Remove lax signatures and dynamically link

* No more parsing of lax signatures * Dynamically link binaries instead of embedding
2024-08-16 07:40:40 +03:00 · 2018-08-31 20:44:56 +01:00 · 2018-08-31 20:44:56 +01:00 · 5d218aad79
commit 5d218aad79
parent f460a603fb
11 changed files with 20 additions and 329 deletions
--- a/.gitmodules
+++ b/.gitmodules
@ -1,3 +0,0 @@
-[submodule "secp256k1"]
-	path = secp256k1
-	url = https://github.com/bitcoin/secp256k1.git
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -4,7 +4,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).

-## Unreleased
+## 1.1.0
+### Removed
+- Lax parsing for DER.
+- DER parsing of secret keys.
+- Embedded code for library.
+
+## 1.0.0 [YANKED]
 ### Added
 - Changelog

--- a/Setup.hs
+++ b/Setup.hs
@ -1,63 +1,2 @@
-import           Control.Monad
-import           Distribution.PackageDescription
-import           Distribution.Simple
-import           Distribution.Simple.LocalBuildInfo
-import           Distribution.Simple.Setup
-import           Distribution.Simple.Utils
-import           Distribution.Verbosity
-import           System.Environment
-import           System.Exit
-
-main :: IO ()
-main = defaultMainWithHooks autoconfUserHooks
-    { preConf = autogen
-    , postConf = configure
-    , preBuild = make
-    , preClean = clean
-    }
-
-runInRepo :: Verbosity
-            -> FilePath
-            -> [String]
-            -> Maybe [(String, String)]
-            -> IO ExitCode
-runInRepo v prog args envM = rawSystemIOWithEnv v
-    prog args (Just "secp256k1") envM Nothing Nothing Nothing
-
-autogen :: Args -> ConfigFlags -> IO HookedBuildInfo
-autogen _ flags = do
-    maybeExit $ runInRepo v "sh" ["./autogen.sh"] Nothing
-    return emptyHookedBuildInfo
-  where
-    v = fromFlag $ configVerbosity flags
-
-configure :: Args -> ConfigFlags -> PackageDescription -> LocalBuildInfo -> IO ()
-configure args flags pd lbi = do
-    (ccProg, ccFlags) <- configureCCompiler v programConfig
-    env <- getEnvironment
-    let env' = appendToEnvironment ("CFLAGS", unwords ccFlags) env
-        args' = args ++ ["--with-gcc=" ++ ccProg]
-    maybeExit $ runInRepo v "sh" args' (Just env')
-  where
-    args = "./configure" : "--enable-module-recovery" : configureArgs False flags
-    v = fromFlag $ configVerbosity flags
-    appendToEnvironment (key, val) [] = [(key, val)]
-    appendToEnvironment (key, val) (kv@(k, v) : rest)
-        | key == k  = (key, v ++ " " ++ val) : rest
-        | otherwise = kv : appendToEnvironment (key, val) rest
-    programConfig = withPrograms lbi
-
-make :: Args -> BuildFlags -> IO HookedBuildInfo
-make _ flags = do
-    runInRepo v "make" ["clean"] Nothing
-    runInRepo v "make" ["src/ecmult_static_context.h"] Nothing
-    return emptyHookedBuildInfo
-  where
-    v = fromFlag $ buildVerbosity flags
-
-clean :: Args -> CleanFlags -> IO HookedBuildInfo
-clean _ flags = do
-    runInRepo v "make" ["clean"] Nothing
-    return emptyHookedBuildInfo
-  where
-    v = fromFlag $ cleanVerbosity flags
+import Distribution.Simple
+main = defaultMain
--- a/package.yaml
+++ b/package.yaml
@ -1,5 +1,5 @@
 name: secp256k1
-version: '1.0.0'
+version: '1.1.0'
 synopsis: Bindings for secp256k1 library from Bitcoin Core
 description: Sign and verify signatures using the very fast C secp256k1 library from Pieter Wuille. Has Haskell types and abstractions for keys and signatures.
 category: Crypto
@ -11,90 +11,7 @@ license-file: UNLICENSE
 github: haskoin/secp256k1-haskell.git
 homepage: http://github.com/haskoin/secp256k1-haskell#readme
 extra-source-files:
-  - secp256k1/README.md
-  - secp256k1/autogen.sh
-  - secp256k1/configure.ac
-  - secp256k1/Makefile.am
-  - secp256k1/COPYING
-  - secp256k1/src/num_impl.h
-  - secp256k1/src/bench_verify.c
-  - secp256k1/src/gen_context.c
