-
Notifications
You must be signed in to change notification settings - Fork 209
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Finish sync to upstream #260
Commits on Apr 21, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 68b16a1 - Browse repository at this point
Copy the full SHA 68b16a1View commit details -
Merge bitcoin-core/secp256k1#1285: bench: Make sys/time.h a system in…
…clude 68b16a1 bench: Make sys/time.h a system include (Tim Ruffing) Pull request description: just because it is minimally more correct ACKs for top commit: hebasto: ACK 68b16a1, I've skimmed through the whole codebase and did not find any more similar cases. Tree-SHA512: 0a929b36202100abf0d14e9328a2dc2b4c9db5532f95514315cb04dd0a970dbbb1dc02c6275be0ec109dc88f6090f6ce48a65003c852fd4dc750decf07e563c4
Configuration menu - View commit details
-
Copy full SHA for 5ec1333 - Browse repository at this point
Copy the full SHA 5ec1333View commit details -
cmake: Make
SECP256K1_INSTALL
default depend onPROJECT_IS_TOP_LEVEL
Also full stops have been added to the option help texts for consistency in cmake-gui.
Configuration menu - View commit details
-
Copy full SHA for 5431b9d - Browse repository at this point
Copy the full SHA 5431b9dView commit details -
Merge bitcoin-core/secp256k1#1283: Get rid of secp256k1_fe_const_b
69e1ec0 Get rid of secp256k1_fe_const_b (Pieter Wuille) Pull request description: Replaces #1282. Its only remaining use is in a test introduced in #1118, and it is easily replaced by the new `secp256k1_fe_add_int` from #1217. ACKs for top commit: real-or-random: utACK 69e1ec0 Tree-SHA512: 6ada192e0643fc5326198b60f019a5081444f9ba0a5b8ba6236f2a526829d8e5e479556600a604d9bc96c7ba86e3aab813f93c66679287d2135e95a2b75f5d3e
Configuration menu - View commit details
-
Copy full SHA for f6bef03 - Browse repository at this point
Copy the full SHA f6bef03View commit details -
Configuration menu - View commit details
-
Copy full SHA for e9fd3df - Browse repository at this point
Copy the full SHA e9fd3dfView commit details -
Configuration menu - View commit details
-
Copy full SHA for 162da73 - Browse repository at this point
Copy the full SHA 162da73View commit details -
Merge bitcoin-core/secp256k1#1205: field: Improve docs +tests of secp…
…256k1_fe_set_b32 162da73 tests: Add debug helper for printing buffers (Tim Ruffing) e9fd3df field: Improve docs and tests of secp256k1_fe_set_b32 (Tim Ruffing) ca92a35 field: Simplify code in secp256k1_fe_set_b32 (Tim Ruffing) d93f62e field: Verify field element even after secp256k1_fe_set_b32 fails (Tim Ruffing) Pull request description: ACKs for top commit: jonasnick: ACK 162da73 Tree-SHA512: b3ed8e45c969d0420275ff154462f3820b72b57832ccba1f6f427e0cfd9cff3e27440c20994f69ea33a576b1903eb7f04a989f0dbd574bbd96ee56c6dd4500f7
Configuration menu - View commit details
-
Copy full SHA for 1f33bb2 - Browse repository at this point
Copy the full SHA 1f33bb2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3858bad - Browse repository at this point
Copy the full SHA 3858badView commit details
Commits on Apr 25, 2023
-
Configuration menu - View commit details
-
Copy full SHA for e1b9ce8 - Browse repository at this point
Copy the full SHA e1b9ce8View commit details -
autotools: Make all "pregenerated" targets .PHONY
This follows the automake conventions more, see: https://www.gnu.org/software/automake/manual/html_node/Clean.html
Configuration menu - View commit details
-
Copy full SHA for 8764034 - Browse repository at this point
Copy the full SHA 8764034View commit details -
autotools: Create src/wycheproof dir before creating file in it
This directory may not exist in a VPATH build, see bitcoin/bitcoin#27445 (comment) .
Configuration menu - View commit details
-
Copy full SHA for 2418d32 - Browse repository at this point
Copy the full SHA 2418d32View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7e977b3 - Browse repository at this point
Copy the full SHA 7e977b3View commit details -
Configuration menu - View commit details
-
Copy full SHA for c4062d6 - Browse repository at this point
Copy the full SHA c4062d6View commit details -
Merge bitcoin-core/secp256k1#1286: tests: remove extra semicolon in m…
…acro c4062d6 debug: move helper for printing buffers into util.h (Jonas Nick) 3858bad tests: remove extra semicolon in macro (Jonas Nick) Pull request description: ACKs for top commit: real-or-random: utACK c4062d6 hebasto: ACK c4062d6, I have reviewed the code and it looks OK. Tree-SHA512: a2c97433d82c1ab2ba976c4fd8aaf337de5f225abcd459e84dcdab689e77e43d4ed654c971ab7f11f27af12e7a744122a0fdd9ece8e635d7a7041c45e9484de8
Configuration menu - View commit details
-
Copy full SHA for 1c89536 - Browse repository at this point
Copy the full SHA 1c89536View commit details
Commits on Apr 26, 2023
-
Merge bitcoin-core/secp256k1#1275: build: Fix C4005 "macro redefiniti…
…on" MSVC warnings in examples dc0657c build: Fix C4005 "macro redefinition" MSVC warnings in examples (Hennadii Stepanov) Pull request description: This PR: - fixes C4005 "macro redefinition" MSVC warnings in examples - removes warning suppressions in both build systems, Autotools-based and CMake-based ones ACKs for top commit: real-or-random: utACK dc0657c Tree-SHA512: fe3bb8f06b3ff1d51e5e20754a289e0e6b99ddf4c0bd4e6e4786e2558e71e043ab23ff7782a83a902df5db28d18ae65312674c373fdc49f5af252763a22bd0fb
Configuration menu - View commit details
-
Copy full SHA for 6b7e5b7 - Browse repository at this point
Copy the full SHA 6b7e5b7View commit details
Commits on Apr 27, 2023
-
Merge bitcoin-core/secp256k1#1234: cmake: Add dev-mode
ce5ba9e gitignore: Add CMakeUserPresets.json (Tim Ruffing) 0a446a3 cmake: Add dev-mode CMake preset (Tim Ruffing) Pull request description: To use, invoke `cmake` with argument `--preset dev-mode`. One disadvantage over `./configure --enable-dev-mode` is that CMake does not provide a way to "hide" presets from users. That is, `cmake --list-presets` will list dev-mode, and it will also appear in `cmake-gui`, even though it's not selectable there due to a bug in cmake-gui. Solves one item in #1224. ACKs for top commit: hebasto: ACK ce5ba9e theuni: ACK ce5ba9e Tree-SHA512: c14bd283bd5bf64006bf3a23d72e6e55777b084aff71eb2a002f8ddde1d3549ccb2f08feb2b83366a24272209ab579cac8b73cfc020919adf7f039beb65bc9cc
Configuration menu - View commit details
-
Copy full SHA for 596b336 - Browse repository at this point
Copy the full SHA 596b336View commit details -
Merge bitcoin-core/secp256k1#1239: cmake: Bugfix and other improvemen…
…ts after bumping CMake up to 3.13 a273d74 cmake: Improve version comparison (Hennadii Stepanov) 6a58b48 cmake: Use `if(... IN_LIST ...)` command (Hennadii Stepanov) 2445808 cmake: Use dedicated `GENERATOR_IS_MULTI_CONFIG` property (Hennadii Stepanov) 9f8703e cmake: Use dedicated `CMAKE_HOST_APPLE` variable (Hennadii Stepanov) 8c20170 cmake: Use recommended `add_compile_definitions` command (Hennadii Stepanov) 04d4cc0 cmake: Add `DESCRIPTION` and `HOMEPAGE_URL` options to `project` command (Hennadii Stepanov) 8a8b653 cmake: Use `SameMinorVersion` compatibility mode (Hennadii Stepanov) Pull request description: This PR: - resolves two items from #1235, including a bugfix with package version compatibility - includes other improvements which have become available for CMake 3.13+. To test the `GENERATOR_IS_MULTI_CONFIG` property on Linux, one can use the "[Ninja Multi-Config](https://cmake.org/cmake/help/latest/generator/Ninja%20Multi-Config.html)" generator: ```sh cmake -S . -B build -G "Ninja Multi-Config" ``` ACKs for top commit: real-or-random: ACK a273d74 theuni: ACK a273d74 Tree-SHA512: f31c4f0f30bf368303e70ab8952cde5cc8c70a5e79a04f879abcbee3d0a8d8c598379fb38f5142cb1f8ff5f9dcfc8b8eb4c13c975a1d05fdcc92d9c805a59d9a
Configuration menu - View commit details
-
Copy full SHA for 4b84f4b - Browse repository at this point
Copy the full SHA 4b84f4bView commit details -
cmake: Use
add_compile_options()
intry_add_compile_option()
This change drops tinkering with the `COMPILE_OPTIONS` directory property. Also `try_add_compile_option()` can handle a list of flags now, if they are required to be checked simultaneously. An explanatory comments have been added as well.
Configuration menu - View commit details
-
Copy full SHA for 19516ed - Browse repository at this point
Copy the full SHA 19516edView commit details -
cmake, refactor: Rename
try_add_compile_option
totry_append_cflags
Actually, `try_append_cflags()` can handle a list of flags, and the new name is similar to the one used in `configure.ac`.
Configuration menu - View commit details
-
Copy full SHA for 6ece150 - Browse repository at this point
Copy the full SHA 6ece150View commit details -
Configuration menu - View commit details
-
Copy full SHA for a8d059f - Browse repository at this point
Copy the full SHA a8d059fView commit details -
Merge bitcoin-core/secp256k1#1240: cmake: Improve and document compil…
…er flag checks a8d059f cmake, doc: Document compiler flags (Hennadii Stepanov) 6ece150 cmake, refactor: Rename `try_add_compile_option` to `try_append_cflags` (Hennadii Stepanov) 19516ed cmake: Use `add_compile_options()` in `try_add_compile_option()` (Hennadii Stepanov) Pull request description: This PR: - drops tinkering with the `COMPILE_OPTIONS` directory property in `try_add_compile_option()` and renames it to `try_append_cflags()` - copies related comments from `configure.ac` ACKs for top commit: theuni: ACK bitcoin-core/secp256k1@a8d059f . Tree-SHA512: 7ac011c135e12a65c45f4feb7cd74fd2d961ed77252afecf3a66e2af1d57facab446120c63696507b5ecd5bdb3eee1521760a53028b914c429652d00d03a4462
Configuration menu - View commit details
-
Copy full SHA for 024a409 - Browse repository at this point
Copy the full SHA 024a409View commit details -
Configuration menu - View commit details
-
Copy full SHA for 71f746c - Browse repository at this point
Copy the full SHA 71f746cView commit details -
Merge bitcoin-core/secp256k1#1284: cmake: Some improvements using `PR…
…OJECT_IS_TOP_LEVEL` variable 71f746c cmake: Include `include` directory for subtree builds (Hennadii Stepanov) 5431b9d cmake: Make `SECP256K1_INSTALL` default depend on `PROJECT_IS_TOP_LEVEL` (Hennadii Stepanov) 162608c cmake: Emulate `PROJECT_IS_TOP_LEVEL` for CMake<3.21 (Hennadii Stepanov) Pull request description: This PR: 1. Emulates [`PROJECT_IS_TOP_LEVEL`](https://cmake.org/cmake/help/latest/variable/PROJECT_IS_TOP_LEVEL.html) variable for CMake versions where it is not available. 2. Makes the `SECP256K1_INSTALL` option dependent on `PROJECT_IS_TOP_LEVEL` (a [follow up](bitcoin-core/secp256k1#1263 (comment)) of bitcoin-core/secp256k1#1263). 3. Makes integration of this project as a subtree easier. A top project can `#include <secp256k1.h>` with no additional `target_include_directories()` commands. For example, see https://github.com/hebasto/secp256k1-CMake-example/tree/subtree. ACKs for top commit: theuni: utACK 71f746c. Tree-SHA512: 8ccdbcc94b26f36e772611ebaab0f2846debd6ad20f9e361be31a8d2128a14273acb692b0631026e12cc6cdef6d445dce0fd3beb4f71af47b46dfcf840a18879
Configuration menu - View commit details
-
Copy full SHA for 222ecaf - Browse repository at this point
Copy the full SHA 222ecafView commit details -
Merge bitcoin-core/secp256k1#1277: autotools: Clean up after adding W…
…ycheproof 7e977b3 autotools: Take VPATH builds into account when generating testvectors (Tim Ruffing) 2418d32 autotools: Create src/wycheproof dir before creating file in it (Tim Ruffing) 8764034 autotools: Make all "pregenerated" targets .PHONY (Tim Ruffing) e1b9ce8 autotools: Use same conventions for all pregenerated files (Tim Ruffing) 08f4b16 autotools: Move code around to tidy Makefile (Tim Ruffing) 529b54d autotools: Move Wycheproof header from EXTRA_DIST to noinst_HEADERS (Tim Ruffing) Pull request description: Follow-up to bitcoin-core/secp256k1#1245. This builds on top of bitcoin-core/secp256k1#1276. Let's only merge bitcoin-core/secp256k1#1276 as a hotfix for the Core build. ACKs for top commit: hebasto: ACK 7e977b3 Tree-SHA512: 42e09feaed15d903e759360e1dfbd1afce9da07a55512e2e791147b72d9b6477e34ae6028439af57dbcae318081a37ddcf3a630f9617bfea95c130135ba2313f
Configuration menu - View commit details
-
Copy full SHA for 4b0f711 - Browse repository at this point
Copy the full SHA 4b0f711View commit details
Commits on Apr 28, 2023
-
cmake: Fix library ABI versioning
This change emulates Libtool to make sure Libtool and CMake agree on the ABI version.
Configuration menu - View commit details
-
Copy full SHA for bef448f - Browse repository at this point
Copy the full SHA bef448fView commit details
Commits on Apr 29, 2023
-
cmake: Use full signature of
add_test()
commandAn executable target in the `COMMAND` option will automatically be replaced by the location of the executable created at build time. This change fixes tests for Windows binaries using Wine.
