ECDH: output compressed point #446

pull chfast wants to merge 3 commits into bitcoin-core:master from chfast:ecdh-raw changing 3 files +50 −15
  1. chfast commented at 10:52 pm on March 9, 2017: none
  2. ecdh: allocate single buffer for compressed point 9fd8a92bf1
  3. ecdh: extract shared secret hashing
    This commit separates finding shared secret for ECDH from hashing it.
    1478f233f6
  4. ecdh: export secp256k1_ecdh_raw() function 9859f02f9e
  5. fanatid commented at 5:34 am on March 10, 2017: contributor
    Related: #352 #354
  6. chfast commented at 9:11 am on March 10, 2017: none
    Oh, thank. Good to know it is not only my issue. Any final conclusions how the API should look like?
  7. chfast cross-referenced this on Mar 10, 2017 from issue Support custom hash functions in ECDH API by Kagami
  8. gmaxwell commented at 3:55 pm on March 11, 2017: contributor

    It is generally unsafe to use the raw point for almost any application. Following our design principle of being hard to abuse, we should not provide a function that directly does so.

    Instead, I think we can do is take a hasher function point, similar to how the signing takes a nonce function. Callers that need some other scheme for handling the nonce can pass a function pointer that accomplishes whatever they need, without creating an appearance that it’s generally okay to use the raw point for ECDH.

    There is a lot of reckless cryptography out there. We’re not going to change that, but we also don’t need to be a part of it.

  9. fanatid commented at 4:11 pm on March 11, 2017: contributor
    @gmaxwell IIRC I implemented hash function as argument in #354, but not receive any feedback… should I reopen that PR?
  10. chfast commented at 9:31 pm on March 11, 2017: none
    It doesn’t matter for me which version it will be. Is the one with the callback is to be accepted? Is the callback parameters as in the #354 fine?
  11. fanatid cross-referenced this on Mar 12, 2017 from issue [ECDH API change] Support custom hash function by fanatid
  12. sipa commented at 1:00 am on March 22, 2017: contributor
    Closing in favor of #354.
  13. sipa closed this on Mar 22, 2017


github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-22 21:15 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me