status-im
/
secp256k1
mirror of https://github.com/status-im/secp256k1.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge bitcoin-core/secp256k1#1171: Change ARG_CHECK_NO_RETURN to ARG_CHECK_VOID which returns (void) 

a49e0940ad docs: Fix typo (Tim Ruffing)
2551cdac90 tests: Fix code formatting (Tim Ruffing)
c635c1bfd5 Change ARG_CHECK_NO_RETURN to ARG_CHECK_VOID which returns (void) (Tim Ruffing)
cf66f2357c refactor: Add helper function secp256k1_context_is_proper() (Tim Ruffing)

Pull request description:

ACKs for top commit:
  sipa:
    utACK a49e0940ad
  jonasnick:
    ACK a49e0940ad

Tree-SHA512: 0fd4ee88510f2de0de96378ae69ce6e610a446000bb78597026c5924803e1ce5a4f76303fc6446233a6129f9c42dce1b1549f93bef935131101e47b5a69cdf2f
This commit is contained in:
Jonas Nick 2022-12-21 15:27:00 +00:00
parent 3f57b9f774 a49e0940ad
commit eacad90f69
No known key found for this signature in database
GPG Key ID: 4861DBF262123605
3 changed files with 22 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/secp256k1.h
View File

@ -849,7 +849,7 @@ SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_tweak_mul(
* kind of elliptic curve point multiplication and thus does not benefit from * kind of elliptic curve point multiplication and thus does not benefit from
* enhanced protection against side-channel leakage currently. * enhanced protection against side-channel leakage currently.
* *
* It is safe call this function on a copy of secp256k1_context_static in writable * It is safe to call this function on a copy of secp256k1_context_static in writable
* memory (e.g., obtained via secp256k1_context_clone). In that case, this * memory (e.g., obtained via secp256k1_context_clone). In that case, this
* function is guaranteed to return 1, but the call will have no effect because * function is guaranteed to return 1, but the call will have no effect because
* the static context (or a copy thereof) is not meant to be randomized. * the static context (or a copy thereof) is not meant to be randomized.

24
src/secp256k1.c
View File

@ -51,9 +51,10 @@
} \ } \
} while(0) } while(0)
#define ARG_CHECK_NO_RETURN(cond) do { \ #define ARG_CHECK_VOID(cond) do { \
if (EXPECT(!(cond), 0)) { \ if (EXPECT(!(cond), 0)) { \
secp256k1_callback_call(&ctx->illegal_callback, #cond); \ secp256k1_callback_call(&ctx->illegal_callback, #cond); \
return; \
} \ } \
} while(0) } while(0)
@ -75,6 +76,15 @@ static const secp256k1_context secp256k1_context_static_ = {
const secp256k1_context *secp256k1_context_static = &secp256k1_context_static_; const secp256k1_context *secp256k1_context_static = &secp256k1_context_static_;
const secp256k1_context *secp256k1_context_no_precomp = &secp256k1_context_static_; const secp256k1_context *secp256k1_context_no_precomp = &secp256k1_context_static_;
/* Helper function that determines if a context is proper, i.e., is not the static context or a copy thereof.
*
* This is intended for "context" functions such as secp256k1_context_clone. Function which need specific
* features of a context should still check for these features directly. For example, a function that needs
* ecmult_gen should directly check for the existence of the ecmult_gen context. */
static int secp256k1_context_is_proper(const secp256k1_context* ctx) {
return secp256k1_ecmult_gen_context_is_built(&ctx->ecmult_gen_ctx);
}
void secp256k1_selftest(void) { void secp256k1_selftest(void) {
if (!secp256k1_selftest_passes()) { if (!secp256k1_selftest_passes()) {
secp256k1_callback_call(&default_error_callback, "self test failed"); secp256k1_callback_call(&default_error_callback, "self test failed");
@ -157,7 +167,7 @@ secp256k1_context* secp256k1_context_clone(const secp256k1_context* ctx) {
} }
void secp256k1_context_preallocated_destroy(secp256k1_context* ctx) { void secp256k1_context_preallocated_destroy(secp256k1_context* ctx) {
ARG_CHECK_NO_RETURN(ctx != secp256k1_context_static); ARG_CHECK_VOID(ctx != secp256k1_context_static);
if (ctx != NULL) { if (ctx != NULL) {
secp256k1_ecmult_gen_context_clear(&ctx->ecmult_gen_ctx); secp256k1_ecmult_gen_context_clear(&ctx->ecmult_gen_ctx);
} }
@ -171,7 +181,10 @@ void secp256k1_context_destroy(secp256k1_context* ctx) {
} }
void secp256k1_context_set_illegal_callback(secp256k1_context* ctx, void (*fun)(const char* message, void* data), const void* data) { void secp256k1_context_set_illegal_callback(secp256k1_context* ctx, void (*fun)(const char* message, void* data), const void* data) {
ARG_CHECK_NO_RETURN(ctx != secp256k1_context_static); /* We compare pointers instead of checking secp256k1_context_is_proper() here
because setting callbacks is allowed on *copies* of the static context:
it's harmless and makes testing easier. */
ARG_CHECK_VOID(ctx != secp256k1_context_static);
if (fun == NULL) { if (fun == NULL) {
fun = secp256k1_default_illegal_callback_fn; fun = secp256k1_default_illegal_callback_fn;
} }
@ -180,7 +193,10 @@ void secp256k1_context_set_illegal_callback(secp256k1_context* ctx, void (*fun)(
} }
void secp256k1_context_set_error_callback(secp256k1_context* ctx, void (*fun)(const char* message, void* data), const void* data) { void secp256k1_context_set_error_callback(secp256k1_context* ctx, void (*fun)(const char* message, void* data), const void* data) {
ARG_CHECK_NO_RETURN(ctx != secp256k1_context_static); /* We compare pointers instead of checking secp256k1_context_is_proper() here
because setting callbacks is allowed on *copies* of the static context:
it's harmless and makes testing easier. */
ARG_CHECK_VOID(ctx != secp256k1_context_static);
if (fun == NULL) { if (fun == NULL) {
fun = secp256k1_default_error_callback_fn; fun = secp256k1_default_error_callback_fn;
} }

3
src/tests.c
View File

@ -152,8 +152,7 @@ int context_eq(const secp256k1_context *a, const secp256k1_context *b) {
return a->declassify == b->declassify return a->declassify == b->declassify
&& ecmult_gen_context_eq(&a->ecmult_gen_ctx, &b->ecmult_gen_ctx) && ecmult_gen_context_eq(&a->ecmult_gen_ctx, &b->ecmult_gen_ctx)
&& a->illegal_callback.fn == b->illegal_callback.fn && a->illegal_callback.fn == b->illegal_callback.fn
&& a->illegal_callback.data == b->illegal_callback. && a->illegal_callback.data == b->illegal_callback.data
data
&& a->error_callback.fn == b->error_callback.fn && a->error_callback.fn == b->error_callback.fn
&& a->error_callback.data == b->error_callback.data; && a->error_callback.data == b->error_callback.data;
} }