Configuration menu - View commit details
-
Copy full SHA for 755629b - Browse repository at this point
Copy the full SHA 755629bView commit details -
Merge bitcoin-core/secp256k1#1289: cmake: Use full signature of `add_…
…test()` command 755629b cmake: Use full signature of `add_test()` command (Hennadii Stepanov) Pull request description: This PR fixes tests for Windows binaries using Wine: ``` $ cmake -S . -B ../mingw -DCMAKE_TOOLCHAIN_FILE=cmake/x86_64-w64-mingw32.toolchain.cmake $ cmake --build ../mingw $ cmake --build ../mingw -t check Test project /home/hebasto/git/secp256k1/mingw Start 1: noverify_tests Could not find executable noverify_tests ... ``` ACKs for top commit: real-or-random: ACK 755629b Tree-SHA512: d1b24a1f1de2e8b70203132f4f6e685b9a120a987302cefe033fa916dfe7a135dbacaf8174d4046e30be170e92a16d070db54292c038cd2acdecc334f7f516dd
Configuration menu - View commit details
-
Copy full SHA for 3c81838 - Browse repository at this point
Copy the full SHA 3c81838View commit details
Commits on Apr 30, 2023
-
Configuration menu - View commit details
-
Copy full SHA for b2e29e4 - Browse repository at this point
Copy the full SHA b2e29e4View commit details
Commits on May 2, 2023
-
refactor: Make 64-bit shift explicit
This change fixes MSVC level-3 warning C4334. See: https://learn.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-3-c4334 Required to enable level 3 warnings (/W3).
Configuration menu - View commit details
-
Copy full SHA for d1e48e5 - Browse repository at this point
Copy the full SHA d1e48e5View commit details
Commits on May 3, 2023
-
Merge bitcoin-core/secp256k1#1270: cmake: Fix library ABI versioning
bef448f cmake: Fix library ABI versioning (Hennadii Stepanov) Pull request description: This change emulates Libtool to make sure Libtool and CMake agree on the ABI version. To test, one needs to simulate a release with backward-compatible API changes, which means the following changes in `configure.ac` and `CMakeLists.txt`: - incrementing of `*_LIB_VERSION_CURRENT` - setting `*_LIB_VERSION_REVISION` to zero - incrementing of `*_LIB_VERSION_AGE` ACKs for top commit: real-or-random: ACK bef448f diff looks good and I tested on Linux Tree-SHA512: f7551fc7377ea50c8bc32d14108a034a1f91ebbb63d5fec562e5cc28416637834b9a4dcba3692df1780adcd1212ad4f238dc0219ab5add68bd88a5a458572ee5
Configuration menu - View commit details
-
Copy full SHA for f30c748 - Browse repository at this point
Copy the full SHA f30c748View commit details
Commits on May 8, 2023
-
docs: complete interface description for `secp256k1_schnorrsig_sign_c…
…ustom` For the sake of completeness, add the missing descriptions for the return value and parameters (`ctx`, `sig64`, `keypair`), in the same wording/style as for the function `secp256k1_schnorrsig_sign32`.
Configuration menu - View commit details
-
Copy full SHA for 149c41c - Browse repository at this point
Copy the full SHA 149c41cView commit details -
abi: Use dllexport for mingw builds
This should fix mingw exports, specifically hiding the following: secp256k1_pre_g_128 secp256k1_pre_g secp256k1_ecmult_gen_prec_table This changes our visibility macros to look more like gcc's recommendation: https://gcc.gnu.org/wiki/Visibility#How_to_use_the_new_C.2B-.2B-_visibility_support
Configuration menu - View commit details
-
Copy full SHA for bc7c8db - Browse repository at this point
Copy the full SHA bc7c8dbView commit details -
Our RNG has been replaced with Xoshiro256++, a well-analyzed RNG. Our unit tests should not be resposible for verifying its statistical qualities.
Configuration menu - View commit details
-
Copy full SHA for 723e8ca - Browse repository at this point
Copy the full SHA 723e8caView commit details
Commits on May 9, 2023
-
Merge bitcoin-core/secp256k1#1296: docs: complete interface descripti…
…on for `secp256k1_schnorrsig_sign_custom` 149c41c docs: complete interface description for `secp256k1_schnorrsig_sign_custom` (Sebastian Falbesoner) Pull request description: ACKs for top commit: real-or-random: utACK 149c41c jonasnick: ACK 149c41c Tree-SHA512: ee677ed6b474b547066ce149688edab7ba6d2572acfbc0989256a669341fff4cf2e17b451cd3fc6fff3944a896647f0f5c1411056678505fa85ba71e8cfe6229
Configuration menu - View commit details
-
Copy full SHA for 1cf15eb - Browse repository at this point
Copy the full SHA 1cf15ebView commit details -
Configuration menu - View commit details
-
Copy full SHA for fb5bfa4 - Browse repository at this point
Copy the full SHA fb5bfa4View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2e65f1f - Browse repository at this point
Copy the full SHA 2e65f1fView commit details
Commits on May 10, 2023
-
Merge bitcoin-core/secp256k1#1301: Avoid using bench_verify_data as b…
…ench_sign_data; merge them 2e65f1f Avoid using bench_verify_data as bench_sign_data; merge them (Pieter Wuille) Pull request description: The existing bench.c code defines `bench_verify_data data` variable, but some of the benchmarks then use it as `bench_sign`. Fix this by merging the two types into one. ACKs for top commit: stratospher: ACK 2e65f1f. real-or-random: utACK bitcoin-core/secp256k1@2e65f1f Tree-SHA512: 676b43e5d30abd13bfd9595378b1a0bd90a2e713be4f8f713260f989ea8c971b229dfb683cd7a1614665b1688a0bdda7a4019f358dd6cd645e1b3d9f8d71e814
Configuration menu - View commit details
-
Copy full SHA for 24c768a - Browse repository at this point
Copy the full SHA 24c768aView commit details -
Make secp256k1_ecmult_const handle infinity
Infinity isn't currently needed here, but correctly handling it is a little more safe against future changes. Update docs for it to make it clear that it is not constant time in A (the input point). It never was constant time in Q (and would be a little complicated to make constant time in A). If it was later made constant time in A, infinity support would be easy to preserve, e.g. by running it on a dummy value and cmoving infinity into the output.
Configuration menu - View commit details
-
Copy full SHA for a0e696f - Browse repository at this point
Copy the full SHA a0e696fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 3086cb9 - Browse repository at this point
Copy the full SHA 3086cb9View commit details -
Configuration menu - View commit details
-
Copy full SHA for a18821d - Browse repository at this point
Copy the full SHA a18821dView commit details -
Configuration menu - View commit details
-
Copy full SHA for f202667 - Browse repository at this point
Copy the full SHA f202667View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0a2e0b2 - Browse repository at this point
Copy the full SHA 0a2e0b2View commit details -
Configuration menu - View commit details
-
Copy full SHA for bbc8344 - Browse repository at this point
Copy the full SHA bbc8344View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6ec3731 - Browse repository at this point
Copy the full SHA 6ec3731View commit details -
Merge bitcoin-core/secp256k1#1299: Infinity handling: ecmult_const(in…
…finity) works, and group verification bbc8344 Avoid secp256k1_ge_set_gej_zinv with uninitialized z (Pieter Wuille) 0a2e0b2 Make secp256k1_{fe,ge,gej}_verify work as no-op if non-VERIFY (Pieter Wuille) f202667 Add invariant checking to group elements (Pieter Wuille) a18821d Always initialize output coordinates in secp256k1_ge_set_gej (Pieter Wuille) 3086cb9 Expose secp256k1_fe_verify to other modules (Pieter Wuille) a0e696f Make secp256k1_ecmult_const handle infinity (Gregory Maxwell) Pull request description: Rebase of #791. * Clean up infinity handling, make x/y/z always initialized for infinity. * Make secp256k1_ecmult_const handle infinity. * Infinity isn't currently needed here, but correctly handling it is a little more safe against future changes. * Update docs for it to make it clear that it is not constant time in Q. It never was constant time in Q (and would be a little complicated to make constant time in Q: needs a constant time addition function that tracks RZR). It isn't typical for ECDH to be constant time in terms of the pubkey. If it was later made constant time in Q infinity support would be easy to preserve, e.g. by running it on a dummy value and cmoving infinity into the output. * Add group verification (`secp256k1_ge_verify` and `secp256k1_gej_verify`, mimicking `secp256k1_fe_verify`). * Make the `secp256k1_{fe,ge,gej}_verify` functions also defined (as no-ops) in non-VERIFY mode. ACKs for top commit: jonasnick: ACK bbc8344 real-or-random: ACK bbc8344 Tree-SHA512: 82cb51faa2c207603aa10359a311ea618fcb5a81ba175bf15515bf84043223db6428434875854cdfce9ae95f9cfd68c74e4e415f26bd574f1791b5dec1615d19
Configuration menu - View commit details
-
Copy full SHA for 341cc19 - Browse repository at this point
Copy the full SHA 341cc19View commit details
Commits on May 11, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 97c63b9 - Browse repository at this point
Copy the full SHA 97c63b9View commit details -
Merge magnitude/normalized fields, move/improve comments
Also split secp256k1_fe_verify into a generic and an implementation specific part.
Configuration menu - View commit details
-
Copy full SHA for b29566c - Browse repository at this point
Copy the full SHA b29566cView commit details -
Configuration menu - View commit details
-
Copy full SHA for e5cf4bf - Browse repository at this point
Copy the full SHA e5cf4bfView commit details -
Configuration menu - View commit details
-
Copy full SHA for 7fa5195 - Browse repository at this point
Copy the full SHA 7fa5195View commit details -
Configuration menu - View commit details
-
Copy full SHA for b6b6f9c - Browse repository at this point
Copy the full SHA b6b6f9cView commit details -
Configuration menu - View commit details
-
Copy full SHA for e28b51f - Browse repository at this point
Copy the full SHA e28b51fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 6c31371 - Browse repository at this point
Copy the full SHA 6c31371View commit details -
Configuration menu - View commit details
-
Copy full SHA for 864f9db - Browse repository at this point
Copy the full SHA 864f9dbView commit details -
Configuration menu - View commit details
-
Copy full SHA for 19a2bfe - Browse repository at this point
Copy the full SHA 19a2bfeView commit details -
Configuration menu - View commit details
-
Copy full SHA for c701d9a - Browse repository at this point
Copy the full SHA c701d9aView commit details -
Configuration menu - View commit details
-
Copy full SHA for d3f3fe8 - Browse repository at this point
Copy the full SHA d3f3fe8View commit details -
Configuration menu - View commit details
-
Copy full SHA for c5e788d - Browse repository at this point
Copy the full SHA c5e788dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 7d7d43c - Browse repository at this point
Copy the full SHA 7d7d43cView commit details -
Configuration menu - View commit details
-
Copy full SHA for ce4d209 - Browse repository at this point
Copy the full SHA ce4d209View commit details -
Configuration menu - View commit details
-
Copy full SHA for f7a7666 - Browse repository at this point
Copy the full SHA f7a7666View commit details -
Configuration menu - View commit details
-
Copy full SHA for 1446708 - Browse repository at this point
Copy the full SHA 1446708View commit details -
Configuration menu - View commit details
-
Copy full SHA for 65d82a3 - Browse repository at this point
Copy the full SHA 65d82a3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7e7ad7f - Browse repository at this point
Copy the full SHA 7e7ad7fView commit details -
Configuration menu - View commit details
-
Copy full SHA for e179e65 - Browse repository at this point
Copy the full SHA e179e65View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4c25f6e - Browse repository at this point
Copy the full SHA 4c25f6eView commit details -
Configuration menu - View commit details
-
Copy full SHA for 6ab3508 - Browse repository at this point
Copy the full SHA 6ab3508View commit details -
Configuration menu - View commit details
-
Copy full SHA for be82bd8 - Browse repository at this point
Copy the full SHA be82bd8View commit details -
Configuration menu - View commit details
-
Copy full SHA for 1e6894b - Browse repository at this point
Copy the full SHA 1e6894bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 76d31e5 - Browse repository at this point
Copy the full SHA 76d31e5View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3167646 - Browse repository at this point
Copy the full SHA 3167646View commit details -
Configuration menu - View commit details
-
Copy full SHA for d5aa2f0 - Browse repository at this point
Copy the full SHA d5aa2f0View commit details -
Configuration menu - View commit details
-
Copy full SHA for 283cd80 - Browse repository at this point
Copy the full SHA 283cd80View commit details -
Configuration menu - View commit details
-
Copy full SHA for 89e324c - Browse repository at this point
Copy the full SHA 89e324cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 4371f98 - Browse repository at this point
Copy the full SHA 4371f98View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4e176ad - Browse repository at this point
Copy the full SHA 4e176adView commit details -
Configuration menu - View commit details
-
Copy full SHA for 7fc642f - Browse repository at this point
Copy the full SHA 7fc642fView commit details -
Merge bitcoin-core/secp256k1#1066: Abstract out and merge all the mag…
…nitude/normalized logic 7fc642f Simplify secp256k1_fe_{impl_,}verify (Pieter Wuille) 4e176ad Abstract out verify logic for fe_is_square_var (Pieter Wuille) 4371f98 Abstract out verify logic for fe_add_int (Pieter Wuille) 89e324c Abstract out verify logic for fe_half (Pieter Wuille) 283cd80 Abstract out verify logic for fe_get_bounds (Pieter Wuille) d5aa2f0 Abstract out verify logic for fe_inv{,_var} (Pieter Wuille) 3167646 Abstract out verify logic for fe_from_storage (Pieter Wuille) 76d31e5 Abstract out verify logic for fe_to_storage (Pieter Wuille) 1e6894b Abstract out verify logic for fe_cmov (Pieter Wuille) be82bd8 Improve comments/checks for fe_sqrt (Pieter Wuille) 6ab3508 Abstract out verify logic for fe_sqr (Pieter Wuille) 4c25f6e Abstract out verify logic for fe_mul (Pieter Wuille) e179e65 Abstract out verify logic for fe_add (Pieter Wuille) 7e7ad7f Abstract out verify logic for fe_mul_int (Pieter Wuille) 65d82a3 Abstract out verify logic for fe_negate (Pieter Wuille) 1446708 Abstract out verify logic for fe_get_b32 (Pieter Wuille) f7a7666 Abstract out verify logic for fe_set_b32 (Pieter Wuille) ce4d209 Abstract out verify logic for fe_cmp_var (Pieter Wuille) 7d7d43c Improve comments/check for fe_equal{,_var} (Pieter Wuille) c5e788d Abstract out verify logic for fe_is_odd (Pieter Wuille) d3f3fe8 Abstract out verify logic for fe_is_zero (Pieter Wuille) c701d9a Abstract out verify logic for fe_clear (Pieter Wuille) 19a2bfe Abstract out verify logic for fe_set_int (Pieter Wuille) 864f9db Abstract out verify logic for fe_normalizes_to_zero{,_var} (Pieter Wuille) 6c31371 Abstract out verify logic for fe_normalize_var (Pieter Wuille) e28b51f Abstract out verify logic for fe_normalize_weak (Pieter Wuille) b6b6f9c Abstract out verify logic for fe_normalize (Pieter Wuille) 7fa5195 Bugfix: correct SECP256K1_FE_CONST mag/norm fields (Pieter Wuille) b29566c Merge magnitude/normalized fields, move/improve comments (Pieter Wuille) Pull request description: Right now, all the logic for propagating/computing the magnitude/normalized fields in `secp256k1_fe` (when `VERIFY` is defined) and the code for checking it, is duplicated across the two field implementations. I believe that is undesirable, as these properties should purely be a function of the performed fe_ functions, and not of the choice of field implementation. This becomes even uglier with #967, which would copy all that, and even needs an additional dimension that would then need to be added to the two other fields. It's also related to #1001, which I think will become easier if it doesn't need to be done/reasoned about separately for every field. This PR moves all logic around these fields (collectively called field verification) to implementations in field_impl.h, which dispatch to renamed functions in field_*_impl.h for the actual implementation. Fixes #1060. ACKs for top commit: jonasnick: ACK 7fc642f real-or-random: ACK 7fc642f Tree-SHA512: 0f94e13fedc47e47859261a182c4077308f8910495691f7e4d7877d9298385172c70e98b4a1e270b6bde4d0062b932607106306bdb35a519cdeab9695a5c71e4
Configuration menu - View commit details
-
Copy full SHA for c63ec88 - Browse repository at this point
Copy the full SHA c63ec88View commit details -
Merge bitcoin-core/secp256k1#1300: Avoid normalize conditional on VERIFY
97c63b9 Avoid normalize conditional on VERIFY (Pieter Wuille) Pull request description: In the old code, `secp256k1_gej_rescale` requires a normalized input in VERIFY mode, but not otherwise. Its requirements shouldn't depend on this mode being enabled or not. ACKs for top commit: real-or-random: utACK 97c63b9 I've also verified that the loop in secp256k1_ecmult_strauss_wnaf holds up the invariant that the magnitude of Z is 1, even with the normalization removed jonasnick: ACK 97c63b9 Tree-SHA512: 9598c133c6f4e488c74512089dabe0508529f20ca782be1c8fbeae9d7f132da9d570a061053acd3d245a9a187abf1f2581207441ce6aac8d0f8972cf357a349f
Configuration menu - View commit details
-
Copy full SHA for 54d34b6 - Browse repository at this point
Copy the full SHA 54d34b6View commit details -
Configuration menu - View commit details
-
Copy full SHA for 712e7f8 - Browse repository at this point
Copy the full SHA 712e7f8View commit details -
Configuration menu - View commit details
-
Copy full SHA for 5fb336f - Browse repository at this point
Copy the full SHA 5fb336fView commit details -
ct: Be cautious and use volatile trick in more "conditional" paths
- secp256k1_scalar_cadd_bit - secp256k1_modinvXX_normalize_YY - secp256k1_modinvXX_divsteps_ZZ - ECMULT_CONST_TABLE_GET_GE Even though those code loations are not problematic right now (with current compilers).
