mirror of
https://github.com/bitcoin/bitcoin.git
synced 2026-01-19 06:43:45 +01:00
1d84107924
2bfb82bMerge pull request #35106aeea5Turn secp256k1_ec_pubkey_serialize outlen to in/out970164dMerge pull request #3486466625Improvements for coordinate decompressione2100adMerge pull request #3478e48787Change secp256k1_ec_pubkey_combine's count argument to size_t.c69dea0Clear output in more cases for pubkey_combine, adds tests.269d422Comment copyediting.b4d17daMerge pull request #3444709265Merge pull request #34526abce7Adds 32 static test vectors for scalar mul, sqr, inv.5b71a3fBetter error case handling for pubkey_create & pubkey_serialize, more tests.3b7bc69Merge pull request #343eed87afChange contrib/laxder from headers-only to files compilable as standalone Cd7eb1aeMerge pull request #3427914a6eMake lax_der_privatekey_parsing.h not depend on internal code73f64ffMerge pull request #3399234391Overhaul flags handling1a36898Make flags more explicit, add runtime checks.1a3e03aMerge pull request #34096be204Add additional tests for eckey and arg-checks.bb5aa4dMake the tweak function zeroize-output-on-fail behavior consistent.4a243daMove secp256k1_ec_privkey_import/export to contrib.1b3efc1Move secp256k1_ecdsa_sig_recover into the recovery module.e3cd679Eliminate all side-effects from VERIFY_CHECK() usage.b30fc85Avoid nonce_function_rfc6979 algo16 argument emulation.70d4640Make secp256k1_ec_pubkey_create skip processing invalid secret keys.6c476a8Minor comment improvements.131afe5Merge pull request #3340c6ab2fIntroduce explicit lower-S normalizationfea19e7Add contrib/lax_der_parsing.h3bb9c44Rewrite ECDSA signature parsing codefa57f1bUse secp256k1_rand_int and secp256k1_rand_bits more49b3749Add new tests for the extra testrand functionsf684d7dFaster secp256k1_rand_int implementation251b1a6Improve testrand: add extra random functions31994c8Merge pull request #338f79aa88Bugfix: swap arguments to noncefpc98df26Merge pull request #31967f7da4Extensive interface and operations tests for secp256k1_ec_pubkey_parse.ee2cb40Add ARG_CHECKs to secp256k1_ec_pubkey_parse/secp256k1_ec_pubkey_serialize7450ef1Merge pull request #32868a3c76Merge pull request #32998135eeMerge pull request #33237100d7improve ECDH header-docb13d749Fix couple of typos in API comments7c823e3travis: fixup module configscc3141aMerge pull request #325ee58faeMerge pull request #326213aa67Do not force benchmarks to be statically linked.338fc8bAdd API exports to secp256k1_nonce_function_default and secp256k1_nonce_function_rfc6979.52fd03fMerge pull request #3209f6993fRemove some dead code.357f8cdMerge pull request #314118cd82Use explicit symbol visibility.4e64608Include public module headers when compiling modules.1f41437Merge pull request #316fe0d463Merge pull request #317cfe0ed9Fix miscellaneous style nits that irritate overactive static analysis.2b199deUse the explicit NULL macro for pointer comparisons.9e90516Merge pull request #294dd891e0Get rid of _t as it is POSIX reserved201819bMerge pull request #313912f203Eliminate a few unbraced statements that crept into the code.eeab823Merge pull request #299486b9bbUse a flags bitfield for compressed option to secp256k1_ec_pubkey_serialize and secp256k1_ec_privkey_export05732c5Callback data: Accept pointers to either