-03-12 07:46:21 +11:00
Andrew Poelstra f3d48a298e update "should terminate abnormally" test to trigger a different ARG_CHECK
We can no longer produce non-verification context objects, so instead produce
an invalid public key.
2022-03-08 19:45:43 +00:00
Martin Habovstiak 5acf6d23d3 `Parity` conversion and error handling cleanup
This removes the deprecated `From` conversion and adds a new error
type for the invalid parity error with a conversion to the catch-all
`Error`.
2022-02-28 20:59:51 +01:00
Andrew Poelstra df7520e951
Merge rust-bitcoin/rust-secp256k1#340: Improve documentation
c73eb2f391 Use 'extra' instead of 'cheap' (Tobin Harding)
c79eb976ca Remove unnecessary explanation (Tobin Harding)
f95e91a6da Use isn't instead of shouldn't (Tobin Harding)
c9e6ca1680 Use rust-bitcoin module doc style (Tobin Harding)
3fa6762437 Add link to referenced commit (Tobin Harding)
f5e68f3ba7 Add ticks around code snippet (Tobin Harding)
d25431c1da Use 3rd person tense for function docs (Tobin Harding)
c3be285c1d Fix size constant docs (Tobin Harding)
5e07e7596b Add period to sentences (Tobin Harding)
269bde042f Remove unnecessary capitalisation (Tobin Harding)

Pull request description:

  In a continued effort to find my feet around here, and inspired by issue #128 I've done a codebase wide audit of the docs (primarily just rustdocs but I glanced at `//` docs as well). Each change is in a separate commit so can be removed if resistance is met. (_"resistance is futile"_).

  I've based the stylistic decisions on [work done](https://github.com/rust-bitcoin/rust-bitcoin/pull/704) in rust-bitcoin.

  I believe the only controversial change is the last (commit: da161c9 Use rust-bitcoin module doc style), please review that one carefully.

ACKs for top commit:
  apoelstra:
    ACK c73eb2f391

Tree-SHA512: 5ea215de3fd23ca2a4f25d8f8d59a85a299044fe495269c43b621291ea50c58856fa8544e36cc109b7bdb1a7a59bcab8711f30113572ddce4509d3b06ff0d3b6
2022-02-10 15:42:30 +00:00
Tobin Harding c73eb2f391
Use 'extra' instead of 'cheap'
The word 'extra' better describes the sidechannel resistance gained by
re-randomising the context.
2022-02-10 09:57:15 +00:00
Andrew Poelstra f97e41ae21
Merge rust-bitcoin/rust-secp256k1#398: Implement LowerHex and Display for Message
a209836a99 Implement LowerHex and Display for Message (Tobin Harding)

Pull request description:

  Implement `fmt::LowerHex` for `Message`. Implement `Display` by calling `LowerHex`.

  Resolves: #251

ACKs for top commit:
  apoelstra:
    ACK a209836a99

Tree-SHA512: 64eeafc57ea2814108228d8427cd650076eb3cbb85ae14a7c5a6f39f5e20ca9b83b4ccc27c201668fd57a34fde0a37be4098aa5c602208a81a2018293b40b64d
2022-02-09 18:33:34 +00:00
Andrew Poelstra b8615e2132
Merge rust-bitcoin/rust-secp256k1#397: Fix example dependency list
3c9dd2fb32 Fix example dependency list (Tobin Harding)

Pull request description:

  Example relies on `rand-std` not plain `rand` dependency.

  I do not understand why the following command passes without this patch
  applied

  ```
  cargo test --no-default-features --features=std,rand,bitcoin_hashes
  ```

  But if we put the same code in a standalone binary it fails as expected?

  Since the running of this test is _unusual_ and it is primarily meant as
  an entry point example to the library, remove the mention of "alloc"
  feature and just depend upon "std".

  Fixes: #395

ACKs for top commit:
  apoelstra:
    ACK 3c9dd2fb32

Tree-SHA512: 8e7ec7ac846e2916c29b74c7485650e5242ae1141c12c69b50d74efdfee71c11a52cd454231d2a7cdd6f8f683d3ba4369f9bf898a6b9351dc92c2a4e2bd626cd
2022-02-09 18:26:58 +00:00
Tobin Harding a209836a99
Implement LowerHex and Display for Message
Implement `fmt::LowerHex` for `Message`. Implement `Display` by calling
`LowerHex`.

