Use local secp256k1 callbacks in kotlin native code

These callbacks are only triggered either by arguments do not match explicit rquirements of the sepc256k1 library, or by hardware failures, memory corruption
or bug in secp256k1, and not by misuse of the library.
In theory we do not need to implement them, except to find bugs in our own code, but the default callbacks print a message to stderr and call abort() which
is not nice especially on mobile apps.

=> Here we introduce 2 specific exceptions, Secp256k1ErrorCallbackException and Secp256k1IllegalCallbackException, which are thrown when the error callback or illegal callback are called.

.github/workflows/release.yml

@@ -58,11 +58,15 @@ jobs:
             base-devel
             autotools
             mingw-w64-x86_64-gcc
+      - name: Set up JDK 8
+        uses: actions/setup-java@v1
+        with:
+          java-version: 8
       - name: Setup Android
         if: matrix.os != 'windows-latest'
         shell: bash
         run: |
-          ${ANDROID_SDK_ROOT}/cmdline-tools/latest/bin/sdkmanager "ndk;$ANDROID_NDK_VERSION"
+          $ANDROID_HOME/tools/bin/sdkmanager "ndk;$ANDROID_NDK_VERSION"
       - name: Setup Android
         if: matrix.os == 'windows-latest'
         shell: msys2 {0}
@@ -82,7 +86,7 @@ jobs:
       - name: Check Linux
         if: matrix.os == 'ubuntu-latest'
         shell: bash
-        run: ./gradlew linuxX64Test
+        run: ./gradlew linuxTest
       - name: Check iOS
         if: matrix.os == 'macOS-latest'
         shell: bash
@@ -99,7 +103,7 @@ jobs:
       - name: Publish Linux
         if: matrix.os == 'ubuntu-latest'
         shell: bash
-        run: ./gradlew publishLinuxX64PublicationToMavenLocal :jni:jvm:linux:publishJvmPublicationToMavenLocal
+        run: ./gradlew publishLinuxPublicationToMavenLocal :jni:jvm:linux:publishJvmPublicationToMavenLocal
       - name: Publish Windows
         if: matrix.os == 'windows-latest'
         shell: msys2 {0}

.github/workflows/snapshot.yml

@@ -67,11 +67,15 @@ jobs:
             base-devel
             autotools
             mingw-w64-x86_64-gcc
+      - name: Set up JDK 8
+        uses: actions/setup-java@v1
+        with:
+          java-version: 8
       - name: Setup Android
         if: matrix.os != 'windows-latest'
         shell: bash
         run: |
-          ${ANDROID_SDK_ROOT}/cmdline-tools/latest/bin/sdkmanager "ndk;$ANDROID_NDK_VERSION"
+          $ANDROID_HOME/tools/bin/sdkmanager "ndk;$ANDROID_NDK_VERSION"
       - name: Setup Android
         if: matrix.os == 'windows-latest'
         shell: msys2 {0}
@@ -91,7 +95,7 @@ jobs:
       - name: Check Linux
         if: matrix.os == 'ubuntu-latest'
         shell: bash
-        run: ./gradlew linuxX64Test
+        run: ./gradlew linuxTest
       - name: Check iOS
         if: matrix.os == 'macOS-latest'
         shell: bash
@@ -108,7 +112,7 @@ jobs:
       - name: Publish Linux
         if: matrix.os == 'ubuntu-latest'
         shell: bash
-        run: ./gradlew publishLinuxX64PublicationToMavenLocal :jni:jvm:linux:publishJvmPublicationToMavenLocal -PsnapshotNumber=${{ github.run_number }} -PgitRef=${{ github.ref }}
+        run: ./gradlew publishLinuxPublicationToMavenLocal :jni:jvm:linux:publishJvmPublicationToMavenLocal -PsnapshotNumber=${{ github.run_number }} -PgitRef=${{ github.ref }}
       - name: Publish Windows
         if: matrix.os == 'windows-latest'
         shell: msys2 {0}