Configuration menu - View commit details
-
Copy full SHA for 17fa217 - Browse repository at this point
Copy the full SHA 17fa217View commit details -
Merge bitcoin-core/secp256k1#1292: refactor: Make 64-bit shift explicit
d1e48e5 refactor: Make 64-bit shift explicit (Hennadii Stepanov) b2e29e4 ci: Treat all compiler warnings as errors in "Windows (VS 2022)" task (Hennadii Stepanov) Pull request description: ACKs for top commit: real-or-random: utACK d1e48e5 jonasnick: ACK d1e48e5 Tree-SHA512: fd07c8c136b1c947900d45b5a4ad4963e2c29884aca62a26be07713dfd1b0c5e7655f07a0b99217fc055bf3266e71cb5edabbd4d5c145a172b4be5d10f7ad51c
Configuration menu - View commit details
-
Copy full SHA for 073d98a - Browse repository at this point
Copy the full SHA 073d98aView commit details -
Merge bitcoin-core/secp256k1#1305: Remove unused scratch space from API
712e7f8 Remove unused scratch space from API (Jonas Nick) Pull request description: Not sure if we want the typedef and `secp256k1_scratch_space_{create,destroy}` but if we don't keep them then this PR will be a rather large diff. ACKs for top commit: sipa: ACK 712e7f8 real-or-random: utACK 712e7f8 Tree-SHA512: b3a8feb0fe4639d5e48b708ccbf355bca5da658a291f63899086d2bbeb6d0ab33e3dcd55d8984ec7fa803f757b7d02e71bcb7e7eeecaab52ffc70ae85dce8c44
Configuration menu - View commit details
-
Copy full SHA for 9eb6934 - Browse repository at this point
Copy the full SHA 9eb6934View commit details -
Merge bitcoin-core/secp256k1#1303: ct: Use more volatile
17fa217 ct: Be cautious and use volatile trick in more "conditional" paths (Tim Ruffing) 5fb336f ct: Use volatile trick in scalar_cond_negate (Tim Ruffing) Pull request description: ACKs for top commit: sipa: ACK 17fa217 jonasnick: ACK 17fa217 Tree-SHA512: 4a0fbee7b1cce4f4647bff697c0e645d93aa8fb49777feef5eb1e1eadce2116bafdcc6175c066ee4fe4bf1340047311e2d7d2c48bb288867a837ecd6c8687121
Configuration menu - View commit details
-
Copy full SHA for ab5a917 - Browse repository at this point
Copy the full SHA ab5a917View commit details -
Configuration menu - View commit details
-
Copy full SHA for 97a98be - Browse repository at this point
Copy the full SHA 97a98beView commit details -
Configuration menu - View commit details
-
Copy full SHA for 28687b0 - Browse repository at this point
Copy the full SHA 28687b0View commit details -
Configuration menu - View commit details
-
Copy full SHA for cd54ac7 - Browse repository at this point
Copy the full SHA cd54ac7View commit details -
Merge bitcoin-core/secp256k1#1133: schnorrsig: Add test vectors for v…
…ariable-length messages cd54ac7 schnorrsig: Improve docs of schnorrsig_sign_custom (Tim Ruffing) 28687b0 schnorrsig: Add BIP340 varlen test vectors (Tim Ruffing) 97a98be schnorrsig: Refactor test vector code to allow varlen messages (Tim Ruffing) Pull request description: ACKs for top commit: sipa: ACK cd54ac7. I didn't verify the included test vectors match the BIP. jonasnick: ACK cd54ac7 Tree-SHA512: 268140e239b703aaf79825de2263675a8c31bef999f013ea532b0cd7b80f2d600d78f3872209a93774ba4dbc0a046108e87d151fc4604882c5636876026a0816
Configuration menu - View commit details
-
Copy full SHA for fb3a806 - Browse repository at this point
Copy the full SHA fb3a806View commit details -
Configuration menu - View commit details
-
Copy full SHA for 1907f0f - Browse repository at this point
Copy the full SHA 1907f0fView commit details -
Merge bitcoin-core/secp256k1#1306: build: Make tests work with extern…
…al default callbacks 1907f0f build: Make tests work with external default callbacks (Tim Ruffing) Pull request description: ACKs for top commit: sipa: ACK 1907f0f jonasnick: ACK 1907f0f Tree-SHA512: 198598f7bf5292bf5709187f9a40ddf9a0fba93e8b62afb49df2c05b4ef61c394cea43ee07615b51ceea97862228d8ad351fddef13c190cb2e6690943ed63128
Configuration menu - View commit details
-
Copy full SHA for 006ddc1 - Browse repository at this point
Copy the full SHA 006ddc1View commit details -
Configuration menu - View commit details
-
Copy full SHA for 5b32602 - Browse repository at this point
Copy the full SHA 5b32602View commit details -
Merge bitcoin-core/secp256k1#1207: Split fe_set_b32 into reducing and…
… normalizing variants 5b32602 Split fe_set_b32 into reducing and normalizing variants (Pieter Wuille) Pull request description: Follow-up to #1205. This splits the `secp256k1_fe_set_b32` function into two variants: * `secp256k1_fe_set_b32_mod`, which returns `void`, reduces modulo the curve order, and only promises weakly normalized output. * `secp256k1_fe_set_b32_limit`, which returns `int` indicating success/failure, and only promises valid output in case the input is in range (but guarantees it's strongly normalized in this case). This removes one of the few cases in the codebase where normalization status depends on runtime values, making it fixed at compile-time instead. ACKs for top commit: real-or-random: ACK 5b32602 jonasnick: ACK 5b32602 Tree-SHA512: 4b93502272638c6ecdef4d74afa629e7ee540c0a20b377dccedbe567857b56c4684fad3af4b4293ed7ba35fed4aa5d0beaacdd77a903f44f24e8d87305919b61
Configuration menu - View commit details
-
Copy full SHA for 3353d3c - Browse repository at this point
Copy the full SHA 3353d3cView commit details
Commits on May 12, 2023
-
Bugfix: mark outputs as early clobber in scalar x86_64 asm
In the existing code, the compiler is allowed to allocate the RSI register for outputs m0, m1, or m2, which are written to before the input in RSI is read from. Fix this by marking them as early clobber. Reported by ehoffman2 in bitcoin-core/secp256k1#766
Configuration menu - View commit details
-
Copy full SHA for 0c729ba - Browse repository at this point
Copy the full SHA 0c729baView commit details -
Mark stack variables as early clobber for technical correctness
In the field 5x52 asm for x86_64, stack variables are provided as outputs. The existing inputs are all forcibly allocated to registers, so cannot coincide, but mark them as early clobber anyway to make this clearer.
Configuration menu - View commit details
-
Copy full SHA for 350b4bd - Browse repository at this point
Copy the full SHA 350b4bdView commit details -
Configuration menu - View commit details
-
Copy full SHA for ed4ba23 - Browse repository at this point
Copy the full SHA ed4ba23View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0324645 - Browse repository at this point
Copy the full SHA 0324645View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8c9ae37 - Browse repository at this point
Copy the full SHA 8c9ae37View commit details -
Configuration menu - View commit details
-
Copy full SHA for c6bb29b - Browse repository at this point
Copy the full SHA c6bb29bView commit details -
Merge bitcoin-core/secp256k1#1304: build: Rename arm to arm32 and che…
…ck if it's really supported c6bb29b build: Rename `64bit` to `x86_64` (Hennadii Stepanov) 0324645 autotools: Add `SECP_ARM32_ASM_CHECK` macro (Hennadii Stepanov) ed4ba23 cmake: Add `check_arm32_assembly` function (Hennadii Stepanov) e5cf4bf build: Rename `arm` to `arm32` (Hennadii Stepanov) Pull request description: Closes bitcoin-core/secp256k1#1034. Solves one item in bitcoin-core/secp256k1#1235. ACKs for top commit: real-or-random: ACK c6bb29b tested on x86_64 but not on ARM Tree-SHA512: c3615a18cfa30bb2cc53be18c09ccab08fc800b84444d8c6b333347b4db039a3981da61e7da5086dd9f4472838d7c031d554be9ddc7c435ba906852bba593982
Configuration menu - View commit details
-
Copy full SHA for b54a067 - Browse repository at this point
Copy the full SHA b54a067View commit details -
Merge bitcoin-core/secp256k1#1307: Mark more assembly outputs as earl…
…y clobber 8c9ae37 Add release note (Pieter Wuille) 350b4bd Mark stack variables as early clobber for technical correctness (Pieter Wuille) 0c729ba Bugfix: mark outputs as early clobber in scalar x86_64 asm (Pieter Wuille) Pull request description: ACKs for top commit: real-or-random: ACK 8c9ae37 jonasnick: ACK 8c9ae37 Tree-SHA512: 874d01f5540d14b5188aec25f6441dbc6631f8d3980416040a3e250f1aef75150068415e7a458a9a3fb0d7cbdeb97f5c7e089b187d6d3dd79aa6e45274c241b6
Configuration menu - View commit details
-
Copy full SHA for 7d4f86d - Browse repository at this point
Copy the full SHA 7d4f86dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 76b43f3 - Browse repository at this point
Copy the full SHA 76b43f3View commit details -
Revert "Remove unused scratch space from API"
This reverts commit 712e7f8.
