Merge pull request #180 from elichai/2019-11-SharedSecret

Alternative: Passing custom hash functions to ECDH

Author: apoelstra

no_std_test/src/main.rs

@@ -55,6 +55,7 @@ use core::panic::PanicInfo;
 use secp256k1::rand::{self, RngCore};
 use secp256k1::serde::Serialize;
 use secp256k1::*;
+use secp256k1::ecdh::SharedSecret;
 
 use serde_cbor::de;
 use serde_cbor::ser::SliceWrite;
@@ -102,6 +103,16 @@ fn start(_argc: isize, _argv: *const *const u8) -> isize {
     let new_sig: Signature = de::from_mut_slice(&mut cbor_ser[..size]).unwrap();
     assert_eq!(sig, new_sig);
 
+    let _ = SharedSecret::new(&public_key, &secret_key);
+    let mut x_arr = [0u8; 32];
+    let y_arr = unsafe { SharedSecret::new_with_hash_no_panic(&public_key, &secret_key, |x,y| {
+        x_arr = x;
+        y.into()
+    })}.unwrap();
+    assert_ne!(x_arr, [0u8; 32]);
+    assert_ne!(&y_arr[..], &[0u8; 32][..]);
+    
+
     unsafe { libc::printf("Verified Successfully!\n\0".as_ptr() as _) };
     0
 }

secp256k1-sys/src/lib.rs

@@ -72,7 +72,7 @@ pub type EcdhHashFn = unsafe extern "C" fn(
     x: *const c_uchar,
     y: *const c_uchar,
     data: *mut c_void,
-);
+) -> c_int;
 
 /// A Secp256k1 context, containing various precomputed values and such
 /// needed to do elliptic curve computations. If you create one of these
@@ -134,25 +134,6 @@ impl Default for Signature {
     }
 }
 
-/// Library-internal representation of an ECDH shared secret
-#[repr(C)]
-pub struct SharedSecret([c_uchar; 32]);
-impl_array_newtype!(SharedSecret, c_uchar, 32);
-impl_raw_debug!(SharedSecret);
-
-impl SharedSecret {
-    /// Create a new (zeroed) signature usable for the FFI interface
-    pub fn new() -> SharedSecret { SharedSecret([0; 32]) }
-    /// Create a new (uninitialized) signature usable for the FFI interface
-    #[deprecated(since = "0.15.3", note = "Please use the new function instead")]
-    pub unsafe fn blank() -> SharedSecret { SharedSecret::new() }
-}
-
-impl Default for SharedSecret {
-    fn default() -> Self {
-        SharedSecret::new()
-    }
-}
 
 #[cfg(not(feature = "fuzztarget"))]
 extern "C" {
@@ -296,7 +277,7 @@ extern "C" {
     #[cfg_attr(not(feature = "external-symbols"), link_name = "rustsecp256k1_v0_1_0_ecdh")]
     pub fn secp256k1_ecdh(
         cx: *const Context,
-        output: *mut SharedSecret,
+        output: *mut c_uchar,
         pubkey: *const PublicKey,
         privkey: *const c_uchar,
         hashfp: EcdhHashFn,
@@ -459,7 +440,7 @@ mod fuzz_dummy {
     use self::std::{ptr, mem};
     use self::std::boxed::Box;
     use types::*;
-    use ::{Signature, Context, NonceFn, EcdhHashFn, PublicKey, SharedSecret,
+    use ::{Signature, Context, NonceFn, EcdhHashFn, PublicKey,
         SECP256K1_START_NONE, SECP256K1_START_VERIFY, SECP256K1_START_SIGN,
         SECP256K1_SER_COMPRESSED, SECP256K1_SER_UNCOMPRESSED};
 
@@ -788,7 +769,7 @@ mod fuzz_dummy {
     /// Sets out to point[0..16]||scalar[0..16]
     pub unsafe fn secp256k1_ecdh(
         cx: *const Context,
-        out: *mut SharedSecret,
+        out: *mut c_uchar,
         point: *const PublicKey,
         scalar: *const c_uchar,
         _hashfp: EcdhHashFn,
@@ -801,13 +782,13 @@ mod fuzz_dummy {
         ptr::copy(scalar, scalar_prefix[..].as_mut_ptr(), 16);
 
         if (*point).0[0..16] > scalar_prefix[0..16] {
-            (*out).0[0..16].copy_from_slice(&(*point).0[0..16]);
-            ptr::copy(scalar, (*out).0[16..32].as_mut_ptr(), 16);
+            ptr::copy((*point).as_ptr(), out, 16);
+            ptr::copy(scalar, out.offset(16), 16);
         } else {
-            ptr::copy(scalar, (*out).0[0..16].as_mut_ptr(), 16);
-            (*out).0[16..32].copy_from_slice(&(*point).0[0..16]);
+            ptr::copy(scalar, out, 16);
+            ptr::copy((*point).as_ptr(), out.offset(16), 16);
         }
-        (*out).0[16] = 0x00; // result should always be a valid secret key
+        (*out.offset(16)) = 0x00; // result should always be a valid secret key
         1
     }
 }

secp256k1-sys/src/macros.rs

@@ -144,6 +144,7 @@ macro_rules! impl_array_newtype {
     }
 }
 
+#[macro_export]
 macro_rules! impl_raw_debug {
     ($thing:ident) => {
         impl ::core::fmt::Debug for $thing {