Squashed 'src/secp256k1/' changes from 0559fc6..f997dadf5

f997dadf5 Add ellsq testing to CI
ce03649fb Elligator Squared module
c9ca664d5 doc: Describe Jacobi calculation in safegcd_implementation.md
c880f7613 Native jacobi symbol algorithm
0a40a48 Merge bitcoin-core/secp256k1#1049: Faster fixed-input ecmult tests
070e772 Faster fixed-input ecmult tests
c8aa516 Merge bitcoin-core/secp256k1#1064: Modulo-reduce msg32 inside RFC6979 nonce fn to match spec. Fixes bitcoin#1063
45f37b6 Modulo-reduce msg32 inside RFC6979 nonce fn to match spec. Fixes bitcoin#1063.
a1102b1 Merge bitcoin-core/secp256k1#1029: Simpler and faster ecdh skew fixup
e82144e Fixup skew before global Z fixup
40b624c Add tests for _gej_cmov
8c13a9b ECDH skews by 0 or 1
1515099 Simpler and faster ecdh skew fixup
39a36db Merge bitcoin-core/secp256k1#1054: tests: Fix test whose result is implementation-defined
a310e79 Merge bitcoin-core/secp256k1#1052: Use xoshiro256++ instead of RFC6979 for tests
423b6d1 Merge bitcoin-core/secp256k1#964: Add release-process.md
9281c9f Merge bitcoin-core/secp256k1#1053: ecmult: move `_ecmult_odd_multiples_table_globalz_windowa`
77a1975 Use xoshiro256++ PRNG instead of RFC6979 in tests
5f2efe6 secp256k1_testrand_int(2**N) -> secp256k1_testrand_bits(N)
05e049b ecmult: move `_ecmult_odd_multiples_table_globalz_windowa`
3d7cbaf tests: Fix test whose result is implementation-defined
3ed0d02 doc: add CHANGELOG template
6f42dc1 doc: add release_process.md
0bd3e42 build: set library version to 0.0.0 explicitly
b4b02fd build: change libsecp version from 0.1 to 0.1.0-pre
09971a3 Merge bitcoin-core/secp256k1#1047: ci: Various improvements
0b83b20 Merge bitcoin-core/secp256k1#1030: doc: Fix upper bounds + cleanup in field_5x52_impl.h comment
1287786 doc: Add comment to top of field_10x26_impl.h
58da5bd doc: Fix upper bounds + cleanup in field_5x52_impl.h comment
b39d431 Merge bitcoin-core/secp256k1#1044: Add another ecmult_multi test
b4ac1a1 ci: Run valgrind/memcheck tasks with 2 CPUs
e70acab ci: Use Cirrus "greedy" flag to use idle CPU time when available
d07e301 ci: Update brew on macOS
22382f0 ci: Test different ecmult window sizes
a69df3a Merge bitcoin-core/secp256k1#816: Improve checks at top of _fe_negate methods
22d25c8 Add another ecmult_multi test
515e795 Improve checks at top of _fe_negate methods
26a022a ci: Remove STATICPRECOMPUTATION
10461d8 precompute_ecmult: Always compute all tables up to default WINDOW_G
be6944a Merge bitcoin-core/secp256k1#1042: Follow-ups to making all tables fully static
e05da9e Fix c++ build
c45386d Cleanup preprocessor indentation in precompute{,d}_ecmult{,_gen}
19d96e1 Split off .c file from precomputed_ecmult.h
1a6691a Split off .c file from precomputed_ecmult_gen.h
bb36331 Simplify precompute_ecmult_print_*
38cd84a Compute ecmult tables at runtime for tests_exhaustive
e458ec2 Move ecmult table computation code to separate file
fc1bf9f Split ecmult table computation and printing
31feab0 Rename function secp256k1_ecmult_gen_{create_prec -> compute}_table
725370c Rename ecmult_gen_prec -> ecmult_gen_compute_table
075252c Rename ecmult_static_pre_g -> precomputed_ecmult
7cf47f7 Rename ecmult_gen_static_prec_table -> precomputed_ecmult_gen
f95b810 Rename gen_ecmult_static_pre_g -> precompute_ecmult
bae7768 Rename gen_ecmult_gen_static_prec_table -> precompute_ecmult_gen

git-subtree-dir: src/secp256k1
git-subtree-split: f997dadf592131054d1cfca6175730e53dee52a1

Author: stratospher

.cirrus.yml

@@ -4,10 +4,10 @@ env:
   # Specific warnings can be disabled with -Wno-error=foo.
   # -pedantic-errors is not equivalent to -Werror=pedantic and thus not implied by -Werror according to the GCC manual.
   WERROR_CFLAGS: -Werror -pedantic-errors
-  MAKEFLAGS: -j2
+  MAKEFLAGS: -j4
   BUILD: check
   ### secp256k1 config
-  STATICPRECOMPUTATION: yes
+  ECMULTWINDOW: auto
   ECMULTGENPRECISION: auto
   ASM: no
   WIDEMUL: auto
@@ -18,6 +18,7 @@ env:
   ECDH: no
   RECOVERY: no
   SCHNORRSIG: no
+  ELLSQ: no
   ### test options
   SECP256K1_TEST_ITERS:
   BENCH: yes
@@ -50,28 +51,32 @@ merge_base_script_snippet: &MERGE_BASE
     - git config --global user.name "ci"
     - git merge FETCH_HEAD  # Merge base to detect silent merge conflicts
 
