From 993637e67ee1abb03b02a7e61529dedca12ac0be Mon Sep 17 00:00:00 2001 From: Elichai Turkel Date: Thu, 20 Jun 2019 20:37:15 -0400 Subject: [PATCH 1/7] Started adding ecc-secp256k1 for cross testing --- src/ecc_secp256k1.h | 57 +++++++++++++++++++++++++++++++++++++++++++++ src/tests.c | 37 +++++++++++++++++++++++++++++ 2 files changed, 94 insertions(+) create mode 100644 src/ecc_secp256k1.h diff --git a/src/ecc_secp256k1.h b/src/ecc_secp256k1.h new file mode 100644 index 0000000000..6019d6f9ff --- /dev/null +++ b/src/ecc_secp256k1.h @@ -0,0 +1,57 @@ +typedef struct { + uint8_t _0[64]; +} EcdsaSig; + +typedef struct { + uint8_t _0[64]; +} SchnorrSig; + +/** + * Sign an ECDSA Signature + * The message should be a hashed 32 bytes. + * Returns: + * 1 - Finished successfully. + * 0 - Failed. + */ +int ecc_secp256k1_ecdsa_sign(EcdsaSig *sig_out, + const unsigned char *msg, + const unsigned char *privkey); + +/** + * Sign a Schnorr Signature + * The message should be a hashed 32 bytes. + * Returns: + * 1 - Finished successfully. + * 0 - Failed. + */ +int ecc_secp256k1_schnorr_sign(SchnorrSig *sig_out, + const unsigned char *msg, + const unsigned char *privkey); + +/** + * Verify a ECDSA Signature + * Accepts either compressed(33) or uncompressed(6) public key. using the flag (1==compressed, 0==uncompressed). + * The message should be a hashed 32 bytes. (***Make Sure you hash the message yourself! otherwise it's easily broken***) + * Returns: + * 1 - The signature is valid. + * 0 - Signature is not valid. + * -1 - Some other problem. + */ +int secp256k1_ec_ecdsa_verify(const EcdsaSig *sig, + const unsigned char *msg, + const unsigned char *pubkey, + int compressed); + +/** + * Verify a Schnorr Signature + * Accepts either compressed(33) or uncompressed(64) public key. using the flag (1==compressed, 0==uncompressed). + * The message should be a hashed 32 bytes. (***Make Sure you hash the message yourself! otherwise it's easily broken***) + * Returns: + * 1 - The signature is valid. + * 0 - Signature is not valid. + * -1 - Some other problem. + */ +int secp256k1_ec_schnorr_verify(const SchnorrSig *sig, + const unsigned char *msg, + const unsigned char *pubkey, + int compressed); diff --git a/src/tests.c b/src/tests.c index 132df9ba9c..b7e41382f8 100644 --- a/src/tests.c +++ b/src/tests.c @@ -18,6 +18,7 @@ #include "include/secp256k1.h" #include "include/secp256k1_preallocated.h" #include "testrand_impl.h" +#include "ecc_secp256k1.h" #ifdef ENABLE_OPENSSL_TESTS #include "openssl/bn.h" @@ -4134,11 +4135,47 @@ void test_ecdsa_sign_verify(void) { CHECK(!secp256k1_ecdsa_sig_verify(&ctx->ecmult_ctx, &sigr, &sigs, &pub, &msg)); } +void test_ecdsa_sign_verify_rust(void) { + /* + TODO: get rid of EcdsaSig + TODO: Fix linking. + TODO: Add signing with ecc-secp256k1 and verifying with secp256k1. + TODO: Add get random + */ + + secp256k1_scalar msg, key; + unsigned char raw_key[32]; + unsigned char raw_msg[32]; + unsigned char raw_pubkey[65]; + size_t pubkey_len = sizeof(raw_pubkey); + secp256k1_pubkey pubkey; + secp256k1_ecdsa_signature sig; + EcdsaSig new_sig; + + random_scalar_order_test(&msg); + secp256k1_scalar_get_b32(raw_msg, &msg); + /*TODO: retry if `secp256k1_ec_seckey_verify` fails. */ + random_scalar_order_test(&key); + secp256k1_scalar_get_b32(raw_key, &key); + CHECK(secp256k1_ec_pubkey_create(ctx, &pubkey, raw_key) == 1); + secp256k1_ec_pubkey_serialize(ctx, raw_pubkey, &pubkey_len, &pubkey, SECP256K1_EC_UNCOMPRESSED); + + CHECK(secp256k1_ecdsa_sign(ctx, &sig, raw_msg, raw_key, NULL, NULL) == 1); + CHECK(secp256k1_ecdsa_verify(ctx, &sig, raw_msg, &pubkey) == 1); + secp256k1_ecdsa_signature_serialize_compact(ctx, (unsigned char*)&new_sig._0, &sig); + CHECK(secp256k1_ec_ecdsa_verify(&new_sig, raw_msg, raw_pubkey, 0) == 1); +} + + void run_ecdsa_sign_verify(void) { int i; for (i = 0; i < 10*count; i++) { test_ecdsa_sign_verify(); } + + for (i = 0; i < 10*count; i++) { + test_ecdsa_sign_verify_rust(); + } } /** Dummy nonce generation function that just uses a precomputed nonce, and fails if it is not accepted. Use only for testing. */ From 3e09aedb89876e066b49dbf11c7eda116d4d90c5 Mon Sep 17 00:00:00 2001 From: Elichai Turkel Date: Sun, 23 Jun 2019 21:52:03 -0400 Subject: [PATCH 2/7] Added ecc-secp25k61 rust naive implementation to the Makefile --- .gitignore | 1 + Makefile.am | 12 +++++++++++- configure.ac | 13 +++++++++++++ 3 files changed, 25 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 55d325aeef..8bd00f8409 100644 --- a/.gitignore +++ b/.gitignore @@ -48,3 +48,4 @@ build-aux/compile build-aux/test-driver src/stamp-h1 libsecp256k1.pc +ecc-secp256k1 \ No newline at end of file diff --git a/Makefile.am b/Makefile.am index 21df09f41f..e4de971544 100644 --- a/Makefile.am +++ b/Makefile.am @@ -161,8 +161,9 @@ gen_%.o: src/gen_%.c $(gen_context_BIN): $(gen_context_OBJECTS) $(CC_FOR_BUILD) $(CFLAGS_FOR_BUILD) $(LDFLAGS_FOR_BUILD) $^ -o $@ +ECC_SECP=libecc_secp256k1.a $(libsecp256k1_la_OBJECTS): src/ecmult_static_context.h -$(tests_OBJECTS): src/ecmult_static_context.h +$(tests_OBJECTS): src/ecmult_static_context.h $(ECC_SECP) $(bench_internal_OBJECTS): src/ecmult_static_context.h $(bench_ecmult_OBJECTS): src/ecmult_static_context.h @@ -181,3 +182,12 @@ endif if ENABLE_MODULE_RECOVERY include src/modules/recovery/Makefile.am.include endif + + +if ENABLE_RUST_NAIVETESTS +$(ECC_SECP): + git clone https://github.com/elichai/ecc-secp256k1.git -b v0.1.0 2> /dev/null | true + cd ecc-secp256k1 && cargo build --release --features=ffi + cp ./ecc-secp256k1/target/release/libecc_secp256k1.a . + cp ./ecc-secp256k1/ecc_secp256k1.h ./src/ +endif \ No newline at end of file diff --git a/configure.ac b/configure.ac index b8340b7de1..09be339c57 100644 --- a/configure.ac +++ b/configure.ac @@ -104,6 +104,11 @@ AC_ARG_ENABLE(openssl_tests, [enable_openssl_tests=$enableval], [enable_openssl_tests=auto]) +AC_ARG_ENABLE(rust_naivetests, + AS_HELP_STRING([--enable-rust-naivetests],[enable tests against naive rust implementation [default=auto]]), + [enable_rust_naivetests=$enableval], + [enable_rust_naivetests=auto]) + AC_ARG_ENABLE(experimental, AS_HELP_STRING([--enable-experimental],[allow experimental configure options [default=no]]), [use_experimental=$enableval], @@ -442,10 +447,17 @@ if test x"$use_tests" = x"yes"; then AC_MSG_ERROR([OpenSSL tests requested but OpenSSL with EC support is not available]) fi fi + if test x"$enable_rust_naivetests" != x"no"; then + AC_DEFINE(ENABLE_RUST_NAIVETESTS, 1, [Define this symbol if you want to build the rust tests]) + SECP_TEST_LIBS="$SECP_TEST_LIBS -ldl -lpthread -lm -lecc_secp256k1 -L." + fi else if test x"$enable_openssl_tests" = x"yes"; then AC_MSG_ERROR([OpenSSL tests requested but tests are not enabled]) fi + if test x"$enable_rust_naivetests" = x"yes"; then + AC_MSG_ERROR([Rust naiveTests requested but tests are not enabled]) + fi fi if test x"$use_jni" != x"no"; then @@ -534,6 +546,7 @@ AM_CONDITIONAL([ENABLE_MODULE_RECOVERY], [test x"$enable_module_recovery" = x"ye AM_CONDITIONAL([USE_JNI], [test x"$use_jni" = x"yes"]) AM_CONDITIONAL([USE_EXTERNAL_ASM], [test x"$use_external_asm" = x"yes"]) AM_CONDITIONAL([USE_ASM_ARM], [test x"$set_asm" = x"arm"]) +AM_CONDITIONAL([ENABLE_RUST_NAIVETESTS], [test x"$enable_rust_naivetests" != x"no"]) dnl make sure nothing new is exported so that we don't break the cache PKGCONFIG_PATH_TEMP="$PKG_CONFIG_PATH" From 6cca82441cbd7a6a32e26707c7c839ad4e9a45d9 Mon Sep 17 00:00:00 2001 From: Elichai Turkel Date: Sun, 23 Jun 2019 21:53:28 -0400 Subject: [PATCH 3/7] Updated the ecc_secp256k1 headers --- src/ecc_secp256k1.h | 64 ++++++++++++++++++++++++--------------------- 1 file changed, 34 insertions(+), 30 deletions(-) diff --git a/src/ecc_secp256k1.h b/src/ecc_secp256k1.h index 6019d6f9ff..e6ec981bde 100644 --- a/src/ecc_secp256k1.h +++ b/src/ecc_secp256k1.h @@ -1,57 +1,61 @@ -typedef struct { - uint8_t _0[64]; -} EcdsaSig; - -typedef struct { - uint8_t _0[64]; -} SchnorrSig; - /** * Sign an ECDSA Signature * The message should be a hashed 32 bytes. + * Input: msg -> pointer to 32 bytes message. + * privkey -> pointer to 32 bytes private key. + * Output: sig_out -> pointer to a 64 bytes buffer. * Returns: * 1 - Finished successfully. * 0 - Failed. */ -int ecc_secp256k1_ecdsa_sign(EcdsaSig *sig_out, +int ecc_secp256k1_ecdsa_sign(unsigned char *sig_out, const unsigned char *msg, const unsigned char *privkey); +/** + * Verify a ECDSA Signature + * Accepts either compressed(33 btes) or uncompressed(65 bytes) public key. using the flag (1==compressed, 0==uncompressed). + * Input: sig -> pointer to 64 bytes signature. + * msg -> 32 bytes result of a hash. (***Make Sure you hash the message yourself! otherwise it's easily broken***) + * pubkey -> pointer to 33 or 65 bytes pubkey depending on the compressed flag. + * compressed -> 1 for compressed, 0 for uncompressed. + * Returns: + * 1 - The signature is valid. + * 0 - Signature is not valid. + * -1 - Some other problem. + */ +int ecc_secp256k1_ecdsa_verify(const unsigned char *sig, + const unsigned char *msg, + const unsigned char *pubkey, + int compressed); + /** * Sign a Schnorr Signature * The message should be a hashed 32 bytes. + * Input: msg -> pointer to 32 bytes message. + * privkey -> pointer to 32 bytes private key. + * Output: sig_out -> pointer to a 64 bytes buffer. * Returns: * 1 - Finished successfully. * 0 - Failed. */ -int ecc_secp256k1_schnorr_sign(SchnorrSig *sig_out, +int ecc_secp256k1_schnorr_sign(unsigned char *sig_out, const unsigned char *msg, const unsigned char *privkey); -/** - * Verify a ECDSA Signature - * Accepts either compressed(33) or uncompressed(6) public