From 205d678a8d2ff6a86ca1f77bf17838bbd9c7b6e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Se=C3=B1or=20Integrale?= Date: Wed, 23 Jan 2019 17:33:50 -0800 Subject: [PATCH 1/5] wip: remove ecdh build, include ecdsa recovery header --- secpy256k1/build_secp256k1/build.py | 5 +- .../secp256k1_headers/secp256k1_recovery.h | 110 ++++++++++++++++++ 2 files changed, 112 insertions(+), 3 deletions(-) create mode 100644 secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_recovery.h diff --git a/secpy256k1/build_secp256k1/build.py b/secpy256k1/build_secp256k1/build.py index 2de89f5..67e7178 100644 --- a/secpy256k1/build_secp256k1/build.py +++ b/secpy256k1/build_secp256k1/build.py @@ -7,8 +7,8 @@ secp256k1_header = [] secp256k1_header.append( os.path.join(dir_path, 'secp256k1_headers/secp256k1_cdef.h')) -secp256k1_header.append( - os.path.join(dir_path, 'secp256k1_headers/secp256k1_ecdh_cdef.h')) +# secp256k1_header.append( +# os.path.join(dir_path, 'secp256k1_headers/secp256k1_ecdh_cdef.h')) for header in secp256k1_header: with open(header, 'rt') as h: @@ -18,7 +18,6 @@ "_secpy256k1", # This enters the namespace automatically. """ #include "secp256k1.h" - #include "secp256k1_ecdh.h" """, include_dirs=['./secp256k1/include'], # secp256k1 install loc library_dirs=['./secp256k1/.libs'], diff --git a/secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_recovery.h b/secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_recovery.h new file mode 100644 index 0000000..cf6c5ed --- /dev/null +++ b/secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_recovery.h @@ -0,0 +1,110 @@ +#ifndef SECP256K1_RECOVERY_H +#define SECP256K1_RECOVERY_H + +#include "secp256k1.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** Opaque data structured that holds a parsed ECDSA signature, + * supporting pubkey recovery. + * + * The exact representation of data inside is implementation defined and not + * guaranteed to be portable between different platforms or versions. It is + * however guaranteed to be 65 bytes in size, and can be safely copied/moved. + * If you need to convert to a format suitable for storage or transmission, use + * the secp256k1_ecdsa_signature_serialize_* and + * secp256k1_ecdsa_signature_parse_* functions. + * + * Furthermore, it is guaranteed that identical signatures (including their + * recoverability) will have identical representation, so they can be + * memcmp'ed. + */ +typedef struct { + unsigned char data[65]; +} secp256k1_ecdsa_recoverable_signature; + +/** Parse a compact ECDSA signature (64 bytes + recovery id). + * + * Returns: 1 when the signature could be parsed, 0 otherwise + * Args: ctx: a secp256k1 context object + * Out: sig: a pointer to a signature object + * In: input64: a pointer to a 64-byte compact signature + * recid: the recovery id (0, 1, 2 or 3) + */ +SECP256K1_API int secp256k1_ecdsa_recoverable_signature_parse_compact( + const secp256k1_context* ctx, + secp256k1_ecdsa_recoverable_signature* sig, + const unsigned char *input64, + int recid +) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3); + +/** Convert a recoverable signature into a normal signature. + * + * Returns: 1 + * Out: sig: a pointer to a normal signature (cannot be NULL). + * In: sigin: a pointer to a recoverable signature (cannot be NULL). + */ +SECP256K1_API int secp256k1_ecdsa_recoverable_signature_convert( + const secp256k1_context* ctx, + secp256k1_ecdsa_signature* sig, + const secp256k1_ecdsa_recoverable_signature* sigin +) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3); + +/** Serialize an ECDSA signature in compact format (64 bytes + recovery id). + * + * Returns: 1 + * Args: ctx: a secp256k1 context object + * Out: output64: a pointer to a 64-byte array of the compact signature (cannot be NULL) + * recid: a pointer to an integer to hold the recovery id (can be NULL). + * In: sig: a pointer to an initialized signature object (cannot be NULL) + */ +SECP256K1_API int secp256k1_ecdsa_recoverable_signature_serialize_compact( + const secp256k1_context* ctx, + unsigned char *output64, + int *recid, + const secp256k1_ecdsa_recoverable_signature* sig +) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4); + +/** Create a recoverable ECDSA signature. + * + * Returns: 1: signature created + * 0: the nonce generation function failed, or the private key was invalid. + * Args: ctx: pointer to a context object, initialized for signing (cannot be NULL) + * Out: sig: pointer to an array where the signature will be placed (cannot be NULL) + * In: msg32: the 32-byte message hash being signed (cannot be NULL) + * seckey: pointer to a 32-byte secret key (cannot be NULL) + * noncefp:pointer to a nonce generation function. If NULL, secp256k1_nonce_function_default is used + * ndata: pointer to arbitrary data used by the nonce generation function (can be NULL) + */ +SECP256K1_API int secp256k1_ecdsa_sign_recoverable( + const secp256k1_context* ctx, + secp256k1_ecdsa_recoverable_signature *sig, + const unsigned char *msg32, + const unsigned char *seckey, + secp256k1_nonce_function noncefp, + const void *ndata +) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4); + +/** Recover an ECDSA public key from a signature. + * + * Returns: 1: public key successfully recovered (which guarantees a correct signature). + * 0: otherwise. + * Args: ctx: pointer to a context object, initialized for verification (cannot be NULL) + * Out: pubkey: pointer to the recovered public key (cannot be NULL) + * In: sig: pointer to initialized signature that supports pubkey recovery (cannot be NULL) + * msg32: the 32-byte message hash assumed to be signed (cannot be NULL) + */ +SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ecdsa_recover( + const secp256k1_context* ctx, + secp256k1_pubkey *pubkey, + const secp256k1_ecdsa_recoverable_signature *sig, + const unsigned char *msg32 +) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4); + +#ifdef __cplusplus +} +#endif + +#endif /* SECP256K1_RECOVERY_H */ From 9173ee6a8331ee91a1970933a3dff080acc69daf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Se=C3=B1or=20Integrale?= Date: Wed, 23 Jan 2019 17:42:52 -0800 Subject: [PATCH 2/5] start removal of ecdh fx and requirement --- .../secp256k1_headers/secp256k1_recovery.h | 110 ------------------ 1 file changed, 110 deletions(-) delete mode 100644 secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_recovery.h diff --git a/secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_recovery.h b/secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_recovery.h deleted file mode 100644 index cf6c5ed..0000000 --- a/secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_recovery.h +++ /dev/null @@ -1,110 +0,0 @@ -#ifndef SECP256K1_RECOVERY_H -#define SECP256K1_RECOVERY_H - -#include "secp256k1.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/** Opaque data structured that holds a parsed ECDSA signature, - * supporting pubkey recovery. - * - * The exact representation of data inside is implementation defined and not - * guaranteed to be portable between different platforms or versions. It is - * however guaranteed to be 65 bytes in size, and can be safely copied/moved. - * If you need to convert to a format suitable for storage or transmission, use - * the secp256k1_ecdsa_signature_serialize_* and - * secp256k1_ecdsa_signature_parse_* functions. - * - * Furthermore, it is guaranteed that identical signatures (including their - * recoverability) will have identical representation, so they can be - * memcmp'ed. - */ -typedef struct { - unsigned char data[65]; -} secp256k1_ecdsa_recoverable_signature; - -/** Parse a compact ECDSA signature (64 bytes + recovery id). - * - * Returns: 1 when the signature could be parsed, 0 otherwise - * Args: ctx: a secp256k1 context object - * Out: sig: a pointer to a signature object - * In: input64: a pointer to a 64-byte compact signature - * recid: the recovery id (0, 1, 2 or 3) - */ -SECP256K1_API int secp256k1_ecdsa_recoverable_signature_parse_compact( - const secp256k1_context* ctx, - secp256k1_ecdsa_recoverable_signature* sig, - const unsigned char *input64, - int recid -) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3); - -/** Convert a recoverable signature into a normal signature. - * - * Returns: 