This warns on certain identifiers reserved by the C standard, namely
* identifiers that begin with an underscore followed by an uppercase
letter, and
* identifiers in the global namespace that begin with an underscore.
We had used such identifiers in the past for macros in include guards,
and we should make sure that we don't reintroduce such identifiers
going forward.
Note that C reserves more identifiers for "future library directions",
e.g., identifiers that begin with "str" followed by a lowercase letter.
But even the C standards committee has decided that this is somewhat
silly and adopted a proposal [1] for C23 that removes the restriction
that programs using these identifiers have UB. Instead, these
identifiers are now "potentially reserved", which is not a normative
restriction but simply an informative warning that the identifiers
may become fully reserved in the future.
[1] https://www.open-std.org/jtc1/sc22/WG14/www/docs/n2625.pdf
This change eases the use of alternate build systems by moving
the variables in `src/libsecp256k1-config.h` to compiler macros
for each invocation, preventing duplication of these variables
for each build system.
Co-authored-by: Ali Sherief <ali@notatether.com>
There are plenty of unreleased variants of libsecp256k1 version 0.1.0
(libsecp256k1.so.0.0.0) in the wild. We choose a new version number to allow a
clear distinction.
There are variants of 0.1.0 that are incompatible with the initial release,
hence we increase the minor version to arrive at version number 0.2.0. For the
same reason, we increase the LIB_VERSION_CURRENT and keep AGE at 0.
The changelog for 0.2.0 consists of the relevant changes since 2021-12-25, which
is the date when the initial release process PR was merged (and the library
version was set to a pre-release, see 423b6d19d373f1224fd671a982584d7e7900bc93).
This is somewhat arbitrary but at least points readers to relevant changes.
41e8704b484652cf5bbb2b7ecc27feedc3cf0ae1 build: Enable some modules by default (Tim Ruffing)
Pull request description:
This has been discussed in https://github.com/bitcoin-core/secp256k1/issues/817#issuecomment-693198323 and I agree with the arguments brought up there.
Alternatively, we could not enable them and add a discussion to the readme why we discourage people from using the modules. I believe enabling ECDH is not very controversial. But what about recovery? Do we want to leave it off and instead give a reason?
ACKs for top commit:
sipa:
ACK 41e8704b484652cf5bbb2b7ecc27feedc3cf0ae1
jonasnick:
ACK 41e8704b484652cf5bbb2b7ecc27feedc3cf0ae1
Tree-SHA512: 1dd21037043f2b2c94a92cd2f31e69b505ba5b43119897bc0934966d9ccd84fc4fc20e7509af634f1c3a096710db1a2253090f5f1f107b9d258945a5546e9ba4
We don't enable the ECDSA recovery module, because we don't recommend
ECDSA recovery for new protocols. In particular, the recovery API is
prone to misuse: It invites the caller to forget to check the public
key (and the verification function always returns 1).
In general, we also don't recommend ordinary ECDSA for new protocols.
But disabling the ECDSA functions is not possible because they're not
in a module, and let's be honest: disabling ECDSA would mean to ignore
reality blatantly.
We had removed `PKG_PROG_PKG_CONFIG` in 21b2ebaf74222017f85123deb6f30a33c7678513
(#1090). But then then the not rebased (!) merge of 2be6ba0fedd0d2d62ba6f346d7ced7abde0d66e4
(#1084) brought that macro back at another location, without git
complaining about a conflict.
Fixes#1127.
