frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,172 Commits 14 Branches 0 Tags
Commit Graph

690 Commits

Author SHA1 Message Date
Luke Dashjr
c9d7c2a484 secp256k1_context_set_{error,illegal}_callback: Restore default handler by passing NULL as function argument 2015-09-19 19:32:52 +00:00
Luke Dashjr
9aac008038 secp256k1_context_destroy: Allow NULL argument as a no-op 2015-09-19 19:32:48 +00:00
Luke Dashjr
64b730bc3f secp256k1_context_create: Use unsigned type for flags bitfield 2015-09-19 19:32:21 +00:00
Pieter Wuille
cb04ab5e3c
Merge pull request #309 
81e45ff Update group_impl.h (GSongHashrate)
 2015-09-19 21:25:51 +02:00
Pieter Wuille
a55166950f
Merge pull request #295 
c996d53 Print success (Pieter Wuille)
 2015-09-19 21:24:31 +02:00
GSongHashrate
81e45ff9d1 Update group_impl.h 2015-09-17 22:38:21 +01:00
Pieter Wuille
dc0ce9fc41 [API BREAK] Change argument order to out/outin/in 2015-09-04 17:45:57 +02:00
Pieter Wuille
c822693eff
Merge pull request #301 
b183b41 bugfix: "ARG_CHECK(ctx != NULL)" makes no sense (Cory Fields)
 2015-09-04 16:17:20 +02:00
Pieter Wuille
6d043505b0
Merge pull request #303 
263dcbc remove unused assignment (Cory Fields)
 2015-09-04 16:15:14 +02:00
Gregory Maxwell
5fb32296af Fixes a bug where bench_sign would fail due to passing in too small a buffer. 
This was introduced by the recent API change when the signature types were split.
 2015-09-03 18:47:30 +00:00
Cory Fields
263dcbca4a remove unused assignment 2015-09-02 23:52:09 -04:00
Cory Fields
b183b41122 bugfix: "ARG_CHECK(ctx != NULL)" makes no sense 
Move all context checks to VERIFY_CHECK and be sure they come before all
ARG_CHECKs.
 2015-09-02 23:42:51 -04:00
Pieter Wuille
c996d53ab1 Print success 2015-08-28 02:29:08 +02:00
Pieter Wuille
9f443be086 Move pubkey recovery code to separate module 2015-08-28 01:51:52 +02:00
Pieter Wuille
d49abbd5a0 Separate ECDSA recovery tests 2015-08-27 22:47:24 +02:00
Pieter Wuille
439d34adc6 Separate recoverable and normal signatures 2015-08-27 22:47:24 +02:00
Pieter Wuille
2f77487012 Add context building benchmarks 2015-08-27 01:14:28 +02:00
Veres Lajos
de7e398dfa small typo fix 2015-08-10 22:05:52 +01:00
Pieter Wuille
a5a66c70b6 Add support for custom EC-Schnorr-SHA256 signatures 2015-08-03 20:08:51 +02:00
Peter Dettman
72ae443afb Improve perf. of cmov-based table lookup 2015-08-01 10:57:36 -05:00
Andrew Poelstra
92e53fc4c8 Implement endomorphism optimization for secp256k1_ecmult_const 2015-08-01 10:57:36 -05:00
Andrew Poelstra
ed35d43a0c Make secp256k1_scalar_add_bit conditional; make secp256k1_scalar_split_lambda_var constant time 
This has the effect of making `secp256k1_scalar_mul_shift_var` constant
time in both input scalars. Keep the _var name because it is NOT constant
time in the shift amount.

As used in `secp256k1_scalar_split_lambda_var`, the shift is always
the constant 272, so this function becomes constant time, and it
loses the `_var` suffix.
 2015-08-01 10:57:36 -05:00
Andrew Poelstra
91c0ce95ca Add benchmarks for ECDH and const-time multiplication 2015-08-01 10:57:36 -05:00
Andrew Poelstra
0739bbb6f0 Add ECDH module which works by hashing the output of ecmult_const 2015-08-01 10:57:33 -05:00
Andrew Poelstra
4401500060 Add constant-time multiply secp256k1_ecmult_const for ECDH 
Designed with clear separation of the wNAF conversion, precomputation
and exponentiation (since the precomp at least we will probably want
to separate in the API for users who reuse points a lot.

