From ae9e648526ceaf7cd97ba4dfe3c105db8e226c35 Mon Sep 17 00:00:00 2001 From: Gregory Maxwell Date: Sat, 1 May 2021 17:08:52 +0000 Subject: [PATCH] Define SECP256K1_BUILD in secp256k1.c directly. This avoids building without it and makes it safer to use a custom building environment. Test harnesses need to #include secp256k1.c first now. --- Makefile.am | 12 ++++++------ include/secp256k1.h | 11 +++++++++++ src/bench_ecmult.c | 4 ++-- src/bench_internal.c | 4 ++-- src/secp256k1.c | 6 ++++++ src/tests_exhaustive.c | 2 +- 6 files changed, 28 insertions(+), 11 deletions(-) diff --git a/Makefile.am b/Makefile.am index 58c9635..053e435 100644 --- a/Makefile.am +++ b/Makefile.am @@ -68,7 +68,7 @@ endif endif libsecp256k1_la_SOURCES = src/secp256k1.c -libsecp256k1_la_CPPFLAGS = -DSECP256K1_BUILD -I$(top_srcdir)/include -I$(top_srcdir)/src $(SECP_INCLUDES) +libsecp256k1_la_CPPFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/src $(SECP_INCLUDES) libsecp256k1_la_LIBADD = $(SECP_LIBS) $(COMMON_LIB) if VALGRIND_ENABLED @@ -81,22 +81,22 @@ noinst_PROGRAMS += bench_verify bench_sign bench_internal bench_ecmult bench_verify_SOURCES = src/bench_verify.c bench_verify_LDADD = libsecp256k1.la $(SECP_LIBS) $(SECP_TEST_LIBS) $(COMMON_LIB) # SECP_TEST_INCLUDES are only used here for CRYPTO_CPPFLAGS -bench_verify_CPPFLAGS = -DSECP256K1_BUILD $(SECP_TEST_INCLUDES) +bench_verify_CPPFLAGS = $(SECP_TEST_INCLUDES) bench_sign_SOURCES = src/bench_sign.c bench_sign_LDADD = libsecp256k1.la $(SECP_LIBS) $(SECP_TEST_LIBS) $(COMMON_LIB) bench_internal_SOURCES = src/bench_internal.c bench_internal_LDADD = $(SECP_LIBS) $(COMMON_LIB) -bench_internal_CPPFLAGS = -DSECP256K1_BUILD $(SECP_INCLUDES) +bench_internal_CPPFLAGS = $(SECP_INCLUDES) bench_ecmult_SOURCES = src/bench_ecmult.c bench_ecmult_LDADD = $(SECP_LIBS) $(COMMON_LIB) -bench_ecmult_CPPFLAGS = -DSECP256K1_BUILD $(SECP_INCLUDES) +bench_ecmult_CPPFLAGS = $(SECP_INCLUDES) endif TESTS = if USE_TESTS noinst_PROGRAMS += tests tests_SOURCES = src/tests.c -tests_CPPFLAGS = -DSECP256K1_BUILD -I$(top_srcdir)/src -I$(top_srcdir)/include $(SECP_INCLUDES) $(SECP_TEST_INCLUDES) +tests_CPPFLAGS = -I$(top_srcdir)/src -I$(top_srcdir)/include $(SECP_INCLUDES) $(SECP_TEST_INCLUDES) if VALGRIND_ENABLED tests_CPPFLAGS += -DVALGRIND noinst_PROGRAMS += valgrind_ctime_test @@ -114,7 +114,7 @@ endif if USE_EXHAUSTIVE_TESTS noinst_PROGRAMS += exhaustive_tests exhaustive_tests_SOURCES = src/tests_exhaustive.c -exhaustive_tests_CPPFLAGS = -DSECP256K1_BUILD -I$(top_srcdir)/src $(SECP_INCLUDES) +exhaustive_tests_CPPFLAGS = -I$(top_srcdir)/src $(SECP_INCLUDES) if !ENABLE_COVERAGE exhaustive_tests_CPPFLAGS += -DVERIFY endif diff --git a/include/secp256k1.h b/include/secp256k1.h index d368488..b616fc1 100644 --- a/include/secp256k1.h +++ b/include/secp256k1.h @@ -127,6 +127,17 @@ typedef int (*secp256k1_nonce_function)( # define SECP256K1_INLINE inline # endif +/** When this header is used at build-time the SECP256K1_BUILD define needs to be set + * to correctly setup export attributes and nullness checks. This is normally done + * by secp256k1.c but to guard against this header being included before secp256k1.c + * has had a chance to set the define (e.g. via test harnesses that just includes + * secp256k1.c) we set SECP256K1_NO_BUILD when this header is processed without the + * BUILD define so this condition can be caught. + */ +#ifndef SECP256K1_BUILD +# define SECP256K1_NO_BUILD +#endif + #ifndef SECP256K1_API # if defined(_WIN32) # ifdef SECP256K1_BUILD diff --git a/src/bench_ecmult.c b/src/bench_ecmult.c index 204e85a..a536ab2 100644 --- a/src/bench_ecmult.c +++ b/src/bench_ecmult.c @@ -5,8 +5,9 @@ ***********************************************************************/ #include -#include "include/secp256k1.h" +#include "secp256k1.c" +#include "include/secp256k1.h" #include "util.h" #include "hash_impl.h" #include "field_impl.h" @@ -14,7 +15,6 @@ #include "scalar_impl.h" #include "ecmult_impl.h" #include "bench.h" -#include "secp256k1.c" #define POINTS 32768 diff --git a/src/bench_internal.c b/src/bench_internal.c index 73b8a24..dfe99cf 100644 --- a/src/bench_internal.c +++ b/src/bench_internal.c @@ -5,8 +5,9 @@ ***********************************************************************/ #include -#include "include/secp256k1.h" +#include "secp256k1.c" +#include "include/secp256k1.h" #include "assumptions.h" #include "util.h" #include "hash_impl.h" @@ -16,7 +17,6 @@ #include "ecmult_const_impl.h" #include "ecmult_impl.h" #include "bench.h" -#include "secp256k1.c" typedef struct { secp256k1_scalar scalar[2]; diff --git a/src/secp256k1.c b/src/secp256k1.c index aef3f99..8d2d087 100644 --- a/src/secp256k1.c +++ b/src/secp256k1.c @@ -4,6 +4,8 @@ * file COPYING or https://www.opensource.org/licenses/mit-license.php.* ***********************************************************************/ +#define SECP256K1_BUILD + #include "include/secp256k1.h" #include "include/secp256k1_preallocated.h" @@ -21,6 +23,10 @@ #include "scratch_impl.h" #include "selftest.h" +#ifdef SECP256K1_NO_BUILD +# error "secp256k1.h processed without SECP256K1_BUILD defined while building secp256k1.c" +#endif + #if defined(VALGRIND) # include #endif diff --git a/src/tests_exhaustive.c b/src/tests_exhaustive.c index 2bb5381..a8074d4 100644 --- a/src/tests_exhaustive.c +++ b/src/tests_exhaustive.c @@ -20,10 +20,10 @@ #define EXHAUSTIVE_TEST_ORDER 13 #endif +#include "secp256k1.c" #include "include/secp256k1.h" #include "assumptions.h" #include "group.h" -#include "secp256k1.c" #include "testrand_impl.h" static int count = 2;