Merge pull request #102

a099073 Enable warnings. (Gregory Maxwell)
861f9a5 field_gmp's negate doesn't need to use the magnitude argument. (Gregory Maxwell)
f0709ac Avoid forward static decl of undefined functions, also fix a paren warning in the tests. (Gregory Maxwell)
3276e7d Signed/unsigned comparisons in tests. (Gregory Maxwell)
850562e Avoid unsigned comparison in scalar arith. (Gregory Maxwell)
65a14ab Fix varrious signed/unsigned comparisons. (Gregory Maxwell)
e9e0e21 Avoid a shadowed variable. (Gregory Maxwell)
e28a8b8 Remove a VERIFY_CHECK for >=0ness on an unsigned type. (Gregory Maxwell)
2cad067 Correct function prototypes and avoid unused parameter warnings. (Gregory Maxwell)
a4a43d7 Reorder static to comply with C99 and switch to the inline macro. (Gregory Maxwell)

Makefile.am

@@ -37,7 +37,8 @@ noinst_HEADERS += src/field_5x52_int128_impl.h
 noinst_HEADERS += src/field_5x52_asm_impl.h
 noinst_HEADERS += src/java/org_bitcoin_NativeSecp256k1.h
 noinst_HEADERS += src/util.h
-noinst_HEADERS += src/util_impl.h
+noinst_HEADERS += src/testrand.h
+noinst_HEADERS += src/testrand_impl.h
 noinst_HEADERS += src/field_gmp.h
 noinst_HEADERS += src/field_gmp_impl.h
 noinst_HEADERS += src/field.h

configure.ac

@@ -39,6 +39,19 @@ case $host_os in
      ;;
 esac
 
+CFLAGS="$CFLAGS -W"
+
+warn_CFLAGS="-Wall -Wextra -Wcast-align -Wnested-externs -Wshadow -Wstrict-prototypes -Wno-unused-function"
+saved_CFLAGS="$CFLAGS"
+CFLAGS="$CFLAGS $warn_CFLAGS"
+AC_MSG_CHECKING([if ${CC} supports ${warn_CFLAGS}])
+AC_COMPILE_IFELSE([AC_LANG_SOURCE([[char foo;]])],
+    [ AC_MSG_RESULT([yes]) ],
+    [ AC_MSG_RESULT([no])
+      CFLAGS="$saved_CFLAGS"
+    ])
+
+
 AC_ARG_ENABLE(benchmark,
     AS_HELP_STRING([--enable-benchmark],[compile benchmark (default is yes)]),
     [use_benchmark=$enableval],

src/bench_inv.c

@@ -4,13 +4,15 @@
 
 #include <stdio.h>
 
+#include "include/secp256k1.h"
+
 #include "util.h"
 #include "num_impl.h"
 #include "field_impl.h"
 #include "group_impl.h"
 #include "scalar_impl.h"
 
-int main() {
+int main(void) {
     static const unsigned char init[32] = {
         0x02, 0x03, 0x05, 0x07, 0x0b, 0x0d, 0x11, 0x13,
         0x17, 0x1d, 0x1f, 0x25, 0x29, 0x2b, 0x2f, 0x35,

src/bench_sign.c

@@ -8,7 +8,7 @@
 #include "include/secp256k1.h"
 #include "util.h"
 
-int main() {
+int main(void) {
     secp256k1_start(SECP256K1_START_SIGN);
 
     unsigned char msg[32];

src/bench_verify.c

@@ -8,7 +8,7 @@
 #include "include/secp256k1.h"
 #include "util.h"
 
-int main() {
+int main(void) {
     secp256k1_start(SECP256K1_START_VERIFY);
 
     unsigned char msg[32];

src/ecdsa.h

@@ -11,11 +11,11 @@ typedef struct {
     secp256k1_num_t r, s;
 } secp256k1_ecdsa_sig_t;
 
