Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Examples: swap magic numbers for EXIT_ codes #1618

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Examples: swap magic numbers for EXIT_ codes #1618

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 5 additions & 4 deletions examples/ecdh.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
#include <stdio.h>
#include <assert.h>
#include <string.h>
#include <stdlib.h>

#include <secp256k1.h>
#include <secp256k1_ecdh.h>
Expand All @@ -33,7 +34,7 @@ int main(void) {
secp256k1_context* ctx = secp256k1_context_create(SECP256K1_CONTEXT_NONE);
if (!fill_random(randomize, sizeof(randomize))) {
printf("Failed to generate randomness\n");
return 1;
return EXIT_FAILURE;
}
/* Randomizing the context is recommended to protect against side-channel
* leakage See `secp256k1_context_randomize` in secp256k1.h for more
Expand All @@ -44,14 +45,14 @@ int main(void) {
/*** Key Generation ***/
if (!fill_random(seckey1, sizeof(seckey1)) || !fill_random(seckey2, sizeof(seckey2))) {
printf("Failed to generate randomness\n");
return 1;
return EXIT_FAILURE;
}
/* If the secret key is zero or out of range (greater than secp256k1's
* order), we fail. Note that the probability of this occurring
* is negligible with a properly functioning random number generator. */
if (!secp256k1_ec_seckey_verify(ctx, seckey1) || !secp256k1_ec_seckey_verify(ctx, seckey2)) {
printf("Generated secret key is invalid. This indicates an issue with the random number generator.\n");
return 1;
return EXIT_FAILURE;
}

/* Public key creation using a valid context with a verified secret key should never fail */
Expand Down Expand Up @@ -116,5 +117,5 @@ int main(void) {
secure_erase(shared_secret1, sizeof(shared_secret1));
secure_erase(shared_secret2, sizeof(shared_secret2));

return 0;
return EXIT_SUCCESS;
}
15 changes: 8 additions & 7 deletions examples/ecdsa.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
#include <stdio.h>
#include <assert.h>
#include <string.h>
#include <stdlib.h>

#include <secp256k1.h>

Expand Down Expand Up @@ -40,7 +41,7 @@ int main(void) {
secp256k1_context* ctx = secp256k1_context_create(SECP256K1_CONTEXT_NONE);
if (!fill_random(randomize, sizeof(randomize))) {
printf("Failed to generate randomness\n");
return 1;
return EXIT_FAILURE;
}
/* Randomizing the context is recommended to protect against side-channel
* leakage See `secp256k1_context_randomize` in secp256k1.h for more
Expand All @@ -50,15 +51,15 @@ int main(void) {

/*** Key Generation ***/
/* If the secret key is zero or out of range (greater than secp256k1's
* order), we return 1. Note that the probability of this occurring
* order), we fail. Note that the probability of this occurring
* is negligible with a properly functioning random number generator. */
if (!fill_random(seckey, sizeof(seckey))) {
printf("Failed to generate randomness\n");
return 1;
return EXIT_FAILURE;
}
if (!secp256k1_ec_seckey_verify(ctx, seckey)) {
printf("Generated secret key is invalid. This indicates an issue with the random number generator.\n");
return 1;
return EXIT_FAILURE;
}

/* Public key creation using a valid context with a verified secret key should never fail */
Expand Down Expand Up @@ -92,13 +93,13 @@ int main(void) {
/* Deserialize the signature. This will return 0 if the signature can't be parsed correctly. */
if (!secp256k1_ecdsa_signature_parse_compact(ctx, &sig, serialized_signature)) {
printf("Failed parsing the signature\n");
return 1;
return EXIT_FAILURE;
}

/* Deserialize the public key. This will return 0 if the public key can't be parsed correctly. */
if (!secp256k1_ec_pubkey_parse(ctx, &pubkey, compressed_pubkey, sizeof(compressed_pubkey))) {
printf("Failed parsing the public key\n");
return 1;
return EXIT_FAILURE;
}

