merge with ABC code

CMakeLists.txt

@@ -100,11 +100,42 @@ if (ENABLE_ENDOMORPHISM)
 endif()
 
 if (ENABLE_ECMULT_STATIC_PRECOMPUTATION)
-  add_definitions(-DUSE_ECMULT_STATIC_PRECOMPUTATION)
+  # add_definitions(-DUSE_ECMULT_STATIC_PRECOMPUTATION)
+
+	set(USE_ECMULT_STATIC_PRECOMPUTATION 1)
+
+  if(EXISTS ${CMAKE_SOURCE_DIR}/ci_utils/cmake/NativeExecutable.cmake)
+    include(${CMAKE_SOURCE_DIR}/ci_utils/cmake/NativeExecutable.cmake)
+  else()
+    message( STATUS "NativeExecutable.cmake doent exists")
+  endif()
+
+	# # include(NativeExecutable)
+	add_native_executable(gen_context src/gen_context.c)
+
+  target_include_directories(gen_context PRIVATE
+  ${CMAKE_CURRENT_SOURCE_DIR})
+
+  # target_include_directories(gen_context PUBLIC
+  # $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>
+  # $<INSTALL_INTERFACE:include>)
+
+	add_custom_command(
+		OUTPUT ecmult_static_context.h
+		COMMAND gen_context
+	)
+
+	# target_sources(secp256k1 PRIVATE ecmult_static_context.h)
+
 endif()
 
 
 
+
+
+
+
+
 # Implement --with-asm
 #------------------------------------------------------------------------------
 if (WITH_ASM STREQUAL "auto")
@@ -280,6 +311,14 @@ endif()
 
 target_compile_definitions(secp256k1 PUBLIC -DBITPRIM_PROJECT_VERSION="\\"${BITPRIM_PROJECT_VERSION}\\"") #TODO(fernando): manage with Conan????
 
+
+
+if (ENABLE_ECMULT_STATIC_PRECOMPUTATION)
+	target_sources(secp256k1 PRIVATE ecmult_static_context.h)
+endif()
+
+
+
 # message(CONAN_LIBS)
 # message(${CONAN_LIBS})
 

include/secp256k1.h

@@ -42,19 +42,6 @@ extern "C" {
  */
 typedef struct secp256k1_context_struct secp256k1_context;
 
-/** Opaque data structure that holds rewriteable "scratch space"
- *
- *  The purpose of this structure is to replace dynamic memory allocations,
- *  because we target architectures where this may not be available. It is
- *  essentially a resizable (within specified parameters) block of bytes,
- *  which is initially created either by memory allocation or TODO as a pointer
- *  into some fixed rewritable space.
- *
- *  Unlike the context object, this cannot safely be shared between threads
- *  without additional synchronization logic.
- */
-typedef struct secp256k1_scratch_space_struct secp256k1_scratch_space;
-
 /** Opaque data structure that holds a parsed and valid public key.
  *
  *  The exact representation of data inside is implementation defined and not
@@ -179,13 +166,6 @@ typedef int (*secp256k1_nonce_function)(
 #define SECP256K1_TAG_PUBKEY_HYBRID_EVEN 0x06
 #define SECP256K1_TAG_PUBKEY_HYBRID_ODD 0x07
 
-/** A simple secp256k1 context object with no precomputed tables. These are useful for
- *  type serialization/parsing functions which require a context object to maintain
- *  API consistency, but currently do not require expensive precomputations or dynamic
- *  allocations.
- */
-SECP256K1_API extern const secp256k1_context *secp256k1_context_no_precomp;
-
 /** Create a secp256k1 context object.
  *
  *  Returns: a newly created context object.
@@ -263,26 +243,6 @@ SECP256K1_API void secp256k1_context_set_error_callback(
     const void* data
 ) SECP256K1_ARG_NONNULL(1);
 
-/** Create a secp256k1 scratch space object.
- *
- *  Returns: a newly created scratch space.
- *  Args: ctx:  an existing context object (cannot be NULL)
- *  In:   max_size: maximum amount of memory to allocate
- */
-SECP256K1_API SECP256K1_WARN_UNUSED_RESULT secp256k1_scratch_space* secp256k1_scratch_space_create(
-    const secp256k1_context* ctx,
-    size_t max_size
-) SECP256K1_ARG_NONNULL(1);
-
-/** Destroy a secp256k1 scratch space.
- *
- *  The pointer may not be used afterwards.
- *  Args:   scratch: space to destroy
- */
-SECP256K1_API void secp256k1_scratch_space_destroy(
-    secp256k1_scratch_space* scratch
-);
-
 /** Parse a variable-length public key into the pubkey object.
  *
  *  Returns: 1 if the public key was fully valid.
@@ -615,7 +575,7 @@ SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_tweak_mul(
 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
 