-task:
-  name: "x86_64: Linux (Debian stable)"
+linux_container_snippet: &LINUX_CONTAINER
   container:
     dockerfile: ci/linux-debian.Dockerfile
     # Reduce number of CPUs to be able to do more builds in parallel.
     cpu: 1
+    # Gives us more CPUs for free if they're available.
+    greedy: true
     # More than enough for our scripts.
     memory: 1G
+
+task:
+  name: "x86_64: Linux (Debian stable)"
+  << : *LINUX_CONTAINER
   matrix: &ENV_MATRIX
     - env: {WIDEMUL:  int64,  RECOVERY: yes}
-    - env: {WIDEMUL:  int64,                 ECDH: yes, EXPERIMENTAL: yes, SCHNORRSIG: yes}
+    - env: {WIDEMUL:  int64,                 ECDH: yes, EXPERIMENTAL: yes, SCHNORRSIG: yes, ELLSQ: yes}
     - env: {WIDEMUL: int128}
-    - env: {WIDEMUL: int128,  RECOVERY: yes,            EXPERIMENTAL: yes, SCHNORRSIG: yes}
+    - env: {WIDEMUL: int128,  RECOVERY: yes,            EXPERIMENTAL: yes, SCHNORRSIG: yes, ELLSQ: yes}
     - env: {WIDEMUL: int128,                 ECDH: yes, EXPERIMENTAL: yes, SCHNORRSIG: yes}
     - env: {WIDEMUL: int128,  ASM: x86_64}
-    - env: {                  RECOVERY: yes,            EXPERIMENTAL: yes, SCHNORRSIG: yes}
-    - env: {                  STATICPRECOMPUTATION: no}
+    - env: {                  RECOVERY: yes,            EXPERIMENTAL: yes, SCHNORRSIG: yes, ELLSQ: yes}
     - env: {BUILD: distcheck, WITH_VALGRIND: no, CTIMETEST: no, BENCH: no}
     - env: {CPPFLAGS: -DDETERMINISTIC}
     - env: {CFLAGS: -O0, CTIMETEST: no}
-    - env: { ECMULTGENPRECISION: 2 }
-    - env: { ECMULTGENPRECISION: 8 }
+    - env: { ECMULTGENPRECISION: 2, ECMULTWINDOW: 2 }
+    - env: { ECMULTGENPRECISION: 8, ECMULTWINDOW: 4 }
   matrix:
     - env:
         CC: gcc
@@ -84,13 +89,11 @@ task:
 
 task:
   name: "i686: Linux (Debian stable)"
-  container:
-    dockerfile: ci/linux-debian.Dockerfile
-    cpu: 1
-    memory: 1G
+  << : *LINUX_CONTAINER
   env:
     HOST: i686-linux-gnu
     ECDH: yes
+    ELLSQ: yes
     RECOVERY: yes
     EXPERIMENTAL: yes
     SCHNORRSIG: yes
@@ -134,8 +137,9 @@ task:
   ##   - rm /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress
   ##
   brew_valgrind_pre_script:
+    - brew update
     - brew config
-    - brew tap --shallow LouisBrunner/valgrind
+    - brew tap LouisBrunner/valgrind
     # Fetch valgrind source but don't build it yet.
     - brew fetch --HEAD LouisBrunner/valgrind/valgrind
   brew_valgrind_cache:
@@ -165,16 +169,14 @@ task:
 
 task:
   name: "s390x (big-endian): Linux (Debian stable, QEMU)"
-  container:
-    dockerfile: ci/linux-debian.Dockerfile
-    cpu: 1
-    memory: 1G
+  << : *LINUX_CONTAINER
   env:
     WRAPPER_CMD: qemu-s390x
     SECP256K1_TEST_ITERS: 16
     HOST: s390x-linux-gnu
     WITH_VALGRIND: no
     ECDH: yes
+    ELLSQ: yes
     RECOVERY: yes
     EXPERIMENTAL: yes
     SCHNORRSIG: yes
@@ -188,16 +190,14 @@ task:
 
 task:
   name: "ARM32: Linux (Debian stable, QEMU)"
-  container:
-    dockerfile: ci/linux-debian.Dockerfile
-    cpu: 1
-    memory: 1G
+  << : *LINUX_CONTAINER
   env:
     WRAPPER_CMD: qemu-arm
     SECP256K1_TEST_ITERS: 16
     HOST: arm-linux-gnueabihf
     WITH_VALGRIND: no
     ECDH: yes
+    ELLSQ: tes
     RECOVERY: yes
     EXPERIMENTAL: yes
     SCHNORRSIG: yes
@@ -212,16 +212,14 @@ task:
 
