This is another continuation of #64 and #248 implementing JNI library for secp256k1, rebased to master.
Also it includes a fix for a bug we noticed while including it in GreenBits - buffers were overflowing if two different functions were called consecutively with the second one needing more buffer space.
@faizkhan00 thank you and @theuni (and anyone else involved I missed) for the work done thus far.
tests are passing locally but there seems to be a race condition in make where by the shared library is not fully linked by the time the test starts (but strangely only in travis, we can’t reproduce locally) - looks like we need to fix the dependency
we tried to fix that and failed (we are not too strong on makefiles) so we asked @theuni and he suggested he may have a look at this at some point but anyone with any input is welcome
@greenaddress Sorry for not getting to this at the meetup as promised, I kept getting pulled away.
Anyway, that’s probably for the best. This turned out to be non-trivial to track down, and not build-system related at all.
See the top few commits here for the fix: https://github.com/theuni/secp256k1/commits/jni-test
tl;dr: JNIEXPORT on some Java versions (the one Travis uses by default, at least) is busted wrt symbol visibility.
98+ int pubLen = new BigInteger(new byte[] { retByteArray[1][0] }).intValue();
99+ int retVal = new BigInteger(new byte[] { retByteArray[1][1] }).intValue();
100+
101+ assertEquals(pubArr.length, pubLen, "Got bad signature length.");
102+
103+ assertEquals(retVal, 1, "Failed return value check.");
175+
176+ /**
177+ * libsecp256k1 Compute Pubkey - computes public key from secret key
178+ *
179+ * @param seckey ECDSA Secret key, 32 bytes
180+ * @param compressed 1 to return compressed key, 0 for uncompressed
246+
247+ byte[][] retByteArray;
248+
249+ r.lock();
250+ try {
251+ retByteArray = secp256k1_ec_privkey_import(byteBuff,Secp256k1Context.getContext(), seckey.length);
381+ int privLen = (byte) new BigInteger(new byte[] { retByteArray[1][0] }).intValue() & 0xFF;
382+ int retVal = new BigInteger(new byte[] { retByteArray[1][1] }).intValue();
383+
384+ assertEquals(privArr.length, privLen, "Got bad pubkey length.");
385+
386+ assertEquals(retVal, 1, "Failed return value check.");
465+
466+ return pubArr;
467+ }
468+
469+ /**
470+ * libsecp256k1 create ECDH secret - constant time ECDH calculation
471+ *
472+ * @param seckey byte array of secret key used in exponentiaion
473+ * @param pubkey byte array of public key used in exponentiaion
474+ */
475+ //TODO schnorrSign, schnoorVerify, schnorrRecover()
476+ public static byte[] schnoorOps(byte[] pubkey, byte[] msg32) throws AssertFailException{
487+ byteBuff.put(pubkey);
488+
489+ byte[][] retByteArray;
490+ r.lock();
491+ try {
492+ retByteArray = secp256k1_ecdsa_recover(byteBuff,Secp256k1Context.getContext(), pubkey.length);
@sipa as you say the work is not complete, it doesn’t cover all functions yet but the aim is to have all of them.
we plan to do more towards completing coverage but would be great to work together with @faizkhan00 (and @theuni) to finish it.
we currently have pedersen_blind_sum, pedersen_commit and rangeproof_sign in the works
Squashed and rebased. Thanks to @theuni and @faizkhan00 for doing
the majority of work here! Also thanks to @btchip for help with debugging
and review.
76+ * @param data The data which was signed, must be exactly 32 bytes
77+ * @param signature The signature
78+ * @param compressed whether to recover a compressed pubkey
79+ * @param pub The public key which did the signing
80+ */
81+ //TODO recoverCompact()
secp256k1_ecdsa_recover was not implemented in org_bitcoin_NativeSecp256k1.c, hence the TODO and commented out code.
I’ve now removed the unimplemented and commented parts and cleaned it up in general. I think it’s reasonable to keep these two commits for future reference, in case someone wants to look up the incomplete implementations in git history.