Commit Graph

237 Commits

Author SHA1 Message Date
Andrew Poelstra 96862b6a74 fuzz: implement recoverable signatures, get all tests passing, run them in CI 2020-12-28 18:42:46 +00:00
Andrew Poelstra b811ec133a fuzz: only replace signing and verification, leave everything else alone
We can now run unit tests with the fuzz feature on, and they'll pass,
which is some assurance that fuzzing with the feature on won't lead to
spurious failures due to the fuzz harness inadequately simulating message
signing.
2020-12-23 17:59:52 +00:00
Andrew Poelstra a2c25f2e83
Merge pull request #259 from p2pderivatives/implement-low-r-signing
Implement low r signing
2020-12-22 23:28:34 +00:00
Andrew Poelstra b31bf2f611
Merge pull request #258 from thomaseizinger/better-wasm-tests
Run more tests in wasm
2020-12-22 06:12:01 +00:00
Tibo-lg 1d166d061b Implement low r signing 2020-12-22 14:50:37 +09:00
Tobin Harding a584643486 Use ManuallyDrop
Suggested by clippy, we need to use ManuallyDrop for these types in
order to correctly free up the memory.
2020-12-22 14:56:17 +11:00
Thomas Eizinger 8b8e482f79
Run more tests in wasm
Instead of repeating ourselves in defining one big test for the wasm
target, we can override the `test` attribute with the `wasm-bindgen-test`
one and therefore automatically run all (supported) tests in wasm.

