Commit Graph

385 Commits

Author SHA1 Message Date
Andrew Poelstra 0bf88fe444
Merge pull request #109 from jonasnick/human-sigs
Add human readable serialization to Signatures
2019-05-21 17:50:41 +00:00
Jonas Nick ebf50df1d1 Add human readable serialization to Signatures 2019-05-21 10:34:18 +00:00
Jonas Nick 28934ab5a7 Only display existing signature bytes 2019-05-21 10:22:05 +00:00
Jonas Nick 16da1a854c Move recovery ffi into recovery module and feature gate C-secp recovery module 2019-05-21 07:52:08 +00:00
Jonas Nick c7eecd159e Feature gate recovery module 2019-05-21 07:02:11 +00:00
Jonas Nick 264b368ee0 Move recovery to its own module 2019-05-20 19:11:59 +00:00
Jonas Nick 3825ed35a7 Add human readable serialization and deserialization to Secret Key 2019-05-14 11:15:18 +00:00
Tim Ruffing ab4320f8cc
Merge pull request #100 from elichai/master
Add no-std support
2019-05-10 23:32:52 +02:00
Elichai Turkel dfcf74f9d0
Added a new struct for the DER serialized signature 2019-05-11 00:11:42 +03:00
Andrew Poelstra 90faf434c9
Merge pull request #104 from alekseysidorov/fix_rand
Fix `Rand` trait bounds.
2019-05-01 01:47:43 +00:00
Elichai Turkel 312b9a55fc
Added Error::description copied c_void impl from core::ffi::c_void 2019-04-30 22:07:27 +03:00
Jonas Nick 91c43e7320 Add as_mut_ptr to PublicKey 2019-04-16 18:48:24 +00:00
Aleksei Sidorov 2536c5a3c4 Fix rand trait bounds. 2019-04-16 16:35:33 +03:00
Elichai Turkel e98975a1c0
Added backwards support without the crate keyword 2019-04-14 12:09:43 +03:00
Elichai Turkel ab8066eb1a
Replaced the std::os::raw c types with types.rs 2019-04-14 12:09:42 +03:00
Elichai Turkel 11ce86681f
Replaced std with core, and made std::error::Error optional through feature 2019-04-14 12:09:36 +03:00
Jonas Nick 6eaacb19c5 Add raw context getter to Secp256k1 struct 2019-03-01 19:39:55 +00:00
François Garillot a8a3afe8db
Fix clippy errors
Changes include cargo-fix generated, Default impls
2019-02-25 20:12:25 -08:00
François Garillot bafef68c56
Bumps rand to 0.6.3 & associated updates 2019-02-25 20:09:43 -08:00
Matt Corallo f90e9f3454 Stop checking context flags for secp256k1_ecdh as its not required 2019-01-16 16:02:24 -05:00
Matt Corallo a74cbb6781 Sync fuzztarget combine with tweak_add since real functions do that
Some new fuzz tests I was writing ended up failing because two
nodes came up with different keys because adding public keys and
adding a tweak to a private key and multiplying by the generator
should get the same thing.
2019-01-08 16:12:40 -05:00
Pierre Krieger 9c45944a5f
Remove dependency on libc 2018-12-27 14:39:54 +01:00
Tim Ruffing b470f70e90
Merge pull request #57 from rust-bitcoin/2018-08-no-index
remove `ops::Index` impls for `Signature`
2018-12-03 14:27:08 +01:00
Andrew Poelstra e5a02bd9a0 add `ThirtyTwoByteHash` hash trait which can be implemented for easier conversion of things to `Message`s 2018-11-10 13:12:10 +00:00
Andrew Poelstra 1f4a4c11a3 change add_*_assign and mul_*_assign to use a byteslice as a tweak, rather than a `SecretKey`
This makes more conceptual sense and does not add any new error paths, since even
valid `SecretKey`s were able to be invalid tweaks.
2018-11-10 13:08:18 +00:00
Andrew Poelstra f93b959b4a disallow Messages that are not valid secret keys to prevent mistakes related to 0 2018-11-10 13:05:11 +00:00
Andrew Poelstra 8d2347602a remove `ops::Index` impls for `Signature` 2018-11-10 12:56:19 +00:00
Andrew Poelstra 7fbaf2f91b remove unsafe ZERO_KEY and deprecated ONE 2018-11-10 12:56:19 +00:00
Andrew Poelstra 4b88cfc2fc
Merge pull request #78 from rust-bitcoin/2018-11-remove-without-caps
Update upstream libsecp; remove `without_caps` and all use of dummy contexts
2018-11-10 12:51:14 +00:00
Andrew Poelstra 8986aa3d71 export `serde`, `rand` and `libc`; update version to 0.11.5 2018-11-07 20:18:55 +00:00
Andrew Poelstra 223eb41fd0 remove context object from ECDH 2018-11-06 22:16:24 +00:00
Andrew Poelstra 93abca5896 remove `without_caps` and every function that used a cap-less context 2018-11-06 22:16:24 +00:00
