Alien-libsecp256k1
view release on metacpan or search on metacpan
libsecp256k1/build/src/CMakeFiles/bench_internal.dir/progress.make
libsecp256k1/build/src/CMakeFiles/exhaustive_tests.dir/DependInfo.cmake
libsecp256k1/build/src/CMakeFiles/exhaustive_tests.dir/build.make
libsecp256k1/build/src/CMakeFiles/exhaustive_tests.dir/cmake_clean.cmake
libsecp256k1/build/src/CMakeFiles/exhaustive_tests.dir/compiler_depend.make
libsecp256k1/build/src/CMakeFiles/exhaustive_tests.dir/compiler_depend.ts
libsecp256k1/build/src/CMakeFiles/exhaustive_tests.dir/depend.make
libsecp256k1/build/src/CMakeFiles/exhaustive_tests.dir/flags.make
libsecp256k1/build/src/CMakeFiles/exhaustive_tests.dir/link.txt
libsecp256k1/build/src/CMakeFiles/exhaustive_tests.dir/progress.make
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/DependInfo.cmake
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/build.make
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/cmake_clean.cmake
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/compiler_depend.make
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/compiler_depend.ts
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/depend.make
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/flags.make
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/link.txt
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/progress.make
libsecp256k1/build/src/CMakeFiles/progress.marks
libsecp256k1/build/src/CMakeFiles/secp256k1.dir/DependInfo.cmake
libsecp256k1/build/src/CMakeFiles/secp256k1.dir/build.make
libsecp256k1/build/src/CMakeFiles/secp256k1.dir/cmake_clean.cmake
libsecp256k1/build/src/CMakeFiles/secp256k1.dir/compiler_depend.make
libsecp256k1/build/src/CMakeFiles/secp256k1.dir/compiler_depend.ts
libsecp256k1/build/src/CMakeFiles/secp256k1.dir/depend.make
libsecp256k1/build/src/CMakeFiles/secp256k1.dir/flags.make
libsecp256k1/build/src/CMakeFiles/secp256k1.dir/link.txt
libsecp256k1/build/src/CMakeFiles/secp256k1.dir/progress.make
libsecp256k1/CHANGELOG.md view on Meta::CPAN
- The related configure option `--ecmult-gen-precision` was replaced with `--ecmult-gen-kb` (`SECP256K1_ECMULT_GEN_KB` for CMake).
- This changes the supported precomputed table sizes for these operations. The new supported sizes are 2 KiB, 22 KiB, or 86 KiB (while the old supported sizes were 32 KiB, 64 KiB, or 512 KiB).
#### ABI Compatibility
The ABI is backward compatible with versions 0.4.x and 0.3.x.
## [0.4.1] - 2023-12-21
#### Changed
- The point multiplication algorithm used for ECDH operations (module `ecdh`) was replaced with a slightly faster one.
- Optional handwritten x86_64 assembly for field operations was removed because modern C compilers are able to output more efficient assembly. This change results in a significant speedup of some library functions when handwritten x86_64 assembly is...
#### ABI Compatibility
The ABI is backward compatible with versions 0.4.0 and 0.3.x.
## [0.4.0] - 2023-09-04
#### Added
- New module `ellswift` implements ElligatorSwift encoding for public keys and x-only Diffie-Hellman key exchange for them.
ElligatorSwift permits representing secp256k1 public keys as 64-byte arrays which cannot be distinguished from uniformly random. See:
- Header file `include/secp256k1_ellswift.h` which defines the new API.
libsecp256k1/CHANGELOG.md view on Meta::CPAN
- Increased minimum required CMake version to 3.13. CMake builds remain experimental.
#### ABI Compatibility
The ABI is compatible with version 0.3.0.
## [0.3.0] - 2023-03-08
#### Added
- Added experimental support for CMake builds. Traditional GNU Autotools builds (`./configure` and `make`) remain fully supported.
- Usage examples: Added a recommended method for securely clearing sensitive data, e.g., secret keys, from memory.
- Tests: Added a new test binary `noverify_tests`. This binary runs the tests without some additional checks present in the ordinary `tests` binary and is thereby closer to production binaries. The `noverify_tests` binary is automatically run as par...
#### Fixed
- Fixed declarations of API variables for MSVC (`__declspec(dllimport)`). This fixes MSVC builds of programs which link against a libsecp256k1 DLL dynamically and use API variables (and not only API functions). Unfortunately, the MSVC linker now wil...
#### Changed
- Forbade cloning or destroying `secp256k1_context_static`. Create a new context instead of cloning the static context. (If this change breaks your code, your code is probably wrong.)
- Forbade randomizing (copies of) `secp256k1_context_static`. Randomizing a copy of `secp256k1_context_static` did not have any effect and did not provide defense-in-depth protection against side-channel attacks. Create a new context if you want to ...
#### Removed
- Removed the configuration header `src/libsecp256k1-config.h`. We recommend passing flags to `./configure` or `cmake` to set configuration options (see `./configure --help` or `cmake -LH`). If you cannot or do not want to use one of the supported b...
libsecp256k1/CMakeLists.txt view on Meta::CPAN
message(" ecmult window size .................. ${SECP256K1_ECMULT_WINDOW_SIZE}")
message(" ecmult gen table size ............... ${SECP256K1_ECMULT_GEN_KB} KiB")
message("Optional features:")
message(" assembly ............................ ${SECP256K1_ASM}")
message(" external callbacks .................. ${SECP256K1_USE_EXTERNAL_DEFAULT_CALLBACKS}")
if(SECP256K1_TEST_OVERRIDE_WIDE_MULTIPLY)
message(" wide multiplication (test-only) ..... ${SECP256K1_TEST_OVERRIDE_WIDE_MULTIPLY}")
endif()
message("Optional binaries:")
message(" benchmark ........................... ${SECP256K1_BUILD_BENCHMARK}")
message(" noverify_tests ...................... ${SECP256K1_BUILD_TESTS}")
set(tests_status "${SECP256K1_BUILD_TESTS}")
if(CMAKE_BUILD_TYPE STREQUAL "Coverage")
set(tests_status OFF)
endif()
message(" tests ............................... ${tests_status}")
message(" exhaustive tests .................... ${SECP256K1_BUILD_EXHAUSTIVE_TESTS}")
message(" ctime_tests ......................... ${SECP256K1_BUILD_CTIME_TESTS}")
message(" examples ............................ ${SECP256K1_BUILD_EXAMPLES}")
message("")
if(CMAKE_CROSSCOMPILING)
libsecp256k1/Makefile.am view on Meta::CPAN
bench_internal_SOURCES = src/bench_internal.c
bench_internal_LDADD = $(COMMON_LIB) $(PRECOMPUTED_LIB)
bench_internal_CPPFLAGS = $(SECP_CONFIG_DEFINES)
bench_ecmult_SOURCES = src/bench_ecmult.c
bench_ecmult_LDADD = $(COMMON_LIB) $(PRECOMPUTED_LIB)
bench_ecmult_CPPFLAGS = $(SECP_CONFIG_DEFINES)
endif
TESTS =
if USE_TESTS
TESTS += noverify_tests
noinst_PROGRAMS += noverify_tests
noverify_tests_SOURCES = src/tests.c
noverify_tests_CPPFLAGS = $(SECP_CONFIG_DEFINES)
noverify_tests_LDADD = $(COMMON_LIB) $(PRECOMPUTED_LIB)
noverify_tests_LDFLAGS = -static
if !ENABLE_COVERAGE
TESTS += tests
noinst_PROGRAMS += tests
tests_SOURCES = $(noverify_tests_SOURCES)
tests_CPPFLAGS = $(noverify_tests_CPPFLAGS) -DVERIFY
tests_LDADD = $(noverify_tests_LDADD)
tests_LDFLAGS = $(noverify_tests_LDFLAGS)
endif
endif
if USE_CTIME_TESTS
noinst_PROGRAMS += ctime_tests
ctime_tests_SOURCES = src/ctime_tests.c
ctime_tests_LDADD = libsecp256k1.la
ctime_tests_CPPFLAGS = $(SECP_CONFIG_DEFINES)
endif
libsecp256k1/build/CMakeFiles/Makefile.cmake view on Meta::CPAN
"src/libsecp256k1.pc"
"src/CMakeFiles/CMakeDirectoryInformation.cmake"
)
# Dependency information for all targets:
set(CMAKE_DEPEND_INFO_FILES
"src/CMakeFiles/secp256k1_precomputed.dir/DependInfo.cmake"
"src/CMakeFiles/secp256k1.dir/DependInfo.cmake"
"src/CMakeFiles/bench.dir/DependInfo.cmake"
"src/CMakeFiles/bench_ecmult.dir/DependInfo.cmake"
"src/CMakeFiles/noverify_tests.dir/DependInfo.cmake"
"src/CMakeFiles/tests.dir/DependInfo.cmake"
"src/CMakeFiles/bench_internal.dir/DependInfo.cmake"
"src/CMakeFiles/exhaustive_tests.dir/DependInfo.cmake"
)