Unfortunately, wasm doesn't support catching panics yet which means we
have to disable the `test_panic_raw_ctx` test.
2020-12-22 10:30:56 +11:00
Elichai Turkel 767246a282
Make preallocated use AlignedType 2020-12-18 12:48:19 +02:00
Elichai Turkel fd206ab57c
Replace use of boxes with global allocator 2020-12-18 12:48:19 +02:00
Andrew Poelstra 0ec8fab82c stop explicitly casting references to rawptrs 2020-11-30 02:47:34 +00:00
Andrew Poelstra 37049d743e schnorrsig: expose tweak_check_add API 2020-11-27 18:42:14 +00:00
Andrew Poelstra 12b0abbcf8 make `ffi::Type::new` functions all unsafe, expand documentation 2020-11-27 18:42:12 +00:00
Tibo-lg 09b04560bc Add schnorrsig module 2020-11-10 13:43:34 +09:00
Elichai Turkel 9e5a351ea7
remove redundant code after MSRV bump 2020-08-27 22:51:36 +03:00
Andrew Poelstra 19f5138925 Update MSRV to 1.29; increase version to 0.19 and -sys version to 0.3 2020-08-27 14:18:06 +00:00
Andrew Poelstra 5c451f78c6
Merge pull request #207 from sorpaas/sp-message-zero
Allow all-zero messages
2020-08-26 18:02:51 +00:00
Sebastian Geisler a959de4174 Add an optional global, static context 2020-07-08 16:05:42 +02:00
Sebastian Geisler 8979a932ab Document proper usage of `from_slice` 2020-05-14 18:24:40 +02:00
Sebastian Geisler 0d857533fa Add optional bitcoin_hashes feature to implement ThirtyTwoByteHash 2020-05-14 18:24:39 +02:00
Kirill Fomichev 0dcc59c2b9
Add doctest to Secp256k1::verify 2020-05-05 17:30:07 +03:00
Andrew Poelstra 0782872fb0
Merge pull request #208 from TheBlueMatt/202-04-wasm
Re-support WASM via simple stub headers
2020-04-29 19:48:03 +00:00
Matt Corallo d9d398ccc9 Re-support WASM via simple stub headers
libsecp256k1 really only barely uses libc at all, and in practice,
things like memcpy/memcmp get optimized into something other than a
libc call. Thus, if we provide simple stub headers, things seem to
work with wasm-pack just fine.
2020-04-29 15:32:54 -04:00
Kirill Fomichev 99a43ced56
Fix Secp256k1::verify docs 2020-04-22 17:58:27 +03:00
Wei Tang 9250ae49ce Allow all-zero messages 2020-04-09 14:26:31 +02:00
Andrew Poelstra 86751b2d74
Merge pull request #201 from elichai/2020-03-ecdh
Simplify callback logic to returning raw coordinates
2020-04-06 14:48:57 +00:00
Elichai Turkel 2eff118d03
Simplify callback logic to returning raw coordinates 2020-03-01 13:46:25 +02:00
Elichai Turkel 2f897d8a93
Removed no longer used dont_replace_c_symbols feature 2020-02-09 16:37:59 +02:00
Elichai Turkel 124c1f3c7c
feature gate new_with_hash with std only, added catch_unwind 2019-12-05 18:05:40 +02:00
Steven Roose 724c49fff9
Add secp256k1-sys 2019-11-27 21:02:42 +00:00
Andrew Poelstra 02f66177f0
Merge pull request #179 from elichai/2019-11-raw-context
Creating context from raw pointer
2019-11-27 20:34:43 +00:00
Elichai Turkel 9523e093c1
Add tests for raw context 2019-11-27 22:05:27 +02:00
Andrew Poelstra 1e711f194c
Merge pull request #184 from elichai/2019-11-context
Fix a safety problem and make the Context trait unimplementable
2019-11-27 19:58:44 +00:00
Elichai Turkel 9522f7e4a4
Make Context::deallocate unsafe fn 2019-11-27 17:42:01 +02:00
Rodolfo Araujo 825493bea9 Small code improvements. 2019-11-17 22:10:40 -03:00
Andrew Poelstra d900dcd1c9
Merge pull request #177 from elichai/2019-10-csymbols
Add a feature to disable replacing C symbols with rust
2019-10-29 01:39:08 +00:00
Elichai Turkel 349b2eac06
Add a 'dont_replace_c_symbols' feature for not replacing C's symbols with rust. isn't compatible with no-std 2019-10-28 23:05:38 +02:00
Matt Corallo f09ff2a9de Disable some useless lints 2019-10-28 15:20:04 -04:00
Elichai Turkel ddb8e4fdf2
Explicit checks for empty slices 2019-08-21 13:09:36 -04:00
Elichai Turkel b7e20c5b12
Changed all as_*ptr() to the safer CPtr trait 2019-08-21 13:09:36 -04:00
Elichai Turkel 66ab70f991
Added a C Ptr trait that returns a null pointer for ZSTs 2019-08-21 13:09:20 -04:00
Elichai Turkel 8e701b75b2
Replacing usage of the unsafe `blank` function to the `new` function
Signed-off-by: Elichai Turkel <elichai.turkel@gmail.com>
