Commit Graph

151 Commits

Author SHA1 Message Date
Andrew Poelstra e7ca836c2b Switch to static linking of secp256k1
Pieter moved some stuff I need into the contrib/ directory which does
not expose anything through the shared lib, so I need to statically
link.

I might also use this to do evil things to expose the SHA256 code
in libsecp, but not for now ;).
2015-10-26 10:28:01 -05:00
Andrew Poelstra 98295a285b Add underlying secp256k1 to library 2015-10-26 09:54:21 -05:00
Andrew Poelstra f1e1da1213 Update for breaking changes in underlying rustc.
This should be a major version number since I changed public constants
in the ffi module. I'm not doing so as the invariant "will the constants
be meaningful to the underlying library" has not changed.

In general this library's version numbers do not map well to the
underlying library, which is as-yet not versioned at all, so users
need to always be running "the lastest" rust-secp256k1 anyway, and
semantic versioning can't really be used meaninfully. So this is a
bit of a judgement call.
2015-10-25 18:26:08 -05:00
Andrew Poelstra d49db8167e impl Error for error type; remove `Unknown` error variant 2015-10-17 09:49:19 -05:00
Andrew Poelstra 7c85199b92 Bump minor version number as error returns of PK::add_exp_assign have changed 2015-10-14 12:26:51 -05:00
Andrew Poelstra 32107132f0 Improve unit tests for bad secp context 2015-10-14 12:21:15 -05:00
Andrew Poelstra c84cfb193f [BREAKING CHANGE] Make PK::from_secret_key() return a Result; change from_ffi functions to From impls
If you try to call PublicKey::from_secret() key with an incapable context it will
now return an error. Before it would pass through to the underlying library which
would terminate the process, something we strive to never expose.

Also change the from_ffi functions on various types to impl's of From to be more
Rustic. We cannot change the from_slice functions because they have error returns.

Also add a Secp256k1::without_caps() function which creates a capability-less
context. I find myself using this in so many places downstream that it seems
appropriate.
2015-10-14 09:38:43 -05:00
Andrew Poelstra b7d2b594e1 Merge pull request #6 from mquinn/mquinn-recov-id
RecoveryId tag i32 should be public to allow library users to access it.
2015-10-13 10:16:39 -05:00
Matt Quinn 595f64bca6 Adding to_i32 and from_i32 functions to RecoveryId in order to give
library users the ability to create RecoveryId objects and convert them to i32 equivalents, without allowing users to create invalid ones.
2015-10-11 15:24:44 -07:00
Andrew Poelstra 2b1f87a1ba Merge pull request #5 from mquinn/mquinn-recov-sig
RecoverableSignature now supports compact serialization via FFI, with…
2015-10-11 11:48:51 -05:00
Matt Quinn ebde999634 RecoverableSignature now supports compact serialization via FFI, with additional test case added. 2015-10-11 00:04:28 -07:00
Andrew Poelstra 701c5e5e08 Expose serialization of Signature; move copy_nonoverlapping for rustc stable 2015-10-09 14:20:21 -05:00
Andrew Poelstra ec0e8407f2 Minor documentation fixes 2015-10-09 11:39:42 -05:00
Andrew Poelstra 2748dae7eb Remove `hex_slice` macro as it was never used 2015-09-21 08:30:06 -05:00
Andrew Poelstra b978e76934 Drop some unused imports; bump version no 2015-09-20 15:30:43 -05:00
Andrew Poelstra 5ce825398a Fix benchmarks 2015-09-20 15:24:25 -05:00
Andrew Poelstra b42b1f9408 Bugfix for nightly 2015-09-20 15:13:42 -05:00
Andrew Poelstra 4012281a2d Fix for upstream API changes 2015-09-20 14:52:29 -05:00
Andrew Poelstra cc68cf8b9e Update serde dep to 0.6 from 0.3 2015-09-20 13:29:09 -05:00
Andrew Poelstra 016d781f2e Fix for upstream API changes; add ECDH support
I didn't mean for both of these to go into the same commit, but given how
small the ECDH code was, and the fact that no commit prior to this one will
compile (as both libsecp256k1 and rustc have changed so much), I'm letting
it slide.
2015-09-18 15:40:42 -05:00
Andrew Poelstra 8d6f384dac Update Travis to use travis-cargo 2015-07-28 13:21:12 -05:00
Andrew Poelstra 77f6b6bf21 [API BREAK] Update for new libsecp256k1 API 2015-07-28 11:05:13 -05:00
Andrew Poelstra 0de8bfabb6 Fix typo in Andrew's email address; remove rust-crypto dependency 2015-05-04 10:37:04 -05:00
Andrew Poelstra 5bea30dbb9 Update Cargo.toml for crates.io metadata; this marks the "official" 0.1.0 release 2015-05-04 10:32:45 -05:00
Andrew Poelstra 5602d6f988 Expose `secp256k1_context_randomize`
This is a new libsecp256k1 function which does additive blinding
for nonce generation during signing.
2015-05-03 18:22:30 -05:00
Andrew Poelstra 63011aaa3f Add a bunch of benchmarks 2015-04-30 14:28:34 -05:00
Andrew Poelstra fba427cb15 Add extreme value sign/verify test 2015-04-28 13:46:17 -05:00
Andrew Poelstra 2b64b0a210 Fix documentation link in README; github interprets it as an image then breaks the URL 2015-04-16 14:09:25 -05:00
Andrew Poelstra 1ba1f5b2ce Add sanity-check unit test for RecoveryId
This is kinda silly but gets me 100% coverage from kcov
2015-04-13 22:21:56 -05:00
Andrew Poelstra f8bbc89df6 [API BREAK] expose ability to create contexts without verify or signing caps
There are a lot of cases in rust-bitcoin where we need a `Secp256k1`
which doesn't need any signing or verification capabilities, only
checking the validity of various objects. We can get away with a bare
context (i.e. no precomputation) which can be cheaply created on demand,
avoiding the need to pass around references to Secp256k1 objects everywhere.

