cryptogera/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2026-03-02 01:36:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Squashed 'src/secp256k1/' changes from 4187a46649..b9313c6e1a

Browse Source 
b9313c6e1a Merge bitcoin-core/secp256k1#1708: release cleanup: bump version after 0.7.0
a660a4976e Merge bitcoin-core/secp256k1#1707: release: Prepare for 0.7.0
7ab8b0cc01 release cleanup: bump version after 0.7.0
a3e742d947 release: Prepare for 0.7.0
f67b0ac1a0 ci: Don't hardcode ABI version
020ee60495 Merge bitcoin-core/secp256k1#1706: musig/tests: initialize keypair
cde4130898 musig/tests: initialize keypair
6037833c9e Merge bitcoin-core/secp256k1#1702: changelog: update
40b4a06520 changelog: update
5e74086dc8 Merge bitcoin-core/secp256k1#1705: musig/test: Remove dead code
7c3380423c Merge bitcoin-core/secp256k1#1696: build: Refactor visibility logic and add override
8d967a602b musig/test: Remove dead code
983711cd6d musig/tests: Refactor vectors_signverify
73a695958a Merge bitcoin-core/secp256k1#1704: cmake: Make `secp256k1_objs` inherit interface defines from `secp256k1`
bf082221ff cmake: Make `secp256k1_objs` inherit interface defines from `secp256k1`
c82d84bb86 build: add CMake option for disabling symbol visibility attributes
ce7923874f build: Add SECP256K1_NO_API_VISIBILITY_ATTRIBUTES
e5297f6d79 build: Refactor visibility logic
cbbbf3bd6e Merge bitcoin-core/secp256k1#1699: ci: enable musig module for native macOS arm64 job
943479a7a3 Merge bitcoin-core/secp256k1#1694: Revert "cmake: configure libsecp256k1.pc during install"
3352f9d667 ci: enable musig module for native macOS arm64 job
ad60ef7ea7 Merge bitcoin-core/secp256k1#1689: ci: Convert `arm64` Cirrus tasks to GHA jobs
c498779096 Merge bitcoin-core/secp256k1#1687: cmake: support the use of launchers in ctest -S scripts
44b205e9ee Revert "cmake: configure libsecp256k1.pc during install"
0dfe387dbe cmake: support the use of launchers in ctest -S scripts
89096c234d Merge bitcoin-core/secp256k1#1692: cmake: configure libsecp256k1.pc during install
7106dce6fd cmake: configure libsecp256k1.pc during install
29e73f4ba5 Merge bitcoin-core/secp256k1#1685: cmake: Emulate Libtool's behavior on FreeBSD
746e36b141 Merge bitcoin-core/secp256k1#1678: cmake: add a helper for linking into static libs
a28c2ffa5c Merge bitcoin-core/secp256k1#1683: README: add link to musig example
2a9d374735 Merge bitcoin-core/secp256k1#1690: ci: Bump GCC snapshot major version to 16
add146e101 ci: Bump GCC snapshot major version to 16
004f57fcd8 ci: Move Valgrind build for `arm64` from Cirrus to GHA
5fafdfc30f ci: Move `gcc-snapshot` build for `arm64` from Cirrus to GHA
e814b79a8b ci: Switch `arm64_debian` from QEMU to native `arm64` Docker image
bcf77346b9 ci: Add `arm64` architecture to `docker_cache` job
b77aae9226 ci: Rename Docker image tag to reflect architecture
145ae3e28d cmake: add a helper for linking into static libs
819210974b README: add link to musig example, generalize module enabling hint
95db29b144 Merge bitcoin-core/secp256k1#1679: cmake: Use `PUBLIC_HEADER` target property in installation logic
37dd422b5c cmake: Emulate Libtool's behavior on FreeBSD
f24b838bed Merge bitcoin-core/secp256k1#1680: doc: Promote "Building with CMake" to standard procedure
3f31ac43e0 doc: Promote "Building with CMake" to standard procedure
6f67151ee2 cmake: Use `PUBLIC_HEADER` target property
c32715b2a0 cmake, move-only: Move module option processing to `src/CMakeLists.txt`
201b2b8f06 Merge bitcoin-core/secp256k1#1675: cmake: Bump minimum required CMake version to 3.22
3af71987a8 cmake: Bump minimum required CMake version to 3.22
92394476e9 Merge bitcoin-core/secp256k1#1673: Assert field magnitude at control-flow join
3a4f448cb4 Assert field magnitude at control-flow join
9fab425256 Merge bitcoin-core/secp256k1#1668: bench_ecmult: add benchmark for ecmult_const_xonly
05445377f4 bench_ecmult: add benchmark for ecmult_const_xonly
bb597b3d39 Merge bitcoin-core/secp256k1#1670: tests: update wycheproof files
d73ed99479 tests: update wycheproof files

git-subtree-dir: src/secp256k1
git-subtree-split: b9313c6e1a6082a66b4c75777e18ca4b176fcf9d
This commit is contained in:
fanquake 2025-07-22 09:35:01 +01:00
parent c31fcaaad3
commit 5600e6fc4b
17 changed files with 281 additions and 303 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
.cirrus.yml
View File

@ -1,104 +0,0 @@
env:
### cirrus config
CIRRUS_CLONE_DEPTH: 1
### compiler options
HOST:
WRAPPER_CMD:
# Specific warnings can be disabled with -Wno-error=foo.
# -pedantic-errors is not equivalent to -Werror=pedantic and thus not implied by -Werror according to the GCC manual.
WERROR_CFLAGS: -Werror -pedantic-errors
MAKEFLAGS: -j4
BUILD: check
### secp256k1 config
ECMULTWINDOW: 15
ECMULTGENKB: 22
ASM: no
WIDEMUL: auto
WITH_VALGRIND: yes
EXTRAFLAGS:
### secp256k1 modules
EXPERIMENTAL: no
ECDH: no
RECOVERY: no
EXTRAKEYS: no
SCHNORRSIG: no
MUSIG: no
ELLSWIFT: no
### test options
SECP256K1_TEST_ITERS: 64
BENCH: yes
SECP256K1_BENCH_ITERS: 2
CTIMETESTS: yes
SYMBOL_CHECK: yes
VIRTUAL_ENV: /root/venv
# Compile and run the tests
EXAMPLES: yes
cat_logs_snippet: &CAT_LOGS
always:
cat_tests_log_script:
- cat tests.log || true
cat_noverify_tests_log_script:
- cat noverify_tests.log || true
cat_exhaustive_tests_log_script:
- cat exhaustive_tests.log || true
cat_ctime_tests_log_script:
- cat ctime_tests.log || true
cat_bench_log_script:
- cat bench.log || true
cat_config_log_script:
- cat config.log || true
cat_test_env_script:
- cat test_env.log || true
cat_ci_env_script:
- env
linux_arm64_container_snippet: &LINUX_ARM64_CONTAINER
env_script:
- export PATH="$VIRTUAL_ENV/bin:$PATH"
- env | tee /tmp/env
build_script:
- DOCKER_BUILDKIT=1 docker build --file "ci/linux-debian.Dockerfile" --tag="ci_secp256k1_arm"
- docker image prune --force # Cleanup stale layers
test_script:
- docker run --rm --mount "type=bind,src=./,dst=/ci_secp256k1" --env-file /tmp/env --replace --name "ci_secp256k1_arm" "ci_secp256k1_arm" bash -c "cd /ci_secp256k1/ && ./ci/ci.sh"
task:
name: "ARM64: Linux (Debian stable)"
persistent_worker:
labels:
type: arm64
env:
ECDH: yes
RECOVERY: yes
EXTRAKEYS: yes
SCHNORRSIG: yes
MUSIG: yes
ELLSWIFT: yes
matrix:
# Currently only gcc-snapshot, the other compilers are tested on GHA with QEMU
- env: { CC: 'gcc-snapshot' }
<< : *LINUX_ARM64_CONTAINER
<< : *CAT_LOGS
task:
name: "ARM64: Linux (Debian stable), Valgrind"
persistent_worker:
labels:
type: arm64
env:
ECDH: yes
RECOVERY: yes
EXTRAKEYS: yes
SCHNORRSIG: yes
MUSIG: yes
ELLSWIFT: yes
WRAPPER_CMD: 'valgrind --error-exitcode=42'
SECP256K1_TEST_ITERS: 2
matrix:
- env: { CC: 'gcc' }
- env: { CC: 'clang' }
- env: { CC: 'gcc-snapshot' }
- env: { CC: 'clang-snapshot' }
<< : *LINUX_ARM64_CONTAINER
<< : *CAT_LOGS