2019-08-16 14:15:31 -04:00
Elichai Turkel 16fc4ee3fc Fixed the counter Rng 2019-08-13 10:41:39 -04:00
Elichai Turkel 7356705b61 Added a test for create/destroy functions 2019-07-14 16:35:51 -04:00
Elichai Turkel 96ca40faed
Exposed generic functions to create the Context 2019-07-04 21:36:32 -04:00
Elichai Turkel 811e8d24e9
Removed context_create/destroy/clone and scratch_create/destroy/clone functions. 2019-07-04 19:09:04 -04:00
Elichai Turkel 9186f0223a
Added preallocation size functions and added a test for the preallocation 2019-07-04 18:40:08 -04:00
Elichai Turkel b4b52a9858
Moved the context specific traits/enums into a separate file with `std` gate 2019-07-04 18:40:07 -04:00
Jonas Nick 0e6ff34009 Fix imports when using recovery with fuzztarget feature 2019-05-29 00:02:11 +00:00
Elichai Turkel be457afdae
Removed ffi call from Display implementation 2019-05-21 22:05:18 +03:00
Andrew Poelstra 0bf88fe444
Merge pull request #109 from jonasnick/human-sigs
Add human readable serialization to Signatures
2019-05-21 17:50:41 +00:00
Jonas Nick ebf50df1d1 Add human readable serialization to Signatures 2019-05-21 10:34:18 +00:00
Jonas Nick 28934ab5a7 Only display existing signature bytes 2019-05-21 10:22:05 +00:00
Jonas Nick c7eecd159e Feature gate recovery module 2019-05-21 07:02:11 +00:00
Jonas Nick 264b368ee0 Move recovery to its own module 2019-05-20 19:11:59 +00:00
Tim Ruffing ab4320f8cc
Merge pull request #100 from elichai/master
Add no-std support
2019-05-10 23:32:52 +02:00
Elichai Turkel dfcf74f9d0
Added a new struct for the DER serialized signature 2019-05-11 00:11:42 +03:00
Elichai Turkel 312b9a55fc
Added Error::description copied c_void impl from core::ffi::c_void 2019-04-30 22:07:27 +03:00
Aleksei Sidorov 2536c5a3c4 Fix rand trait bounds. 2019-04-16 16:35:33 +03:00
Elichai Turkel ab8066eb1a
Replaced the std::os::raw c types with types.rs 2019-04-14 12:09:42 +03:00
Elichai Turkel 11ce86681f
Replaced std with core, and made std::error::Error optional through feature 2019-04-14 12:09:36 +03:00
Jonas Nick 6eaacb19c5 Add raw context getter to Secp256k1 struct 2019-03-01 19:39:55 +00:00
François Garillot a8a3afe8db
Fix clippy errors
Changes include cargo-fix generated, Default impls
2019-02-25 20:12:25 -08:00
François Garillot bafef68c56
Bumps rand to 0.6.3 & associated updates 2019-02-25 20:09:43 -08:00
Pierre Krieger 9c45944a5f
Remove dependency on libc 2018-12-27 14:39:54 +01:00
Tim Ruffing b470f70e90
Merge pull request #57 from rust-bitcoin/2018-08-no-index
remove `ops::Index` impls for `Signature`
2018-12-03 14:27:08 +01:00
Andrew Poelstra e5a02bd9a0 add `ThirtyTwoByteHash` hash trait which can be implemented for easier conversion of things to `Message`s 2018-11-10 13:12:10 +00:00
Andrew Poelstra 1f4a4c11a3 change add_*_assign and mul_*_assign to use a byteslice as a tweak, rather than a `SecretKey`
This makes more conceptual sense and does not add any new error paths, since even
valid `SecretKey`s were able to be invalid tweaks.
2018-11-10 13:08:18 +00:00
Andrew Poelstra f93b959b4a disallow Messages that are not valid secret keys to prevent mistakes related to 0 2018-11-10 13:05:11 +00:00
Andrew Poelstra 8d2347602a remove `ops::Index` impls for `Signature` 2018-11-10 12:56:19 +00:00
Andrew Poelstra 4b88cfc2fc
Merge pull request #78 from rust-bitcoin/2018-11-remove-without-caps
Update upstream libsecp; remove `without_caps` and all use of dummy contexts
2018-11-10 12:51:14 +00:00
Andrew Poelstra 8986aa3d71 export `serde`, `rand` and `libc`; update version to 0.11.5 2018-11-07 20:18:55 +00:00
Andrew Poelstra 93abca5896 remove `without_caps` and every function that used a cap-less context 2018-11-06 22:16:24 +00:00
Andrew Poelstra 68c838f357 change `Debug` impl for `Signature` to use `Display` 2018-11-03 15:52:07 +00:00
Andrew Poelstra 30aa3a0c28 add `fmt::Display` and `str::FromStr` impls for `Signature` 2018-11-03 15:52:05 +00:00
Andrew Poelstra 572adb2873 add `FromStr` implementation for key types 2018-11-03 15:52:03 +00:00
Andrew Poelstra 3563c5f305