API break because the following functions can now fail (given an insufficiently
capable context) and therefore now return a Result:

    Secp256k1::generate_keypair
    Secp256k1::sign
    Secp256k1::sign_compact
2015-04-13 22:15:52 -05:00
Andrew Poelstra d7c7230f28 Impl `Send` and `Sync` for secp256k1 contexts 2015-04-13 20:41:24 -05:00
Andrew Poelstra fb75373b47 [API BREAK] Remove Rng from Secp256k1 and associated code
The Rng was only used for key generation, and for BIP32 users not even then;
thus hauling around a Rng is a waste of space in addition to causing a
massive amount of syntactic noise. For example rust-bitcoin almost always
uses `()` as the Rng; having `Secp256k1` default to a `Secp256k1<Fortuna>`
then means even more syntactic noise, rather than less.

Now key generation functions take a Rng as a parameter, and the rest can
forget about having a Rng. This also means that the Secp256k1 context
never needs a mutable reference and can be easily put into an Arc if so
desired.
2015-04-12 15:54:22 -05:00
Andrew Poelstra 83823379e4 [minor API BREAK] Add unit tests to cover all error cases
This comes with a couple bugfixes and the following API changes:

  - Secp256k1::sign and ::sign_compact no longer return Result;
    it is impossible to trigger their failure modes with safe
    code since the `Message` and `SecretKey` types validate when
    they are created.

  - constants::MAX_COMPACT_SIGNATURE_SIZE loses the MAX_; signatures
    are always constant size

  - the Debug output for everything is now hex-encoded rather than
    being a list of base-10 ints. It's just easier to read this way.

