frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

extrakeys: add xonly_sort function

Browse Source
This commit is contained in:
Jonas Nick 2021-04-02 21:51:45 +00:00
parent f31affd8a6
commit 9b3d7bf536
4 changed files with 150 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
include/secp256k1_extrakeys.h
View File

@ -166,6 +166,20 @@ SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_xonly_pubkey_tweak_add_
const unsigned char *tweak32
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(5);
/** Sorts xonly public keys according to secp256k1_xonly_pubkey_cmp
*
* Returns: 0 if the arguments are invalid. 1 otherwise.
*
* Args: ctx: pointer to a context object
* In: pubkeys: array of pointers to pubkeys to sort
* n_pubkeys: number of elements in the pubkeys array
*/
SECP256K1_API int secp256k1_xonly_sort(
const secp256k1_context* ctx,
const secp256k1_xonly_pubkey **pubkeys,
size_t n_pubkeys
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2);
/** Compute the keypair for a secret key.
*
* Returns: 1: secret was valid, keypair is ready to use

6
include/secp256k1_musig.h
View File

@ -137,8 +137,14 @@ typedef struct {
} secp256k1_musig_partial_signature;
/** Computes a combined public key and the hash of the given public keys.
*
* Different orders of `pubkeys` result in different `combined_pk`s.
*
* The pubkeys can be sorted before combining with `secp256k1_xonly_sort` which
* ensures the same resulting `combined_pk` for the same multiset of pubkeys.
* This is useful to do before pubkey_combine, such that the order of pubkeys
* does not affect the combined public key.
*
* Returns: 1 if the public keys were successfully combined, 0 otherwise
* Args: ctx: pointer to a context object initialized for verification
* (cannot be NULL)

22
src/modules/extrakeys/main_impl.h
View File

@ -155,6 +155,28 @@ int secp256k1_xonly_pubkey_tweak_add_check(const secp256k1_context* ctx, const u
&& secp256k1_fe_is_odd(&pk.y) == tweaked_pk_parity;
}
/* This struct wraps a const context pointer to satisfy the secp256k1_hsort api
* which expects a non-const cmp_data pointer. */
typedef struct {
const secp256k1_context *ctx;
} secp256k1_xonly_sort_cmp_data;
static int secp256k1_xonly_sort_cmp(const void* pk1, const void* pk2, void *cmp_data) {
return secp256k1_xonly_pubkey_cmp(((secp256k1_xonly_sort_cmp_data*)cmp_data)->ctx,
*(secp256k1_xonly_pubkey **)pk1,
*(secp256k1_xonly_pubkey **)pk2);
}
int secp256k1_xonly_sort(const secp256k1_context* ctx, const secp256k1_xonly_pubkey **pubkeys, size_t n_pubkeys) {
secp256k1_xonly_sort_cmp_data cmp_data;
VERIFY_CHECK(ctx != NULL);
ARG_CHECK(pubkeys != NULL);
cmp_data.ctx = ctx;
secp256k1_hsort(pubkeys, n_pubkeys, sizeof(*pubkeys), secp256k1_xonly_sort_cmp, &cmp_data);
return 1;
}
static void secp256k1_keypair_save(secp256k1_keypair *keypair, const secp256k1_scalar *sk, secp256k1_ge *pk) {
secp256k1_scalar_get_b32(&keypair->data[0], sk);
secp256k1_pubkey_save((secp256k1_pubkey *)&keypair->data[32], pk);

