41e8704b484652cf5bbb2b7ecc27feedc3cf0ae1 build: Enable some modules by default (Tim Ruffing)
Pull request description:
This has been discussed in https://github.com/bitcoin-core/secp256k1/issues/817#issuecomment-693198323 and I agree with the arguments brought up there.
Alternatively, we could not enable them and add a discussion to the readme why we discourage people from using the modules. I believe enabling ECDH is not very controversial. But what about recovery? Do we want to leave it off and instead give a reason?
ACKs for top commit:
sipa:
ACK 41e8704b484652cf5bbb2b7ecc27feedc3cf0ae1
jonasnick:
ACK 41e8704b484652cf5bbb2b7ecc27feedc3cf0ae1
Tree-SHA512: 1dd21037043f2b2c94a92cd2f31e69b505ba5b43119897bc0934966d9ccd84fc4fc20e7509af634f1c3a096710db1a2253090f5f1f107b9d258945a5546e9ba4
99bd3355994a436e25d148c68e097cca11f3c63e Make int128 overflow test use secp256k1_[ui]128_mul (Pieter Wuille)
3afce0af7c00eb4c5ca6d303e36a48c91a800459 Avoid signed overflow in MSVC AMR64 secp256k1_mul128 (Pieter Wuille)
9b5f589d30c3a86df686aadcde63eaa54eeafe71 Heuristically decide whether to use int128_struct (Pieter Wuille)
63ff064d2f7e67bb8ce3431ca5d7f8f056ba6bbd int128: Add test override for testing __(u)mulh on MSVC X64 (Tim Ruffing)
f2b7e88768f86b2fd506be4a8970ba6d1423d0a5 Add int128 randomized tests (Pieter Wuille)
Pull request description:
This is a follow-up to #1000:
* Add randomized unit tests for int128 logic.
* Add CI for the `_(u)mulh` code path (on non-ARM64 MSVC).
* Add heuristic logic to enable int128_struct based arithmetic on 64-bit MSVC, or systems with pointers wider than 32 bits.
* Fix signed overflow in ARM64 MSVC code.
ACKs for top commit:
roconnor-blockstream:
utACK 99bd335
real-or-random:
ACK 99bd3355994a436e25d148c68e097cca11f3c63e tested this also on MSVC locally with the override, including all the benchmark binaries
jonasnick:
utACK 99bd3355994a436e25d148c68e097cca11f3c63e
Tree-SHA512: 5ea897362293b45a86650593e1fdc8c4004a1d9452eed2fa070d22dffc7ed7ca1ec50a4df61e3a33dbe35e08132ad9686286ac44af6742b32b82f11c9d3341c6
a340d9500a9c45e5c261174f48b3eb18b3b3647d ci: add int128_struct tests (Jonas Nick)
dceaa1f57963d1a88b24974eab4b49baac6d04cd int128: Tidy #includes of int128.h and int128_impl.h (Tim Ruffing)
2914bccbc0913806ee64425a27d38cdc27b288e8 Simulated int128 type. (Russell O'Connor)
Pull request description:
Abstracts the int128 type and provides an native version, if available, or a implements it using a pair of int64_t's.
This is activated by setting the configuration flag `--with-test-override-wide-multiply=int128_struct`.
The primary purpose of this PR is to take advantage of MSVC's [umulh](https://docs.microsoft.com/en-us/cpp/intrinsics/umulh?view=msvc-170) intrinsic that we can use to simulate an int128 type which MSVC does not have (AFAIU). This PR lays out the groundwork for this level of MSVC support, but doesn't include the configuration logic to enable it yet.
For completeness, and implementation of `umulh` and `mulh` are also provided for compilers that support neither the intrinsic nor the int128 type (such as CompCert?). This also opens up the possibility of removing the 32-bit field and scalar implementations should that ever be desired.
ACKs for top commit:
sipa:
ACK a340d9500a9c45e5c261174f48b3eb18b3b3647d
jonasnick:
ACK a340d9500a9c45e5c261174f48b3eb18b3b3647d
Tree-SHA512: b4f2853fa3ab60ce9d77b4eaee1fd20c4b612850e19fcb3179d7e36986f420c6c4589ff72f0cf844f989584ace49a1cd23cca3f4e405dabefc8da647a0df679d
6a965b6b98bc08646c87bcfc826181e317079a9e Remove usage of CHECK from non-test file (Tobin C. Harding)
Pull request description:
Currently CHECK is used only in test and bench mark files except for one usage in `ecmult_impl.h`.
