Squashed 'src/secp256k1/' changes from be8d9c2..af4047cf8

af4047cf8 Add ellsq testing to CI
1ab129a5c Elligator Squared module
13fe9daa9 Native jacobi symbol algorithm
2a3a97c Merge bitcoin-core/secp256k1#976: `secp256k1_schnorrsig_sign_internal` should be static
aa5d34a Merge bitcoin-core/secp256k1#783: Make the public API docs more consistent and explicit
7271387 Add missing static to secp256k1_schnorrsig_sign_internal
9a5a87e Merge bitcoin-core/secp256k1#956: Replace ecmult_context with a generated static array.
20abd52 Add tests for pre_g tables.
6815761 Remove ecmult_context.
f20dcbb Correct typo.
16a3cc0 Generate ecmult_static_pre_g.h
8de2d86 Bump memory limits in advance of making the ecmult context static.
d7ec49a Merge bitcoin-core/secp256k1#969: ci: Fixes after Debian release
5d5c74a tests: Rewrite code to circument potential bug in clang
3d2f492 ci: Install libasan6 (instead of 5) after Debian upgrade
adec5a1 Add missing null check for ctx and input keys in the public API
f4edfc7 Improve consistency for NULL arguments in the public interface

git-subtree-dir: src/secp256k1
git-subtree-split: af4047cf871df2875e492c27885fcaca2cbc760e

Author: dhruv

.cirrus.yml

@@ -18,6 +18,7 @@ env:
   ECDH: no
   RECOVERY: no
   SCHNORRSIG: no
+  ELLSQ: no
   ### test options
   TEST_ITERS:
   BENCH: yes
@@ -60,12 +61,12 @@ task:
     memory: 1G
   matrix: &ENV_MATRIX
     - env: {WIDEMUL:  int64,  RECOVERY: yes}
-    - env: {WIDEMUL:  int64,                 ECDH: yes, EXPERIMENTAL: yes, SCHNORRSIG: yes}
+    - env: {WIDEMUL:  int64,                 ECDH: yes, EXPERIMENTAL: yes, SCHNORRSIG: yes, ELLSQ: yes}
     - env: {WIDEMUL: int128}
-    - env: {WIDEMUL: int128,  RECOVERY: yes,            EXPERIMENTAL: yes, SCHNORRSIG: yes}
+    - env: {WIDEMUL: int128,  RECOVERY: yes,            EXPERIMENTAL: yes, SCHNORRSIG: yes, ELLSQ: yes}
     - env: {WIDEMUL: int128,                 ECDH: yes, EXPERIMENTAL: yes, SCHNORRSIG: yes}
     - env: {WIDEMUL: int128,  ASM: x86_64}
-    - env: {                  RECOVERY: yes,            EXPERIMENTAL: yes, SCHNORRSIG: yes}
+    - env: {                  RECOVERY: yes,            EXPERIMENTAL: yes, SCHNORRSIG: yes, ELLSQ: yes}
     - env: {                  STATICPRECOMPUTATION: no}
     - env: {BUILD: distcheck, WITH_VALGRIND: no, CTIMETEST: no, BENCH: no}
     - env: {CPPFLAGS: -DDETERMINISTIC}
@@ -91,6 +92,7 @@ task:
   env:
     HOST: i686-linux-gnu
     ECDH: yes
+    ELLSQ: yes
     RECOVERY: yes
     EXPERIMENTAL: yes
     SCHNORRSIG: yes
@@ -175,6 +177,7 @@ task:
     HOST: s390x-linux-gnu
     WITH_VALGRIND: no
     ECDH: yes
+    ELLSQ: yes
     RECOVERY: yes
     EXPERIMENTAL: yes
     SCHNORRSIG: yes
@@ -198,6 +201,7 @@ task:
     HOST: arm-linux-gnueabihf
     WITH_VALGRIND: no
     ECDH: yes
+    ELLSQ: tes
     RECOVERY: yes
     EXPERIMENTAL: yes
     SCHNORRSIG: yes
@@ -222,6 +226,7 @@ task:
     HOST: aarch64-linux-gnu
     WITH_VALGRIND: no
     ECDH: yes
+    ELLSQ: yes
     RECOVERY: yes
     EXPERIMENTAL: yes
     SCHNORRSIG: yes
@@ -243,6 +248,7 @@ task:
     HOST: powerpc64le-linux-gnu
     WITH_VALGRIND: no
     ECDH: yes
+    ELLSQ: yes
     RECOVERY: yes
     EXPERIMENTAL: yes
     SCHNORRSIG: yes
@@ -264,6 +270,7 @@ task:
     HOST: x86_64-w64-mingw32
     WITH_VALGRIND: no
     ECDH: yes
+    ELLSQ: yes
     RECOVERY: yes
     EXPERIMENTAL: yes
     SCHNORRSIG: yes
@@ -278,9 +285,10 @@ task:
   container:
     dockerfile: ci/linux-debian.Dockerfile
     cpu: 1
-    memory: 1G
+    memory: 2G
   env:
     ECDH: yes
+    ELLSQ: yes
     RECOVERY: yes
     EXPERIMENTAL: yes
     SCHNORRSIG: yes
@@ -334,6 +342,7 @@ task:
     WERROR_CFLAGS:
     EXPERIMENTAL: yes
     ECDH: yes
+    ELLSQ: yes
     RECOVERY: yes
     SCHNORRSIG: yes
   << : *MERGE_BASE