108
src/modules/extrakeys/tests_impl.h
View File

@ -611,6 +611,112 @@ void test_hsort(void) {
}
#undef NUM
void test_xonly_sort_helper(secp256k1_xonly_pubkey *pk, size_t *pk_order, size_t n_pk) {
size_t i;
const secp256k1_xonly_pubkey *pk_test[5];
for (i = 0; i < n_pk; i++) {
pk_test[i] = &pk[pk_order[i]];
}
secp256k1_xonly_sort(ctx, pk_test, n_pk);
for (i = 0; i < n_pk; i++) {
CHECK(secp256k1_memcmp_var(pk_test[i], &pk[i], sizeof(*pk_test[i])) == 0);
}
}
void permute(size_t *arr, size_t n) {
size_t i;
for (i = n - 1; i >= 1; i--) {
size_t tmp, j;
j = secp256k1_testrand_int(i + 1);
tmp = arr[i];
arr[i] = arr[j];
arr[j] = tmp;
}
}
void rand_xonly_pk(secp256k1_xonly_pubkey *pk) {
unsigned char seckey[32];
secp256k1_keypair keypair;
secp256k1_testrand256(seckey);
CHECK(secp256k1_keypair_create(ctx, &keypair, seckey) == 1);
CHECK(secp256k1_keypair_xonly_pub(ctx, pk, NULL, &keypair) == 1);
}
void test_xonly_sort_api(void) {
int ecount = 0;
secp256k1_xonly_pubkey pks[2];
const secp256k1_xonly_pubkey *pks_ptr[2];
secp256k1_context *none = api_test_context(SECP256K1_CONTEXT_NONE, &ecount);
pks_ptr[0] = &pks[0];
pks_ptr[1] = &pks[1];
rand_xonly_pk(&pks[0]);
rand_xonly_pk(&pks[1]);
CHECK(secp256k1_xonly_sort(none, pks_ptr, 2) == 1);
CHECK(secp256k1_xonly_sort(none, NULL, 2) == 0);
CHECK(ecount == 1);
CHECK(secp256k1_xonly_sort(none, pks_ptr, 0) == 1);
/* Test illegal public keys */
memset(&pks[0], 0, sizeof(pks[0]));
CHECK(secp256k1_xonly_sort(none, pks_ptr, 2) == 1);
CHECK(ecount == 2);
memset(&pks[1], 0, sizeof(pks[1]));
CHECK(secp256k1_xonly_sort(none, pks_ptr, 2) == 1);
CHECK(ecount > 2);
secp256k1_context_destroy(none);
}
void test_xonly_sort(void) {
secp256k1_xonly_pubkey pk[5];
unsigned char pk_ser[5][32];
int i;
size_t pk_order[5] = { 0, 1, 2, 3, 4 };
for (i = 0; i < 5; i++) {
memset(pk_ser[i], 0, sizeof(pk_ser[i]));
}
pk_ser[0][0] = 5;
pk_ser[1][0] = 8;
pk_ser[2][0] = 0x0a;
pk_ser[3][0] = 0x0b;
pk_ser[4][0] = 0x0c;
for (i = 0; i < 5; i++) {
CHECK(secp256k1_xonly_pubkey_parse(ctx, &pk[i], pk_ser[i]));
}
permute(pk_order, 1);
test_xonly_sort_helper(pk, pk_order, 1);
permute(pk_order, 2);
test_xonly_sort_helper(pk, pk_order, 2);
permute(pk_order, 3);
test_xonly_sort_helper(pk, pk_order, 3);
for (i = 0; i < count; i++) {
permute(pk_order, 4);
test_xonly_sort_helper(pk, pk_order, 4);
}
for (i = 0; i < count; i++) {
permute(pk_order, 5);
test_xonly_sort_helper(pk, pk_order, 5);
}
/* Check that sorting also works for random pubkeys */
for (i = 0; i < count; i++) {
int j;
const secp256k1_xonly_pubkey *pk_ptr[5];
for (j = 0; j < 5; j++) {
rand_xonly_pk(&pk[j]);
pk_ptr[j] = &pk[j];
}
secp256k1_xonly_sort(ctx, pk_ptr, 5);
for (j = 1; j < 5; j++) {
CHECK(secp256k1_xonly_sort_cmp(&pk_ptr[j - 1], &pk_ptr[j], ctx) <= 0);
}
}
}
void run_extrakeys_tests(void) {
/* xonly key test cases */
test_xonly_pubkey();
@ -624,6 +730,8 @@ void run_extrakeys_tests(void) {
test_keypair_add();
test_hsort();
test_xonly_sort_api();
test_xonly_sort();
}
#endif