.github/workflows/test.yml

@@ -73,11 +73,15 @@ jobs:
             base-devel
             autotools
             mingw-w64-x86_64-gcc
+      - name: Set up JDK 8
+        uses: actions/setup-java@v1
+        with:
+          java-version: 8
       - name: Setup Android
         if: matrix.os != 'windows-latest'
         shell: bash
         run: |
-          ${ANDROID_SDK_ROOT}/cmdline-tools/latest/bin/sdkmanager "ndk;$ANDROID_NDK_VERSION"
+          $ANDROID_HOME/tools/bin/sdkmanager "ndk;$ANDROID_NDK_VERSION"
       - name: Setup Android
         if: matrix.os == 'windows-latest'
         shell: msys2 {0}
@@ -97,7 +101,7 @@ jobs:
       - name: Check Linux
         if: matrix.os == 'ubuntu-latest'
         shell: bash
-        run: ./gradlew linuxX64Test
+        run: ./gradlew linuxTest
       - name: Check iOS
         if: matrix.os == 'macOS-latest'
         shell: bash

build.gradle.kts

@@ -3,8 +3,8 @@ import org.jetbrains.kotlin.gradle.plugin.mpp.KotlinNativeTarget
 import org.jetbrains.dokka.Platform
 
 plugins {
-    kotlin("multiplatform") version "1.9.22"
+    kotlin("multiplatform") version "1.8.21"
-    id("org.jetbrains.dokka") version "1.9.10"
+    id("org.jetbrains.dokka") version "1.8.10"
     `maven-publish`
 }
 
@@ -16,13 +16,13 @@ buildscript {
 
     dependencies {
         classpath("com.android.tools.build:gradle:7.3.1")
-        classpath("org.jetbrains.dokka:dokka-gradle-plugin:1.9.10")
+        classpath("org.jetbrains.dokka:dokka-gradle-plugin:1.8.10")
     }
 }
 
 allprojects {
     group = "fr.acinq.secp256k1"
-    version = "0.13.0"
+    version = "0.12.0-SNAPSHOT"
 
     repositories {
         google()
@@ -52,22 +52,20 @@ kotlin {
         }
     }
 
-    val nativeMain by sourceSets.creating
+    val nativeMain by sourceSets.creating { dependsOn(commonMain) }
 
-    linuxX64 {
+    linuxX64("linux") {
         secp256k1CInterop("host")
+        compilations["main"].defaultSourceSet.dependsOn(nativeMain)
+        // https://youtrack.jetbrains.com/issue/KT-39396
+        compilations["main"].kotlinOptions.freeCompilerArgs += listOf("-include-binary", "$rootDir/native/build/linux/libsecp256k1.a")
     }
 
-    iosX64 {
+    ios {
-        secp256k1CInterop("ios")
-    }
-
-    iosArm64 {
-        secp256k1CInterop("ios")
-    }
-
-    iosSimulatorArm64 {
         secp256k1CInterop("ios")
+        compilations["main"].defaultSourceSet.dependsOn(nativeMain)
+        // https://youtrack.jetbrains.com/issue/KT-39396
+        compilations["main"].kotlinOptions.freeCompilerArgs += listOf("-include-binary", "$rootDir/native/build/ios/libsecp256k1.a")
     }
 
     sourceSets.all {
@@ -82,9 +80,9 @@ allprojects {
             val currentOs = OperatingSystem.current()
             val targets = when {
                 currentOs.isLinux -> listOf()
-                currentOs.isMacOsX -> listOf("linuxX64")
+                currentOs.isMacOsX -> listOf("linux")
-                currentOs.isWindows -> listOf("linuxX64")
+                currentOs.isWindows -> listOf("linux")
-                else -> listOf("linuxX64")
+                else -> listOf("linux")
             }.mapNotNull { kotlin.targets.findByName(it) as? KotlinNativeTarget }
 