-  - secp256k1/src/bench_recover.c
-  - secp256k1/src/basic-config.h
-  - secp256k1/src/bench_ecdh.c
-  - secp256k1/src/ecmult_const.h
-  - secp256k1/src/scalar_low.h
-  - secp256k1/src/tests_exhaustive.c
-  - secp256k1/src/ecdsa_impl.h
-  - secp256k1/src/ecmult_impl.h
-  - secp256k1/src/ecmult_gen_impl.h
-  - secp256k1/src/scalar_8x32.h
-  - secp256k1/src/scalar_8x32_impl.h
-  - secp256k1/src/group.h
-  - secp256k1/src/testrand_impl.h
-  - secp256k1/src/modules/ecdh/main_impl.h
-  - secp256k1/src/modules/ecdh/tests_impl.h
-  - secp256k1/src/modules/ecdh/Makefile.am.include
-  - secp256k1/src/modules/recovery/main_impl.h
-  - secp256k1/src/modules/recovery/tests_impl.h
-  - secp256k1/src/modules/recovery/Makefile.am.include
-  - secp256k1/src/ecdsa.h
-  - secp256k1/src/testrand.h
-  - secp256k1/src/bench_internal.c
-  - secp256k1/src/field_10x26_impl.h
-  - secp256k1/src/eckey.h
-  - secp256k1/src/field_5x52.h
-  - secp256k1/src/field_5x52_asm_impl.h
-  - secp256k1/src/asm/field_10x26_arm.s
-  - secp256k1/src/field_10x26.h
-  - secp256k1/src/util.h
-  - secp256k1/src/num.h
-  - secp256k1/src/num_gmp.h
-  - secp256k1/src/scalar_4x64_impl.h
-  - secp256k1/src/hash.h
-  - secp256k1/src/scalar_4x64.h
-  - secp256k1/src/hash_impl.h
-  - secp256k1/src/tests.c
-  - secp256k1/src/scalar_impl.h
-  - secp256k1/src/bench_sign.c
-  - secp256k1/src/field_5x52_int128_impl.h
-  - secp256k1/src/field_5x52_impl.h
-  - secp256k1/src/field.h
-  - secp256k1/src/secp256k1.c
-  - secp256k1/src/group_impl.h
-  - secp256k1/src/java/org_bitcoin_NativeSecp256k1.h
-  - secp256k1/src/java/org/bitcoin/NativeSecp256k1Test.java
-  - secp256k1/src/java/org/bitcoin/NativeSecp256k1.java
-  - secp256k1/src/java/org/bitcoin/Secp256k1Context.java
-  - secp256k1/src/java/org/bitcoin/NativeSecp256k1Util.java
-  - secp256k1/src/java/org_bitcoin_Secp256k1Context.h
-  - secp256k1/src/java/org_bitcoin_NativeSecp256k1.c
-  - secp256k1/src/java/org_bitcoin_Secp256k1Context.c
-  - secp256k1/src/ecmult_gen.h
-  - secp256k1/src/ecmult_const_impl.h
-  - secp256k1/src/eckey_impl.h
-  - secp256k1/src/field_impl.h
-  - secp256k1/src/bench.h
-  - secp256k1/src/scalar_low_impl.h
-  - secp256k1/src/bench_schnorr_verify.c
-  - secp256k1/src/scalar.h
-  - secp256k1/src/num_gmp_impl.h
-  - secp256k1/src/ecmult.h
-  - secp256k1/TODO
-  - secp256k1/include/secp256k1_recovery.h
-  - secp256k1/include/secp256k1.h
-  - secp256k1/include/secp256k1_ecdh.h
-  - secp256k1/contrib/lax_der_parsing.c
-  - secp256k1/contrib/lax_der_privatekey_parsing.c
-  - secp256k1/contrib/lax_der_privatekey_parsing.h
-  - secp256k1/contrib/lax_der_parsing.h
-  - secp256k1/libsecp256k1.pc.in
-  - secp256k1/sage/group_prover.sage
-  - secp256k1/sage/weierstrass_prover.sage
-  - secp256k1/sage/secp256k1.sage
-  - secp256k1/build-aux/m4/ax_jni_include_dir.m4
-  - secp256k1/build-aux/m4/ax_prog_cc_for_build.m4
-  - secp256k1/build-aux/m4/bitcoin_secp.m4
+  - CHANGELOG.md
  - README.md
 dependencies:
  - base >=4.8 && <5
@ -110,19 +27,7 @@ dependencies:
  - string-conversions
 library:
  source-dirs: src
-  c-sources:
-    - secp256k1/src/secp256k1.c
-    - secp256k1/contrib/lax_der_parsing.c
-    - secp256k1/contrib/lax_der_privatekey_parsing.c
-  ghc-options: -Wall
-  cc-options: -DHAVE_CONFIG_H
-  include-dirs:
-    - secp256k1
-    - secp256k1/contrib
-    - secp256k1/include
-  exposed-modules:
-    - Crypto.Secp256k1
-    - Crypto.Secp256k1.Internal
+  extra-libraries: secp256k1
 tests:
  spec:
    defaults: hspec/hspec@master
--- a/1
+++ b/1
@ -1 +0,0 @@
-Subproject commit cbc20b8c34d44c2ef175420f3cdfe054f82e8e2c
--- a/secp256k1.cabal
+++ b/secp256k1.cabal
@ -2,10 +2,10 @@
 --
 -- see: https://github.com/sol/hpack
 --
-- hash: 9fd6f5be2cfb4b06721e74cd378459ffdf2d51e1a03a62d8484d9d342e985261
+-- hash: c3dcb030db33b83fb04341ac5fd4aadc0fb7312f5a77a6484a0777fdc81cd351