key. using the flag (1==compressed, 0==uncompressed). - * The message should be a hashed 32 bytes. (***Make Sure you hash the message yourself! otherwise it's easily broken***) - * Returns: - * 1 - The signature is valid. - * 0 - Signature is not valid. - * -1 - Some other problem. - */ -int secp256k1_ec_ecdsa_verify(const EcdsaSig *sig, - const unsigned char *msg, - const unsigned char *pubkey, - int compressed); - /** * Verify a Schnorr Signature - * Accepts either compressed(33) or uncompressed(64) public key. using the flag (1==compressed, 0==uncompressed). - * The message should be a hashed 32 bytes. (***Make Sure you hash the message yourself! otherwise it's easily broken***) + * Accepts either compressed(33 btes) or uncompressed(65 bytes) public key. using the flag (1==compressed, 0==uncompressed). + * Input: sig -> pointer to 64 bytes signature. + * msg -> 32 bytes result of a hash. (***Make Sure you hash the message yourself! otherwise it's easily broken***) + * pubkey -> pointer to 33 or 65 bytes pubkey depending on the compressed flag. + * compressed -> 1 for compressed, 0 for uncompressed. * Returns: * 1 - The signature is valid. * 0 - Signature is not valid. * -1 - Some other problem. */ -int secp256k1_ec_schnorr_verify(const SchnorrSig *sig, - const unsigned char *msg, - const unsigned char *pubkey, - int compressed); +int ecc_secp256k1_schnorr_verify(const unsigned char *sig, + const unsigned char *msg, + const unsigned char *pubkey, + int compressed); From c69d5ee60b59398a0d726646044c677ab5520526 Mon Sep 17 00:00:00 2001 From: Elichai Turkel Date: Sun, 23 Jun 2019 21:53:59 -0400 Subject: [PATCH 4/7] Updated the rust ecc-secp256k1 tests and added signing tests --- src/tests.c | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/src/tests.c b/src/tests.c index b7e41382f8..de44a32401 100644 --- a/src/tests.c +++ b/src/tests.c @@ -4136,34 +4136,35 @@ void test_ecdsa_sign_verify(void) { } void test_ecdsa_sign_verify_rust(void) { - /* - TODO: get rid of EcdsaSig - TODO: Fix linking. - TODO: Add signing with ecc-secp256k1 and verifying with secp256k1. - TODO: Add get random - */ secp256k1_scalar msg, key; unsigned char raw_key[32]; unsigned char raw_msg[32]; unsigned char raw_pubkey[65]; + unsigned char raw_sig[64]; size_t pubkey_len = sizeof(raw_pubkey); secp256k1_pubkey pubkey; secp256k1_ecdsa_signature sig; - EcdsaSig new_sig; random_scalar_order_test(&msg); - secp256k1_scalar_get_b32(raw_msg, &msg); - /*TODO: retry if `secp256k1_ec_seckey_verify` fails. */ random_scalar_order_test(&key); + + secp256k1_scalar_get_b32(raw_msg, &msg); secp256k1_scalar_get_b32(raw_key, &key); + CHECK(secp256k1_ec_pubkey_create(ctx, &pubkey, raw_key) == 1); secp256k1_ec_pubkey_serialize(ctx, raw_pubkey, &pubkey_len, &pubkey, SECP256K1_EC_UNCOMPRESSED); - + /* Sign with secp256k1 */ CHECK(secp256k1_ecdsa_sign(ctx, &sig, raw_msg, raw_key, NULL, NULL) == 1); CHECK(secp256k1_ecdsa_verify(ctx, &sig, raw_msg, &pubkey) == 1); - secp256k1_ecdsa_signature_serialize_compact(ctx, (unsigned char*)&new_sig._0, &sig); - CHECK(secp256k1_ec_ecdsa_verify(&new_sig, raw_msg, raw_pubkey, 0) == 1); + secp256k1_ecdsa_signature_serialize_compact(ctx, raw_sig, &sig); + /* Verify with