bitcoin

Commit Graph

Author	SHA1	Message	Date
Pieter Wuille	06aeea555e	Turn secp256k1_ec_pubkey_serialize outlen to in/out	9 years ago
Gregory Maxwell	8e48787d97	Change secp256k1_ec_pubkey_combine's count argument to size_t.	9 years ago
Gregory Maxwell	c69dea025a	Clear output in more cases for pubkey_combine, adds tests. Also corrects an outdated comment and adds an additional secp256k1_ecdsa_signature_parse_compact test.	9 years ago
Gregory Maxwell	269d422703	Comment copyediting.	9 years ago
Pieter Wuille	9234391ed4	Overhaul flags handling	9 years ago
Rusty Russell	1a368980c8	Make flags more explicit, add runtime checks. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>	9 years ago
Gregory Maxwell	4a243da47c	Move secp256k1_ec_privkey_import/export to contrib. These functions are intended for compatibility with legacy software, and are not normally needed in new secp256k1 applications. They also do not obeying any particular standard (and likely cannot without without undermining their compatibility), and so are a better fit for contrib.	9 years ago
Pieter Wuille	0c6ab2ff18	Introduce explicit lower-S normalization ECDSA signature verification now requires normalized signatures (with S in the lower half of the range). In case the input cannot be guaranteed to provide this, a new function secp256k1_ecdsa_signature_normalize is provided to preprocess it.	9 years ago
Pieter Wuille	3bb9c44719	Rewrite ECDSA signature parsing code There are now 2 encoding formats supported: 64-byte "compact" and DER. The latter is strict: the data has to be exact DER, though the values inside don't need to be valid.	9 years ago
Pieter Wuille	68a3c766ad	Merge pull request #329 `b13d749` Fix couple of typos in API comments (Gustav Simonsson)	9 years ago
Jonas Schnelli	37100d7284	improve ECDH header-doc - use pubkey instead of point - use privkey instead of scalar	9 years ago
Gustav Simonsson	b13d749947	Fix couple of typos in API comments	9 years ago
Gregory Maxwell	338fc8bd71	Add API exports to secp256k1_nonce_function_default and secp256k1_nonce_function_rfc6979.	9 years ago
Gregory Maxwell	118cd8210f	Use explicit symbol visibility. The use of static makes this somewhat redundant currently, though if we later have multiple compilation units it will be needed. This also sets the dllexport needed for shared libraries on win32.	9 years ago
Gregory Maxwell	4e64608082	Include public module headers when compiling modules. Also fix the nullness requirements for schnorr nonce-pair generation.	9 years ago
Pieter Wuille	dd891e0ed5	Get rid of _t as it is POSIX reserved	9 years ago
Luke Dashjr	486b9bb8ce	Use a flags bitfield for compressed option to secp256k1_ec_pubkey_serialize and secp256k1_ec_privkey_export	9 years ago
Luke Dashjr	05732c5a5f	Callback data: Accept pointers to either const or non-const data	9 years ago
Luke Dashjr	788038d323	Use size_t for lengths (at least in external API)	9 years ago
Luke Dashjr	c9d7c2a484	secp256k1_context_set_{error,illegal}_callback: Restore default handler by passing NULL as function argument	9 years ago
Luke Dashjr	9aac008038	secp256k1_context_destroy: Allow NULL argument as a no-op	9 years ago
Luke Dashjr	64b730bc3f	secp256k1_context_create: Use unsigned type for flags bitfield	9 years ago
Pieter Wuille	dc0ce9fc41	[API BREAK] Change argument order to out/outin/in	9 years ago
Pieter Wuille	9f443be086	Move pubkey recovery code to separate module	9 years ago
Pieter Wuille	439d34adc6	Separate recoverable and normal signatures	9 years ago
Pieter Wuille	f66907f220	Improve/reformat API documentation secp256k1.h	9 years ago
Pieter Wuille	a5a66c70b6	Add support for custom EC-Schnorr-SHA256 signatures	9 years ago
Andrew Poelstra	0739bbb6f0	Add ECDH module which works by hashing the output of ecmult_const	9 years ago
Pieter Wuille	995c548771	Introduce callback functions for dealing with errors.	9 years ago
