Crate bitcoin_secp256k1 Copy item path Source assumption_checker | This library, like most software, relies
| on a number of compiler implementation
| defined (but not undefined) behaviours.
|
| Although the behaviours we require
| are essentially universal we test them
| specifically here to reduce the odds
| of experiencing an unwelcome surprise.
| EcMultMultiData CONTEXT_DECLASSIFY CONTEXT_NONE CONTEXT_SIGN CONTEXT_VERIFY | Flags to pass to context_create, context_preallocated_size,
| and context_preallocated_create.
| EC_COMPRESSED | Flag to pass to ec_pubkey_serialize.
| EC_UNCOMPRESSED EXHAUSTIVE_TEST_ORDER | see group_impl.h for allowable values
| FLAGS_BIT_COMPRESSION FLAGS_BIT_CONTEXT_DECLASSIFY FLAGS_BIT_CONTEXT_SIGN FLAGS_BIT_CONTEXT_VERIFY | The higher bits contain the actual data.
| Do not use directly.
| FLAGS_TYPE_COMPRESSION FLAGS_TYPE_CONTEXT FLAGS_TYPE_MASK | All flags’ lower 8 bits indicate what
| they’re for. Do not use directly.
| NONCE_FUNCTION_DEFAULT NONCE_FUNCTION_RFC6979 TAG_PUBKEY_EVEN | Prefix byte used to tag various encoded
| curvepoints for specific purposes
| TAG_PUBKEY_HYBRID_EVEN TAG_PUBKEY_HYBRID_ODD TAG_PUBKEY_ODD TAG_PUBKEY_UNCOMPRESSED USE_ASM_X86_64 USE_ECMULT_STATIC_PRECOMPUTATION | We can’t require the precomputed tables
| when creating them.
| USE_EXTERNAL_ASM | In principle we could use ASM, but this
| yields only a minor speedup in build
| time and it’s very complicated. In particular
| when cross-compiling, we’d need to
| build the ASM for the build and the host
| machine.
| assign_big_endian buffer_append check_fe_equal coprime | test if a and b are coprime
| counting_illegal_callback_fn damage_array declassify | Mark memory as no-longer-secret for
| the purpose of analysing constant-time
| behaviour of the software. This is setup
| for use with valgrind but could be substituted
| with the appropriate instrumentation
| for other analysis tools.
| ec_privkey_negate ec_privkey_tweak_add ec_privkey_tweak_mul ec_pubkey_cmp ec_pubkey_combine ec_pubkey_create ec_pubkey_create_helper ec_pubkey_negate ec_pubkey_parse ec_pubkey_parse_pointtest ec_pubkey_serialize ec_pubkey_tweak_add ec_pubkey_tweak_add_helper ec_pubkey_tweak_mul ec_seckey_negate ec_seckey_tweak_add ec_seckey_tweak_add_helper ec_seckey_tweak_mul ec_seckey_verify ecdsa_sign_inner ecmult_const_chain_multiply ecmult_const_commutativity ecmult_const_mult_zero_one ecmult_const_random_mult ecmult_multi_callback ecmult_multi_false_callback fe_cmov_test fe_memcmp_var fe_storage_cmov_test ge_equals_ge ge_equals_gej ge_storage_cmov_test gej_xyz_equals_gej | This compares jacobian points including
| their Z, not just their geometric meaning.
| int_cmov_test is_empty_signature modinv2p64 | Compute the modular inverse of (odd)
| x mod 2^64.
| mulmod256 | compute out = (a*b) mod m; if b=NULL,
| treat b=1.
|
| Out is a 512-bit number (represented
| as 32 uint16_t’s in LE order). The other
| arguments are 256-bit numbers (represented
| as 16 uint16_t’s in LE order).
| mutate_sign_signed30 | Randomly mutate the sign of limbs in
| signed30 representation, without
| changing the value.
| nonce_function_rfc6979 nonce_function_smallint nonce_function_test_fail nonce_function_test_retry precomputed_nonce_function | Dummy nonce generation function that
| just uses a precomputed nonce, and fails
| if it is not accepted. Use only for testing.
