Commit Graph

1584 Commits

Author SHA1 Message Date
Tim Ruffing 09f3d71c51 configure: Add a few CFLAGS for MSVC 2022-03-17 22:32:24 +01:00
Tim Ruffing 3b4f3d0d46 build: Reject C++ compilers in the preprocessor 2022-03-17 22:32:24 +01:00
Tim Ruffing 1cc0941414 configure: Don't abort if the compiler does not define __STDC__
This removes a check for $ac_cv_prog_cc_c89 which is set by AC_PROG_CC
if defined(__STDC__) in the preprocessor. (Standard compliant compilers
are supposed to define __STDC__ to 1 but the value is actually not
checked here.)

Unfortunately, MSVC doesn't define it, so configure fails for MSVC.

This check is not very useful in practice. Over 30 years after C89 has
been released, there are no C compilers out there that are not
sufficiently compliant with C89 for the project. The only practically
relevant case was that the check rejected C++ compilers. A different
method to reject C++ compilers will be introduced in a later commit.
2022-03-17 22:13:47 +01:00
Tim Ruffing cca8cbbac8 configure: Output message when checking for valgrind 2022-03-16 16:36:29 +01:00
Tim Ruffing 1a6be5745f bench: Make benchmarks compile on MSVC 2022-03-16 16:36:29 +01:00
Jonas Nick 0e5cbd01b3
Merge bitcoin-core/secp256k1#1088: configure: Use modern way to set AR
0d253d52e8 configure: Use modern way to set AR (Tim Ruffing)

Pull request description:

ACKs for top commit:
  jb55:
    tACK 0d253d52e8
  hebasto:
    ACK 0d253d52e8
  jonasnick:
    ACK 0d253d52e8

Tree-SHA512: c85a068b0b6cd0ae59c796d4493d50b1d92394b8620dd65affb5aaac889a41aa625408062f49fbed761217ab2bc35ec10942684a84487cb81becdadf5f2ae2af
2022-03-16 15:15:00 +00:00
Tim Ruffing 0d253d52e8 configure: Use modern way to set AR
This uses AM_PROG_AR to discover ar, which is the recommended way to do
so. Among other advantages, it honors the AR environment variable (as
set from the outside). The macro has been around since automake 1.11.2
(Dec 2011).

This commit also removes code that discovers ranlib and strip. ranlib
has been obsolete for decades (ar does its task now automatically), and
anyway LT_INIT takes care of discovering it. The code we used to set
STRIP was last mentioned in the automake 1.5 manual. Since automake 1.6
(Mar 2002), strip is discovered automatically when necessary (look for
the *private* macro AM_PROG_INSTALL_STRIP in the automake manual).
2022-03-14 18:35:59 +01:00
Jonas Nick ac83be33d0
Merge bitcoin-core/secp256k1#1079: configure: Add hidden --enable-dev-mode to enable all the stuff
e0838d663d configure: Add hidden --enable-dev-mode to enable all the stuff (Tim Ruffing)
fabd579dfa configure: Remove redundant code that sets _enable variables (Tim Ruffing)
0d4226c051 configure: Use canonical variable prefix _enable consistently (Tim Ruffing)

Pull request description:

ACKs for top commit:
  elichai:
    tACK e0838d663d
  jonasnick:
    ACK e0838d663d

Tree-SHA512: dfa1977f8844b8c93c6e72e81845166b47892a0169d931413587ce4ca6b0516b38214635ccfcc008f657d49a07d00574bf9b2c3d40a6d538cc7493b8716219aa
2022-02-27 18:30:53 +00:00
Tim Ruffing e0838d663d configure: Add hidden --enable-dev-mode to enable all the stuff
Co-authored-by: Elichai Turkel <elichai.turkel@gmail.com>
2022-02-26 10:30:29 +01:00
Tim Ruffing fabd579dfa configure: Remove redundant code that sets _enable variables
These are set automatically by autoconf [1], and this has been the
case in at least since 2.60, which is our minimum supported version.