libsecp256k1/build/CMakeFiles/Makefile2 view on Meta::CPAN
clean: src/clean
.PHONY : clean
#=============================================================================
# Directory level rules for directory src
# Recursive "all" directory target.
src/all: src/CMakeFiles/secp256k1.dir/all
src/all: src/CMakeFiles/bench.dir/all
src/all: src/CMakeFiles/bench_ecmult.dir/all
src/all: src/CMakeFiles/noverify_tests.dir/all
src/all: src/CMakeFiles/tests.dir/all
src/all: src/CMakeFiles/bench_internal.dir/all
src/all: src/CMakeFiles/exhaustive_tests.dir/all
.PHONY : src/all
# Recursive "preinstall" directory target.
src/preinstall:
.PHONY : src/preinstall
# Recursive "clean" directory target.
src/clean: src/CMakeFiles/secp256k1_precomputed.dir/clean
src/clean: src/CMakeFiles/secp256k1.dir/clean
src/clean: src/CMakeFiles/bench.dir/clean
src/clean: src/CMakeFiles/bench_ecmult.dir/clean
src/clean: src/CMakeFiles/noverify_tests.dir/clean
src/clean: src/CMakeFiles/tests.dir/clean
src/clean: src/CMakeFiles/bench_internal.dir/clean
src/clean: src/CMakeFiles/exhaustive_tests.dir/clean
.PHONY : src/clean
#=============================================================================
# Target rules for target src/CMakeFiles/secp256k1_precomputed.dir
# All Build rule for target.
src/CMakeFiles/secp256k1_precomputed.dir/all:
libsecp256k1/build/CMakeFiles/Makefile2 view on Meta::CPAN
# Convenience name for target.
bench_ecmult: src/CMakeFiles/bench_ecmult.dir/rule
.PHONY : bench_ecmult
# clean rule for target.
src/CMakeFiles/bench_ecmult.dir/clean:
$(MAKE) $(MAKESILENT) -f src/CMakeFiles/bench_ecmult.dir/build.make src/CMakeFiles/bench_ecmult.dir/clean
.PHONY : src/CMakeFiles/bench_ecmult.dir/clean
#=============================================================================
# Target rules for target src/CMakeFiles/noverify_tests.dir
# All Build rule for target.
src/CMakeFiles/noverify_tests.dir/all: src/CMakeFiles/secp256k1_precomputed.dir/all
$(MAKE) $(MAKESILENT) -f src/CMakeFiles/noverify_tests.dir/build.make src/CMakeFiles/noverify_tests.dir/depend
$(MAKE) $(MAKESILENT) -f src/CMakeFiles/noverify_tests.dir/build.make src/CMakeFiles/noverify_tests.dir/build
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --progress-dir=/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/CMakeFiles --progress-num=9,10 "Built target noverify_tests"
.PHONY : src/CMakeFiles/noverify_tests.dir/all
# Build rule for subdir invocation for target.
src/CMakeFiles/noverify_tests.dir/rule: cmake_check_build_system
$(CMAKE_COMMAND) -E cmake_progress_start /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/CMakeFiles 4
$(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 src/CMakeFiles/noverify_tests.dir/all
$(CMAKE_COMMAND) -E cmake_progress_start /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/CMakeFiles 0
.PHONY : src/CMakeFiles/noverify_tests.dir/rule
# Convenience name for target.
noverify_tests: src/CMakeFiles/noverify_tests.dir/rule
.PHONY : noverify_tests
# clean rule for target.
src/CMakeFiles/noverify_tests.dir/clean:
$(MAKE) $(MAKESILENT) -f src/CMakeFiles/noverify_tests.dir/build.make src/CMakeFiles/noverify_tests.dir/clean
.PHONY : src/CMakeFiles/noverify_tests.dir/clean
#=============================================================================
# Target rules for target src/CMakeFiles/tests.dir
# All Build rule for target.
src/CMakeFiles/tests.dir/all: src/CMakeFiles/secp256k1_precomputed.dir/all
$(MAKE) $(MAKESILENT) -f src/CMakeFiles/tests.dir/build.make src/CMakeFiles/tests.dir/depend
$(MAKE) $(MAKESILENT) -f src/CMakeFiles/tests.dir/build.make src/CMakeFiles/tests.dir/build
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --progress-dir=/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/CMakeFiles --progress-num=15,16 "Built target tests"
.PHONY : src/CMakeFiles/tests.dir/all
libsecp256k1/build/CMakeFiles/TargetDirectories.txt view on Meta::CPAN
/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/install/local.dir
/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/install.dir
/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/secp256k1_precomputed.dir
/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/secp256k1.dir
/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/list_install_components.dir
/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/bench.dir
/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/test.dir
/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/rebuild_cache.dir
/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/bench_ecmult.dir
/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/edit_cache.dir
/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/noverify_tests.dir
/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/tests.dir
/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/install/strip.dir
/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/bench_internal.dir
/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/exhaustive_tests.dir
libsecp256k1/build/Makefile view on Meta::CPAN
bench_ecmult: cmake_check_build_system
$(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 bench_ecmult
.PHONY : bench_ecmult
# fast build rule for target.
bench_ecmult/fast:
$(MAKE) $(MAKESILENT) -f src/CMakeFiles/bench_ecmult.dir/build.make src/CMakeFiles/bench_ecmult.dir/build
.PHONY : bench_ecmult/fast
#=============================================================================
# Target rules for targets named noverify_tests
# Build rule for target.
noverify_tests: cmake_check_build_system
$(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 noverify_tests
.PHONY : noverify_tests
# fast build rule for target.
noverify_tests/fast:
$(MAKE) $(MAKESILENT) -f src/CMakeFiles/noverify_tests.dir/build.make src/CMakeFiles/noverify_tests.dir/build
.PHONY : noverify_tests/fast
#=============================================================================
# Target rules for targets named tests
# Build rule for target.
tests: cmake_check_build_system
$(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 tests
.PHONY : tests
# fast build rule for target.
libsecp256k1/build/Makefile view on Meta::CPAN
@echo "... install"
@echo "... install/local"
@echo "... install/strip"
@echo "... list_install_components"
@echo "... rebuild_cache"
@echo "... test"
@echo "... bench"
@echo "... bench_ecmult"
@echo "... bench_internal"
@echo "... exhaustive_tests"
@echo "... noverify_tests"
@echo "... secp256k1"
@echo "... secp256k1_precomputed"
@echo "... tests"
.PHONY : help
#=============================================================================
# Special targets to cleanup operation of make.
libsecp256k1/build/src/CMakeFiles/Export/lib64/cmake/libsecp256k1/libsecp256k1-targets.cmake view on Meta::CPAN
# Load information for each installed configuration.
get_filename_component(_DIR "${CMAKE_CURRENT_LIST_FILE}" PATH)
file(GLOB CONFIG_FILES "${_DIR}/libsecp256k1-targets-*.cmake")
foreach(f ${CONFIG_FILES})
include(${f})
endforeach()
# Cleanup temporary variables.
set(_IMPORT_PREFIX)
# Loop over all imported files and verify that they actually exist
foreach(target ${_IMPORT_CHECK_TARGETS} )
foreach(file ${_IMPORT_CHECK_FILES_FOR_${target}} )
if(NOT EXISTS "${file}" )
message(FATAL_ERROR "The imported target \"${target}\" references the file
\"${file}\"
but this file does not exist. Possible reasons include:
* The file was deleted, renamed, or moved to another location.
