Merge pull request #351

06aeea5 Turn secp256k1_ec_pubkey_serialize outlen to in/out (Pieter Wuille)

contrib/lax_der_privatekey_parsing.c

@@ -79,6 +79,7 @@ int ec_privkey_export_der(const secp256k1_context *ctx, unsigned char *privkey,
         memcpy(ptr, begin, sizeof(begin)); ptr += sizeof(begin);
         memcpy(ptr, key32, 32); ptr += 32;
         memcpy(ptr, middle, sizeof(middle)); ptr += sizeof(middle);
+        pubkeylen = 33;
         secp256k1_ec_pubkey_serialize(ctx, ptr, &pubkeylen, &pubkey, SECP256K1_EC_COMPRESSED);
         ptr += pubkeylen;
         *privkeylen = ptr - privkey;
@@ -103,10 +104,10 @@ int ec_privkey_export_der(const secp256k1_context *ctx, unsigned char *privkey,
         memcpy(ptr, begin, sizeof(begin)); ptr += sizeof(begin);
         memcpy(ptr, key32, 32); ptr += 32;
         memcpy(ptr, middle, sizeof(middle)); ptr += sizeof(middle);
+        pubkeylen = 65;
         secp256k1_ec_pubkey_serialize(ctx, ptr, &pubkeylen, &pubkey, SECP256K1_EC_UNCOMPRESSED);
         ptr += pubkeylen;
         *privkeylen = ptr - privkey;
     }
     return 1;
 }
-

include/secp256k1.h

@@ -264,15 +264,17 @@ SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_parse(
 /** Serialize a pubkey object into a serialized byte sequence.
  *
  *  Returns: 1 always.
- *  Args: ctx:        a secp256k1 context object.
+ *  Args:   ctx:        a secp256k1 context object.
- *  Out:  output:     a pointer to a 65-byte (if compressed==0) or 33-byte (if
+ *  Out:    output:     a pointer to a 65-byte (if compressed==0) or 33-byte (if
- *                    compressed==1) byte array to place the serialized key in.
+ *                      compressed==1) byte array to place the serialized key
- *        outputlen:  a pointer to an integer which will contain the serialized
+ *                      in.
- *                    size.
+ *  In/Out: outputlen:  a pointer to an integer which is initially set to the
- *  In:   pubkey:     a pointer to a secp256k1_pubkey containing an initialized
+ *                      size of output, and is overwritten with the written
- *                    public key.
+ *                      size.
- *        flags:      SECP256K1_EC_COMPRESSED if serialization should be in
+ *  In:     pubkey:     a pointer to a secp256k1_pubkey containing an
- *                    compressed format, otherwise SECP256K1_EC_UNCOMPRESSED.
+ *                      initialized public key.
+ *          flags:      SECP256K1_EC_COMPRESSED if serialization should be in
+ *                      compressed format, otherwise SECP256K1_EC_UNCOMPRESSED.
  */
 SECP256K1_API int secp256k1_ec_pubkey_serialize(
     const secp256k1_context* ctx,

src/bench_verify.c

@@ -58,6 +58,7 @@ int main(void) {
     CHECK(secp256k1_ecdsa_sign(data.ctx, &sig, data.msg, data.key, NULL, NULL));
     CHECK(secp256k1_ecdsa_signature_serialize_der(data.ctx, data.sig, &data.siglen, &sig));
     CHECK(secp256k1_ec_pubkey_create(data.ctx, &pubkey, data.key));
+    data.pubkeylen = 33;
     CHECK(secp256k1_ec_pubkey_serialize(data.ctx, data.pubkey, &data.pubkeylen, &pubkey, SECP256K1_EC_COMPRESSED) == 1);
 
     run_benchmark("ecdsa_verify", benchmark_verify, NULL, NULL, &data, 10, 20000);

src/secp256k1.c

@@ -173,6 +173,7 @@ int secp256k1_ec_pubkey_serialize(const secp256k1_context* ctx, unsigned char *o
     (void)ctx;
     VERIFY_CHECK(ctx != NULL);
     ARG_CHECK(outputlen != NULL);
+    ARG_CHECK(*outputlen >= ((flags & SECP256K1_FLAGS_BIT_COMPRESSION) ? 33 : 65));
     len = *outputlen;
     *outputlen = 0;
     ARG_CHECK(output != NULL);