Andrew Poelstra 4653100b7a update upstream libsecp256k1 to 314a61d72474aa29ff4afba8472553ad91d88e9d 2018-11-06 22:16:13 +00:00
Andrew Poelstra 68c838f357 change `Debug` impl for `Signature` to use `Display` 2018-11-03 15:52:07 +00:00
Andrew Poelstra 30aa3a0c28 add `fmt::Display` and `str::FromStr` impls for `Signature` 2018-11-03 15:52:05 +00:00
Andrew Poelstra 572adb2873 add `FromStr` implementation for key types 2018-11-03 15:52:03 +00:00
Andrew Poelstra a810880c54 restore missing `mem` import in key.rs 2018-08-22 20:43:20 +00:00
Andrew Poelstra 0d41c23c21 Revert "remove PublicKey::combine"
This reverts commit 17450e91fd.
2018-08-22 20:18:25 +00:00
Andrew Poelstra c773dfbc8d remove unused import that was causing warning 2018-08-22 16:40:05 +00:00
Andrew Poelstra 2c18a16858
Merge pull request #50 from rust-bitcoin/2018-08-no-combine
remove PublicKey::combine
2018-08-21 18:36:27 +00:00
Andrew Poelstra 3563c5f305
Merge pull request #46 from rust-bitcoin/2018-08-context-debug
add Debug impl to context object
2018-08-20 18:34:13 +00:00
Andrew Poelstra 1f73a784cb
Merge pull request #52 from rust-bitcoin/2018-08-display-keys
add Display impl for the key types which outputs their hex representation
2018-08-20 18:32:53 +00:00
Andrew Poelstra 7a5617d01d
Merge pull request #44 from rust-bitcoin/2018-07-docs
improve documentation
2018-08-20 18:12:42 +00:00
Andrew Poelstra 93d8249028 improve documentation 2018-08-20 17:56:46 +00:00
Andrew Poelstra 7d2474b10a add Display impl for the key types which outputs their hex representation
Since making PublicKey::serialize return a fixed-size array, this no longer
requires any allocation, so there's no reason not to have it.
2018-08-15 20:40:15 +00:00
Andrew Poelstra 17450e91fd remove PublicKey::combine 2018-08-15 16:29:23 +00:00
Dimitris Apostolou 5c6dcf6b5e
Fix typo 2018-08-15 11:03:22 +03:00
Andrew Poelstra 83c7b6d9b7 add Debug impl to context object 2018-08-12 15:23:05 +00:00
Andrew Poelstra 2478930ec1 add feature-gated serde 1.0 support for Signature, SecretKey, PublicKey 2018-07-25 14:44:51 +00:00
Andrew Poelstra 54ddbc74a4
Merge pull request #37 from rust-bitcoin/2018-07-public-key
remove `PublicKey::new()` and `PublicKey::is_valid()`
2018-07-25 13:19:10 +00:00
Andrew Poelstra c3ec027925 remove `PublicKey::new()` and `PublicKey::is_valid()` 2018-07-24 21:24:19 +00:00
Andrew Poelstra bc773fbdce add comments for Sync/Send impl 2018-07-24 21:18:03 +00:00
Andrew Poelstra 2aeff4c62f fix typos 2018-07-24 21:16:52 +00:00
Roman Zeyde 5442e710a8 Remove Schnorr support
It was removed from bitcoin-core/libsecp256k1 at e06e878fd7dcc99825025fa99aedb86bc7d5c29f
2018-07-09 15:10:38 +03:00
Andrew Poelstra b433e7bb1e
Merge pull request #27 from thomaseizinger/feature/ergonomic-apis
Improve API ergonomics
2018-06-08 18:02:24 +00:00
Thomas Eizinger 20222d50c9 Add docs to new public API 2018-06-08 08:48:28 +08:00
Thomas Eizinger f13cdfa8a4 Replace Result return type with actual value
This introduces the actual breaking API change.
2018-06-08 08:48:02 +08:00
Thomas Eizinger be7134c7f4 Cleanup obsolete code
Remove ContextFlag enum
Remove InvalidContext error-enum variant
Remove unused imports
2018-06-08 08:41:30 +08:00
Thomas Eizinger bb77741e47 Fix unit tests and benchmarks
The new API allows us to remove a bunch of tests which are now checked
by the compiler.
2018-06-08 08:38:06 +08:00
Thomas Eizinger f1a88259fb Introduce generic-based capability handling
Add type parameter to Secp256k1
Add PhantomData for C
Separate into structs and traits
Move constructors to own impl blocks
2018-06-06 12:58:29 +08:00
Andrew Poelstra 94807d9d29
Merge pull request #24 from TheBlueMatt/master
impl fuzztarget secp256k1_ecdsa_signature_serialize_der
2018-06-04 18:46:58 +00:00
Aleksey Sidorov 113fe420b9 Add tests to detect regressions. 2018-05-31 13:05:43 +03:00
Aleksey Sidorov b192157ab4 Implement Ord for arrays 2018-05-22 12:33:11 +03:00
Matt Corallo 207ccdf803 impl fuzztarget secp256k1_ecdsa_signature_serialize_der 2018-04-25 13:11:15 -04:00
Matt Corallo 730da80f0b Ensure fuzztarget pubkey deserialize-serialize roundtrips are same 2018-03-29 15:41:28 -04:00