* An install or uninstall procedure did not complete successfully.
* The installation package was faulty and contained
\"${CMAKE_CURRENT_LIST_FILE}\"
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/DependInfo.cmake view on Meta::CPAN
# Consider dependencies only in project.
set(CMAKE_DEPENDS_IN_PROJECT_ONLY OFF)
# The set of languages for which implicit dependencies are needed:
set(CMAKE_DEPENDS_LANGUAGES
)
# The set of dependency files which are needed:
set(CMAKE_DEPENDS_DEPENDENCY_FILES
"/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/src/tests.c" "src/CMakeFiles/noverify_tests.dir/tests.c.o" "gcc" "src/CMakeFiles/noverify_tests.dir/tests.c.o.d"
)
# Targets to which this target links.
set(CMAKE_TARGET_LINKED_INFO_FILES
)
# Fortran module output directory.
set(CMAKE_Fortran_TARGET_MODULE_DIR "")
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/build.make view on Meta::CPAN
# Escaping for special characters.
EQUALS = =
# The top-level source directory on which CMake was run.
CMAKE_SOURCE_DIR = /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1
# The top-level build directory on which CMake was run.
CMAKE_BINARY_DIR = /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build
# Include any dependencies generated for this target.
include src/CMakeFiles/noverify_tests.dir/depend.make
# Include any dependencies generated by the compiler for this target.
include src/CMakeFiles/noverify_tests.dir/compiler_depend.make
# Include the progress variables for this target.
include src/CMakeFiles/noverify_tests.dir/progress.make
# Include the compile flags for this target's objects.
include src/CMakeFiles/noverify_tests.dir/flags.make
src/CMakeFiles/noverify_tests.dir/tests.c.o: src/CMakeFiles/noverify_tests.dir/flags.make
src/CMakeFiles/noverify_tests.dir/tests.c.o: ../src/tests.c
src/CMakeFiles/noverify_tests.dir/tests.c.o: src/CMakeFiles/noverify_tests.dir/compiler_depend.ts
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green --progress-dir=/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/CMakeFiles --progress-num=$(CMAKE_PROGRESS_1) "Building C object src/CMakeFiles/noverify_tests.dir/te...
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src && /usr/bin/cc $(C_DEFINES) $(C_INCLUDES) $(C_FLAGS) -MD -MT src/CMakeFiles/noverify_tests.dir/tests.c.o -MF CMakeFiles/noverify_tests.dir/tests.c.o.d -o CMakeFiles/noverify...
src/CMakeFiles/noverify_tests.dir/tests.c.i: cmake_force
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing C source to CMakeFiles/noverify_tests.dir/tests.c.i"
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src && /usr/bin/cc $(C_DEFINES) $(C_INCLUDES) $(C_FLAGS) -E /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/src/tests.c > CMakeFiles/noverify_tests.dir/tests.c.i
src/CMakeFiles/noverify_tests.dir/tests.c.s: cmake_force
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling C source to assembly CMakeFiles/noverify_tests.dir/tests.c.s"
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src && /usr/bin/cc $(C_DEFINES) $(C_INCLUDES) $(C_FLAGS) -S /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/src/tests.c -o CMakeFiles/noverify_tests.dir/tests.c.s
# Object files for target noverify_tests
noverify_tests_OBJECTS = \
"CMakeFiles/noverify_tests.dir/tests.c.o"
# External object files for target noverify_tests
noverify_tests_EXTERNAL_OBJECTS = \
"/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/secp256k1_precomputed.dir/precomputed_ecmult.c.o" \
"/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src/CMakeFiles/secp256k1_precomputed.dir/precomputed_ecmult_gen.c.o"
bin/noverify_tests: src/CMakeFiles/noverify_tests.dir/tests.c.o
bin/noverify_tests: src/CMakeFiles/secp256k1_precomputed.dir/precomputed_ecmult.c.o
bin/noverify_tests: src/CMakeFiles/secp256k1_precomputed.dir/precomputed_ecmult_gen.c.o
bin/noverify_tests: src/CMakeFiles/noverify_tests.dir/build.make
bin/noverify_tests: src/CMakeFiles/noverify_tests.dir/link.txt
@$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green --bold --progress-dir=/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/CMakeFiles --progress-num=$(CMAKE_PROGRESS_2) "Linking C executable ../bin/noverify_tests"
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src && $(CMAKE_COMMAND) -E cmake_link_script CMakeFiles/noverify_tests.dir/link.txt --verbose=$(VERBOSE)
# Rule to build all files generated by this target.
src/CMakeFiles/noverify_tests.dir/build: bin/noverify_tests
.PHONY : src/CMakeFiles/noverify_tests.dir/build
src/CMakeFiles/noverify_tests.dir/clean:
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src && $(CMAKE_COMMAND) -P CMakeFiles/noverify_tests.dir/cmake_clean.cmake
.PHONY : src/CMakeFiles/noverify_tests.dir/clean
src/CMakeFiles/noverify_tests.dir/depend:
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build && $(CMAKE_COMMAND) -E cmake_depends "Unix Makefiles" /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1 /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256...
.PHONY : src/CMakeFiles/noverify_tests.dir/depend
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/cmake_clean.cmake view on Meta::CPAN
file(REMOVE_RECURSE
"../bin/noverify_tests"
"../bin/noverify_tests.pdb"
"CMakeFiles/noverify_tests.dir/tests.c.o"
"CMakeFiles/noverify_tests.dir/tests.c.o.d"
)
# Per-language clean rules from dependency scanning.
foreach(lang C)
include(CMakeFiles/noverify_tests.dir/cmake_clean_${lang}.cmake OPTIONAL)
endforeach()
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/compiler_depend.make view on Meta::CPAN
# Empty compiler generated dependencies file for noverify_tests.
# This may be replaced when dependencies are built.
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/compiler_depend.ts view on Meta::CPAN
# CMAKE generated file: DO NOT EDIT!
# Timestamp file for compiler generated dependencies management for noverify_tests.
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/depend.make view on Meta::CPAN
# Empty dependencies file for noverify_tests.
# This may be replaced when dependencies are built.
libsecp256k1/build/src/CMakeFiles/noverify_tests.dir/link.txt view on Meta::CPAN
/usr/bin/cc -O2 -g CMakeFiles/noverify_tests.dir/tests.c.o CMakeFiles/secp256k1_precomputed.dir/precomputed_ecmult.c.o CMakeFiles/secp256k1_precomputed.dir/precomputed_ecmult_gen.c.o -o ../bin/noverify_tests
libsecp256k1/build/src/CTestTestfile.cmake view on Meta::CPAN
# CMake generated Testfile for
# Source directory: /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/src
# Build directory: /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/src
#
# This file includes the relevant testing commands required for
# testing this directory and lists subdirectories to be tested as well.
add_test(secp256k1_noverify_tests "/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/bin/noverify_tests")
set_tests_properties(secp256k1_noverify_tests PROPERTIES _BACKTRACE_TRIPLES "/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/src/CMakeLists.txt;90;add_test;/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/src/CMakeLists....
add_test(secp256k1_tests "/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/bin/tests")
set_tests_properties(secp256k1_tests PROPERTIES _BACKTRACE_TRIPLES "/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/src/CMakeLists.txt;95;add_test;/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/src/CMakeLists.txt;0;")
add_test(secp256k1_exhaustive_tests "/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build/bin/exhaustive_tests")
set_tests_properties(secp256k1_exhaustive_tests PROPERTIES _BACKTRACE_TRIPLES "/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/src/CMakeLists.txt;104;add_test;/home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/src/CMakeLis...