kcov v26 now reports 100% test coverage; however, this does not
guarantee that test coverage is actually complete. Patches are
always welcome for improved unit tests.
2015-04-12 10:51:15 -05:00
Andrew Poelstra 9a01401746 Add missing implementations; update FFI for libsecp256k1's new cloning fn 2015-04-12 09:36:49 -05:00
Andrew Poelstra edab2568d2 Change `Secp256k1::with_rng` to not return a Result
This function can't fail, so no need to return a Result.
2015-04-11 19:13:39 -05:00
Andrew Poelstra 6b39f97f51 Add `Secp256k1::new_deterministic` constructor for applications which don't need randomness 2015-04-11 13:28:15 -05:00
Andrew Poelstra 96e1844c25 Change inline assertions to debug_asserts
All of these were things that are (should be) guaranteed true no matter
what input is given to the API, barring unsafe operations on the data.
2015-04-11 13:07:43 -05:00
Andrew Poelstra 9e717d4219 Add `Secp256k1::with_rng`, parameterize `Secp256k1` over its RNG.
Now that you can't create secret keys by directly passing a Rng to
`SecretKey::new`, we need a way to allow user-chosed randomness.
We add it to the `Secp256k1`.
2015-04-11 12:53:30 -05:00
Andrew Poelstra e52faee98f [API BREAK] update for libsecp256k1 "explicit context" API break
Rather than have global initialization functions, which required
expensive synchronization on the part of the Rust library,
libsecp256k1 now carries its context in thread-local data which
must be passed to every function.

What this means for the rust-secp256k1 API is:
  - Most functions on `PublicKey` and `SecretKey` now require a
    `Secp256k1` to be given to them.

  - `Secp256k1::verify` and `::verify_raw` now take a `&self`

  - `SecretKey::new` now takes a `Secp256k1` rather than a Rng; a
    future commit will allow specifying the Rng in the `Secp256k1`
    so that functionality is not lost.

  - The FFI functions have all changed to take a context argument

  - `secp256k1::init()` is gone, as is the dependency on std::sync

  - There is a `ffi::Context` type which must be handled carefully
    by anyone using it directly (hopefully nobody :))
2015-04-11 12:52:54 -05:00
Andrew Poelstra 609f658bee [API BREAK] Remove `Sequence` iterator over secret keys
Y'know, I can't for the life of me think what this was supposed to
be used for. Given that the library did not compile for several
months until last week, I assume there are no users, let alone
users of such a weird feature.
2015-04-11 12:24:04 -05:00
Andrew Poelstra ac61baf040 Add support for serde (de)serialization; add unit tests 2015-04-10 00:32:12 -05:00
Andrew Poelstra 1b2858bc8a Rename secp256k1.rs to lib.rs 2015-04-09 10:35:38 -05:00
Andrew Poelstra 1591bba3f9 Update bindings to current secp256k1 library
rust-secp256k1 was based off of https://github.com/sipa/secp256k1,
which has been inactive nearly as long as this repository (prior to
a couple days ago anyway). The correct repository is

   https://github.com/bitcoin/secp256k1

This is a major breaking change to the library for one reason: there
are no longer any Nonce types in the safe interface. The signing functions
do not take a nonce; this is generated internally.

This also means that I was able to drop all my RFC6979 code, since
libsecp256k1 has its own implementation.

If you need to generate your own nonces, you need to create an unsafe
function of type `ffi::NonceFn`, then pass it to the appropriate
functions in the `ffi` module. There is no safe interface for doing
this, deliberately: there is basically no need to directly fiddle
with nonces ever.
2015-04-06 00:13:38 -05:00
Andrew Poelstra f6585616b1 Add `Display` impl to `Error`; cleanup `Result` mess 2015-04-05 20:27:43 -05:00
Andrew Poelstra ff29303da1 Add Travis build status to README 2015-04-05 12:37:49 -05:00
Andrew Poelstra 5b3858e0ce Simplify Index implementations 2015-04-05 12:16:56 -05:00
Andrew Poelstra c3786888d7 Make note about non-allocations 2015-04-05 11:45:40 -05:00
Andrew Poelstra 15e552b190 Add link to full docs to README 2015-04-04 15:51:06 -05:00
Andrew Poelstra ec5d5e4ca9 Add README 2015-04-04 12:30:07 -05:00
Andrew Poelstra e2daaf875d Update for language changes (rustc beta is out !!) 2015-04-04 12:20:38 -05:00