refactor(crypto): make secp256k1_context_writable_randomize() return status

crypto/zkp_bip340.c

@@ -47,33 +47,43 @@ int zkp_bip340_get_public_key(const uint8_t *private_key_bytes,
                               uint8_t *public_key_bytes) {
   int result = 0;
 
-  secp256k1_pubkey pubkey = {0};
+  secp256k1_context *context_writable = NULL;
+  if (result == 0) {
+    context_writable = zkp_context_acquire_writable();
+    if (context_writable == NULL) {
+      result = -1;
+    }
+  }
+  if (result == 0) {
+    if (secp256k1_context_writable_randomize(context_writable) != 0) {
+      result = -1;
+    }
+  }
 
+  secp256k1_pubkey public_key = {0};
   if (result == 0) {
-    secp256k1_context *context_writable = zkp_context_acquire_writable();
-    if (context_writable) {
-      secp256k1_context_writable_randomize(context_writable);
-      if (secp256k1_ec_pubkey_create(context_writable, &pubkey,
-                                     private_key_bytes) != 1) {
-        result = -1;
-      }
-      zkp_context_release_writable();
-    } else {
+    if (secp256k1_ec_pubkey_create(context_writable, &public_key,
+                                   private_key_bytes) != 1) {
       result = -1;
     }
   }
 
+  if (context_writable) {
+    zkp_context_release_writable();
+    context_writable = NULL;
+  }
+
   secp256k1_xonly_pubkey xonly_pubkey = {0};
   const secp256k1_context *context_read_only = zkp_context_get_read_only();
 
   if (result == 0) {
     if (secp256k1_xonly_pubkey_from_pubkey(context_read_only, &xonly_pubkey,
-                                           NULL, &pubkey) != 1) {
+                                           NULL, &public_key) != 1) {
       result = -1;
     }
   }
 
-  memzero(&pubkey, sizeof(pubkey));
+  memzero(&public_key, sizeof(public_key));
 
   if (result == 0) {
     if (secp256k1_xonly_pubkey_serialize(context_read_only, public_key_bytes,
@@ -98,36 +108,45 @@ int zkp_bip340_sign_digest(const uint8_t *private_key_bytes,
                            uint8_t *auxiliary_data) {
   int result = 0;
 
+  secp256k1_context *context_writable = NULL;
+  if (result == 0) {
+    context_writable = zkp_context_acquire_writable();
+    if (context_writable == NULL) {
+      result = -1;
+    }
+  }
+  if (result == 0) {
+    if (secp256k1_context_writable_randomize(context_writable) != 0) {
+      result = -1;
+    }
+  }
+
   secp256k1_keypair keypair = {0};
+  if (result == 0) {
+    if (secp256k1_keypair_create(context_writable, &keypair,
+                                 private_key_bytes) != 1) {
+      result = -1;
+    }
+  }
 
   if (result == 0) {
-    secp256k1_context *context_writable = zkp_context_acquire_writable();
-    if (context_writable) {
-      secp256k1_context_writable_randomize(context_writable);
-      if (secp256k1_keypair_create(context_writable, &keypair,
-                                   private_key_bytes) != 1) {
-        result = -1;
-      }
-      zkp_context_release_writable();
-    } else {
+    if (secp256k1_context_writable_randomize(context_writable) != 0) {
       result = -1;
     }
   }
 
   if (result == 0) {
-    secp256k1_context *context_writable = zkp_context_acquire_writable();
-    if (context_writable) {
-      secp256k1_context_writable_randomize(context_writable);
-      if (secp256k1_schnorrsig_sign(context_writable, signature_bytes, digest,
-                                    &keypair, auxiliary_data) != 1) {
-        result = -1;
-      }
-      zkp_context_release_writable();
-    } else {
+    if (secp256k1_schnorrsig_sign(context_writable, signature_bytes, digest,
+                                  &keypair, auxiliary_data) != 1) {
       result = -1;
     }
   }
 
+  if (context_writable) {
+    zkp_context_release_writable();
+    context_writable = NULL;
+  }
+
   memzero(&keypair, sizeof(keypair));
 
   return result;
@@ -240,21 +259,29 @@ int zkp_bip340_tweak_private_key(const uint8_t *internal_private_key,
                                  uint8_t *output_private_key) {
   int result = 0;
 
-  secp256k1_keypair keypair = {0};
-
+  secp256k1_context *context_writable = NULL;
   if (result == 0) {
-    secp256k1_context *context_writable = zkp_context_acquire_writable();
-    if (context_writable) {
-      secp256k1_context_writable_randomize(context_writable);
-      if (secp256k1_keypair_create(context_writable, &keypair,
-                                   internal_private_key) != 1) {
-        result = -1;
-      }
-      zkp_context_release_writable();
-    } else {
+    context_writable = zkp_context_acquire_writable();
+    if (context_writable == NULL) {
       result = -1;
     }
   }
+  if (result == 0) {
+    if (secp256k1_context_writable_randomize(context_writable) != 0) {
+      result = -1;
+    }
+  }
+
+  secp256k1_keypair keypair = {0};
+  if (secp256k1_keypair_create(context_writable, &keypair,
+                               internal_private_key) != 1) {
+    result = -1;
+  }
+
+  if (context_writable) {
+    zkp_context_release_writable();
+    context_writable = NULL;
+  }
 
   const secp256k1_context *context_read_only = zkp_context_get_read_only();
 

crypto/zkp_context.c

@@ -34,12 +34,18 @@ static uint8_t context_buffer[SECP256K1_CONTEXT_SIZE];
 static secp256k1_context *context;
 static volatile atomic_flag locked;
 
