Merge bitcoin/bitcoin#33399: key: use static context for libsecp256k1 calls where applicable

1ff9e92948 key: use static context for libsecp256k1 calls where applicable (Sebastian Falbesoner) Pull request description: The dynamically created [signing context](2d6a0c4649/src/key.cpp (L19)) for libsecp256k1 calls is only needed for functions that involve generator point multiplication with a secret key, i.e. different variants of public key creation and signing. The API docs hint to those by stating "[(not secp256k1_context_static)](b475654302/include/secp256k1.h (L645))" for the context parameter. In our case that applies to the following calls: - `secp256k1_ec_pubkey_create` - `secp256k1_keypair_create` - `secp256k1_ellswift_create` - `secp256k1_ecdsa_sign` - `secp256k1_ecdsa_sign_recoverable` - `secp256k1_schnorrsig_sign32` - `ec_seckey_export_der` (not a direct secp256k1 function, but calls `secp256k1_ec_pubkey_create` inside) For all the other secp256k1 calls we can simply use the static context. This is done for consistency to other calls that already use `secp256k1_context_static`, and also to reduce dependencies on the global signing context variable. Looked closer at this in the course of reviewing #29675, where some functions used the signing context that didn't need to, avoiding a move to another module (see https://github.com/bitcoin/bitcoin/pull/29675#discussion_r2333831377). ACKs for top commit: Eunovo: ACK 1ff9e92948 furszy: ACK 1ff9e92948 rkrux: crACK 1ff9e92948 Tree-SHA512: f091efa56c358057828f3455d4ca9ce40ec0d35f3e38ab147fe3928bb5dbf7ffbc27dbf97b71937828ab95ea4e9be5f96d89a2d29e2aa18df4542aae1b33e258
2026-06-01 08:44:02 +02:00 · 2025-09-26 11:44:29 -04:00
parent 65e909dfdd 1ff9e92948
commit 7e08445449
3 changed files with 16 additions and 16 deletions
--- a/src/test/fuzz/secp256k1_ec_seckey_import_export_der.cpp
+++ b/src/test/fuzz/secp256k1_ec_seckey_import_export_der.cpp
@@ -17,22 +17,22 @@ int ec_seckey_export_der(const secp256k1_context* ctx, unsigned char* seckey, si
 FUZZ_TARGET(secp256k1_ec_seckey_import_export_der)
 {
    FuzzedDataProvider fuzzed_data_provider{buffer.data(), buffer.size()};
-    secp256k1_context* secp256k1_context_sign = secp256k1_context_create(SECP256K1_CONTEXT_NONE);
    {
        std::vector<uint8_t> out32(32);
-        (void)ec_seckey_import_der(secp256k1_context_sign, out32.data(), ConsumeFixedLengthByteVector(fuzzed_data_provider, CKey::SIZE).data(), CKey::SIZE);
+        (void)ec_seckey_import_der(secp256k1_context_static, out32.data(), ConsumeFixedLengthByteVector(fuzzed_data_provider, CKey::SIZE).data(), CKey::SIZE);
    }
    {
        std::vector<uint8_t> seckey(CKey::SIZE);
        const std::vector<uint8_t> key32 = ConsumeFixedLengthByteVector(fuzzed_data_provider, 32);
        size_t seckeylen = CKey::SIZE;
        const bool compressed = fuzzed_data_provider.ConsumeBool();
+        secp256k1_context* secp256k1_context_sign = secp256k1_context_create(SECP256K1_CONTEXT_NONE);
        const bool exported = ec_seckey_export_der(secp256k1_context_sign, seckey.data(), &seckeylen, key32.data(), compressed);
+        secp256k1_context_destroy(secp256k1_context_sign);
        if (exported) {
            std::vector<uint8_t> out32(32);
-            const bool imported = ec_seckey_import_der(secp256k1_context_sign, out32.data(), seckey.data(), seckey.size()) == 1;
+            const bool imported = ec_seckey_import_der(secp256k1_context_static, out32.data(), seckey.data(), seckey.size()) == 1;
            assert(imported && key32 == out32);
        }
    }
-    secp256k1_context_destroy(secp256k1_context_sign);
 }