.gitattributes

@@ -0,0 +1 @@
+src/ecmult_static_pre_g.h linguist-generated

.gitignore

@@ -9,6 +9,7 @@ bench_internal
 tests
 exhaustive_tests
 gen_context
+gen_ecmult_static_pre_g
 valgrind_ctime_test
 *.exe
 *.so

Makefile.am

@@ -127,12 +127,19 @@ exhaustive_tests_LDFLAGS = -static
 TESTS += exhaustive_tests
 endif
 
+EXTRA_PROGRAMS = gen_ecmult_static_pre_g
+gen_ecmult_static_pre_g_SOURCES = src/gen_ecmult_static_pre_g.c
+# See Automake manual, Section "Errors with distclean"
+src/ecmult_static_pre_g.h:
+	$(MAKE) $(AM_MAKEFLAGS) gen_ecmult_static_pre_g$(EXEEXT)
+	./gen_ecmult_static_pre_g$(EXEEXT)
+
 if USE_ECMULT_STATIC_PRECOMPUTATION
 CPPFLAGS_FOR_BUILD +=-I$(top_srcdir) -I$(builddir)/src
 
 gen_context_OBJECTS = gen_context.o
 gen_context_BIN = gen_context$(BUILD_EXEEXT)
-gen_%.o: src/gen_%.c src/libsecp256k1-config.h
+$(gen_context_OBJECTS): src/gen_context.c src/libsecp256k1-config.h
 	$(CC_FOR_BUILD) $(DEFS) $(CPPFLAGS_FOR_BUILD) $(SECP_CFLAGS_FOR_BUILD) $(CFLAGS_FOR_BUILD) -c $< -o $@
 
 $(gen_context_BIN): $(gen_context_OBJECTS)
@@ -149,7 +156,7 @@ src/ecmult_static_context.h: $(gen_context_BIN)
 CLEANFILES = $(gen_context_BIN) src/ecmult_static_context.h
 endif
 
-EXTRA_DIST = autogen.sh src/gen_context.c src/basic-config.h
+EXTRA_DIST = autogen.sh src/gen_context.c src/ecmult_static_pre_g.h src/basic-config.h
 
 if ENABLE_MODULE_ECDH
 include src/modules/ecdh/Makefile.am.include
@@ -166,3 +173,7 @@ endif
 if ENABLE_MODULE_SCHNORRSIG
 include src/modules/schnorrsig/Makefile.am.include
 endif
+
+if ENABLE_MODULE_ELLSQ
+include src/modules/ellsq/Makefile.am.include
+endif

ci/cirrus.sh

@@ -16,7 +16,7 @@ valgrind --version || true
     --enable-experimental="$EXPERIMENTAL" \
     --with-test-override-wide-multiply="$WIDEMUL" --with-asm="$ASM" \
     --enable-ecmult-static-precomputation="$STATICPRECOMPUTATION" --with-ecmult-gen-precision="$ECMULTGENPRECISION" \
-    --enable-module-ecdh="$ECDH" --enable-module-recovery="$RECOVERY" \
+    --enable-module-ecdh="$ECDH" --enable-module-recovery="$RECOVERY" --enable-module-ellsq="$ELLSQ" \
     --enable-module-schnorrsig="$SCHNORRSIG" \
     --with-valgrind="$WITH_VALGRIND" \
     --host="$HOST" $EXTRAFLAGS
@@ -60,6 +60,10 @@ then
     then
         $EXEC ./bench_ecdh >> bench.log 2>&1
     fi
+    if [ "$ELLSQ" = "yes" ]
+    then
+        $EXEC ./bench_ellsq >> bench.log 2>&1
+    fi
     if [ "$SCHNORRSIG" = "yes" ]
     then
         $EXEC ./bench_schnorrsig >> bench.log 2>&1

ci/linux-debian.Dockerfile

@@ -14,7 +14,7 @@ RUN apt-get install --no-install-recommends --no-upgrade -y \
         make automake libtool pkg-config dpkg-dev valgrind qemu-user \
         gcc clang llvm libc6-dbg \
         g++ \
-        gcc-i686-linux-gnu libc6-dev-i386-cross libc6-dbg:i386 libubsan1:i386 libasan5:i386 \
+        gcc-i686-linux-gnu libc6-dev-i386-cross libc6-dbg:i386 libubsan1:i386 libasan6:i386 \
         gcc-s390x-linux-gnu libc6-dev-s390x-cross libc6-dbg:s390x \
         gcc-arm-linux-gnueabihf libc6-dev-armhf-cross libc6-dbg:armhf \
         gcc-aarch64-linux-gnu libc6-dev-arm64-cross libc6-dbg:arm64 \

configure.ac

@@ -161,6 +161,11 @@ AC_ARG_ENABLE(module_schnorrsig,
     [enable_module_schnorrsig=$enableval],
     [enable_module_schnorrsig=no])
 