/* Verify a signature. This will return 1 if it's valid and 0 if it's not. */
Expand Down Expand Up @@ -133,5 +134,5 @@ int main(void) {
* will remove any writes that aren't used. */
secure_erase(seckey, sizeof(seckey));

return 0;
return EXIT_SUCCESS;
}
11 changes: 6 additions & 5 deletions examples/ellswift.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
#include <stdio.h>
#include <assert.h>
#include <string.h>
#include <stdlib.h>

#include <secp256k1.h>
#include <secp256k1_ellswift.h>
Expand All @@ -38,7 +39,7 @@ int main(void) {
ctx = secp256k1_context_create(SECP256K1_CONTEXT_NONE);
if (!fill_random(randomize, sizeof(randomize))) {
printf("Failed to generate randomness\n");
return 1;
return EXIT_FAILURE;
}
/* Randomizing the context is recommended to protect against side-channel
* leakage. See `secp256k1_context_randomize` in secp256k1.h for more
Expand All @@ -53,19 +54,19 @@ int main(void) {
* is negligible with a properly functioning random number generator. */
if (!fill_random(seckey1, sizeof(seckey1)) || !fill_random(seckey2, sizeof(seckey2))) {
printf("Failed to generate randomness\n");
return 1;
return EXIT_FAILURE;
}
if (!secp256k1_ec_seckey_verify(ctx, seckey1) || !secp256k1_ec_seckey_verify(ctx, seckey2)) {
printf("Generated secret key is invalid. This indicates an issue with the random number generator.\n");
return 1;
return EXIT_FAILURE;
}

/* Generate ElligatorSwift public keys. This should never fail with valid context and
verified secret keys. Note that providing additional randomness (fourth parameter) is
optional, but recommended. */
if (!fill_random(auxrand1, sizeof(auxrand1)) || !fill_random(auxrand2, sizeof(auxrand2))) {
printf("Failed to generate randomness\n");
return 1;
return EXIT_FAILURE;
}
return_val = secp256k1_ellswift_create(ctx, ellswift_pubkey1, seckey1, auxrand1);
assert(return_val);
Expand Down Expand Up @@ -118,5 +119,5 @@ int main(void) {
secure_erase(shared_secret1, sizeof(shared_secret1));
secure_erase(shared_secret2, sizeof(shared_secret2));

return 0;
return EXIT_SUCCESS;
}
45 changes: 23 additions & 22 deletions examples/musig.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
#include <stdio.h>
#include <assert.h>
#include <string.h>
#include <stdlib.h>

#include <secp256k1.h>
#include <secp256k1_extrakeys.h>
Expand Down Expand Up @@ -41,18 +42,18 @@ static int create_keypair(const secp256k1_context* ctx, struct signer_secrets *s
while (1) {
if (!fill_random(seckey, sizeof(seckey))) {
printf("Failed to generate randomness\n");
return 0;
return EXIT_FAILURE;
}
if (secp256k1_keypair_create(ctx, &signer_secrets->keypair, seckey)) {
break;
}
}
if (!secp256k1_keypair_pub(ctx, &signer->pubkey, &signer_secrets->keypair)) {
return 0;
return EXIT_FAILURE;
}

secure_erase(seckey, sizeof(seckey));
return 1;
return EXIT_SUCCESS;
}

/* Tweak the pubkey corresponding to the provided keyagg cache, update the cache
Expand All @@ -70,7 +71,7 @@ static int tweak(const secp256k1_context* ctx, secp256k1_xonly_pubkey *agg_pk, s
/* Plain tweaking which, for example, allows deriving multiple child
* public keys from a single aggregate key using BIP32 */
if (!secp256k1_musig_pubkey_ec_tweak_add(ctx, NULL, cache, plain_tweak)) {
return 0;
return EXIT_FAILURE;
Comment on lines -73 to +74
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

note that the EXIT_... constants are only meant to be used for program termination (i.e. to be returned from main, or as argument to exit(...)), not as return codes in our own functions (in this case tweak(...))

