Split `secp256k1_ec_pubkey_decompress` into in-place and copy variants #250

pull apoelstra wants to merge 1 commits into bitcoin-core:master from apoelstra:decompress-split changing 3 files +28 −13

apoelstra commented at 3:00 PM on May 11, 2015: contributor

Right now secp256k1_ec_pubkey_decompress takes an in/out pointer to a public key and replaces the input key with its decompressed variant. This forces users who store compressed keys in small (<65 byte) fixed size buffers (for example, the Rust bindings do this) to explicitly and wastefully copy their key to a larger buffer.

Add a variant secp256k1_ec_pubkey_decompress_copy which takes an in-pointer and an out-pointer for the public key.
apoelstra commented at 3:00 PM on May 11, 2015: contributor

@gmaxwell suggested I check the rest of the API for cases like this; I did, it is the only one that takes an in/out pointer to a byte buffer.
dcousens commented at 12:07 AM on May 12, 2015: contributor

ACK

in include/secp256k1.h:None in 209b9c14fe outdated

 274 | @@ -275,6 +275,24 @@ SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_decompress(
 275 |    int *pubkeylen
 276 |  ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
 277 |  
 278 | +/** Decompress a public key.

sipa commented at 1:49 AM on May 13, 2015:

Just replace the old function.

gmaxwell commented at 4:45 AM on May 13, 2015: contributor

I'm largely ambivalent but I suggested otherwise because most people will not assume a writable parameter can alias.
apoelstra commented at 3:44 PM on May 13, 2015: contributor

My thoughts were the same as @gmaxwell's. For the sake of a cleaner API I think I lean toward just replacing the function, though.

If @gmaxwell ok's it I'll change the PR to do this.
gmaxwell commented at 4:37 PM on May 13, 2015: contributor

I certainly don't mind; just wanted sipa to be aware of that argument, if he wasn't in case it changed his thinking.
ghost commented at 8:31 PM on May 13, 2015: none

Looks good (Tested ACK), I'll update my JNI PR relative to this once the API is finalized here, too (FWIW I was having trouble the other day with this due to not realizing the buffer had to be large enough to hold the expanded pubkey if the buffer is != 65 bytes going in, this makes the (somewhat obvious) assumption more apparent).
apoelstra force-pushed on May 13, 2015
apoelstra force-pushed on May 13, 2015
apoelstra commented at 10:00 PM on May 13, 2015: contributor

Updated PR to just replace the function.
apoelstra force-pushed on May 13, 2015
gmaxwell commented at 10:05 PM on May 13, 2015: contributor

One might wonder how one can decompress uninitialized memory. :) I think that part of the comment is a bit weird and you can probably drop it; in C I've never worried that my output needed to be initialized.
apoelstra force-pushed on May 13, 2015
apoelstra commented at 10:06 PM on May 13, 2015: contributor

Sure, changed :)

Use separate in and out pointers in `secp256k1_ec_pubkey_decompress`

Right now `secp256k1_ec_pubkey_decompress` takes an in/out pointer to
a public key and replaces the input key with its decompressed variant.
This forces users who store compressed keys in small (<65 byte) fixed
size buffers (for example, the Rust bindings do this) to explicitly
and wastefully copy their key to a larger buffer.

[API BREAK]

210ffed5cd

apoelstra force-pushed on May 13, 2015
gmaxwell commented at 10:11 PM on May 13, 2015: contributor

utACK.
unknown cross-referenced this on May 15, 2015 from issue libsecp256k1_jni shared lib (continued) by ghost
sipa merged this on Jun 13, 2015
sipa closed this on Jun 13, 2015
sipa referenced this in commit 873a453d26 on Jun 13, 2015
apoelstra deleted the branch on Jun 19, 2017

Contributors

Linked (view graph)

#248 libsecp256k1_jni shared lib (continued)