Make randomization of a non-signing context a noop #587
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Before this commit secp256k1_context_randomize called illegal_callback when called on a context not initialized for signing. This is not documented. Moreover, it is not desirable because non-signing contexts may use randomization in the future. This commit makes secp256k1_context_randomize a noop in this case. This is safe because the context cannot be used for signing anyway. This fixes bitcoin-core#573 and it fixes rust-bitcoin/rust-secp256k1#82.
|
I guess this seems reasonable to me. The only concern I have is minor: if someone has a signing and verifying context, this makes it easier to randomize the wrong one. |
|
utACK 6198375 |
|
Was about to NACK this PR because being explicit is better in general. However, if verification contexts can be randomized in the future, it's better to start allow to randomizing everything always. ACK 6198375 |
|
ACK |
gmaxwell
added a commit
that referenced
this pull request
Feb 21, 2019
6198375 Make randomization of a non-signing context a noop (Tim Ruffing) Pull request description: Before this commit secp256k1_context_randomize called illegal_callback when called on a context not initialized for signing. This is not documented. Moreover, it is not desirable because non-signing contexts may use randomization in the future. This commit makes secp256k1_context_randomize a noop in this case. This is safe because the context cannot be used for signing anyway. This fixes #573 and it fixes rust-bitcoin/rust-secp256k1#82. Tree-SHA512: 34ddfeb004d9da8f4a77c739fa2110544c28939378e779226da52f410a0e36b3aacb3ebd2e3f3918832a9027684c161789cfdc27a133f2f0e0f1c47e8363029c
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Before this commit secp256k1_context_randomize called illegal_callback
when called on a context not initialized for signing. This is not
documented. Moreover, it is not desirable because non-signing contexts
may use randomization in the future.
This commit makes secp256k1_context_randomize a noop in this case. This
is safe because the context cannot be used for signing anyway.
This fixes #573 and it fixes rust-bitcoin/rust-secp256k1#82.