 task:
   name: "ARM64: Linux (Debian stable, QEMU)"
-  container:
-    dockerfile: ci/linux-debian.Dockerfile
-    cpu: 1
-    memory: 1G
+  << : *LINUX_CONTAINER
   env:
     WRAPPER_CMD: qemu-aarch64
     SECP256K1_TEST_ITERS: 16
     HOST: aarch64-linux-gnu
     WITH_VALGRIND: no
     ECDH: yes
+    ELLSQ: yes
     RECOVERY: yes
     EXPERIMENTAL: yes
     SCHNORRSIG: yes
@@ -233,16 +231,14 @@ task:
 
 task:
   name: "ppc64le: Linux (Debian stable, QEMU)"
-  container:
-    dockerfile: ci/linux-debian.Dockerfile
-    cpu: 1
-    memory: 1G
+  << : *LINUX_CONTAINER
   env:
     WRAPPER_CMD: qemu-ppc64le
     SECP256K1_TEST_ITERS: 16
     HOST: powerpc64le-linux-gnu
     WITH_VALGRIND: no
     ECDH: yes
+    ELLSQ: yes
     RECOVERY: yes
     EXPERIMENTAL: yes
     SCHNORRSIG: yes
@@ -254,16 +250,14 @@ task:
 
 task:
   name: "x86_64 (mingw32-w64): Windows (Debian stable, Wine)"
-  container:
-    dockerfile: ci/linux-debian.Dockerfile
-    cpu: 1
-    memory: 1G
+  << : *LINUX_CONTAINER
   env:
     WRAPPER_CMD: wine64-stable
     SECP256K1_TEST_ITERS: 16
     HOST: x86_64-w64-mingw32
     WITH_VALGRIND: no
     ECDH: yes
+    ELLSQ: yes
     RECOVERY: yes
     EXPERIMENTAL: yes
     SCHNORRSIG: yes
@@ -275,23 +269,25 @@ task:
 
 # Sanitizers
 task:
-  container:
-    dockerfile: ci/linux-debian.Dockerfile
-    cpu: 1
-    memory: 2G
+  << : *LINUX_CONTAINER
   env:
     ECDH: yes
+    ELLSQ: yes
     RECOVERY: yes
     EXPERIMENTAL: yes
     SCHNORRSIG: yes
     CTIMETEST: no
   matrix:
     - name: "Valgrind (memcheck)"
+      container:
+        cpu: 2
       env:
         # The `--error-exitcode` is required to make the test fail if valgrind found errors, otherwise it'll return 0 (https://www.valgrind.org/docs/manual/manual-core.html)
         WRAPPER_CMD: "valgrind --error-exitcode=42"
         SECP256K1_TEST_ITERS: 2
     - name: "UBSan, ASan, LSan"
+      container:
+        memory: 2G
       env:
         CFLAGS: "-fsanitize=undefined,address -g"
         UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1"
@@ -302,11 +298,10 @@ task:
   matrix:
     - env:
         ASM: auto
-        STATICPRECOMPUTATION: yes
     - env:
         ASM: no
-        STATICPRECOMPUTATION: no
         ECMULTGENPRECISION: 2
+        ECMULTWINDOW: 2
   matrix:
     - env:
         CC: clang
@@ -320,18 +315,16 @@ task:
 
 task:
   name: "C++ -fpermissive"
-  container:
-    dockerfile: ci/linux-debian.Dockerfile
-    cpu: 1
-    memory: 1G
+  << : *LINUX_CONTAINER
   env:
     # ./configure correctly errors out when given CC=g++.
     # We hack around this by passing CC=g++ only to make.
     CC: gcc
-    MAKEFLAGS: -j2 CC=g++ CFLAGS=-fpermissive\ -g
+    MAKEFLAGS: -j4 CC=g++ CFLAGS=-fpermissive\ -g
     WERROR_CFLAGS:
     EXPERIMENTAL: yes
     ECDH: yes
+    ELLSQ: yes
     RECOVERY: yes
     SCHNORRSIG: yes
   << : *MERGE_BASE

.gitattributes

@@ -1,2 +1,2 @@
-src/ecmult_static_pre_g.h linguist-generated
-src/ecmult_gen_static_prec_table.h linguist-generated
+src/precomputed_ecmult.c linguist-generated
+src/precomputed_ecmult_gen.c linguist-generated

.gitignore

@@ -3,8 +3,8 @@ bench_ecmult
 bench_internal
 tests
 exhaustive_tests
-gen_ecmult_gen_static_prec_table
-gen_ecmult_static_pre_g
+precompute_ecmult_gen
+precompute_ecmult
 valgrind_ctime_test
 *.exe
 *.so