const or non-const data1973c73Bugfix: Reinitialise buffer lengths that have been used as outputs788038dUse size_t for lengths (at least in external API)c9d7c2asecp256k1_context_set_{error,illegal}_callback: Restore default handler by passing NULL as function argument9aac008secp256k1_context_destroy: Allow NULL argument as a no-op64b730bsecp256k1_context_create: Use unsigned type for flags bitfieldcb04ab5Merge pull request #309a551669Merge pull request #29581e45ffUpdate group_impl.h85e3a2cMerge pull request #112b2eb63bMerge pull request #293dc0ce9f[API BREAK] Change argument order to out/outin/in6d947caMerge pull request #298c822693Merge pull request #3016d04350Merge pull request #3037ab311cMerge pull request #3045fb3229Fixes a bug where bench_sign would fail due to passing in too small a buffer.263dcbcremove unused assignmentb183b41bugfix: "ARG_CHECK(ctx != NULL)" makes no sense6da1446build: fix parallel build5eb4356Merge pull request #291c996d53Print success9f443beMove pubkey recovery code to separate moduled49abbdSeparate ECDSA recovery tests439d34aSeparate recoverable and normal signaturesa7b046eMerge pull request #289f66907fImprove/reformat API documentation secp256k1.h2f77487Add context building benchmarkscc623d5Merge pull request #287de7e398small typo fix9d96e36Merge pull request #280432e1ceMerge pull request #28314727fdUse correct name in gitignore356b0e9Actually test static precomputation in Travisff3a5dfMerge pull request #2842587208Merge pull request #212a5a66c7Add support for custom EC-Schnorr-SHA256 signaturesd84a378Merge pull request #25272ae443Improve perf. of cmov-based table lookup92e53fcImplement endomorphism optimization for secp256k1_ecmult_consted35d43Make `secp256k1_scalar_add_bit` conditional; make `secp256k1_scalar_split_lambda_var` constant time91c0ce9Add benchmarks for ECDH and const-time multiplication0739bbbAdd ECDH module which works by hashing the output of ecmult_const4401500Add constant-time multiply `secp256k1_ecmult_const` for ECDHe4ce393build: fix hard-coded usage of "gen_context"b8e39acbuild: don't use BUILT_SOURCES for the static context headerbaa75datests: add a couple testsae4f0c6Merge pull request #278995c548Introduce callback functions for dealing with errors.c333074Merge pull request #28218c329cRemove the internal secp256k1_ecdsa_sig_t type74a2acdAdd a secp256k1_ecdsa_signature_t type23cfa91Introduce secp256k1_pubkey_t type4c63780Merge pull request #2693e6f1e2Change rfc6979 implementation to be a generic PRNGed5334aUpdate configure.ac to make it build on OpenBSD1b68366Merge pull request #274a83bb48Make ecmult static precomputation default166b32fMerge pull request #276c37812fAdd gen_context src/ecmult_static_context.h to CLEANFILES to fix distclean.125c15dMerge pull request #27576f6769Fix build with static ecmult altroot and make dist.5133f78Merge pull request #254b0a60e6Merge pull request #258733c1e6Add travis build to test the static context.fbecc38Add ability to use a statically generated ecmult context.4fb174dMerge pull request #263 4ab8990 Merge pull request #270bdf0e0cMerge pull request #27131d0c1fMerge pull request #273eb2c8ffAdd missing casts to SECP256K1_FE_CONST_INNER55399c2Further performance improvements to _ecmult_wnaf99fd963Add secp256k1_ec_pubkey_compress(), with