Future work:
  - actually separate precomp in the API
  - do multiexp rather than single exponentiation
 2015-07-31 12:39:09 -05:00
Andrew Poelstra
baa75da59d tests: add a couple tests 
- Add zero/one sanity check tests for ecmult

  - Add unit test for secp256k1_scalar_split_lambda_var

  - Typo fix in `ge_equals_ge`; was comparing b->y to itself, should
    have been comparing a->y to b->y

  - Normalize y-coordinate in `random_group_element_test`; this is
    needed to pass random group elements as the first argument to
    `ge_equals_ge`, which I will do in a future commit.
 2015-07-29 13:26:12 -05:00
Pieter Wuille
995c548771 Introduce callback functions for dealing with errors. 2015-07-26 18:08:38 +02:00
Pieter Wuille
18c329c506 Remove the internal secp256k1_ecdsa_sig_t type 2015-07-26 16:52:17 +02:00
Pieter Wuille
74a2acdb8a Add a secp256k1_ecdsa_signature_t type 2015-07-26 16:02:20 +02:00
Pieter Wuille
23cfa914d2 Introduce secp256k1_pubkey_t type 2015-07-26 15:59:07 +02:00
Pieter Wuille
3e6f1e20dc Change rfc6979 implementation to be a generic PRNG 2015-07-24 22:07:14 +02:00
Pieter Wuille
5133f78651
Merge pull request #254 
733c1e6 Add travis build to test the static context. (Thomas Daede)
fbecc38 Add ability to use a statically generated ecmult context. (Thomas Daede)
 2015-07-14 11:28:55 -04:00
Pieter Wuille
b0a60e6d33
Merge pull request #258 
e2a07c7 Fix compilation with C++ (Vinnie Falco)
 2015-07-13 21:03:47 -04:00
Thomas Daede
fbecc38a89 Add ability to use a statically generated ecmult context. 
This vastly shrinks the size of the context required for signing on devices with
memory-mapped Flash.

Tables are generated by the new gen_context tool into a header.
 2015-07-13 18:00:03 -07:00
Pieter Wuille
4fb174df08
Merge pull request #263 
99fd963 Add secp256k1_ec_pubkey_compress(), with test similar to the related decompress() function. (Thomas Kerin)
 2015-07-13 20:55:34 -04:00
Pieter Wuille
4ab8990c52
Merge pull request #270 
36b305a Verify the result of GMP modular inverse using non-GMP code (Pieter Wuille)
 2015-07-13 20:27:29 -04:00
Pieter Wuille
bdf0e0c268
Merge pull request #271 
55399c2 Further performance improvements to _ecmult_wnaf (Peter Dettman)
145cc6e Improve performance of _ecmult_wnaf (Peter Dettman)
 2015-07-13 20:25:18 -04:00
Pieter Wuille
31d0c1fd12
Merge pull request #273 
eb2c8ff Add missing casts to SECP256K1_FE_CONST_INNER (Andrew Poelstra)
 2015-07-13 19:21:12 -04:00
Andrew Poelstra
eb2c8ffedf Add missing casts to SECP256K1_FE_CONST_INNER 2015-07-13 08:19:35 -05:00
Peter Dettman
55399c23f7 Further performance improvements to _ecmult_wnaf 
- Initialize 'wnaf' to zeroes using memset
- Add new 'len' arg to speed up smaller scalars (mostly for endo=yes)
 2015-07-13 22:46:42 +10:00
Thomas Kerin
99fd963bd5
Add secp256k1_ec_pubkey_compress(), with test similar to the related decompress() function. 2015-07-13 13:09:00 +01:00
Peter Dettman
145cc6ea8f Improve performance of _ecmult_wnaf 
- Track carry explicitly instead of adding to scalar
- Branch-free code for carry calculations
 2015-07-11 13:49:04 +10:00
Pieter Wuille
36b305a82b Verify the result of GMP modular inverse using non-GMP code 2015-07-09 11:21:37 -04:00
Pieter Wuille
0cbc8600f3
Merge pull request #266 
3f3964e Add specific VERIFY tests for _fe_cmov (Peter Dettman)
a0601cd Fix VERIFY calculations in _fe_cmov methods (Peter Dettman)
 2015-07-08 17:04:38 -04:00
Peter Dettman
5a43124c69 Save 1 _fe_negate since s1 == -s2 2015-07-07 22:30:00 +10:00
Peter Dettman
a5d796e0b1 Update code comments 2015-07-07 09:16:15 +09:30
Peter Dettman
3f3964e49c Add specific VERIFY tests for _fe_cmov 2015-07-06 12:41:30 +09:30
Peter Dettman
7d054cd030 Refactor to save a _fe_negate 2015-07-04 16:38:46 +09:30
Peter Dettman
b28d02a5d5 Refactor to remove a local var 2015-07-04 16:30:56 +09:30
Peter Dettman
55e7fc32cb Perf. improvement in _gej_add_ge 
- Avoid one weak normalization
- Change one full normalization to weak
- Avoid unnecessary fe assignment
- Update magnitude annotations
 2015-07-04 16:21:35 +09:30