-int static secp256k1_ecdsa_sig_parse(secp256k1_ecdsa_sig_t *r, const unsigned char *sig, int size);
-int static secp256k1_ecdsa_sig_serialize(unsigned char *sig, int *size, const secp256k1_ecdsa_sig_t *a);
-int static secp256k1_ecdsa_sig_verify(const secp256k1_ecdsa_sig_t *sig, const secp256k1_ge_t *pubkey, const secp256k1_num_t *message);
-int static secp256k1_ecdsa_sig_sign(secp256k1_ecdsa_sig_t *sig, const secp256k1_scalar_t *seckey, const secp256k1_scalar_t *message, const secp256k1_scalar_t *nonce, int *recid);
-int static secp256k1_ecdsa_sig_recover(const secp256k1_ecdsa_sig_t *sig, secp256k1_ge_t *pubkey, const secp256k1_num_t *message, int recid);
-void static secp256k1_ecdsa_sig_set_rs(secp256k1_ecdsa_sig_t *sig, const secp256k1_num_t *r, const secp256k1_num_t *s);
+static int secp256k1_ecdsa_sig_parse(secp256k1_ecdsa_sig_t *r, const unsigned char *sig, int size);
+static int secp256k1_ecdsa_sig_serialize(unsigned char *sig, int *size, const secp256k1_ecdsa_sig_t *a);
+static int secp256k1_ecdsa_sig_verify(const secp256k1_ecdsa_sig_t *sig, const secp256k1_ge_t *pubkey, const secp256k1_num_t *message);
+static int secp256k1_ecdsa_sig_sign(secp256k1_ecdsa_sig_t *sig, const secp256k1_scalar_t *seckey, const secp256k1_scalar_t *message, const secp256k1_scalar_t *nonce, int *recid);
+static int secp256k1_ecdsa_sig_recover(const secp256k1_ecdsa_sig_t *sig, secp256k1_ge_t *pubkey, const secp256k1_num_t *message, int recid);
+static void secp256k1_ecdsa_sig_set_rs(secp256k1_ecdsa_sig_t *sig, const secp256k1_num_t *r, const secp256k1_num_t *s);
 
 #endif

src/ecdsa_impl.h

@@ -12,7 +12,7 @@
 #include "ecmult_gen.h"
 #include "ecdsa.h"
 
-int static secp256k1_ecdsa_sig_parse(secp256k1_ecdsa_sig_t *r, const unsigned char *sig, int size) {
+static int secp256k1_ecdsa_sig_parse(secp256k1_ecdsa_sig_t *r, const unsigned char *sig, int size) {
     if (sig[0] != 0x30) return 0;
     int lenr = sig[3];
     if (5+lenr >= size) return 0;
@@ -28,7 +28,7 @@ int static secp256k1_ecdsa_sig_parse(secp256k1_ecdsa_sig_t *r, const unsigned ch
     return 1;
 }
 
-int static secp256k1_ecdsa_sig_serialize(unsigned char *sig, int *size, const secp256k1_ecdsa_sig_t *a) {
+static int secp256k1_ecdsa_sig_serialize(unsigned char *sig, int *size, const secp256k1_ecdsa_sig_t *a) {
     int lenR = (secp256k1_num_bits(&a->r) + 7)/8;
     if (lenR == 0 || secp256k1_num_get_bit(&a->r, lenR*8-1))
         lenR++;
@@ -49,7 +49,7 @@ int static secp256k1_ecdsa_sig_serialize(unsigned char *sig, int *size, const se
     return 1;
 }
 
-int static secp256k1_ecdsa_sig_recompute(secp256k1_num_t *r2, const secp256k1_ecdsa_sig_t *sig, const secp256k1_ge_t *pubkey, const secp256k1_num_t *message) {
+static int secp256k1_ecdsa_sig_recompute(secp256k1_num_t *r2, const secp256k1_ecdsa_sig_t *sig, const secp256k1_ge_t *pubkey, const secp256k1_num_t *message) {
     const secp256k1_ge_consts_t *c = secp256k1_ge_consts;
 
     if (secp256k1_num_is_neg(&sig->r) || secp256k1_num_is_neg(&sig->s))
@@ -83,7 +83,7 @@ int static secp256k1_ecdsa_sig_recompute(secp256k1_num_t *r2, const secp256k1_ec
     return ret;
 }
 
-int static secp256k1_ecdsa_sig_recover(const secp256k1_ecdsa_sig_t *sig, secp256k1_ge_t *pubkey, const secp256k1_num_t *message, int recid) {
+static int secp256k1_ecdsa_sig_recover(const secp256k1_ecdsa_sig_t *sig, secp256k1_ge_t *pubkey, const secp256k1_num_t *message, int recid) {
     const secp256k1_ge_consts_t *c = secp256k1_ge_consts;
 
     if (secp256k1_num_is_neg(&sig->r) || secp256k1_num_is_neg(&sig->s))
@@ -128,7 +128,7 @@ int static secp256k1_ecdsa_sig_recover(const secp256k1_ecdsa_sig_t *sig, secp256
     return 1;
 }
 