Configuration menu - View commit details
-
Copy full SHA for 3ad1027 - Browse repository at this point
Copy the full SHA 3ad1027View commit details -
Configuration menu - View commit details
-
Copy full SHA for 697e1cc - Browse repository at this point
Copy the full SHA 697e1ccView commit details -
Merge bitcoin-core/secp256k1#1311: Revert "Remove unused scratch spac…
…e from API" 3ad1027 Revert "Remove unused scratch space from API" (Jonas Nick) Pull request description: This reverts commit 712e7f8. Removing the scratch space from the API may break bindings to the library. ACKs for top commit: sipa: ACK 3ad1027 real-or-random: ACK 3ad1027 Tree-SHA512: ad394c0a2f83fe3a5f400c0e8f2b9bf40037ce4141d4414e6345918f5e6003c61da02a538425a49bdeb5700f5ecb713bd58f5752c0715fb1fcc4950099fdc0e6
Configuration menu - View commit details
-
Copy full SHA for e8295d0 - Browse repository at this point
Copy the full SHA e8295d0View commit details -
Merge bitcoin-core/secp256k1#1309: changelog: Catch up
697e1cc changelog: Catch up (Tim Ruffing) 76b43f3 changelog: Add entry for #1303 (Tim Ruffing) Pull request description: ACKs for top commit: sipa: ACK 697e1cc jonasnick: ACK 697e1cc Tree-SHA512: cfeb513effc69925bdedd3a298b1e2e5bf7709f68b453a5f157c584560b5400c3dc8b9ce87a775281cdea9db7f44e7e1337fbc93563f6efe350fe5defacbc4f6
Configuration menu - View commit details
-
Copy full SHA for 3e3d125 - Browse repository at this point
Copy the full SHA 3e3d125View commit details -
Configuration menu - View commit details
-
Copy full SHA for d490ca2 - Browse repository at this point
Copy the full SHA d490ca2View commit details
Commits on May 13, 2023
-
Merge bitcoin-core/secp256k1#1312: release: Prepare for 0.3.2
Configuration menu - View commit details
-
Copy full SHA for acf5c55 - Browse repository at this point
Copy the full SHA acf5c55View commit details -
Configuration menu - View commit details
-
Copy full SHA for 95448ef - Browse repository at this point
Copy the full SHA 95448efView commit details -
Merge bitcoin-core/secp256k1#1314: release cleanup: bump version afte…
…r 0.3.2 95448ef release cleanup: bump version after 0.3.2 (Pieter Wuille) Pull request description: ACKs for top commit: hebasto: ACK 95448ef real-or-random: ACK 95448ef Tree-SHA512: 82724afd8c4b3a383a9a6b6db787fe9dd8dabd76df896a5e1d1a90733ef1c6a2fbbd6dd1d82faee359eb98fe3c636fb31ec659d49e70e17c649ded6155b9a71d
Configuration menu - View commit details
-
Copy full SHA for 83186db - Browse repository at this point
Copy the full SHA 83186dbView commit details
Commits on May 15, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 31b4bbe - Browse repository at this point
Copy the full SHA 31b4bbeView commit details
Commits on May 17, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 5768b50 - Browse repository at this point
Copy the full SHA 5768b50View commit details
Commits on May 19, 2023
-
Merge bitcoin-core/secp256k1#1317: Make fe_cmov take max of magnitudes
31b4bbe Make fe_cmov take max of magnitudes (Pieter Wuille) Pull request description: This addresses part of #1001. The magnitude and normalization of the output of `secp256k1_fe_cmov` should not depend on the runtime value of `flag`. ACKs for top commit: real-or-random: utACK 31b4bbe stratospher: ACK 31b4bbe. Tree-SHA512: 08bef9f63797cb8a1f3ea63c716c09aaa267dfee285b74ef5fbb47d614569d2787ec73d21bce080214872dfe70246f73cea42ad3c24e6baccecabe3312f71433
Configuration menu - View commit details
-
Copy full SHA for e9e4526 - Browse repository at this point
Copy the full SHA e9e4526View commit details -
Merge bitcoin-core/secp256k1#1318: build: Enable -DVERIFY for precomp…
…utation binaries 5768b50 build: Enable -DVERIFY for precomputation binaries (Tim Ruffing) Pull request description: because... why not?! I realized that this can't hurt when working on #1313. ACKs for top commit: sipa: ACK 5768b50 Tree-SHA512: 2412cb93097f5c7904cfded6816bc5cdc69d958b4023ddaffd6e7575615ac5bfcd3a7cfc9ce2c0b0e6526a6f000dd84ecd32909d9d207a3644aadb5d34905911
Configuration menu - View commit details
-
Copy full SHA for 5f7903c - Browse repository at this point
Copy the full SHA 5f7903cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 6433175 - Browse repository at this point
Copy the full SHA 6433175View commit details
Commits on May 23, 2023
-
Merge bitcoin-core/secp256k1#1316: Do not invoke fe_is_zero on failed…
… set_b32_limit 6433175 Do not invoke fe_is_zero on failed set_b32_limit (Pieter Wuille) Pull request description: Noticed in the CI output of #1313 (https://cirrus-ci.com/task/5117786435878912) The code violates the field element contract that states that a field element that comes out of a failed `secp256k1_fe_set_b32_limit` call cannot be used before overwriting it. This is not an issue in practice, as such failure can only occur with negligible probability, but the experimental compiler in that CI setting is technically correct in detecting this possibility. Fix it by setting it to 1 based on a `secp256k1_fe_normalizes_to_zero` test rather than a `secp256k1_fe_is_zero` one (which does not require normalization). ACKs for top commit: stratospher: ACK 6433175 real-or-random: utACK 6433175 Tree-SHA512: 49da4535181c4607c1f4d23d1fd7cd65e7751c7cfa68643f1da77f3ec7961754fc8553bb415137fd61d86c805fe69f5adf97c05b9dc4d3bf357ae7c6409cc51a
Configuration menu - View commit details
-
Copy full SHA for d373a72 - Browse repository at this point
Copy the full SHA d373a72View commit details
Commits on May 24, 2023
-
ci: Move wine prefix to /tmp to avoid error D8037 in cl.exe
Don't ask me why this makes a difference. It may be some permission problem even though everything in Cirrus CI runs as root anyway. In any case, I'll probably get mad if I investigate this further. Fixes #1326.
Configuration menu - View commit details
-
Copy full SHA for 27504d5 - Browse repository at this point
Copy the full SHA 27504d5View commit details -
Merge bitcoin-core/secp256k1#1327: ci: Move wine prefix to /tmp to av…
…oid error D8037 in cl.exe 27504d5 ci: Move wine prefix to /tmp to avoid error D8037 in cl.exe (Tim Ruffing) Pull request description: Don't ask me why this makes a difference. It may be some permission problem even though everything in Cirrus CI runs as root anyway. In any case, I'll probably get mad if I investigate this further. Fixes #1326. ACKs for top commit: hebasto: ACK 27504d5, tested in my personal Cirrus account. Tree-SHA512: 08bb1734827579b59c705a44ee8fad6d504031eb5659c2743649be95fb048794b95ac0869a994bfa732f7f0714b4d12674c325637fe079b2266f18a3c14bbec0
Configuration menu - View commit details
-
Copy full SHA for 09df0bf - Browse repository at this point
Copy the full SHA 09df0bfView commit details -
Configuration menu - View commit details
-
Copy full SHA for 1652067 - Browse repository at this point
Copy the full SHA 1652067View commit details -
Configuration menu - View commit details
-
Copy full SHA for 79fa50b - Browse repository at this point
Copy the full SHA 79fa50bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 6348bc7 - Browse repository at this point
Copy the full SHA 6348bc7View commit details -
Configuration menu - View commit details
-
Copy full SHA for ad84603 - Browse repository at this point
Copy the full SHA ad84603View commit details -
Configuration menu - View commit details
-
Copy full SHA for 05873bb - Browse repository at this point
Copy the full SHA 05873bbView commit details -
Merge bitcoin-core/secp256k1#1310: Refine release process
ad84603 release process: clarify change log updates (Jonas Nick) 6348bc7 release process: fix process for maintenance release (Jonas Nick) 79fa50b release process: mention targeted release schedule (Jonas Nick) 1652067 release process: add sanity checks (Jonas Nick) Pull request description: Fixes #1176 ACKs for top commit: real-or-random: ACK ad84603 hebasto: re-ACK ad84603 Tree-SHA512: 215b469f4ecc6ecb2b07ba4d29b6b01fc0dda752d9cfffc3f5ec518f2efb5ec9ae027056b113758fadbebcdfdd549ff5803c3d7257761da6e3859ff6131cc137
Configuration menu - View commit details
-
Copy full SHA for 20a5da5 - Browse repository at this point
Copy the full SHA 20a5da5View commit details
Commits on May 25, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 1549db0 - Browse repository at this point
Copy the full SHA 1549db0View commit details
Commits on May 26, 2023
-
Merge bitcoin-core/secp256k1#1328: build: Bump MSVC warning level up …
…to W3 1549db0 build: Level up MSVC warnings (Hennadii Stepanov) Pull request description: Solves one item in bitcoin-core/secp256k1#1235. ACKs for top commit: sipa: utACK 1549db0 real-or-random: ACK 1549db0 Tree-SHA512: 769386f734709537291ddee45c7fbee501185d3eebe9daa117d36e13e8504fabd1127857bc661a751fdf63f2eee1e7e9507121bdb020c97eb87b8758cb0879f8
Configuration menu - View commit details
-
Copy full SHA for 908e02d - Browse repository at this point
Copy the full SHA 908e02dView commit details
Commits on May 30, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 654246c - Browse repository at this point
Copy the full SHA 654246cView commit details -
Configuration menu - View commit details
-
Copy full SHA for e83801f - Browse repository at this point
Copy the full SHA e83801fView commit details -
Configuration menu - View commit details
-
Copy full SHA for ade5b36 - Browse repository at this point
Copy the full SHA ade5b36View commit details
Commits on May 31, 2023
-
Merge bitcoin-core/secp256k1#1333: test: Warn if both
VERIFY
and `C……OVERAGE` are defined e83801f test: Warn if both `VERIFY` and `COVERAGE` are defined (Hennadii Stepanov) Pull request description: Solves one item in bitcoin-core/secp256k1#1235. Also see: bitcoin-core/secp256k1#1113 (comment). ACKs for top commit: sipa: utACK e83801f real-or-random: ACK e83801f Tree-SHA512: 25e10a09ba2c3585148becd06f2a03d85306208bda333827c9ba73eb7fd94ad15536f10daf1b335703e5cb0539584f001501ce9c578f478ff1ebc1051aefde7d
Configuration menu - View commit details
-
Copy full SHA for d75dc59 - Browse repository at this point
Copy the full SHA d75dc59View commit details -
Merge bitcoin-core/secp256k1#1330: refactor: take use of `secp256k1_s…
…calar_{zero,one}` constants ade5b36 tests: add checks for scalar constants `secp256k1_scalar_{zero,one}` (Sebastian Falbesoner) 654246c refactor: take use of `secp256k1_scalar_{zero,one}` constants (Sebastian Falbesoner) Pull request description: Rather than allocating a (non-constant) scalar variable on the stack with the sole purpose of setting it to a constant value, the global constants `secp256k1_scalar_{zero,one}` (apparently introduced in 34a67c7, PR #710) can be directly used instead for the values 0 or 1. There is very likely not even a difference in run-time, but it leads to simpler and less code which might be nice. ACKs for top commit: sipa: utACK ade5b36 real-or-random: utACK ade5b36 Tree-SHA512: 0ff05a449c153f7117a4a56efef04b2087c2330f4692f3390a0b1d95573785ac7ae3fe689ed0ec2ecc64b575d2489d6e341d32567e75a1a4b4d458c3ecd406a1
Configuration menu - View commit details
-
Copy full SHA for debf3e5 - Browse repository at this point
Copy the full SHA debf3e5View commit details
Commits on Jun 1, 2023
-
fix input range comment for
secp256k1_fe_add_int
This seems to be a typo that was introduced with commit 4371f98 (PR #1066).
Configuration menu - View commit details
-
Copy full SHA for 605e07e - Browse repository at this point
Copy the full SHA 605e07eView commit details -
Merge bitcoin-core/secp256k1#1334: fix input range comment for `secp2…
…56k1_fe_add_int` 605e07e fix input range comment for `secp256k1_fe_add_int` (Sebastian Falbesoner) Pull request description: This seems to be a typo that was introduced with commit 4371f98 (PR #1066). ACKs for top commit: sipa: ACK 605e07e real-or-random: ACK 605e07e Tree-SHA512: 7ee99cf7140c698d1146072734ba986de7328f78b2c076ee445067ef64a6a335c8669f1e733e10f5e14f98b566c799cc4c51b3eb0f036cd178b3c93476c6df2e
Configuration menu - View commit details
-
Copy full SHA for bf29f8d - Browse repository at this point
Copy the full SHA bf29f8dView commit details
Commits on Jun 2, 2023
-
Revert "ci: Move wine prefix to /tmp to avoid error D8037 in cl.exe"
This reverts commit 27504d5.
Configuration menu - View commit details
-
Copy full SHA for 7dae115 - Browse repository at this point
Copy the full SHA 7dae115View commit details
Commits on Jun 3, 2023
-
Configuration menu - View commit details
-
Copy full SHA for c7db494 - Browse repository at this point
Copy the full SHA c7db494View commit details -
ci: Remove quirk that runs dummy command after wineserver
The underlying issue is now worked around in upstream, see mstorsjo/msvc-wine#47 for details.
Configuration menu - View commit details
-
Copy full SHA for db29bf2 - Browse repository at this point
Copy the full SHA db29bf2View commit details -
Merge bitcoin-core/secp256k1#1337: ci: Fix error D8037 in
cl.exe
(a……ttempt 2) db29bf2 ci: Remove quirk that runs dummy command after wineserver (Tim Ruffing) c7db494 ci: Fix error D8037 in `cl.exe` (Hennadii Stepanov) 7dae115 Revert "ci: Move wine prefix to /tmp to avoid error D8037 in cl.exe" (Hennadii Stepanov) Pull request description: Since the mstorsjo/msvc-wine@2146cbf, the `msvc-wine` effectively initializes the WINE prefix when running the `install.sh` script. See [`install.sh`#L143](https://github.com/mstorsjo/msvc-wine/blob/2146cbfaf037e21de56c7157ec40bb6372860f51/install.sh#L143): ```sh WINEDEBUG=-all wine64 wineboot &>/dev/null ``` Our following `wine64 wineboot --init` just messes up with the prefix. This PR fixes this issue. Also bitcoin-core/secp256k1#1327 has been reverted as apparently it does not work. And bitcoin-core/secp256k1#1320 has been combined into this one. ACKs for top commit: real-or-random: ACK db29bf2 Tree-SHA512: 59e61bde0060f67501f93da8b4e193f2bfcda85d849c16bb017e38af7aa9e3b569fe2fd4aa5cdb658c3b2345cc42fad98323e329b519389b2e881ecfd403d147
Configuration menu - View commit details
-
Copy full SHA for 60556c9 - Browse repository at this point
Copy the full SHA 60556c9View commit details
Commits on Jun 4, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 5b7bf2e - Browse repository at this point
Copy the full SHA 5b7bf2eView commit details
Commits on Jun 6, 2023
-
Drop no longer needed
#include "../include/secp256k1.h"
The removed header includes have not been needed since PR1231.
Configuration menu - View commit details
-
Copy full SHA for e449af6 - Browse repository at this point
Copy the full SHA e449af6View commit details
Commits on Jun 10, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 52b8423 - Browse repository at this point
Copy the full SHA 52b8423View commit details -
scalar: use
secp256k1_{read,write}_be32
helpers (4x64 impl.)An alternative would be to introduce special helpers for reading/writing uint64_t in big endian `secp256k1_{read,write}_be64`.
Configuration menu - View commit details
-
Copy full SHA for 887183e - Browse repository at this point
Copy the full SHA 887183eView commit details
Commits on Jun 11, 2023
-
docs: correct
pubkey
param descriptions for `secp256k1_keypair_{xon……ly_,}pub` From an API perspective, the functions `secp256k1_keypair_pub` and `secp256k1_keypair_xonly_pub` always succeed (i.e. return the value 1), so the other cases in the `pubkey` parameter descriptions never happen and can hence be removed. Note that the "1 always" return value description was previously done in commit b8f8b99 (PR #1089), which also explains why invalid inputs for the affected functions are in practice only possible in violation of the type system.