ecc-secp256k1(rust) */ + CHECK(ecc_secp256k1_ecdsa_verify(raw_sig, raw_msg, raw_pubkey, 0) == 1); + /* Sign with ecc-secp256k1(rust) */ + CHECK(ecc_secp256k1_ecdsa_sign(raw_sig, raw_msg, raw_key) == 1); + /* Verify with secp256k1 */ + CHECK(secp256k1_ecdsa_signature_parse_compact(ctx, &sig, raw_sig) == 1); + CHECK(secp256k1_ecdsa_verify(ctx, &sig, raw_msg, &pubkey) == 1); } From 44fd9c67da4c2e554cdd6abceae5e98ca5f3e9b8 Mon Sep 17 00:00:00 2001 From: Elichai Turkel Date: Mon, 24 Jun 2019 10:00:01 -0400 Subject: [PATCH 5/7] Added cleanup and ifdefs for naive tests --- .gitignore | 2 +- Makefile.am | 12 +++++++----- configure.ac | 2 +- src/tests.c | 22 ++++++++++++++++++---- 4 files changed, 27 insertions(+), 11 deletions(-) diff --git a/.gitignore b/.gitignore index 8bd00f8409..1a085126ea 100644 --- a/.gitignore +++ b/.gitignore @@ -48,4 +48,4 @@ build-aux/compile build-aux/test-driver src/stamp-h1 libsecp256k1.pc -ecc-secp256k1 \ No newline at end of file +ecc-secp256k1 diff --git a/Makefile.am b/Makefile.am index e4de971544..66334bfa14 100644 --- a/Makefile.am +++ b/Makefile.am @@ -161,9 +161,9 @@ gen_%.o: src/gen_%.c $(gen_context_BIN): $(gen_context_OBJECTS) $(CC_FOR_BUILD) $(CFLAGS_FOR_BUILD) $(LDFLAGS_FOR_BUILD) $^ -o $@ -ECC_SECP=libecc_secp256k1.a +NAIVE_SECP=ecc-secp256k1 $(libsecp256k1_la_OBJECTS): src/ecmult_static_context.h -$(tests_OBJECTS): src/ecmult_static_context.h $(ECC_SECP) +$(tests_OBJECTS): src/ecmult_static_context.h $(NAIVE_SECP) $(bench_internal_OBJECTS): src/ecmult_static_context.h $(bench_ecmult_OBJECTS): src/ecmult_static_context.h @@ -185,9 +185,11 @@ endif if ENABLE_RUST_NAIVETESTS -$(ECC_SECP): +$(NAIVE_SECP): git clone https://github.com/elichai/ecc-secp256k1.git -b v0.1.0 2> /dev/null | true cd ecc-secp256k1 && cargo build --release --features=ffi - cp ./ecc-secp256k1/target/release/libecc_secp256k1.a . cp ./ecc-secp256k1/ecc_secp256k1.h ./src/ -endif \ No newline at end of file + +clean-local: + cargo clean --manifest-path="./ecc-secp256k1/Cargo.toml" 2> /dev/null | true +endif diff --git a/configure.ac b/configure.ac index 09be339c57..97eff0cd26 100644 --- a/configure.ac +++ b/configure.ac @@ -449,7 +449,7 @@ if test x"$use_tests" = x"yes"; then fi if test x"$enable_rust_naivetests" != x"no"; then AC_DEFINE(ENABLE_RUST_NAIVETESTS, 1, [Define this symbol if you want to build the rust tests]) - SECP_TEST_LIBS="$SECP_TEST_LIBS -ldl -lpthread -lm -lecc_secp256k1 -L." + SECP_TEST_LIBS="$SECP_TEST_LIBS -ldl -lpthread -lm -lecc_secp256k1 -L./ecc-secp256k1/target/release" fi else if test x"$enable_openssl_tests" = x"yes"; then diff --git a/src/tests.c b/src/tests.c index de44a32401..3ab6c1fd00 100644 --- a/src/tests.c +++ b/src/tests.c @@ -18,7 +18,10 @@ #include "include/secp256k1.h" #include "include/secp256k1_preallocated.h" #include "testrand_impl.h" + +#ifdef ENABLE_RUST_NAIVETESTS #include "ecc_secp256k1.h" +#endif #ifdef ENABLE_OPENSSL_TESTS #include "openssl/bn.h" @@ -4135,6 +4138,7 @@ void test_ecdsa_sign_verify(void) { CHECK(!secp256k1_ecdsa_sig_verify(&ctx->ecmult_ctx, &sigr, &sigs, &pub, &msg)); } +#ifdef ENABLE_RUST_NAIVETESTS void test_ecdsa_sign_verify_rust(void) { secp256k1_scalar msg, key; @@ -4168,15 +4172,21 @@ void