libsecp256k1/build/src/Makefile view on Meta::CPAN
# Convenience name for target.
bench_ecmult: src/CMakeFiles/bench_ecmult.dir/rule
.PHONY : bench_ecmult
# fast build rule for target.
bench_ecmult/fast:
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build && $(MAKE) $(MAKESILENT) -f src/CMakeFiles/bench_ecmult.dir/build.make src/CMakeFiles/bench_ecmult.dir/build
.PHONY : bench_ecmult/fast
# Convenience name for target.
src/CMakeFiles/noverify_tests.dir/rule:
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build && $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 src/CMakeFiles/noverify_tests.dir/rule
.PHONY : src/CMakeFiles/noverify_tests.dir/rule
# Convenience name for target.
noverify_tests: src/CMakeFiles/noverify_tests.dir/rule
.PHONY : noverify_tests
# fast build rule for target.
noverify_tests/fast:
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build && $(MAKE) $(MAKESILENT) -f src/CMakeFiles/noverify_tests.dir/build.make src/CMakeFiles/noverify_tests.dir/build
.PHONY : noverify_tests/fast
# Convenience name for target.
src/CMakeFiles/tests.dir/rule:
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build && $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 src/CMakeFiles/tests.dir/rule
.PHONY : src/CMakeFiles/tests.dir/rule
# Convenience name for target.
tests: src/CMakeFiles/tests.dir/rule
.PHONY : tests
libsecp256k1/build/src/Makefile view on Meta::CPAN
# target to generate assembly for a file
secp256k1.c.s:
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build && $(MAKE) $(MAKESILENT) -f src/CMakeFiles/secp256k1.dir/build.make src/CMakeFiles/secp256k1.dir/secp256k1.c.s
.PHONY : secp256k1.c.s
tests.o: tests.c.o
.PHONY : tests.o
# target to build an object file
tests.c.o:
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build && $(MAKE) $(MAKESILENT) -f src/CMakeFiles/noverify_tests.dir/build.make src/CMakeFiles/noverify_tests.dir/tests.c.o
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build && $(MAKE) $(MAKESILENT) -f src/CMakeFiles/tests.dir/build.make src/CMakeFiles/tests.dir/tests.c.o
.PHONY : tests.c.o
tests.i: tests.c.i
.PHONY : tests.i
# target to preprocess a source file
tests.c.i:
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build && $(MAKE) $(MAKESILENT) -f src/CMakeFiles/noverify_tests.dir/build.make src/CMakeFiles/noverify_tests.dir/tests.c.i
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build && $(MAKE) $(MAKESILENT) -f src/CMakeFiles/tests.dir/build.make src/CMakeFiles/tests.dir/tests.c.i
.PHONY : tests.c.i
tests.s: tests.c.s
.PHONY : tests.s
# target to generate assembly for a file
tests.c.s:
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build && $(MAKE) $(MAKESILENT) -f src/CMakeFiles/noverify_tests.dir/build.make src/CMakeFiles/noverify_tests.dir/tests.c.s
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build && $(MAKE) $(MAKESILENT) -f src/CMakeFiles/tests.dir/build.make src/CMakeFiles/tests.dir/tests.c.s
.PHONY : tests.c.s
tests_exhaustive.o: tests_exhaustive.c.o
.PHONY : tests_exhaustive.o
# target to build an object file
tests_exhaustive.c.o:
cd /home/bartosz/dox/Perl-Bitcoin/Alien-libsecp256k1/libsecp256k1/build && $(MAKE) $(MAKESILENT) -f src/CMakeFiles/exhaustive_tests.dir/build.make src/CMakeFiles/exhaustive_tests.dir/tests_exhaustive.c.o
.PHONY : tests_exhaustive.c.o
libsecp256k1/build/src/Makefile view on Meta::CPAN
@echo "... install"
@echo "... install/local"
@echo "... install/strip"
@echo "... list_install_components"
@echo "... rebuild_cache"
@echo "... test"
@echo "... bench"
@echo "... bench_ecmult"
@echo "... bench_internal"
@echo "... exhaustive_tests"
@echo "... noverify_tests"
@echo "... secp256k1"
@echo "... secp256k1_precomputed"
@echo "... tests"
@echo "... bench.o"
@echo "... bench.i"
@echo "... bench.s"
@echo "... bench_ecmult.o"
@echo "... bench_ecmult.i"
@echo "... bench_ecmult.s"
@echo "... bench_internal.o"
libsecp256k1/contrib/lax_der_privatekey_parsing.c view on Meta::CPAN
/* sequence element 0: version number (=1) */
if (end < privkey+3 || privkey[0] != 0x02 || privkey[1] != 0x01 || privkey[2] != 0x01) {
return 0;
}
privkey += 3;
/* sequence element 1: octet string, up to 32 bytes */
if (end < privkey+2 || privkey[0] != 0x04 || privkey[1] > 0x20 || end < privkey+2+privkey[1]) {
return 0;
}
if (privkey[1]) memcpy(out32 + 32 - privkey[1], privkey + 2, privkey[1]);
if (!secp256k1_ec_seckey_verify(ctx, out32)) {
memset(out32, 0, 32);
return 0;
}
return 1;
}
int ec_privkey_export_der(const secp256k1_context *ctx, unsigned char *privkey, size_t *privkeylen, const unsigned char *key32, int compressed) {
secp256k1_pubkey pubkey;
size_t pubkeylen = 0;
if (!secp256k1_ec_pubkey_create(ctx, &pubkey, key32)) {
libsecp256k1/doc/ellswift.md view on Meta::CPAN
We wish to avoid the need for callers to deal with this special case.
This is implemented in `secp256k1_ellswift_xswiftec_frac_var` (which decodes to an x-coordinate represented as a fraction), and
in `secp256k1_ellswift_xswiftec_var` (which outputs the actual x-coordinate).
## 3. The encoding function
To implement $F_u^{-1}(x)$, the function to find the set of inverses $t$ for which $F_u(t) = x$, we have to reverse the process:
* Find all the $(X, Y) \in S_u$ that could have given rise to $x$, through the $x_1$, $x_2$, or $x_3$ formulas in $\psi_u.$
* Map those $(X, Y)$ solutions to $t$ values using $P_u^{-1}(X, Y).$
* For each of the found $t$ values, verify that $F_u(t) = x.$
* Return the remaining $t$ values.
The function $P_u^{-1}$, which finds $t$ given $(X, Y) \in S_u$, is significantly simpler than $P_u:$
$$
P_u^{-1}(X, Y) = \left\\{\begin{array}{ll}
Yu\sqrt{-3} - X & a = 0 \\
\dfrac{Y-Y_0(u)}{X-X_0(u)} & a \neq 0 \land X \neq X_0(u) \\
\dfrac{-X_0(u)}{h(u)Y_0(u)} & a \neq 0 \land X = X_0(u) \land Y = Y_0(u)
\end{array}\right.
$$
The third step above, verifying that $F_u(t) = x$, is necessary because for the $(X, Y)$ values found through the $x_1$ and $x_2$ expressions,
it is possible that decoding through $\psi_u(X, Y)$ yields a valid $x_3$ on the curve, which would take precedence over the
$x_1$ or $x_2$ decoding. These $(X, Y)$ solutions must be rejected.
Since we know that exactly one or exactly three out of $\\{x_1, x_2, x_3\\}$ are valid x-coordinates for any $t$,
the case where either $x_1$ or $x_2$ is valid and in addition also $x_3$ is valid must mean that all three are valid.
This means that instead of checking whether $x_3$ is on the curve, it is also possible to check whether the other one out of
$x_1$ and $x_2$ is on the curve. This is significantly simpler, as it turns out.
Observe that $\psi_u$ guarantees that $x_1 + x_2 = -u.$ So given either $x = x_1$ or $x = x_2$, the other one of the two can be computed as
$-u - x.$ Thus, when encoding $x$ through the $x_1$ or $x_2$ expressions, one can simply check whether $g(-u-x)$ is a square,
libsecp256k1/doc/musig.md view on Meta::CPAN
This is covered by `examples/musig.c`.
Essentially, the protocol proceeds in the following steps:
1. Generate a keypair with `secp256k1_keypair_create` and obtain the public key with `secp256k1_keypair_pub`.
2. Call `secp256k1_musig_pubkey_agg` with the pubkeys of all participants.
3. Optionally add a (Taproot) tweak with `secp256k1_musig_pubkey_xonly_tweak_add` and a plain tweak with `secp256k1_musig_pubkey_ec_tweak_add`.
4. Generate a pair of secret and public nonce with `secp256k1_musig_nonce_gen` and send the public nonce to the other signers.