112
.github/workflows/ci.yml vendored
View File

@ -46,8 +46,18 @@ env:
jobs:
docker_cache:
name: "Build Docker image"
runs-on: ubuntu-latest
name: "Build ${{ matrix.arch }} Docker image"
runs-on: ${{ matrix.runner }}
strategy:
fail-fast: false
matrix:
include:
- arch: x64
runner: ubuntu-latest
- arch: arm64
runner: ubuntu-24.04-arm
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
@ -60,11 +70,11 @@ jobs:
uses: docker/build-push-action@v5
with:
file: ./ci/linux-debian.Dockerfile
tags: linux-debian-image
tags: ${{ matrix.arch }}-debian-image
cache-from: type=gha
cache-to: type=gha,mode=min
linux_debian:
x86_64-debian:
name: "x86_64: Linux (Debian stable)"
runs-on: ubuntu-latest
needs: docker_cache
@ -106,7 +116,7 @@ jobs:
uses: ./.github/actions/run-in-docker-action
with:
dockerfile: ./ci/linux-debian.Dockerfile
tag: linux-debian-image
tag: x64-debian-image
- name: Print logs
uses: ./.github/actions/print-logs
@ -142,7 +152,7 @@ jobs:
uses: ./.github/actions/run-in-docker-action
with:
dockerfile: ./ci/linux-debian.Dockerfile
tag: linux-debian-image
tag: x64-debian-image
- name: Print logs
uses: ./.github/actions/print-logs
@ -174,7 +184,7 @@ jobs:
uses: ./.github/actions/run-in-docker-action
with:
dockerfile: ./ci/linux-debian.Dockerfile
tag: linux-debian-image
tag: x64-debian-image
- name: Print logs
uses: ./.github/actions/print-logs
@ -215,21 +225,19 @@ jobs:
uses: ./.github/actions/run-in-docker-action
with:
dockerfile: ./ci/linux-debian.Dockerfile
tag: linux-debian-image
tag: x64-debian-image
- name: Print logs
uses: ./.github/actions/print-logs
if: ${{ !cancelled() }}
arm64_debian:
name: "ARM64: Linux (Debian stable, QEMU)"
runs-on: ubuntu-latest
arm64-debian:
name: "arm64: Linux (Debian stable)"
runs-on: ubuntu-24.04-arm
needs: docker_cache
env:
WRAPPER_CMD: 'qemu-aarch64'
SECP256K1_TEST_ITERS: 16
HOST: 'aarch64-linux-gnu'
WITH_VALGRIND: 'no'
ECDH: 'yes'
RECOVERY: 'yes'
@ -238,27 +246,26 @@ jobs:
MUSIG: 'yes'
ELLSWIFT: 'yes'
CTIMETESTS: 'no'
CC: ${{ matrix.cc }}
strategy:
fail-fast: false
matrix:
configuration:
- env_vars: { } # gcc
- env_vars: # clang
CC: 'clang --target=aarch64-linux-gnu'
- env_vars: # clang-snapshot
CC: 'clang-snapshot --target=aarch64-linux-gnu'
cc:
- 'gcc'
- 'clang'
- 'gcc-snapshot'
- 'clang-snapshot'
steps:
- name: Checkout
uses: actions/checkout@v4
- name: CI script
env: ${{ matrix.configuration.env_vars }}
uses: ./.github/actions/run-in-docker-action
with:
dockerfile: ./ci/linux-debian.Dockerfile
tag: linux-debian-image
tag: arm64-debian-image
- name: Print logs
uses: ./.github/actions/print-logs
@ -290,7 +297,7 @@ jobs:
uses: ./.github/actions/run-in-docker-action
with:
dockerfile: ./ci/linux-debian.Dockerfile
tag: linux-debian-image
tag: x64-debian-image
- name: Print logs
uses: ./.github/actions/print-logs
@ -298,18 +305,38 @@ jobs:
valgrind_debian:
name: "Valgrind (memcheck)"
runs-on: ubuntu-latest
name: "Valgrind ${{ matrix.binary_arch }} (memcheck)"
runs-on: ${{ matrix.runner }}
needs: docker_cache
strategy:
fail-fast: false
matrix:
configuration:
- env_vars: { CC: 'clang', ASM: 'auto' }
- env_vars: { CC: 'i686-linux-gnu-gcc', HOST: 'i686-linux-gnu', ASM: 'auto' }
- env_vars: { CC: 'clang', ASM: 'no', ECMULTGENKB: 2, ECMULTWINDOW: 2 }
- env_vars: { CC: 'i686-linux-gnu-gcc', HOST: 'i686-linux-gnu', ASM: 'no', ECMULTGENKB: 2, ECMULTWINDOW: 2 }
include:
- docker_arch: x64
runner: ubuntu-latest
binary_arch: x64
env_vars: { CC: 'clang', ASM: 'auto' }
- docker_arch: x64
runner: ubuntu-latest
binary_arch: i686
env_vars: { CC: 'i686-linux-gnu-gcc', HOST: 'i686-linux-gnu', ASM: 'auto' }
- docker_arch: arm64
runner: ubuntu-24.04-arm
binary_arch: arm64
env_vars: { CC: 'clang', ASM: 'auto' }