Merge pull request #46 from rust-bitcoin/2018-08-context-debug
add Debug impl to context object
2018-08-20 18:34:13 +00:00
Andrew Poelstra 7a5617d01d
Merge pull request #44 from rust-bitcoin/2018-07-docs
improve documentation
2018-08-20 18:12:42 +00:00
Andrew Poelstra 93d8249028 improve documentation 2018-08-20 17:56:46 +00:00
Dimitris Apostolou 5c6dcf6b5e
Fix typo 2018-08-15 11:03:22 +03:00
Andrew Poelstra 83c7b6d9b7 add Debug impl to context object 2018-08-12 15:23:05 +00:00
Andrew Poelstra 2478930ec1 add feature-gated serde 1.0 support for Signature, SecretKey, PublicKey 2018-07-25 14:44:51 +00:00
Andrew Poelstra 54ddbc74a4
Merge pull request #37 from rust-bitcoin/2018-07-public-key
remove `PublicKey::new()` and `PublicKey::is_valid()`
2018-07-25 13:19:10 +00:00
Andrew Poelstra c3ec027925 remove `PublicKey::new()` and `PublicKey::is_valid()` 2018-07-24 21:24:19 +00:00
Andrew Poelstra bc773fbdce add comments for Sync/Send impl 2018-07-24 21:18:03 +00:00
Andrew Poelstra 2aeff4c62f fix typos 2018-07-24 21:16:52 +00:00
Roman Zeyde 5442e710a8 Remove Schnorr support
It was removed from bitcoin-core/libsecp256k1 at e06e878fd7dcc99825025fa99aedb86bc7d5c29f
2018-07-09 15:10:38 +03:00
Thomas Eizinger 20222d50c9 Add docs to new public API 2018-06-08 08:48:28 +08:00
Thomas Eizinger f13cdfa8a4 Replace Result return type with actual value
This introduces the actual breaking API change.
2018-06-08 08:48:02 +08:00
Thomas Eizinger be7134c7f4 Cleanup obsolete code
Remove ContextFlag enum
Remove InvalidContext error-enum variant
Remove unused imports
2018-06-08 08:41:30 +08:00
Thomas Eizinger f1a88259fb Introduce generic-based capability handling
Add type parameter to Secp256k1
Add PhantomData for C
Separate into structs and traits
Move constructors to own impl blocks
2018-06-06 12:58:29 +08:00
Matt Corallo e1878c4522 Remove all serde/rustc-serialize stuff 2018-03-21 18:01:33 -04:00
Andrew Poelstra f14e747431 expose key::{Secret, Public}Key in the crate root for ease of use 2018-01-17 15:38:11 +00:00
Andrew Poelstra 5c54698bf9 make `serde` optional 2017-12-19 22:40:06 +00:00
Andrew Poelstra 12e9f4b90b make `rustc-serialize` crate optional 2017-12-19 22:36:30 +00:00
Andrew Poelstra 298929600b make `rand` crate optional 2017-12-19 22:36:27 +00:00
Andrew Poelstra dba0d67912 remove arrayvec dependency; rename PublicKey::serialize_vec 2017-12-19 20:36:46 +00:00
Tim Ruffing e71ed3b6d2 Implement serde traits for Signature 2017-07-21 23:58:19 +02:00
Andrew Poelstra b6887b44a0
add compact signature encoding 2017-07-12 19:55:06 +00:00
Andrew Poelstra f88eb1d6d7 Merge pull request #14 from petertodd/2017-05-08-use-copy_from_slice
Use safe copy_from_slice() rather than unsafe copy_nonoverlapping()
2017-05-08 12:53:19 +00:00
Peter Todd 20c5b903db
Replace unsafe copy_nonoverlapping() with safe copy_from_slice() 2017-05-08 07:31:08 -04:00
Peter Todd eccd625828
Implement From<[u8;32]> for Message 2017-05-08 07:10:51 -04:00
Peter Todd 70fd5a9e27
Improve Error::InvalidMessage comment 2017-05-08 06:12:25 -04:00
Andrew Poelstra 458a3d9417 Update libsecp to latest master, c18b869e58aa4d3bff6958f370f6b643d1223c44 2016-01-14 18:35:54 +00:00
Andrew Poelstra 4f83a83308 cleanup: remove unused attributes; add `dev` compile feature that'll run clippy 2015-12-19 20:20:47 -06:00
Andrew Poelstra f613dbbc00 Fix nonce doccoments 2015-12-15 12:48:01 -06:00
Andrew Poelstra 8aa2569818 Expose Schnorr sign/verify 2015-12-15 12:47:07 -06:00
Andrew Poelstra d35168d626 [BREAKING CHANGE] Fix FFI 2015-11-15 17:00:07 -06:00
Andrew Poelstra a65f4cf01f Expose normalize_s function to convert signatures to low-S form 2015-10-26 14:25:18 -05:00
Andrew Poelstra 8e984c5912 Add "lax DER" support; bump major version number for recent build system changes 2015-10-26 12:59:40 -05:00
Andrew Poelstra f1e1da1213 Update for breaking changes in underlying rustc.
This should be a major version number since I changed public constants
in the ffi module. I'm not doing so as the invariant "will the constants
be meaningful to the underlying library" has not changed.