5. Someone (not necessarily the signer) aggregates the public nonces with `secp256k1_musig_nonce_agg` and sends it to the signers.
6. Process the aggregate nonce with `secp256k1_musig_nonce_process`.
7. Create a partial signature with `secp256k1_musig_partial_sign`.
8. Verify the partial signatures (optional in some scenarios) with `secp256k1_musig_partial_sig_verify`.
9. Someone (not necessarily the signer) obtains all partial signatures and aggregates them into the final Schnorr signature using `secp256k1_musig_partial_sig_agg`.
The aggregate signature can be verified with `secp256k1_schnorrsig_verify`.
Steps 1 through 5 above can occur before or after the signers are aware of the message to be signed.
Whenever possible, it is recommended to generate the nonces only after the message is known.
This provides enhanced defense-in-depth measures, protecting against potential API misuse in certain scenarios.
However, it does require two rounds of communication during the signing process.
The alternative, generating the nonces in a pre-processing step before the message is known, eliminates these additional protective measures but allows for non-interactive signing.
Similarly, the API supports an alternative protocol flow where generating the aggregate key (steps 1 to 3) is allowed to happen after exchanging nonces (steps 4 to 5).
## Verification
A participant who wants to verify the partial signatures, but does not sign itself may do so using the above instructions except that the verifier skips steps 1, 4 and 7.
libsecp256k1/doc/release-process.md view on Meta::CPAN
./autogen.sh && ./configure --prefix=$dir && make clean && make install && ls -RlAh $dir
gcc -o ecdsa examples/ecdsa.c $(PKG_CONFIG_PATH=$dir/lib/pkgconfig pkg-config --cflags --libs libsecp256k1) -Wl,-rpath,"$dir/lib" && ./ecdsa
```
3. Check installation with CMake:
```shell
dir=$(mktemp -d)
build=$(mktemp -d)
cmake -B $build -DCMAKE_INSTALL_PREFIX=$dir && cmake --build $build && cmake --install $build && ls -RlAh $dir
gcc -o ecdsa examples/ecdsa.c -I $dir/include -L $dir/lib*/ -l secp256k1 -Wl,-rpath,"$dir/lib",-rpath,"$dir/lib64" && ./ecdsa
```
4. Use the [`check-abi.sh`](/tools/check-abi.sh) tool to verify that there are no unexpected ABI incompatibilities and that the version number and the release notes accurately reflect all potential ABI changes. To run this tool, the `abi-dumper` and ...
```shell
tools/check-abi.sh
```
## Regular release
1. Open a PR to the master branch with a commit (using message `"release: prepare for $MAJOR.$MINOR.$PATCH"`, for example) that
* finalizes the release notes in [CHANGELOG.md](../CHANGELOG.md) by
* adding a section for the release (make sure that the version number is a link to a diff between the previous and new version),
* removing the `[Unreleased]` section header,
libsecp256k1/examples/ecdh.c view on Meta::CPAN
assert(return_val);
/*** Key Generation ***/
if (!fill_random(seckey1, sizeof(seckey1)) || !fill_random(seckey2, sizeof(seckey2))) {
printf("Failed to generate randomness\n");
return 1;
}
/* If the secret key is zero or out of range (greater than secp256k1's
* order), we fail. Note that the probability of this occurring is negligible
* with a properly functioning random number generator. */
if (!secp256k1_ec_seckey_verify(ctx, seckey1) || !secp256k1_ec_seckey_verify(ctx, seckey2)) {
printf("Generated secret key is invalid. This indicates an issue with the random number generator.\n");
return 1;
}
/* Public key creation using a valid context with a verified secret key should never fail */
return_val = secp256k1_ec_pubkey_create(ctx, &pubkey1, seckey1);
assert(return_val);
return_val = secp256k1_ec_pubkey_create(ctx, &pubkey2, seckey2);
assert(return_val);
libsecp256k1/examples/ecdsa.c view on Meta::CPAN
assert(return_val);
/*** Key Generation ***/
if (!fill_random(seckey, sizeof(seckey))) {
printf("Failed to generate randomness\n");
return 1;
}
/* If the secret key is zero or out of range (greater than secp256k1's
* order), we fail. Note that the probability of this occurring is negligible
* with a properly functioning random number generator. */
if (!secp256k1_ec_seckey_verify(ctx, seckey)) {
printf("Generated secret key is invalid. This indicates an issue with the random number generator.\n");
return 1;
}
/* Public key creation using a valid context with a verified secret key should never fail */
return_val = secp256k1_ec_pubkey_create(ctx, &pubkey, seckey);
assert(return_val);
/* Serialize the pubkey in a compressed form(33 bytes). Should always return 1. */
len = sizeof(compressed_pubkey);
libsecp256k1/examples/ecdsa.c view on Meta::CPAN
return 1;
}
/* Deserialize the public key. This will return 0 if the public key can't be parsed correctly. */
if (!secp256k1_ec_pubkey_parse(ctx, &pubkey, compressed_pubkey, sizeof(compressed_pubkey))) {
printf("Failed parsing the public key\n");
return 1;
}
/* Verify a signature. This will return 1 if it's valid and 0 if it's not. */
is_signature_valid = secp256k1_ecdsa_verify(ctx, &sig, msg_hash, &pubkey);
printf("Is the signature valid? %s\n", is_signature_valid ? "true" : "false");
printf("Secret Key: ");
print_hex(seckey, sizeof(seckey));
printf("Public Key: ");
print_hex(compressed_pubkey, sizeof(compressed_pubkey));
printf("Signature: ");
print_hex(serialized_signature, sizeof(serialized_signature));
/* This will clear everything from the context and free the memory */
secp256k1_context_destroy(ctx);
/* Bonus example: if all we need is signature verification (and no key
generation or signing), we don't need to use a context created via
secp256k1_context_create(). We can simply use the static (i.e., global)
context secp256k1_context_static. See its description in
include/secp256k1.h for details. */
is_signature_valid2 = secp256k1_ecdsa_verify(secp256k1_context_static,
&sig, msg_hash, &pubkey);
assert(is_signature_valid2 == is_signature_valid);
/* It's best practice to try to clear secrets from memory after using them.
* This is done because some bugs can allow an attacker to leak memory, for
* example through "out of bounds" array access (see Heartbleed), or the OS
* swapping them to disk. Hence, we overwrite the secret key buffer with zeros.
*
* Here we are preventing these writes from being optimized out, as any good compiler
* will remove any writes that aren't used. */
libsecp256k1/examples/ellswift.c view on Meta::CPAN
assert(return_val);
/*** Generate secret keys ***/
if (!fill_random(seckey1, sizeof(seckey1)) || !fill_random(seckey2, sizeof(seckey2))) {
printf("Failed to generate randomness\n");
return 1;
}
/* If the secret key is zero or out of range (greater than secp256k1's
* order), we fail. Note that the probability of this occurring is negligible
* with a properly functioning random number generator. */
if (!secp256k1_ec_seckey_verify(ctx, seckey1) || !secp256k1_ec_seckey_verify(ctx, seckey2)) {
printf("Generated secret key is invalid. This indicates an issue with the random number generator.\n");
return 1;
}
/* Generate ElligatorSwift public keys. This should never fail with valid context and
verified secret keys. Note that providing additional randomness (fourth parameter) is
optional, but recommended. */
if (!fill_random(auxrand1, sizeof(auxrand1)) || !fill_random(auxrand2, sizeof(auxrand2))) {
printf("Failed to generate randomness\n");
return 1;
libsecp256k1/examples/musig.c view on Meta::CPAN
/* Xonly tweaking which, for example, allows creating Taproot commitments */
if (!secp256k1_musig_pubkey_xonly_tweak_add(ctx, &output_pk, cache, xonly_tweak)) {
return 0;
}
/* Note that if we wouldn't care about signing, we can arrive at the same
* output_pk by providing the untweaked public key to
* `secp256k1_xonly_pubkey_tweak_add` (after converting it to an xonly pubkey
* if necessary with `secp256k1_xonly_pubkey_from_pubkey`). */
/* Now we convert the output_pk to an xonly pubkey to allow to later verify
* the Schnorr signature against it. For this purpose we can ignore the
* `pk_parity` output argument; we would need it if we would have to open
* the Taproot commitment. */
if (!secp256k1_xonly_pubkey_from_pubkey(ctx, agg_pk, NULL, &output_pk)) {
return 0;
}
return 1;
}
/* Sign a message hash with the given key pairs and store the result in sig */
libsecp256k1/examples/musig.c view on Meta::CPAN
* create a secnonce). If you do, you effectively reuse the nonce and
* leak the secret key. */
if (!secp256k1_musig_partial_sign(ctx, &signer[i].partial_sig, &signer_secrets[i].secnonce, &signer_secrets[i].keypair, cache, &session)) {
return 0;
}
partial_sigs[i] = &signer[i].partial_sig;
}
/* Communication round 2: Every signer sends their partial signature to the
* coordinator, who verifies the partial signatures and aggregates them. */
for (i = 0; i < N_SIGNERS; i++) {
/* To check whether signing was successful, it suffices to either verify
* the aggregate signature with the aggregate public key using
* secp256k1_schnorrsig_verify, or verify all partial signatures of all
* signers individually. Verifying the aggregate signature is cheaper but
* verifying the individual partial signatures has the advantage that it
* can be used to determine which of the partial signatures are invalid
* (if any), i.e., which of the partial signatures cause the aggregate
* signature to be invalid and thus the protocol run to fail. It's also
* fine to first verify the aggregate sig, and only verify the individual
* sigs if it does not work.
