0f05173 Fix algorithm selection in bench_ecmult (Jonas Nick)
Pull request description:
Without this commit using an unknown argument results in a segmentation fault.
Tree-SHA512: 85b8f977e62fa360ff6dc923bd86f08725c30e178d58f43d33cbd8eb69e54fa4ec76e4407624611a80554cf9961689bce6b216da735ac95b256d0d2f60fe3328
6198375 Make randomization of a non-signing context a noop (Tim Ruffing)
Pull request description:
Before this commit secp256k1_context_randomize called illegal_callback
when called on a context not initialized for signing. This is not
documented. Moreover, it is not desirable because non-signing contexts
may use randomization in the future.
This commit makes secp256k1_context_randomize a noop in this case. This
is safe because the context cannot be used for signing anyway.
This fixes#573 and it fixesrust-bitcoin/rust-secp256k1#82.
Tree-SHA512: 34ddfeb004d9da8f4a77c739fa2110544c28939378e779226da52f410a0e36b3aacb3ebd2e3f3918832a9027684c161789cfdc27a133f2f0e0f1c47e8363029c
52ab96f clean dependendies in field_*_impl.h (Russell O'Connor)
deff5ed Correct math typos in field_*.h (Russell O'Connor)
4efb3f8 Add check that restrict pointers don't alias with all parameters. (Russell O'Connor)
Pull request description:
* add more checks for restrict pointers.
* correct math typos.
* refine dependencies on "num.h"
Tree-SHA512: c368f577927db2ace3e7f46850cb2fdf9d7d169b698a9697767e1f82e9e7091f2b2fea0f7cf173048eb4c1bb56824c884fa849c04c595ee97766c01f346a54ec
9bd89c8 Optimize secp256k1_fe_normalize_weak calls. Move secp256k1_fe_normalize_weak calls out of ECMULT_TABLE_GET_GE and ECMULT_TABLE_GET_GE_STORAGE and into secp256k1_ge_globalz_set_table_gej instead. (Russell O'Connor)
Pull request description:
Move secp256k1_fe_normalize_weak calls out of ECMULT_TABLE_GET_GE and ECMULT_TABLE_GET_GE_STORAGE and into secp256k1_ge_globalz_set_table_gej instead.
Tree-SHA512: 7bbb1aca8e37a268a26d7061bd1f390db129e697792f1d5ddd10ea34927616edc26ef118b500c3e5e14d1d463196033ef64e4d34b765380325c24835458b7a9b
Before this commit secp256k1_context_randomize called illegal_callback
when called on a context not initialized for signing. This is not
documented. Moreover, it is not desirable because non-signing contexts
may use randomization in the future.
This commit makes secp256k1_context_randomize a noop in this case. This
is safe because the context cannot be used for signing anyway.
This fixes#573 and it fixesrust-bitcoin/rust-secp256k1#82.
If we’re in the last loop iteration, then `lenleft == 1` and it could
be the case that `ret == MAX_SIZE`, and so `ret + lenleft` will
overflow to 0 and the sanity check will not catch it. Then we will
return `(int) MAX_SIZE`, which should be avoided because this value is
implementation-defined. (However, this is harmless because
`(int) MAX_SIZE == -1` on all supported platforms.)
c8fbc3c [ECDH API change] Allow pass arbitrary data to hash function (Kirill Fomichev)
b00be65 [ECDH API change] Support custom hash function (Kirill Fomichev)
Pull request description:
Solve #352
Tree-SHA512: f5985874d03e976cdb3d59036af7720636ad1488da40fd3bd7881b1fb71b05036a952013d519baa84c4ce4b558bdef25c4ce76b384b297e4d0aece9e37e78a01
ec0a7b3 Don't touch leading zeros in wnaf_fixed. (Jonas Nick)
9e36d1b Fix bug in wnaf_fixed where the wnaf array is not completely zeroed when given a 0 scalar. (Jonas Nick)
96f68a0 Don't invert scalar in wnaf_fixed when it is even because a caller might intentionally give a scalar with many leading zeros. (Jonas Nick)
6dbb007 Increase sparsity of pippenger fixed window naf representation (Jonas Nick)
Pull request description:
Fixes#506
Tree-SHA512: 49a237a7d09c0c376ba4e6b1f522b9aff2517e420dfef9df810fd5ba920e0b98be8fe3f730b32e41b4aef475bc4cf3b13220024bd8d6f40c2744e6f392ff97a8
the two middle arguments to fread() are easily confused, and cause the
checking of return value to fail incorrectly (and possibly succeed
incorrectly.)
82a96e4 tests: Make sure we get the requested number of bytes from /dev/urandom (practicalswift)
Pull request description:
Make sure we get the requested number of bytes from `/dev/urandom`.
Tree-SHA512: 1b035942fd2a6ee2423fb2a2a0a0f294682c51434f86e5c106fb493d77f45aa8070662190aca6441fe389b8cdcc132d432517b8e826be2ac530a1511cd0c8919
The only reason OpenSSL 1.1 was not supported was the removal of direct
access to r and s in ECDSA_SIG. This commit adds a simplified version of
ECDSA_SIG_get0 for < 1.1 that can be used like ECDSA_SIG_get0 in >= 1.1
