-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ellswift usage example #1551
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Concept ACK
This should hopefully be useful as orientation for users implementing the key exchange part of BIP324. Conceptually the example is not very different to the ECDH one, so a lot of code/comments are just copied (e.g. context creation, secret key generation, shared secret comparison, console output, cleanup with secret key clearing).
78fe9f4
to
31f8459
Compare
@real-or-random: Thanks for the quick review, force-pushed with all the suggestions taken. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have reviewed both build systems changes and they look OK.
@@ -10,6 +10,7 @@ ctime_tests | |||
ecdh_example | |||
ecdsa_example | |||
schnorr_example | |||
ellswift_example |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: I understand that this doesn’t adhere to the surrounding code, but, strictly speaking, it should be
ellswift_example | |
/ellswift_example |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, feel free to adjust this for the binaries, but I guess either variant is fine (we also have the pattern *.exe
, which may in rare cases a bit too coarse`...)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
utACK 31f8459
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK 31f8459
0c63b8b191 automagically regenerate if testvectors change a61335f2e5 ci: enable silentpayments module 0b6827182d tests: add BIP-352 test vectors 1858c33c55 silentpayments: add benchmark for `scan_outputs` 816796300a silentpayments: add examples/silentpayments.c c1f85840dc silentpayments: receiving 2fb3ca6efe silentpayments: recipient label support 605096d3f4 silentpayments: sending 35f91359b8 build: add skeleton for new silentpayments (BIP352) module 0055b86780 Merge bitcoin-core/secp256k1#1551: Add ellswift usage example ea2d5f0f17 Merge bitcoin-core/secp256k1#1563: doc: Add convention for defaults ca06e58b2c Merge bitcoin-core/secp256k1#1564: build, ci: Adjust the default size of the precomputed table for signing e2af491263 ci: Switch to the new default value of the precomputed table for signing d94a9273f8 build: Adjust the default size of the precomputed table for signing fcc5d7381b Merge bitcoin-core/secp256k1#1565: cmake: Bump CMake minimum required version up to 3.16 9420eece24 cmake: Bump CMake minimum required version up to 3.16 16685649d2 doc: Add convention for defaults a5269373fa Merge bitcoin-core/secp256k1#1555: Fixed O3 replacement b8fe33332b cmake: Fixed O3 replacement 31f84595c4 Add ellswift usage example fe4fbaa7f3 examples: fix case typos in secret clearing paragraphs (s/, Or/, or/) git-subtree-dir: src/secp256k1 git-subtree-split: 0c63b8b1911ef1183f411a5e232165b543c668ea
00b0cb19a9 docs: update README 54b8bc8ec6 ci: enable silentpayments module 96bd71fb8a tests: add BIP-352 test vectors c30bc013fe silentpayments: add benchmark for `scan_outputs` 91b1b3365b silentpayments: add examples/silentpayments.c b4475ea80c silentpayments: receiving 23c7aead63 silentpayments: recipient label support 79562d0cd1 silentpayments: sending 35f91359b8 build: add skeleton for new silentpayments (BIP352) module 0055b86780 Merge bitcoin-core/secp256k1#1551: Add ellswift usage example ea2d5f0f17 Merge bitcoin-core/secp256k1#1563: doc: Add convention for defaults ca06e58b2c Merge bitcoin-core/secp256k1#1564: build, ci: Adjust the default size of the precomputed table for signing e2af491263 ci: Switch to the new default value of the precomputed table for signing d94a9273f8 build: Adjust the default size of the precomputed table for signing fcc5d7381b Merge bitcoin-core/secp256k1#1565: cmake: Bump CMake minimum required version up to 3.16 9420eece24 cmake: Bump CMake minimum required version up to 3.16 16685649d2 doc: Add convention for defaults a5269373fa Merge bitcoin-core/secp256k1#1555: Fixed O3 replacement b8fe33332b cmake: Fixed O3 replacement 31f84595c4 Add ellswift usage example fe4fbaa7f3 examples: fix case typos in secret clearing paragraphs (s/, Or/, or/) git-subtree-dir: src/secp256k1 git-subtree-split: 00b0cb19a97718dfaab70aa7505ff157f22a31bd