- docker_arch: x64
runner: ubuntu-latest
binary_arch: x64
env_vars: { CC: 'clang', ASM: 'no', ECMULTGENKB: 2, ECMULTWINDOW: 2 }
- docker_arch: x64
runner: ubuntu-latest
binary_arch: i686
env_vars: { CC: 'i686-linux-gnu-gcc', HOST: 'i686-linux-gnu', ASM: 'no', ECMULTGENKB: 2, ECMULTWINDOW: 2 }
- docker_arch: arm64
runner: ubuntu-24.04-arm
binary_arch: arm64
env_vars: { CC: 'clang', ASM: 'no', ECMULTGENKB: 2, ECMULTWINDOW: 2 }
env:
# The `--error-exitcode` is required to make the test fail if valgrind found errors,
@ -329,11 +356,11 @@ jobs:
uses: actions/checkout@v4
- name: CI script
env: ${{ matrix.configuration.env_vars }}
env: ${{ matrix.env_vars }}
uses: ./.github/actions/run-in-docker-action
with:
dockerfile: ./ci/linux-debian.Dockerfile
tag: linux-debian-image
tag: ${{ matrix.docker_arch }}-debian-image
- name: Print logs
uses: ./.github/actions/print-logs
@ -377,7 +404,7 @@ jobs:
uses: ./.github/actions/run-in-docker-action
with:
dockerfile: ./ci/linux-debian.Dockerfile
tag: linux-debian-image
tag: x64-debian-image
- name: Print logs
uses: ./.github/actions/print-logs
@ -428,7 +455,7 @@ jobs:
uses: ./.github/actions/run-in-docker-action
with:
dockerfile: ./ci/linux-debian.Dockerfile
tag: linux-debian-image
tag: x64-debian-image
- name: Print logs
uses: ./.github/actions/print-logs
@ -471,7 +498,7 @@ jobs:
uses: ./.github/actions/run-in-docker-action
with:
dockerfile: ./ci/linux-debian.Dockerfile
tag: linux-debian-image
tag: x64-debian-image
- name: Print logs
uses: ./.github/actions/print-logs
@ -546,13 +573,13 @@ jobs:
fail-fast: false
matrix:
env_vars:
- { WIDEMUL: 'int64', RECOVERY: 'yes', ECDH: 'yes', EXTRAKEYS: 'yes', SCHNORRSIG: 'yes', ELLSWIFT: 'yes' }
- { WIDEMUL: 'int64', RECOVERY: 'yes', ECDH: 'yes', EXTRAKEYS: 'yes', SCHNORRSIG: 'yes', MUSIG: 'yes', ELLSWIFT: 'yes' }
- { WIDEMUL: 'int128_struct', ECMULTGENPRECISION: 2, ECMULTWINDOW: 4 }
- { WIDEMUL: 'int128', ECDH: 'yes', EXTRAKEYS: 'yes', SCHNORRSIG: 'yes', ELLSWIFT: 'yes' }
- { WIDEMUL: 'int128', ECDH: 'yes', EXTRAKEYS: 'yes', SCHNORRSIG: 'yes', MUSIG: 'yes', ELLSWIFT: 'yes' }
- { WIDEMUL: 'int128', RECOVERY: 'yes' }
- { WIDEMUL: 'int128', RECOVERY: 'yes', ECDH: 'yes', EXTRAKEYS: 'yes', SCHNORRSIG: 'yes', ELLSWIFT: 'yes' }
- { WIDEMUL: 'int128', RECOVERY: 'yes', ECDH: 'yes', EXTRAKEYS: 'yes', SCHNORRSIG: 'yes', ELLSWIFT: 'yes', CC: 'gcc' }
- { WIDEMUL: 'int128', RECOVERY: 'yes', ECDH: 'yes', EXTRAKEYS: 'yes', SCHNORRSIG: 'yes', ELLSWIFT: 'yes', CPPFLAGS: '-DVERIFY' }
- { WIDEMUL: 'int128', RECOVERY: 'yes', ECDH: 'yes', EXTRAKEYS: 'yes', SCHNORRSIG: 'yes', MUSIG: 'yes', ELLSWIFT: 'yes' }
- { WIDEMUL: 'int128', RECOVERY: 'yes', ECDH: 'yes', EXTRAKEYS: 'yes', SCHNORRSIG: 'yes', MUSIG: 'yes', ELLSWIFT: 'yes', CC: 'gcc' }
- { WIDEMUL: 'int128', RECOVERY: 'yes', ECDH: 'yes', EXTRAKEYS: 'yes', SCHNORRSIG: 'yes', MUSIG: 'yes', ELLSWIFT: 'yes', CPPFLAGS: '-DVERIFY' }
- BUILD: 'distcheck'
steps:
@ -625,10 +652,11 @@ jobs:
- name: Symbol check
if: ${{ matrix.configuration.symbol_check }}
shell: bash
run: |
py -3 --version
py -3 -m pip install lief
py -3 .\tools\symbol-check.py build\bin\RelWithDebInfo\libsecp256k1-5.dll
py -3 ./tools/symbol-check.py build/bin/RelWithDebInfo/libsecp256k1-*.dll
- name: Check
run: |
@ -678,7 +706,7 @@ jobs:
uses: ./.github/actions/run-in-docker-action
with:
dockerfile: ./ci/linux-debian.Dockerfile
tag: linux-debian-image
tag: x64-debian-image
- name: Print logs
uses: ./.github/actions/print-logs
@ -697,7 +725,7 @@ jobs:
uses: ./.github/actions/run-in-docker-action
with:
dockerfile: ./ci/linux-debian.Dockerfile
tag: linux-debian-image
tag: x64-debian-image
command: |
g++ -Werror include/*.h
clang -Werror -x c++-header include/*.h