 name:           secp256k1
-version:        1.0.0
+version:        1.1.0
 synopsis:       Bindings for secp256k1 library from Bitcoin Core
 description:    Sign and verify signatures using the very fast C secp256k1 library from Pieter Wuille. Has Haskell types and abstractions for keys and signatures.
 category:       Crypto
@ -19,91 +19,8 @@ license-file:   UNLICENSE
 build-type:     Simple
 cabal-version:  >= 1.10
 extra-source-files:
+    CHANGELOG.md
    README.md
-    secp256k1/autogen.sh
-    secp256k1/build-aux/m4/ax_jni_include_dir.m4
-    secp256k1/build-aux/m4/ax_prog_cc_for_build.m4
-    secp256k1/build-aux/m4/bitcoin_secp.m4
-    secp256k1/configure.ac
-    secp256k1/contrib/lax_der_parsing.c
-    secp256k1/contrib/lax_der_parsing.h
-    secp256k1/contrib/lax_der_privatekey_parsing.c
-    secp256k1/contrib/lax_der_privatekey_parsing.h
-    secp256k1/COPYING
-    secp256k1/include/secp256k1.h
-    secp256k1/include/secp256k1_ecdh.h
-    secp256k1/include/secp256k1_recovery.h
-    secp256k1/libsecp256k1.pc.in
-    secp256k1/Makefile.am
-    secp256k1/README.md
-    secp256k1/sage/group_prover.sage
-    secp256k1/sage/secp256k1.sage
-    secp256k1/sage/weierstrass_prover.sage
-    secp256k1/src/asm/field_10x26_arm.s
-    secp256k1/src/basic-config.h
-    secp256k1/src/bench.h
-    secp256k1/src/bench_ecdh.c
-    secp256k1/src/bench_internal.c
-    secp256k1/src/bench_recover.c
-    secp256k1/src/bench_schnorr_verify.c
-    secp256k1/src/bench_sign.c
-    secp256k1/src/bench_verify.c
-    secp256k1/src/ecdsa.h
-    secp256k1/src/ecdsa_impl.h
-    secp256k1/src/eckey.h
-    secp256k1/src/eckey_impl.h
-    secp256k1/src/ecmult.h
-    secp256k1/src/ecmult_const.h
-    secp256k1/src/ecmult_const_impl.h
-    secp256k1/src/ecmult_gen.h
-    secp256k1/src/ecmult_gen_impl.h
-    secp256k1/src/ecmult_impl.h
-    secp256k1/src/field.h
-    secp256k1/src/field_10x26.h
-    secp256k1/src/field_10x26_impl.h
-    secp256k1/src/field_5x52.h
-    secp256k1/src/field_5x52_asm_impl.h
-    secp256k1/src/field_5x52_impl.h
-    secp256k1/src/field_5x52_int128_impl.h
-    secp256k1/src/field_impl.h
-    secp256k1/src/gen_context.c
-    secp256k1/src/group.h
-    secp256k1/src/group_impl.h
-    secp256k1/src/hash.h
-    secp256k1/src/hash_impl.h
-    secp256k1/src/java/org/bitcoin/NativeSecp256k1.java
-    secp256k1/src/java/org/bitcoin/NativeSecp256k1Test.java
-    secp256k1/src/java/org/bitcoin/NativeSecp256k1Util.java
-    secp256k1/src/java/org/bitcoin/Secp256k1Context.java
-    secp256k1/src/java/org_bitcoin_NativeSecp256k1.c
-    secp256k1/src/java/org_bitcoin_NativeSecp256k1.h
-    secp256k1/src/java/org_bitcoin_Secp256k1Context.c
-    secp256k1/src/java/org_bitcoin_Secp256k1Context.h
-    secp256k1/src/modules/ecdh/main_impl.h
-    secp256k1/src/modules/ecdh/Makefile.am.include
-    secp256k1/src/modules/ecdh/tests_impl.h
-    secp256k1/src/modules/recovery/main_impl.h
-    secp256k1/src/modules/recovery/Makefile.am.include
-    secp256k1/src/modules/recovery/tests_impl.h
-    secp256k1/src/num.h
-    secp256k1/src/num_gmp.h
-    secp256k1/src/num_gmp_impl.h
-    secp256k1/src/num_impl.h
-    secp256k1/src/scalar.h
-    secp256k1/src/scalar_4x64.h
-    secp256k1/src/scalar_4x64_impl.h
-    secp256k1/src/scalar_8x32.h
-    secp256k1/src/scalar_8x32_impl.h
-    secp256k1/src/scalar_impl.h
-    secp256k1/src/scalar_low.h
-    secp256k1/src/scalar_low_impl.h
-    secp256k1/src/secp256k1.c
-    secp256k1/src/testrand.h
-    secp256k1/src/testrand_impl.h
-    secp256k1/src/tests.c
-    secp256k1/src/tests_exhaustive.c
-    secp256k1/src/util.h
-    secp256k1/TODO