Configuration menu - View commit details
-
Copy full SHA for f364428 - Browse repository at this point
Copy the full SHA f364428View commit details
Commits on Jun 12, 2023
-
Merge bitcoin-core/secp256k1#1341: docs: correct
pubkey
param descr……iptions for `secp256k1_keypair_{xonly_,}pub` f364428 docs: correct `pubkey` param descriptions for `secp256k1_keypair_{xonly_,}pub` (Sebastian Falbesoner) Pull request description: ACKs for top commit: real-or-random: ACK bitcoin-core/secp256k1@f364428 because it's consistent with the other docs jonasnick: ACK f364428 Tree-SHA512: cc4db4637301335ea9d23ac43bb3a78de54af79a5262dba2013945f87d80670c7ae1e106101a59c04225eb077e9a9e0ecc9d9d3bfe2d11cdc90f098ebd479f49
Configuration menu - View commit details
-
Copy full SHA for cb1a592 - Browse repository at this point
Copy the full SHA cb1a592View commit details -
Merge bitcoin-core/secp256k1#1339: scalar: refactor: use `secp256k1_{…
…read,write}_be32` helpers 887183e scalar: use `secp256k1_{read,write}_be32` helpers (4x64 impl.) (Sebastian Falbesoner) 52b8423 scalar: use `secp256k1_{read,write}_be32` helpers (8x32 impl.) (Sebastian Falbesoner) Pull request description: This refactoring PR takes use of the `secp256k1_{read,write}_be32` helpers (introduced in PR #1093, commit 8d89b9e) in the scalar <-> byte array conversion functions, for both the 8x32 and 4x64 implementations. (An alternative for the latter would be to introduce special helpers for reading/writing uint64_t in big endian `secp256k1_{read,write}_be64`). Verified via `objdump -D libsecp256k1.a` that `secp256k1_scalar_set_b32` for 4x64 compiles to the same code on master and the PR (`secp256k1_scalar_get_b32` is apparently always inlined) on amd64 with clang 13.0.0. ACKs for top commit: sipa: utACK 887183e Tree-SHA512: 915cb4624c6da0530dce4ec3ac48e88dd735386302cd2e15759e3c30102d81186f382ffe71493ddd0538069f1b558db543d9bb900dfdb69acb60effedc33f705
Configuration menu - View commit details
-
Copy full SHA for 67214f5 - Browse repository at this point
Copy the full SHA 67214f5View commit details -
group: remove unneeded normalize_weak in
secp256k1_ge_is_valid_var
After calculating the right-hand side of the elliptic curve equation (x^3 + 7), the field element `x3` has a magnitude of 2 (1 as result of `secp256k1_fe_mul`, then increased by 1 due to `secp256k1_fe_add_int`). This is fine for `secp256k1_fe_equal_var`, as the second parameter only requires the magnitude to not exceed 31, and the normalize_weak call can hence be dropped.
Configuration menu - View commit details
-
Copy full SHA for efa76c4 - Browse repository at this point
Copy the full SHA efa76c4View commit details
Commits on Jun 13, 2023
-
Configuration menu - View commit details
-
Copy full SHA for be8ff3a - Browse repository at this point
Copy the full SHA be8ff3aView commit details
Commits on Jun 16, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 740528c - Browse repository at this point
Copy the full SHA 740528cView commit details -
tests: add tests for
secp256k1_{read,write}_be64
This can be reviewed with `--ignore-all-space` (or `-w`), to ignore already existing code that was only indented.
Configuration menu - View commit details
-
Copy full SHA for 7067ee5 - Browse repository at this point
Copy the full SHA 7067ee5View commit details
Commits on Jun 17, 2023
-
Normalize ge produced from secp256k1_pubkey_load
The output ge is normalized when sizeof(secp256k1_ge_storage) = 64 but not when it's not 64. ARG_CHECK at the end of the function assumes normalization. So normalize ge in the other code path too.
Configuration menu - View commit details
-
Copy full SHA for f165252 - Browse repository at this point
Copy the full SHA f165252View commit details
Commits on Jun 18, 2023
-
Merge bitcoin-core/secp256k1#1350: scalar: introduce and use `secp256…
…k1_{read,write}_be64` helpers 7067ee5 tests: add tests for `secp256k1_{read,write}_be64` (Sebastian Falbesoner) 740528c scalar: use newly introduced `secp256k1_{read,write}_be64` helpers (4x64 impl.) (Sebastian Falbesoner) Pull request description: This is a simple follow-up to #1339, as suggested in comment bitcoin-core/secp256k1#1339 (comment). ACKs for top commit: stratospher: ACK 7067ee5. real-or-random: utACK 7067ee5 Tree-SHA512: f9bc2ab610099948ffac1e6bb3c822bd90b81a7110ab74cec03175e2c92ed27694a15f9cdaa7c4f1b460fe459f61c3d1d102c99592169f127fdd7539a1a0c154
Configuration menu - View commit details
-
Copy full SHA for 45c5ca7 - Browse repository at this point
Copy the full SHA 45c5ca7View commit details -
Merge bitcoin-core/secp256k1#1349: Normalize ge produced from secp256…
…k1_pubkey_load f165252 Normalize ge produced from secp256k1_pubkey_load (stratospher) Pull request description: The output `ge` in secp256k1_pubkey_load is normalized when `sizeof(secp256k1_ge_storage) = 64` but not when it's not 64. ARG_CHECK at the end of the function assumes normalization. So normalize ge in the other code path too. context: [#1129(comment)](https://github.com/bitcoin-core/secp256k1/pull/1129/files#r1196167066) ACKs for top commit: sipa: utACK f165252 real-or-random: ACK f165252 tested by changing the two `== 64` checks to `== 65` Tree-SHA512: 0de1caad85ccdb42053f8e09576135257c88fda88455ef25e7640049c05a1e03d1e9bae1cd132d2e6fc327fd79929257a8b21fe1cc41c82374b6cd88e6744aa3
Configuration menu - View commit details
-
Copy full SHA for 30574f2 - Browse repository at this point
Copy the full SHA 30574f2View commit details
Commits on Jun 20, 2023
-
Configuration menu - View commit details
-
Copy full SHA for a597a5a - Browse repository at this point
Copy the full SHA a597a5aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 79e5b2a - Browse repository at this point
Copy the full SHA 79e5b2aView commit details -
Add ellswift module implementing ElligatorSwift
The scheme implemented is described below, and largely follows the paper "SwiftEC: Shallue–van de Woestijne Indifferentiable Function To Elliptic Curves", by Chavez-Saab, Rodriguez-Henriquez, and Tibouchi (https://eprint.iacr.org/2022/759). A new 64-byte public key format is introduced, with the property that *every* 64-byte array is an encoding for a non-infinite curve point. Each curve point has roughly 2^256 distinct encodings. This permits disguising public keys as uniformly random bytes. The new API functions: * secp256k1_ellswift_encode: convert a normal public key to an ellswift 64-byte public key, using additional entropy to pick among the many possible encodings. * secp256k1_ellswift_decode: convert an ellswift 64-byte public key to a normal public key. * secp256k1_ellswift_create: a faster and safer equivalent to calling secp256k1_ec_pubkey_create + secp256k1_ellswift_encode. * secp256k1_ellswift_xdh: x-only ECDH directly on ellswift 64-byte public keys, where the key encodings are fed to the hash function. The scheme itself is documented in secp256k1_ellswift.h.
Configuration menu - View commit details
-
Copy full SHA for c47917b - Browse repository at this point
Copy the full SHA c47917bView commit details -
These include both test vectors taken from BIP324, as randomized unit tests.
Configuration menu - View commit details
-
Copy full SHA for 9695deb - Browse repository at this point
Copy the full SHA 9695debView commit details -
Configuration menu - View commit details
-
Copy full SHA for df633cd - Browse repository at this point
Copy the full SHA df633cdView commit details -
Configuration menu - View commit details
-
Copy full SHA for 2d1d41a - Browse repository at this point
Copy the full SHA 2d1d41aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 1bcea8c - Browse repository at this point
Copy the full SHA 1bcea8cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 4f09184 - Browse repository at this point
Copy the full SHA 4f09184View commit details -
Configuration menu - View commit details
-
Copy full SHA for 90e360a - Browse repository at this point
Copy the full SHA 90e360aView commit details -
field: Document return value of fe_sqrt()
Co-authored-by: Jonas Nick <jonasd.nick@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 5779137 - Browse repository at this point
Copy the full SHA 5779137View commit details
Commits on Jun 21, 2023
-
Merge bitcoin-core/secp256k1#1338: Drop no longer needed `#include ".…
…./include/secp256k1.h"` e449af6 Drop no longer needed `#include "../include/secp256k1.h"` (Hennadii Stepanov) Pull request description: The removed header includes have not been needed since bitcoin-core/secp256k1#1231. Test suggestions: 1. Using Autottols-based build system: ``` ./autogen.sh ./configure make clean-precomp make ``` 2. Using CMake-based build system: ``` cmake -B build -DCMAKE_C_INCLUDE_WHAT_YOU_USE="include-what-you-use" cmake --build build --target secp256k1_precomputed ``` ACKs for top commit: sipa: utACK e449af6 real-or-random: utACK e449af6 Tree-SHA512: 5aed7a88e1e03fcc2306c43817712c0652ecf6145679dd17f4719376818d372f619e4180bdaee548f2e82aaccbe6a2ff4c37203121d939af545128c8c48b933e
Configuration menu - View commit details
-
Copy full SHA for 0702ecb - Browse repository at this point
Copy the full SHA 0702ecbView commit details -
Merge bitcoin-core/secp256k1#1129: ElligatorSwift + integrated x-only DH
90e360a Add doc/ellswift.md with ElligatorSwift explanation (Pieter Wuille) 4f09184 Add ellswift testing to CI (Pieter Wuille) 1bcea8c Add benchmarks for ellswift module (Pieter Wuille) 2d1d41a Add ctime tests for ellswift module (Pieter Wuille) df633cd Add _prefix and _bip324 ellswift_xdh hash functions (Pieter Wuille) 9695deb Add tests for ellswift module (Pieter Wuille) c47917b Add ellswift module implementing ElligatorSwift (Pieter Wuille) 79e5b2a Add functions to test if X coordinate is valid (Pieter Wuille) a597a5a Add benchmark for key generation (Pieter Wuille) Pull request description: ACKs for top commit: Davidson-Souza: tACK 90e360a. Full testing backlog: real-or-random: ACK 90e360a jonasnick: ACK 90e360a Tree-SHA512: cf59044c1b064f9a3fd57fd1c4c6ab154305ee6ad67a604bc254ddd6b8ee78626250d325174e10d2f2b19264ab0d58013508dc763aa07f5a1e6417e03551a378
Configuration menu - View commit details
-
Copy full SHA for 705ce7e - Browse repository at this point
Copy the full SHA 705ce7eView commit details -
Merge bitcoin-core/secp256k1#1347: field: Document return value of fe…
…_sqrt() 5779137 field: Document return value of fe_sqrt() (Tim Ruffing) Pull request description: ACKs for top commit: sipa: ACK 5779137 theStack: ACK 5779137 Tree-SHA512: 706f8c6a26bf85f6c23af3bb053173b2cdee6838dd930cb2b1e2f851f47cfebafccecbd7d84b8152f2fea12f0676c1ddd700bb32beebec3f3e0f4300e878d0f5
Configuration menu - View commit details
-
Copy full SHA for 3c1a0fd - Browse repository at this point
Copy the full SHA 3c1a0fdView commit details -
Configuration menu - View commit details
-
Copy full SHA for c32ffd8 - Browse repository at this point
Copy the full SHA c32ffd8View commit details
Commits on Jun 23, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 7c7467a - Browse repository at this point
Copy the full SHA 7c7467aView commit details
Commits on Jun 24, 2023
-
Merge bitcoin-core/secp256k1#1336: Use
__shiftright128
intrinsic in…… `secp256k1_u128_rshift` on MSVC 5b7bf2e Use `__shiftright128` intrinsic in `secp256k1_u128_rshift` on MSVC (Hennadii Stepanov) Pull request description: Closes bitcoin-core/secp256k1#1324. As the `__shiftright128` [docs](https://learn.microsoft.com/en-us/cpp/intrinsics/shiftright128) state: > The `Shift` value is always modulo 64... it is not applicable for the `n >= 64` branch. ACKs for top commit: sipa: utACK 5b7bf2e real-or-random: ACK 5b7bf2e tested with MSVC x64 Tree-SHA512: bc4c245a9da83c783a0479e751a4bc2ec77a34b99189fcc4431033a5420c93b610f3b960d3f23c15bce2eb010beba665b3e84d468b3fdab3d5846d4f27016898
Configuration menu - View commit details
-
Copy full SHA for 1083683 - Browse repository at this point
Copy the full SHA 1083683View commit details -
Merge bitcoin-core/secp256k1#1295: abi: Use dllexport for mingw builds
bc7c8db abi: Use dllexport for mingw builds (Cory Fields) Pull request description: Addresses the first part of #1181. See the discussion there for more context and history. After this, all that remains is a (platform-independent) exports checker for c-i. Or perhaps a linker script or .def file could be tricked into testing as a side-effect. This should fix mingw exports, specifically hiding the following: `secp256k1_pre_g_128` `secp256k1_pre_g` `secp256k1_ecmult_gen_prec_table` This changes our visibility macros to look more like [gcc's recommendation](https://gcc.gnu.org/wiki/Visibility#How_to_use_the_new_C.2B-.2B-_visibility_support). Edit: Note that we could further complicate this by supporting `__attribute__ ((dllexport))` as well, though I didn't bother as I'm not sure what compiler combo would accept that but not the bare dllexport syntax. Edit2: As the title implies, this affects this ABI and could affect downstream libs/apps in unintended ways (though it's hard to imagine any real downside). Though because it's win32 only, I'm imagining very little real-world impact at all. ACKs for top commit: hebasto: re-ACK bc7c8db, only a comment has been adjusted since my recent [review](bitcoin-core/secp256k1#1295 (review)), real-or-random: utACK bc7c8db Tree-SHA512: 378e15556da49494f551bdf4f7b41304db9d03a435f21fcc947c9520aa43e3c655cfe216fba57a5179a871c975c806460eef7c33b105f2726e1de0937ff2444e
Configuration menu - View commit details
-
Copy full SHA for 926dd3e - Browse repository at this point
Copy the full SHA 926dd3eView commit details -
Fix a typo in the error message
The code has been copy-pasted from the `precompute_ecmult_gen.c` source file.