49e2acd927ce9eb806cc10f3a1fd89a9ddd081e2 configure: Improve rationale for WERROR_CFLAGS (Tim Ruffing)
8dc4b03341c85a3be91e559d05771c51e60b0eba ci: Add a C++ job that compiles the public headers without -fpermissive (Tim Ruffing)
51f296a46c0b318b8dd572ef9ac3bb3a4140ae63 ci: Run persistent wineserver to speed up wine (Tim Ruffing)
3fb3269c22c25de3b720ad139dcf4e3cff9eda1a ci: Add 32-bit MinGW64 build (Tim Ruffing)
9efc2e5221560d19dd750e0ba32c03d4ee091227 ci: Add MSVC builds (Tim Ruffing)
2be6ba0fedd0d2d62ba6f346d7ced7abde0d66e4 configure: Convince autotools to work with MSVC's archiver lib.exe (Tim Ruffing)
bd81f4140a4228b1df3a9f631e2d207a197ae614 schnorrsig bench: Suppress a stupid warning in MSVC (Tim Ruffing)
09f3d71c51a9621653d766e2fe7e657534e57bd6 configure: Add a few CFLAGS for MSVC (Tim Ruffing)
3b4f3d0d46dd278fbe4ffa68b1b6e14e3ea3b17f build: Reject C++ compilers in the preprocessor (Tim Ruffing)
1cc09414149d0c0c6a4a500d83efc3bd66f3ebcd configure: Don't abort if the compiler does not define __STDC__ (Tim Ruffing)
cca8cbbac84624fd350efc4086af25a06dcf8090 configure: Output message when checking for valgrind (Tim Ruffing)
1a6be5745fcf9f90e4218b73712b71ea06361792 bench: Make benchmarks compile on MSVC (Tim Ruffing)
Pull request description:
ACKs for top commit:
jonasnick:
ACK 49e2acd927ce9eb806cc10f3a1fd89a9ddd081e2
Tree-SHA512: 986c498fb218231fff3519167d34a92e11dea6a4383788a9723be105c20578cd483c6b06ba5686c6669e3a02cfeebc29b8e5f1428552ebf4ec67fa7a86957548
645d9c53c4d9095342cf770c98e3d367f670ae46 examples: let musig use random.h instead of /dev/urandom (Jonas Nick)
eccba5b4e5eb70710f4d34ae89e62abfab542f7c examples: relicense musig example to CC0 public domain (Jonas Nick)
7c5af740fab0d36a54c9e36872a87de2727c49f1 ci: fix missing EXPERIMENTAL flags (Jonas Nick)
03bea1e173d84b33ca81bba4c06b876e160dbe65 configure: add -zkp modules to dev-mode and remove redundant code (Jonas Nick)
2adb741c45ecc4ef7180009c42f961e4aee4bf5c examples: rename example_musig to musig_example for consistency (Jonas Nick)
37d36927dff793e61df6d6f6a6c50e8fa2519e33 tests: Add tests for _read_be32 and _write_be32 (Tim Ruffing)
616b43dd3b6949923f0752cd60382153cfd5dda9 util: Remove endianness detection (Tim Ruffing)
8d89b9e6e562000cdb91a70a85fae5e4817cec8a hash: Make code agnostic of endianness (Tim Ruffing)
55512d30b7921bc46247a78be1da98108f243c1c doc: clean up module help text in configure.ac (Elliott Jin)
d9d94a9969785abbb3e04b2b9f75f1049c7b8936 doc: mention optional modules in README (Elliott Jin)
7f09d0f311117289719b690f91f6a907c2c6f3e2 README: mention that ARM assembly is experimental (Jonas Nick)
80cf4eea5fa0162350614c08f2252a07f9d7804b build: stop treating schnorrsig, extrakeys modules as experimental (Jonas Nick)
b8f8b99f0fb3a5cd4c6fb1c9c8dfed881839e19e docs: Fix return value for functions that don't have invalid inputs (Tim Ruffing)
f813bb0df3153dc055e0e76101ed9e4607155870 schnorrsig: Adapt example to new API (Tim Ruffing)
99e6568fc6ea2768f5355eb4617283086f756931 schnorrsig: Rename schnorrsig_sign to schnorsig_sign32 and deprecate (Tim Ruffing)
fc94a2da4457325c4be539838ceed21b31c60fbd Use SECP256K1_DEPRECATED for existing deprecated API functions (Tim Ruffing)
3db0560606acb285cc7ef11662ce166ed67e9015 Add SECP256K1_DEPRECATED attribute for marking API parts as deprecated (Tim Ruffing)
f8d9174357391ab4bf65a2f4d9d9cfb8039dc592 Add SHA256 bit counter tests (Tim Ruffing)
9b514ce1d25f1944c549ead30cc84367d616e0e6 Add test vector for very long SHA256 messages (Tim Ruffing)
8e3dde113741615fcb1aedcacfc54bd3b3d204f1 Simplify struct initializer for SHA256 padding (Tim Ruffing)
eb28464a8bf8652a2b49d2ed765801d7c0aa195d Change SHA256 byte counter from size_t to uint64_t (Tim Ruffing)
21b2ebaf74222017f85123deb6f30a33c7678513 configure: Remove redundant pkg-config code (Tim Ruffing)
0d253d52e804a5affb0f1c851ec250071e7345d9 configure: Use modern way to set AR (Tim Ruffing)
e0838d663deba5a9663a0ad02bd7e4c563325c4d configure: Add hidden --enable-dev-mode to enable all the stuff (Tim Ruffing)
fabd579dfa85711e96e4012d20352b8ee8f2a9d1 configure: Remove redundant code that sets _enable variables (Tim Ruffing)