In general this library's version numbers do not map well to the
underlying library, which is as-yet not versioned at all, so users
need to always be running "the lastest" rust-secp256k1 anyway, and
semantic versioning can't really be used meaninfully. So this is a
bit of a judgement call.
2015-10-25 18:26:08 -05:00
Andrew Poelstra d49db8167e impl Error for error type; remove `Unknown` error variant 2015-10-17 09:49:19 -05:00
Andrew Poelstra c84cfb193f [BREAKING CHANGE] Make PK::from_secret_key() return a Result; change from_ffi functions to From impls
If you try to call PublicKey::from_secret() key with an incapable context it will
now return an error. Before it would pass through to the underlying library which
would terminate the process, something we strive to never expose.

Also change the from_ffi functions on various types to impl's of From to be more
Rustic. We cannot change the from_slice functions because they have error returns.

Also add a Secp256k1::without_caps() function which creates a capability-less
context. I find myself using this in so many places downstream that it seems
appropriate.
2015-10-14 09:38:43 -05:00
Matt Quinn 595f64bca6 Adding to_i32 and from_i32 functions to RecoveryId in order to give
library users the ability to create RecoveryId objects and convert them to i32 equivalents, without allowing users to create invalid ones.
2015-10-11 15:24:44 -07:00
Matt Quinn ebde999634 RecoverableSignature now supports compact serialization via FFI, with additional test case added. 2015-10-11 00:04:28 -07:00
Andrew Poelstra 701c5e5e08 Expose serialization of Signature; move copy_nonoverlapping for rustc stable 2015-10-09 14:20:21 -05:00
Andrew Poelstra ec0e8407f2 Minor documentation fixes 2015-10-09 11:39:42 -05:00
Andrew Poelstra 5ce825398a Fix benchmarks 2015-09-20 15:24:25 -05:00
Andrew Poelstra 4012281a2d Fix for upstream API changes 2015-09-20 14:52:29 -05:00
Andrew Poelstra cc68cf8b9e Update serde dep to 0.6 from 0.3 2015-09-20 13:29:09 -05:00
Andrew Poelstra 016d781f2e Fix for upstream API changes; add ECDH support
I didn't mean for both of these to go into the same commit, but given how
small the ECDH code was, and the fact that no commit prior to this one will
compile (as both libsecp256k1 and rustc have changed so much), I'm letting
it slide.
2015-09-18 15:40:42 -05:00
Andrew Poelstra 8d6f384dac Update Travis to use travis-cargo 2015-07-28 13:21:12 -05:00
Andrew Poelstra 77f6b6bf21 [API BREAK] Update for new libsecp256k1 API 2015-07-28 11:05:13 -05:00
Andrew Poelstra 5602d6f988 Expose `secp256k1_context_randomize`
This is a new libsecp256k1 function which does additive blinding
for nonce generation during signing.
2015-05-03 18:22:30 -05:00
Andrew Poelstra 63011aaa3f Add a bunch of benchmarks 2015-04-30 14:28:34 -05:00
Andrew Poelstra fba427cb15 Add extreme value sign/verify test 2015-04-28 13:46:17 -05:00
Andrew Poelstra 1ba1f5b2ce Add sanity-check unit test for RecoveryId
This is kinda silly but gets me 100% coverage from kcov
2015-04-13 22:21:56 -05:00
Andrew Poelstra f8bbc89df6 [API BREAK] expose ability to create contexts without verify or signing caps
There are a lot of cases in rust-bitcoin where we need a `Secp256k1`
which doesn't need any signing or verification capabilities, only
checking the validity of various objects. We can get away with a bare
context (i.e. no precomputation) which can be cheaply created on demand,
avoiding the need to pass around references to Secp256k1 objects everywhere.