test similar to the related decompress() function.145cc6eImprove performance of _ecmult_wnaf36b305aVerify the result of GMP modular inverse using non-GMP code0cbc860Merge pull request #26606ff7feMerge pull request #2675a43124Save 1 _fe_negate since s1 == -s2a5d796eUpdate code comments3f3964eAdd specific VERIFY tests for _fe_cmov7d054cdRefactor to save a _fe_negateb28d02aRefactor to remove a local var55e7fc3Perf. improvement in _gej_add_gea0601cdFix VERIFY calculations in _fe_cmov methods17f7148Merge pull request #2617657420Add tests for adding P+Q with P.x!=Q.x and P.y=-Q.y8c5d5f7tests: Add failing unit test for #257 (bad addition formula)5de4c5dgej_add_ge: fix degenerate case when computing P + (-lambda)Pbcf2fcfgej_add_ge: rearrange algebrae2a07c7Fix compilation with C++873a453Merge pull request #25091eb0daMerge pull request #247210ffedUse separate in and out pointers in `secp256k1_ec_pubkey_decompress`a1d5ae1Tiny optimization729badfMerge pull request #2102d5a186Apply effective-affine trick to precomp4f9791aEffective affine addition in EC multiplication2b4cf41Use pkg-config always when possible, with failover to manual checks for libcrypto git-subtree-dir: src/secp256k1 git-subtree-split:2bfb82b10e
167 lines
5.0 KiB
C++
167 lines
5.0 KiB
C++
// Copyright (c) 2009-2010 Satoshi Nakamoto
|
|
// Copyright (c) 2009-2013 The Bitcoin Core developers
|
|
// Distributed under the MIT software license, see the accompanying
|
|
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
|
|
|
#ifndef BITCOIN_HASH_H
|
|
#define BITCOIN_HASH_H
|
|
|
|
#include "crypto/ripemd160.h"
|
|
#include "crypto/sha256.h"
|
|
#include "serialize.h"
|
|
#include "uint256.h"
|
|
#include "version.h"
|
|
|
|
#include <vector>
|
|
|
|
typedef uint256 ChainCode;
|
|
|
|
/** A hasher class for Bitcoin's 256-bit hash (double SHA-256). */
|
|
class CHash256 {
|
|
private:
|
|
CSHA256 sha;
|
|
public:
|
|
static const size_t OUTPUT_SIZE = CSHA256::OUTPUT_SIZE;
|
|
|
|
void Finalize(unsigned char hash[OUTPUT_SIZE]) {
|
|
unsigned char buf[sha.OUTPUT_SIZE];
|
|
sha.Finalize(buf);
|
|
sha.Reset().Write(buf, sha.OUTPUT_SIZE).Finalize(hash);
|
|
}
|
|
|
|
CHash256& Write(const unsigned char *data, size_t len) {
|
|
sha.Write(data, len);
|
|
return *this;
|
|
}
|
|
|
|
CHash256& Reset() {
|
|
sha.Reset();
|
|
return *this;
|
|
}
|
|
};
|
|
|
|
/** A hasher class for Bitcoin's 160-bit hash (SHA-256 + RIPEMD-160). */
|
|
class CHash160 {
|
|
private:
|
|
CSHA256 sha;
|
|
public:
|
|
static const size_t OUTPUT_SIZE = CRIPEMD160::OUTPUT_SIZE;
|
|
|
|
void Finalize(unsigned char hash[OUTPUT_SIZE]) {
|
|
unsigned char buf[sha.OUTPUT_SIZE];
|
|
sha.Finalize(buf);
|
|
CRIPEMD160().Write(buf, sha.OUTPUT_SIZE).Finalize(hash);
|
|
}
|
|
|
|
CHash160& Write(const unsigned char *data, size_t len) {
|
|
sha.Write(data, len);
|
|
return *this;
|
|
}
|
|
|
|
CHash160& Reset() {
|
|
sha.Reset();
|
|
return *this;
|
|
}
|
|
};
|
|
|
|
/** Compute the 256-bit hash of an object. */
|
|
template<typename T1>
|
|
inline uint256 Hash(const T1 pbegin, const T1 pend)
|
|
{
|
|
static const unsigned char pblank[1] = {};
|
|
uint256 result;
|
|
CHash256().Write(pbegin == pend ? pblank : (const unsigned char*)&pbegin[0], (pend - pbegin) * sizeof(pbegin[0]))
|
|
