ElementsProject · mdance · Apr 6, 2022 · Apr 6, 2022
diff --git a/common/blinding.c b/common/blinding.c
@@ -35,6 +35,6 @@ bool blinding_next_privkey(const struct privkey *e,
 			   struct privkey *next)
 {
 	*next = *e;
-	return secp256k1_ec_privkey_tweak_mul(secp256k1_ctx, next->secret.data,
+	return secp256k1_ec_seckey_tweak_mul(secp256k1_ctx, next->secret.data,
 					      h->u.u8) == 1;
 }
diff --git a/common/bolt12.c b/common/bolt12.c
@@ -83,6 +83,7 @@ bool bolt12_check_signature(const struct tlv_field *fields,
 	return secp256k1_schnorrsig_verify(secp256k1_ctx,
 					   sig->u8,
 					   shash.u.u8,
+					   sizeof(shash.u.u8),
 					   &key->pubkey) == 1;
 }
 

diff --git a/common/key_derive.c b/common/key_derive.c
@@ -84,7 +84,7 @@ bool derive_simple_privkey(const struct secret *base_secret,
 #endif
 
 	key->secret = *base_secret;
-	if (secp256k1_ec_privkey_tweak_add(secp256k1_ctx, key->secret.data,
+	if (secp256k1_ec_seckey_tweak_add(secp256k1_ctx, key->secret.data,
 					   sha.u.u8) != 1)
 		return false;
 #ifdef SUPERVERBOSE
@@ -207,7 +207,7 @@ bool derive_revocation_privkey(const struct secret *base_secret,
 #endif
 
 	key->secret = *base_secret;
-	if (secp256k1_ec_privkey_tweak_mul(secp256k1_ctx, key->secret.data,
+	if (secp256k1_ec_seckey_tweak_mul(secp256k1_ctx, key->secret.data,
 					   sha.u.u8)
 	    != 1)
 		return false;
@@ -229,7 +229,7 @@ bool derive_revocation_privkey(const struct secret *base_secret,
 #endif
 
 	part2 = *per_commitment_secret;
-	if (secp256k1_ec_privkey_tweak_mul(secp256k1_ctx, part2.data,
+	if (secp256k1_ec_seckey_tweak_mul(secp256k1_ctx, part2.data,
 					   sha.u.u8) != 1)
 		return false;
 #ifdef SUPERVERBOSE
@@ -239,7 +239,7 @@ bool derive_revocation_privkey(const struct secret *base_secret,
 		printf("# = 0x%s\n", tal_hexstr(tmpctx, &part2, sizeof(part2)));
 #endif
 
-	if (secp256k1_ec_privkey_tweak_add(secp256k1_ctx, key->secret.data,
+	if (secp256k1_ec_seckey_tweak_add(secp256k1_ctx, key->secret.data,
 					   part2.data) != 1)
 		return false;
 

diff --git a/devtools/bolt12-cli.c b/devtools/bolt12-cli.c
@@ -321,6 +321,7 @@ static bool print_signature(const char *messagename,
 	if (secp256k1_schnorrsig_verify(secp256k1_ctx,
 					sig->u8,
 					shash.u.u8,
+					sizeof(shash.u.u8),
 					&node_id->pubkey) != 1) {
 		fprintf(stderr, "%s: INVALID\n", fieldname);
 		return false;

diff --git a/external/libwally-core b/external/libwally-core
diff --git a/hsmd/libhsmd.c b/hsmd/libhsmd.c
@@ -635,10 +635,10 @@ static u8 *handle_sign_bolt12(struct hsmd_client *c, const u8 *msg_in)
 		}
 	}
 
-	if (!secp256k1_schnorrsig_sign(secp256k1_ctx, sig.u8,
+	if (!secp256k1_schnorrsig_sign32(secp256k1_ctx, sig.u8,
 				       sha.u.u8,
 				       &kp,
-				       NULL, NULL)) {
+				       NULL)) {
 		return hsmd_status_bad_request_fmt(c, msg_in,
 						   "Failed to sign bolt12");
 	}

diff --git a/lightningd/offer.c b/lightningd/offer.c
@@ -77,7 +77,7 @@ static void hsm_sign_b12(struct lightningd *ld,
 	/* Now we sanity-check! */
 	sighash_from_merkle(messagename, fieldname, merkle, &sighash);
 	if (secp256k1_schnorrsig_verify(secp256k1_ctx, sig->u8,
-					sighash.u.u8, &key->pubkey) != 1)
+					sighash.u.u8, sizeof(sighash.u.u8), &key->pubkey) != 1)
 		fatal("HSM gave bad signature %s for pubkey %s",
 		      type_to_string(tmpctx, struct bip340sig, sig),
 		      type_to_string(tmpctx, struct point32, key));

diff --git a/plugins/fetchinvoice.c b/plugins/fetchinvoice.c
@@ -218,7 +218,7 @@ static struct command_result *handle_invreq_response(struct command *cmd,
 
 	if (!inv->signature
 	    || secp256k1_schnorrsig_verify(secp256k1_ctx, inv->signature->u8,
-					   sighash.u.u8, &inv->node_id->pubkey) != 1) {
+					   sighash.u.u8, sizeof(sighash.u.u8), &inv->node_id->pubkey) != 1) {
 		badfield = "signature";
 		goto badinv;
 	}
@@ -1198,11 +1198,11 @@ force_payer_secret(struct command *cmd,
 		sighash_from_merkle("invoice_request", "signature", &merkle, &sha);
 