Matt Corallo eee25f6265 Fix fuzztarget ECDH to be symmetric 2018-03-29 11:21:13 -04:00
Matt Corallo e1878c4522 Remove all serde/rustc-serialize stuff 2018-03-21 18:01:33 -04:00
Matt Corallo 86af2dc0d2 Fix missing include on older rustcs 2018-03-21 18:01:33 -04:00
Matt Corallo 5a7c88b9c7 Add fuzztarget feature that replaces crypto with memcpys 2018-03-20 11:58:59 -04:00
Matt Corallo 7b396112fd Correct ptr type in ffi 2018-03-19 15:49:16 -04:00
Andrew Poelstra 6d4f64f901 fix potential unsafety bug for non-u8 types in macros
We don't have any non-u8 newtypes but better safe than sorry. See
https://github.com/apoelstra/rust-bitcoin/pull/45/
2018-02-14 16:25:45 +00:00
Andrew Poelstra f14e747431 expose key::{Secret, Public}Key in the crate root for ease of use 2018-01-17 15:38:11 +00:00
Andrew Poelstra 2c5f45e165 expose 2-key version of PublicKey::combine 2017-12-21 01:04:07 +00:00
Andrew Poelstra 5c54698bf9 make `serde` optional 2017-12-19 22:40:06 +00:00
Andrew Poelstra 12e9f4b90b make `rustc-serialize` crate optional 2017-12-19 22:36:30 +00:00
Andrew Poelstra 298929600b make `rand` crate optional 2017-12-19 22:36:27 +00:00
Andrew Poelstra dba0d67912 remove arrayvec dependency; rename PublicKey::serialize_vec 2017-12-19 20:36:46 +00:00
Tim Ruffing e71ed3b6d2 Implement serde traits for Signature 2017-07-21 23:58:19 +02:00
Tim Ruffing b1d8b09f25 Add tests for trailing bytes during deserilization 2017-07-21 22:21:37 +02:00
Tim Ruffing 76d160344b Update serde to 1.0 2017-07-21 22:15:00 +02:00
Andrew Poelstra b6887b44a0
add compact signature encoding 2017-07-12 19:55:06 +00:00
Andrew Poelstra f88eb1d6d7 Merge pull request #14 from petertodd/2017-05-08-use-copy_from_slice
Use safe copy_from_slice() rather than unsafe copy_nonoverlapping()
2017-05-08 12:53:19 +00:00
Peter Todd 20c5b903db
Replace unsafe copy_nonoverlapping() with safe copy_from_slice() 2017-05-08 07:31:08 -04:00
Peter Todd eccd625828
Implement From<[u8;32]> for Message 2017-05-08 07:10:51 -04:00
Peter Todd 70fd5a9e27
Improve Error::InvalidMessage comment 2017-05-08 06:12:25 -04:00
Christian Nyumbayire ab0493e46a Use DefaultHasher in place of the deprecated SipHasher 2017-04-27 21:46:28 +02:00
Andrew Poelstra 5b906ec069 expose *_tweak_mul functions 2016-08-20 17:00:39 +00:00
Andrew Poelstra 9e3b93d572 Add ZERO_KEY and ONE_KEY constants
Turns out you cannot initialize constant SecretKeys in any way; these
two constants should cover most sane use cases (other good choices
are the SECG generator and the Alpha CT generator, but these will
wait for a major CT-supporting upgrade, unless demand for them appears.)
2016-08-07 21:33:38 +00:00
Andrew Poelstra 458a3d9417 Update libsecp to latest master, c18b869e58aa4d3bff6958f370f6b643d1223c44 2016-01-14 18:35:54 +00:00
Dawid Ciężarkiewicz 16b36f18e1 key: Add PubKey hashing test. 2016-01-08 20:04:10 -08:00
Dawid Ciężarkiewicz 6686c213dd Implement Hash for PublicKey. 2016-01-05 21:01:40 -08:00
Andrew Poelstra cfde1f9925 Add missing schnorr.rs 2015-12-20 13:47:53 -06:00
Andrew Poelstra 4f83a83308 cleanup: remove unused attributes; add `dev` compile feature that'll run clippy 2015-12-19 20:20:47 -06:00
Andrew Poelstra f613dbbc00 Fix nonce doccoments 2015-12-15 12:48:01 -06:00
Andrew Poelstra 8aa2569818 Expose Schnorr sign/verify 2015-12-15 12:47:07 -06:00
Andrew Poelstra 9a91b69fad Remove side-effect from assertion; add release build to travis 2015-11-18 18:22:16 -06:00
Andrew Poelstra d35168d626 [BREAKING CHANGE] Fix FFI 2015-11-15 17:00:07 -06:00
Andrew Poelstra 2df3c0b37c Minor changes for problems `cargo clippy` found 2015-10-28 07:48:28 -05:00
Andrew Poelstra a65f4cf01f Expose normalize_s function to convert signatures to low-S form 2015-10-26 14:25:18 -05:00
Andrew Poelstra 8e984c5912 Add "lax DER" support; bump major version number for recent build system changes 2015-10-26 12:59:40 -05:00
Andrew Poelstra e7ca836c2b Switch to static linking of secp256k1
Pieter moved some stuff I need into the contrib/ directory which does
not expose anything through the shared lib, so I need to statically
link.