Configuration menu - View commit details
-
Copy full SHA for 67887ae - Browse repository at this point
Copy the full SHA 67887aeView commit details
Commits on Jun 25, 2023
-
Merge bitcoin-core/secp256k1#1354: Add ellswift to CHANGELOG
7c7467a Refer to ellswift.md in API docs (Pieter Wuille) c32ffd8 Add ellswift to CHANGELOG (Pieter Wuille) Pull request description: A follow-up with a CHANGELOG entry for #1129. ACKs for top commit: real-or-random: ACK 7c7467a theStack: ACK 7c7467a Tree-SHA512: 4f066e4b8d5e130f2b5bea0ed4c634e9426bc576342aad6c306e0805a8354e27a5e679b15ec869d4e7d36eb5d53174e46b3bf5e15d19a7e165afc82e46ddfcf5
Configuration menu - View commit details
-
Copy full SHA for ac43613 - Browse repository at this point
Copy the full SHA ac43613View commit details -
Merge bitcoin-core/secp256k1#1355: Fix a typo in the error message
67887ae Fix a typo in the error message (Hennadii Stepanov) Pull request description: The code has been copy-pasted from the `precompute_ecmult_gen.c` source file. ACKs for top commit: real-or-random: ACK 67887ae Tree-SHA512: d6874949310197e5d2d6c43f5a7c2165b4ee0f6cbe3cc1491d0f97163fa5329ebeab2b2adf10246c87382016fbe738c69dfd3f2253e93c906bf404cbf439b12a
Configuration menu - View commit details
-
Copy full SHA for fd491ea - Browse repository at this point
Copy the full SHA fd491eaView commit details -
Configuration menu - View commit details
-
Copy full SHA for 8a72734 - Browse repository at this point
Copy the full SHA 8a72734View commit details -
tests: refactor: take use of
secp256k1_ge_x_on_curve_var
The recently merged ellswift PR (#1129) introduced a helper `secp256k1_ge_x_on_curve_var` to check if a given X coordinate is valid (i.e. the expression x^3 + 7 is square, see commit 79e5b2a). This can be used for code deduplication in the `ecmult_const_mult_xonly` test.
Configuration menu - View commit details
-
Copy full SHA for 7d8d5c8 - Browse repository at this point
Copy the full SHA 7d8d5c8View commit details
Commits on Jun 26, 2023
-
Configuration menu - View commit details
-
Copy full SHA for a178209 - Browse repository at this point
Copy the full SHA a178209View commit details -
Configuration menu - View commit details
-
Copy full SHA for c862a9f - Browse repository at this point
Copy the full SHA c862a9fView commit details
Commits on Jun 27, 2023
-
Merge bitcoin-core/secp256k1#1356: ci: Adjust Docker image to Debian …
…12 "bookworm" c862a9f ci: Adjust Docker image to Debian 12 "bookworm" (Hennadii Stepanov) a178209 ci: Force DWARF v4 for Clang when Valgrind tests are expected (Hennadii Stepanov) 8a72734 Help the compiler prove that a loop is entered (Tim Ruffing) Pull request description: Since the [release](https://www.debian.org/News/2023/20230610.html) of Debian 12 "bookworm", it has become the "stable" one that our `ci/linux-debian.Dockerfile` relies on. Last time the Docker image was built basing on Debian Bullseye. Changes in packages are significant, for instance: - `gcc` 10.2. --> 12.2 - `clang` 11.0 --> 14.0 - `wine` 5.0 --> 8.0 which requires certain adjustments provided in this PR. The first commit has been cherry-picked from bitcoin-core/secp256k1#1313. ACKs for top commit: sipa: utACK c862a9f real-or-random: ACK c862a9f Tree-SHA512: 2a62a8865f904a460274f1f3ec02d2b0b72c84b25722a383c6455cfe672c1d93382941a5027e8dceb2c0f5fe0f0efd49a0ed6b72303982f9e32991f1535538eb
Configuration menu - View commit details
-
Copy full SHA for 799f4ee - Browse repository at this point
Copy the full SHA 799f4eeView commit details -
Merge bitcoin-core/secp256k1#1357: tests: refactor: take use of `secp…
…256k1_ge_x_on_curve_var` 7d8d5c8 tests: refactor: take use of `secp256k1_ge_x_on_curve_var` (Sebastian Falbesoner) Pull request description: The recently merged ellswift PR (#1129) introduced a helper `secp256k1_ge_x_on_curve_var` to check if a given X coordinate is on the curve (i.e. the expression x^3 + 7 is square, see commit 79e5b2a). This can be used for code deduplication in the `ecmult_const_mult_xonly` test. (Found this instance via `$ git grep add_int.*SECP256K1_B`, I think it's the only one where the helper can be used.) ACKs for top commit: sipa: utACK 7d8d5c8 real-or-random: utACK 7d8d5c8 Tree-SHA512: aebff9b5ef2f6f6664ce89e4e1272cb55b6aac81cfb379652c4b7ab30dd1d7fd82a2c3b47c7b7429755ba28f011a3a9e2e6d3aa5c77d3b105d159104c24b89f3
Configuration menu - View commit details
-
Copy full SHA for 4494a36 - Browse repository at this point
Copy the full SHA 4494a36View commit details -
Merge bitcoin-core/secp256k1#1345: field: Static-assert that int args…
… affecting magnitude are constant be8ff3a field: Static-assert that int args affecting magnitude are constant (Tim Ruffing) Pull request description: See #1001. Try to revert the lines in `tests.c` to see the error message in action. ACKs for top commit: sipa: ACK be8ff3a. Verified by introducing some non-constant expressions and seeing compilation fail. theStack: ACK be8ff3a Tree-SHA512: 8befec6ee64959cdc7f3e29b4b622410794cfaf69e9df8df17600390a93bc787dba5cf86239de6eb2e99c038b9aca5461e4b3c82f0e0c4cf066ad7c689941b19
Configuration menu - View commit details
-
Copy full SHA for 3aef6ab - Browse repository at this point
Copy the full SHA 3aef6abView commit details -
tests: refactor: remove duplicate function
random_field_element_test
There is a function `random_fe_test` which does exactly the same, so use that instead. Note that it's also moved up before the `random_group_element_test` function, in order to avoid needing a forward declaration.
Configuration menu - View commit details
-
Copy full SHA for 304421d - Browse repository at this point
Copy the full SHA 304421dView commit details -
tests: introduce helper for non-zero
random_fe_test
resultsThere are several instances in the tests where random non-zero field elements are generated by calling `random_fe_test` in a do/while-loop. This commit deduplicates all these by introducing a `random_fe_non_zero_test` helper. Note that some instances checked the is-zero condition via `secp256k1_fe_normalizes_to_zero_var`, which is unnecessary, as the result of `random_fe_test` is already normalized (so strictly speaking, this is not a pure refactor).
Configuration menu - View commit details
-
Copy full SHA for 5a95a26 - Browse repository at this point
Copy the full SHA 5a95a26View commit details -
Merge bitcoin-core/secp256k1#1358: tests: introduce helper for non-ze…
…ro `random_fe_test()` results 5a95a26 tests: introduce helper for non-zero `random_fe_test` results (Sebastian Falbesoner) 304421d tests: refactor: remove duplicate function `random_field_element_test` (Sebastian Falbesoner) Pull request description: There are several instances in the tests where random non-zero field elements are generated by calling `random_fe_test` in a do/while-loop with is-zero condition. This PR deduplicates all these by introducing a `random_fe_non_zero_test` helper. Note that some instances checked the is-zero condition via `secp256k1_fe_normalizes_to_zero_var`, which is unnecessary, as the result of `random_field_element_test` is already normalized (so strictly speaking, this is not a pure refactor, and there could be tiny run-time improvements, though I doubt that's measurable). Additionally, the first commit removes the function `random_field_element_test` as it is logically a duplicate of `random_fe_test`. ACKs for top commit: real-or-random: ACK 5a95a26 Tree-SHA512: 920404f38ebe8b84bfd52f3354dc17ae6a0fd6355f99b78c9aeb53bf21f7eca5fd4518edc8a422d84f430ae95864661b497de42a3ab7fa9c49515a1df2f1d466
Configuration menu - View commit details
-
Copy full SHA for 0fa84f8 - Browse repository at this point
Copy the full SHA 0fa84f8View commit details
Commits on Jun 28, 2023
-
Configuration menu - View commit details
-
Copy full SHA for a6ca76c - Browse repository at this point
Copy the full SHA a6ca76cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 5b9f37f - Browse repository at this point
Copy the full SHA 5b9f37fView commit details
Commits on Jul 1, 2023
-
ci: Drop manual checkout of merge commit
This is no longer necessary as of cirruslabs/cirrus-ci-docs#791 (comment) .
Configuration menu - View commit details
-
Copy full SHA for 98579e2 - Browse repository at this point
Copy the full SHA 98579e2View commit details
Commits on Jul 2, 2023
-
Merge bitcoin-core/secp256k1#1368: ci: Drop manual checkout of merge …
Configuration menu - View commit details
-
Copy full SHA for 249c81e - Browse repository at this point
Copy the full SHA 249c81eView commit details
Commits on Jul 3, 2023
-
ci: Print commit in Windows container
This change adds the same functionality to Windows containers that is already available in Linux containers.
Configuration menu - View commit details
-
Copy full SHA for a7bec34 - Browse repository at this point
Copy the full SHA a7bec34View commit details -
Merge bitcoin-core/secp256k1#1369: ci: Print commit in Windows container
a7bec34 ci: Print commit in Windows container (Hennadii Stepanov) Pull request description: This PR is a follow-up to bitcoin-core/secp256k1#1368 and adds the same functionality to Windows containers that is already available in Linux containers. See: bitcoin-core/secp256k1#1368 (comment). ACKs for top commit: real-or-random: ACK a7bec34 seems to work: https://cirrus-ci.com/task/4919320090771456?logs=git_show#L2 Tree-SHA512: 0998e0f7231e3057a7e358a27b34071c73ca556973da20494db84fc67f2a72ad2fe582e59647a425ee41e7d9103a0a22fb3cdf0ace6fe0aed1d21f2f75c8ec53
Configuration menu - View commit details
-
Copy full SHA for 7966aee - Browse repository at this point
Copy the full SHA 7966aeeView commit details -
build: Introduce
SECP256K1_STATIC
macro for Windows usersIt is a non-Libtool-specific way to explicitly specify the user's intention to consume a static `libseck256k1`. This change allows to get rid of MSVC linker warnings LNK4217 and LNK4286. Also, it makes possible to merge the `SECP256K1_API` and `SECP256K1_API_VAR` into one.
Configuration menu - View commit details
-
Copy full SHA for ae9db95 - Browse repository at this point
Copy the full SHA ae9db95View commit details -
Configuration menu - View commit details
-
Copy full SHA for 9f1b190 - Browse repository at this point
Copy the full SHA 9f1b190View commit details -
build: Introduce
SECP256k1_DLL_EXPORT
macroThis change provides a way to build a shared library that is not tired to the Libtool-specific `DLL_EXPORT` macro.
Configuration menu - View commit details
-
Copy full SHA for 0196e8a - Browse repository at this point
Copy the full SHA 0196e8aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 020bf69 - Browse repository at this point
Copy the full SHA 020bf69View commit details -
Configuration menu - View commit details
-
Copy full SHA for c6cd2b1 - Browse repository at this point
Copy the full SHA c6cd2b1View commit details -
Merge bitcoin-core/secp256k1#1323: tweak_add: fix API doc for tweak=0
Configuration menu - View commit details
-
Copy full SHA for fb758fe - Browse repository at this point
Copy the full SHA fb758feView commit details -
Merge bitcoin-core/secp256k1#1364: Avoid
-Wmaybe-uninitialized
when…… compiling with `gcc -O1` 5b9f37f ci: Add `CFLAGS: -O1` to task matrix (Hennadii Stepanov) a6ca76c Avoid `-Wmaybe-uninitialized` when compiling with `gcc -O1` (Hennadii Stepanov) Pull request description: Fixes bitcoin-core/secp256k1#1361. CI tasks have been adjusted to catch similar issues in the future. ACKs for top commit: real-or-random: utACK 5b9f37f jonasnick: tACK 5b9f37f Tree-SHA512: 8aa5ec22ed88579ecd37681df68d64f8bab93cd14bdbf432a3af41cadc7ab3eba86c33c179db15bf3a3c798c33064bd845ebdedb02ee617ef634e98c596838c2
Configuration menu - View commit details
-
Copy full SHA for 3fc1de5 - Browse repository at this point
Copy the full SHA 3fc1de5View commit details -
group: remove unneeded normalize_weak in
secp256k1_gej_eq_x_var
By requiring that the input group element's X coordinate (`a->x`) has a magnitude of <= 31, the normalize_weak call and also the field element variable `r2` are not needed anymore and hence can be dropped.