Resolves: #251
2022-02-09 09:22:07 +00:00
Tobin Harding e2d47a29e2
Remove unnecessary import statement
The global context is already in scope in tests since we use a glob
import. No clue why Clippy does not warn for this.

Remove unnecessary import statement in test function.
2022-02-09 08:53:31 +00:00
Tobin Harding d79989bc95
Remove erroneous duplicate feature
When we removed the "global-context-less-secure" a duplicate feature
snuck in, remove it.
2022-02-09 08:53:31 +00:00
Tobin Harding c9e6ca1680
Use rust-bitcoin module doc style
Recently we introduced uniform styling for module docs over in
`rust-bitcoin` repo. We can do the same here but its a bit controversial
because it removes the heading from module docs and every single public
module in rust-secp256k1 uses a heading. Instead we use a full
sentences. Also makes uniform the trailing `//!`.
2022-02-09 07:31:55 +00:00
Tobin Harding 3fa6762437
Add link to referenced commit
To save devs looking up the commit themselves add a link to it in the
rustdoc.
2022-02-09 07:31:55 +00:00
Tobin Harding f5e68f3ba7
Add ticks around code snippet
For added clarity add ticks around words that are code.
2022-02-09 07:31:54 +00:00
Tobin Harding 5e07e7596b
Add period to sentences
Add the terminating period to all docs sentences. (Also one instance of
capitialize initial character in sentence.)
2022-02-09 07:31:53 +00:00
Tobin Harding 3c9dd2fb32
Fix example dependency list
Example relies on `rand-std` not plain `rand` dependency.

I do not understand why the following command passes without this patch
applied

```
cargo test --no-default-features --features=std,rand,bitcoin_hashes
```

But if we put the same code in a standalone binary it fails as expected?

Since the running of this test is _unusual_ and it is primarily meant as
an entry point example to the library, remove the mention of "alloc"
feature and just depend upon "std".
2022-02-09 06:35:54 +00:00
Tobin Harding cf1496b64e Add documentation about rand-std feature
We recently implemented opportunistic randomization of the context
object if the the `rand-std` feature is enabled. Both for the global
context and also for signing context constructors.

Add documentation about `rand-std` feature in relation to the context
object.
2022-02-04 08:36:15 +11:00
Tobin Harding a0465ea279 Remove feature global-context-less-secure
Instead of providing a mechanism for users to opt out of randomization
we can just feature gate the call site i.e., opportunistically randomize
the global context on creation if `rand-std` feature is enabled.
2022-02-04 08:34:39 +11:00
Andrew Poelstra 7a3736a0f9
Merge rust-bitcoin/rust-secp256k1#389: On key-generation example (documentation), "rand" should be "rand-std" instead
2732891359 Change rand to rand-std in lib.rs documentation (Vincent Liao)

Pull request description:

  I copy-pasted the key-generation example written on the documentation, but it didn't work. It only worked when I used the feature `rand-std` instead of `rand`.

  To reproduce, boot up a new Rust project, and add this to main.rs:

  ```
  use secp256k1::rand::rngs::OsRng;
  use secp256k1::{Secp256k1, Message};
  use secp256k1::hashes::sha256;

  let secp = Secp256k1::new();
  let mut rng = OsRng::new().expect("OsRng");
  let (secret_key, public_key) = secp.generate_keypair(&mut rng);
  let message = Message::from_hashed_data::<sha256::Hash>("Hello World!".as_bytes());

  let sig = secp.sign_ecdsa(&message, &secret_key);
  assert!(secp.verify_ecdsa(&message, &sig, &public_key).is_ok());
  ```

  Using this dependencies causes error: `secp256k1 = {version="0.21.2", features=["rand", "bitcoin_hashes"]}`. After replacing `rand` with `rand-std`, it works.

ACKs for top commit:
  apoelstra:
    ACK 2732891
  tcharding:
    tACK 2732891359

Tree-SHA512: 6b5436bc71bab7535e432e119679bc6bcb11d2575b609e039cc25c122ae92b528f95a673e9c643a6cfa2ee3a663f7efdd61731b6084261c52a220448b6f72d12
2022-02-03 15:10:37 +00:00
Tobin Harding c01cd8f1f3 Enable running tests without default features
Currently various features fail to build when enabled without default
features. This is because many tests need feature gating.