             configure(targets) {

jni/android/src/main/java/fr/acinq/secp256k1/jni/NativeSecp256k1AndroidLoader.kt

@@ -6,10 +6,11 @@ import fr.acinq.secp256k1.NativeSecp256k1
 import java.util.*
 
 public object NativeSecp256k1AndroidLoader {
+
     @JvmStatic
     @Synchronized
     @Throws(Exception::class)
-    public fun load(): Secp256k1 {
+    fun load(): Secp256k1 {
         try {
             System.loadLibrary("secp256k1-jni")
             return NativeSecp256k1
@@ -26,4 +27,5 @@ public object NativeSecp256k1AndroidLoader {
 
         }
     }
+
 }

native/build-ios.sh

@@ -9,10 +9,7 @@ cd secp256k1
 sh xconfigure.sh --enable-experimental --enable-module_ecdh --enable-module-recovery --enable-module-schnorrsig --enable-benchmark=no --enable-shared=no --enable-exhaustive-tests=no --enable-tests=no
 
 mkdir -p ../build/ios
-cp -v _build/universal/ios/* ../build/ios/
+cp -v _build/universal/* ../build/ios/
-
-mkdir -p ../build/iosSimulatorArm64
-cp -v _build/universal/iosSimulatorArm64/* ../build/iosSimulatorArm64/
 
 rm -rf _build
 make clean

native/xconfigure.sh

@@ -69,22 +69,9 @@ HOST_FLAGS="${ARCH_FLAGS} -mios-simulator-version-min=${MIN_IOS_VERSION} -isysro
 CHOST="x86_64-apple-darwin"
 Build "$@"
 
-## Build for iphone M1/M2/Mx simulators
-SDK="iphonesimulator"
-PLATFORM="arm64-sim"
-PLATFORM_SIM_ARM=${PLATFORM}
-ARCH_FLAGS="-arch arm64"
-HOST_FLAGS="${ARCH_FLAGS} -mios-simulator-version-min=${MIN_IOS_VERSION} -isysroot $(xcrun --sdk ${SDK} --show-sdk-path)"
-CHOST="arm-apple-darwin"
-Build "$@"
-
 # Create universal binary
 cd "${PLATFORMS}/${PLATFORM_ARM}/lib"
 LIB_NAME=`find . -iname *.a`
 cd -
-mkdir -p "${UNIVERSAL}/ios" &> /dev/null
+mkdir -p "${UNIVERSAL}" &> /dev/null
-mkdir -p "${UNIVERSAL}/iosSimulatorArm64" &> /dev/null
+lipo -create -output "${UNIVERSAL}/${LIB_NAME}" "${PLATFORMS}/${PLATFORM_ARM}/lib/${LIB_NAME}" "${PLATFORMS}/${PLATFORM_ISIM}/lib/${LIB_NAME}"
-lipo -create -output "${UNIVERSAL}/ios/${LIB_NAME}" "${PLATFORMS}/${PLATFORM_ARM}/lib/${LIB_NAME}" "${PLATFORMS}/${PLATFORM_ISIM}/lib/${LIB_NAME}"
-
-# create a specific library for arm64 simulator: it cannot be included in the lib above which already contains an arm64 lib
-lipo -create -output "${UNIVERSAL}/iosSimulatorArm64/${LIB_NAME}" "${PLATFORMS}/${PLATFORM_SIM_ARM}/lib/${LIB_NAME}"