+AC_ARG_ENABLE(module_ellsq,
+    AS_HELP_STRING([--enable-module-ellsq],[enable Elligator^2 module (experimental)]),
+    [enable_module_ellsq=$enableval],
+    [enable_module_ellsq=no])
+
 AC_ARG_ENABLE(external_default_callbacks,
     AS_HELP_STRING([--enable-external-default-callbacks],[enable external default callback functions [default=no]]),
     [use_external_default_callbacks=$enableval],
@@ -177,6 +182,8 @@ AC_ARG_WITH([ecmult-window], [AS_HELP_STRING([--with-ecmult-window=SIZE|auto],
 [window size for ecmult precomputation for verification, specified as integer in range [2..24].]
 [Larger values result in possibly better performance at the cost of an exponentially larger precomputed table.]
 [The table will store 2^(SIZE-1) * 64 bytes of data but can be larger in memory due to platform-specific padding and alignment.]
+[A window size larger than 15 will require you delete the prebuilt ecmult_static_pre_g.h file so that it can be rebuilt.]
+[For very large window sizes, use "make -j 1" to reduce memory use during compilation.]
 ["auto" is a reasonable setting for desktop machines (currently 15). [default=auto]]
 )],
 [req_ecmult_window=$withval], [req_ecmult_window=auto])
@@ -454,6 +461,10 @@ if test x"$enable_module_extrakeys" = x"yes"; then
   AC_DEFINE(ENABLE_MODULE_EXTRAKEYS, 1, [Define this symbol to enable the extrakeys module])
 fi
 
+if test x"$enable_module_ellsq" = x"yes"; then
+  AC_DEFINE(ENABLE_MODULE_ELLSQ, 1, [Define this symbol to enable the Elligator^2 module])
+fi
+
 if test x"$use_external_default_callbacks" = x"yes"; then
   AC_DEFINE(USE_EXTERNAL_DEFAULT_CALLBACKS, 1, [Define this symbol if an external implementation of the default callbacks is used])
 fi
@@ -468,6 +479,7 @@ if test x"$enable_experimental" = x"yes"; then
   AC_MSG_NOTICE([Experimental features do not have stable APIs or properties, and may not be safe for production use.])
   AC_MSG_NOTICE([Building extrakeys module: $enable_module_extrakeys])
   AC_MSG_NOTICE([Building schnorrsig module: $enable_module_schnorrsig])
+  AC_MSG_NOTICE([Building Elligator^2 module: $enable_module_ellsq])
   AC_MSG_NOTICE([******])
 else
   if test x"$enable_module_extrakeys" = x"yes"; then
@@ -476,6 +488,9 @@ else
   if test x"$enable_module_schnorrsig" = x"yes"; then
     AC_MSG_ERROR([schnorrsig module is experimental. Use --enable-experimental to allow.])
   fi
+  if test x"$enable_module_ellsq" = x"yes"; then
+    AC_MSG_ERROR([Elligator^2 module is experimental. Use --enable-experimental to allow.])
+  fi
   if test x"$set_asm" = x"arm"; then
     AC_MSG_ERROR([ARM assembly optimization is experimental. Use --enable-experimental to allow.])
   fi
@@ -501,6 +516,7 @@ AM_CONDITIONAL([ENABLE_MODULE_ECDH], [test x"$enable_module_ecdh" = x"yes"])
 AM_CONDITIONAL([ENABLE_MODULE_RECOVERY], [test x"$enable_module_recovery" = x"yes"])
 AM_CONDITIONAL([ENABLE_MODULE_EXTRAKEYS], [test x"$enable_module_extrakeys" = x"yes"])
 AM_CONDITIONAL([ENABLE_MODULE_SCHNORRSIG], [test x"$enable_module_schnorrsig" = x"yes"])
+AM_CONDITIONAL([ENABLE_MODULE_ELLSQ], [test x"$enable_module_ellsq" = x"yes"])
 AM_CONDITIONAL([USE_EXTERNAL_ASM], [test x"$use_external_asm" = x"yes"])
 AM_CONDITIONAL([USE_ASM_ARM], [test x"$set_asm" = x"arm"])
 
@@ -523,6 +539,7 @@ echo "  module ecdh             = $enable_module_ecdh"
 echo "  module recovery         = $enable_module_recovery"
 echo "  module extrakeys        = $enable_module_extrakeys"
 echo "  module schnorrsig       = $enable_module_schnorrsig"
+echo "  module ellsq            = $enable_module_ellsq"
 echo
 echo "  asm                     = $set_asm"
 echo "  ecmult window size      = $set_ecmult_window"