 source-repository head
  type: git
@ -112,16 +29,8 @@ source-repository head
 library
  hs-source-dirs:
      src
-  ghc-options: -Wall
-  cc-options: -DHAVE_CONFIG_H
-  include-dirs:
+  extra-libraries:
      secp256k1
-      secp256k1/contrib
-      secp256k1/include
-  c-sources:
-      secp256k1/contrib/lax_der_parsing.c
-      secp256k1/contrib/lax_der_privatekey_parsing.c
-      secp256k1/src/secp256k1.c
  build-depends:
      HUnit
    , QuickCheck
--- a/src/Crypto/Secp256k1.hs
+++ b/src/Crypto/Secp256k1.hs
@ -20,7 +20,6 @@ module Crypto.Secp256k1
    , secKey
    , getSecKey
    , derivePubKey
-    , exportSecKey

    -- * Public Keys
    , PubKey
@ -34,7 +33,6 @@ module Crypto.Secp256k1
    , normalizeSig
    -- ** DER
    , importSig
-    , laxImportSig
    , exportSig
    -- ** Compact
    , CompactSig(..)
@ -263,18 +261,6 @@ importPubKey bs =  withContext $ \ctx -> useByteString bs $ \(b, l) -> do
    ret <- withForeignPtr fp $ \p -> ecPubKeyParse ctx p b l
    if isSuccess ret then return $ Just $ PubKey fp else return Nothing

-- | Encode secret key as DER.  First argument 'True' for compressed output.
-exportSecKey :: Bool -> SecKey -> ByteString
-exportSecKey compress (SecKey fk) = withContext $ \ctx ->
-    withForeignPtr fk $ \k -> alloca $ \l -> allocaBytes 279 $ \o -> do
-        poke l 279
-        ret <- ecSecKeyExport ctx o l k c
-        unless (isSuccess ret) $ error "could not export secret key"
-        n <- peek l
-        packByteString (o, n)
-  where
-    c = if compress then compressed else uncompressed
-
 -- | Encode public key as DER. First argument 'True' for compressed output.
 exportPubKey :: Bool -> PubKey -> ByteString
 exportPubKey compress (PubKey pub) = withContext $ \ctx ->
@ -310,14 +296,6 @@ importSig bs = withContext $ \ctx ->
        ret <- withForeignPtr fg $ \g -> ecdsaSignatureParseDer ctx g b l
        if isSuccess ret then return $ Just $ Sig fg else return Nothing

-- | Relaxed DER parsing. Allows certain DER errors and violations.
-laxImportSig :: ByteString -> Maybe Sig
-laxImportSig bs = withContext $ \ctx ->
-    useByteString bs $ \(b, l) -> do
-        fg <- mallocForeignPtr
-        ret <- withForeignPtr fg $ \g -> laxDerParse ctx g b l
-        if isSuccess ret then return $ Just $ Sig fg else return Nothing
-
 -- | Encode signature as strict DER.
 exportSig :: Sig -> ByteString
 exportSig (Sig fg) = withContext $ \ctx ->
--- a/src/Crypto/Secp256k1/Internal.hs
+++ b/src/Crypto/Secp256k1/Internal.hs
@ -352,15 +352,6 @@ foreign import ccall
    -> Ptr Sig64 -- ^ input
    -> IO Ret