}
/* Note that we did not provide an output_pk argument, because the
* resulting pk is also saved in the cache and so if one is just interested
Expand All @@ -81,7 +82,7 @@ static int tweak(const secp256k1_context* ctx, secp256k1_xonly_pubkey *agg_pk, s

/* Xonly tweaking which, for example, allows creating Taproot commitments */
if (!secp256k1_musig_pubkey_xonly_tweak_add(ctx, &output_pk, cache, xonly_tweak)) {
return 0;
return EXIT_FAILURE;
}
/* Note that if we wouldn't care about signing, we can arrive at the same
* output_pk by providing the untweaked public key to
Expand All @@ -93,9 +94,9 @@ static int tweak(const secp256k1_context* ctx, secp256k1_xonly_pubkey *agg_pk, s
* `pk_parity` output argument; we would need it if we would have to open
* the Taproot commitment. */
if (!secp256k1_xonly_pubkey_from_pubkey(ctx, agg_pk, NULL, &output_pk)) {
return 0;
return EXIT_FAILURE;
}
return 1;
return EXIT_FAILURE;
}

/* Sign a message hash with the given key pairs and store the result in sig */
Expand All @@ -114,15 +115,15 @@ static int sign(const secp256k1_context* ctx, struct signer_secrets *signer_secr
* is unique for every call of secp256k1_musig_nonce_gen. Otherwise
* it's trivial for an attacker to extract the secret key! */
if (!fill_random(session_secrand, sizeof(session_secrand))) {
return 0;
return EXIT_FAILURE;
}
if (!secp256k1_keypair_sec(ctx, seckey, &signer_secrets[i].keypair)) {
return 0;
return EXIT_FAILURE;
}
/* Initialize session and create secret nonce for signing and public
* nonce to send to the other signers. */
if (!secp256k1_musig_nonce_gen(ctx, &signer_secrets[i].secnonce, &signer[i].pubnonce, session_secrand, seckey, &signer[i].pubkey, msg32, NULL, NULL)) {
return 0;
return EXIT_FAILURE;
}
pubnonces[i] = &signer[i].pubnonce;

Expand All @@ -133,21 +134,21 @@ static int sign(const secp256k1_context* ctx, struct signer_secrets *signer_secr
* coordinator. The coordinator runs secp256k1_musig_nonce_agg and sends
* agg_pubnonce to each signer */
if (!secp256k1_musig_nonce_agg(ctx, &agg_pubnonce, pubnonces, N_SIGNERS)) {
return 0;
return EXIT_FAILURE;
}

/* Every signer creates a partial signature */
for (i = 0; i < N_SIGNERS; i++) {
/* Initialize the signing session by processing the aggregate nonce */
if (!secp256k1_musig_nonce_process(ctx, &session, &agg_pubnonce, msg32, cache)) {
return 0;
return EXIT_FAILURE;
}
/* partial_sign will clear the secnonce by setting it to 0. That's because
* you must _never_ reuse the secnonce (or use the same session_secrand to
* create a secnonce). If you do, you effectively reuse the nonce and
* leak the secret key. */
if (!secp256k1_musig_partial_sign(ctx, &signer[i].partial_sig, &signer_secrets[i].secnonce, &signer_secrets[i].keypair, cache, &session)) {
return 0;
return EXIT_FAILURE;
}
partial_sigs[i] = &signer[i].partial_sig;
}
Expand All @@ -166,7 +167,7 @@ static int sign(const secp256k1_context* ctx, struct signer_secrets *signer_secr
* sigs if it does not work.
*/
if (!secp256k1_musig_partial_sig_verify(ctx, &signer[i].partial_sig, &signer[i].pubnonce, &signer[i].pubkey, cache, &session)) {
return 0;
return EXIT_FAILURE;
}
}
return secp256k1_musig_partial_sig_agg(ctx, sig64, &session, partial_sigs, N_SIGNERS);
Expand All @@ -188,9 +189,9 @@ int main(void) {
printf("Creating key pairs......");
fflush(stdout);
for (i = 0; i < N_SIGNERS; i++) {
if (!create_keypair(ctx, &signer_secrets[i], &signers[i])) {
if (EXIT_FAILURE == create_keypair(ctx, &signer_secrets[i], &signers[i])) {
printf("FAILED\n");
return 1;
return EXIT_FAILURE;
}
pubkeys_ptr[i] = &signers[i].pubkey;
}
Expand All @@ -205,7 +206,7 @@ int main(void) {
fflush(stdout);
if (!secp256k1_ec_pubkey_sort(ctx, pubkeys_ptr, N_SIGNERS)) {
printf("FAILED\n");
return 1;
return EXIT_FAILURE;
}
printf("ok\n");