23
CHANGELOG.md
View File

@ -7,11 +7,29 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [Unreleased]
## [0.7.0] - 2025-07-21
#### Added
- CMake: Added `secp256k1_objs` interface library to allow parent projects to embed libsecp256k1 object files into their own static libraries.
- build: Added `SECP256K1_NO_API_VISIBILITY_ATTRIBUTES` preprocessor flag (CMake option: `SECP256K1_ENABLE_API_VISIBILITY_ATTRIBUTES`) that disables explicit "visibility" attributes for API symbols. Defining this macro enables the user to control the visibility of the API symbols via `-fvisibility=<value>` when building libsecp256k1. (All non-API declarations will always have hidden visibility, even with `SECP256K1_ENABLE_API_VISIBILITY_ATTRIBUTES` defined.) For instance, `-fvisibility=hidden` can be useful even for the API symbols, e.g., when building a static libsecp256k1 which is linked into a shared library, and the latter should not re-export the libsecp256k1 API.
#### Changed
- The pointers `secp256k1_context_static` and `secp256k1_context_no_precomp` to the constant context objects are now `const`.
- Removed `SECP256K1_WARN_UNUSED_RESULT` attribute (defined as `__attribute__ ((__warn_unused_result__))`) from several API functions that always return 1. Compilers will no longer warn if the return value is unused.
- CMake: Building with CMake is no longer considered experimental.
- CMake: The minimum required CMake version was increased to 3.22.
- CMake: Shared libraries built with CMake on FreeBSD now create the full versioned filename and symlink chain, matching the behavior of autotools builds.
#### Removed
- Removed previously deprecated function aliases `secp256k1_ec_privkey_negate`, `secp256k1_ec_privkey_tweak_add` and
`secp256k1_ec_privkey_tweak_mul`. Use `secp256k1_ec_seckey_negate`, `secp256k1_ec_seckey_tweak_add` and
`secp256k1_ec_seckey_tweak_mul` instead.
#### ABI Compatibility
The symbols `secp256k1_ec_privkey_negate`, `secp256k1_ec_privkey_tweak_add`, and `secp256k1_ec_privkey_tweak_mul` were removed.
The pointers `secp256k1_context_static` and `secp256k1_context_no_precomp` have been made `const`.
Otherwise, the library maintains backward compatibility with version 0.6.0.
## [0.6.0] - 2024-11-04
#### Added
@ -115,7 +133,7 @@ We strongly recommend updating to 0.3.1 if you use or plan to use Clang >=14 to
- Fix "constant-timeness" issue with Clang >=14 that could leave applications using libsecp256k1 vulnerable to a timing side-channel attack. The fix avoids secret-dependent control flow and secret-dependent memory accesses in conditional moves of memory objects when libsecp256k1 is compiled with Clang >=14.
#### Added
- Added tests against [Project Wycheproof's](https://github.com/google/wycheproof/) set of ECDSA test vectors (Bitcoin "low-S" variant), a fixed set of test cases designed to trigger various edge cases.
- Added tests against [Project Wycheproof's](https://github.com/C2SP/wycheproof/) set of ECDSA test vectors (Bitcoin "low-S" variant), a fixed set of test cases designed to trigger various edge cases.
#### Changed
- Increased minimum required CMake version to 3.13. CMake builds remain experimental.
@ -169,7 +187,8 @@ This version was in fact never released.
The number was given by the build system since the introduction of autotools in Jan 2014 (ea0fe5a5bf0c04f9cc955b2966b614f5f378c6f6).
Therefore, this version number does not uniquely identify a set of source files.
[unreleased]: https://github.com/bitcoin-core/secp256k1/compare/v0.6.0...HEAD
[unreleased]: https://github.com/bitcoin-core/secp256k1/compare/v0.7.0...HEAD
[0.7.0]: https://github.com/bitcoin-core/secp256k1/compare/v0.6.0...v0.7.0
[0.6.0]: https://github.com/bitcoin-core/secp256k1/compare/v0.5.1...v0.6.0
[0.5.1]: https://github.com/bitcoin-core/secp256k1/compare/v0.5.0...v0.5.1
[0.5.0]: https://github.com/bitcoin-core/secp256k1/compare/v0.4.1...v0.5.0

55
CMakeLists.txt
View File

@ -1,4 +1,4 @@
cmake_minimum_required(VERSION 3.16)
cmake_minimum_required(VERSION 3.22)
#=============================
# Project / Package metadata
@ -7,31 +7,21 @@ project(libsecp256k1
# The package (a.k.a. release) version is based on semantic versioning 2.0.0 of
# the API. All changes in experimental modules are treated as
# backwards-compatible and therefore at most increase the minor version.
VERSION 0.6.1
VERSION 0.7.1
DESCRIPTION "Optimized C library for ECDSA signatures and secret/public key operations on curve secp256k1."
HOMEPAGE_URL "https://github.com/bitcoin-core/secp256k1"
LANGUAGES C
)
enable_testing()
include(CTestUseLaunchers) # Allow users to set CTEST_USE_LAUNCHERS in custom `ctest -S` scripts.
list(APPEND CMAKE_MODULE_PATH ${PROJECT_SOURCE_DIR}/cmake)
if(CMAKE_VERSION VERSION_LESS 3.21)
# Emulates CMake 3.21+ behavior.
if(CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR)
set(PROJECT_IS_TOP_LEVEL ON)
set(${PROJECT_NAME}_IS_TOP_LEVEL ON)
else()
set(PROJECT_IS_TOP_LEVEL OFF)
set(${PROJECT_NAME}_IS_TOP_LEVEL OFF)
endif()
endif()
# The library version is based on libtool versioning of the ABI. The set of
# rules for updating the version can be found here:
# https://www.gnu.org/software/libtool/manual/html_node/Updating-version-info.html
# All changes in experimental modules are treated as if they don't affect the
# interface and therefore only increase the revision.
set(${PROJECT_NAME}_LIB_VERSION_CURRENT 5)
set(${PROJECT_NAME}_LIB_VERSION_CURRENT 6)
set(${PROJECT_NAME}_LIB_VERSION_REVISION 1)
set(${PROJECT_NAME}_LIB_VERSION_AGE 0)
@ -52,6 +42,8 @@ endif()
option(SECP256K1_INSTALL "Enable installation." ${PROJECT_IS_TOP_LEVEL})
option(SECP256K1_ENABLE_API_VISIBILITY_ATTRIBUTES "Enable visibility attributes in the API." ON)
## Modules
# We declare all options before processing them, to make sure we can express
@ -63,40 +55,6 @@ option(SECP256K1_ENABLE_MODULE_SCHNORRSIG "Enable schnorrsig module." ON)
option(SECP256K1_ENABLE_MODULE_MUSIG "Enable musig module." ON)
option(SECP256K1_ENABLE_MODULE_ELLSWIFT "Enable ElligatorSwift module." ON)
# Processing must be done in a topological sorting of the dependency graph
# (dependent module first).
if(SECP256K1_ENABLE_MODULE_ELLSWIFT)
add_compile_definitions(ENABLE_MODULE_ELLSWIFT=1)
endif()
if(SECP256K1_ENABLE_MODULE_MUSIG)
if(DEFINED SECP256K1_ENABLE_MODULE_SCHNORRSIG AND NOT SECP256K1_ENABLE_MODULE_SCHNORRSIG)
message(FATAL_ERROR "Module dependency error: You have disabled the schnorrsig module explicitly, but it is required by the musig module.")
endif()
set(SECP256K1_ENABLE_MODULE_SCHNORRSIG ON)
add_compile_definitions(ENABLE_MODULE_MUSIG=1)
endif()
if(SECP256K1_ENABLE_MODULE_SCHNORRSIG)
if(DEFINED SECP256K1_ENABLE_MODULE_EXTRAKEYS AND NOT SECP256K1_ENABLE_MODULE_EXTRAKEYS)
message(FATAL_ERROR "Module dependency error: You have disabled the extrakeys module explicitly, but it is required by the schnorrsig module.")
endif()
set(SECP256K1_ENABLE_MODULE_EXTRAKEYS ON)
add_compile_definitions(ENABLE_MODULE_SCHNORRSIG=1)
endif()
if(SECP256K1_ENABLE_MODULE_EXTRAKEYS)
add_compile_definitions(ENABLE_MODULE_EXTRAKEYS=1)
endif()
if(SECP256K1_ENABLE_MODULE_RECOVERY)
add_compile_definitions(ENABLE_MODULE_RECOVERY=1)
endif()
if(SECP256K1_ENABLE_MODULE_ECDH)
add_compile_definitions(ENABLE_MODULE_ECDH=1)
endif()
option(SECP256K1_USE_EXTERNAL_DEFAULT_CALLBACKS "Enable external default callback functions." OFF)
if(SECP256K1_USE_EXTERNAL_DEFAULT_CALLBACKS)
add_compile_definitions(USE_EXTERNAL_DEFAULT_CALLBACKS=1)
@ -356,6 +314,7 @@ else()
set(cross_status "FALSE")
endif()
message("Cross compiling ....................... ${cross_status}")
message("API visibility attributes ............. ${SECP256K1_ENABLE_API_VISIBILITY_ATTRIBUTES}")
message("Valgrind .............................. ${SECP256K1_VALGRIND}")
get_directory_property(definitions COMPILE_DEFINITIONS)
string(REPLACE ";" " " definitions "${definitions}")

