529 Commits

Author	SHA1	Message	Date
Gregory Maxwell	25b35c7ecb	Convert field code to strict C89 (+ long long, +__int128) ... This makes the software more portable to embedded systems and static analysis tools. Sadly, it can't result in identical binaries because C99 mixed declarations seem to make GCC emit superfluous stack-pointer updates. The compiler is also somewhat dependent on the declaration order.	2015-01-23 05:48:27 +00:00
Gregory Maxwell	3627437d80	C89 nits and dead code removal.	2015-01-23 04:17:12 +00:00
Pieter Wuille	4732d26069	Convert the field/group/ecdsa constant initialization to static consts	2015-01-22 22:44:52 -05:00
Pieter Wuille	19f3e76002	Remove unused secp256k1_fe_inner_{start, stop} functions	2015-01-22 22:44:52 -05:00
Pieter Wuille	f1ebfe399f	Convert the scalar constant initialization to static consts	2015-01-22 22:44:48 -05:00
Gregory Maxwell	941e221f66	Add tests for handling of the nonce function in signing.	2015-01-04 17:28:39 -08:00
Pieter Wuille	10c81ffb5d	Merge pull request #177 ... 7688e34 Add magnitude limits to secp256k1_fe_verify to ensure that it's own tests function correctly. (Gregory Maxwell) 70ae0d2 Use secp256k1_fe_equal_var in secp256k1_fe_sqrt_var. (Gregory Maxwell)	2015-01-04 15:24:23 +01:00
Gregory Maxwell	7688e341c5	Add magnitude limits to secp256k1_fe_verify to ensure that it's own tests function correctly.	2015-01-02 07:52:27 -08:00
Pieter Wuille	4ee4f7ac3f	Merge pull request #176 ... 9ab9335 Add a reference consistency test to ge_tests. (Pieter Wuille) 60571c6 Rework group tests (Pieter Wuille)	2015-01-02 16:28:54 +01:00
Gregory Maxwell	70ae0d2851	Use secp256k1_fe_equal_var in secp256k1_fe_sqrt_var. ... In theory this should be faster, since secp256k1_fe_equal_var is able to shortcut the normalization. On x86_64 the improvement appears to be in the noise for me. At least it makes the code cleaner.	2014-12-31 05:56:00 -08:00
Pieter Wuille	9ab93355f2	Add a reference consistency test to ge_tests. ... This adds all points used in the test together in random order, which should result in infinity. Suggested by Greg Maxwell.	2014-12-29 17:21:39 +01:00
Pieter Wuille	60571c6e45	Rework group tests	2014-12-29 15:38:17 +01:00
Gregory Maxwell	d26e26f2f4	Avoid constructing an invalid signature with probability 1:2^256.	2014-12-28 19:40:40 -08:00
Pieter Wuille	b450c34843	Merge pull request #163 ... bbd5ba7 Use rfc6979 as default nonce generation function (Pieter Wuille) b37fbc2 Implement SHA256 / HMAC-SHA256 / RFC6979. (Pieter Wuille) c6e7f4e [API BREAK] Use a nonce-generation function instead of a nonce (Pieter Wuille)	2014-12-23 14:40:47 +01:00
Peter Dettman	49ee0dbe16	Add _normalizes_to_zero_var variant	2014-12-20 14:38:29 +01:00
Peter Dettman	eed599dd72	Add _fe_normalizes_to_zero method	2014-12-20 14:38:24 +01:00
Pieter Wuille	d7174edf5f	Weak normalization for secp256k1_fe_equal	2014-12-20 14:38:20 +01:00
Pieter Wuille	0295f0a33d	weak normalization	2014-12-20 14:38:07 +01:00
Pieter Wuille	bbd5ba7cfa	Use rfc6979 as default nonce generation function	2014-12-20 14:36:13 +01:00
Pieter Wuille	b37fbc280e	Implement SHA256 / HMAC-SHA256 / RFC6979.	2014-12-20 14:36:13 +01:00
Pieter Wuille	c6e7f4e8d8	[API BREAK] Use a nonce-generation function instead of a nonce	2014-12-20 14:36:11 +01:00
Pieter Wuille	603c33bc80	Make signing fail if a too small buffer is passed. ... Bug discovered by Sergio Demian Lerner.	2014-12-18 01:28:06 +01:00
Pieter Wuille	7277fd76e2	Remove GMP field implementation	2014-12-17 12:41:31 +01:00