1 - * Out: sig: a pointer to a normal signature (cannot be NULL). - * In: sigin: a pointer to a recoverable signature (cannot be NULL). - */ -SECP256K1_API int secp256k1_ecdsa_recoverable_signature_convert( - const secp256k1_context* ctx, - secp256k1_ecdsa_signature* sig, - const secp256k1_ecdsa_recoverable_signature* sigin -) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3); - -/** Serialize an ECDSA signature in compact format (64 bytes + recovery id). - * - * Returns: 1 - * Args: ctx: a secp256k1 context object - * Out: output64: a pointer to a 64-byte array of the compact signature (cannot be NULL) - * recid: a pointer to an integer to hold the recovery id (can be NULL). - * In: sig: a pointer to an initialized signature object (cannot be NULL) - */ -SECP256K1_API int secp256k1_ecdsa_recoverable_signature_serialize_compact( - const secp256k1_context* ctx, - unsigned char *output64, - int *recid, - const secp256k1_ecdsa_recoverable_signature* sig -) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4); - -/** Create a recoverable ECDSA signature. - * - * Returns: 1: signature created - * 0: the nonce generation function failed, or the private key was invalid. - * Args: ctx: pointer to a context object, initialized for signing (cannot be NULL) - * Out: sig: pointer to an array where the signature will be placed (cannot be NULL) - * In: msg32: the 32-byte message hash being signed (cannot be NULL) - * seckey: pointer to a 32-byte secret key (cannot be NULL) - * noncefp:pointer to a nonce generation function. If NULL, secp256k1_nonce_function_default is used - * ndata: pointer to arbitrary data used by the nonce generation function (can be NULL) - */ -SECP256K1_API int secp256k1_ecdsa_sign_recoverable( - const secp256k1_context* ctx, - secp256k1_ecdsa_recoverable_signature *sig, - const unsigned char *msg32, - const unsigned char *seckey, - secp256k1_nonce_function noncefp, - const void *ndata -) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4); - -/** Recover an ECDSA public key from a signature. - * - * Returns: 1: public key successfully recovered (which guarantees a correct signature). - * 0: otherwise. - * Args: ctx: pointer to a context object, initialized for verification (cannot be NULL) - * Out: pubkey: pointer to the recovered public key (cannot be NULL) - * In: sig: pointer to initialized signature that supports pubkey recovery (cannot be NULL) - * msg32: the 32-byte message hash assumed to be signed (cannot be NULL) - */ -SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ecdsa_recover( - const secp256k1_context* ctx, - secp256k1_pubkey *pubkey, - const secp256k1_ecdsa_recoverable_signature *sig, - const unsigned char *msg32 -) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4); - -#ifdef __cplusplus -} -#endif - -#endif /* SECP256K1_RECOVERY_H */ From 085cb51f2ed6fa5d90a74623580d50446a93974e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Se=C3=B1or=20Integrale?= Date: Wed, 23 Jan 2019 17:43:12 -0800 Subject: [PATCH 3/5] cont. --- .../secp256k1_headers/secp256k1_ecdh.h | 31 ------------------- .../secp256k1_headers/secp256k1_ecdh_cdef.h | 17 ---------- 2 files changed, 48 deletions(-) delete mode 100644 secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_ecdh.h delete mode 100644 secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_ecdh_cdef.h diff --git a/secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_ecdh.h b/secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_ecdh.h deleted file mode 100644 index 88492dc..0000000 --- a/secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_ecdh.h +++ /dev/null @@ -1,31 +0,0 @@ -#ifndef SECP256K1_ECDH_H -#define SECP256K1_ECDH_H - -#include "secp256k1.