1
CMakePresets.json
View File

@ -1,5 +1,4 @@
{
"cmakeMinimumRequired": {"major": 3, "minor": 21, "patch": 0},
"version": 3,
"configurePresets": [
{

7
README.md
View File

@ -108,8 +108,8 @@ Building with Autotools
To compile optional modules (such as Schnorr signatures), you need to run `./configure` with additional flags (such as `--enable-module-schnorrsig`). Run `./configure --help` to see the full list of available flags.
Building with CMake (experimental)
----------------------------------
Building with CMake
-------------------
To maintain a pristine source tree, CMake encourages to perform an out-of-source build by using a separate dedicated build tree.
@ -151,8 +151,9 @@ Usage examples can be found in the [examples](examples) directory. To compile th
* [Schnorr signatures example](examples/schnorr.c)
* [Deriving a shared secret (ECDH) example](examples/ecdh.c)
* [ElligatorSwift key exchange example](examples/ellswift.c)
* [MuSig2 Schnorr multi-signatures example](examples/musig.c)
To compile the Schnorr signature and ECDH examples, you also need to configure with `--enable-module-schnorrsig` and `--enable-module-ecdh`.
To compile the examples, make sure the corresponding modules are enabled.
Benchmark
------------

2
ci/ci.sh
View File

@ -113,7 +113,7 @@ then
case "$HOST" in
*mingw*)
ls -l .libs
python3 ./tools/symbol-check.py .libs/libsecp256k1-5.dll
python3 ./tools/symbol-check.py .libs/libsecp256k1-*.dll
;;
*)
python3 ./tools/symbol-check.py .libs/libsecp256k1.so

2
ci/linux-debian.Dockerfile
View File

@ -40,7 +40,7 @@ RUN apt-get update && apt-get install --no-install-recommends -y \
apt-get clean && rm -rf /var/lib/apt/lists/*
# Build and install gcc snapshot
ARG GCC_SNAPSHOT_MAJOR=15
ARG GCC_SNAPSHOT_MAJOR=16
RUN apt-get update && apt-get install --no-install-recommends -y wget libgmp-dev libmpfr-dev libmpc-dev flex && \
mkdir gcc && cd gcc && \
wget --progress=dot:giga --https-only --recursive --accept '*.tar.xz' --level 1 --no-directories "https://gcc.gnu.org/pub/gcc/snapshots/LATEST-${GCC_SNAPSHOT_MAJOR}" && \

4
configure.ac
View File

@ -4,7 +4,7 @@ AC_PREREQ([2.60])
# the API. All changes in experimental modules are treated as
# backwards-compatible and therefore at most increase the minor version.
define(_PKG_VERSION_MAJOR, 0)
define(_PKG_VERSION_MINOR, 6)
define(_PKG_VERSION_MINOR, 7)
define(_PKG_VERSION_PATCH, 1)
define(_PKG_VERSION_IS_RELEASE, false)
@ -13,7 +13,7 @@ define(_PKG_VERSION_IS_RELEASE, false)
# https://www.gnu.org/software/libtool/manual/html_node/Updating-version-info.html
# All changes in experimental modules are treated as if they don't affect the
# interface and therefore only increase the revision.
define(_LIB_VERSION_CURRENT, 5)
define(_LIB_VERSION_CURRENT, 6)
define(_LIB_VERSION_REVISION, 1)
define(_LIB_VERSION_AGE, 0)

88
include/secp256k1.h
View File

@ -121,45 +121,57 @@ typedef int (*secp256k1_nonce_function)(
#endif
/* Symbol visibility. */
#if defined(_WIN32)
/* GCC for Windows (e.g., MinGW) accepts the __declspec syntax
* for MSVC compatibility. A __declspec declaration implies (but is not
* exactly equivalent to) __attribute__ ((visibility("default"))), and so we
* actually want __declspec even on GCC, see "Microsoft Windows Function
* Attributes" in the GCC manual and the recommendations in
* https://gcc.gnu.org/wiki/Visibility. */
# if defined(SECP256K1_BUILD)
# if defined(DLL_EXPORT) || defined(SECP256K1_DLL_EXPORT)
/* Building libsecp256k1 as a DLL.
* 1. If using Libtool, it defines DLL_EXPORT automatically.
* 2. In other cases, SECP256K1_DLL_EXPORT must be defined. */
# define SECP256K1_API extern __declspec (dllexport)
# else
/* Building libsecp256k1 as a static library on Windows.
* No declspec is needed, and so we would want the non-Windows-specific
* logic below take care of this case. However, this may result in setting
* __attribute__ ((visibility("default"))), which is supposed to be a noop
* on Windows but may trigger warnings when compiling with -flto due to a
* bug in GCC, see
* https://gcc.gnu.org/bugzilla/show_bug.cgi?id=116478 . */
# define SECP256K1_API extern
# endif
/* The user must define SECP256K1_STATIC when consuming libsecp256k1 as a static
* library on Windows. */
# elif !defined(SECP256K1_STATIC)
/* Consuming libsecp256k1 as a DLL. */
# define SECP256K1_API extern __declspec (dllimport)
# endif
#if !defined(SECP256K1_API) && defined(SECP256K1_NO_API_VISIBILITY_ATTRIBUTES)
/* The user has requested that we don't specify visibility attributes in
* the public API.
*
* Since all our non-API declarations use the static qualifier, this means
* that the user can use -fvisibility=<value> to set the visibility of the
* API symbols. For instance, -fvisibility=hidden can be useful *even for
* the API symbols*, e.g., when building a static library which is linked
* into a shared library, and the latter should not re-export the
* libsecp256k1 API.
*
* While visibility is a concept that applies only to shared libraries,
* setting visibility will still make a difference when building a static
* library: the visibility settings will be stored in the static library,
* solely for the potential case that the static library will be linked into
* a shared library. In that case, the stored visibility settings will
* resurface and be honored for the shared library. */
# define SECP256K1_API extern
#endif
#ifndef SECP256K1_API
/* All cases not captured by the Windows-specific logic. */
# if defined(__GNUC__) && (__GNUC__ >= 4) && defined(SECP256K1_BUILD)
/* Building libsecp256k1 using GCC or compatible. */
# define SECP256K1_API extern __attribute__ ((visibility ("default")))
# else
/* Fall back to standard C's extern. */
# define SECP256K1_API extern
# endif
#if !defined(SECP256K1_API)
# if defined(SECP256K1_BUILD)
/* On Windows, assume a shared library only if explicitly requested.
* 1. If using Libtool, it defines DLL_EXPORT automatically.
* 2. In other cases, SECP256K1_DLL_EXPORT must be defined. */
# if defined(_WIN32) && (defined(SECP256K1_DLL_EXPORT) || defined(DLL_EXPORT))
/* GCC for Windows (e.g., MinGW) accepts the __declspec syntax for
* MSVC compatibility. A __declspec declaration implies (but is not
* exactly equivalent to) __attribute__ ((visibility("default"))),
* and so we actually want __declspec even on GCC, see "Microsoft
* Windows Function Attributes" in the GCC manual and the
* recommendations in https://gcc.gnu.org/wiki/Visibility . */
# define SECP256K1_API extern __declspec(dllexport)
/* Avoid __attribute__ ((visibility("default"))) on Windows to get rid
* of warnings when compiling with -flto due to a bug in GCC, see
* https://gcc.gnu.org/bugzilla/show_bug.cgi?id=116478 . */
# elif !defined(_WIN32) && defined (__GNUC__) && (__GNUC__ >= 4)
# define SECP256K1_API extern __attribute__ ((visibility("default")))
# else
# define SECP256K1_API extern
# endif
# else
/* On Windows, SECP256K1_STATIC must be defined when consuming
* libsecp256k1 as a static library. Note that SECP256K1_STATIC is a
* "consumer-only" macro, and it has no meaning when building
* libsecp256k1. */
# if defined(_WIN32) && !defined(SECP256K1_STATIC)
# define SECP256K1_API extern __declspec(dllimport)
# else
# define SECP256K1_API extern
# endif
# endif
#endif
/* Warning attributes