Pieter Wuille	13278f642c	Add explanation about how inversion can be avoided	2014-12-16 22:52:07 +01:00
Pieter Wuille	ce7eb6fb3d	Optimize verification: avoid field inverse ... Suggested by Greg Maxwell.	2014-12-16 22:38:17 +01:00
Pieter Wuille	1ba4a60a51	Configure options reorganization	2014-12-13 15:04:28 +01:00
Pieter Wuille	bccaf86caa	Merge pull request #150 ... cf7b2b4 Fix ECDSA message hashes to 32 bytes (Pieter Wuille)	2014-12-11 01:39:34 +01:00
Luke Dashjr	f22d73e757	Explicitly access %0..%2 as 64-bit so we use the right registers for x32 ABI	2014-12-09 18:57:33 +01:00
Pieter Wuille	e66d4d6d39	Avoid the stack in assembly and use explicit registers	2014-12-09 18:56:23 +01:00
Pieter Wuille	cf7b2b4647	Fix ECDSA message hashes to 32 bytes	2014-12-09 12:50:47 +01:00
Pieter Wuille	aaba2e0f4b	Merge pull request #136 ... 6558a26 Make the benchmarks print out stats (Pieter Wuille) 000bdf6 Rename bench_verify to bench_recovery (Pieter Wuille)	2014-12-09 02:40:36 +01:00
Pieter Wuille	ee1eaa792d	Merge pull request #141 ... 7c6fed2 Add a few more additional tests. (Gregory Maxwell) 8d11164 Add some additional tests. (Gregory Maxwell)	2014-12-09 01:38:01 +01:00
Pieter Wuille	6558a26770	Make the benchmarks print out stats	2014-12-09 01:27:39 +01:00
Pieter Wuille	000bdf6dc3	Rename bench_verify to bench_recovery	2014-12-09 00:12:02 +01:00
Gregory Maxwell	7c6fed2857	Add a few more additional tests.	2014-12-08 14:15:09 -08:00
Pavel Janík	e06a9244bf	Include time.h header for time().	2014-12-08 20:48:58 +01:00
Gregory Maxwell	8d11164bc0	Add some additional tests.	2014-12-08 09:13:35 -08:00
Pieter Wuille	3545627acb	Merge pull request #118 ... 3ce74b1 Tweak precomputed table size for G (Pieter Wuille)	2014-12-07 14:37:12 +01:00
Pieter Wuille	6a9901e15b	Merge pull request #137 ... 39bd94d Variable time normalize (Pieter Wuille)	2014-12-07 14:35:23 +01:00
Pieter Wuille	376b28b096	Merge pull request #128 ... b2c9681 Make {mul,sqr}_inner use the same argument order as {mul,sqr} (Pieter Wuille) 6793505 Convert YASM code into inline assembly (Pieter Wuille) f048615 Rewrite field assembly to match the C version (Pieter Wuille)	2014-12-07 14:34:20 +01:00
Pieter Wuille	17288069fb	Merge pull request #138 ... a5759c5 Check return value of malloc (Pieter Wuille) 2b9388b Remove unused secp256k1_fe_inv_all (Pieter Wuille) f461b76 Allocate precomputation arrays on the heap (Pieter Wuille)	2014-12-07 13:19:21 +01:00
Pieter Wuille	a5759c572e	Check return value of malloc	2014-12-07 02:58:24 +01:00
Pieter Wuille	39bd94d86d	Variable time normalize	2014-12-06 18:18:28 +01:00
Pieter Wuille	54b768c6da	Another redundant secp256k1_fe_normalize	2014-12-06 17:30:08 +01:00
Gregory Maxwell	1c29f2eb49	Remove redundant secp256k1_fe_normalize from secp256k1_gej_add_ge_var. ... This was a missed optimization in the extraction of gej+ge from gej+gej.	2014-12-06 05:09:57 -08:00
Pieter Wuille	2b9388b647	Remove unused secp256k1_fe_inv_all	2014-12-05 18:13:51 +01:00
Pieter Wuille	f461b76925	Allocate precomputation arrays on the heap	2014-12-05 18:13:28 +01:00
Pieter Wuille	b0210a95da	Merge pull request #135 ... ee3eb4b Fix a memory leak and add a number of small tests. (Gregory Maxwell)	2014-12-04 19:16:09 +01:00
Gregory Maxwell	ee3eb4be9e	Fix a memory leak and add a number of small tests. ... This fixes a simple copy and paste induced memory leak for the ecdsa init. The tests are mostly just improving coverage and aren't interesting.	2014-12-04 07:17:08 -08:00
Pieter Wuille	b2c9681c6f	Make {mul,sqr}_inner use the same argument order as {mul,sqr}	2014-12-04 13:54:36 +01:00