frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,457 Commits 14 Branches 0 Tags
Commit Graph

1375 Commits

Author SHA1 Message Date
Pieter Wuille
f1ebfe399f Convert the scalar constant initialization to static consts 2015-01-22 22:44:48 -05:00
Gregory Maxwell
941e221f66 Add tests for handling of the nonce function in signing. 2015-01-04 17:28:39 -08:00
Pieter Wuille
10c81ffb5d
Merge pull request #177 
7688e34 Add magnitude limits to secp256k1_fe_verify to ensure that it's own tests function correctly. (Gregory Maxwell)
70ae0d2 Use secp256k1_fe_equal_var in secp256k1_fe_sqrt_var. (Gregory Maxwell)
 2015-01-04 15:24:23 +01:00
Gregory Maxwell
7688e341c5 Add magnitude limits to secp256k1_fe_verify to ensure that it's own tests function correctly. 2015-01-02 07:52:27 -08:00
Pieter Wuille
4ee4f7ac3f
Merge pull request #176 
9ab9335 Add a reference consistency test to ge_tests. (Pieter Wuille)
60571c6 Rework group tests (Pieter Wuille)
 2015-01-02 16:28:54 +01:00
Gregory Maxwell
70ae0d2851 Use secp256k1_fe_equal_var in secp256k1_fe_sqrt_var. 
In theory this should be faster, since secp256k1_fe_equal_var is able to
 shortcut the normalization.  On x86_64 the improvement appears to be in
 the noise for me.  At least it makes the code cleaner.
 2014-12-31 05:56:00 -08:00
Pieter Wuille
9ab93355f2 Add a reference consistency test to ge_tests. 
This adds all points used in the test together in random order, which
should result in infinity.

