Commit Graph

16 Commits

Author SHA1 Message Date
Andrew Poelstra 77f6b6bf21 [API BREAK] Update for new libsecp256k1 API 2015-07-28 11:05:13 -05:00
Andrew Poelstra 5602d6f988 Expose `secp256k1_context_randomize`
This is a new libsecp256k1 function which does additive blinding
for nonce generation during signing.
2015-05-03 18:22:30 -05:00
Andrew Poelstra 63011aaa3f Add a bunch of benchmarks 2015-04-30 14:28:34 -05:00
Andrew Poelstra fba427cb15 Add extreme value sign/verify test 2015-04-28 13:46:17 -05:00
Andrew Poelstra 1ba1f5b2ce Add sanity-check unit test for RecoveryId
This is kinda silly but gets me 100% coverage from kcov
2015-04-13 22:21:56 -05:00
Andrew Poelstra f8bbc89df6 [API BREAK] expose ability to create contexts without verify or signing caps
There are a lot of cases in rust-bitcoin where we need a `Secp256k1`
which doesn't need any signing or verification capabilities, only
checking the validity of various objects. We can get away with a bare
context (i.e. no precomputation) which can be cheaply created on demand,
avoiding the need to pass around references to Secp256k1 objects everywhere.

API break because the following functions can now fail (given an insufficiently
capable context) and therefore now return a Result:

    Secp256k1::generate_keypair
    Secp256k1::sign
    Secp256k1::sign_compact
2015-04-13 22:15:52 -05:00
Andrew Poelstra fb75373b47 [API BREAK] Remove Rng from Secp256k1 and associated code
The Rng was only used for key generation, and for BIP32 users not even then;
thus hauling around a Rng is a waste of space in addition to causing a
massive amount of syntactic noise. For example rust-bitcoin almost always
uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>`
then means even more syntactic noise, rather than less.

Now key generation functions take a Rng as a parameter, and the rest can
forget about having a Rng. This also means that the Secp256k1 context
never needs a mutable reference and can be easily put into an Arc if so
desired.
2015-04-12 15:54:22 -05:00
Andrew Poelstra 83823379e4 [minor API BREAK] Add unit tests to cover all error cases
This comes with a couple bugfixes and the following API changes:

  - Secp256k1::sign and ::sign_compact no longer return Result;
    it is impossible to trigger their failure modes with safe
    code since the `Message` and `SecretKey` types validate when
    they are created.

  - constants::MAX_COMPACT_SIGNATURE_SIZE loses the MAX_; signatures
    are always constant size

  - the Debug output for everything is now hex-encoded rather than
    being a list of base-10 ints. It's just easier to read this way.

kcov v26 now reports 100% test coverage; however, this does not
guarantee that test coverage is actually complete. Patches are
always welcome for improved unit tests.
2015-04-12 10:51:15 -05:00
Andrew Poelstra 9a01401746 Add missing implementations; update FFI for libsecp256k1's new cloning fn 2015-04-12 09:36:49 -05:00
Andrew Poelstra edab2568d2 Change `Secp256k1::with_rng` to not return a Result
This function can't fail, so no need to return a Result.
2015-04-11 19:13:39 -05:00
Andrew Poelstra 6b39f97f51 Add `Secp256k1::new_deterministic` constructor for applications which don't need randomness 2015-04-11 13:28:15 -05:00
Andrew Poelstra 96e1844c25 Change inline assertions to debug_asserts
All of these were things that are (should be) guaranteed true no matter
what input is given to the API, barring unsafe operations on the data.
2015-04-11 13:07:43 -05:00
Andrew Poelstra 9e717d4219 Add `Secp256k1::with_rng`, parameterize `Secp256k1` over its RNG.
Now that you can't create secret keys by directly passing a Rng to
`SecretKey::new`, we need a way to allow user-chosed randomness.
We add it to the `Secp256k1`.
2015-04-11 12:53:30 -05:00
Andrew Poelstra e52faee98f [API BREAK] update for libsecp256k1 "explicit context" API break
Rather than have global initialization functions, which required
expensive synchronization on the part of the Rust library,
libsecp256k1 now carries its context in thread-local data which
must be passed to every function.

What this means for the rust-secp256k1 API is:
  - Most functions on `PublicKey` and `SecretKey` now require a
    `Secp256k1` to be given to them.

  - `Secp256k1::verify` and `::verify_raw` now take a `&self`

  - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a
    future commit will allow specifying the Rng in the `Secp256k1`
    so that functionality is not lost.

  - The FFI functions have all changed to take a context argument

  - `secp256k1::init()` is gone, as is the dependency on std::sync

  - There is a `ffi::Context` type which must be handled carefully
    by anyone using it directly (hopefully nobody :))
2015-04-11 12:52:54 -05:00
Andrew Poelstra ac61baf040 Add support for serde (de)serialization; add unit tests 2015-04-10 00:32:12 -05:00
Andrew Poelstra 1b2858bc8a Rename secp256k1.rs to lib.rs 2015-04-09 10:35:38 -05:00
Renamed from src/secp256k1.rs (Browse further)