-int static secp256k1_ecdsa_sig_verify(const secp256k1_ecdsa_sig_t *sig, const secp256k1_ge_t *pubkey, const secp256k1_num_t *message) {
+static int secp256k1_ecdsa_sig_verify(const secp256k1_ecdsa_sig_t *sig, const secp256k1_ge_t *pubkey, const secp256k1_num_t *message) {
     secp256k1_num_t r2;
     secp256k1_num_init(&r2);
     int ret = 0;
@@ -137,7 +137,7 @@ int static secp256k1_ecdsa_sig_verify(const secp256k1_ecdsa_sig_t *sig, const se
     return ret;
 }
 
-int static secp256k1_ecdsa_sig_sign(secp256k1_ecdsa_sig_t *sig, const secp256k1_scalar_t *seckey, const secp256k1_scalar_t *message, const secp256k1_scalar_t *nonce, int *recid) {
+static int secp256k1_ecdsa_sig_sign(secp256k1_ecdsa_sig_t *sig, const secp256k1_scalar_t *seckey, const secp256k1_scalar_t *message, const secp256k1_scalar_t *nonce, int *recid) {
     secp256k1_gej_t rp;
     secp256k1_ecmult_gen(&rp, nonce);
     secp256k1_ge_t r;
@@ -172,7 +172,7 @@ int static secp256k1_ecdsa_sig_sign(secp256k1_ecdsa_sig_t *sig, const secp256k1_
     return 1;
 }
 
-void static secp256k1_ecdsa_sig_set_rs(secp256k1_ecdsa_sig_t *sig, const secp256k1_num_t *r, const secp256k1_num_t *s) {
+static void secp256k1_ecdsa_sig_set_rs(secp256k1_ecdsa_sig_t *sig, const secp256k1_num_t *r, const secp256k1_num_t *s) {
     secp256k1_num_copy(&sig->r, r);
     secp256k1_num_copy(&sig->s, s);
 }

src/eckey.h

@@ -9,15 +9,15 @@
 #include "scalar.h"
 #include "num.h"
 
-int static secp256k1_eckey_pubkey_parse(secp256k1_ge_t *elem, const unsigned char *pub, int size);
-void static secp256k1_eckey_pubkey_serialize(secp256k1_ge_t *elem, unsigned char *pub, int *size, int compressed);
+static int secp256k1_eckey_pubkey_parse(secp256k1_ge_t *elem, const unsigned char *pub, int size);
+static void secp256k1_eckey_pubkey_serialize(secp256k1_ge_t *elem, unsigned char *pub, int *size, int compressed);
 
-int static secp256k1_eckey_privkey_parse(secp256k1_scalar_t *key, const unsigned char *privkey, int privkeylen);
-int static secp256k1_eckey_privkey_serialize(unsigned char *privkey, int *privkeylen, const secp256k1_scalar_t *key, int compressed);
+static int secp256k1_eckey_privkey_parse(secp256k1_scalar_t *key, const unsigned char *privkey, int privkeylen);
+static int secp256k1_eckey_privkey_serialize(unsigned char *privkey, int *privkeylen, const secp256k1_scalar_t *key, int compressed);
 
-int static secp256k1_eckey_privkey_tweak_add(secp256k1_scalar_t *key, const secp256k1_scalar_t *tweak);
-int static secp256k1_eckey_pubkey_tweak_add(secp256k1_ge_t *key, const secp256k1_num_t *tweak);
-int static secp256k1_eckey_privkey_tweak_mul(secp256k1_scalar_t *key, const secp256k1_scalar_t *tweak);
-int static secp256k1_eckey_pubkey_tweak_mul(secp256k1_ge_t *key, const secp256k1_num_t *tweak);
+static int secp256k1_eckey_privkey_tweak_add(secp256k1_scalar_t *key, const secp256k1_scalar_t *tweak);
+static int secp256k1_eckey_pubkey_tweak_add(secp256k1_ge_t *key, const secp256k1_num_t *tweak);
+static int secp256k1_eckey_privkey_tweak_mul(secp256k1_scalar_t *key, const secp256k1_scalar_t *tweak);
+static int secp256k1_eckey_pubkey_tweak_mul(secp256k1_ge_t *key, const secp256k1_num_t *tweak);
 