Feature gating the import statements quickly turns into spaghetti when
trying to cover all combinations of two features correctly, instead just
allow unused imports on `tests` modules where needed.

Add correct feature requirements to the examples so they also can be run
without default features.

Improve the CI script by doing:

- Add `std` to the feature matrix.
- Add `--no-default-features` to test runs in the CI script.
2022-02-01 15:20:44 +11:00
Vincent Liao 2732891359 Change rand to rand-std in lib.rs documentation 2022-01-27 23:45:56 +07:00
Andrew Poelstra f7d637e6aa
Merge rust-bitcoin/rust-secp256k1#376: Add examples to `key` module
aa828f01a5 Improve documentation in the key module (Tobin Harding)
9e46d6f122 Add examples to types and methods in key module (Tobin Harding)
a7f3d9bcfd Improve key module docs (Tobin Harding)
6d23614467 Improve lib.rs rustdocs (Tobin Harding)
4c4268f1ad Improve docs on method generate_keypair (Tobin Harding)

Pull request description:

  This PR is an initial attempt to more thoroughly test our public API.

  Add examples to various types/methods/functions in the key module.

  I'm not entirely sure when is enough, do we want an example on every single public method, function, and type or is this overkill. In this PR I tried to find a balance by doing ever method/function that took an argument that is a custom type from this lib. I think this should be extended to include return values too though ...

  Thanks to @thomaseizinger for the idea!

  First 2 patches are docs improvements to `lib.rs`.

ACKs for top commit:
  apoelstra:
    ACK aa828f01a5

Tree-SHA512: 9383ad263469f98ce7e988d47edc1482a09a0ce82f43d3991bd80aabdf621430f4a3c86be4debf33232dcb1d60d3e81f2c6d930ea7de7aa0e34b037accd7bc98
2022-01-25 12:34:45 +00:00
Andrew Poelstra 6b515755ab
Merge rust-bitcoin/rust-secp256k1#369: Trivial doc: Warn that serde differs from consensus encoding
52560a9205 Warn that serde differs from consensus encoding (Martin Habovstiak)

Pull request description:

  Addresses https://github.com/rust-bitcoin/rust-bitcoin/pull/756#discussion_r780844146

ACKs for top commit:
  apoelstra:
    ACK 52560a9205

Tree-SHA512: ee56c13dcb0493318f5b59306d6375adb202a5812c4673f0b9abe71fb809b927a74c3fd61aa20fe28fd2176c67f495214bf4da546380dfe9c83b933b02835fff
2022-01-24 15:58:21 +00:00
Tobin Harding 6d23614467 Improve lib.rs rustdocs
Improve the main docs by doing:

- Remove unneeded `self` from use statement
- Add code ticks to `bitcoin_hashes`
2022-01-24 14:43:44 +11:00
Tobin Harding 4c4268f1ad Improve docs on method generate_keypair
Improve method docs by doing:

- Remove 'batch' comment
- Remove mention of required features, docs already show this
- Use links to types as well as ticks
2022-01-24 14:43:44 +11:00
Tobin Harding 6fad20ef0c Fix the mess around Parity
Recently we made a wee mess with the `Parity` opaque type. Let's fix it
up by doing:

- Use an enum with variants `Even` and `Odd`.
- Add explicit conversion methods to/from u8 and i32
- Implement `BitXor`

Note: This patch is an API breaking change that does _not_ follow the
deprecation guidelines. Rust does not allow deprecating `From` impl
blocks AFAICT.
2022-01-23 10:33:51 +11:00
Martin Habovstiak 52560a9205 Warn that serde differs from consensus encoding
Addresses https://github.com/rust-bitcoin/rust-bitcoin/pull/756#discussion_r780844146
2022-01-10 00:20:06 +01:00
Andrew Poelstra d068fd7d41
Merge rust-bitcoin/rust-secp256k1#365: Fixed docs(rs)
314e8755df Clarify `global-context` feature (Martin Habovstiak)
d52ab85dd5 Added missing features to docs.rs config (Martin Habovstiak)

Pull request description:

  Sadly, I missed two details in #353: features missing in docs.rs configuration and `global-context` being a bit confusing.
  This PR fixes those, see commit messages for details.

