Custom fork of rust-secp256k1 with unsafe modifications for higher speed. Unsuitable for production.
Go to file
Andrew Poelstra ca2dd9371e
Merge rust-bitcoin/rust-secp256k1#551: secp-sys: Use NonNull in API instead of *mut T
9b07e8e8c5 secp-sys: Use NonNull in API instead of *mut T (Tobin C. Harding)

Pull request description:

  Currently we expect non-null pointers when we take `*mut T` parameters, however we do not check that the pointers are non-null because we never set VERIFY in our C build. We can use the `NonNull` type to enforce no-null-ness as long as we use `NonNull::new`. In a couple of instances we manually check that a buffer is not empty and therefore that the pointer to it is non-null so we can safely use `NonNull::new_unchecked`.

  Replace mutable pointer parameters `*mut T` (e.g. `*mut c_void`) and return types with `NonNull<T>`.

  Fix #546

  ### Note

  The description above fully explains the issue to the best of my knowledge, if the description is not spot on then I'm not fully understanding the issue. Please correct me if this is the case.

  > One unfortunate thing is that this means that we wouldn't be able to implement CPtr for secp256k1::Context, which is our designated "expose types from secp256k1-sys which is not stable" semver escape hatch.

  You've lost me here? `secp256k1::Context` is a trait did you mean `secp256k1::Secp256k1` or `secp256k1_sys::Context`?

ACKs for top commit:
  apoelstra:
    ACK 9b07e8e8c5

Tree-SHA512: 37aceebfa62e590ce8cc282c35b014ad018e5cfbea99402ed3aa1fcbaa69e01a01c1c1f32351f5f15a7d270e31da5b239ee5bc11d2343cf866082ad85df6a622
2022-12-03 13:22:53 +00:00
.github/workflows Add formatting check to CI 2022-11-22 08:54:24 +11:00
contrib Merge rust-bitcoin/rust-secp256k1#526: Run the formatter in CI 2022-11-22 14:34:27 +00:00
examples Fix feature gating 2022-11-18 10:14:41 +11:00
githooks Add cargo fmt to pre-commit githook 2022-11-22 08:59:09 +11:00
no_std_test Remove call to deprecated methods 2022-03-01 18:07:36 +00:00
secp256k1-sys secp-sys: Use NonNull in API instead of *mut T 2022-12-01 15:45:32 +11:00
src secp-sys: Use NonNull in API instead of *mut T 2022-12-01 15:45:32 +11:00
tests Run cargo fmt 2022-11-16 11:06:12 +11:00
.gitignore Added ECMULT window size 2019-07-03 17:48:35 -04:00
CHANGELOG.md secp256k1: Bump crate version to 0.25.0 2022-11-30 12:22:16 +11:00
Cargo.toml secp256k1: Bump crate version to 0.25.0 2022-11-30 12:22:16 +11:00
LICENSE Remove the MIT/CC0 license in favor of just CC0 2015-03-25 18:36:30 -05:00
README.md Create configuration conditional bench 2022-07-14 09:35:23 +10:00
clippy.toml Update secp256k1 to edition 2018 and fix imports 2022-06-07 23:59:25 +03:00
rustfmt.toml Introduce rustfmt config file 2022-11-16 10:47:50 +11:00

README.md

Build Status

Full documentation

rust-secp256k1

rust-secp256k1 is a wrapper around libsecp256k1, a C library by Pieter Wuille for producing ECDSA signatures using the SECG curve secp256k1. This library

  • exposes type-safe Rust bindings for all libsecp256k1 functions
  • implements key generation
  • implements deterministic nonce generation via RFC6979
  • implements many unit tests, adding to those already present in libsecp256k1
  • makes no allocations (except in unit tests) for efficiency and use in freestanding implementations

Contributing

Contributions to this library are welcome. A few guidelines:

  • Any breaking changes must have an accompanied entry in CHANGELOG.md
  • No new dependencies, please.
  • No crypto should be implemented in Rust, with the possible exception of hash functions. Cryptographic contributions should be directed upstream to libsecp256k1.
  • This library should always compile with any combination of features on Rust 1.41.1.

Githooks

To assist devs in catching errors before running CI we provide some githooks. If you do not already have locally configured githooks you can use the ones in this repository by running, in the root directory of the repository:

git config --local core.hooksPath githooks/

Alternatively add symlinks in your .git/hooks directory to any of the githooks we provide.

Benchmarks

We use a custom Rust compiler configuration conditional to guard the bench mark code. To run the bench marks use: RUSTFLAGS='--cfg=bench' cargo +nightly bench --features=recovery.

Fuzzing

If you want to fuzz this library, or any library which depends on it, you will probably want to disable the actual cryptography, since fuzzers are unable to forge signatures and therefore won't test many interesting codepaths. To instead use a trivially-broken but fuzzer-accessible signature scheme, compile with --cfg=fuzzing in your RUSTFLAGS variable.

Note that cargo hfuzz sets this config flag automatically.