We would like to move the definition of CHECK out of `util.h` so that `util.h` no longer has a hard dependency on `stdio.h`.
Done as part of an effort to allow secp256k1 to be compiled to WASM as part of `rust-secp256k1`.
### Note to reviewers
Please review carefully, I don't actually know if this patch is correct. Done while working on #1095. I'm happy to make any changes both in concept and execution - I'm super rusty at C programming.
cc real-or-random
ACKs for top commit:
sipa:
utACK 6a965b6b98bc08646c87bcfc826181e317079a9e
real-or-random:
utACK 6a965b6b98bc08646c87bcfc826181e317079a9e
Tree-SHA512: 6bfb456bdb92a831acd3bc202607e80f6d0a194d6b2cf745c8eceb12ba675d03a319d6d105332b0cbca474e443969295e5a8e938635453e21e057d0ee597440b
After this commit, int128.h and int128_impl.h are included as follows:
- .c files which use int128 include int128_impl.h (after util.h)
- .h files which use int128 include int128.h (after util.h)
This list is exhaustive. util.h needs to included first because it sets
up necessary #defines.
Currently CHECK is used only in test and bench mark files except for one
usage in `ecmult_impl.h`.
We would like to move the definition of CHECK out of `util.h` so that
`util.h` no longer has a hard dependency on `stdio.h`.
Done in preparation for moving the definition of `CHECK` as part of an
effort to allow secp256k1 to be compiled to WASM as part of
`rust-secp256k1`.
We don't enable the ECDSA recovery module, because we don't recommend
ECDSA recovery for new protocols. In particular, the recovery API is
prone to misuse: It invites the caller to forget to check the public
key (and the verification function always returns 1).
In general, we also don't recommend ordinary ECDSA for new protocols.
But disabling the ECDSA functions is not possible because they're not
in a module, and let's be honest: disabling ECDSA would mean to ignore
reality blatantly.
cabe085bb4371cc61286023ac9f6a8ce3138d7ea configure: Remove pkgconfig macros again (reintroduced by mismerge) (Tim Ruffing)
Pull request description:
We had removed `PKG_PROG_PKG_CONFIG` in 21b2ebaf74222017f85123deb6f30a33c7678513
(#1090). But then then the not rebased (!) merge of 2be6ba0fedd0d2d62ba6f346d7ced7abde0d66e4
(#1084) brought that macro back at another location, without git
complaining about a conflict.
Fixes#1127.
ACKs for top commit:
fanquake:
ACK cabe085bb4371cc61286023ac9f6a8ce3138d7ea
hebasto:
ACK cabe085bb4371cc61286023ac9f6a8ce3138d7ea
jonasnick:
ACK cabe085bb4371cc61286023ac9f6a8ce3138d7ea
Tree-SHA512: ba497503db3a11e631b15c4fe875e62d892971c2c708d90b2f6be684e85d164043ea97c13af0452831eef41f3cf8230cd8a9eafa332dc5b5ae18e118b87c3828
We had removed `PKG_PROG_PKG_CONFIG` in 21b2ebaf74222017f85123deb6f30a33c7678513
(#1090). But then then the not rebased (!) merge of 2be6ba0fedd0d2d62ba6f346d7ced7abde0d66e4
(#1084) brought that macro back at another location, without git
complaining about a conflict.
Fixes#1127.
17065f48ae261c6949dab74a7c197ac13b52eb1b tests: Randomize the context with probability 15/16 instead of 1/4 (Tim Ruffing)
Pull request description:
ACKs for top commit:
sipa:
ACK 17065f48ae261c6949dab74a7c197ac13b52eb1b
jonasnick:
ACK 17065f48ae261c6949dab74a7c197ac13b52eb1b
Tree-SHA512: 3b7005770007b922a294be610f23da60b0dde74dfd7585d64a2cb04eaa6ec879de8d21a0ade31c1857019a8dd97260fa3aa167ae16fc55027ef280a3e3feaa6d
55f8bc99dce8846e0da99b92e52353c8cf893287 ecmult_gen: Improve comments about projective blinding (Tim Ruffing)
7a869558004b70803717d8169dd8b090e04df4af ecmult_gen: Simplify code (no observable change) (Tim Ruffing)
4cc0b1b669392d38770f74cb3fb5c801c82f67a0 ecmult_gen: Skip RNG when creating blinding if no seed is available (Tim Ruffing)
Pull request description:
Running the RNG is pointless if no seed is available because the key
will be fixed. The computation just wastes time.