*/
if (!secp256k1_musig_partial_sig_verify(ctx, &signer[i].partial_sig, &signer[i].pubnonce, &signer[i].pubkey, cache, &session)) {
return 0;
}
}
return secp256k1_musig_partial_sig_agg(ctx, sig64, &session, partial_sigs, N_SIGNERS);
}
int main(void) {
secp256k1_context* ctx;
int i;
struct signer_secrets signer_secrets[N_SIGNERS];
libsecp256k1/examples/musig.c view on Meta::CPAN
printf("ok\n");
printf("Signing message.........");
fflush(stdout);
if (!sign(ctx, signer_secrets, signers, &cache, msg, sig)) {
printf("FAILED\n");
return 1;
}
printf("ok\n");
printf("Verifying signature.....");
fflush(stdout);
if (!secp256k1_schnorrsig_verify(ctx, sig, msg, 32, &agg_pk)) {
printf("FAILED\n");
return 1;
}
printf("ok\n");
/* It's best practice to try to clear secrets from memory after using them.
* This is done because some bugs can allow an attacker to leak memory, for
* example through "out of bounds" array access (see Heartbleed), or the OS
* swapping them to disk. Hence, we overwrite secret key material with zeros.
*
libsecp256k1/examples/schnorr.c view on Meta::CPAN
* that the probability of this occurring is negligible with a properly
* functioning random number generator. */
if (!secp256k1_keypair_create(ctx, &keypair, seckey)) {
printf("Generated secret key is invalid. This indicates an issue with the random number generator.\n");
return 1;
}
/* Extract the X-only public key from the keypair. We pass NULL for
* `pk_parity` as the parity isn't needed for signing or verification.
* `secp256k1_keypair_xonly_pub` supports returning the parity for
* other use cases such as tests or verifying Taproot tweaks.
* This should never fail with a valid context and public key. */
return_val = secp256k1_keypair_xonly_pub(ctx, &pubkey, NULL, &keypair);
assert(return_val);
/* Serialize the public key. Should always return 1 for a valid public key. */
return_val = secp256k1_xonly_pubkey_serialize(ctx, serialized_pubkey, &pubkey);
assert(return_val);
/*** Signing ***/
libsecp256k1/examples/schnorr.c view on Meta::CPAN
if (!secp256k1_xonly_pubkey_parse(ctx, &pubkey, serialized_pubkey)) {
printf("Failed parsing the public key\n");
return 1;
}
/* Compute the tagged hash on the received messages using the same tag as the signer. */
return_val = secp256k1_tagged_sha256(ctx, msg_hash, tag, sizeof(tag), msg, sizeof(msg));
assert(return_val);
/* Verify a signature. This will return 1 if it's valid and 0 if it's not. */
is_signature_valid = secp256k1_schnorrsig_verify(ctx, signature, msg_hash, 32, &pubkey);
printf("Is the signature valid? %s\n", is_signature_valid ? "true" : "false");
printf("Secret Key: ");
print_hex(seckey, sizeof(seckey));
printf("Public Key: ");
print_hex(serialized_pubkey, sizeof(serialized_pubkey));
printf("Signature: ");
print_hex(signature, sizeof(signature));
/* This will clear everything from the context and free the memory */
secp256k1_context_destroy(ctx);
/* Bonus example: if all we need is signature verification (and no key
generation or signing), we don't need to use a context created via
secp256k1_context_create(). We can simply use the static (i.e., global)
context secp256k1_context_static. See its description in
include/secp256k1.h for details. */
is_signature_valid2 = secp256k1_schnorrsig_verify(secp256k1_context_static,
signature, msg_hash, 32, &pubkey);
assert(is_signature_valid2 == is_signature_valid);
/* It's best practice to try to clear secrets from memory after using them.
* This is done because some bugs can allow an attacker to leak memory, for
* example through "out of bounds" array access (see Heartbleed), or the OS
* swapping them to disk. Hence, we overwrite the secret key buffer with zeros.
*
* Here we are preventing these writes from being optimized out, as any good compiler
* will remove any writes that aren't used. */
libsecp256k1/include/secp256k1.h view on Meta::CPAN
* Args: ctx: pointer to a context object
* In: sig: the signature being verified.
* msghash32: the 32-byte message hash being verified.
* The verifier must make sure to apply a cryptographic
* hash function to the message by itself and not accept an
* msghash32 value directly. Otherwise, it would be easy to
* create a "valid" signature without knowledge of the
* secret key. See also
* https://bitcoin.stackexchange.com/a/81116/35586 for more
* background on this topic.
* pubkey: pointer to an initialized public key to verify with.
*
* To avoid accepting malleable signatures, only ECDSA signatures in lower-S
* form are accepted.
*
* If you need to accept ECDSA signatures from sources that do not obey this
* rule, apply secp256k1_ecdsa_signature_normalize to the signature prior to
* verification, but be aware that doing so results in malleable signatures.
*
* For details, see the comments for that function.
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ecdsa_verify(
const secp256k1_context *ctx,
const secp256k1_ecdsa_signature *sig,
const unsigned char *msghash32,
const secp256k1_pubkey *pubkey
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
/** Convert a signature to a normalized lower-S form.
*
* Returns: 1 if sigin was not normalized, 0 if it already was.
* Args: ctx: pointer to a context object
libsecp256k1/include/secp256k1.h view on Meta::CPAN
* message, given a single initial signature, but without knowing the key. This
* is done by negating the S value modulo the order of the curve, 'flipping'
* the sign of the random point R which is not included in the signature.
*
* Forgery of the same message isn't universally problematic, but in systems
* where message malleability or uniqueness of signatures is important this can
* cause issues. This forgery can be blocked by all verifiers forcing signers
* to use a normalized form.
*
* The lower-S form reduces the size of signatures slightly on average when
* variable length encodings (such as DER) are used and is cheap to verify,
* making it a good choice. Security of always using lower-S is assured because
* anyone can trivially modify a signature after the fact to enforce this
* property anyway.
*
* The lower S value is always between 0x1 and
* 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0,
* inclusive.
*
* No other forms of ECDSA malleability are known and none seem likely, but
* there is no formal proof that ECDSA, even with this additional restriction,
* is free of other malleability. Commonly used serialization schemes will also
* accept various non-unique encodings, so care should be taken when this
* property is required for an application.
*
* The secp256k1_ecdsa_sign function will by default create signatures in the
* lower-S form, and secp256k1_ecdsa_verify will not accept others. In case
* signatures come from a system that cannot enforce this property,
* secp256k1_ecdsa_signature_normalize must be called before verification.
