b38ae97eaf
Currently we rely on the inner bytes with types that are passed across the FFI boundry when implementing comparison functions (e.g. `Ord`, `PartialEq`), this is incorrect because the bytes are opaque, meaning the byte layout is not guaranteed across versions of `libsecp26k1`. Implement stable comparison functionality by doing: - Implement `core::cmp` traits by first coercing the data into a stable form e.g., by serializing it. - Add fast comparison methods to `secp256k1-sys` types that wrap types from libsecp, add similar methods to types in `secp256k1` that wrap `secp256k1-sys` types (just call through to inner type). - In `secp256k1-sys` feature gate the new `core::cmp` impls on `not(fuzzing)`, when fuzzing just derive the impls instead. Any additional methods added to `secp256k1-sys` types are private, justified by the fact the -sys is meant to be just a thin wrapper around libsecp256k1, we don't want to commit to supporting additional API functions. Please note, the solution presented in this patch is already present for `secp256k1::PublicKey`, this PR removes that code in favour of deriving traits that then call down to the same logic in `secp256k1-sys`. |
||
|---|---|---|
| .github/workflows | ||
| contrib | ||
| examples | ||
| githooks | ||
| no_std_test | ||
| secp256k1-sys | ||
| src | ||
| tests | ||
| .gitignore | ||
| CHANGELOG.md | ||
| Cargo.toml | ||
| LICENSE | ||
| README.md | ||
| clippy.toml | ||
| rustfmt.toml | ||
README.md
rust-secp256k1
rust-secp256k1 is a wrapper around libsecp256k1,
a C library by Pieter Wuille for producing ECDSA signatures using the SECG curve
secp256k1. This library
- exposes type-safe Rust bindings for all
libsecp256k1functions - implements key generation
- implements deterministic nonce generation via RFC6979
- implements many unit tests, adding to those already present in
libsecp256k1 - makes no allocations (except in unit tests) for efficiency and use in freestanding implementations
Contributing
Contributions to this library are welcome. A few guidelines:
- Any breaking changes must have an accompanied entry in CHANGELOG.md
- No new dependencies, please.
- No crypto should be implemented in Rust, with the possible exception of hash functions. Cryptographic contributions should be directed upstream to libsecp256k1.
- This library should always compile with any combination of features on Rust 1.41.1.
Githooks
To assist devs in catching errors before running CI we provide some githooks. If you do not already have locally configured githooks you can use the ones in this repository by running, in the root directory of the repository:
git config --local core.hooksPath githooks/
Alternatively add symlinks in your .git/hooks directory to any of the githooks we provide.
Benchmarks
We use a custom Rust compiler configuration conditional to guard the bench mark code. To run the
bench marks use: RUSTFLAGS='--cfg=bench' cargo +nightly bench --features=recovery.
Fuzzing
If you want to fuzz this library, or any library which depends on it, you will
probably want to disable the actual cryptography, since fuzzers are unable to
forge signatures and therefore won't test many interesting codepaths. To instead
use a trivially-broken but fuzzer-accessible signature scheme, compile with
--cfg=fuzzing in your RUSTFLAGS variable.
Note that cargo hfuzz sets this config flag automatically.