publishing/secp256k1-kmp-snapshot-deploy.sh

@@ -21,9 +21,9 @@ mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/conte
   -Djavadoc=$ARTIFACT_ID_BASE-$VERSION-javadoc.jar
 popd
 pushd .
-for i in iosarm64 iossimulatorarm64 iosx64 jni-android jni-common jni-jvm-darwin jni-jvm-extract jni-jvm-linux jni-jvm-mingw jni-jvm jvm linuxx64; do
+for i in iosarm64 iosx64 jni-android jni-common jni-jvm-darwin jni-jvm-extract jni-jvm-linux jni-jvm-mingw jni-jvm jvm linux; do
   cd fr/acinq/secp256k1/secp256k1-kmp-$i/$VERSION
-  if [ $i == iosarm64 ] || [ $i == iossimulatorarm64 ] || [ $i == iosx64 ]; then
+  if [ $i == iosarm64 ] || [ $i == iosx64 ]; then
     mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/content/repositories/snapshots/ \
       -DpomFile=$ARTIFACT_ID_BASE-$i-$VERSION.pom \
       -Dfile=$ARTIFACT_ID_BASE-$i-$VERSION.klib \
@@ -32,7 +32,7 @@ for i in iosarm64 iossimulatorarm64 iosx64 jni-android jni-common jni-jvm-darwin
       -Dclassifiers=metadata,,cinterop-libsecp256k1 \
       -Dsources=$ARTIFACT_ID_BASE-$i-$VERSION-sources.jar \
       -Djavadoc=$ARTIFACT_ID_BASE-$i-$VERSION-javadoc.jar
-  elif [ $i == linuxx64 ]; then
+  elif [ $i == linux ]; then
     mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/content/repositories/snapshots/ \
       -DpomFile=$ARTIFACT_ID_BASE-$i-$VERSION.pom \
       -Dfile=$ARTIFACT_ID_BASE-$i-$VERSION.klib \

src/commonMain/kotlin/fr/acinq/secp256k1/Secp256k1.kt

@@ -166,7 +166,17 @@ public interface Secp256k1 {
 
 internal expect fun getSecpk256k1(): Secp256k1
 
-public class Secp256k1Exception : RuntimeException {
+public open class Secp256k1Exception : RuntimeException {
+    public constructor() : super()
+    public constructor(message: String?) : super(message)
+}
+
+public class Secp256k1ErrorCallbackException : Secp256k1Exception {
+    public constructor() : super()
+    public constructor(message: String?) : super(message)
+}
+
+public class Secp256k1IllegalCallbackException : Secp256k1Exception {
     public constructor() : super()
     public constructor(message: String?) : super(message)
 }

src/nativeInterop/cinterop/libsecp256k1.def

@@ -3,12 +3,8 @@ package = secp256k1
 headers = secp256k1.h secp256k1_ecdh.h secp256k1_recovery.h secp256k1_extrakeys.h secp256k1_schnorrsig.h
 headerFilter = secp256k1/** secp256k1_ecdh.h secp256k1_recovery.h secp256k1_extrakeys.h secp256k1_schnorrsig.h secp256k1.h
 
-staticLibraries.linux = libsecp256k1.a
+libraryPaths.linux = c/secp256k1/build/linux/
-libraryPaths.linux = c/secp256k1/build/linux/ native/build/linux/ native/build/darwin/
 linkerOpts.linux = -L/usr/lib64 -L/usr/lib/x86_64-linux-gnu -L/usr/local/lib
 
-staticLibraries.ios = libsecp256k1.a
+libraryPaths.ios = c/secp256k1/build/ios/ /usr/local/lib
-libraryPaths.ios_x64 = c/secp256k1/build/ios/ /usr/local/lib native/build/ios/
-libraryPaths.ios_arm64 = c/secp256k1/build/ios/ /usr/local/lib native/build/ios/
-libraryPaths.ios_simulator_arm64 = c/secp256k1/build/ios/ /usr/local/lib native/build/iosSimulatorArm64/
 linkerOpts.ios = -framework Security -framework Foundation

src/nativeMain/kotlin/fr/acinq/secp256k1/Secp256k1Native.kt

@@ -4,15 +4,67 @@ import kotlinx.cinterop.*
 import platform.posix.size_tVar
 import secp256k1.*
 