Configuration menu - View commit details
-
Copy full SHA for 07c0e8b - Browse repository at this point
Copy the full SHA 07c0e8bView commit details -
restoring wycheproof files restoring wycheproof files2
Configuration menu - View commit details
-
Copy full SHA for b6b9834 - Browse repository at this point
Copy the full SHA b6b9834View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0aacf64 - Browse repository at this point
Copy the full SHA 0aacf64View commit details -
Merge bitcoin-core/secp256k1#1367: build: Improvements to symbol visi…
…bility logic on Windows (attempt 3) c6cd2b1 ci: Add task for static library on Windows + CMake (Hennadii Stepanov) 020bf69 build: Add extensive docs on visibility issues (Tim Ruffing) 0196e8a build: Introduce `SECP256k1_DLL_EXPORT` macro (Hennadii Stepanov) 9f1b190 refactor: Replace `SECP256K1_API_VAR` with `SECP256K1_API` (Hennadii Stepanov) ae9db95 build: Introduce `SECP256K1_STATIC` macro for Windows users (Hennadii Stepanov) Pull request description: Previous attempts: - bitcoin-core/secp256k1#1346 - bitcoin-core/secp256k1#1362 The result is as follows: 1. Simple, concise and extensively documented code. 2. Explicitly documented use cases with no ambiguities. 3. No workarounds for linker warnings. 4. Solves one item in bitcoin-core/secp256k1#1235. ACKs for top commit: real-or-random: utACK c6cd2b1 Tree-SHA512: d58694452d630aefbd047916033249891bc726b7475433aaaa7c3ea2a07ded8f185a598385b67c2ee3440ec5904ff9d9452c97b0961d84dcb2eb2cf46caa171e
Configuration menu - View commit details
-
Copy full SHA for 9e6d1b0 - Browse repository at this point
Copy the full SHA 9e6d1b0View commit details
Commits on Jul 4, 2023
-
Merge bitcoin-core/secp256k1#1344: group: save normalize_weak calls i…
…n `secp256k1_ge_is_valid_var`/`secp256k1_gej_eq_x_var` 07c0e8b group: remove unneeded normalize_weak in `secp256k1_gej_eq_x_var` (Sebastian Falbesoner) efa76c4 group: remove unneeded normalize_weak in `secp256k1_ge_is_valid_var` (Sebastian Falbesoner) Pull request description: This PR removes unneeded normalize_weak calls in two group element functions: * `secp256k1_ge_is_valid_var`: After calculating the right-hand side of the elliptic curve equation (x^3 + 7), the field element `x3` has a magnitude of 2 (1 as result of `secp256k1_fe_mul`, then increased by 1 due to `secp256k1_fe_add_int`). This is fine for `secp256k1_fe_equal_var`, as the second parameter only requires the magnitude to not exceed 31, and the normalize_weak call is hence not needed and can be dropped. Note that the interface description for `secp256k1_fe_equal` (which also applies to `secp256k1_fe_equal_var`) once stated that _both_ parameters need to have magnitude 1, but that was corrected in commit 7d7d43c. * `secp256k1_gej_eq_x_var`: By requiring that the input group element's X coordinate (`a->x`) has a magnitude of <= 31, the normalize_weak call and also the field element variable `r2` are not needed anymore and hence can be dropped. ACKs for top commit: sipa: utACK 07c0e8b jonasnick: ACK 07c0e8b Tree-SHA512: 9037e4af881ce7bf3347414d6da06b99e3d318733ba4f70e8b24d2320c2f26d022144e17bd6b95c1a4ef1be3825a4464e56ce2d2b3ae7bbced04257048832b7f
Configuration menu - View commit details
-
Copy full SHA for 332af31 - Browse repository at this point
Copy the full SHA 332af31View commit details
Commits on Jul 5, 2023
-
Configuration menu - View commit details
-
Copy full SHA for c7d900f - Browse repository at this point
Copy the full SHA c7d900fView commit details -
Add exhaustive test for ellswift (create+decode roundtrip)
Co-authored-by: Pieter Wuille <pieter@wuille.net> Co-authored-by: Tim Ruffing <crypto@timruffing.de>
Configuration menu - View commit details
-
Copy full SHA for 2792119 - Browse repository at this point
Copy the full SHA 2792119View commit details -
Merge bitcoin-core/secp256k1#1371: Add exhaustive tests for ellswift …
…(with create+decode roundtrip) 2792119 Add exhaustive test for ellswift (create+decode roundtrip) (Sebastian Falbesoner) Pull request description: This PR adds the basic structure for ellswift exhaustive tests. Right now only a `secp256k1_ellswift_create` + `secp256k1_ellswift_decode` indirect roundtrip (exhaustive loop scalar -> ellswift pubkey -> decoded pubkey -> decoded group element, compared with exhaustive precomputed group element) is included. The exhaustive tests passes locally with all currently supported orders (n=13 [default] and n=199). Note that for n=7, the test is skipped, as the used curve in this case is even-ordered and ellswift only supports odd-ordered curves. ACKs for top commit: sipa: utACK 2792119 real-or-random: utACK 2792119 Tree-SHA512: c51d3d99e9839793b3c15d75b9a29f01080db160ab8819973abd877288f9f0af972ea4264290220ab1cd035fdebcfac7767436aa39154d924ef0bf6a5733a55d
Configuration menu - View commit details
-
Copy full SHA for afd7eb4 - Browse repository at this point
Copy the full SHA afd7eb4View commit details
Commits on Jul 6, 2023
-
Merge bitcoin-core/secp256k1#1363: doc: minor ellswift.md updates
Configuration menu - View commit details
-
Copy full SHA for c9ebca9 - Browse repository at this point
Copy the full SHA c9ebca9View commit details -
field: Use
restrict
consistently in fe_sqrtThat is, use it also in the definition and not only the declaration. I believe this was the intention of commit be82bd8, but it was omitted there.
Configuration menu - View commit details
-
Copy full SHA for b79ba8a - Browse repository at this point
Copy the full SHA b79ba8aView commit details -
ci: Install development snapshots of gcc and clang
TODO: Make sure the Docker image is actually rebuild
Configuration menu - View commit details
-
Copy full SHA for 1deecaa - Browse repository at this point
Copy the full SHA 1deecaaView commit details -
Configuration menu - View commit details
-
Copy full SHA for 609093b - Browse repository at this point
Copy the full SHA 609093bView commit details -
Configuration menu - View commit details
-
Copy full SHA for e9e9648 - Browse repository at this point
Copy the full SHA e9e9648View commit details -
Configuration menu - View commit details
-
Copy full SHA for 981e5be - Browse repository at this point
Copy the full SHA 981e5beView commit details
Commits on Jul 10, 2023
-
clean up in-comment Sage code (refer to secp256k1_params.sage, update…
… to Python3) Some of the C source files contain contain in-comment Sage code calculating secp256k1 parameters that are already defined in the file secp256k1_params.sage. Replace that by a corresponding load instruction and access the necessary variables. In ecdsa_impl.h, update the comment to use a one-line shell command calling sage to get the values. The remaining code (test `test_add_neg_y_diff_x` in tests.c) is updated to work with a current version based on Python3 (Sage 9.0+, see https://wiki.sagemath.org/Python3-Switch). The latter can be seen as a small follow-up to PR #849 (commit 13c88ef).
Configuration menu - View commit details
-
Copy full SHA for 600c5ad - Browse repository at this point
Copy the full SHA 600c5adView commit details -
Merge bitcoin-core/secp256k1#1340: clean up in-comment Sage code (ref…
…er to secp256k1_params.sage, update to Python3) 600c5ad clean up in-comment Sage code (refer to secp256k1_params.sage, update to Python3) (Sebastian Falbesoner) Pull request description: Some of the C source files contain contain in-comment Sage code calculating secp256k1 parameters that are already defined in the file secp256k1_params.sage. Replace that by a corresponding load instruction and access the necessary variables. In ecdsa_impl.h, update the comment to use a one-line shell command calling sage to get the values. The remaining code (test `test_add_neg_y_diff_x` in tests.c) is updated to work with a current version based on Python3 (Sage 9.0+, see https://wiki.sagemath.org/Python3-Switch). The latter can be seen as a small follow-up to PR #849 (commit 13c88ef). ACKs for top commit: sipa: ACK 600c5ad real-or-random: ACK 600c5ad Tree-SHA512: a9e52f6afbce65edd9ab14203612c3d423639f450fe8f0d269a3dda04bebefa95b607f7aa0faec864cb78b46d49f281632bb1277118749b7d8613e9f5dcc8f3d
Configuration menu - View commit details
-
Copy full SHA for cc55757 - Browse repository at this point
Copy the full SHA cc55757View commit details
Commits on Jul 11, 2023
-
Merge bitcoin-core/secp256k1#1366: field: Use
restrict
consistently…… in fe_sqrt b79ba8a field: Use `restrict` consistently in fe_sqrt (Tim Ruffing) Pull request description: That is, use it also in the definition and not only the declaration. I believe this was the intention of commit bitcoin-core/secp256k1@be82bd8, but it was omitted there. edit: Changed the description. I'm not entirely sure but after looking at the standard, I tend to think this is more than a cosmetic change, and only this change actually makes the parameters `restrict`. Anyway, I believe making them `restrict` was simply forgotten in be82bd8. ACKs for top commit: sipa: utACK b79ba8a Tree-SHA512: eecec7674d8cef7833d50f4041b87241ca8de4839aa8027df1c422b89f5a1bcef3916ac785057a596c459ce1aa9d41e5a21ecb6fed9c5d15a1d9f588c7ee208e
Configuration menu - View commit details
-
Copy full SHA for 0f7657d - Browse repository at this point
Copy the full SHA 0f7657dView commit details
Commits on Jul 13, 2023
-
Merge bitcoin-core/secp256k1#1313: ci: Test on development snapshots …
…of GCC and Clang 981e5be ci: Fix typo in comment (Tim Ruffing) e9e9648 ci: Reduce number of macOS tasks from 28 to 8 (Tim Ruffing) 609093b ci: Add x86_64 Linux tasks for gcc and clang snapshots (Tim Ruffing) 1deecaa ci: Install development snapshots of gcc and clang (Tim Ruffing) Pull request description: ACKs for top commit: hebasto: re-ACK 981e5be jonasnick: ACK 981e5be Tree-SHA512: a36ef6f3c30a7f6e09e186e67b8eeb6e16e05de3bd97f21342866e75e33275103d463b6a12603ce235da7e26e4acdef4d811f62f369f18db9ac4e7ff06749136
Configuration menu - View commit details
-
Copy full SHA for 907a672 - Browse repository at this point
Copy the full SHA 907a672View commit details
Commits on Jul 17, 2023
-
ellswift: fix probabilistic test failure when swapping sides
When configured with `--disable-module-ecdh --enable-module-recovery`, then `./tests 64 81af32fd7ab8c9cbc2e62a689f642106` fails with ``` src/modules/ellswift/tests_impl.h:396: test condition failed: secp256k1_memcmp_var(share32_bad, share32a, 32) != 0 ``` This tests verifies that changing the `party` bit of the `secp256k1_ellswift_xdh` function results in a different share. However, that's not the case when the secret keys of both parties are the same and this is actually what happens in the observed test failure. The keys can be equal in this test case because they are created by the `random_scalar_order_test` function whose output is not uniformly random (it's biased towards 0). This commit restores the assummption that the secret keys differ.
Configuration menu - View commit details
-
Copy full SHA for c424e2f - Browse repository at this point
Copy the full SHA c424e2fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 9a98106 - Browse repository at this point
Copy the full SHA 9a98106View commit details -
Configuration menu - View commit details
-
Copy full SHA for 64717a7 - Browse repository at this point
Copy the full SHA 64717a7View commit details -
Configuration menu - View commit details
-
Copy full SHA for e996d07 - Browse repository at this point
Copy the full SHA e996d07View commit details -
Merge bitcoin-core/secp256k1#1378: ellswift: fix probabilistic test f…
…ailure when swapping sides c424e2f ellswift: fix probabilistic test failure when swapping sides (Jonas Nick) Pull request description: Reported by jonatack in bitcoin/bitcoin#28079. When configured with `--disable-module-ecdh --enable-module-recovery`, then `./tests 64 81af32fd7ab8c9cbc2e62a689f642106` fails with ``` src/modules/ellswift/tests_impl.h:396: test condition failed: secp256k1_memcmp_var(share32_bad, share32a, 32) != 0 ``` This tests verifies that changing the `party` bit of the `secp256k1_ellswift_xdh` function results in a different share. However, that's not the case when the secret keys of both parties are the same and this is actually what happens in the observed test failure. The keys can be equal in this test case because they are created by the `random_scalar_order_test` function whose output is not uniformly random (it's biased towards 0). This commit restores the assumption that the secret keys differ. ACKs for top commit: sipa: utACK c424e2f real-or-random: utACK c424e2f Tree-SHA512: d1ab61473a77478f9aeffb21ad73e0bba478c90d8573c72ec89d2e0140434cc65c9d5f4d56e5f259931dc68fc1800695c6cd5d63d9cfce4c1c4d6744eeaa2028
Configuration menu - View commit details
-
Copy full SHA for b40e2d3 - Browse repository at this point
Copy the full SHA b40e2d3View commit details
Commits on Jul 18, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 6c54db1 - Browse repository at this point
Copy the full SHA 6c54db1View commit details -
Merge bitcoin-core/secp256k1#1298: Remove randomness tests
6ec3731 Simplify test PRNG implementation (Pieter Wuille) fb5bfa4 Add static test vector for Xoshiro256++ (Tim Ruffing) 723e8ca Remove randomness tests (Pieter Wuille) Pull request description: ACKs for top commit: real-or-random: utACK 6ec3731 jonasnick: ACK 6ec3731 Tree-SHA512: 4cbbb9c42e31f067b17dd9169ae5d5e68bce77d1253452db9df523d3be2b5d61002d5a4203e5a153f257ec63c5ff2113555743eeb402d4b6c573069ea494d407
Configuration menu - View commit details
-
Copy full SHA for c545fdc - Browse repository at this point
Copy the full SHA c545fdcView commit details
Commits on Jul 20, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 304fc88 - Browse repository at this point
Copy the full SHA 304fc88View commit details -
Merge pull request #246 from jonasnick/temp-merge-1187
Upstream PRs 1174, 1154, 1178, 1177, 1171, 1158, 1183, 1185, 1186, 1188, 1187
Configuration menu - View commit details
-
Copy full SHA for 7aa9887 - Browse repository at this point
Copy the full SHA 7aa9887View commit details -
Merge commits '88e80722 ff8edf8 f29a327 a7a7bfa a01a7d8 b1579cf ad7433b
Configuration menu - View commit details
-
Copy full SHA for 0d540ec - Browse repository at this point
Copy the full SHA 0d540ecView commit details
Commits on Jul 21, 2023
-
Merge #251: Update sync-upstream with master
7e91936 ci: Always define EXPERIMENTAL variable (Tim Ruffing) 0a99156 sync-upstream.sh: Add "git show --remerge-diff" tip (Tim Ruffing) 9b6a1c3 sync-upstream.sh: Fix position of "-b" option in reproduce command (Tim Ruffing) 05b207e sync-upstream: allows providing the local branch via cli (Jonas Nick) Pull request description: ACKs for top commit: real-or-random: utACK 7e91936 Tree-SHA512: 4527cb6a2493d210eb7ba6d8f6e717b2acbc07aebdc1c4011cffe23490876a4e795d656a69df2cd50e4e3fe8742c123d9ea493914c148c8fbc93d7d3799e7447