119
src/CMakeLists.txt
View File

@ -1,5 +1,49 @@
# Must be included before CMAKE_INSTALL_INCLUDEDIR is used.
include(GNUInstallDirs)
add_library(secp256k1)
set_property(TARGET secp256k1 PROPERTY PUBLIC_HEADER
${PROJECT_SOURCE_DIR}/include/secp256k1.h
${PROJECT_SOURCE_DIR}/include/secp256k1_preallocated.h
)
# Processing must be done in a topological sorting of the dependency graph
# (dependent module first).
if(SECP256K1_ENABLE_MODULE_ELLSWIFT)
add_compile_definitions(ENABLE_MODULE_ELLSWIFT=1)
set_property(TARGET secp256k1 APPEND PROPERTY PUBLIC_HEADER ${PROJECT_SOURCE_DIR}/include/secp256k1_ellswift.h)
endif()
if(SECP256K1_ENABLE_MODULE_MUSIG)
if(DEFINED SECP256K1_ENABLE_MODULE_SCHNORRSIG AND NOT SECP256K1_ENABLE_MODULE_SCHNORRSIG)
message(FATAL_ERROR "Module dependency error: You have disabled the schnorrsig module explicitly, but it is required by the musig module.")
endif()
set(SECP256K1_ENABLE_MODULE_SCHNORRSIG ON)
add_compile_definitions(ENABLE_MODULE_MUSIG=1)
set_property(TARGET secp256k1 APPEND PROPERTY PUBLIC_HEADER ${PROJECT_SOURCE_DIR}/include/secp256k1_musig.h)
endif()
if(SECP256K1_ENABLE_MODULE_SCHNORRSIG)
if(DEFINED SECP256K1_ENABLE_MODULE_EXTRAKEYS AND NOT SECP256K1_ENABLE_MODULE_EXTRAKEYS)
message(FATAL_ERROR "Module dependency error: You have disabled the extrakeys module explicitly, but it is required by the schnorrsig module.")
endif()
set(SECP256K1_ENABLE_MODULE_EXTRAKEYS ON)
add_compile_definitions(ENABLE_MODULE_SCHNORRSIG=1)
set_property(TARGET secp256k1 APPEND PROPERTY PUBLIC_HEADER ${PROJECT_SOURCE_DIR}/include/secp256k1_schnorrsig.h)
endif()
if(SECP256K1_ENABLE_MODULE_EXTRAKEYS)
add_compile_definitions(ENABLE_MODULE_EXTRAKEYS=1)
set_property(TARGET secp256k1 APPEND PROPERTY PUBLIC_HEADER ${PROJECT_SOURCE_DIR}/include/secp256k1_extrakeys.h)
endif()
if(SECP256K1_ENABLE_MODULE_RECOVERY)
add_compile_definitions(ENABLE_MODULE_RECOVERY=1)
set_property(TARGET secp256k1 APPEND PROPERTY PUBLIC_HEADER ${PROJECT_SOURCE_DIR}/include/secp256k1_recovery.h)
endif()
if(SECP256K1_ENABLE_MODULE_ECDH)
add_compile_definitions(ENABLE_MODULE_ECDH=1)
set_property(TARGET secp256k1 APPEND PROPERTY PUBLIC_HEADER ${PROJECT_SOURCE_DIR}/include/secp256k1_ecdh.h)
endif()
add_library(secp256k1_precomputed OBJECT EXCLUDE_FROM_ALL
precomputed_ecmult.c
@ -8,7 +52,16 @@ add_library(secp256k1_precomputed OBJECT EXCLUDE_FROM_ALL
# Add objects explicitly rather than linking to the object libs to keep them
# from being exported.
add_library(secp256k1 secp256k1.c $<TARGET_OBJECTS:secp256k1_precomputed>)
target_sources(secp256k1 PRIVATE secp256k1.c $<TARGET_OBJECTS:secp256k1_precomputed>)
if(NOT SECP256K1_ENABLE_API_VISIBILITY_ATTRIBUTES)
target_compile_definitions(secp256k1 PRIVATE SECP256K1_NO_API_VISIBILITY_ATTRIBUTES)
endif()
# Create a helper lib that parent projects can use to link secp256k1 into a
# static lib.
add_library(secp256k1_objs INTERFACE)
target_sources(secp256k1_objs INTERFACE $<TARGET_OBJECTS:secp256k1> $<TARGET_OBJECTS:secp256k1_precomputed>)
add_library(secp256k1_asm INTERFACE)
if(SECP256K1_ASM STREQUAL "arm32")
@ -17,6 +70,7 @@ if(SECP256K1_ASM STREQUAL "arm32")
asm/field_10x26_arm.s
)
target_sources(secp256k1 PRIVATE $<TARGET_OBJECTS:secp256k1_asm_arm>)
target_sources(secp256k1_objs INTERFACE $<TARGET_OBJECTS:secp256k1_asm_arm>)
target_link_libraries(secp256k1_asm INTERFACE secp256k1_asm_arm)
endif()
@ -31,10 +85,13 @@ endif()
get_target_property(use_pic secp256k1 POSITION_INDEPENDENT_CODE)
set_target_properties(secp256k1_precomputed PROPERTIES POSITION_INDEPENDENT_CODE ${use_pic})
# Add the include path for parent projects so that they don't have to manually add it.
target_include_directories(secp256k1 INTERFACE
# Add the include path for parent projects so that they don't have to manually add it.
$<BUILD_INTERFACE:$<$<NOT:$<BOOL:${PROJECT_IS_TOP_LEVEL}>>:${PROJECT_SOURCE_DIR}/include>>
$<INSTALL_INTERFACE:${CMAKE_INSTALL_INCLUDEDIR}>
)
set_target_properties(secp256k1_objs PROPERTIES
INTERFACE_COMPILE_DEFINITIONS "$<TARGET_PROPERTY:secp256k1,INTERFACE_COMPILE_DEFINITIONS>"
INTERFACE_INCLUDE_DIRECTORIES "$<TARGET_PROPERTY:secp256k1,INTERFACE_INCLUDE_DIRECTORIES>"
)
# This emulates Libtool to make sure Libtool and CMake agree on the ABI version,
@ -43,25 +100,17 @@ math(EXPR ${PROJECT_NAME}_soversion "${${PROJECT_NAME}_LIB_VERSION_CURRENT} - ${
set_target_properties(secp256k1 PROPERTIES
SOVERSION ${${PROJECT_NAME}_soversion}
)
if(CMAKE_SYSTEM_NAME STREQUAL "Linux")
if(CMAKE_SYSTEM_NAME MATCHES "^(Linux|FreeBSD)$")
set_target_properties(secp256k1 PROPERTIES
VERSION ${${PROJECT_NAME}_soversion}.${${PROJECT_NAME}_LIB_VERSION_AGE}.${${PROJECT_NAME}_LIB_VERSION_REVISION}
)
elseif(APPLE)
if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.17)
math(EXPR ${PROJECT_NAME}_compatibility_version "${${PROJECT_NAME}_LIB_VERSION_CURRENT} + 1")
set_target_properties(secp256k1 PROPERTIES
MACHO_COMPATIBILITY_VERSION ${${PROJECT_NAME}_compatibility_version}
MACHO_CURRENT_VERSION ${${PROJECT_NAME}_compatibility_version}.${${PROJECT_NAME}_LIB_VERSION_REVISION}
)
unset(${PROJECT_NAME}_compatibility_version)
elseif(BUILD_SHARED_LIBS)
message(WARNING
"The 'compatibility version' and 'current version' values of the DYLIB "
"will diverge from the values set by the GNU Libtool. To ensure "
"compatibility, it is recommended to upgrade CMake to at least version 3.17."
)
endif()
math(EXPR ${PROJECT_NAME}_compatibility_version "${${PROJECT_NAME}_LIB_VERSION_CURRENT} + 1")
set_target_properties(secp256k1 PROPERTIES
MACHO_COMPATIBILITY_VERSION ${${PROJECT_NAME}_compatibility_version}
MACHO_CURRENT_VERSION ${${PROJECT_NAME}_compatibility_version}.${${PROJECT_NAME}_LIB_VERSION_REVISION}
)
unset(${PROJECT_NAME}_compatibility_version)
elseif(CMAKE_SYSTEM_NAME STREQUAL "Windows")
set(${PROJECT_NAME}_windows "secp256k1")
if(MSVC)
@ -110,36 +159,16 @@ if(SECP256K1_BUILD_CTIME_TESTS)
endif()
if(SECP256K1_INSTALL)
include(GNUInstallDirs)
target_include_directories(secp256k1 INTERFACE
$<INSTALL_INTERFACE:${CMAKE_INSTALL_INCLUDEDIR}>
)
install(TARGETS secp256k1
EXPORT ${PROJECT_NAME}-targets
RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR}
LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}
ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
)
set(${PROJECT_NAME}_headers
"${PROJECT_SOURCE_DIR}/include/secp256k1.h"
"${PROJECT_SOURCE_DIR}/include/secp256k1_preallocated.h"
)
if(SECP256K1_ENABLE_MODULE_ECDH)
list(APPEND ${PROJECT_NAME}_headers "${PROJECT_SOURCE_DIR}/include/secp256k1_ecdh.h")
endif()
if(SECP256K1_ENABLE_MODULE_RECOVERY)
list(APPEND ${PROJECT_NAME}_headers "${PROJECT_SOURCE_DIR}/include/secp256k1_recovery.h")
endif()
if(SECP256K1_ENABLE_MODULE_EXTRAKEYS)
list(APPEND ${PROJECT_NAME}_headers "${PROJECT_SOURCE_DIR}/include/secp256k1_extrakeys.h")
endif()
if(SECP256K1_ENABLE_MODULE_SCHNORRSIG)
list(APPEND ${PROJECT_NAME}_headers "${PROJECT_SOURCE_DIR}/include/secp256k1_schnorrsig.h")
endif()
if(SECP256K1_ENABLE_MODULE_MUSIG)
list(APPEND ${PROJECT_NAME}_headers "${PROJECT_SOURCE_DIR}/include/secp256k1_musig.h")
endif()
if(SECP256K1_ENABLE_MODULE_ELLSWIFT)
list(APPEND ${PROJECT_NAME}_headers "${PROJECT_SOURCE_DIR}/include/secp256k1_ellswift.h")
endif()
install(FILES ${${PROJECT_NAME}_headers}
DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
PUBLIC_HEADER DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
)
install(EXPORT ${PROJECT_NAME}-targets

