Skip to content
  1. Mar 25, 2015
  2. Jan 17, 2015
  3. Sep 12, 2014
    • Andrew Poelstra's avatar
      Revert "Overhaul interface to use zero-on-free SecretKeys" · 9cab4e02
      Andrew Poelstra authored
      This reverts commit 98890907.
      
      This is not ready for primetime -- the move prevention also prevents
      reborrowing, which makes secret keys nearly unusable.
      9cab4e02
    • Andrew Poelstra's avatar
      Overhaul interface to use zero-on-free SecretKeys · 98890907
      Andrew Poelstra authored
      Using the `secretdata` library, we can store SecretKeys in such a way
      that they cannot be moved or copied, and their memory is zeroed out on
      drop. This gives us some assurance that in the case of memory unsafety,
      there is not secret key data lying around anywhere that we don't expect.
      
      Unfortunately, it means that we cannot construct secret keys and then
      return them, which forces the interface to change a fair bit. I removed
      the `generate_keypair` function from Secp256k1, then `generate_nonce`
      for symmetry, then dropped the `Secp256k1` struct entirely because it
      turned out that none of the remaining functions used the `self` param.
      
      So here we are. I bumped the version number. Sorry about this.
      98890907
  4. Sep 05, 2014
  5. Sep 04, 2014
  6. Sep 01, 2014
    • Andrew Poelstra's avatar
    • Andrew Poelstra's avatar
      Make Secp256k1::verify() static · 20452411
      Andrew Poelstra authored
      This avoids the overhead of creating and seeding a Fortuna just to do verification.
      20452411
    • Andrew Poelstra's avatar
      Generate keys from Fortuna rather than always using the OsRng · d94345f7
      Andrew Poelstra authored
      When creating a Secp256k1, we attach a Fortuna CSRNG seeded from the
      OS RNG, rather than using the OS RNG all the time. This moves the
      potential RNG failure to the creation of the object, rather than at
      every single place that keys are generated. It also reduces trust
      in the operating system RNG.
      
      This does mean that Secp256k1::new() now returns an IoResult while
      the generate_* methods no longer return Results, so this is a breaking
      change.
      
      Also add a benchmark for key generation. On my system I get:
      
      test tests::generate_compressed   ... bench:    492990 ns/iter (+/- 27981)
      test tests::generate_uncompressed ... bench:    495148 ns/iter (+/- 29829)
      
      Contrast the numbers with OsRng:
      
      test tests::generate_compressed   ... bench:     66691 ns/iter (+/- 3640)
      test tests::generate_uncompressed ... bench:     67148 ns/iter (+/- 3806)
      
      Not too shabby :)
      
      [breaking-change]
      d94345f7
  7. Aug 31, 2014
  8. Aug 30, 2014
  9. Aug 28, 2014
  10. Aug 27, 2014
  11. Aug 24, 2014
  12. Aug 18, 2014
  13. Aug 16, 2014
  14. Aug 12, 2014
  15. Aug 10, 2014
  16. Aug 05, 2014
  17. Aug 04, 2014