I might also use this to do evil things to expose the SHA256 code
in libsecp, but not for now ;).
2015-10-26 10:28:01 -05:00
Andrew Poelstra f1e1da1213 Update for breaking changes in underlying rustc.
This should be a major version number since I changed public constants
in the ffi module. I'm not doing so as the invariant "will the constants
be meaningful to the underlying library" has not changed.

In general this library's version numbers do not map well to the
underlying library, which is as-yet not versioned at all, so users
need to always be running "the lastest" rust-secp256k1 anyway, and
semantic versioning can't really be used meaninfully. So this is a
bit of a judgement call.
2015-10-25 18:26:08 -05:00
Andrew Poelstra d49db8167e impl Error for error type; remove `Unknown` error variant 2015-10-17 09:49:19 -05:00
Andrew Poelstra 32107132f0 Improve unit tests for bad secp context 2015-10-14 12:21:15 -05:00
Andrew Poelstra c84cfb193f [BREAKING CHANGE] Make PK::from_secret_key() return a Result; change from_ffi functions to From impls
If you try to call PublicKey::from_secret() key with an incapable context it will
now return an error. Before it would pass through to the underlying library which
would terminate the process, something we strive to never expose.

Also change the from_ffi functions on various types to impl's of From to be more
Rustic. We cannot change the from_slice functions because they have error returns.