[1] https://www.gnu.org/software/autoconf/manual/autoconf-2.70/html_node/Package-Options.html
[2] https://www.gnu.org/software/autoconf/manual/autoconf-2.60/html_node/Package-Options.html
2022-02-23 21:14:59 +01:00
Tim Ruffing 0d4226c051 configure: Use canonical variable prefix _enable consistently 2022-02-23 21:11:53 +01:00
Jonas Nick 64b34979ed
Merge bitcoin-core/secp256k1#748: Add usage examples
7c9502cece Add a copy of the CC0 license to the examples (Elichai Turkel)
42e03432e6 Add usage examples to the readme (Elichai Turkel)
517644eab1 Optionally compile the examples in autotools, compile+run in travis (Elichai Turkel)
422a7cc86a Add a ecdh shared secret example (Elichai Turkel)
b0cfbcc143 Add a Schnorr signing and verifying example (Elichai Turkel)
fee7d4bf9e Add an ECDSA signing and verifying example (Elichai Turkel)

Pull request description:

ACKs for top commit:
  real-or-random:
    ACK 7c9502cece
  jonasnick:
    ACK 7c9502cece

Tree-SHA512: c475cfd5b324b1e2d7126aa5bb1e7da25183b50adb7357d464c140de83d9097cb1bdc027d09aeadf167dbf9c8afd123235b0a1a742c5795089862418fafa1964
2022-02-23 17:37:58 +00:00
Elichai Turkel 7c9502cece
Add a copy of the CC0 license to the examples 2022-02-23 16:15:00 +02:00
Elichai Turkel 42e03432e6
Add usage examples to the readme 2022-02-23 16:14:59 +02:00
Elichai Turkel 517644eab1
Optionally compile the examples in autotools, compile+run in travis 2022-02-23 16:14:58 +02:00
Elichai Turkel 422a7cc86a
Add a ecdh shared secret example
Co-authored-by: Jonas Nick <jonasd.nick@gmail.com>
2022-02-23 16:14:57 +02:00
Elichai Turkel b0cfbcc143
Add a Schnorr signing and verifying example
Co-authored-by: Jonas Nick <jonasd.nick@gmail.com>
2022-02-23 16:14:55 +02:00
Elichai Turkel fee7d4bf9e
Add an ECDSA signing and verifying example
Co-authored-by: Jonas Nick <jonasd.nick@gmail.com>
2022-02-23 16:14:53 +02:00
Tim Ruffing 1253a27756
Merge bitcoin-core/secp256k1#1033: Add _fe_half and use in _gej_add_ge and _gej_double
e848c3799c Update sage files for new formulae (Peter Dettman)
d64bb5d4f3 Add fe_half tests for worst-case inputs (Peter Dettman)
4eb8b932ff Further improve doubling formula using fe_half (Peter Dettman)
557b31fac3 Doubling formula using fe_half (Pieter Wuille)
2cbb4b1a42 Run more iterations of run_field_misc (Pieter Wuille)
9cc5c257ed Add test for secp256k1_fe_half (Pieter Wuille)
925f78d55e Add _fe_half and use in _gej_add_ge (Peter Dettman)

Pull request description:

  - Trades 1 _half for 3 _mul_int and 2 _normalize_weak

  Gives around 2-3% faster signing and ECDH, depending on compiler/platform.

ACKs for top commit:
  sipa:
    utACK e848c3799c
  jonasnick:
    ACK e848c3799c
  real-or-random:
    ACK e848c3799c

Tree-SHA512: 81a6c93b3d983f1b48ec8e8b6f262ba914215045a95415147f41ee6e85296aa4d0cbbad9f370cdf475571447baad861d2cc8e0b04a71202d48959cb8a098f584
2022-02-21 11:00:08 +01:00
Jonas Nick 3ef94aa5ba
Merge bitcoin-core/secp256k1#1026: ecdh: Add test computing shared_secret=basepoint with random inputs
3531a43b5b ecdh: Make generator_basepoint test depend on global iteration count (Tim Ruffing)
c881dd49bd ecdh: Add test computing shared_secret=basepoint with random inputs (Tim Ruffing)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 3531a43b5b