-@OptIn(ExperimentalUnsignedTypes::class, ExperimentalForeignApi::class)
+private typealias Secp256k1CallbackHandler = (String) -> Unit
+
+@OptIn(ExperimentalStdlibApi::class)
+private class CallbackHandler(ctx: CPointer<secp256k1_context>) : AutoCloseable {
+    var illegalCallBackMessage: String? = null
+    val illegalHandler: Secp256k1CallbackHandler = { x: String -> illegalCallBackMessage = x }
+    val illegalCallbackRef = StableRef.create(illegalHandler)
+    var errorCallBackMessage: String? = null
+    val errorHandler: Secp256k1CallbackHandler = { x: String -> errorCallBackMessage = x }
+    val errorCallbackRef = StableRef.create(errorHandler)
+
+    init {
+        secp256k1_context_set_error_callback(
+            ctx, staticCFunction { buffer: CPointer<ByteVar>?, data: COpaquePointer? ->
+                if (data != null) {
+                    val callback = data.asStableRef<Secp256k1CallbackHandler>().get()
+                    callback(buffer?.toKString() ?: "error callback triggered")
+                }
+            },
+            errorCallbackRef.asCPointer()
+        )
+        secp256k1_context_set_illegal_callback(
+            ctx, staticCFunction { buffer: CPointer<ByteVar>?, data: COpaquePointer? ->
+                if (data != null) {
+                    val callback = data.asStableRef<Secp256k1CallbackHandler>().get()
+                    callback(buffer?.toKString() ?: "illegal callback triggered")
+                }
+            },
+            illegalCallbackRef.asCPointer()
+        )
+    }
+
+    fun checkForErrors() {
+        errorCallBackMessage?.let { throw Secp256k1ErrorCallbackException(it) }
+        illegalCallBackMessage?.let { throw Secp256k1IllegalCallbackException(it) }
+    }
+
+    override fun close() {
+        // StableRef instances have to be disposed of manually
+        illegalCallbackRef.dispose()
+        errorCallbackRef.dispose()
+    }
+}
+
+@OptIn(ExperimentalUnsignedTypes::class, ExperimentalStdlibApi::class)
 public object Secp256k1Native : Secp256k1 {
 
     private val ctx: CPointer<secp256k1_context> by lazy {
+
         secp256k1_context_create((SECP256K1_FLAGS_TYPE_CONTEXT or SECP256K1_FLAGS_BIT_CONTEXT_SIGN or SECP256K1_FLAGS_BIT_CONTEXT_VERIFY).toUInt())
             ?: error("Could not create secp256k1 context")
     }
 
-    private fun Int.requireSuccess(message: String): Int = if (this != 1) throw Secp256k1Exception(message) else this
+    private fun Int.requireSuccess(message: String): Int {
+        return if (this != 1) throw Secp256k1Exception(message) else this
+    }
+
+    private fun Int.requireSuccess(callbackHandler: CallbackHandler, message: String): Int {
+        callbackHandler.checkForErrors()
+        return if (this != 1) throw Secp256k1Exception(message) else this
+    }
 
     private fun MemScope.allocSignature(input: ByteArray): secp256k1_ecdsa_signature {
         val sig = alloc<secp256k1_ecdsa_signature>()
@@ -58,173 +110,209 @@ public object Secp256k1Native : Secp256k1 {
     public override fun verify(signature: ByteArray, message: ByteArray, pubkey: ByteArray): Boolean {
         require(message.size == 32)
         require(pubkey.size == 33 || pubkey.size == 65)
-        memScoped {
+        CallbackHandler(ctx).use { callbackHandler ->
-            val nPubkey = allocPublicKey(pubkey)
+            memScoped {
-            val nMessage = toNat(message)
+                val nPubkey = allocPublicKey(pubkey)
-            val nSig = allocSignature(signature)
+                val nMessage = toNat(message)
-            return secp256k1_ecdsa_verify(ctx, nSig.ptr, nMessage, nPubkey.ptr) == 1
+                val nSig = allocSignature(signature)
+                val verify = secp256k1_ecdsa_verify(ctx, nSig.ptr, nMessage, nPubkey.ptr)
+                callbackHandler.checkForErrors()
+                return verify == 1
+            }
         }
     }
 