 #endif

src/eckey_impl.h

@@ -12,7 +12,7 @@
 #include "group.h"
 #include "ecmult_gen.h"
 
-int static secp256k1_eckey_pubkey_parse(secp256k1_ge_t *elem, const unsigned char *pub, int size) {
+static int secp256k1_eckey_pubkey_parse(secp256k1_ge_t *elem, const unsigned char *pub, int size) {
     if (size == 33 && (pub[0] == 0x02 || pub[0] == 0x03)) {
         secp256k1_fe_t x;
         secp256k1_fe_set_b32(&x, pub+1);
@@ -30,7 +30,7 @@ int static secp256k1_eckey_pubkey_parse(secp256k1_ge_t *elem, const unsigned cha
     }
 }
 
-void static secp256k1_eckey_pubkey_serialize(secp256k1_ge_t *elem, unsigned char *pub, int *size, int compressed) {
+static void secp256k1_eckey_pubkey_serialize(secp256k1_ge_t *elem, unsigned char *pub, int *size, int compressed) {
     secp256k1_fe_normalize(&elem->x);
     secp256k1_fe_normalize(&elem->y);
     secp256k1_fe_get_b32(&pub[1], &elem->x);
@@ -44,7 +44,7 @@ void static secp256k1_eckey_pubkey_serialize(secp256k1_ge_t *elem, unsigned char
     }
 }
 
-int static secp256k1_eckey_privkey_parse(secp256k1_scalar_t *key, const unsigned char *privkey, int privkeylen) {
+static int secp256k1_eckey_privkey_parse(secp256k1_scalar_t *key, const unsigned char *privkey, int privkeylen) {
     const unsigned char *end = privkey + privkeylen;
     // sequence header
     if (end < privkey+1 || *privkey != 0x30)
@@ -80,7 +80,7 @@ int static secp256k1_eckey_privkey_parse(secp256k1_scalar_t *key, const unsigned
     return !overflow;
 }
 
-int static secp256k1_eckey_privkey_serialize(unsigned char *privkey, int *privkeylen, const secp256k1_scalar_t *key, int compressed) {
+static int secp256k1_eckey_privkey_serialize(unsigned char *privkey, int *privkeylen, const secp256k1_scalar_t *key, int compressed) {
     secp256k1_gej_t rp;
     secp256k1_ecmult_gen(&rp, key);
     secp256k1_ge_t r;
@@ -135,14 +135,14 @@ int static secp256k1_eckey_privkey_serialize(unsigned char *privkey, int *privke
     return 1;
 }
 
-int static secp256k1_eckey_privkey_tweak_add(secp256k1_scalar_t *key, const secp256k1_scalar_t *tweak) {
+static int secp256k1_eckey_privkey_tweak_add(secp256k1_scalar_t *key, const secp256k1_scalar_t *tweak) {
     secp256k1_scalar_add(key, key, tweak);
     if (secp256k1_scalar_is_zero(key))
         return 0;
     return 1;
 }
 
-int static secp256k1_eckey_pubkey_tweak_add(secp256k1_ge_t *key, const secp256k1_num_t *tweak) {
+static int secp256k1_eckey_pubkey_tweak_add(secp256k1_ge_t *key, const secp256k1_num_t *tweak) {
     if (secp256k1_num_cmp(tweak, &secp256k1_ge_consts->order) >= 0)
         return 0;
 
@@ -160,15 +160,15 @@ int static secp256k1_eckey_pubkey_tweak_add(secp256k1_ge_t *key, const secp256k1
     return 1;
 }
 