 /** Updates the context randomization to protect against side-channel leakage.
- *  Returns: 1: randomization successfully updated or nothing to randomize
+ *  Returns: 1: randomization successfully updated
  *           0: error
  *  Args:    ctx:       pointer to a context object (cannot be NULL)
  *  In:      seed32:    pointer to a 32-byte random seed (NULL resets to initial state)
@@ -630,11 +590,6 @@ SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_tweak_mul(
  * that it does not affect function results, but shields against attacks which
  * rely on any input-dependent behaviour.
  *
- * This function has currently an effect only on contexts initialized for signing
- * because randomization is currently used only for signing. However, this is not
- * guaranteed and may change in the future. It is safe to call this function on
- * contexts not initialized for signing; then it will have no effect and return 1.
- *
  * You should call this after secp256k1_context_create or
  * secp256k1_context_clone, and may call this repeatedly afterwards.
  */

include/secp256k1_ecdh.h

@@ -7,45 +7,21 @@
 extern "C" {
 #endif
 
-/** A pointer to a function that applies hash function to a point
- *
- *  Returns: 1 if a point was successfully hashed. 0 will cause ecdh to fail
- *  Out:    output:     pointer to an array to be filled by the function
- *  In:     x:          pointer to a 32-byte x coordinate
- *          y:          pointer to a 32-byte y coordinate
- *          data:       Arbitrary data pointer that is passed through
- */
-typedef int (*secp256k1_ecdh_hash_function)(
-  unsigned char *output,
-  const unsigned char *x,
-  const unsigned char *y,
-  void *data
-);
-
-/** An implementation of SHA256 hash function that applies to compressed public key. */
-SECP256K1_API extern const secp256k1_ecdh_hash_function secp256k1_ecdh_hash_function_sha256;
-
-/** A default ecdh hash function (currently equal to secp256k1_ecdh_hash_function_sha256). */
-SECP256K1_API extern const secp256k1_ecdh_hash_function secp256k1_ecdh_hash_function_default;
-
 /** Compute an EC Diffie-Hellman secret in constant time
  *  Returns: 1: exponentiation was successful
  *           0: scalar was invalid (zero or overflow)
  *  Args:    ctx:        pointer to a context object (cannot be NULL)
- *  Out:     output:     pointer to an array to be filled by the function
+ *  Out:     result:     a 32-byte array which will be populated by an ECDH
+ *                       secret computed from the point and scalar
  *  In:      pubkey:     a pointer to a secp256k1_pubkey containing an
  *                       initialized public key
  *           privkey:    a 32-byte scalar with which to multiply the point
- *           hashfp:     pointer to a hash function. If NULL, secp256k1_ecdh_hash_function_sha256 is used
- *           data:       Arbitrary data pointer that is passed through
  */
 SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ecdh(
   const secp256k1_context* ctx,
-  unsigned char *output,
+  unsigned char *result,
   const secp256k1_pubkey *pubkey,
-  const unsigned char *privkey,
-  secp256k1_ecdh_hash_function hashfp,
-  void *data
+  const unsigned char *privkey
 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
 