642c885b61 Merge bitcoin-core/secp256k1#1575: release: prepare for 0.5.1 cdf08c1a2b Merge bitcoin-core/secp256k1#1576: doc: mention `needs-changelog` github label in release process 40d87b8e45 release: prepare for 0.5.1 5770226176 changelog: clarify CMake option 759bd4bbc8 doc: mention `needs-changelog` github label in release process fded437c4c Merge bitcoin-core/secp256k1#1574: Fix compilation when extrakeys module isn't enabled 763d938cf0 ci: only enable extrakeys module when schnorrsig is enabled af551ab9db tests: do not use functions from extrakeys module 0055b86780 Merge bitcoin-core/secp256k1#1551: Add ellswift usage example ea2d5f0f17 Merge bitcoin-core/secp256k1#1563: doc: Add convention for defaults ca06e58b2c Merge bitcoin-core/secp256k1#1564: build, ci: Adjust the default size of the precomputed table for signing e2af491263 ci: Switch to the new default value of the precomputed table for signing d94a9273f8 build: Adjust the default size of the precomputed table for signing fcc5d7381b Merge bitcoin-core/secp256k1#1565: cmake: Bump CMake minimum required version up to 3.16 9420eece24 cmake: Bump CMake minimum required version up to 3.16 16685649d2 doc: Add convention for defaults a5269373fa Merge bitcoin-core/secp256k1#1555: Fixed O3 replacement b8fe33332b cmake: Fixed O3 replacement 31f84595c4 Add ellswift usage example fe4fbaa7f3 examples: fix case typos in secret clearing paragraphs (s/, Or/, or/) git-subtree-dir: src/secp256k1 git-subtree-split: 642c885b6102725e25623738529895a95addc4f4
9ec776a Revert "build: pass --with-ecmult-gen-kb=86 to secp256k1" (fanquake) 41797f8 Squashed 'src/secp256k1/' changes from 4af241b320..642c885b61 (fanquake) Pull request description: Updates the libsecp256k1 subtree to bitcoin-core/secp256k1@642c885 (which is the tag for the [`v0.5.1` release](https://github.com/bitcoin-core/secp256k1/releases/tag/v0.5.1)). Includes a handful of changes: * bitcoin-core/secp256k1#1551 * bitcoin-core/secp256k1#1555 * bitcoin-core/secp256k1#1563 * bitcoin-core/secp256k1#1564 * bitcoin-core/secp256k1#1565 * bitcoin-core/secp256k1#1574 Reverts a057869 given secps default has changed (bitcoin-core/secp256k1#1563): > As a rule of thumb, the default values for configuration options should target standard desktop machines and align with Bitcoin Core's defaults, and the tests should mostly exercise the default configuration (see [#1549](bitcoin-core/secp256k1#1549 (comment))). ACKs for top commit: hebasto: ACK 9ec776a, I've reproduced the subtree update locally with the zero diff with this PR branch. Tree-SHA512: 903ca0ff12dcc32b6cd86aee84e19de09803d35a1ee006ce890f3761dd27f1e96fe70c7bb4c279416a96ee57c406c9627614900f0ca6f76674c0088a3d270cd2
3fdf146ba Merge bitcoin-core/secp256k1#1578: ci: Silent Homebrew's noisy reinstall warnings f8c1b0e0e Merge bitcoin-core/secp256k1#1577: release cleanup: bump version after 0.5.1 7057d3c9a ci: Silent Homebrew's noisy reinstall warnings c3e40d75d release cleanup: bump version after 0.5.1 642c885b6 Merge bitcoin-core/secp256k1#1575: release: prepare for 0.5.1 cdf08c1a2 Merge bitcoin-core/secp256k1#1576: doc: mention `needs-changelog` github label in release process 40d87b8e4 release: prepare for 0.5.1 577022617 changelog: clarify CMake option 759bd4bbc doc: mention `needs-changelog` github label in release process fded437c4 Merge bitcoin-core/secp256k1#1574: Fix compilation when extrakeys module isn't enabled 763d938cf ci: only enable extrakeys module when schnorrsig is enabled af551ab9d tests: do not use functions from extrakeys module 0055b8678 Merge bitcoin-core/secp256k1#1551: Add ellswift usage example ea2d5f0f1 Merge bitcoin-core/secp256k1#1563: doc: Add convention for defaults ca06e58b2 Merge bitcoin-core/secp256k1#1564: build, ci: Adjust the default size of the precomputed table for signing e2af49126 ci: Switch to the new default value of the precomputed table for signing d94a9273f build: Adjust the default size of the precomputed table for signing fcc5d7381 Merge bitcoin-core/secp256k1#1565: cmake: Bump CMake minimum required version up to 3.16 9420eece2 cmake: Bump CMake minimum required version up to 3.16 16685649d doc: Add convention for defaults 31f84595c Add ellswift usage example fe4fbaa7f examples: fix case typos in secret clearing paragraphs (s/, Or/, or/) git-subtree-dir: src/secp256k1 git-subtree-split: 3fdf146bad042a17f6b2f490ef8bd9d8e774cdbd