     public override fun sign(message: ByteArray, privkey: ByteArray): ByteArray {
         require(privkey.size == 32)
         require(message.size == 32)
-        memScoped {
+        CallbackHandler(ctx).use { callbackHandler ->
-            val nPrivkey = toNat(privkey)
+            memScoped {
-            val nMessage = toNat(message)
+                val nPrivkey = toNat(privkey)
-            val nSig = alloc<secp256k1_ecdsa_signature>()
+                val nMessage = toNat(message)
-            secp256k1_ecdsa_sign(ctx, nSig.ptr, nMessage, nPrivkey, null, null).requireSuccess("secp256k1_ecdsa_sign() failed")
+                val nSig = alloc<secp256k1_ecdsa_signature>()
-            return serializeSignature(nSig)
+                secp256k1_ecdsa_sign(ctx, nSig.ptr, nMessage, nPrivkey, null, null).requireSuccess(callbackHandler, "secp256k1_ecdsa_sign() failed")
+                return serializeSignature(nSig)
+            }
         }
     }
 
     public override fun signatureNormalize(sig: ByteArray): Pair<ByteArray, Boolean> {
-        require(sig.size >= 64){ "invalid signature ${Hex.encode(sig)}" }
+        require(sig.size >= 64) { "invalid signature ${Hex.encode(sig)}" }
-        memScoped {
+        CallbackHandler(ctx).use { callbackHandler ->
-            val nSig = allocSignature(sig)
+            memScoped {
-            val isHighS = secp256k1_ecdsa_signature_normalize(ctx, nSig.ptr, nSig.ptr)
+                val nSig = allocSignature(sig)
-            return Pair(serializeSignature(nSig), isHighS == 1)
+                val isHighS = secp256k1_ecdsa_signature_normalize(ctx, nSig.ptr, nSig.ptr)
+                callbackHandler.checkForErrors()
+                return Pair(serializeSignature(nSig), isHighS == 1)
+            }
         }
     }
 
     public override fun secKeyVerify(privkey: ByteArray): Boolean {
         if (privkey.size != 32) return false
-        memScoped {
+        CallbackHandler(ctx).use { callbackHandler ->
-            val nPrivkey = toNat(privkey)
+            memScoped {
-            return secp256k1_ec_seckey_verify(ctx, nPrivkey) == 1
+                val nPrivkey = toNat(privkey)
+                val result = secp256k1_ec_seckey_verify(ctx, nPrivkey) == 1
+                callbackHandler.checkForErrors()
+                return result
+            }
         }
     }
 
     public override fun pubkeyCreate(privkey: ByteArray): ByteArray {
         require(privkey.size == 32)
-        memScoped {
+        CallbackHandler(ctx).use { callbackHandler ->
-            val nPrivkey = toNat(privkey)
+            memScoped {
-            val nPubkey = alloc<secp256k1_pubkey>()
+                val nPrivkey = toNat(privkey)
-            secp256k1_ec_pubkey_create(ctx, nPubkey.ptr, nPrivkey).requireSuccess("secp256k1_ec_pubkey_create() failed")
+                val nPubkey = alloc<secp256k1_pubkey>()
-            return serializePubkey(nPubkey)
+                secp256k1_ec_pubkey_create(ctx, nPubkey.ptr, nPrivkey).requireSuccess(callbackHandler, "secp256k1_ec_pubkey_create() failed")
+                return serializePubkey(nPubkey)
+            }
         }
     }
 
     public override fun pubkeyParse(pubkey: ByteArray): ByteArray {
         require(pubkey.size == 33 || pubkey.size == 65)
-        memScoped {
+        CallbackHandler(ctx).use { callbackHandler ->
-            val nPubkey = allocPublicKey(pubkey)
+            memScoped {
-            return serializePubkey(nPubkey)
+                val nPubkey = allocPublicKey(pubkey)
+                val result = serializePubkey(nPubkey)
+                callbackHandler.checkForErrors()
+                return result
+            }
         }
     }
 