.Finalize((unsigned char*)&result);
|
|
return result;
|
|
}
|
|
|
|
/** Compute the 256-bit hash of the concatenation of two objects. */
|
|
template<typename T1, typename T2>
|
|
inline uint256 Hash(const T1 p1begin, const T1 p1end,
|
|
const T2 p2begin, const T2 p2end) {
|
|
static const unsigned char pblank[1] = {};
|
|
uint256 result;
|
|
CHash256().Write(p1begin == p1end ? pblank : (const unsigned char*)&p1begin[0], (p1end - p1begin) * sizeof(p1begin[0]))
|
|
.Write(p2begin == p2end ? pblank : (const unsigned char*)&p2begin[0], (p2end - p2begin) * sizeof(p2begin[0]))
|
|
.Finalize((unsigned char*)&result);
|
|
return result;
|
|
}
|
|
|
|
/** Compute the 256-bit hash of the concatenation of three objects. */
|
|
template<typename T1, typename T2, typename T3>
|
|
inline uint256 Hash(const T1 p1begin, const T1 p1end,
|
|
const T2 p2begin, const T2 p2end,
|
|
const T3 p3begin, const T3 p3end) {
|
|
static const unsigned char pblank[1] = {};
|
|
uint256 result;
|
|
CHash256().Write(p1begin == p1end ? pblank : (const unsigned char*)&p1begin[0], (p1end - p1begin) * sizeof(p1begin[0]))
|
|
.Write(p2begin == p2end ? pblank : (const unsigned char*)&p2begin[0], (p2end - p2begin) * sizeof(p2begin[0]))
|
|
.Write(p3begin == p3end ? pblank : (const unsigned char*)&p3begin[0], (p3end - p3begin) * sizeof(p3begin[0]))
|
|
.Finalize((unsigned char*)&result);
|
|
return result;
|
|
}
|
|
|
|
/** Compute the 160-bit hash an object. */
|
|
template<typename T1>
|
|
inline uint160 Hash160(const T1 pbegin, const T1 pend)
|
|
{
|
|
static unsigned char pblank[1] = {};
|
|
uint160 result;
|
|
CHash160().Write(pbegin == pend ? pblank : (const unsigned char*)&pbegin[0], (pend - pbegin) * sizeof(pbegin[0]))
|
|
.Finalize((unsigned char*)&result);
|
|
return result;
|
|
}
|
|
|
|
/** Compute the 160-bit hash of a vector. */
|
|
inline uint160 Hash160(const std::vector<unsigned char>& vch)
|
|
{
|
|
return Hash160(vch.begin(), vch.end());
|
|
}
|
|
|
|
/** A writer stream (for serialization) that computes a 256-bit hash. */
|
|
class CHashWriter
|
|
{
|
|
private:
|
|
CHash256 ctx;
|
|
|
|
public:
|
|
int nType;
|
|
int nVersion;
|
|
|
|
CHashWriter(int nTypeIn, int nVersionIn) : nType(nTypeIn), nVersion(nVersionIn) {}
|
|
|
|
CHashWriter& write(const char *pch, size_t size) {
|
|
ctx.Write((const unsigned char*)pch, size);
|
|
return (*this);
|
|
}
|
|
|
|
// invalidates the object
|
|
uint256 GetHash() {
|
|
uint256 result;
|
|
ctx.Finalize((unsigned char*)&result);
|
|
return result;
|
|
}
|
|
|
|
template<typename T>
|
|
CHashWriter& operator<<(const T& obj) {
|
|
// Serialize to this stream
|
|
::Serialize(*this, obj, nType, nVersion);
|
|
return (*this);
|
|
}
|
|
};
|
|
|
|
/** Compute the 256-bit hash of an object's serialization. */
|
|
template<typename T>
|
|
uint256 SerializeHash(const T& obj, int nType=SER_GETHASH, int nVersion=PROTOCOL_VERSION)
|
|
{
|
|
CHashWriter ss(nType, nVersion);
|
|
ss << obj;
|
|
return ss.GetHash();
|
|
}
|
|
|
|
unsigned int MurmurHash3(unsigned int nHashSeed, const std::vector<unsigned char>& vDataToHash);
|
|
|
|
void BIP32Hash(const ChainCode &chainCode, unsigned int nChild, unsigned char header, const unsigned char data[32], unsigned char output[64]);
|
|
|
|
#endif // BITCOIN_HASH_H
|