Expand All @@ -216,29 +217,29 @@ int main(void) {
* while providing a non-NULL agg_pk argument. */
if (!secp256k1_musig_pubkey_agg(ctx, NULL, &cache, pubkeys_ptr, N_SIGNERS)) {
printf("FAILED\n");
return 1;
return EXIT_FAILURE;
}
printf("ok\n");
printf("Tweaking................");
fflush(stdout);
/* Optionally tweak the aggregate key */
if (!tweak(ctx, &agg_pk, &cache)) {
printf("FAILED\n");
return 1;
return EXIT_FAILURE;
}
printf("ok\n");
printf("Signing message.........");
fflush(stdout);
if (!sign(ctx, signer_secrets, signers, &cache, msg, sig)) {
printf("FAILED\n");
return 1;
return EXIT_FAILURE;
}
printf("ok\n");
printf("Verifying signature.....");
fflush(stdout);
if (!secp256k1_schnorrsig_verify(ctx, sig, msg, 32, &agg_pk)) {
printf("FAILED\n");
return 1;
return EXIT_FAILURE;
}
printf("ok\n");

Expand All @@ -253,5 +254,5 @@ int main(void) {
secure_erase(&signer_secrets[i], sizeof(signer_secrets[i]));
}
secp256k1_context_destroy(ctx);
return 0;
return EXIT_SUCCESS;
}
13 changes: 7 additions & 6 deletions examples/schnorr.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
#include <stdio.h>
#include <assert.h>
#include <string.h>
#include <stdlib.h>

#include <secp256k1.h>
#include <secp256k1_extrakeys.h>
Expand All @@ -34,7 +35,7 @@ int main(void) {
secp256k1_context* ctx = secp256k1_context_create(SECP256K1_CONTEXT_NONE);
if (!fill_random(randomize, sizeof(randomize))) {
printf("Failed to generate randomness\n");
return 1;
return EXIT_FAILURE;
}
/* Randomizing the context is recommended to protect against side-channel
* leakage See `secp256k1_context_randomize` in secp256k1.h for more
Expand All @@ -48,13 +49,13 @@ int main(void) {
* is negligible with a properly functioning random number generator. */
if (!fill_random(seckey, sizeof(seckey))) {
printf("Failed to generate randomness\n");
return 1;
return EXIT_FAILURE;
}
/* Try to create a keypair with a valid context, it should only fail if
* the secret key is zero or out of range. */
if (!secp256k1_keypair_create(ctx, &keypair, seckey)) {
printf("Generated secret key is invalid. This indicates an issue with the random number generator.\n");
return 1;
return EXIT_FAILURE;
}

/* Extract the X-only public key from the keypair. We pass NULL for
Expand Down Expand Up @@ -91,7 +92,7 @@ int main(void) {
/* Generate 32 bytes of randomness to use with BIP-340 schnorr signing. */
if (!fill_random(auxiliary_rand, sizeof(auxiliary_rand))) {
printf("Failed to generate randomness\n");
return 1;
return EXIT_FAILURE;
}

/* Generate a Schnorr signature.
Expand All @@ -111,7 +112,7 @@ int main(void) {
* be parsed correctly */
if (!secp256k1_xonly_pubkey_parse(ctx, &pubkey, serialized_pubkey)) {
printf("Failed parsing the public key\n");
return 1;
return EXIT_FAILURE;
}

/* Compute the tagged hash on the received messages using the same tag as the signer. */
Expand Down Expand Up @@ -150,5 +151,5 @@ int main(void) {
* Here we are preventing these writes from being optimized out, as any good compiler
* will remove any writes that aren't used. */
secure_erase(seckey, sizeof(seckey));
return 0;
return EXIT_SUCCESS;
}