     public override fun privKeyNegate(privkey: ByteArray): ByteArray {
         require(privkey.size == 32)
-        memScoped {
+        CallbackHandler(ctx).use { callbackHandler ->
-            val negated = privkey.copyOf()
+            memScoped {
-            val negPriv = toNat(negated)
+                val negated = privkey.copyOf()
-            secp256k1_ec_seckey_negate(ctx, negPriv).requireSuccess("secp256k1_ec_seckey_negate() failed")
+                val negPriv = toNat(negated)
-            return negated
+                secp256k1_ec_seckey_negate(ctx, negPriv).requireSuccess(callbackHandler, "secp256k1_ec_seckey_negate() failed")
+                return negated
+            }
         }
     }
 
     public override fun privKeyTweakAdd(privkey: ByteArray, tweak: ByteArray): ByteArray {
         require(privkey.size == 32)
-        require(tweak.size == 32)
+        CallbackHandler(ctx).use { callbackHandler ->
-        memScoped {
+            memScoped {
-            val added = privkey.copyOf()
+                val added = privkey.copyOf()
-            val natAdd = toNat(added)
+                val natAdd = toNat(added)
-            val natTweak = toNat(tweak)
+                val natTweak = toNat(tweak)
-            secp256k1_ec_seckey_tweak_add(ctx, natAdd, natTweak).requireSuccess("secp256k1_ec_seckey_tweak_add() failed")
+                secp256k1_ec_seckey_tweak_add(ctx, natAdd, natTweak).requireSuccess(callbackHandler, "secp256k1_ec_seckey_tweak_add() failed")
-            return added
+                return added
+            }
         }
     }
 
     public override fun privKeyTweakMul(privkey: ByteArray, tweak: ByteArray): ByteArray {
         require(privkey.size == 32)
-        require(tweak.size == 32)
+        CallbackHandler(ctx).use { callbackHandler ->
-        memScoped {
+            memScoped {
-            val multiplied = privkey.copyOf()
+                val multiplied = privkey.copyOf()
-            val natMul = toNat(multiplied)
+                val natMul = toNat(multiplied)
-            val natTweak = toNat(tweak)
+                val natTweak = toNat(tweak)
-            secp256k1_ec_privkey_tweak_mul(ctx, natMul, natTweak).requireSuccess("secp256k1_ec_privkey_tweak_mul() failed")
+                secp256k1_ec_privkey_tweak_mul(ctx, natMul, natTweak).requireSuccess(callbackHandler, "secp256k1_ec_privkey_tweak_mul() failed")
-            return multiplied
+                return multiplied
+            }
         }
     }
 
     public override fun pubKeyNegate(pubkey: ByteArray): ByteArray {
         require(pubkey.size == 33 || pubkey.size == 65)
-        memScoped {
+        CallbackHandler(ctx).use { callbackHandler ->
-            val nPubkey = allocPublicKey(pubkey)
+            memScoped {
-            secp256k1_ec_pubkey_negate(ctx, nPubkey.ptr).requireSuccess("secp256k1_ec_pubkey_negate() failed")
+                val nPubkey = allocPublicKey(pubkey)
-            return serializePubkey(nPubkey)
+                secp256k1_ec_pubkey_negate(ctx, nPubkey.ptr).requireSuccess(callbackHandler, "secp256k1_ec_pubkey_negate() failed")
+                return serializePubkey(nPubkey)
+            }
         }
     }
 