*/
SECP256K1_API int secp256k1_ecdsa_signature_normalize(
const secp256k1_context *ctx,
secp256k1_ecdsa_signature *sigout,
const secp256k1_ecdsa_signature *sigin
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(3);
/** An implementation of RFC6979 (using HMAC-SHA256) as nonce generation function.
libsecp256k1/include/secp256k1.h view on Meta::CPAN
* probability of choosing a 32-byte string uniformly at random which is an
* invalid secret key is negligible. However, if it does happen it should
* be assumed that the randomness source is severely broken and there should
* be no retry.
*
* Returns: 1: secret key is valid
* 0: secret key is invalid
* Args: ctx: pointer to a context object.
* In: seckey: pointer to a 32-byte secret key.
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_seckey_verify(
const secp256k1_context *ctx,
const unsigned char *seckey
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2);
/** Compute the public key for a secret key.
*
* Returns: 1: secret was valid, public key stores.
* 0: secret was invalid, try again.
* Args: ctx: pointer to a context object (not secp256k1_context_static).
* Out: pubkey: pointer to the created public key.
libsecp256k1/include/secp256k1.h view on Meta::CPAN
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_create(
const secp256k1_context *ctx,
secp256k1_pubkey *pubkey,
const unsigned char *seckey
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
/** Negates a secret key in place.
*
* Returns: 0 if the given secret key is invalid according to
* secp256k1_ec_seckey_verify. 1 otherwise
* Args: ctx: pointer to a context object
* In/Out: seckey: pointer to the 32-byte secret key to be negated. If the
* secret key is invalid according to
* secp256k1_ec_seckey_verify, this function returns 0 and
* seckey will be set to some unspecified value.
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_seckey_negate(
const secp256k1_context *ctx,
unsigned char *seckey
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2);
/** Same as secp256k1_ec_seckey_negate, but DEPRECATED. Will be removed in
* future versions. */
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_privkey_negate(
libsecp256k1/include/secp256k1.h view on Meta::CPAN
secp256k1_pubkey *pubkey
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2);
/** Tweak a secret key by adding tweak to it.
*
* Returns: 0 if the arguments are invalid or the resulting secret key would be
* invalid (only when the tweak is the negation of the secret key). 1
* otherwise.
* Args: ctx: pointer to a context object.
* In/Out: seckey: pointer to a 32-byte secret key. If the secret key is
* invalid according to secp256k1_ec_seckey_verify, this
* function returns 0. seckey will be set to some unspecified
* value if this function returns 0.
* In: tweak32: pointer to a 32-byte tweak, which must be valid according to
* secp256k1_ec_seckey_verify or 32 zero bytes. For uniformly
* random 32-byte tweaks, the chance of being invalid is
* negligible (around 1 in 2^128).
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_seckey_tweak_add(
const secp256k1_context *ctx,
unsigned char *seckey,
const unsigned char *tweak32
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
/** Same as secp256k1_ec_seckey_tweak_add, but DEPRECATED. Will be removed in
libsecp256k1/include/secp256k1.h view on Meta::CPAN
/** Tweak a public key by adding tweak times the generator to it.
*
* Returns: 0 if the arguments are invalid or the resulting public key would be
* invalid (only when the tweak is the negation of the corresponding
* secret key). 1 otherwise.
* Args: ctx: pointer to a context object.
* In/Out: pubkey: pointer to a public key object. pubkey will be set to an
* invalid value if this function returns 0.
* In: tweak32: pointer to a 32-byte tweak, which must be valid according to
* secp256k1_ec_seckey_verify or 32 zero bytes. For uniformly
* random 32-byte tweaks, the chance of being invalid is
* negligible (around 1 in 2^128).
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_tweak_add(
const secp256k1_context *ctx,
secp256k1_pubkey *pubkey,
const unsigned char *tweak32
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
/** Tweak a secret key by multiplying it by a tweak.
*
* Returns: 0 if the arguments are invalid. 1 otherwise.
* Args: ctx: pointer to a context object.
* In/Out: seckey: pointer to a 32-byte secret key. If the secret key is
* invalid according to secp256k1_ec_seckey_verify, this
* function returns 0. seckey will be set to some unspecified
* value if this function returns 0.
* In: tweak32: pointer to a 32-byte tweak. If the tweak is invalid according to
* secp256k1_ec_seckey_verify, this function returns 0. For
* uniformly random 32-byte arrays the chance of being invalid
* is negligible (around 1 in 2^128).
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_seckey_tweak_mul(
const secp256k1_context *ctx,
unsigned char *seckey,
const unsigned char *tweak32
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
/** Same as secp256k1_ec_seckey_tweak_mul, but DEPRECATED. Will be removed in
libsecp256k1/include/secp256k1.h view on Meta::CPAN
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
SECP256K1_DEPRECATED("Use secp256k1_ec_seckey_tweak_mul instead");
/** Tweak a public key by multiplying it by a tweak value.
*
* Returns: 0 if the arguments are invalid. 1 otherwise.
* Args: ctx: pointer to a context object.
* In/Out: pubkey: pointer to a public key object. pubkey will be set to an
* invalid value if this function returns 0.
* In: tweak32: pointer to a 32-byte tweak. If the tweak is invalid according to
* secp256k1_ec_seckey_verify, this function returns 0. For
* uniformly random 32-byte arrays the chance of being invalid
* is negligible (around 1 in 2^128).
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_tweak_mul(
const secp256k1_context *ctx,
secp256k1_pubkey *pubkey,
const unsigned char *tweak32
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
/** Randomizes the context to provide enhanced protection against side-channel leakage.
libsecp256k1/include/secp256k1_extrakeys.h view on Meta::CPAN
*
* Returns: 0 if the arguments are invalid or the resulting public key would be
* invalid (only when the tweak is the negation of the corresponding
* secret key). 1 otherwise.
*
* Args: ctx: pointer to a context object.
* Out: output_pubkey: pointer to a public key to store the result. Will be set
* to an invalid value if this function returns 0.
* In: internal_pubkey: pointer to an x-only pubkey to apply the tweak to.
* tweak32: pointer to a 32-byte tweak, which must be valid
* according to secp256k1_ec_seckey_verify or 32 zero
* bytes. For uniformly random 32-byte tweaks, the chance of
* being invalid is negligible (around 1 in 2^128).
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_xonly_pubkey_tweak_add(
const secp256k1_context *ctx,
secp256k1_pubkey *output_pubkey,
const secp256k1_xonly_pubkey *internal_pubkey,
const unsigned char *tweak32
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
/** Checks that a tweaked pubkey is the result of calling
* secp256k1_xonly_pubkey_tweak_add with internal_pubkey and tweak32.
*
* The tweaked pubkey is represented by its 32-byte x-only serialization and
* its pk_parity, which can both be obtained by converting the result of
* tweak_add to a secp256k1_xonly_pubkey.
*
* Note that this alone does _not_ verify that the tweaked pubkey is a
* commitment. If the tweak is not chosen in a specific way, the tweaked pubkey
* can easily be the result of a different internal_pubkey and tweak.
*
* Returns: 0 if the arguments are invalid or the tweaked pubkey is not the
* result of tweaking the internal_pubkey with tweak32. 1 otherwise.
* Args: ctx: pointer to a context object.
* In: tweaked_pubkey32: pointer to a serialized xonly_pubkey.
* tweaked_pk_parity: the parity of the tweaked pubkey (whose serialization
* is passed in as tweaked_pubkey32). This must match the
* pk_parity value that is returned when calling
libsecp256k1/include/secp256k1_extrakeys.h view on Meta::CPAN
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_xonly_pubkey_tweak_add_check(
const secp256k1_context *ctx,
const unsigned char *tweaked_pubkey32,
int tweaked_pk_parity,
const secp256k1_xonly_pubkey *internal_pubkey,
const unsigned char *tweak32
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(5);
/** Compute the keypair for a valid secret key.
*
* See the documentation of `secp256k1_ec_seckey_verify` for more information
* about the validity of secret keys.
*
* Returns: 1: secret key is valid
* 0: secret key is invalid
* Args: ctx: pointer to a context object (not secp256k1_context_static).
* Out: keypair: pointer to the created keypair.
* In: seckey: pointer to a 32-byte secret key.
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_keypair_create(
const secp256k1_context *ctx,
libsecp256k1/include/secp256k1_extrakeys.h view on Meta::CPAN
* secp256k1_xonly_pubkey_tweak_add.