31
src/bench_ecmult.c
View File

@ -56,6 +56,7 @@ typedef struct {
/* Benchmark output. */
secp256k1_gej* output;
secp256k1_fe* output_xonly;
} bench_data;
/* Hashes x into [0, POINTS) twice and store the result in offset1 and offset2. */
@ -123,6 +124,32 @@ static void bench_ecmult_const_teardown(void* arg, int iters) {
bench_ecmult_teardown_helper(data, &data->offset1, &data->offset2, NULL, iters);
}
static void bench_ecmult_const_xonly(void* arg, int iters) {
bench_data* data = (bench_data*)arg;
int i;
for (i = 0; i < iters; ++i) {
const secp256k1_ge* pubkey = &data->pubkeys[(data->offset1+i) % POINTS];
const secp256k1_scalar* scalar = &data->scalars[(data->offset2+i) % POINTS];
int known_on_curve = 1;
secp256k1_ecmult_const_xonly(&data->output_xonly[i], &pubkey->x, NULL, scalar, known_on_curve);
}
}
static void bench_ecmult_const_xonly_teardown(void* arg, int iters) {
bench_data* data = (bench_data*)arg;
int i;
/* verify by comparing with x coordinate of regular ecmult result */
for (i = 0; i < iters; ++i) {
const secp256k1_gej* pubkey_gej = &data->pubkeys_gej[(data->offset1+i) % POINTS];
const secp256k1_scalar* scalar = &data->scalars[(data->offset2+i) % POINTS];
secp256k1_gej expected_gej;
secp256k1_ecmult(&expected_gej, pubkey_gej, scalar, NULL);
CHECK(secp256k1_gej_eq_x_var(&data->output_xonly[i], &expected_gej));
}
}
static void bench_ecmult_1p(void* arg, int iters) {
bench_data* data = (bench_data*)arg;
int i;
@ -171,6 +198,8 @@ static void run_ecmult_bench(bench_data* data, int iters) {
run_benchmark(str, bench_ecmult_gen, bench_ecmult_setup, bench_ecmult_gen_teardown, data, 10, iters);
sprintf(str, "ecmult_const");
run_benchmark(str, bench_ecmult_const, bench_ecmult_setup, bench_ecmult_const_teardown, data, 10, iters);
sprintf(str, "ecmult_const_xonly");
run_benchmark(str, bench_ecmult_const_xonly, bench_ecmult_setup, bench_ecmult_const_xonly_teardown, data, 10, iters);
/* ecmult with non generator point */
sprintf(str, "ecmult_1p");
run_benchmark(str, bench_ecmult_1p, bench_ecmult_setup, bench_ecmult_1p_teardown, data, 10, iters);
@ -319,6 +348,7 @@ int main(int argc, char **argv) {
data.pubkeys_gej = malloc(sizeof(secp256k1_gej) * POINTS);
data.expected_output = malloc(sizeof(secp256k1_gej) * (iters + 1));
data.output = malloc(sizeof(secp256k1_gej) * (iters + 1));
data.output_xonly = malloc(sizeof(secp256k1_fe) * (iters + 1));
/* Generate a set of scalars, and private/public keypairs. */
secp256k1_gej_set_ge(&data.pubkeys_gej[0], &secp256k1_ge_const_g);
@ -361,6 +391,7 @@ int main(int argc, char **argv) {
free(data.pubkeys);
free(data.pubkeys_gej);
free(data.seckeys);
free(data.output_xonly);
free(data.output);
free(data.expected_output);

