Page MenuHomePhabricator

Make ec_ arithmetic more consistent and add documentation

Authored by deadalnix on Sep 27 2020, 21:42.


  • Add scalar_set_b32_seckey which does the same as scalar_set_b32 and also returns whether it's a valid secret key
  • Use scalar_set_b32_seckey in ecdsa_sign, pubkey_create and seckey_verify
  • Add test for boundary conditions of scalar_set_b32 with respect to overflows
  • Return 0 if the given seckey is invalid in privkey_negate, privkey_tweak_add and privkey_tweak_mul
  • Define valid ECDSA keys in the documentation of seckey_verify
  • Mention that value is unspecified for In/Out parameters if the function returns 0
  • Rename private key to secret key in public API (with the exception of function names)
  • Make ec_privkey functions aliases for ec_seckey_negate, ec_seckey_tweak_add and ec_seckey_mul
  • Make tweak function documentation more consistent.

Do this by adding a newline after the first sentence and aligning the rest.

  • Clarify documentation of tweak functions.

In particular, mention that the functions return 0 if seckey or tweak are
invalid (as opposed to saying "should" or "must" be valid).

This is a backport of libsecp256k1 PR701

Test Plan
ninja check-secp256k1

Diff Detail

rABC Bitcoin ABC
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

[Bot Message]
One or more PR numbers were detected in the summary.
Links to those PRs have been inserted into the summary for reference.

This revision is now accepted and ready to land.Sep 27 2020, 22:28