3fdf146ba Merge bitcoin-core/secp256k1#1578: ci: Silent Homebrew's noisy reinstall warnings f8c1b0e0e Merge bitcoin-core/secp256k1#1577: release cleanup: bump version after 0.5.1 7057d3c9a ci: Silent Homebrew's noisy reinstall warnings c3e40d75d release cleanup: bump version after 0.5.1 642c885b6 Merge bitcoin-core/secp256k1#1575: release: prepare for 0.5.1 cdf08c1a2 Merge bitcoin-core/secp256k1#1576: doc: mention `needs-changelog` github label in release process 40d87b8e4 release: prepare for 0.5.1 577022617 changelog: clarify CMake option 759bd4bbc doc: mention `needs-changelog` github label in release process fded437c4 Merge bitcoin-core/secp256k1#1574: Fix compilation when extrakeys module isn't enabled 763d938cf ci: only enable extrakeys module when schnorrsig is enabled af551ab9d tests: do not use functions from extrakeys module 0055b8678 Merge bitcoin-core/secp256k1#1551: Add ellswift usage example ea2d5f0f1 Merge bitcoin-core/secp256k1#1563: doc: Add convention for defaults ca06e58b2 Merge bitcoin-core/secp256k1#1564: build, ci: Adjust the default size of the precomputed table for signing e2af49126 ci: Switch to the new default value of the precomputed table for signing d94a9273f build: Adjust the default size of the precomputed table for signing fcc5d7381 Merge bitcoin-core/secp256k1#1565: cmake: Bump CMake minimum required version up to 3.16 9420eece2 cmake: Bump CMake minimum required version up to 3.16 16685649d doc: Add convention for defaults 31f84595c Add ellswift usage example fe4fbaa7f examples: fix case typos in secret clearing paragraphs (s/, Or/, or/) git-subtree-dir: src/secp256k1 git-subtree-split: 3fdf146bad042a17f6b2f490ef8bd9d8e774cdbd
c232486 Revert "cmake: Set `ENVIRONMENT` property for examples on Windows" (Hennadii Stepanov) 26e4a7c cmake: Set top-level target output locations (Hennadii Stepanov) Pull request description: While testing #1551, I noticed that when cross-compiling a shared library with examples for Windows, the `ctest` fails to run examples with Wine. Adjusting the `PATH` variable in https://github.com/bitcoin-core/secp256k1/blob/4af241b32099067464e015fa66daac5096206dea/examples/CMakeLists.txt#L16-L18 does not help because `WINEPATH` is expected. Another issue with the current implementation is that the examples cannot run individually on Windows. This PR resolves both issues by reverting the implementation from #1290 in favour of the reworked and improved implementation from #1233. ACKs for top commit: theuni: Concept ACK and utACK c232486. real-or-random: utACK c232486 Tree-SHA512: 479b71d15d5d5670f6f69da3da599240c345711003383ca805c821b67065c9baaf269f987792cf1029211cdbfe799aecd401e6940a471539e3929b4a90e0781d
1464f15c8 Merge bitcoin-core/secp256k1#1625: util: Remove unused (u)int64_t formatting macros 980c08df8 util: Remove unused (u)int64_t formatting macros 9b7c59cbb Merge bitcoin-core/secp256k1#1624: ci: Update macOS image 096e3e23f ci: Update macOS image 68b55209f Merge bitcoin-core/secp256k1#1619: musig: ctimetests: fix _declassify range for generated nonce points f0868a9b3 Merge bitcoin-core/secp256k1#1595: build: 45839th attempt to fix symbol visibility on Windows 1fae76f50 Merge bitcoin-core/secp256k1#1620: Remove unused scratch space from API 8be3839fb Remove unused scratch space from API 57eda3ba3 musig: ctimetests: fix _declassify range for generated nonce points e59158b6e Merge