Pieter Wuille	74a2acdb8a	Add a secp256k1_ecdsa_signature_t type	9 years ago
Pieter Wuille	23cfa914d2	Introduce secp256k1_pubkey_t type	9 years ago
Thomas Kerin	99fd963bd5	Add secp256k1_ec_pubkey_compress(), with test similar to the related decompress() function.	9 years ago
Andrew Poelstra	210ffed5cd	Use separate in and out pointers in `secp256k1_ec_pubkey_decompress` Right now `secp256k1_ec_pubkey_decompress` takes an in/out pointer to a public key and replaces the input key with its decompressed variant. This forces users who store compressed keys in small (<65 byte) fixed size buffers (for example, the Rust bindings do this) to explicitly and wastefully copy their key to a larger buffer. [API BREAK]	10 years ago
Gregory Maxwell	d2275795ff	Add scalar blinding and a secp256k1_context_randomize() call. This computes (n-b)G + bG with random value b, in place of nG in ecmult_gen() for signing. This is intended to reduce exposure to potential power/EMI sidechannels during signing and pubkey generation by blinding the secret value with another value which is hopefully unknown to the attacker. It may not be very helpful if the attacker is able to observe the setup or if even the scalar addition has an unacceptable leak, but it has low overhead in any case and the security should be purely additive on top of the existing defenses against sidechannels.	10 years ago
Andrew Poelstra	d899b5b67c	Expose ability to deep-copy a context	10 years ago
Pieter Wuille	a9b6595ef8	[API BREAK] Introduce explicit contexts	10 years ago
Daniel Cousens	5098f62571	Improve documentation formatting consistency	10 years ago
Pieter Wuille	1573a102c0	Add ability to pass extra entropy to rfc6979 Suggested by Greg Maxwell.	10 years ago
Pieter Wuille	8030d7c0e5	Improve signing API documentation & specification	10 years ago
Gregory Maxwell	6cc8425c91	Include a comment on secp256k1_ecdsa_sign explaining low-s. This was suggested by DavidEGrayson.	10 years ago
Pieter Wuille	bbd5ba7cfa	Use rfc6979 as default nonce generation function	10 years ago
Pieter Wuille	c6e7f4e8d8	[API BREAK] Use a nonce-generation function instead of a nonce	10 years ago
Pieter Wuille	cf7b2b4647	Fix ECDSA message hashes to 32 bytes	10 years ago
Pieter Wuille	be82e92fc4	Require that r and b are different for field multiplication. Suggested by Peter Dettman, this prepares for slightly faster muitiplication which writes results immediately to r before finishing reading b.	10 years ago
Gregory Maxwell	8563713a4f	Add non-null and unused-result warnings for the external API. GCC (and clang) supports extensions to annotate functions so that their results must be used and so that their arguments can't be statically provable to be null. If a caller violates these requirements they get a warning, so this helps them write correct code. I deployed this in libopus a couple years ago with good success, and the implementation here is basically copied straight from that. One consideration is that the non-null annotation teaches the optimizer and will actually compile out runtime non-nullness checks as dead-code. Since this is usually not whats wanted, the non-null annotations are disabled when compiling the library itself. The commit also removes some dead inclusions of assert.h and introduces compatibility macros for restrict and inline in preparation for some portability improvements.	10 years ago
Pieter Wuille	c27fdc0b97	Document some preconditions	10 years ago
Pieter Wuille	ae6bc76e32	[API CHANGE] Use secp256k1_ec_ prefix for non-ECDSA key operations	10 years ago
Pieter Wuille	04e34d18c3	Split up signing and verification initialization	10 years ago
HaltingState	315d2560b0	updated documentation	11 years ago
Pieter Wuille	86d3cce2a9	Add support for multiplicative tweaking	12 years ago

1 2

59 Commits (6875b013e6012b83bf646b533e866a2b58b8d48c)