Make randomization of a non-signing context a noop
Before this commit secp256k1_context_randomize called illegal_callback when called on a context not initialized for signing. This is not documented. Moreover, it is not desirable because non-signing contexts may use randomization in the future. This commit makes secp256k1_context_randomize a noop in this case. This is safe because the context cannot be used for signing anyway. This fixes #573 and it fixes rust-bitcoin/rust-secp256k1#82.
This commit is contained in:
@@ -570,9 +570,9 @@ int secp256k1_ec_pubkey_tweak_mul(const secp256k1_context* ctx, secp256k1_pubkey
|
||||
|
||||
int secp256k1_context_randomize(secp256k1_context* ctx, const unsigned char *seed32) {
|
||||
VERIFY_CHECK(ctx != NULL);
|
||||
CHECK(ctx != secp256k1_context_no_precomp);
|
||||
ARG_CHECK(secp256k1_ecmult_gen_context_is_built(&ctx->ecmult_gen_ctx));
|
||||
secp256k1_ecmult_gen_blind(&ctx->ecmult_gen_ctx, seed32);
|
||||
if (secp256k1_ecmult_gen_context_is_built(&ctx->ecmult_gen_ctx)) {
|
||||
secp256k1_ecmult_gen_blind(&ctx->ecmult_gen_ctx, seed32);
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
@@ -218,8 +218,12 @@ void run_context_tests(void) {
|
||||
CHECK(ecount == 3);
|
||||
CHECK(secp256k1_ec_pubkey_tweak_mul(vrfy, &pubkey, ctmp) == 1);
|
||||
CHECK(ecount == 3);
|
||||
CHECK(secp256k1_context_randomize(vrfy, ctmp) == 0);
|
||||
CHECK(ecount == 4);
|
||||
CHECK(secp256k1_context_randomize(vrfy, ctmp) == 1);
|
||||
CHECK(ecount == 3);
|
||||
CHECK(secp256k1_context_randomize(vrfy, NULL) == 1);
|
||||
CHECK(ecount == 3);
|
||||
CHECK(secp256k1_context_randomize(sign, ctmp) == 1);
|
||||
CHECK(ecount2 == 14);
|
||||
CHECK(secp256k1_context_randomize(sign, NULL) == 1);
|
||||
CHECK(ecount2 == 14);
|
||||
secp256k1_context_set_illegal_callback(vrfy, NULL, NULL);
|
||||
|
||||
Reference in New Issue
Block a user