Make ec_ arithmetic more consistent and add documentation


Make ec_ arithmetic more consistent and add documentation


  • Add scalar_set_b32_seckey which does the same as scalar_set_b32 and also returns whether it's a valid secret key
  • Use scalar_set_b32_seckey in ecdsa_sign, pubkey_create and seckey_verify
  • Add test for boundary conditions of scalar_set_b32 with respect to overflows
  • Return 0 if the given seckey is invalid in privkey_negate, privkey_tweak_add and privkey_tweak_mul
  • Define valid ECDSA keys in the documentation of seckey_verify
  • Mention that value is unspecified for In/Out parameters if the function returns 0
  • Rename private key to secret key in public API (with the exception of function names)
  • Make ec_privkey functions aliases for ec_seckey_negate, ec_seckey_tweak_add and ec_seckey_mul
  • Make tweak function documentation more consistent.

Do this by adding a newline after the first sentence and aligning the rest.

  • Clarify documentation of tweak functions.

In particular, mention that the functions return 0 if seckey or tweak are
invalid (as opposed to saying "should" or "must" be valid).

This is a backport of libsecp256k1 PR701

Test Plan:

ninja check-secp256k1

Reviewers: #bitcoin_abc, majcosta

Reviewed By: #bitcoin_abc, majcosta

Differential Revision: https://reviews.bitcoinabc.org/D7587


Jonas Nick <jonasd.nick@gmail.com>Authored on Dec 17 2019, 15:32
deadalnixCommitted on Sep 27 2020, 22:38
deadalnixPushed on Sep 27 2020, 22:38
Restricted Project
Differential Revision
D7587: Make ec_ arithmetic more consistent and add documentation
rABCf40fa661ac00: autoconf: Use ":" instead of "dnl" as a noop