bitcoin-core/secp256k1#1553: cmake: Set top-level target output locations 18f9b967c Merge bitcoin-core/secp256k1#1616: examples: do not retry generating seckey randomness in musig 5bab8f6d3 examples: make key generation doc consistent e8908221a examples: do not retry generating seckey randomness in musig 70b6be183 extrakeys: improve doc of keypair_create (don't suggest retry) 01b589338 Merge bitcoin-core/secp256k1#1599: #1570 improve examples: remove key generation loop cd4f84f3b Improve examples/documentation: remove key generation loops a88aa9350 Merge bitcoin-core/secp256k1#1603: f can never equal -m 3660fe5e2 Merge bitcoin-core/secp256k1#1479: Add module "musig" that implements MuSig2 multi-signatures (BIP 327) 168c92011 build: allow enabling the musig module in cmake f411841a4 Add module "musig" that implements MuSig2 multi-signatures (BIP 327) 0be79660f util: add constant-time is_zero_array function c8fbdb1b9 group: add ge_to_bytes_ext and ge_from_bytes_ext ef7ff0340 f can never equal -m c232486d8 Revert "cmake: Set `ENVIRONMENT` property for examples on Windows" 26e4a7c21 cmake: Set top-level target output locations 4c57c7a5a Merge bitcoin-core/secp256k1#1554: cmake: Clean up testing code 447334cb0 include: Avoid visibility("default") on Windows 472faaa8e Merge bitcoin-core/secp256k1#1604: doc: fix typos in `secp256k1_ecdsa_{recoverable_,}signature` API description 292310fbb doc: fix typos in `secp256k1_ecdsa_{recoverable_,}signature` API description 2f2ccc469 Merge bitcoin-core/secp256k1#1600: cmake: Introduce `SECP256K1_APPEND_LDFLAGS` variable 421ed1b46 cmake: Introduce `SECP256K1_APPEND_LDFLAGS` variable 85e224dd9 group: add ge_to_bytes and ge_from_bytes 198885507 Merge bitcoin-core/secp256k1#1586: fix: remove duplicate 'the' from header file comment b30761440 Merge bitcoin-core/secp256k1#1583: ci: Bump GCC_SNAPSHOT_MAJOR to 15 fa67b6752 refactor: Use array initialization for unterminated strings 9b0f37bff fix: remove duplicate 'the' from header file comment e34b47673 ci: Bump GCC_SNAPSHOT_MAJOR to 15 3fdf146ba Merge bitcoin-core/secp256k1#1578: ci: Silent Homebrew's noisy reinstall warnings f8c1b0e0e Merge bitcoin-core/secp256k1#1577: release cleanup: bump version after 0.5.1 7057d3c9a ci: Silent Homebrew's noisy reinstall warnings c3e40d75d release cleanup: bump version after 0.5.1 642c885b6 Merge bitcoin-core/secp256k1#1575: release: prepare for 0.5.1 cdf08c1a2 Merge bitcoin-core/secp256k1#1576: doc: mention `needs-changelog` github label in release process 40d87b8e4 release: prepare for 0.5.1 577022617 changelog: clarify CMake option 759bd4bbc doc: mention `needs-changelog` github label in release process fded437c4 Merge bitcoin-core/secp256k1#1574: Fix compilation when extrakeys module isn't enabled 763d938cf ci: only enable extrakeys module when schnorrsig is enabled af551ab9d tests: do not use functions from extrakeys module 0055b8678 Merge bitcoin-core/secp256k1#1551: Add ellswift usage example ea2d5f0f1 Merge bitcoin-core/secp256k1#1563: doc: Add convention for defaults ca06e58b2 Merge bitcoin-core/secp256k1#1564: build, ci: Adjust the default size of the precomputed table for signing e2af49126 ci: Switch to the new default value of the precomputed table for signing d94a9273f build: Adjust the default size of the precomputed table for signing fcc5d7381 Merge bitcoin-core/secp256k1#1565: cmake: Bump CMake minimum required version up to 3.16 9420eece2 cmake: Bump CMake minimum required version up to 3.16 16685649d doc: Add convention for defaults a5269373f Merge bitcoin-core/secp256k1#1555: Fixed O3 replacement b8fe33332 cmake: Fixed O3 replacement 7c987ec89 cmake: Call `enable_testing()` unconditionally 6aa576515 cmake: Delete `CTest` module 31f84595c Add ellswift usage example fe4fbaa7f examples: fix case typos in secret clearing paragraphs (s/, Or/, or/) 4af241b32 Merge bitcoin-core/secp256k1#1535: build: Replace hardcoded "auto" value with default one f473c959f Merge bitcoin-core/secp256k1#1543: cmake: Do