Also add a Secp256k1::without_caps() function which creates a capability-less
context. I find myself using this in so many places downstream that it seems
appropriate.
2015-10-14 09:38:43 -05:00
Matt Quinn 595f64bca6 Adding to_i32 and from_i32 functions to RecoveryId in order to give
library users the ability to create RecoveryId objects and convert them to i32 equivalents, without allowing users to create invalid ones.
2015-10-11 15:24:44 -07:00
Matt Quinn ebde999634 RecoverableSignature now supports compact serialization via FFI, with additional test case added. 2015-10-11 00:04:28 -07:00
Andrew Poelstra 701c5e5e08 Expose serialization of Signature; move copy_nonoverlapping for rustc stable 2015-10-09 14:20:21 -05:00
Andrew Poelstra ec0e8407f2 Minor documentation fixes 2015-10-09 11:39:42 -05:00
Andrew Poelstra 2748dae7eb Remove `hex_slice` macro as it was never used 2015-09-21 08:30:06 -05:00
Andrew Poelstra b978e76934 Drop some unused imports; bump version no 2015-09-20 15:30:43 -05:00
Andrew Poelstra 5ce825398a Fix benchmarks 2015-09-20 15:24:25 -05:00
Andrew Poelstra b42b1f9408 Bugfix for nightly 2015-09-20 15:13:42 -05:00
Andrew Poelstra 4012281a2d Fix for upstream API changes 2015-09-20 14:52:29 -05:00
Andrew Poelstra cc68cf8b9e Update serde dep to 0.6 from 0.3 2015-09-20 13:29:09 -05:00
Andrew Poelstra 016d781f2e Fix for upstream API changes; add ECDH support
I didn't mean for both of these to go into the same commit, but given how
small the ECDH code was, and the fact that no commit prior to this one will
compile (as both libsecp256k1 and rustc have changed so much), I'm letting
it slide.
2015-09-18 15:40:42 -05:00
Andrew Poelstra 8d6f384dac Update Travis to use travis-cargo 2015-07-28 13:21:12 -05:00
Andrew Poelstra 77f6b6bf21 [API BREAK] Update for new libsecp256k1 API 2015-07-28 11:05:13 -05:00
Andrew Poelstra 5602d6f988 Expose `secp256k1_context_randomize`
This is a new libsecp256k1 function which does additive blinding
for nonce generation during signing.
2015-05-03 18:22:30 -05:00
Andrew Poelstra 63011aaa3f Add a bunch of benchmarks 2015-04-30 14:28:34 -05:00
Andrew Poelstra fba427cb15 Add extreme value sign/verify test 2015-04-28 13:46:17 -05:00
Andrew Poelstra 1ba1f5b2ce Add sanity-check unit test for RecoveryId
This is kinda silly but gets me 100% coverage from kcov
2015-04-13 22:21:56 -05:00
Andrew Poelstra f8bbc89df6 [API BREAK] expose ability to create contexts without verify or signing caps
There are a lot of cases in rust-bitcoin where we need a `Secp256k1`
which doesn't need any signing or verification capabilities, only
checking the validity of various objects. We can get away with a bare
context (i.e. no precomputation) which can be cheaply created on demand,
avoiding the need to pass around references to Secp256k1 objects everywhere.

API break because the following functions can now fail (given an insufficiently
capable context) and therefore now return a Result:

    Secp256k1::generate_keypair
    Secp256k1::sign
    Secp256k1::sign_compact
2015-04-13 22:15:52 -05:00
Andrew Poelstra d7c7230f28 Impl `Send` and `Sync` for secp256k1 contexts 2015-04-13 20:41:24 -05:00
Andrew Poelstra fb75373b47 [API BREAK] Remove Rng from Secp256k1 and associated code
The Rng was only used for key generation, and for BIP32 users not even then;
thus hauling around a Rng is a waste of space in addition to causing a
massive amount of syntactic noise. For example rust-bitcoin almost always
uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>`
then means even more syntactic noise, rather than less.

Now key generation functions take a Rng as a parameter, and the rest can
forget about having a Rng. This also means that the Secp256k1 context
never needs a mutable reference and can be easily put into an Arc if so
desired.
2015-04-12 15:54:22 -05:00
Andrew Poelstra 83823379e4 [minor API BREAK] Add unit tests to cover all error cases
This comes with a couple bugfixes and the following API changes:

  - Secp256k1::sign and ::sign_compact no longer return Result;
    it is impossible to trigger their failure modes with safe
    code since the `Message` and `SecretKey` types validate when
    they are created.