API break because the following functions can now fail (given an insufficiently
capable context) and therefore now return a Result:

    Secp256k1::generate_keypair
    Secp256k1::sign
    Secp256k1::sign_compact
2015-04-13 22:15:52 -05:00
Andrew Poelstra fb75373b47 [API BREAK] Remove Rng from Secp256k1 and associated code
The Rng was only used for key generation, and for BIP32 users not even then;
thus hauling around a Rng is a waste of space in addition to causing a
massive amount of syntactic noise. For example rust-bitcoin almost always
uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>`
then means even more syntactic noise, rather than less.

Now key generation functions take a Rng as a parameter, and the rest can
forget about having a Rng. This also means that the Secp256k1 context
never needs a mutable reference and can be easily put into an Arc if so
desired.
2015-04-12 15:54:22 -05:00
Andrew Poelstra 83823379e4 [minor API BREAK] Add unit tests to cover all error cases
This comes with a couple bugfixes and the following API changes:

  - Secp256k1::sign and ::sign_compact no longer return Result;
    it is impossible to trigger their failure modes with safe
    code since the `Message` and `SecretKey` types validate when
    they are created.

  - constants::MAX_COMPACT_SIGNATURE_SIZE loses the MAX_; signatures
    are always constant size

  - the Debug output for everything is now hex-encoded rather than
    being a list of base-10 ints. It's just easier to read this way.

kcov v26 now reports 100% test coverage; however, this does not
guarantee that test coverage is actually complete. Patches are
always welcome for improved unit tests.
2015-04-12 10:51:15 -05:00
Andrew Poelstra 9a01401746 Add missing implementations; update FFI for libsecp256k1's new cloning fn 2015-04-12 09:36:49 -05:00
Andrew Poelstra edab2568d2 Change `Secp256k1::with_rng` to not return a Result
This function can't fail, so no need to return a Result.
2015-04-11 19:13:39 -05:00
Andrew Poelstra 6b39f97f51 Add `Secp256k1::new_deterministic` constructor for applications which don't need randomness 2015-04-11 13:28:15 -05:00
Andrew Poelstra 96e1844c25 Change inline assertions to debug_asserts
All of these were things that are (should be) guaranteed true no matter
what input is given to the API, barring unsafe operations on the data.
2015-04-11 13:07:43 -05:00
Andrew Poelstra 9e717d4219 Add `Secp256k1::with_rng`, parameterize `Secp256k1` over its RNG.
Now that you can't create secret keys by directly passing a Rng to
`SecretKey::new`, we need a way to allow user-chosed randomness.
We add it to the `Secp256k1`.
2015-04-11 12:53:30 -05:00
Andrew Poelstra e52faee98f [API BREAK] update for libsecp256k1 "explicit context" API break
Rather than have global initialization functions, which required
expensive synchronization on the part of the Rust library,
libsecp256k1 now carries its context in thread-local data which
must be passed to every function.

What this means for the rust-secp256k1 API is:
  - Most functions on `PublicKey` and `SecretKey` now require a
    `Secp256k1` to be given to them.

  - `Secp256k1::verify` and `::verify_raw` now take a `&self`

  - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a
    future commit will allow specifying the Rng in the `Secp256k1`
    so that functionality is not lost.

  - The FFI functions have all changed to take a context argument

  - `secp256k1::init()` is gone, as is the dependency on std::sync

  - There is a `ffi::Context` type which must be handled carefully
    by anyone using it directly (hopefully nobody :))
2015-04-11 12:52:54 -05:00
Andrew Poelstra ac61baf040 Add support for serde (de)serialization; add unit tests 2015-04-10 00:32:12 -05:00
Andrew Poelstra 1b2858bc8a Rename secp256k1.rs to lib.rs 2015-04-09 10:35:38 -05:00
Renamed from src/secp256k1.rs (Browse further)