Commit Graph

35 Commits

Author SHA1 Message Date
Felix Lange 8a134014b4
all: add go:build lines (#23468)
Generated by go1.17 fmt ./...
2021-08-25 18:46:29 +02:00
Martin Holst Swende a750bf8686
crypto: fix build directives 2021-06-22 15:21:11 +02:00
Marius van der Wijden 0703ef62d3
crypto/secp256k1: fix undefined behavior in BitCurve.Add (#22621)
This commit changes the behavior of BitCurve.Add to be more inline
with btcd. It fixes two different bugs:

1) When adding a point at infinity to another point, the other point
   should be returned. While this is undefined behavior, it is better
   to be more inline with the go standard library.
   Thus (0,0) + (a, b) = (a,b)

2) Adding the same point to itself produced the point at infinity.
   This is incorrect, now doubleJacobian is used to correctly calculate it.
   Thus (a,b) + (a,b) == 2* (a,b) and not (0,0) anymore.

The change also adds a differential fuzzer for Add, testing it against btcd.

Co-authored-by: Felix Lange <fjl@twurst.com>
2021-05-27 13:30:25 +02:00
Felix Lange 23f1a0b783
crypto/secp256k1: enable 128-bit int code and endomorphism optimization (#21203)
* crypto/secp256k1: enable use of __int128

This speeds up scalar & field calculations a lot.

* crypto/secp256k1: enable endomorphism optimization
2020-06-24 13:51:32 +03:00
Wenbiao Zheng d1aa605f1e all: remove the duplicate 'the' in annotations (#17509) 2018-08-27 11:49:29 +03:00
Péter Szilágyi afd8b84706 crypto/secp256k1: unify the package license to 3-Clause BSD (#17225)
Our original wrapper code had two parts. One taken from a third
party repository (who took it from upstream Go) licensed under
BSD-3. The second written by Jeff, Felix and Gustav, licensed
under LGPL. This made this package problematic to use from the
outside.

With the agreement of the original copyright holders, this commit
changes the license of the LGPL portions of the code to BSD-3:

---
I agree changing from LGPL to a BSD style license.

Jeff
---
Hey guys,

My preference would be to relicense to GNUBL, but I'm also OK with BSD.

Cheers,
Gustav
---
Felix Lange (fjl):
I would approve anything that makes our licensing less complicated
---
2018-07-24 02:47:47 +02:00
Felix Lange c6069a627c
crypto, crypto/secp256k1: add CompressPubkey (#15626)
This adds the inverse to DecompressPubkey and improves a few minor
details in crypto/secp256k1.
2017-12-15 10:40:09 +01:00
Felix Lange e85b68ef53
crypto: add DecompressPubkey, VerifySignature (#15615)
We need those operations for p2p/enr.

Also upgrade github.com/btcsuite/btcd/btcec to the latest version
and improve BenchmarkSha3. The benchmark printed extra output 
that confused tools like benchstat and ignored N.
2017-12-06 16:07:08 +01:00
Felix Lange 5f7826270c all: unify big.Int zero checks, use common/math in more places (#3716)
* common/math: optimize PaddedBigBytes, use it more

name              old time/op    new time/op    delta
PaddedBigBytes-8    71.1ns ± 5%    46.1ns ± 1%  -35.15%  (p=0.000 n=20+19)

name              old alloc/op   new alloc/op   delta
PaddedBigBytes-8     48.0B ± 0%     32.0B ± 0%  -33.33%  (p=0.000 n=20+20)

* all: unify big.Int zero checks

Various checks were in use. This commit replaces them all with Int.Sign,
which is cheaper and less code.

eg templates:

    func before(x *big.Int) bool { return x.BitLen() == 0 }
    func after(x *big.Int) bool  { return x.Sign() == 0 }

    func before(x *big.Int) bool { return x.BitLen() > 0 }
    func after(x *big.Int) bool  { return x.Sign() != 0 }

    func before(x *big.Int) int { return x.Cmp(common.Big0) }
    func after(x *big.Int) int  { return x.Sign() }

* common/math, crypto/secp256k1: make ReadBits public in package math
2017-02-28 15:09:11 +01:00
Felix Lange 9b0af51386 crypto: add btcec fallback for sign/recover without cgo (#3680)
* vendor: add github.com/btcsuite/btcd/btcec

* crypto: add btcec fallback for sign/recover without cgo

This commit adds a non-cgo fallback implementation of secp256k1
operations.