0d4226c051415d12384586ae938499975a248cab configure: Use canonical variable prefix _enable consistently (Tim Ruffing)
7c9502cece9c9e8d811333f7ab5bb22f4eb01c04 Add a copy of the CC0 license to the examples (Elichai Turkel)
42e03432e6be7f0bf18c7f86130d3930bdf4038d Add usage examples to the readme (Elichai Turkel)
517644eab14ef397e1f0bc2b45f2dff8b1a473ec Optionally compile the examples in autotools, compile+run in travis (Elichai Turkel)
422a7cc86ae86496794c5014028ee249bbe0e072 Add a ecdh shared secret example (Elichai Turkel)
b0cfbcc14347ff6b04ff62a0d935638840a37971 Add a Schnorr signing and verifying example (Elichai Turkel)
fee7d4bf9e4ea316ea4ff3151bbe52bec1f0745c Add an ECDSA signing and verifying example (Elichai Turkel)
e848c3799c4f31367c3ed98d17e3b7de504d4c6e Update sage files for new formulae (Peter Dettman)
d64bb5d4f3fbd48b570d847c9389b9cf8f3d9abc Add fe_half tests for worst-case inputs (Peter Dettman)
4eb8b932ff8e64f8de3ae8ecfebeab1e84ca420e Further improve doubling formula using fe_half (Peter Dettman)
557b31fac36529948709d4bfcc00ad3acb7e83b9 Doubling formula using fe_half (Pieter Wuille)
2cbb4b1a424d9dee12a4e11f0479410b7e4cc930 Run more iterations of run_field_misc (Pieter Wuille)
9cc5c257eddc2d7614985be60bee29cf2bec65fb Add test for secp256k1_fe_half (Pieter Wuille)
925f78d55e112cd00f1e2867886bdc751a5d6606 Add _fe_half and use in _gej_add_ge (Peter Dettman)
3531a43b5bc739838f5634afcfd02bdbef71b1ef ecdh: Make generator_basepoint test depend on global iteration count (Tim Ruffing)
c881dd49bdb865d9e455d504b90aebf77e807e85 ecdh: Add test computing shared_secret=basepoint with random inputs (Tim Ruffing)
e51ad3b737a2f12605d346cf9c0e7eaabf6a39ec ci: Retry `brew update` a few times to avoid random failures (Tim Ruffing)
b1cb969e8ab9ad86fec3ce30cb732f4c42e015e0 ci: Revert "Attempt to make macOS builds more reliable" (Tim Ruffing)
e0db3f8a25c20a247a0b49ca00dd6c973b6a16e0 build: Replace use of deprecated autoconf macro AC_PROG_CC_C89 (laanwj)
d9396a56da13df97827e193f636a7593fb4d7864 ci: Attempt to make macOS builds more reliable (Tim Ruffing)
ebb1beea7832207e5c8c5112d250fd216259ef41 sage: Ensure that constraints are always fastfracs (Tim Ruffing)
d8d54859ed138a8ed9a8486d847155211c9f4a7d ci: Run sage prover on CI (Tim Ruffing)
77cfa98dbc40f9494048447b8a302867235300da sage: Normalize sign of polynomial factors in prover (Tim Ruffing)
eae75869cfbbbcb69d881bc5d313bd94c6155655 sage: Exit with non-zero status in case of failures (Tim Ruffing)
b54d843eac905993eba2314a89a2d7f155445eaa sage: Fix printing of errors (Tim Ruffing)
e108d0039c36483dffe4be00815c1b6d65ef5751 sage: Fix incompatibility with sage 9.4 (Tim Ruffing)
b797a500ec194948eecbea8bd80f6b7d455f7ca2 Create a SECP256K1_ECMULT_TABLE_VERIFY macro. (Russell O'Connor)
a731200cc30fcf019af08a41f7b6f329a08eaa0c Replace ECMULT_TABLE_GET_GE_STORAGE macro with a function. (Russell O'Connor)
fe34d9f3419d090e94b0c0897895c5b2b9fdc244 Eliminate input_pos state field from ecmult_strauss_wnaf. (Russell O'Connor)
0397d00ba0401bf5be7c4312d84d17fc789a6566 Eliminate na_1 and na_lam state fields from ecmult_strauss_wnaf. (Russell O'Connor)
7ba3ffcca0ae054cf0a1d6407c2dcf7445a46935 Remove the unused pre_a_lam allocations. (Russell O'Connor)
b3b57ad6eedac86bda40f062daee7d5f4241d25c Eliminate the pre_a_lam array from ecmult_strauss_wnaf. (Russell O'Connor)
ae7ba0f922b4c1439888b8488b307cd0f0e8ec59 Remove the unused prej allocations. (Russell O'Connor)
e5c18892db69b5db44d282225ab4fea788af8035 Eliminate the prej array from ecmult_strauss_wnaf. (Russell O'Connor)
c9da1baad125e830901f0ed6ad65eb4f9ccb81f4 Move secp256k1_fe_one to field.h (Russell O'Connor)
070e772211b3fcd297577b90b56bbf7a5cfbd0a3 Faster fixed-input ecmult tests (Pieter Wuille)
45f37b650635e46865104f37baed26ef8d2cfb97 Modulo-reduce msg32 inside RFC6979 nonce fn to match spec. Fixes#1063. (Paul Miller)
Pull request description:
[bitcoin-core/secp256k1#1064]: Modulo-reduce msg32 inside RFC6979 nonce fn to match spec. Fixes#1063
[bitcoin-core/secp256k1#1049]: Faster fixed-input ecmult tests
[bitcoin-core/secp256k1#899]: Reduce stratch space needed by ecmult_strauss_wnaf.