-int static secp256k1_eckey_privkey_tweak_mul(secp256k1_scalar_t *key, const secp256k1_scalar_t *tweak) {
+static int secp256k1_eckey_privkey_tweak_mul(secp256k1_scalar_t *key, const secp256k1_scalar_t *tweak) {
     if (secp256k1_scalar_is_zero(tweak))
         return 0;
 
     secp256k1_scalar_mul(key, key, tweak);
     return 1;
 }
 
-int static secp256k1_eckey_pubkey_tweak_mul(secp256k1_ge_t *key, const secp256k1_num_t *tweak) {
+static int secp256k1_eckey_pubkey_tweak_mul(secp256k1_ge_t *key, const secp256k1_num_t *tweak) {
     if (secp256k1_num_is_zero(tweak))
         return 0;
     if (secp256k1_num_cmp(tweak, &secp256k1_ge_consts->order) >= 0)

src/ecmult_gen_impl.h

@@ -55,7 +55,6 @@ static void secp256k1_ecmult_gen_start(void) {
     secp256k1_ge_t prec[1024];
     {
         secp256k1_gej_t precj[1024]; // Jacobian versions of prec.
-        int j = 0;
         secp256k1_gej_t gbase; gbase = gj; // 16^j * G
         secp256k1_gej_t numsbase; numsbase = nums_gej; // 2^j * nums.
         for (int j=0; j<64; j++) {
@@ -81,7 +80,7 @@ static void secp256k1_ecmult_gen_start(void) {
     for (int j=0; j<64; j++) {
         for (int i=0; i<16; i++) {
             const unsigned char* raw = (const unsigned char*)(&prec[j*16 + i]);
-            for (int k=0; k<sizeof(secp256k1_ge_t); k++)
+            for (size_t k=0; k<sizeof(secp256k1_ge_t); k++)
                 ret->prec[j][k][i] = raw[k];
         }
     }
@@ -99,14 +98,14 @@ static void secp256k1_ecmult_gen_stop(void) {
     free(c);
 }
 
-void static secp256k1_ecmult_gen(secp256k1_gej_t *r, const secp256k1_scalar_t *gn) {
+static void secp256k1_ecmult_gen(secp256k1_gej_t *r, const secp256k1_scalar_t *gn) {
     const secp256k1_ecmult_gen_consts_t *c = secp256k1_ecmult_gen_consts;
     secp256k1_gej_set_infinity(r);
     secp256k1_ge_t add;
     int bits;
     for (int j=0; j<64; j++) {
         bits = secp256k1_scalar_get_bits(gn, j * 4, 4);
-        for (int k=0; k<sizeof(secp256k1_ge_t); k++)
+        for (size_t k=0; k<sizeof(secp256k1_ge_t); k++)
             ((unsigned char*)(&add))[k] = c->prec[j][k][bits];
         secp256k1_gej_add_ge(r, r, &add);
     }

src/ecmult_impl.h

@@ -28,14 +28,14 @@
  *  To compute a*P + b*G, we use the jacobian version for P, and the affine version for G, as
  *  G is constant, so it only needs to be done once in advance.
  */
-void static secp256k1_ecmult_table_precomp_gej_var(secp256k1_gej_t *pre, const secp256k1_gej_t *a, int w) {
+static void secp256k1_ecmult_table_precomp_gej_var(secp256k1_gej_t *pre, const secp256k1_gej_t *a, int w) {
     pre[0] = *a;
     secp256k1_gej_t d; secp256k1_gej_double_var(&d, &pre[0]);
     for (int i=1; i<(1 << (w-2)); i++)
         secp256k1_gej_add_var(&pre[i], &d, &pre[i-1]);
 }
 
-void static secp256k1_ecmult_table_precomp_ge_var(secp256k1_ge_t *pre, const secp256k1_gej_t *a, int w) {
+static void secp256k1_ecmult_table_precomp_ge_var(secp256k1_ge_t *pre, const secp256k1_gej_t *a, int w) {
     const int table_size = 1 << (w-2);
     secp256k1_gej_t prej[table_size];
     prej[0] = *a;
@@ -143,7 +143,7 @@ static int secp256k1_ecmult_wnaf(int *wnaf, const secp256k1_num_t *a, int w) {
     return ret;
 }
 
-void static secp256k1_ecmult(secp256k1_gej_t *r, const secp256k1_gej_t *a, const secp256k1_num_t *na, const secp256k1_num_t *ng) {
+static void secp256k1_ecmult(secp256k1_gej_t *r, const secp256k1_gej_t *a, const secp256k1_num_t *na, const secp256k1_num_t *ng) {
     const secp256k1_ecmult_consts_t *c = secp256k1_ecmult_consts;
 
 #ifdef USE_ENDOMORPHISM