* crypto, core/vm: remove wrappers for sha256, ripemd160
2017-02-18 09:24:12 +01:00
Felix Lange 96778a1c21 crypto/secp256k1: sign with deterministic K (rfc6979) (#3561) 2017-01-22 23:28:47 +01:00
Felix Lange e0ceeab0d1 crypto/secp256k1: update to github.com/bitcoin-core/secp256k1 @ 9d560f9 (#3544)
- Use defined constants instead of hard-coding their integer value.
- Allocate secp256k1 structs on the C stack instead of converting []byte
- Remove dead code
2017-01-12 21:29:11 +01:00
Péter Szilágyi 18c77744ff
all: fix spelling errors 2017-01-06 19:44:35 +02:00
Gustav Simonsson 371871d685 parmas, crypto, core, core/vm: homestead consensus protocol changes
* change gas cost for contract creating txs
* invalidate signature with s value greater than secp256k1 N / 2
* OOG contract creation if not enough gas to store code
* new difficulty adjustment algorithm
* new DELEGATECALL op code
2016-02-18 10:08:11 +01:00
Felix Lange 02356b36d6 crypto/secp256k1: remove dependency on libgmp
Turns out we actually don't need it, USE_NUM_NONE works
because we also set USE_FIELD_INV_BUILTIN.
2015-12-03 21:12:13 +01:00
Gustav Simonsson c8ad64f33c crypto, crypto/ecies, crypto/secp256k1: libsecp256k1 scalar mult
thanks to Felix Lange (fjl) for help with design & impl
2015-11-30 13:43:32 +01:00
Gustav Simonsson 27a50c8f4b core/secp256k1: update libsecp256k1 Go wrapper and tests 2015-11-30 13:24:04 +01:00
Felix Lange e344e1d490 crypto/secp256k1: drop pkgsrc paths from CFLAGS
They cause compiler warnings for people who don't have these
directories. People with pkgsrc can add the directory through CGO_CFLAGS
instead.
2015-11-17 09:53:10 +01:00
Felix Lange 5159f8f649 crypto/secp256k1: raise internal errors as recoverable Go panic 2015-11-17 09:53:10 +01:00
Felix Lange 1b29aed128 crypto/secp256k1: verify recovery ID before calling libsecp256k1
The C library treats the recovery ID as trusted input and crashes
the process for invalid values, so it needs to be verified before
calling into C. This will inhibit the crash in #1983.

Also remove VerifySignature because we don't use it.
2015-11-17 09:51:59 +01:00
Felix Lange 16b0bc7c3b crypto/secp256k1: add C compiler flags for pkgsrc
pkgsrc is a cross-platform package manager that also
supports OS X.
2015-11-03 10:33:31 +01:00
Gustav Simonsson f32fa075f1 core/secp256k1: update libsecp256k1 Go wrapper and tests 2015-10-09 14:47:55 +02:00
Fynn 7065ebd2ed FreeBSD support 2015-07-28 19:16:16 -03:00
Felix Lange bfbcfbe4a9 all: fix license headers one more time
I forgot to update one instance of "go-ethereum" in commit 3f047be5a.
2015-07-23 18:35:11 +02:00
Felix Lange 3f047be5aa all: update license headers to distiguish GPL/LGPL
All code outside of cmd/ is licensed as LGPL. The headers
now reflect this by calling the whole work "the go-ethereum library".
2015-07-22 18:51:45 +02:00
Felix Lange ea54283b30 all: update license information 2015-07-07 14:12:44 +02:00
Gustav Simonsson 9918b6c84e Remove the awesome, ever misunderstood entropy mixing 2015-05-12 17:18:30 +02:00
Maran 04e216319e Adding flags to facilitate cross compiling to ARM 2015-04-22 17:04:46 +02:00
Gustav Simonsson 941f051358 libsecp256k1 #define NDEBUG 2015-04-07 18:09:58 +02:00
obscuren 50bbdfe582 Link GMP 2015-04-07 15:20:24 +02:00
Gustav Simonsson d9b37b6da7 Update Go wrapper around libbsecp256k1 2015-04-07 12:40:31 +02:00
obscuren 238f39a42e Validate seckey when generating pub key 2015-02-15 02:20:31 +01:00
Gustav Simonsson 8c056aebe1 Set both key generation and ECDSA nonce to use mixed entropy
* Move random entropy functions to new package randentropy
* Add function to get n bytes entropy where up to first 32
  bytes are mixed with OS entropy sources
2015-02-10 22:49:28 +01:00
obscuren a008c21cf0 Fixed Sign nonce 2015-01-31 17:44:34 +01:00
obscuren 67f9783e6a Moved `obscuren` secp256k1-go 2015-01-22 00:35:00 +01:00