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/** Compute an EC Diffie-Hellman secret in constant time - * Returns: 1: exponentiation was successful - * 0: scalar was invalid (zero or overflow) - * Args: ctx: pointer to a context object (cannot be NULL) - * Out: result: a 32-byte array which will be populated by an ECDH - * secret computed from the point and scalar - * In: pubkey: a pointer to a secp256k1_pubkey containing an - * initialized public key - * privkey: a 32-byte scalar with which to multiply the point - */ -SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ecdh( - const secp256k1_context* ctx, - unsigned char *result, - const secp256k1_pubkey *pubkey, - const unsigned char *privkey -) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4); - -#ifdef __cplusplus -} -#endif - -#endif /* SECP256K1_ECDH_H */ diff --git a/secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_ecdh_cdef.h b/secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_ecdh_cdef.h deleted file mode 100644 index 72ffe92..0000000 --- a/secpy256k1/build_secp256k1/secp256k1_headers/secp256k1_ecdh_cdef.h +++ /dev/null @@ -1,17 +0,0 @@ -/** Compute an EC Diffie-Hellman secret in constant time - * Returns: 1: exponentiation was successful - * 0: scalar was invalid (zero or overflow) - * Args: ctx: pointer to a context object (cannot be NULL) - * Out: result: a 32-byte array which will be populated by an ECDH - * secret computed from the point and scalar - * In: pubkey: a pointer to a secp256k1_pubkey containing an - * initialized public key - * privkey: a 32-byte scalar with which to multiply the point - */ -int secp256k1_ecdh( - const secp256k1_context* ctx, - unsigned char *result, - const secp256k1_pubkey *pubkey, - const unsigned char *privkey); - // void *data, - // void *data); From 7065156e5c942348b7fb3e8faba4aa7f7fe17b66 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Se=C3=B1or=20Integrale?= Date: Wed, 23 Jan 2019 17:44:13 -0800 Subject: [PATCH 4/5] cont. --- secpy256k1/build_secp256k1/build.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/secpy256k1/build_secp256k1/build.py b/secpy256k1/build_secp256k1/build.py index 67e7178..b21622b 100644 --- a/secpy256k1/build_secp256k1/build.py +++ b/secpy256k1/build_secp256k1/build.py @@ -7,8 +7,7 @@ secp256k1_header = [] secp256k1_header.append( os.path.join(dir_path, 'secp256k1_headers/secp256k1_cdef.h')) -# secp256k1_header.append( -# os.path.join(dir_path, 'secp256k1_headers/secp256k1_ecdh_cdef.h')) + for header in secp256k1_header: with open(header, 'rt') as h: From a7b5a1c7c909adf5cb658ab7d76576da6d94939d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Se=C3=B1or=20Integrale?= Date: Thu, 24 Jan 2019 12:27:25 -0800 Subject: [PATCH 5/5] test sans ecdh build, edit readme --- README.md | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 4846c39..3090939 100644 --- a/README.md +++ b/README.md @@ -14,7 +14,7 @@ From [libsecp256k1](https://github.com/bitcoin-core/secp256k1.git), make sure `l ``` $ ./autogen.sh -$ ./configure --enable-module-ecdh --enable-module-recovery --enable-experimental +$ ./configure --enable-module-recovery --enable-experimental $ make $ sudo make install ``` @@ -44,7 +44,7 @@ $ cd ./secp256k1 $ git submodule init $ git submodule update $ ./autogen.sh -$ ./configure --enable-module-ecdh --enable-module-recovery --enable-experimental +$ ./configure --enable-module-recovery --enable-experimental $ make $ sudo make install ``` @@ -73,7 +73,7 @@ $ pipenv run python ./secpy256k1/examples/ex_script.py ### Functions and Context Initialzation -Barring `context_create`, the first argument to each function is a `secp256k1_context` object. The context object is initialized as `SECP256K1_CONTEXT_NONE`, `SECP256K1_CONTEXT_VERIFY`, or `SECP256K1_CONTEXT_SIGN`. +Barring `context_create`, the first argument to each function is a `secp256k1_context` object. The context object is initialized as `SECP256K1_CONTEXT_NONE`, `SECP256K1_CONTEXT_VERIFY`, or `SECP256K1_CONTEXT_SIGN`. For functions that are context agnostic, it is customary to use `SECP256K1_NONE`. These functions are: - `context_destroy` Destroy a secp256k1 context object. @@ -231,10 +231,3 @@ Tweak a private key by multiplying `tweak` it by a tweak value: ``` func_ret, priv_key_tweaked = secpy256k1.ec_privkey_tweak_mul(ctx=secp256k1_ctx, seckey=priv_key, tweak=tweak) ``` - -### EC Diffie-Hellman - -Compute an ECDH secret in constant time: -``` -func_ret, ecdh_secret = secpy256k1.ecdh(ctx=secp256k1_ctx, pubkey=secp256k1_pubkey, privkey=priv_key) -```