Configuration menu - View commit details
-
Copy full SHA for 897c765 - Browse repository at this point
Copy the full SHA 897c765View commit details -
Merge #249: Upstream PRs 1160, 1193, 1169, 1190, 1192, 1194, 1196, 11…
…95, 1170, 1172, 1200, 1199, 1203, 1201, 1206, 1078, 1209, 979, 1212, 1218, 1217, 1221, 1222 5d8f53e Remove redudent checks. (Russell O'Connor) d232112 Update Changelog (Tim Ruffing) b081f7e Add secp256k1_fe_add_int function (Pieter Wuille) 2ef1c9b Update overflow check (Russell O'Connor) 5660c13 prevent optimization in algorithms (Harshil Jani) ce3cfc7 doc: Describe Jacobi calculation in safegcd_implementation.md (Elliott Jin) 6be0103 Add secp256k1_fe_is_square_var function (Pieter Wuille) 1de2a01 Native jacobi symbol algorithm (Pieter Wuille) 04c6c1b Make secp256k1_modinv64_det_check_pow2 support abs val (Pieter Wuille) 5fffb2c Make secp256k1_i128_check_pow2 support -(2^n) (Pieter Wuille) e433034 ci: Shutdown wineserver whenever CI script exits (Tim Ruffing) 9a5a611 build: Suppress stupid MSVC linker warning (Tim Ruffing) 739c53b examples: Extend sig examples by call that uses static context (Tim Ruffing) 914276e build: Add SECP256K1_API_VAR to fix importing variables from DLLs (Tim Ruffing) e089eec group: Further simply gej_add_ge (Tim Ruffing) ac71020 group: Save a normalize_to_zero in gej_add_ge (Tim Ruffing) 8c7e0fc build: Add -Wreserved-identifier supported by clang (Tim Ruffing) 9b60e31 ci: Do not set git's `user.{email,name}` config options (Hennadii Stepanov) ef39721 Do not link `bench` and `ctime_tests` to `COMMON_LIB` (Hennadii Stepanov) c241586 ci: Don't fetch git history (Tim Ruffing) 0ecf318 ci: Use remote pull/merge ref instead of local git merge (Tim Ruffing) 9b7d186 Drop no longer used Autoheader macros (Hennadii Stepanov) eb6beba scalar: restrict split_lambda args, improve doc and VERIFY_CHECKs (Jonas Nick) 7f49aa7 ci: add test job with -DVERIFY (Jonas Nick) 620ba3d benchmarks: fix bench_scalar_split (Jonas Nick) e39d954 tests: Add CHECK_ILLEGAL(_VOID) macros and use in static ctx tests (Tim Ruffing) 61841fc contexts: Forbid randomizing secp256k1_context_static (Tim Ruffing) 4b6df5e contexts: Forbid cloning/destroying secp256k1_context_static (Tim Ruffing) 8f51229 ctime_tests: improve output when CHECKMEM_RUNNING is not defined (Jonas Nick) 2cd4e3c Drop no longer used `SECP_{LIBS,INCLUDE}` variables (Hennadii Stepanov) 613626f Drop no longer used `SECP_TEST_{LIBS,INCLUDE}` variables (Hennadii Stepanov) d6ff738 Ensure safety of ctz_debruijn implementation. (Russell O'Connor) ce60785 Introduce SECP256K1_B macro for curve b coefficient (Pieter Wuille) 4934aa7 Switch to exhaustive groups with small B coefficient (Pieter Wuille) e03ef86 Make all non-API functions (except main) static (Pieter Wuille) 0f088ec Rename CTIMETEST -> CTIMETESTS (Pieter Wuille) 74b026f Add runtime checking for DECLASSIFY flag (Pieter Wuille) 5e2e6fc Run ctime test in Linux MSan CI job (Pieter Wuille) 1897406 Make ctime tests building configurable (Pieter Wuille) 5048be1 Rename valgrind_ctime_test -> ctime_tests (Pieter Wuille) 6eed6c1 Update error messages to suggest msan as well (Pieter Wuille) 8e11f89 Add support for msan integration to checkmem.h (Pieter Wuille) 8dc6407 Add compile-time error to valgrind_ctime_test (Pieter Wuille) 0db05a7 Abstract interactions with valgrind behind new checkmem.h (Pieter Wuille) 4f1a54e Move valgrind CPPFLAGS into SECP_CONFIG_DEFINES (Pieter Wuille) d4a6b58 Add `noverify_tests` to `.gitignore` (Hennadii Stepanov) e862c4a Makefile: add -I$(top_srcdir)/src to CPPFLAGS for precomputed (Matt Whitlock) Pull request description: ACKs for top commit: real-or-random: tACK 0d540ec Tree-SHA512: bc54ccf752163ab6e1a12bb8c4e1f9339f4421d2e4f7716c408549514b3c902f2e9f727655799f1eecb085b0026761b04735b17be3c95c6cf54e07fbf7e86477
Configuration menu - View commit details
-
Copy full SHA for 3937cef - Browse repository at this point
Copy the full SHA 3937cefView commit details -
Configuration menu - View commit details
-
Copy full SHA for dc73359 - Browse repository at this point
Copy the full SHA dc73359View commit details -
Merge #252: Upstream PRs 1113, 1225, 1227, 1229, 1223
b40adf2 release: prepare for 0.3.0 (Jonas Nick) 8be82d4 cmake: Rename project to "libsecp256k1" (Hennadii Stepanov) 756b61d readme: Use correct build type in CMake/Windows build instructions (Tim Ruffing) 92098d8 changelog: Add entry for CMake (Tim Ruffing) e1eb337 ci: Add "x86_64: Windows (VS 2022)" task (Hennadii Stepanov) 10602b0 cmake: Export config files (Hennadii Stepanov) 5468d70 build: Add CMake-based build system (Hennadii Stepanov) Pull request description: ACKs for top commit: real-or-random: utACK dc73359 Tree-SHA512: ded76837ee78d3a99daf5e9dbdb3912a1f7efb8b9ea329535e5b5452f8bf6d02bc290dd2378b17a20e1d33b4811c1d88482bf46a57d6c414855b64cf55e38e99
Configuration menu - View commit details
-
Copy full SHA for d47e4d4 - Browse repository at this point
Copy the full SHA d47e4d4View commit details
Commits on Jul 24, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 4f8c5bd - Browse repository at this point
Copy the full SHA 4f8c5bdView commit details -
Merge commits '56582094 427bc3c 0cf2fb9 9c8c4f4 70be3ca f16a709 464a911
Configuration menu - View commit details
-
Copy full SHA for a9a5c24 - Browse repository at this point
Copy the full SHA a9a5c24View commit details -
Merge bitcoin-core/secp256k1#1382: refactor: Drop unused cast
Configuration menu - View commit details
-
Copy full SHA for 2bd5f3e - Browse repository at this point
Copy the full SHA 2bd5f3eView commit details -
Merge commits '3bab71cf 4258c54 566faa1 9ce9984 04bf3f6 5be353d 2e035af
Configuration menu - View commit details
-
Copy full SHA for 7a07f3d - Browse repository at this point
Copy the full SHA 7a07f3dView commit details
Commits on Jul 25, 2023
-
musig: ensure point_load output is normalized
This is similar to the upstream commit "Normalize ge produced from secp256k1_pubkey_load".
Configuration menu - View commit details
-
Copy full SHA for e593ed5 - Browse repository at this point
Copy the full SHA e593ed5View commit details -
Configuration menu - View commit details
-
Copy full SHA for b097a46 - Browse repository at this point
Copy the full SHA b097a46View commit details
Commits on Jul 26, 2023
-
Merge bitcoin-core/secp256k1#1383: util: remove unused checked_realloc
b097a46 util: remove unused checked_realloc (Cory Fields) Pull request description: Usage was removed in 6fe5043 . This should be a NOOP. Noticed when analyzing for zenbleed exposure: stdlib calls that aren't optimized away. In this case realloc isn't making it into the final binary, but as far as I can tell this is completely dead code and should be dropped. ACKs for top commit: jonasnick: ACK b097a46 real-or-random: ACK b097a46 Tree-SHA512: d4249215eddd4035be2b50a8bb48b8a681abdab4ab41ca53f6c2a2507edfbc9ffa39ba22eb48e7da52f978e224198294495ce64f9d571d98c19283b20b82a63a
Configuration menu - View commit details
-
Copy full SHA for 0e00fc7 - Browse repository at this point
Copy the full SHA 0e00fc7View commit details -
build: enable ellswift module via SECP_CONFIG_DEFINES
...like the other modules.
Configuration menu - View commit details
-
Copy full SHA for 78ca880 - Browse repository at this point
Copy the full SHA 78ca880View commit details
Commits on Jul 27, 2023
-
Merge bitcoin-core/secp256k1#1384: build: enable ellswift module via …
…SECP_CONFIG_DEFINES 78ca880 build: enable ellswift module via SECP_CONFIG_DEFINES (Jonas Nick) Pull request description: ...like the other modules. ACKs for top commit: sipa: utACK 78ca880 real-or-random: utACK 78ca880 Tree-SHA512: c157a1ed912b9aa1a318aa0a70859a3ac67cb22303993f08ff00ed601e6ac197380dd503d3b361cbc4e698fc6489b5283b782f570f2703809d23668f3ebe5ba6
Configuration menu - View commit details
-
Copy full SHA for c734c64 - Browse repository at this point
Copy the full SHA c734c64View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4692478 - Browse repository at this point
Copy the full SHA 4692478View commit details -
Merge bitcoin-core/secp256k1#1386: ci: print $ELLSWIFT in cirrus.sh
Configuration menu - View commit details
-
Copy full SHA for 26392da - Browse repository at this point
Copy the full SHA 26392daView commit details -
Merge commits '83186db3 e9e4526 5f7903c d373a72 09df0bf 20a5da5 908e02d
Configuration menu - View commit details
-
Copy full SHA for 74d9073 - Browse repository at this point
Copy the full SHA 74d9073View commit details -
Configuration menu - View commit details
-
Copy full SHA for b160486 - Browse repository at this point
Copy the full SHA b160486View commit details -
Configuration menu - View commit details
-
Copy full SHA for 579999b - Browse repository at this point
Copy the full SHA 579999bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 4c70cc9 - Browse repository at this point
Copy the full SHA 4c70cc9View commit details -
Configuration menu - View commit details
-
Copy full SHA for 525b661 - Browse repository at this point
Copy the full SHA 525b661View commit details -
Merge #257: Upstream PRs 1314, 1317, 1318, 1316, 1327, 1310, 1328, 13…
…33, 1330, 1334, 1337, 1341, 1339, 1350, 1349, 1338, 1129, 1347, 1336, 1295, 1354, 1355, 1356 525b661 bppp/build: Fix linkage of benchmark (Tim Ruffing) 4c70cc9 Suppress wrong/buggy warning in MSVC <19.33 (Tim Ruffing) 579999b scalar: adjust muladd2 to new int128 interface (Jonas Nick) b160486 ecdsa_adaptor: add missing include (Jonas Nick) c862a9f ci: Adjust Docker image to Debian 12 "bookworm" (Hennadii Stepanov) a178209 ci: Force DWARF v4 for Clang when Valgrind tests are expected (Hennadii Stepanov) 8a72734 Help the compiler prove that a loop is entered (Tim Ruffing) 67887ae Fix a typo in the error message (Hennadii Stepanov) 7c7467a Refer to ellswift.md in API docs (Pieter Wuille) c32ffd8 Add ellswift to CHANGELOG (Pieter Wuille) bc7c8db abi: Use dllexport for mingw builds (Cory Fields) 5b7bf2e Use `__shiftright128` intrinsic in `secp256k1_u128_rshift` on MSVC (Hennadii Stepanov) 5779137 field: Document return value of fe_sqrt() (Tim Ruffing) 90e360a Add doc/ellswift.md with ElligatorSwift explanation (Pieter Wuille) 4f09184 Add ellswift testing to CI (Pieter Wuille) 1bcea8c Add benchmarks for ellswift module (Pieter Wuille) 2d1d41a Add ctime tests for ellswift module (Pieter Wuille) df633cd Add _prefix and _bip324 ellswift_xdh hash functions (Pieter Wuille) 9695deb Add tests for ellswift module (Pieter Wuille) c47917b Add ellswift module implementing ElligatorSwift (Pieter Wuille) 79e5b2a Add functions to test if X coordinate is valid (Pieter Wuille) a597a5a Add benchmark for key generation (Pieter Wuille) e449af6 Drop no longer needed `#include "../include/secp256k1.h"` (Hennadii Stepanov) f165252 Normalize ge produced from secp256k1_pubkey_load (stratospher) 7067ee5 tests: add tests for `secp256k1_{read,write}_be64` (Sebastian Falbesoner) 740528c scalar: use newly introduced `secp256k1_{read,write}_be64` helpers (4x64 impl.) (Sebastian Falbesoner) 887183e scalar: use `secp256k1_{read,write}_be32` helpers (4x64 impl.) (Sebastian Falbesoner) 52b8423 scalar: use `secp256k1_{read,write}_be32` helpers (8x32 impl.) (Sebastian Falbesoner) f364428 docs: correct `pubkey` param descriptions for `secp256k1_keypair_{xonly_,}pub` (Sebastian Falbesoner) db29bf2 ci: Remove quirk that runs dummy command after wineserver (Tim Ruffing) c7db494 ci: Fix error D8037 in `cl.exe` (Hennadii Stepanov) 7dae115 Revert "ci: Move wine prefix to /tmp to avoid error D8037 in cl.exe" (Hennadii Stepanov) 605e07e fix input range comment for `secp256k1_fe_add_int` (Sebastian Falbesoner) ade5b36 tests: add checks for scalar constants `secp256k1_scalar_{zero,one}` (Sebastian Falbesoner) 654246c refactor: take use of `secp256k1_scalar_{zero,one}` constants (Sebastian Falbesoner) e83801f test: Warn if both `VERIFY` and `COVERAGE` are defined (Hennadii Stepanov) 1549db0 build: Level up MSVC warnings (Hennadii Stepanov) ad84603 release process: clarify change log updates (Jonas Nick) 6348bc7 release process: fix process for maintenance release (Jonas Nick) 79fa50b release process: mention targeted release schedule (Jonas Nick) 1652067 release process: add sanity checks (Jonas Nick) 27504d5 ci: Move wine prefix to /tmp to avoid error D8037 in cl.exe (Tim Ruffing) 6433175 Do not invoke fe_is_zero on failed set_b32_limit (Pieter Wuille) 5768b50 build: Enable -DVERIFY for precomputation binaries (Tim Ruffing) 31b4bbe Make fe_cmov take max of magnitudes (Pieter Wuille) 95448ef release cleanup: bump version after 0.3.2 (Pieter Wuille) Pull request description: ACKs for top commit: real-or-random: tACK 525b661 Tree-SHA512: edee04b48ebcede0ad48b165b18a7542b48d6e5d9db034154682fa89bf76ec90569f8073cff8ce57f8abb016671604bcdec58a3a0c1aade911e62dcb63d4acd1
Configuration menu - View commit details
-
Copy full SHA for 50e20fa - Browse repository at this point
Copy the full SHA 50e20faView commit details -
Merge commits '4494a369 3aef6ab 0fa84f8 249c81e 7966aee fb758fe 3fc1de5
Configuration menu - View commit details
-
Copy full SHA for 8018708 - Browse repository at this point
Copy the full SHA 8018708View commit details
Commits on Jul 28, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 9e96a2e - Browse repository at this point
Copy the full SHA 9e96a2eView commit details -
Configuration menu - View commit details
-
Copy full SHA for 54b37db - Browse repository at this point
Copy the full SHA 54b37dbView commit details -
bppp: Fix test for invalid sign byte
The test is supposed to create an invalid sign byte. Before this PR, the generated sign byte could in fact be valid due to an overflow. Co-authored-by: Jonas Nick <jonasd.nick@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 82777bb - Browse repository at this point
Copy the full SHA 82777bbView commit details
Commits on Aug 1, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 167194b - Browse repository at this point
Copy the full SHA 167194bView commit details -
scalar: Remove unused secp256k1_scalar_chacha20
Unused since a112503.
Configuration menu - View commit details
-
Copy full SHA for aa3edea - Browse repository at this point
Copy the full SHA aa3edeaView commit details -
Configuration menu - View commit details
-
Copy full SHA for 394e09e - Browse repository at this point
Copy the full SHA 394e09eView commit details -
Configuration menu - View commit details
-
Copy full SHA for 395e65e - Browse repository at this point
Copy the full SHA 395e65eView commit details