-void secp256k1_context_writable_randomize(secp256k1_context *context_writable) {
+// returns 0 on success
+int secp256k1_context_writable_randomize(secp256k1_context *context_writable) {
   uint8_t seed[32] = {0};
   random_buffer(seed, sizeof(seed));
   int returned = secp256k1_context_randomize(context_writable, seed);
   memzero(seed, sizeof(seed));
-  assert(returned == 1);
+
+  if (returned != 1) {
+    return 1;
+  }
+
+  return 0;
 }
 
 bool zkp_context_is_initialized(void) { return context != NULL; }

crypto/zkp_context.h

@@ -5,7 +5,7 @@
 
 #include "vendor/secp256k1-zkp/include/secp256k1_preallocated.h"
 
-void secp256k1_context_writable_randomize(secp256k1_context *context);
+int secp256k1_context_writable_randomize(secp256k1_context *context);
 int zkp_context_init(void);
 void zkp_context_destroy(void);
 const secp256k1_context *zkp_context_get_read_only(void);

crypto/zkp_ecdsa.c

@@ -55,22 +55,32 @@ int zkp_ecdsa_get_public_key33(const ecdsa_curve *curve,
 
   int result = 0;
 
-  secp256k1_pubkey public_key = {0};
+  secp256k1_context *context_writable = NULL;
+  if (result == 0) {
+    context_writable = zkp_context_acquire_writable();
+    if (context_writable == NULL) {
+      result = 1;
+    }
+  }
+  if (result == 0) {
+    if (secp256k1_context_writable_randomize(context_writable) != 0) {
+      result = 1;
+    }
+  }
 
+  secp256k1_pubkey public_key = {0};
   if (result == 0) {
-    secp256k1_context *context_writable = zkp_context_acquire_writable();
-    if (context_writable) {
-      secp256k1_context_writable_randomize(context_writable);
-      if (secp256k1_ec_pubkey_create(context_writable, &public_key,
-                                     private_key_bytes) != 1) {
-        result = 1;
-      }
-      zkp_context_release_writable();
-    } else {
+    if (secp256k1_ec_pubkey_create(context_writable, &public_key,
+                                   private_key_bytes) != 1) {
       result = 1;
     }
   }
 
+  if (context_writable) {
+    zkp_context_release_writable();
+    context_writable = NULL;
+  }
+
   if (result == 0) {
     size_t written = 33;
     const secp256k1_context *context_read_only = zkp_context_get_read_only();
@@ -102,22 +112,32 @@ int zkp_ecdsa_get_public_key65(const ecdsa_curve *curve,
 
   int result = 0;
 
-  secp256k1_pubkey public_key = {0};
+  secp256k1_context *context_writable = NULL;
+  if (result == 0) {
+    context_writable = zkp_context_acquire_writable();
+    if (context_writable == NULL) {
+      result = 1;
+    }
+  }
+  if (result == 0) {
+    if (secp256k1_context_writable_randomize(context_writable) != 0) {
+      result = 1;
+    }
+  }
 
+  secp256k1_pubkey public_key = {0};
   if (result == 0) {
-    secp256k1_context *context_writable = zkp_context_acquire_writable();
-    if (context_writable) {
-      secp256k1_context_writable_randomize(context_writable);
-      if (secp256k1_ec_pubkey_create(context_writable, &public_key,
-                                     private_key_bytes) != 1) {
-        result = 1;
-      }
-      zkp_context_release_writable();
-    } else {
+    if (secp256k1_ec_pubkey_create(context_writable, &public_key,
+                                   private_key_bytes) != 1) {
       result = 1;
     }
   }
 
+  if (context_writable) {
+    zkp_context_release_writable();
+    context_writable = NULL;
+  }
+
   if (result == 0) {
     size_t written = 65;
     const secp256k1_context *context_read_only = zkp_context_get_read_only();
@@ -164,23 +184,33 @@ int zkp_ecdsa_sign_digest(
     }
   }
 
-  secp256k1_ecdsa_recoverable_signature recoverable_signature = {0};
+  secp256k1_context *context_writable = NULL;
+  if (result == 0) {
+    context_writable = zkp_context_acquire_writable();
+    if (context_writable == NULL) {
+      result = 1;
+    }
+  }
+  if (result == 0) {
+    if (secp256k1_context_writable_randomize(context_writable) != 0) {
+      result = 1;
+    }
+  }
 
+  secp256k1_ecdsa_recoverable_signature recoverable_signature = {0};
   if (result == 0) {
-    secp256k1_context *context_writable = zkp_context_acquire_writable();
-    if (context_writable) {
-      secp256k1_context_writable_randomize(context_writable);
-      if (secp256k1_ecdsa_sign_recoverable(
-              context_writable, &recoverable_signature, digest,
-              private_key_bytes, NULL, NULL) != 1) {
-        result = 1;
-      }
-      zkp_context_release_writable();
-    } else {
+    if (secp256k1_ecdsa_sign_recoverable(context_writable,
+                                         &recoverable_signature, digest,
+                                         private_key_bytes, NULL, NULL) != 1) {
       result = 1;
     }
   }
 
+  if (context_writable) {
+    zkp_context_release_writable();
+    context_writable = NULL;
+  }
+
   if (result == 0) {
     int recid = 0;
     const secp256k1_context *context_read_only = zkp_context_get_read_only();