Suggested by Greg Maxwell.
 2014-12-29 17:21:39 +01:00
Pieter Wuille
60571c6e45 Rework group tests 2014-12-29 15:38:17 +01:00
Gregory Maxwell
d26e26f2f4 Avoid constructing an invalid signature with probability 1:2^256. 2014-12-28 19:40:40 -08:00
Pieter Wuille
b450c34843
Merge pull request #163 
bbd5ba7 Use rfc6979 as default nonce generation function (Pieter Wuille)
b37fbc2 Implement SHA256 / HMAC-SHA256 / RFC6979. (Pieter Wuille)
c6e7f4e [API BREAK] Use a nonce-generation function instead of a nonce (Pieter Wuille)
 2014-12-23 14:40:47 +01:00
Peter Dettman
49ee0dbe16 Add _normalizes_to_zero_var variant 2014-12-20 14:38:29 +01:00
Peter Dettman
eed599dd72 Add _fe_normalizes_to_zero method 2014-12-20 14:38:24 +01:00
Pieter Wuille
d7174edf5f Weak normalization for secp256k1_fe_equal 2014-12-20 14:38:20 +01:00
Pieter Wuille
0295f0a33d weak normalization 2014-12-20 14:38:07 +01:00
Pieter Wuille
bbd5ba7cfa Use rfc6979 as default nonce generation function 2014-12-20 14:36:13 +01:00
Pieter Wuille
b37fbc280e Implement SHA256 / HMAC-SHA256 / RFC6979. 2014-12-20 14:36:13 +01:00
Pieter Wuille
c6e7f4e8d8 [API BREAK] Use a nonce-generation function instead of a nonce 2014-12-20 14:36:11 +01:00
Pieter Wuille
603c33bc80 Make signing fail if a too small buffer is passed. 
Bug discovered by Sergio Demian Lerner.
 2014-12-18 01:28:06 +01:00
Pieter Wuille
7277fd76e2 Remove GMP field implementation 2014-12-17 12:41:31 +01:00
Pieter Wuille
13278f642c Add explanation about how inversion can be avoided 2014-12-16 22:52:07 +01:00
Pieter Wuille
ce7eb6fb3d Optimize verification: avoid field inverse 
Suggested by Greg Maxwell.
 2014-12-16 22:38:17 +01:00
Pieter Wuille
1ba4a60a51 Configure options reorganization 2014-12-13 15:04:28 +01:00
Pieter Wuille
bccaf86caa
Merge pull request #150 
cf7b2b4 Fix ECDSA message hashes to 32 bytes (Pieter Wuille)
 2014-12-11 01:39:34 +01:00
Luke Dashjr
f22d73e757 Explicitly access %0..%2 as 64-bit so we use the right registers for x32 ABI 2014-12-09 18:57:33 +01:00
Pieter Wuille
e66d4d6d39 Avoid the stack in assembly and use explicit registers 2014-12-09 18:56:23 +01:00
Pieter Wuille
cf7b2b4647 Fix ECDSA message hashes to 32 bytes 2014-12-09 12:50:47 +01:00
Pieter Wuille
aaba2e0f4b
Merge pull request #136 
6558a26 Make the benchmarks print out stats (Pieter Wuille)
000bdf6 Rename bench_verify to bench_recovery (Pieter Wuille)
 2014-12-09 02:40:36 +01:00
Pieter Wuille
ee1eaa792d
Merge pull request #141 
7c6fed2 Add a few more additional tests. (Gregory Maxwell)
8d11164 Add some additional tests. (Gregory Maxwell)
 2014-12-09 01:38:01 +01:00
Pieter Wuille
6558a26770 Make the benchmarks print out stats 2014-12-09 01:27:39 +01:00
Pieter Wuille
000bdf6dc3 Rename bench_verify to bench_recovery 2014-12-09 00:12:02 +01:00
Gregory Maxwell
7c6fed2857 Add a few more additional tests. 2014-12-08 14:15:09 -08:00
Pavel Janík
e06a9244bf Include time.h header for time(). 2014-12-08 20:48:58 +01:00
Gregory Maxwell
8d11164bc0 Add some additional tests. 2014-12-08 09:13:35 -08:00
Pieter Wuille
3545627acb
Merge pull request #118 
3ce74b1 Tweak precomputed table size for G (Pieter Wuille)
 2014-12-07 14:37:12 +01:00
Pieter Wuille
6a9901e15b
Merge pull request #137 
39bd94d Variable time normalize (Pieter Wuille)
 2014-12-07 14:35:23 +01:00
Pieter Wuille
376b28b096
Merge pull request #128 
b2c9681 Make {mul,sqr}_inner use the same argument order as {mul,sqr} (Pieter Wuille)
6793505 Convert YASM code into inline assembly (Pieter Wuille)
f048615 Rewrite field assembly to match the C version (Pieter Wuille)
 2014-12-07 14:34:20 +01:00
Pieter Wuille
17288069fb
Merge pull request #138 
a5759c5 Check return value of malloc (Pieter Wuille)
2b9388b Remove unused secp256k1_fe_inv_all (Pieter Wuille)
f461b76 Allocate precomputation arrays on the heap (Pieter Wuille)
 2014-12-07 13:19:21 +01:00
Pieter Wuille
a5759c572e Check return value of malloc 2014-12-07 02:58:24 +01:00
Pieter Wuille
39bd94d86d Variable time normalize 2014-12-06 18:18:28 +01:00
Pieter Wuille
54b768c6da Another redundant secp256k1_fe_normalize 2014-12-06 17:30:08 +01:00
Gregory Maxwell
1c29f2eb49 Remove redundant secp256k1_fe_normalize from secp256k1_gej_add_ge_var. 
This was a missed optimization in the extraction of gej+ge from gej+gej.
 2014-12-06 05:09:57 -08:00
Pieter Wuille
2b9388b647 Remove unused secp256k1_fe_inv_all 2014-12-05 18:13:51 +01:00
Pieter Wuille
f461b76925 Allocate precomputation arrays on the heap 2014-12-05 18:13:28 +01:00
Pieter Wuille
b0210a95da
Merge pull request #135 
ee3eb4b Fix a memory leak and add a number of small tests. (Gregory Maxwell)
 2014-12-04 19:16:09 +01:00
Gregory Maxwell
ee3eb4be9e Fix a memory leak and add a number of small tests. 
This fixes a simple copy and paste induced memory leak for the ecdsa init.

The tests are mostly just improving coverage and aren't interesting.
 2014-12-04 07:17:08 -08:00
Pieter Wuille
b2c9681c6f Make {mul,sqr}_inner use the same argument order as {mul,sqr} 2014-12-04 13:54:36 +01:00
Pieter Wuille
67935050e1 Convert YASM code into inline assembly 2014-12-04 13:54:01 +01:00
Pieter Wuille
f048615970 Rewrite field assembly to match the C version 2014-12-04 13:46:09 +01:00
Pieter Wuille
4d879a3a66
Merge pull request #134 
29ae131 Make scalar_add_bit test's overflow detection exact (Pieter Wuille)
 2014-12-04 12:21:06 +01:00
Pieter Wuille
d5e8362ae5
Merge pull request #127 
c35ff1e Convert lambda splitter to pure scalar code. (Pieter Wuille)
cc604e9 Avoid division when decomposing scalars (Peter Dettman)
ff8746d Add secp256k1_scalar_mul_shift_var (Pieter Wuille)
 2014-12-03 21:22:57 +01:00