frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge #718: Clarify that a secp256k1_ecdh_hash_function must return 0 or 1

Browse Source 
eb45ef33842ead425137d589521dc231ee92a10d Clarify that a secp256k1_ecdh_hash_function must return 0 or 1 (Tim Ruffing)

Pull request description:

  and improve style of the ECDH docs.

ACKs for top commit:
  sipa:
    utACK eb45ef33842ead425137d589521dc231ee92a10d
  jonasnick:
    ACK eb45ef33842ead425137d589521dc231ee92a10d
  elichai:
    ACK eb45ef33842ead425137d589521dc231ee92a10d
  apoelstra:
    utACK eb45ef3384

Tree-SHA512: fa1e34fbbe2fd53b633c48c70fbd9d6eec4be1303b660ff87945d49333264ef5c28a4db9407161907697f37ca657a1ee7b50e58861689de526ad4d685dedeae6
This commit is contained in:
Tim Ruffing 2020-02-23 09:20:47 +01:00
commit 0585b8b2ee
No known key found for this signature in database
GPG Key ID: 8C461CCD293F6011
2 changed files with 18 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
include/secp256k1_ecdh.h
View File

@ -7,18 +7,21 @@
extern "C" { extern "C" {
#endif #endif
/** A pointer to a function that applies hash function to a point /** A pointer to a function that hashes an EC point to obtain an ECDH secret
* *
* Returns: 1 if a point was successfully hashed. 0 will cause ecdh to fail * Returns: 1 if the point was successfully hashed.
* Out: output: pointer to an array to be filled by the function * 0 will cause secp256k1_ecdh to fail and return 0.
* In: x: pointer to a 32-byte x coordinate * Other return values are not allowed, and the behaviour of
* y: pointer to a 32-byte y coordinate * secp256k1_ecdh is undefined for other return values.
* data: Arbitrary data pointer that is passed through * Out: output: pointer to an array to be filled by the function
* In: x32: pointer to a 32-byte x coordinate
* y32: pointer to a 32-byte y coordinate
* data: arbitrary data pointer that is passed through
*/ */
typedef int (*secp256k1_ecdh_hash_function)( typedef int (*secp256k1_ecdh_hash_function)(
unsigned char *output, unsigned char *output,
const unsigned char *x, const unsigned char *x32,
const unsigned char *y, const unsigned char *y32,
void *data void *data
); );
@ -26,13 +29,14 @@ typedef int (*secp256k1_ecdh_hash_function)(
* Populates the output parameter with 32 bytes. */ * Populates the output parameter with 32 bytes. */
SECP256K1_API extern const secp256k1_ecdh_hash_function secp256k1_ecdh_hash_function_sha256; SECP256K1_API extern const secp256k1_ecdh_hash_function secp256k1_ecdh_hash_function_sha256;
/** A default ecdh hash function (currently equal to secp256k1_ecdh_hash_function_sha256). /** A default ECDH hash function (currently equal to secp256k1_ecdh_hash_function_sha256).
* Populates the output parameter with 32 bytes. */ * Populates the output parameter with 32 bytes. */
SECP256K1_API extern const secp256k1_ecdh_hash_function secp256k1_ecdh_hash_function_default; SECP256K1_API extern const secp256k1_ecdh_hash_function secp256k1_ecdh_hash_function_default;
/** Compute an EC Diffie-Hellman secret in constant time /** Compute an EC Diffie-Hellman secret in constant time
*
* Returns: 1: exponentiation was successful * Returns: 1: exponentiation was successful
* 0: scalar was invalid (zero or overflow) * 0: scalar was invalid (zero or overflow) or hashfp returned 0
* Args: ctx: pointer to a context object (cannot be NULL) * Args: ctx: pointer to a context object (cannot be NULL)
* Out: output: pointer to an array to be filled by hashfp * Out: output: pointer to an array to be filled by hashfp
* In: pubkey: a pointer to a secp256k1_pubkey containing an * In: pubkey: a pointer to a secp256k1_pubkey containing an
@ -40,7 +44,7 @@ SECP256K1_API extern const secp256k1_ecdh_hash_function secp256k1_ecdh_hash_func
* privkey: a 32-byte scalar with which to multiply the point * privkey: a 32-byte scalar with which to multiply the point
* hashfp: pointer to a hash function. If NULL, secp256k1_ecdh_hash_function_sha256 is used * hashfp: pointer to a hash function. If NULL, secp256k1_ecdh_hash_function_sha256 is used
* (in which case, 32 bytes will be written to output) * (in which case, 32 bytes will be written to output)
* data: Arbitrary data pointer that is passed through to hashfp * data: arbitrary data pointer that is passed through to hashfp
*/ */
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ecdh( SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ecdh(
const secp256k1_context* ctx, const secp256k1_context* ctx,

6
src/modules/ecdh/main_impl.h
View File

@ -10,14 +10,14 @@
#include "include/secp256k1_ecdh.h" #include "include/secp256k1_ecdh.h"
#include "ecmult_const_impl.h" #include "ecmult_const_impl.h"
static int ecdh_hash_function_sha256(unsigned char *output, const unsigned char *x, const unsigned char *y, void *data) { static int ecdh_hash_function_sha256(unsigned char *output, const unsigned char *x32, const unsigned char *y32, void *data) {
unsigned char version = (y[31] & 0x01) | 0x02; unsigned char version = (y32[31] & 0x01) | 0x02;
secp256k1_sha256 sha; secp256k1_sha256 sha;
(void)data; (void)data;
secp256k1_sha256_initialize(&sha); secp256k1_sha256_initialize(&sha);
secp256k1_sha256_write(&sha, &version, 1); secp256k1_sha256_write(&sha, &version, 1);
secp256k1_sha256_write(&sha, x, 32); secp256k1_sha256_write(&sha, x32, 32);
secp256k1_sha256_finalize(&sha, output); secp256k1_sha256_finalize(&sha, output);
return 1; return 1;