Tree-SHA512: 5a2e47bad7ec5b3fd9033283fe00e54563b7b1655baf2b8ca39718deceddcc816bb8fcda0d07af6f1f8a785642da5dc69b7df52a1ddd445a3a98a5d5ecff6780
2022-02-11 19:38:07 +00:00
Tim Ruffing 3531a43b5b ecdh: Make generator_basepoint test depend on global iteration count
Co-authored-by: Elliott Jin <elliott.jin@gmail.com>
2022-02-11 16:39:04 +01:00
Tim Ruffing c881dd49bd ecdh: Add test computing shared_secret=basepoint with random inputs 2022-02-11 16:39:04 +01:00
Jonas Nick 077528317d
Merge bitcoin-core/secp256k1#1074: ci: Retry brew update a few times to avoid random failures
e51ad3b737 ci: Retry `brew update` a few times to avoid random failures (Tim Ruffing)
b1cb969e8a ci: Revert "Attempt to make macOS builds more reliable" (Tim Ruffing)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK e51ad3b737

Tree-SHA512: cb0b81ac8d81fe8ea58afa7382d3f922bd4eb713645c5d0b99f9de963c9906273f5d573a9272e8f6cdb16ffcca5e162c088cc2b0772278f68930f8cb726824be
2022-02-08 17:14:17 +00:00
Tim Ruffing e51ad3b737 ci: Retry `brew update` a few times to avoid random failures 2022-02-08 14:09:58 +01:00
Tim Ruffing b1cb969e8a ci: Revert "Attempt to make macOS builds more reliable"
This reverts commit d9396a56da, which
didn't have the desired effect.
2022-02-08 13:53:05 +01:00
Jonas Nick 5dcc6f8dbd
Merge bitcoin-core/secp256k1#1069: build: Replace use of deprecated autoconf macro AC_PROG_CC_C89
e0db3f8a25 build: Replace use of deprecated autoconf macro AC_PROG_CC_C89 (laanwj)

Pull request description:

ACKs for top commit:
  real-or-random:
    utACK e0db3f8a25
  jonasnick:
    ACK e0db3f8a25

Tree-SHA512: 00d6719fcdea69d002c795bbed07ccbd69900fef7dcba8ee42aa4e77765034feeb036ac9147b7fccc88b41623f735f62d4c72e25b3a1e68caad08a1237d6c5f5
2022-02-06 20:44:55 +00:00
Jonas Nick 59547943d6
Merge bitcoin-core/secp256k1#1072: ci: Attempt to make macOS builds more reliable
d9396a56da ci: Attempt to make macOS builds more reliable (Tim Ruffing)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK d9396a56da

Tree-SHA512: 68df44107d74671de148e9c3e6dbc6b16bec937137d7d9771efce10f5d66459559b372346d05ecc23237b2e3af9479156f733219717cb93f5204f9ea5b2636a9
2022-02-06 19:30:14 +00:00
Jonas Nick 85b00a1c65
Merge bitcoin-core/secp256k1#1068: sage: Fix incompatibility with sage 9.4
ebb1beea78 sage: Ensure that constraints are always fastfracs (Tim Ruffing)
d8d54859ed ci: Run sage prover on CI (Tim Ruffing)
77cfa98dbc sage: Normalize sign of polynomial factors in prover (Tim Ruffing)
eae75869cf sage: Exit with non-zero status in case of failures (Tim Ruffing)
b54d843eac sage: Fix printing of errors (Tim Ruffing)
e108d0039c sage: Fix incompatibility with sage 9.4 (Tim Ruffing)

Pull request description:

ACKs for top commit:
  sipa:
    ACK ebb1beea78
  jonasnick:
    ACK ebb1beea78

Tree-SHA512: 7a4732fd31d925d3dff471911183acc465ddcadbb5c88c46995502df61a913433c7639cb52fad3db72373b7cc47b9b0f063f7f5d5f8189c9ef998955e409479f
2022-02-05 22:06:29 +00:00
Tim Ruffing ebb1beea78 sage: Ensure that constraints are always fastfracs
Even if they are constants created in the formula functions. We now
lift integer constants to fastfracs.
2022-02-04 15:39:44 +01:00
Tim Ruffing d8d54859ed ci: Run sage prover on CI 2022-02-04 15:37:32 +01:00
Tim Ruffing 77cfa98dbc sage: Normalize sign of polynomial factors in prover
The prover, when run on recent sage versions,  failed to prove some of its
goals due to a change in sage. This commit adapts our code accordingly.
The prover passes again after this commit.
2022-02-04 15:37:32 +01:00
Tim Ruffing eae75869cf sage: Exit with non-zero status in case of failures 2022-02-04 15:37:32 +01:00
Tim Ruffing d9396a56da ci: Attempt to make macOS builds more reliable
The macOS CI tasks often error fail when doing `brew update` with
git fetch errors:
```
remote: fatal: packfile /data/repositories/b/nw/b6/07/5c/123272362/network.git/objects/pack/pack-2139bd07361b62a358e380a0e7d58ec35593d191.pack cannot be accessed
fatal: protocol error: bad pack header
Error: Fetching /usr/local/Homebrew/Library/Taps/homebrew/homebrew-core failed!
```
Superficially this seems to be a problem on the GitHub server because
the message shows a "remote" error. But it seems we're the only one in
the world running into this specific issue when doing `brew update`, so
it's more likely that the something else is the culprit, and this error
message is just a symptom.

This commit replaces `brew update` with a complete reinstallation of
brew. This is essentially a shot in the dark but it's worth a try, and
I doubt it's significantly more expensive. If that won't work, we may
consider simply retrying `brew update` a few times.
2022-02-04 10:55:19 +01:00
laanwj e0db3f8a25 build: Replace use of deprecated autoconf macro AC_PROG_CC_C89
According to [autoconf 2.70](https://www.gnu.org/software/autoconf/manual/autoconf-2.70/html_node/Obsolete-Macros.html)
documentation, the `AC_PROG_CC_C89' is replaced by `AC_PROG_CC`, which
defines the same variable `ac_cv_prog_cc_c89`.

Avoids the following message:
```
configure.ac:23: warning: The macro `AC_PROG_CC_C89' is obsolete.
```

Also, remove deprecated `AM_PROG_CC_C_O`.
2022-02-03 08:57:36 +01:00
Peter Dettman e848c3799c Update sage files for new formulae
- formula_secp256k1_gej_double_var
- formula_secp256k1_gej_add_ge
2022-02-01 17:51:13 +07:00
Peter Dettman d64bb5d4f3 Add fe_half tests for worst-case inputs
- Add field method _fe_get_bounds
2022-02-01 17:51:05 +07:00
Tim Ruffing b54d843eac sage: Fix printing of errors
Python 3 often returns iterable map objects where Python 2 returned
list. We can just them down to lists explicitly.

Overlooked in 13c88efed0.
2022-01-31 15:17:46 +01:00
Peter Dettman 4eb8b932ff Further improve doubling formula using fe_half 2022-01-31 19:41:07 +07:00
Pieter Wuille 557b31fac3 Doubling formula using fe_half 2022-01-31 19:41:07 +07:00
Pieter Wuille 2cbb4b1a42 Run more iterations of run_field_misc
At count=64, this makes the test take around 1% of the total time.
2022-01-31 19:41:07 +07:00
Pieter Wuille 9cc5c257ed Add test for secp256k1_fe_half 2022-01-31 19:41:07 +07:00
Peter Dettman 925f78d55e Add _fe_half and use in _gej_add_ge
- Trades 1 _half for 3 _mul_int and 2 _normalize_weak
- Updated formula and comments in _gej_add_ge
- Added internal benchmark for _fe_half
2022-01-31 19:41:01 +07:00
Tim Ruffing e108d0039c sage: Fix incompatibility with sage 9.4
`allexprs` is already the product all numerators. Don't take it's
numerator again.