  - constants::MAX_COMPACT_SIGNATURE_SIZE loses the MAX_; signatures
    are always constant size

  - the Debug output for everything is now hex-encoded rather than
    being a list of base-10 ints. It's just easier to read this way.

kcov v26 now reports 100% test coverage; however, this does not
guarantee that test coverage is actually complete. Patches are
always welcome for improved unit tests.
2015-04-12 10:51:15 -05:00
Andrew Poelstra 9a01401746 Add missing implementations; update FFI for libsecp256k1's new cloning fn 2015-04-12 09:36:49 -05:00
Andrew Poelstra edab2568d2 Change `Secp256k1::with_rng` to not return a Result
This function can't fail, so no need to return a Result.
2015-04-11 19:13:39 -05:00
Andrew Poelstra 6b39f97f51 Add `Secp256k1::new_deterministic` constructor for applications which don't need randomness 2015-04-11 13:28:15 -05:00
Andrew Poelstra 96e1844c25 Change inline assertions to debug_asserts
All of these were things that are (should be) guaranteed true no matter
what input is given to the API, barring unsafe operations on the data.
2015-04-11 13:07:43 -05:00
Andrew Poelstra 9e717d4219 Add `Secp256k1::with_rng`, parameterize `Secp256k1` over its RNG.
Now that you can't create secret keys by directly passing a Rng to
`SecretKey::new`, we need a way to allow user-chosed randomness.
We add it to the `Secp256k1`.
2015-04-11 12:53:30 -05:00
Andrew Poelstra e52faee98f [API BREAK] update for libsecp256k1 "explicit context" API break
Rather than have global initialization functions, which required
expensive synchronization on the part of the Rust library,
libsecp256k1 now carries its context in thread-local data which
must be passed to every function.

What this means for the rust-secp256k1 API is:
  - Most functions on `PublicKey` and `SecretKey` now require a
    `Secp256k1` to be given to them.

  - `Secp256k1::verify` and `::verify_raw` now take a `&self`

  - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a
    future commit will allow specifying the Rng in the `Secp256k1`
    so that functionality is not lost.

  - The FFI functions have all changed to take a context argument

  - `secp256k1::init()` is gone, as is the dependency on std::sync

  - There is a `ffi::Context` type which must be handled carefully
    by anyone using it directly (hopefully nobody :))
2015-04-11 12:52:54 -05:00
Andrew Poelstra 609f658bee [API BREAK] Remove `Sequence` iterator over secret keys
Y'know, I can't for the life of me think what this was supposed to
be used for. Given that the library did not compile for several
months until last week, I assume there are no users, let alone
users of such a weird feature.
2015-04-11 12:24:04 -05:00
Andrew Poelstra ac61baf040 Add support for serde (de)serialization; add unit tests 2015-04-10 00:32:12 -05:00
Andrew Poelstra 1b2858bc8a Rename secp256k1.rs to lib.rs 2015-04-09 10:35:38 -05:00
Andrew Poelstra 1591bba3f9 Update bindings to current secp256k1 library
rust-secp256k1 was based off of https://github.com/sipa/secp256k1,
which has been inactive nearly as long as this repository (prior to
a couple days ago anyway). The correct repository is

   https://github.com/bitcoin/secp256k1

This is a major breaking change to the library for one reason: there
are no longer any Nonce types in the safe interface. The signing functions
do not take a nonce; this is generated internally.

This also means that I was able to drop all my RFC6979 code, since
libsecp256k1 has its own implementation.

If you need to generate your own nonces, you need to create an unsafe
function of type `ffi::NonceFn`, then pass it to the appropriate
functions in the `ffi` module. There is no safe interface for doing
this, deliberately: there is basically no need to directly fiddle
with nonces ever.
2015-04-06 00:13:38 -05:00
Andrew Poelstra f6585616b1 Add `Display` impl to `Error`; cleanup `Result` mess 2015-04-05 20:27:43 -05:00
Andrew Poelstra 5b3858e0ce Simplify Index implementations 2015-04-05 12:16:56 -05:00
Andrew Poelstra e2daaf875d Update for language changes (rustc beta is out !!) 2015-04-04 12:20:38 -05:00
Andrew Poelstra abc5b865e7 Change rustc-serialize for crate hyphen transition 2015-03-26 10:07:28 -05:00
Andrew Poelstra 16b6dc73ca `Cargo test` now builds and passes locally :) 2015-03-25 20:55:01 -05:00
Andrew Poelstra 42dfa752ce More slicing 2015-03-25 20:52:09 -05:00
Andrew Poelstra ec6aea7ca1 Fiddle with crates, `cargo build` now succeeds :) 2015-03-25 20:44:04 -05:00
Andrew Poelstra d858d7f7e6 Slicing fixes 2015-03-25 20:36:57 -05:00
Andrew Poelstra f910355043 Change rand crate to crates.io version 2015-03-25 18:57:16 -05:00
Andrew Poelstra 7bd24615f6 Change std::rand to just rand::, though there is still a 'unimplemented trait' error :/ 2015-03-25 18:22:24 -05:00
Andrew Poelstra d2fcbbe95a Change name to secp256k1 from bitcoin-secp256k1-rs
[breaking-change]
2015-03-25 17:20:44 -05:00
Andrew Poelstra 825e77519f for in range(a,b) -> for in a..b 2015-03-25 14:42:05 -05:00
Andrew Poelstra d0519f0b3a IoResult -> io::Result, copy_nonoverlapping_memory -> copy_nonoverlapping 2015-03-25 14:10:02 -05:00
Andrew Poelstra 1e24549ef5 Show -> Debug 2015-03-25 13:59:54 -05:00
Andrew Poelstra 5a6c6c8d0a Fix for secp256k1 ffi changes
All tests pass, compile now
2015-01-17 10:38:16 -06:00
Andrew Poelstra d495d9ca06 Update for rustc changes
We can compile now, but not link -- there have been too many changes
in libsecp256k1 behind the scenes. Next commit :)
2015-01-17 10:13:45 -06:00
Andrew Poelstra 9cab4e023d Revert "Overhaul interface to use zero-on-free SecretKeys"
This reverts commit 9889090784.