-foreign import ccall
-    "lax_der_parsing.h ecdsa_signature_parse_der_lax"
-    laxDerParse
-    :: Ptr Ctx
-    -> Ptr Sig64
-    -> Ptr CUChar
-    -> CSize
-    -> IO Ret
-
 foreign import ccall
    "secp256k1.h secp256k1_ecdsa_sign"
    ecdsaSign
@ -480,13 +471,3 @@ foreign import ccall
    -> Ptr RecSig65
    -> Ptr Msg32
    -> IO Ret
-
-foreign import ccall
-    "lax_der_privatekey_parsing.h ec_privkey_export_der"
-    ecSecKeyExport
-    :: Ptr Ctx
-    -> Ptr CUChar -- ^ array to store DER-encoded key (allocate 279 bytes)
-    -> Ptr CSize -- ^ size of previous array, will be updated
-    -> Ptr SecKey32
-    -> SerFlags
-    -> IO Ret
--- a/stack.yaml
+++ b/stack.yaml
@ -1,6 +1,4 @@
-resolver: lts-12.2
-packages:
- '.'
-extra-deps: []
-flags: {}
-extra-package-dbs: []
+resolver: lts-12.7
+nix:
+  packages:
+    - secp256k1
--- a/test/Crypto/Secp256k1/InternalSpec.hs
+++ b/test/Crypto/Secp256k1/InternalSpec.hs
@ -25,7 +25,6 @@ spec = do
        it "handles storable public key" pubkeyStorableTest
        it "handles storable signature" signatureStorableTest
        it "parses DER signature" ecdsaSignatureParseDerTest
-        it "parses lax DER signature" laxDerParseTest
        it "serializes DER signature" ecdsaSignatureSerializeDerTest
    describe "signatures" $ do
        it "verifies signature" ecdsaVerifyTest
@ -161,17 +160,6 @@ ecdsaSignatureParseDerTest = do
        \fb2202206f0415ab0e9a977afd78b2c26ef39b3952096d319fd4b101c768ad6c132e30\
        \45"

-laxDerParseTest :: Assertion
-laxDerParseTest = do
-    ret <- liftIO $ useAsCStringLen der $ \(d, dl) -> alloca $ \s -> do
-        x <- contextCreate verify
-        laxDerParse x s (castPtr d) (fromIntegral dl)
-    assertBool "parsed signature successfully" $ isSuccess ret
-  where
-    der = fst $ B16.decode
-        "30450220f502bfa07af43e7ef265618b0d929a7619ee01d6150e37eb6eaaf2c8bd37fb\
-        \2202206f0415ab0e9a977afd78b2c26ef39b3952096d319fd4b101c768ad6c132e3045"
-
 parseDer :: Ptr Ctx -> ByteString -> IO Sig64
 parseDer x bs = useAsCStringLen bs $ \(d, dl) -> alloca $ \s -> do
    ret <- ecdsaSignatureParseDer x s (castPtr d) (fromIntegral dl)
--- a/test/Crypto/Secp256k1Spec.hs
+++ b/test/Crypto/Secp256k1Spec.hs
@ -24,7 +24,6 @@ spec = do
    describe "serialization" $ do
        it "serializes public key" $ property $ serializePubKeyTest
        it "serializes DER signature" $ property $ serializeSigTest
-        it "serializes lax DER signature" $ property $ serializeLaxSigTest
        it "serializes compact signature" $ property $ serializeCompactSigTest
        it "serializes compact recoverable signature" $
            property $ serializeCompactRecSigTest
@ -146,14 +145,6 @@ serializeSigTest (fm, fk) =
  where
    fg = signMsg fk fm

-serializeLaxSigTest :: (Msg, SecKey) -> Bool
-serializeLaxSigTest (fm, fk) =
-    case laxImportSig $ exportSig fg of
-        Just fg' -> fg == fg'
-        Nothing  -> False
-  where
-    fg = signMsg fk fm
-
 serializeCompactSigTest :: (Msg, SecKey) -> Bool
 serializeCompactSigTest (fm, fk) =
    case importCompactSig $ exportCompactSig fg of
				`@ -1 +0,0 @@`
				`Subproject commit cbc20b8c34d44c2ef175420f3cdfe054f82e8e2c`