| pubkey_load pubkey_save r_from_k random_ber_signature random_fe random_fe_non_square random_fe_non_zero random_fe_test random_field_element_magnitude random_field_element_test random_group_element_jacobian_test random_group_element_test random_scalar_order random_scalar_order_b32 random_scalar_order_test random_sign run_cmov_tests run_context_tests run_ctz_tests run_ec_combine run_ec_pubkey_parse_test run_ecdsa_der_parse run_ecdsa_edge_cases run_ecdsa_end_to_end run_ecdsa_sign_verify run_eckey_edge_case_test run_eckey_negate_test run_ecmult_chain run_ecmult_const_tests run_ecmult_constants run_ecmult_gen_blind run_ecmult_multi_tests run_ecmult_near_split_bound run_endomorphism_tests run_fe_mul run_field_convert run_field_misc run_ge run_group_decompress run_hmac_sha256_tests run_inverse_tests run_memczero_test run_modinv_tests run_point_times_order run_pubkey_comparison run_rand_bits run_rand_int run_random_pubkeys run_rfc6979_hmac_sha256_tests run_scalar_set_b32_seckey_tests run_scalar_tests run_scratch_tests run_sha256_tests run_sqr run_sqrt run_tagged_sha256_tests run_tests run_wnaf scalar_cmov_test scalar_test scratch_space_create scratch_space_destroy secp256k1_gen_context_main secp256k1_tests_exhaustive_main secp256k1_tests_main secp256k1_valgrind_ctime_test_main secp_256k1_selftest secp_256k1_selftest_sha256 signed30_to_uint16 | Convert a 256-bit number in signed30
| notation to a representation as 16 uint16_t’s.
| skip_section tagged_sha256 test_add_neg_y_diff_x test_constant_wnaf test_constant_wnaf_negate test_ec_combine test_ecdsa_der_parse test_ecdsa_edge_cases | Tests several edge cases.
| test_ecdsa_end_to_end test_ecdsa_sign_verify test_ecmult_constants test_ecmult_gen_blind test_ecmult_gen_blind_reset test_ecmult_multi test_ecmult_multi_batch_single test_ecmult_multi_batch_size_helper test_ecmult_multi_batching | Run ecmult_multi_var with num points
| and a scratch space restricted to 1 <=
| i <= num points.
| test_ecmult_multi_pippenger_max_points | Probabilistically test the function
| returning the maximum number of possible
| points for a given scratch space.
| test_ecmult_target test_exhaustive_addition test_exhaustive_ecmult test_exhaustive_ecmult_multi test_exhaustive_endomorphism test_exhaustive_sign test_exhaustive_verify test_fe_mul test_fixed_wnaf test_fixed_wnaf_small test_fixed_wnaf_small_helper | Checks that the first 8 elements of wnaf
| are equal to wnaf_expected and the rest
| is 0.
| test_ge test_group_decompress test_intialized_inf test_inverse_field test_inverse_scalar | These tests test the following identities:
|
| for x==0: 1/x == 0
|
| for x!=0: x*(1/x) == 1
|
| for x!=0 and x!=1: 1/(1/x - 1) + 1 == -1/(x-1) test_modinv32_uint16 | Test modinv32{_var}, using inputs
| in 16-bit limb format, and returning
| inverse.
| test_pippenger_bucket_window_inv test_point_times_order test_rand_bits test_rand_int | Subrange must be a whole divisor of range,
| and at most 64
| test_random_pubkeys test_scalar_split test_sqrt test_wnaf testrand32 | Generate a pseudorandom number in the
| range [0..2**32-1].
| testrand256 | Generate a pseudorandom 32-byte array.
| testrand256_test | Generate a pseudorandom 32-byte array
| with long sequences of zero and one bits.
| testrand_bits | Generate a pseudorandom number in the
| range [0..2**bits-1]. Bits must be
| 1 or more.
| testrand_bytes_test | Generate pseudorandom bytes with long
| sequences of zero and one bits.
| testrand_finish | Print final test information.
| testrand_flip | Flip a single random bit in a byte array
| testrand_init | Initialize the test RNG using (hex encoded)
| array up to 16 bytes, or randomly if hexseed
| is NULL.
| testrand_int | Generate a pseudorandom number in the
| range [0..range-1].
| testrand_seed | Seed the pseudorandom number generator
| for testing.
| uint16_to_signed30 | Convert a 256-bit number represented
| as 16 uint16_t’s to signed30 notation.
| uncounting_illegal_callback_fn