From 6b4e4c8260474a0b6380e68fbd6020e13a26b659 Mon Sep 17 00:00:00 2001 From: Jonas Nick Date: Mon, 11 Feb 2019 09:59:22 +0000 Subject: [PATCH] f add magic to s2c context --- include/secp256k1.h | 6 +++++- src/secp256k1.c | 3 +++ src/tests.c | 7 +++++++ 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/include/secp256k1.h b/include/secp256k1.h index 63fb81942f..1519668f23 100644 --- a/include/secp256k1.h +++ b/include/secp256k1.h @@ -92,9 +92,13 @@ typedef struct { * * The exact representation of data inside is implementation defined and not * guaranteed to be portable between different platforms or versions. It is however - * guaranteed to be 128 bytes in size, and can be safely copied/moved. + * guaranteed to be 136 bytes in size, and can be safely copied/moved. */ typedef struct { + /* magic is set during initialization. It allows functions casting to + * s2c_commit_contexts from a void pointer to check if they actually got an + * s2c_commit_context and if it has been initialized. */ + unsigned char magic[8]; unsigned char data[32]; unsigned char data_hash[32]; secp256k1_pubkey original_pubnonce; diff --git a/src/secp256k1.c b/src/secp256k1.c index 0e174b97f8..a5deeff972 100644 --- a/src/secp256k1.c +++ b/src/secp256k1.c @@ -686,6 +686,7 @@ static int secp256k1_ec_commit_verify(const secp256k1_context* ctx, const secp25 return secp256k1_gej_is_infinity(&pj); } +static uint64_t s2c_commit_context_magic = 0xd5bafd089f7e1c63; int secp256k1_s2c_commit_context_create(secp256k1_context *ctx, secp256k1_s2c_commit_context *s2c_ctx, const unsigned char *data32) { secp256k1_sha256 sha; @@ -693,6 +694,7 @@ int secp256k1_s2c_commit_context_create(secp256k1_context *ctx, secp256k1_s2c_co ARG_CHECK(s2c_ctx != NULL); ARG_CHECK(data32 != NULL); + memcpy(s2c_ctx->magic, &s2c_commit_context_magic, sizeof(s2c_ctx->magic)); memcpy(s2c_ctx->data, data32, 32); secp256k1_sha256_initialize(&sha); secp256k1_sha256_write(&sha, data32, 32); @@ -733,6 +735,7 @@ static int secp256k1_nonce_function_bipschnorr_no_s2c_tweak(const secp256k1_cont } else { /* Prepare for a sign-to-contract commitment if data is provided */ secp256k1_s2c_commit_context *s2c_ctx = (secp256k1_s2c_commit_context *)data; + ARG_CHECK(memcmp(s2c_ctx->magic, &s2c_commit_context_magic, sizeof(s2c_ctx->magic)) == 0); secp256k1_sha256_write(&sha, s2c_ctx->data_hash, 32); secp256k1_sha256_finalize(&sha, nonce32); diff --git a/src/tests.c b/src/tests.c index 3738b0af6f..a12f998769 100644 --- a/src/tests.c +++ b/src/tests.c @@ -4112,9 +4112,12 @@ void test_nonce_function_bipschnorr_s2c(void) { unsigned char algo16[16]; unsigned char data32[32]; secp256k1_s2c_commit_context s2c_ctx; + secp256k1_s2c_commit_context s2c_ctx_2; secp256k1_pubkey pubnonce; secp256k1_pubkey original_nonce; + int32_t ecount = 0; + secp256k1_context_set_illegal_callback(ctx, counting_illegal_callback_fn, &ecount); secp256k1_rand256(msg32); secp256k1_rand256(key32); secp256k1_rand256(data32); @@ -4125,6 +4128,10 @@ void test_nonce_function_bipschnorr_s2c(void) { CHECK(secp256k1_s2c_commit_get_original_nonce(ctx, &original_nonce, &s2c_ctx) == 1); CHECK(secp256k1_ec_pubkey_create(ctx, &pubnonce, nonce32) == 1); CHECK(secp256k1_ec_commit_verify(ctx, &pubnonce, &original_nonce, data32, 32) == 1); + + CHECK(ecount == 0); + CHECK(secp256k1_nonce_function_bipschnorr(ctx, nonce32, msg32, key32, algo16, &s2c_ctx_2, 0) == 0); + CHECK(ecount == 1); } void run_nonce_function_bipschnorr_tests(void) {