ACKs for top commit:
  apoelstra:
    ACK 314e8755df

Tree-SHA512: 01bed8ae2f30adcbdd436b514f08a084492d7f4e1a739ca62e6d8b8547e379c01faeda3522733c27ab615acbb4c6cff60e13906cc88a0d2b90e439e7da517466
2022-01-07 17:31:42 +00:00
Martin Habovstiak 314e8755df Clarify `global-context` feature
Previously only `global-context-less-secure` was shown in the doc even
though `global-context` may also work. This was strictly correct because
`global-context` implies `global-context-less-secure` which is also
documented but people could miss it or forget about it and then worry
about security or worse, enable less secure feature.

Calling out both fetures seems useful, even important and thankfully
doesn't seem to cause too much noise in the docs.
2022-01-07 01:17:52 +01:00
Tobin Harding 26921a31b8 Add lints to catch missing traits
Rustc can warn us when we forget to add `Copy` and `Deubg` trait
implementations to types.

Add lint directives to enable warnings for missing `Copy` and `Debug`
implementations. Use the newly emitted warnings to find types that do
not implement our 'standard' traits. These 'standard' traits are defined
as the set of attributes that it has been found beneficial to
opportunistically add to all types, these are

- Copy
- Clone
- Debug
- PartialEq and Eq
- PartialOrd and Ord
- Hash
2022-01-07 10:28:10 +11:00
sanket1729 7059192de9 Wildcard export from key module 2022-01-06 23:08:01 +05:30
Andrew Poelstra 74e8fc7699
Merge rust-bitcoin/rust-secp256k1#360: Re-export Parity struct
e595b39510 Re-export Parity struct (sanket1729)

Pull request description:

  pub struct Parity is under a private module key and not re-exported in lib.rs . It is therefore not
  possible to use it downstream.

ACKs for top commit:
  elichai:
    ACK e595b39510
  apoelstra:
    ACK e595b39510

Tree-SHA512: 2573689f9a08505c8dfe8f79cd921d5a2742a2a2f4f92cf4066fe6557c765c756531d13560fa4fe6461f094b0c11a52aca30b44542eb77eda7dd1ebd24d3b155
2022-01-06 15:46:18 +00:00
sanket1729 e595b39510 Re-export Parity struct
pub struct Parity is under a private module key. It is therefore not
possible to use it downstream.
2022-01-06 09:08:59 +05:30
Martin Habovstiak 18f74d5242 Clarify what does "less security" mean 2022-01-04 23:20:45 +01:00
Martin Habovštiak 94c55b4d09
Fixed typos/grammar mistakes
Co-authored-by: Tobin C. Harding <me@tobin.cc>
2022-01-04 23:16:28 +01:00
Martin Habovstiak 1bf05523f0 Documented features
This documents the Cargo features making sure docs.rs shows warning for
feature-gated items. They are also explicitly spelled out in the crate
documentation.
2022-01-04 16:55:01 +01:00
sanket1729 eab549c46c Re-export types to reduce breaking changes downstream 2022-01-03 08:55:54 +05:30
Thomas Eizinger ce4427747d
Move ECDSA functionality into ECDSA module 2021-11-11 13:43:50 +11:00
Thomas Eizinger 760559c70e
Rename `schnorrsig` module to `schnorr`
Schnorr is commenly known as a signature algorithm, we don't need
to restate that in the name of the module.
2021-11-11 13:43:50 +11:00
Thomas Eizinger d4fb819d80
Move `XOnlyPublicKey` to `key` module 2021-11-11 13:43:49 +11:00
Thomas Eizinger 2e0e731664
Move `KeyPair` to `key` module
The `KeyPair` type is semantically unrelated to the schnorr signature
algorithm.
2021-11-11 13:43:48 +11:00
Thomas Eizinger c47ead9967
Move `Signature` and `SerializedSignature` to new `ecdsa` module
With the introduction of Schnorr signatures, exporting a `Signature`
type without any further qualification is ambiguous. To minimize the
ambiguity, the `ecdsa` module is public which should encourage users
to refer to its types as `ecdsa::Signature` and `ecdsa::SerializedSignature`.

To reduce ambiguity in the APIs on `Secp256k1`, we deprecate several
fucntions and introduce new variants that explicitly mention the use of
the ECDSA signature algorithm.

Due to the move of `Signature` and `SerializedSignature` to a new module,
this patch is a breaking change. The impact is minimal though and fixing the
compile errors encourages a qualified naming of the type.
2021-11-11 13:43:48 +11:00