 	sent->invreq->signature = tal(invreq, struct bip340sig);
-	if (!secp256k1_schnorrsig_sign(secp256k1_ctx,
+	if (!secp256k1_schnorrsig_sign32(secp256k1_ctx,
 				       sent->invreq->signature->u8,
 				       sha.u.u8,
 				       &kp,
-				       NULL, NULL)) {
+				       NULL)) {
 		return command_fail(cmd, LIGHTNINGD,
 				    "Failed to sign with payer_secret");
 	}

diff --git a/plugins/offers_inv_hook.c b/plugins/offers_inv_hook.c
@@ -387,6 +387,7 @@ struct command_result *handle_invoice(struct command *cmd,
 	if (secp256k1_schnorrsig_verify(secp256k1_ctx,
 					inv->inv->signature->u8,
 					shash.u.u8,
+					sizeof(shash.u.u8),
 					&inv->inv->node_id->pubkey) != 1) {
 		return fail_inv(cmd, inv, "Bad signature");
 	}

diff --git a/plugins/offers_invreq_hook.c b/plugins/offers_invreq_hook.c
@@ -433,7 +433,7 @@ static bool check_payer_sig(struct command *cmd,
 
 	if (secp256k1_schnorrsig_verify(secp256k1_ctx,
 					sig->u8,
-					sighash.u.u8, &payer_key->pubkey) == 1)
+					sighash.u.u8, sizeof(sighash.u.u8), &payer_key->pubkey) == 1)
 		return true;
 
 	if (!deprecated_apis)
@@ -447,7 +447,7 @@ static bool check_payer_sig(struct command *cmd,
 
 	return secp256k1_schnorrsig_verify(secp256k1_ctx,
 					   sig->u8,
-					   sighash.u.u8, &payer_key->pubkey) == 1;
+					   sighash.u.u8, sizeof(sighash.u.u8), &payer_key->pubkey) == 1;
 }
 
 static struct command_result *invreq_amount_by_quantity(struct command *cmd,
+44 −28		.github/workflows/wheels.yml
+1 −6		.gitignore
+60 −60		.gitlab-ci.yml
+9 −5		README.md
+48 −70		configure.ac
+5 −0		docs/requirements.txt
+1 −1		docs/source/conf.py
+111 −0		include/wally.hpp
+52 −5		include/wally_address.h
+4 −0		include/wally_anti_exfil.h
+112 −3		include/wally_bip32.h
+53 −1		include/wally_core.h
+33 −15		include/wally_crypto.h
+27 −1		include/wally_script.h
+81 −91		setup.py
+27 −16		src/Makefile.am
+14 −2		src/address.c
+4 −0		src/anti_exfil.c
+18 −5		src/base58.c
+77 −32		src/bech32.c
+199 −22		src/bip32.c
+12 −2		src/bip39.c
+41 −27		src/blech32.c
+0 −218		src/ctest/test_blech32.c
+2 −2		src/elements.c
+31 −9		src/hex.c
+20 −1		src/internal.c
+2 −0		src/internal.h
+42 −19		src/script.c
+3 −0		src/script.h
+1 −1		src/secp256k1
+2 −0		src/sign.c
+19 −0		src/swig_java/swig.i
+2 −0		src/swig_python/python_extra.py_in
+5 −0		src/swig_python/swig.i
+6 −4		src/test/test_address.py
+5 −0		src/test/test_base58.py
+93 −39		src/test/test_bech32.py
+177 −12		src/test/test_bip32.py
+1 −1		src/test/test_bip38.py
+71 −7		src/test/test_confidential_addr.py
+12 −17		src/test/test_elements.py
+28 −2		src/test/test_hash.py
+20 −1		src/test/test_hex.py
+2 −3		src/test/test_pbkdf2.py
+3 −2		src/test/test_psbt.py
+40 −16		src/test/test_script.py
+19 −1		src/test/util.py
+6 −1		src/transaction.c
+1 −0		src/transaction_shared.h
+11 −17		src/wrap_js/cordovaplugin/yarn.lock
+5 −0		src/wrap_js/example.js
+240 −8		src/wrap_js/makewrappers/templates/nan.py
+18 −3		src/wrap_js/makewrappers/wrap.py
+2 −2		src/wrap_js/package.json
+11 −5		src/wrap_js/src/combined.c
+41 −20		src/wrap_js/test/test_bech32.js
+1 −1		src/wrap_js/test/test_bip32.js
+44 −0		src/wrap_js/test/test_unblind.js
+2 −2		src/wrap_js/windows_config/binding.gyp.elements_tmpl
+2 −2		src/wrap_js/windows_config/binding.gyp.tmpl
+1,143 −880		src/wrap_js/yarn.lock
+1 −1		tools/autogen.sh
+146 −109		tools/build-aux/m4/ax_pthread.m4
+2 −1		tools/cleanup.sh
+2 −2		tools/msvc/build.bat
+1 −1		tools/msvc/gen_ecmult_static_context.bat
+1 −10		tools/msvc/wheel.bat
+12 −0		tools/msvc/wheel_preamble.bat
+1 −1		tools/travis_install.sh
+1 −1		tools/wasm_exports.sh