Makes it possible to compactly provide a delibrately invalid signature
for use with CHECK(MULTI)SIG. For instance with BIP19 if m != n invalid
signatures need to be provided in the scriptSig; prior to this change
those invalid signatures would need to be large DER-encoded signatures.
Note that we may want to further expand on this change in the future by
saying that only OP_0 is a "valid" invalid signature; BIP19 even with
this change is inherently malleable as the invalid signatures can be any
validly encoded DER signature.
2ecd294 Bugfix: configure: Correctly detect "nothing to build" condition (Luke Dashjr)
b7a4ecc Bugfix: Only check for boost when building code that requires it (Luke Dashjr)
a19eeac Bugfix: configure: Check for openssl/ec.h (Luke Dashjr)
fe925e2 Use EXTRA_LIBRARIES instead of noinst_LIBRARIES so we can avoid building unused code (Cory Fields)
This will disconnect peers that do not transfer a block in 10 minutes, plus
5 minutes for every previously queued block with validated headers
(accomodating downstream bandwidth down to a few kilobytes per second - below
that the node would have trouble staying synchronized anyway).
on rare occasions, rand() was returning duped values, causing duplicate
transactions.
BuildMerkleTree happily used these, but CPartialMerkleTree caught them and
returned a null merkle root.
Rather than taking changes with rand(), use the loop counter to guarantee
unique values.
At sipa's request, also remove the remaining uses of rand().
856e862 namespace: drop most boost namespaces and a few header cleanups (Cory Fields)
9b1ab86 namespace: drop boost::assign altogether here (Cory Fields)
a324199 namespace: remove boost namespace pollution (Cory Fields)
50cc6ab Merge pull request #178
941e221 Add tests for handling of the nonce function in signing.
10c81ff Merge pull request #177
7688e34 Add magnitude limits to secp256k1_fe_verify to ensure that it's own tests function correctly.
4ee4f7a Merge pull request #176
70ae0d2 Use secp256k1_fe_equal_var in secp256k1_fe_sqrt_var.
7767b4d Merge pull request #175
9ab9335 Add a reference consistency test to ge_tests.
60571c6 Rework group tests
d26e26f Avoid constructing an invalid signature with probability 1:2^256.
b450c34 Merge pull request #163
d57cae9 Merge pull request #154
49ee0db Add _normalizes_to_zero_var variant
eed599d Add _fe_normalizes_to_zero method
d7174ed Weak normalization for secp256k1_fe_equal
0295f0a weak normalization
bbd5ba7 Use rfc6979 as default nonce generation function
b37fbc2 Implement SHA256 / HMAC-SHA256 / RFC6979.
c6e7f4e [API BREAK] Use a nonce-generation function instead of a nonce
cf0c48b Merge pull request #169
603c33b Make signing fail if a too small buffer is passed.
6d16606 Merge pull request #168
7277fd7 Remove GMP field implementation
e99c4c4 Merge pull request #123
13278f6 Add explanation about how inversion can be avoided
ce7eb6f Optimize verification: avoid field inverse
a098f78 Merge pull request #160
38acd01 Merge pull request #165
6a59012 Make git ignore bench_recover when configured with benchmark enabled
1ba4a60 Configure options reorganization
3c0f246 Merge pull request #157
808dd9b Merge pull request #156
8dc75e9 Merge pull request #158
28ade27 build: nuke bashisms
5190079 build: use subdir-objects for automake
8336040 build: disable benchmark by default
git-subtree-dir: src/secp256k1
git-subtree-split: 50cc6ab0625efda6dddf1dc86c1e2671f069b0d8
Instead of using a fixed-width font in a label, which virtually
guarentees a horizontal scrollbar, use a proper text-document
that can re-layout based on user input.
6bd0dc2 arith_uint256: remove initialization from byte vector (Wladimir J. van der Laan)
30007fd Remove now-unused methods from arith_uint256 and base_uint (Wladimir J. van der Laan)
edc7204 Remove arith_uint160 (Wladimir J. van der Laan)
dba2e91 Add tests for new uint256 (Wladimir J. van der Laan)
92cdb1a Add conversion functions arith_uint256<->uint_256 (Wladimir J. van der Laan)
bfc6070 uint256->arith_uint256 blob256->uint256 (Wladimir J. van der Laan)
734f85c Use arith_uint256 where necessary (Wladimir J. van der Laan)
34cdc41 String conversions uint256 -> uint256S (Wladimir J. van der Laan)
2eae315 Replace uint256(1) with static constant (Wladimir J. van der Laan)
8076585 Replace GetLow64 with GetCheapHash (Wladimir J. van der Laan)
4f15249 Replace direct use of 0 with SetNull and IsNull (Wladimir J. van der Laan)
5d3064b Temporarily add SetNull/IsNull/GetCheapHash to base_uint (Wladimir J. van der Laan)
Remove initialization from vector (as this is only used in the tests).
Also implement SetHex and GetHex in terms of uint256, to avoid
duplicate code as well as avoid endianness issues (as they
work in term of bytes).
- Methods that access the guts of arith_uint256 are removed,
as these are incompatible between endians. Use uint256 instead
- Serialization is no longer needed as arith_uint256's are never
read or written
- GetHash is never used on arith_uint256
If uint256() constructor takes a string, uint256(0) will become
dangerous when uint256 does not take integers anymore (it will go
through std::string(const char*) making a NULL string, and the explicit
keyword is no help).
SignatureHash and its test function SignatureHashOld
return uint256(1) as a special error signaling value.
Return a local static constant with the same value instead.