This is not ready for primetime -- the move prevention also prevents
reborrowing, which makes secret keys nearly unusable.
2014-09-12 08:28:35 -05:00
Andrew Poelstra 9889090784 Overhaul interface to use zero-on-free SecretKeys
Using the `secretdata` library, we can store SecretKeys in such a way
that they cannot be moved or copied, and their memory is zeroed out on
drop. This gives us some assurance that in the case of memory unsafety,
there is not secret key data lying around anywhere that we don't expect.

Unfortunately, it means that we cannot construct secret keys and then
return them, which forces the interface to change a fair bit. I removed
the `generate_keypair` function from Secp256k1, then `generate_nonce`
for symmetry, then dropped the `Secp256k1` struct entirely because it
turned out that none of the remaining functions used the `self` param.

So here we are. I bumped the version number. Sorry about this.
2014-09-12 08:28:26 -05:00
Andrew Poelstra 62504165e4 Reimplement non-typesafe `verify` fn, call it `verify_raw`.
The typesafe version could not accept illegally padded signatures because
`Signature` is a fixed-width type. Unfortunately such signatures are on
the blockchain, and we need a way to verify them.
2014-09-04 20:32:49 -05:00
Andrew Poelstra eabe57e403 Also make PublicKey encodable 2014-09-04 20:21:09 -05:00
Andrew Poelstra 71312b032a Impl encodable/decodable for the array newtypes 2014-09-04 20:09:18 -05:00
Andrew Poelstra 17daebf15d Implement deterministic nonce generation with HMAC-SHA512
Testing was done against python-ecdsa; python code in the test case
comments.
2014-09-04 16:21:35 -05:00
Andrew Poelstra 46f646dabb Make `verify` accept a `Signature` rather than a slice
[breaking-change]
2014-09-04 11:52:25 -05:00
Andrew Poelstra 770ebbafc4 Add a `Sequence` iterator for generating sequential keypairs; fix tests 2014-09-01 11:13:31 -05:00
Andrew Poelstra 204524117c Make Secp256k1::verify() static
This avoids the overhead of creating and seeding a Fortuna just to do verification.
2014-08-31 22:33:19 -05:00
Andrew Poelstra d94345f721 Generate keys from Fortuna rather than always using the OsRng
When creating a Secp256k1, we attach a Fortuna CSRNG seeded from the
OS RNG, rather than using the OS RNG all the time. This moves the
potential RNG failure to the creation of the object, rather than at
every single place that keys are generated. It also reduces trust
in the operating system RNG.

This does mean that Secp256k1::new() now returns an IoResult while
the generate_* methods no longer return Results, so this is a breaking
change.

Also add a benchmark for key generation. On my system I get:

test tests::generate_compressed   ... bench:    492990 ns/iter (+/- 27981)
test tests::generate_uncompressed ... bench:    495148 ns/iter (+/- 29829)

Contrast the numbers with OsRng:

test tests::generate_compressed   ... bench:     66691 ns/iter (+/- 3640)
test tests::generate_uncompressed ... bench:     67148 ns/iter (+/- 3806)

Not too shabby :)

[breaking-change]
2014-08-31 22:26:02 -05:00
Andrew Poelstra 059c72aa60 Do validation in pubkey::from_slice 2014-08-31 16:04:14 -05:00
Andrew Poelstra a0ecfe9e29 Change lint names for upstream 2014-08-30 07:24:44 -07:00
Andrew Poelstra 15b8183ea8 Remove error return from `PublicKey::from_secret_key()`
Make sure that you cannot create an invalid `SecretKey` in the first place.
Unbreaks the API.