2
src/ecmult_const_impl.h
View File

@ -373,6 +373,8 @@ static int secp256k1_ecmult_const_xonly(secp256k1_fe* r, const secp256k1_fe *n,
}
}
SECP256K1_FE_VERIFY_MAGNITUDE(&g, 2);
/* Compute base point P = (n*g, g^2), the effective affine version of (n*g, g^2, v), which has
* corresponding affine X coordinate n/d. */
secp256k1_fe_mul(&p.x, &g, n);

13
src/modules/musig/tests_impl.h
View File

@ -910,12 +910,15 @@ static void musig_test_vectors_signverify(void) {
* the signing key does not belong to any pubkey. */
continue;
}
expected = c->error != MUSIG_PUBKEY;
CHECK(expected == musig_vectors_keyagg_and_tweak(&error, &keyagg_cache, NULL, vector->pubkeys, NULL, c->key_indices_len, c->key_indices, 0, NULL, NULL));
CHECK(expected || c->error == error);
if (!expected) {
continue;
}
CHECK(secp256k1_ec_pubkey_parse(CTX, &pubkey, vector->pubkeys[0], sizeof(vector->pubkeys[0])));
CHECK(secp256k1_keypair_create(CTX, &keypair, vector->sk));
expected = c->error != MUSIG_AGGNONCE;
CHECK(expected == secp256k1_musig_aggnonce_parse(CTX, &aggnonce, vector->aggnonces[c->aggnonce_index]));
@ -924,14 +927,10 @@ static void musig_test_vectors_signverify(void) {
}
CHECK(secp256k1_musig_nonce_process(CTX, &session, &aggnonce, vector->msgs[c->msg_index], &keyagg_cache));
CHECK(secp256k1_ec_pubkey_parse(CTX, &pubkey, vector->pubkeys[0], sizeof(vector->pubkeys[0])));
musig_test_set_secnonce(&secnonce, vector->secnonces[c->secnonce_index], &pubkey);
expected = c->error != MUSIG_SECNONCE;
if (expected) {
CHECK(secp256k1_musig_partial_sign(CTX, &partial_sig, &secnonce, &keypair, &keyagg_cache, &session));
} else {
CHECK_ILLEGAL(CTX, secp256k1_musig_partial_sign(CTX, &partial_sig, &secnonce, &keypair, &keyagg_cache, &session));
}
CHECK(!expected);
musig_test_set_secnonce(&secnonce, vector->secnonces[c->secnonce_index], &pubkey);
CHECK_ILLEGAL(CTX, secp256k1_musig_partial_sign(CTX, &partial_sig, &secnonce, &keypair, &keyagg_cache, &session));
}
for (i = 0; i < sizeof(vector->verify_fail_case)/sizeof(vector->verify_fail_case[0]); i++) {
const struct musig_verify_fail_error_case *c = &vector->verify_fail_case[i];

12
src/wycheproof/WYCHEPROOF_COPYING
View File

@ -1,12 +1,12 @@
* The file `ecdsa_secp256k1_sha256_bitcoin_test.json` in this directory
comes from Google's project Wycheproof with git commit
`b063b4aedae951c69df014cd25fa6d69ae9e8cb9`, see
https://github.com/google/wycheproof/blob/b063b4aedae951c69df014cd25fa6d69ae9e8cb9/testvectors_v1/ecdsa_secp256k1_sha256_bitcoin_test.json
comes from project Wycheproof with git commit
`df4e933efef449fc88af0c06e028d425d84a9495`, see
https://github.com/C2SP/wycheproof/blob/df4e933efef449fc88af0c06e028d425d84a9495/testvectors_v1/ecdsa_secp256k1_sha256_bitcoin_test.json
* The file `ecdh_secp256k1_test.json` in this directory
comes from Google's project Wycheproof with git commit
`d9f6ec7d8bd8c96da05368999094e4a75ba5cb3d`, see
https://github.com/google/wycheproof/blob/d9f6ec7d8bd8c96da05368999094e4a75ba5cb3d/testvectors_v1/ecdh_secp256k1_test.json
comes from project Wycheproof with git commit
`df4e933efef449fc88af0c06e028d425d84a9495`, see
https://github.com/C2SP/wycheproof/blob/df4e933efef449fc88af0c06e028d425d84a9495/testvectors_v1/ecdh_secp256k1_test.json
* The file `ecdsa_secp256k1_sha256_bitcoin_test.h` is generated from
`ecdsa_secp256k1_sha256_bitcoin_test.json` using the script

5
src/wycheproof/ecdh_secp256k1_test.json
View File

@ -1,7 +1,6 @@
{
"algorithm" : "ECDH",
"schema" : "ecdh_test_schema.json",
"generatorVersion" : "0.9rc5",
"numberOfTests" : 752,
"header" : [
"Test vectors of type EcdhTest are intended for",
@ -124,6 +123,10 @@
"testGroups" : [
{
"type" : "EcdhTest",
"source" : {
"name" : "google-wycheproof",
"version" : "0.9rc5"
},
"curve" : "secp256k1",
"encoding" : "asn",
"tests" : [

4
src/wycheproof/ecdsa_secp256k1_sha256_bitcoin_test.json
View File

@ -10,7 +10,7 @@
"notes" : {
"ArithmeticError" : {
"bugType" : "EDGE_CASE",
"description" : "Some implementations of ECDSA have arithmetic errors that occur when intermediate results have extreme values. This test vector has been constructed to test such occurences.",
"description" : "Some implementations of ECDSA have arithmetic errors that occur when intermediate results have extreme values. This test vector has been constructed to test such occurrences.",
"cves" : [
"CVE-2017-18146"
]
@ -95,7 +95,7 @@
},
"SignatureMalleabilityBitcoin" : {
"bugType" : "SIGNATURE_MALLEABILITY",
"description" : "\"BitCoins\"-curves are curves where signature malleability can be a serious issue. An implementation should only accept a signature s where s < n/2. If an implementation is not meant for uses cases that require signature malleability then this implemenation should be tested with another set of test vectors.",
"description" : "\"BitCoins\"-curves are curves where signature malleability can be a serious issue. An implementation should only accept a signature s where s < n/2. If an implementation is not meant for uses cases that require signature malleability then this implementation should be tested with another set of test vectors.",
"effect" : "In bitcoin exchanges, it may be used to make a double deposits or double withdrawals",
"links" : [
"https://en.bitcoin.it/wiki/Transaction_malleability",