test_ecdsa_sign_verify_rust(void) { } +void run_ecdsa_sign_verify_rust(void) { + int i; + for (i = 0; i < 10*count; i++) { + test_ecdsa_sign_verify_rust(); + } +} + +#endif + + void run_ecdsa_sign_verify(void) { int i; for (i = 0; i < 10*count; i++) { test_ecdsa_sign_verify(); } - - for (i = 0; i < 10*count; i++) { - test_ecdsa_sign_verify_rust(); - } } /** Dummy nonce generation function that just uses a precomputed nonce, and fails if it is not accepted. Use only for testing. */ @@ -5328,6 +5338,10 @@ int main(int argc, char **argv) { run_recovery_tests(); #endif +#ifdef ENABLE_RUST_NAIVETESTS + run_ecdsa_sign_verify_rust(); +#endif + secp256k1_rand256(run32); printf("random run = %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", run32[0], run32[1], run32[2], run32[3], run32[4], run32[5], run32[6], run32[7], run32[8], run32[9], run32[10], run32[11], run32[12], run32[13], run32[14], run32[15]); From b0c6f80aad32a42f3caa2ae9a677f7e0b64f9916 Mon Sep 17 00:00:00 2001 From: Elichai Turkel Date: Mon, 24 Jun 2019 11:22:15 -0400 Subject: [PATCH 6/7] Added rust to travis and fixed the makefile --- .travis.yml | 4 ++-- Makefile.am | 17 +++++++++++++---- configure.ac | 3 ++- 3 files changed, 17 insertions(+), 7 deletions(-) diff --git a/.travis.yml b/.travis.yml index 74f658f4d1..782eda8694 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,4 +1,4 @@ -language: c +language: rust os: linux addons: apt: @@ -65,4 +65,4 @@ before_script: ./autogen.sh script: - if [ -n "$HOST" ]; then export USE_HOST="--host=$HOST"; fi - if [ "x$HOST" = "xi686-linux-gnu" ]; then export CC="$CC -m32"; fi - - ./configure --enable-experimental=$EXPERIMENTAL --enable-endomorphism=$ENDOMORPHISM --with-field=$FIELD --with-bignum=$BIGNUM --with-scalar=$SCALAR --enable-ecmult-static-precomputation=$STATICPRECOMPUTATION --enable-module-ecdh=$ECDH --enable-module-recovery=$RECOVERY --enable-jni=$JNI $EXTRAFLAGS $USE_HOST && make -j2 $BUILD + - ./configure --enable-experimental=$EXPERIMENTAL --enable-endomorphism=$ENDOMORPHISM --with-field=$FIELD --with-bignum=$BIGNUM --with-scalar=$SCALAR --enable-ecmult-static-precomputation=$STATICPRECOMPUTATION --enable-module-ecdh=$ECDH --enable-module-recovery=$RECOVERY --enable-jni=$JNI $EXTRAFLAGS $USE_HOST && make -j2 V=1 $BUILD diff --git a/Makefile.am b/Makefile.am index 66334bfa14..0a34213d53 100644 --- a/Makefile.am +++ b/Makefile.am @@ -57,6 +57,9 @@ noinst_HEADERS += contrib/lax_der_parsing.c noinst_HEADERS += contrib/lax_der_privatekey_parsing.h noinst_HEADERS += contrib/lax_der_privatekey_parsing.c +NAIVE_SECP=ecc-secp256k1 + + if USE_EXTERNAL_ASM COMMON_LIB = libsecp256k1_common.la noinst_LTLIBRARIES = $(COMMON_LIB) @@ -103,7 +106,7 @@ tests_CPPFLAGS = -DSECP256K1_BUILD -I$(top_srcdir)/src -I$(top_srcdir)/include $ if !ENABLE_COVERAGE tests_CPPFLAGS += -DVERIFY endif -tests_LDADD = $(SECP_LIBS) $(SECP_TEST_LIBS) $(COMMON_LIB) +tests_LDADD = $(SECP_LIBS) $(SECP_TEST_LIBS) $(COMMON_LIB) $(SECP_TEST_ONLY_LIBS) tests_LDFLAGS = -static TESTS += tests endif @@ -150,6 +153,8 @@ check-java: libsecp256k1.la $(JAVA_GUAVA) .stamp-java endif endif + +TESTS_OBJS = if USE_ECMULT_STATIC_PRECOMPUTATION CPPFLAGS_FOR_BUILD +=-I$(top_srcdir) @@ -161,9 +166,8 @@ gen_%.o: src/gen_%.c $(gen_context_BIN): $(gen_context_OBJECTS) $(CC_FOR_BUILD) $(CFLAGS_FOR_BUILD) $(LDFLAGS_FOR_BUILD) $^ -o $@ -NAIVE_SECP=ecc-secp256k1 $(libsecp256k1_la_OBJECTS): src/ecmult_static_context.h -$(tests_OBJECTS): src/ecmult_static_context.h $(NAIVE_SECP) +TESTS_OBJS += src/ecmult_static_context.h $(bench_internal_OBJECTS): src/ecmult_static_context.h $(bench_ecmult_OBJECTS): src/ecmult_static_context.h @@ -185,11 +189,16 @@ endif if ENABLE_RUST_NAIVETESTS +TESTS_OBJS += $(NAIVE_SECP) $(NAIVE_SECP): + @echo "IMPORTANT" git clone https://github.com/elichai/ecc-secp256k1.git -b v0.1.0 2> /dev/null | true - cd ecc-secp256k1 && cargo build --release --features=ffi + cd ecc-secp256k1 && RUSTFLAGS="-C opt-level=0" cargo build --release --features=ffi # No need for optimizations. tests only. cp ./ecc-secp256k1/ecc_secp256k1.h ./src/ + clean-local: cargo clean --manifest-path="./ecc-secp256k1/Cargo.toml" 2> /dev/null | true endif + +$(tests_OBJECTS): $(TESTS_OBJS) diff --git a/configure.ac b/configure.ac index 97eff0cd26..388e7f94d2 100644 --- a/configure.ac +++ b/configure.ac @@ -449,7 +449,7 @@ if test x"$use_tests" = x"yes"; then fi if test x"$enable_rust_naivetests" != x"no"; then AC_DEFINE(ENABLE_RUST_NAIVETESTS, 1, [Define this symbol if you want to build the rust tests]) - SECP_TEST_LIBS="$SECP_TEST_LIBS -ldl -lpthread -lm -lecc_secp256k1 -L./ecc-secp256k1/target/release" + SECP_TEST_ONLY_LIBS="$SECP_TEST_ONLY_LIBS -lecc_secp256k1 -ldl -lpthread -lm -L./ecc-secp256k1/target/release" fi else if test x"$enable_openssl_tests" = x"yes"; then @@ -535,6 +535,7 @@ AC_SUBST(JNI_INCLUDES) AC_SUBST(SECP_INCLUDES) AC_SUBST(SECP_LIBS) AC_SUBST(SECP_TEST_LIBS) +AC_SUBST(SECP_TEST_ONLY_LIBS) AC_SUBST(SECP_TEST_INCLUDES) AM_CONDITIONAL([ENABLE_COVERAGE], [test x"$enable_coverage" = x"yes"]) AM_CONDITIONAL([USE_TESTS], [test x"$use_tests" != x"no"]) From 542840742c1b26867dbcf5c184c353f0798b3c51 Mon Sep 17 00:00:00 2001 From: Elichai Turkel Date: Tue, 25 Jun 2019 10:46:51 -0400 Subject: [PATCH 7/7] Added sha2 verification for ecc-secp256k1 rust lib --- Makefile.am | 4 +++- ecc-secp256k1.tar.gz.sha256 | 1 + 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 ecc-secp256k1.tar.gz.sha256 diff --git a/Makefile.am b/Makefile.am index 0a34213d53..21abbe3c5d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -192,7 +192,9 @@ if ENABLE_RUST_NAIVETESTS TESTS_OBJS += $(NAIVE_SECP) $(NAIVE_SECP): @echo "IMPORTANT" - git clone https://github.com/elichai/ecc-secp256k1.git -b v0.1.0 2> /dev/null | true + wget -O ecc-secp256k1.tar.gz https://github.com/elichai/ecc-secp256k1/archive/v0.2.0.tar.gz + sha256sum -c --status ecc-secp256k1.tar.gz.sha256 # Should fail the building if doesn't pass + tar xf ecc-secp256k1.tar.gz && mv ecc-secp256k1-0.2.0 ecc-secp256k1 cd ecc-secp256k1 && RUSTFLAGS="-C opt-level=0" cargo build --release --features=ffi # No need for optimizations. tests only. cp ./ecc-secp256k1/ecc_secp256k1.h ./src/ diff --git a/ecc-secp256k1.tar.gz.sha256 b/ecc-secp256k1.tar.gz.sha256 new file mode 100644 index 0000000000..de7fedfdab --- /dev/null +++ b/ecc-secp256k1.tar.gz.sha256 @@ -0,0 +1 @@ +5df36775e75973184332352108340a033cc8971c37f91bed7986e7a18b18a387 ecc-secp256k1.tar.gz