not modify build types when integrating by downstream project d403eea48 Merge bitcoin-core/secp256k1#1546: cmake: Rename `SECP256K1_LATE_CFLAGS` and switch to Bitcoin Core's approach d7ae25ce6 Merge bitcoin-core/secp256k1#1550: fix: typos in secp256k1.c 0e2fadb20 fix: typos in secp256k1.c 69b2192ad Merge bitcoin-core/secp256k1#1545: cmake: Do not set `CTEST_TEST_TARGET_ALIAS` 5dd637f3c Merge bitcoin-core/secp256k1#1548: README: mention ellswift module 7454a5373 README: mention ellswift module 4706be2cd cmake: Reimplement `SECP256K1_APPEND_CFLAGS` using Bitcoin Core approach c2764dbb9 cmake: Rename `SECP256K1_LATE_CFLAGS` to `SECP256K1_APPEND_CFLAGS` f87a3589f cmake: Do not set `CTEST_TEST_TARGET_ALIAS` 158f9e5ea cmake: Do not modify build types when integrating by downstream project 35c0fdc86 Merge bitcoin-core/secp256k1#1529: cmake: Fix cache issue when integrating by downstream project 4392f0f71 Merge bitcoin-core/secp256k1#1533: tests: refactor: tidy up util functions (#1491) bedffd53d Merge bitcoin-core/secp256k1#1488: ci: Add native macOS arm64 job 4b8d5eeac Merge bitcoin-core/secp256k1#1532: cmake: Disable eager MSan in ctime_tests f55703ba4 autotools: Delete unneeded compiler test 396e88588 autotools: Align MSan checking code with CMake's implementation abde59f52 cmake: Report more compiler details in summary 7abf979a4 cmake: Disable `ctime_tests` if build with `-fsanitize=memory` 4d9645bee cmake: Remove "AUTO" value of `SECP256K1_ECMULT_GEN_KB` option a06805ee7 cmake: Remove "AUTO" value of `SECP256K1_ECMULT_WINDOW_SIZE` option 1791f6fce Merge bitcoin-core/secp256k1#1517: autotools: Disable eager MSan in ctime_tests 26b94ee92 autotools: Remove "auto" value of `--with-ecmult-gen-kb` option 122dbaeb3 autotools: Remove "auto" value of `--with-ecmult-window` option e73f6f8fd tests: refactor: drop `secp256k1_` prefix from testrand.h functions 0ee7453a9 tests: refactor: add `testutil_` prefix to testutil.h functions 0c6bc76dc tests: refactor: move `random_` helpers from tests.c to testutil.h 0fef8479b tests: refactor: rename `random_field_element_magnitude` -> `random_fe_magnitude` 59db007f0 tests: refactor: rename `random_group_element_...` -> `random_ge_...` ebfb82ee2 ci: Add job with -fsanitize-memory-param-retval e1bef0961 configure: Move "experimental" warning to bottom 55e5d975d autotools: Disable eager MSan in ctime_tests 06bff6dec Merge bitcoin-core/secp256k1#1528: tests: call `secp256k1_ecmult_multi_var` with a non-`NULL` error callback ec4c002fa cmake: Simplify `PROJECT_IS_TOP_LEVEL` emulation cae9a7ad1 cmake: Do not set emulated PROJECT_IS_TOP_LEVEL as cache variable 4155e62fc Merge bitcoin-core/secp256k1#1526: cmake: Fix `check_arm32_assembly` when using as subproject 9554362b1 tests: call secp256k1_ecmult_multi_var with a non-NULL error callback 9f4c8cd73 cmake: Fix `check_arm32_assembly` when using as subproject 7712a5306 Merge bitcoin-core/secp256k1#1524: check-abi: explicitly provide public headers 7d0bc0870 Merge bitcoin-core/secp256k1#1525: changelog: Correct 0.5.0 release date d45d9b74b changelog: Correct 0.5.0 release date d7f6613db Merge bitcoin-core/secp256k1#1523: release cleanup: bump version after 0.5.0 2f05e2da4 release cleanup: bump version after 0.5.0 e3a885d42 Merge bitcoin-core/secp256k1#1522: release: prepare for 0.5.0 dd695563e check-abi: explicitly provide public headers c0e4ec3fe release: prepare for 0.5.0 bb528cfb0 Merge bitcoin-core/secp256k1#1518: Add secp256k1_pubkey_sort 7d2591ce1 Add secp256k1_pubkey_sort 218f0cc93 ci: Add native macOS arm64 job git-subtree-dir: src/secp256k1 git-subtree-split: 1464f15c812b00de0f3d397b3cfb67d1f91f6967
This should hopefully be useful as orientation for users implementing the shared secret derivation part of BIP324. Conceptually the example is not very different to the ECDH one, so a lot of code/comments are just copied (e.g. context creation, secret key generation, shared secret comparison, console output, cleanup with secret key clearing).