*
* Returns: 0 if the arguments are invalid or the resulting keypair would be
* invalid (only when the tweak is the negation of the keypair's
* secret key). 1 otherwise.
*
* Args: ctx: pointer to a context object.
* In/Out: keypair: pointer to a keypair to apply the tweak to. Will be set to
* an invalid value if this function returns 0.
* In: tweak32: pointer to a 32-byte tweak, which must be valid according to
* secp256k1_ec_seckey_verify or 32 zero bytes. For uniformly
* random 32-byte tweaks, the chance of being invalid is
* negligible (around 1 in 2^128).
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_keypair_xonly_tweak_add(
const secp256k1_context *ctx,
secp256k1_keypair *keypair,
const unsigned char *tweak32
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
#ifdef __cplusplus
libsecp256k1/include/secp256k1_musig.h view on Meta::CPAN
* which ensures the same `agg_pk` result for the same multiset of pubkeys.
* This is useful to do before `pubkey_agg`, such that the order of pubkeys
* does not affect the aggregate public key.
*
* Returns: 0 if the arguments are invalid, 1 otherwise
* Args: ctx: pointer to a context object
* Out: agg_pk: the MuSig-aggregated x-only public key. If you do not need it,
* this arg can be NULL.
* keyagg_cache: if non-NULL, pointer to a musig_keyagg_cache struct that
* is required for signing (or observing the signing session
* and verifying partial signatures).
* In: pubkeys: input array of pointers to public keys to aggregate. The order
* is important; a different order will result in a different
* aggregate public key.
* n_pubkeys: length of pubkeys array. Must be greater than 0.
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_pubkey_agg(
const secp256k1_context *ctx,
secp256k1_xonly_pubkey *agg_pk,
secp256k1_musig_keyagg_cache *keyagg_cache,
const secp256k1_pubkey * const *pubkeys,
size_t n_pubkeys
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(4);
/** Obtain the aggregate public key from a keyagg_cache.
*
* This is only useful if you need the non-xonly public key, in particular for
* plain (non-xonly) tweaking or batch-verifying multiple key aggregations
* (not implemented).
*
* Returns: 0 if the arguments are invalid, 1 otherwise
* Args: ctx: pointer to a context object
* Out: agg_pk: the MuSig-aggregated public key.
* In: keyagg_cache: pointer to a `musig_keyagg_cache` struct initialized by
* `musig_pubkey_agg`
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_pubkey_get(
const secp256k1_context *ctx,
libsecp256k1/include/secp256k1_musig.h view on Meta::CPAN
* signature for it, use `secp256k1_ec_pubkey_tweak_add` instead.
*
* Returns: 0 if the arguments are invalid, 1 otherwise
* Args: ctx: pointer to a context object
* Out: output_pubkey: pointer to a public key to store the result. Will be set
* to an invalid value if this function returns 0. If you
* do not need it, this arg can be NULL.
* In/Out: keyagg_cache: pointer to a `musig_keyagg_cache` struct initialized by
* `musig_pubkey_agg`
* In: tweak32: pointer to a 32-byte tweak. The tweak is valid if it passes
* `secp256k1_ec_seckey_verify` and is not equal to the
* secret key corresponding to the public key represented
* by keyagg_cache or its negation. For uniformly random
* 32-byte arrays the chance of being invalid is
* negligible (around 1 in 2^128).
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_pubkey_ec_tweak_add(
const secp256k1_context *ctx,
secp256k1_pubkey *output_pubkey,
secp256k1_musig_keyagg_cache *keyagg_cache,
const unsigned char *tweak32
libsecp256k1/include/secp256k1_musig.h view on Meta::CPAN
* signature for it, use `secp256k1_xonly_pubkey_tweak_add` instead.
*
* Returns: 0 if the arguments are invalid, 1 otherwise
* Args: ctx: pointer to a context object
* Out: output_pubkey: pointer to a public key to store the result. Will be set
* to an invalid value if this function returns 0. If you
* do not need it, this arg can be NULL.
* In/Out: keyagg_cache: pointer to a `musig_keyagg_cache` struct initialized by
* `musig_pubkey_agg`
* In: tweak32: pointer to a 32-byte tweak. The tweak is valid if it passes
* `secp256k1_ec_seckey_verify` and is not equal to the
* secret key corresponding to the public key represented
* by keyagg_cache or its negation. For uniformly random
* 32-byte arrays the chance of being invalid is
* negligible (around 1 in 2^128).
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_pubkey_xonly_tweak_add(
const secp256k1_context *ctx,
secp256k1_pubkey *output_pubkey,
secp256k1_musig_keyagg_cache *keyagg_cache,
const unsigned char *tweak32
libsecp256k1/include/secp256k1_musig.h view on Meta::CPAN
* secnonce that is all zeros. This is a best effort attempt to protect against nonce
* reuse. However, this is of course easily defeated if the secnonce has been
* copied (or serialized). Remember that nonce reuse will leak the secret key!
*
* For signing to succeed, the secnonce provided to this function must have
* been generated for the provided keypair. This means that when signing for a
* keypair consisting of a seckey and pubkey, the secnonce must have been
* created by calling musig_nonce_gen with that pubkey. Otherwise, the
* illegal_callback is called.
*
* This function does not verify the output partial signature, deviating from
* the BIP 327 specification. It is recommended to verify the output partial
* signature with `secp256k1_musig_partial_sig_verify` to prevent random or
* adversarially provoked computation errors.
*
* Returns: 0 if the arguments are invalid or the provided secnonce has already
* been used for signing, 1 otherwise
* Args: ctx: pointer to a context object
* Out: partial_sig: pointer to struct to store the partial signature
* In/Out: secnonce: pointer to the secnonce struct created in
* musig_nonce_gen that has been never used in a
* partial_sign call before and has been created for the
* keypair
libsecp256k1/include/secp256k1_musig.h view on Meta::CPAN
secp256k1_musig_partial_sig *partial_sig,
secp256k1_musig_secnonce *secnonce,
const secp256k1_keypair *keypair,
const secp256k1_musig_keyagg_cache *keyagg_cache,
const secp256k1_musig_session *session
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(5) SECP256K1_ARG_NONNULL(6);
/** Verifies an individual signer's partial signature
*
* The signature is verified for a specific signing session. In order to avoid
* accidentally verifying a signature from a different or non-existing signing
* session, you must ensure the following:
* 1. The `keyagg_cache` argument is identical to the one used to create the
* `session` with `musig_nonce_process`.
* 2. The `pubkey` argument must be identical to the one sent by the signer
* before aggregating it with `musig_pubkey_agg` to create the
* `keyagg_cache`.
* 3. The `pubnonce` argument must be identical to the one sent by the signer
* before aggregating it with `musig_nonce_agg` and using the result to
* create the `session` with `musig_nonce_process`.
*
* It is not required to call this function in regular MuSig sessions, because
* if any partial signature does not verify, the final signature will not
* verify either, so the problem will be caught. However, this function
* provides the ability to identify which specific partial signature fails
* verification.
*
* Returns: 0 if the arguments are invalid or the partial signature does not
* verify, 1 otherwise
* Args ctx: pointer to a context object
* In: partial_sig: pointer to partial signature to verify, sent by
* the signer associated with `pubnonce` and `pubkey`
* pubnonce: public nonce of the signer in the signing session
* pubkey: public key of the signer in the signing session
* keyagg_cache: pointer to the keyagg_cache that was output when the
* aggregate public key for this signing session
* session: pointer to the session that was created with
* `musig_nonce_process`
*/
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_musig_partial_sig_verify(
const secp256k1_context *ctx,
const secp256k1_musig_partial_sig *partial_sig,
const secp256k1_musig_pubnonce *pubnonce,
const secp256k1_pubkey *pubkey,
const secp256k1_musig_keyagg_cache *keyagg_cache,
const secp256k1_musig_session *session
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4) SECP256K1_ARG_NONNULL(5) SECP256K1_ARG_NONNULL(6);
/** Aggregates partial signatures
*
( run in 1.434 second using v1.01-cache-2.11-cpan-d0baa829c65 )