[unbreaking-change]
2014-08-28 11:11:25 -07:00
Andrew Poelstra a67260eb3a Remove unsafe markers and just call `init` everywhere
It turns out I need to run `init` before pretty-much every FFI function,
which means that most everything would have to be marked unsafe if I'm
expecting the Rust user to do this. This is unacceptable -- users who
need to sacrifice safety for speed can just use the `ffi::` functions
instead.

Also, I noticed that I was locking up in `PublicKey::from_secret_key`.
Fix to return an error value -- unfortunately a breaking change since
it changes the function signature.

[breaking-change]
2014-08-28 10:59:44 -07:00
Andrew Poelstra a5951eff47 Expose tweak functions in FFI, wrap a couple 2014-08-28 09:16:53 -07:00
Andrew Poelstra e13b23d720 Add curve order and generator coordinates to constants 2014-08-27 22:49:22 -07:00
Andrew Poelstra a0f11d0f92 Travis speaks rust now :D 2014-08-27 10:58:24 -07:00
Andrew Poelstra 83f2ccf5d7 Add verification to SecretKey::from_slice() 2014-08-24 16:13:08 -07:00
Andrew Poelstra 79815e225b Add .travis.yml, update tests and Cargo.toml for upstream changes 2014-08-17 18:58:20 -07:00
Dawid Ciężarkiewicz 1ce6e3fd3b Simpler `random_32_bytes`. 2014-08-16 02:21:35 -07:00
Andrew Poelstra 6c8a72ba5d Remove allocations for Signature, use array instead
As @dpc observes, embedded systems do not necessarily have allocators, so we
should avoid using them if it is not too much hassle. (And it is no hassle at
all.)
2014-08-15 23:43:40 -07:00
Andrew Poelstra db37829904 Add CC0 license and header to all files 2014-08-11 19:26:45 -07:00
Andrew Poelstra 4be48ecb1b Move Rng failure from `Secp256k1::new` to functions that actually use randomness
Verifying signatures does not require any randomness, but requires the user
to create a `Secp256k1` object nonetheless (this is just a way to guarantee
that `init` is called --- an alternate API would be to have an independent
unsafe `verify` function). If a Rng can't be created, rather than failing
the `Secp256k1` initialization, fail the functions that actually try to use
the Rng.

This way signing and verifying, which require no randomness beyond that input
to them, will work correctly.

To avoid checking for a working Rng on each call to `generate_keypair` and
`generate_nonce` (which is probably trivial next to the cost of actually
generating the randomness, but w/e, user knows best), the user should use
the generation functions in the `key` module, which take an Rng as input.
2014-08-11 19:24:19 -07:00
Andrew Poelstra d6bf4039bd Pull out initialization code so that `PublicKey::from_secret_key` can be used safely 2014-08-11 19:24:19 -07:00
Andrew Poelstra 522bafe433 Remove VerifyResult since it is never used 2014-08-11 19:24:19 -07:00
Andrew Poelstra 80df78c9a9 Add slice methods to `Nonce` 2014-08-11 19:24:19 -07:00
Andrew Poelstra 0adc7e1ce2 Add keypair slice methods and unit tests 2014-08-11 19:24:19 -07:00
Andrew Poelstra 5b15918a9a Move FFI and constants into their own modules; replace outptrs with returns 2014-08-11 19:24:19 -07:00
Andrew Poelstra 448f4829e7 Move FFI functions into separate module; add documentation and style lints 2014-08-11 19:24:19 -07:00
Steve Klabnik 2fa6a4d38e fix unused import warning 2014-08-04 19:58:57 -04:00
Dawid Ciężarkiewicz 100fc277a6 Fix tests cases.
The way compact signatures are working was explain to me:

https://github.com/bitcoin/secp256k1/issues/45
2014-08-04 16:51:47 -07:00
Dawid Ciężarkiewicz 4c9f47e108 Update for newest Cargo 2014-07-23 16:34:04 -07:00
Dawid Ciężarkiewicz 05406515b8 Initial (failing) implementation. 2014-07-06 22:41:22 -07:00