Previously, users could avoid this computation at least by asking for
a context without signing capabilities. But since 3b0c218 we always
build an ecmult_gen context, ignoring the context flags. Moreover,
users could never avoid this pointless computation when asking for
the creation of a signing context.
This fixes one item in #1065.
ACKs for top commit:
sipa:
ACK 55f8bc99dce8846e0da99b92e52353c8cf893287
apoelstra:
ACK 55f8bc99dce8846e0da99b92e52353c8cf893287
Tree-SHA512: 5ccba56041f94fa8f40a8a56ce505369ff2e0ed20cd7f0bfc3fdfffa5fa7bf826a93602b9b2455a352865a9548ab4928e858c19bb5af7ec221594a3bf25c4f3d
Whenever I read this code, I first think that rescaling ctx->initial is
a dead store because we overwrite it later with gb. But that's wrong.
The rescaling blinds the computation of gb and affects its result.
Running the RNG is pointless if no seed is available because the key
will be fixed. The computation just wastes time.
Previously, users could avoid this computation at least by asking for
a context without signing capabilities. But since 3b0c218 we always
build an ecmult_gen context, ignoring the context flags. Moreover,
users could never avoid this pointless computation when asking for
the creation of a signing context.
40a3473a9d44dc409412e94f70ad0f09bd9da3ac build: Fix #include "..." paths to get rid of further -I arguments (Tim Ruffing)
Pull request description:
This simplifies building without a build system.
This is in line with #925; the paths fixed here were either forgotten
there or only introduced later. This commit also makes the Makefile
stricter so that further "wrong" #include paths will lead to build
errors even in autotools builds.
This belongs to #929.
ACKs for top commit:
hebasto:
ACK 40a3473a9d44dc409412e94f70ad0f09bd9da3ac
Tree-SHA512: 6f4d825ea3cf86b13f294e2ec19fafc29660fa99450e6b579157d7a6e9bdb3404d761edf89c1135fa89b984d6431a527beeb97031dc90f2fae9761528f4d06d1
This simplifies building without a build system.
This is in line with #925; the paths fixed here were either forgotten
there or only introduced later. This commit also makes the Makefile
stricter so that further "wrong" #include paths will lead to build
errors even in autotools builds.
This belongs to #929.
Co-authored-by: Hennadii Stepanov <32963518+hebasto@users.noreply.github.com>
49e2acd927ce9eb806cc10f3a1fd89a9ddd081e2 configure: Improve rationale for WERROR_CFLAGS (Tim Ruffing)
8dc4b03341c85a3be91e559d05771c51e60b0eba ci: Add a C++ job that compiles the public headers without -fpermissive (Tim Ruffing)
51f296a46c0b318b8dd572ef9ac3bb3a4140ae63 ci: Run persistent wineserver to speed up wine (Tim Ruffing)
3fb3269c22c25de3b720ad139dcf4e3cff9eda1a ci: Add 32-bit MinGW64 build (Tim Ruffing)
9efc2e5221560d19dd750e0ba32c03d4ee091227 ci: Add MSVC builds (Tim Ruffing)
2be6ba0fedd0d2d62ba6f346d7ced7abde0d66e4 configure: Convince autotools to work with MSVC's archiver lib.exe (Tim Ruffing)
bd81f4140a4228b1df3a9f631e2d207a197ae614 schnorrsig bench: Suppress a stupid warning in MSVC (Tim Ruffing)
09f3d71c51a9621653d766e2fe7e657534e57bd6 configure: Add a few CFLAGS for MSVC (Tim Ruffing)
3b4f3d0d46dd278fbe4ffa68b1b6e14e3ea3b17f build: Reject C++ compilers in the preprocessor (Tim Ruffing)
1cc09414149d0c0c6a4a500d83efc3bd66f3ebcd configure: Don't abort if the compiler does not define __STDC__ (Tim Ruffing)
cca8cbbac84624fd350efc4086af25a06dcf8090 configure: Output message when checking for valgrind (Tim Ruffing)
1a6be5745fcf9f90e4218b73712b71ea06361792 bench: Make benchmarks compile on MSVC (Tim Ruffing)
Pull request description:
ACKs for top commit:
jonasnick:
ACK 49e2acd927ce9eb806cc10f3a1fd89a9ddd081e2
Tree-SHA512: 986c498fb218231fff3519167d34a92e11dea6a4383788a9723be105c20578cd483c6b06ba5686c6669e3a02cfeebc29b8e5f1428552ebf4ec67fa7a86957548