 #ifdef __cplusplus

include/secp256k1_multiset.h

@@ -0,0 +1,110 @@
+/**********************************************************************
+ * Copyright (c) 2017 Tomas van der Wansem                            *
+ * Distributed under the MIT software license, see the accompanying   *
+ * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
+ **********************************************************************/
+
+
+#ifndef _SECP256K1_MULTISET__
+# define _SECP256K1_MULTISET__
+
+# include "secp256k1.h"
+
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+
+/** Opaque multiset; this is actually a group element **/
+typedef struct {
+    unsigned char d[96];
+} secp256k1_multiset;
+
+
+
+/** Initialize a multiset
+ *  The resulting multiset the multiset for no data elements
+ *
+ *  Returns: 1: success
+ *           0: invalid parameter
+ *  Args:    ctx:      pointer to a context object (cannot be NULL)
+ *  Out:     multiset: the resulting multiset
+ */
+SECP256K1_API int secp256k1_multiset_init(
+  const secp256k1_context* ctx,
+  secp256k1_multiset *multiset
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2);
+
+
+/** Adds an element to a multiset from single data element
+ *
+ *  Returns: 1: success
+ *           0: invalid parameter
+ *  Args:    ctx:      pointer to a context object (cannot be NULL)
+ *  Out:     multiset: the multiset to update
+ *  In:      input:    the data to add
+ *           inputLen: the size of the data to add
+ */
+SECP256K1_API int secp256k1_multiset_add(
+  const secp256k1_context* ctx,
+  secp256k1_multiset *multiset,
+  const unsigned char *input,
+  size_t inputLen
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
+
+/** Removes an element from a multiset
+ *
+ *  Returns: 1: success
+ *           0: invalid parameter
+ *  Args:    ctx:      pointer to a context object (cannot be NULL)
+ *  Out:     multiset: the multiset to update
+ *  In:      input:    the data to remove
+ *           inputLen: the size of the data to remove
+ */
+SECP256K1_API int secp256k1_multiset_remove(
+  const secp256k1_context* ctx,
+  secp256k1_multiset *multiset,
+  const unsigned char *input,
+  size_t inputLen
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
+
+
+
+/** Combines two multisets
+ *
+ *  Returns: 1: success
+ *           0: invalid parameter
+ *  Args:    ctx:      pointer to a context object (cannot be NULL)
+ *  In/Out:  multiset: the multiset to which the input must be added
+ *  In:      input:    the multiset to add
+ */
+SECP256K1_API int secp256k1_multiset_combine(
+  const secp256k1_context* ctx,
+  secp256k1_multiset *multiset,
+  const secp256k1_multiset *input
+
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
+
+
+/** Converts a multiset to a hash
+ *
+ *  Returns: 1: success
+ *           0: invalid parameter
+ *  Args:    ctx:      pointer to a context object (cannot be NULL)
+ *  Out:     hash:     the resulting 32-byte hash
+ *  In:      multiset: the multiset to hash
+ */
+SECP256K1_API int secp256k1_multiset_finalize(
+  const secp256k1_context* ctx,
+  unsigned char *resultHash,
+  const secp256k1_multiset *multiset
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
+
+
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif

include/secp256k1_schnorr.h

@@ -0,0 +1,57 @@
+#ifndef _SECP256K1_SCHNORR_
+# define _SECP256K1_SCHNORR_
+
+# include "secp256k1.h"
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/**
+ * Verify a signature created by secp256k1_schnorr_sign.
+ * Returns: 1: correct signature
+ *          0: incorrect signature
+ * Args:    ctx:       a secp256k1 context object, initialized for verification.
+ * In:      sig64:     the 64-byte signature being verified (cannot be NULL)
+ *          msg32:     the 32-byte message hash being verified (cannot be NULL)
+ *          pubkey:    the public key to verify with (cannot be NULL)
+ */
+SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_schnorr_verify(
+  const secp256k1_context* ctx,
+  const unsigned char *sig64,
+  const unsigned char *msg32,
+  const secp256k1_pubkey *pubkey
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
+
+/**
+ * Create a signature using a custom EC-Schnorr-SHA256 construction. It
+ * produces non-malleable 64-byte signatures which support batch validation,
+ * and multiparty signing.
+ * Returns: 1: signature created
+ *          0: the nonce generation function failed, or the private key was
+ *             invalid.
+ * Args:    ctx:    pointer to a context object, initialized for signing
+ *                  (cannot be NULL)
+ * Out:     sig64:  pointer to a 64-byte array where the signature will be
+ *                  placed (cannot be NULL)
+ * In:      msg32:  the 32-byte message hash being signed (cannot be NULL)
+ *          seckey: pointer to a 32-byte secret key (cannot be NULL)
+ *          noncefp:pointer to a nonce generation function. If NULL,
+ *                  secp256k1_nonce_function_default is used
+ *          ndata:  pointer to arbitrary data used by the nonce generation
+ *                  function (can be NULL)
+ */
+SECP256K1_API int secp256k1_schnorr_sign(
+  const secp256k1_context *ctx,
+  unsigned char *sig64,
+  const unsigned char *msg32,
+  const unsigned char *seckey,
+  secp256k1_nonce_function noncefp,
+  const void *ndata
+) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif

src/modules/schnorr/main_impl.h

@@ -8,7 +8,8 @@
 #define SECP256K1_MODULE_SCHNORR_MAIN
 
 #include "include/secp256k1_schnorr.h"
-#include "modules/schnorr/schnorr_impl.h"
+// #include "modules/schnorr/schnorr_impl.h"
+#include "schnorr_impl.h"
 
 int secp256k1_schnorr_verify(
     const secp256k1_context* ctx,

src/modules/schnorr/schnorr.h

@@ -7,8 +7,8 @@
 #ifndef _SECP256K1_MODULE_SCHNORR_H_
 #define _SECP256K1_MODULE_SCHNORR_H_
 
-#include "scalar.h"
-#include "group.h"
+#include "../../scalar.h"
+#include "../../group.h"
 
 static int secp256k1_schnorr_sig_verify(
     const secp256k1_ecmult_context* ctx,