Fixes #1067.
2022-01-31 12:15:16 +01:00
Jonas Nick d8a2463246
Merge bitcoin-core/secp256k1#899: Reduce stratch space needed by ecmult_strauss_wnaf.
b797a500ec Create a SECP256K1_ECMULT_TABLE_VERIFY macro. (Russell O'Connor)
a731200cc3 Replace ECMULT_TABLE_GET_GE_STORAGE macro with a function. (Russell O'Connor)
fe34d9f341 Eliminate input_pos state field from ecmult_strauss_wnaf. (Russell O'Connor)
0397d00ba0 Eliminate na_1 and na_lam state fields from ecmult_strauss_wnaf. (Russell O'Connor)
7ba3ffcca0 Remove the unused pre_a_lam allocations. (Russell O'Connor)
b3b57ad6ee Eliminate the pre_a_lam array from ecmult_strauss_wnaf. (Russell O'Connor)
ae7ba0f922 Remove the unused prej allocations. (Russell O'Connor)
e5c18892db Eliminate the prej array from ecmult_strauss_wnaf. (Russell O'Connor)
c9da1baad1 Move secp256k1_fe_one to field.h (Russell O'Connor)

Pull request description:

ACKs for top commit:
  sipa:
    ACK b797a500ec
  jonasnick:
    ACK b797a500ec

Tree-SHA512: 6742469979c306104a0861be76c2be86bf8ab14116b00afbd24f91b9e3ea843bf9b9a74552b367bd06ee617090019ad4df6be037d58937c8c869f8b37ddaa6cc
2022-01-26 14:49:40 +00:00
Tim Ruffing 0a40a4861a
Merge bitcoin-core/secp256k1#1049: Faster fixed-input ecmult tests
070e772211 Faster fixed-input ecmult tests (Pieter Wuille)

Pull request description:

  Given how much #920 slowed down the tests with low iteration count, replace it with 3 different similar test:
  * count >= 1: a test with 1024 multiplies that tests any pattern of 6 bits in windows not more than 20 bits wide
  * count >= 3: a test with 2048 multiplies that tests any pattern of 8 consecutive bits
  * count >= 35: the old test (which effectively tests all 2-bit patterns)

ACKs for top commit:
  robot-dreams:
    ACK 070e772211, the addition of the `CONDITIONAL_TEST` macro is nice.
  real-or-random:
    ACK 070e772211

Tree-SHA512: b4ccca42c71fcd1baa7143f73d1c3ac9d012c296485164a03341dbeee02e4ba9f7c7ad6b441923a5fe0286c97eff60815033adb4e1d30b3ef08bcb79590327ff
2022-01-24 22:01:54 +01:00
Pieter Wuille 070e772211 Faster fixed-input ecmult tests 2022-01-22 18:44:32 -05:00
Pieter Wuille c8aa516b57
Merge bitcoin-core/secp256k1#1064: Modulo-reduce msg32 inside RFC6979 nonce fn to match spec. Fixes #1063
45f37b6506 Modulo-reduce msg32 inside RFC6979 nonce fn to match spec. Fixes #1063. (Paul Miller)

Pull request description:

ACKs for top commit:
  siv2r:
    ACK 45f37b6. The diff looks good. It reduces `msg32` to modulo curve order for rfc6979 nonce generation. All tests passed on my machine with `make check`.
  sipa:
    utACK 45f37b6506
  real-or-random:
    ACK 45f37b6506

Tree-SHA512: 4c36784b2d6f2983bc0c3f380ff59cd9f2bd1822b98116d70964cd15183742fcc1f2ccde225a76dd30d946b3678b2cf29caff018efc07f40a200ee85843b39dd
2022-01-22 18:38:27 -05:00
Russell O'Connor b797a500ec Create a SECP256K1_ECMULT_TABLE_VERIFY macro. 2022-01-19 11:51:43 -05:00
Russell O'Connor a731200cc3 Replace ECMULT_TABLE_GET_GE_STORAGE macro with a function. 2022-01-19 11:51:43 -05:00
Russell O'Connor fe34d9f341 Eliminate input_pos state field from ecmult_strauss_wnaf. 2022-01-19 11:51:43 -05:00