[bitcoin-core/secp256k1#1068]: sage: Fix incompatibility with sage 9.4
[bitcoin-core/secp256k1#1072]: ci: Attempt to make macOS builds more reliable
[bitcoin-core/secp256k1#1069]: build: Replace use of deprecated autoconf macro AC_PROG_CC_C89
[bitcoin-core/secp256k1#1074]: ci: Retry brew update a few times to avoid random failures
[bitcoin-core/secp256k1#1026]: ecdh: Add test computing shared_secret=basepoint with random inputs
[bitcoin-core/secp256k1#1033]: Add _fe_half and use in _gej_add_ge and _gej_double
[bitcoin-core/secp256k1#748]: Add usage examples
[bitcoin-core/secp256k1#1079]: configure: Add hidden --enable-dev-mode to enable all the stuff
[bitcoin-core/secp256k1#1088]: configure: Use modern way to set AR
[bitcoin-core/secp256k1#1090]: configure: Remove redundant pkg-config code
[bitcoin-core/secp256k1#731]: Change SHA256 byte counter from size_t to uint64_t
[bitcoin-core/secp256k1#1089]: Schnorrsig API improvements
[bitcoin-core/secp256k1#995]: build: stop treating schnorrsig, extrakeys modules as experimental
[bitcoin-core/secp256k1#1094]: doc: Clarify configure flags for optional modules
[bitcoin-core/secp256k1#1093]: hash: Make code agnostic of endianness
This PR can be recreated with `./sync-upstream.sh range 8746600eec5e7fcd35dabd480839a3a4bdfee87b`.
ACKs for top commit:
real-or-random:
ACK 645d9c53c4d9095342cf770c98e3d367f670ae46 I rederived the tree, and tested it with MSVC, including the musig example
Tree-SHA512: 3b771630806ed8481053958c21820dce6e869371833cd18a5c430a2768bda8064ad2bb247afbe38e3fa37320a8b1dbbe65ad68c8963efb995d96aa29ae574884
7f09d0f311117289719b690f91f6a907c2c6f3e2 README: mention that ARM assembly is experimental (Jonas Nick)
80cf4eea5fa0162350614c08f2252a07f9d7804b build: stop treating schnorrsig, extrakeys modules as experimental (Jonas Nick)
Pull request description:
Fixes#992
ACKs for top commit:
real-or-random:
ACK 7f09d0f311117289719b690f91f6a907c2c6f3e2
fanquake:
ACK 7f09d0f311117289719b690f91f6a907c2c6f3e2 - When this is in, I think we'll do a subtree update in Core, and prune some build cruft on our side.
Tree-SHA512: 13deb82dcca88bacb2cd5c1c589a8d4af2277c4d675262337ae4d7e93eb41d43825dda4945ca1c202c36aaa2e6fd42de9c6d711fe8d71bce578368281db698b2
This removes a check for $ac_cv_prog_cc_c89 which is set by AC_PROG_CC
if defined(__STDC__) in the preprocessor. (Standard compliant compilers
are supposed to define __STDC__ to 1 but the value is actually not
checked here.)
Unfortunately, MSVC doesn't define it, so configure fails for MSVC.
This check is not very useful in practice. Over 30 years after C89 has
been released, there are no C compilers out there that are not
sufficiently compliant with C89 for the project. The only practically
relevant case was that the check rejected C++ compilers. A different
method to reject C++ compilers will be introduced in a later commit.
This removes code that detects the pkg-config tool. We used this
back in the days when we had dependencies. ;) It can always be brought
back if we'll need it in the future.
Note that we still deliver a .pc file for this library, and there is
code in Makefile.am to install it. But this does not require the
pkg-config tool; only consumers of the .pc file will need it. This can
be verified by running `make install` (maybe after `mkdir /tmp/pre` and
`./configure --prefix=/tmp/pre` and checking that the .pc file is
installed correctly.
This uses AM_PROG_AR to discover ar, which is the recommended way to do
so. Among other advantages, it honors the AR environment variable (as
set from the outside). The macro has been around since automake 1.11.2
(Dec 2011).
This commit also removes code that discovers ranlib and strip. ranlib
has been obsolete for decades (ar does its task now automatically), and
anyway LT_INIT takes care of discovering it. The code we used to set
STRIP was last mentioned in the automake 1.5 manual. Since automake 1.6
(Mar 2002), strip is discovered automatically when necessary (look for
the *private* macro AM_PROG_INSTALL_STRIP in the automake manual).