     public override fun pubKeyTweakAdd(pubkey: ByteArray, tweak: ByteArray): ByteArray {
         require(pubkey.size == 33 || pubkey.size == 65)
-        require(tweak.size == 32)
+        CallbackHandler(ctx).use { callbackHandler ->
-        memScoped {
+            memScoped {
-            val nPubkey = allocPublicKey(pubkey)
+                val nPubkey = allocPublicKey(pubkey)
-            val nTweak = toNat(tweak)
+                val nTweak = toNat(tweak)
-            secp256k1_ec_pubkey_tweak_add(ctx, nPubkey.ptr, nTweak).requireSuccess("secp256k1_ec_pubkey_tweak_add() failed")
+                secp256k1_ec_pubkey_tweak_add(ctx, nPubkey.ptr, nTweak).requireSuccess(callbackHandler, "secp256k1_ec_pubkey_tweak_add() failed")
-            return serializePubkey(nPubkey)
+                return serializePubkey(nPubkey)
+            }
         }
     }
 
     public override fun pubKeyTweakMul(pubkey: ByteArray, tweak: ByteArray): ByteArray {
         require(pubkey.size == 33 || pubkey.size == 65)
-        require(tweak.size == 32)
+        CallbackHandler(ctx).use { callbackHandler ->
-        memScoped {
+            memScoped {
-            val nPubkey = allocPublicKey(pubkey)
+                val nPubkey = allocPublicKey(pubkey)
-            val nTweak = toNat(tweak)
+                val nTweak = toNat(tweak)
-            secp256k1_ec_pubkey_tweak_mul(ctx, nPubkey.ptr, nTweak).requireSuccess("secp256k1_ec_pubkey_tweak_mul() failed")
+                secp256k1_ec_pubkey_tweak_mul(ctx, nPubkey.ptr, nTweak).requireSuccess(callbackHandler, "secp256k1_ec_pubkey_tweak_mul() failed")
-            return serializePubkey(nPubkey)
+                return serializePubkey(nPubkey)
+            }
         }
     }
 
     public override fun pubKeyCombine(pubkeys: Array<ByteArray>): ByteArray {
-        require(pubkeys.isNotEmpty())
         pubkeys.forEach { require(it.size == 33 || it.size == 65) }
-        memScoped {
+        CallbackHandler(ctx).use { callbackHandler ->
-            val nPubkeys = pubkeys.map { allocPublicKey(it).ptr }
+            memScoped {
-            val combined = alloc<secp256k1_pubkey>()
+                val nPubkeys = pubkeys.map { allocPublicKey(it).ptr }
-            secp256k1_ec_pubkey_combine(ctx, combined.ptr, nPubkeys.toCValues(), pubkeys.size.convert()).requireSuccess("secp256k1_ec_pubkey_combine() failed")
+                val combined = alloc<secp256k1_pubkey>()
-            return serializePubkey(combined)
+                secp256k1_ec_pubkey_combine(ctx, combined.ptr, nPubkeys.toCValues(), pubkeys.size.convert()).requireSuccess(callbackHandler, "secp256k1_ec_pubkey_combine() failed")
+                return serializePubkey(combined)
+            }
         }
     }
 
     public override fun ecdh(privkey: ByteArray, pubkey: ByteArray): ByteArray {
         require(privkey.size == 32)
         require(pubkey.size == 33 || pubkey.size == 65)
-        memScoped {
+        CallbackHandler(ctx).use { callbackHandler ->
-            val nPubkey = allocPublicKey(pubkey)
+            memScoped {
-            val nPrivkey = toNat(privkey)
+                val nPubkey = allocPublicKey(pubkey)
-            val output = allocArray<UByteVar>(32)
+                val nPrivkey = toNat(privkey)
-            secp256k1_ecdh(ctx, output, nPubkey.ptr, nPrivkey, null, null).requireSuccess("secp256k1_ecdh() failed")
+                val output = allocArray<UByteVar>(32)
-            return output.readBytes(32)
+                secp256k1_ecdh(ctx, output, nPubkey.ptr, nPrivkey, null, null).requireSuccess(callbackHandler, "secp256k1_ecdh() failed")
+                return output.readBytes(32)
+            }
         }
     }
 
     public override fun ecdsaRecover(sig: ByteArray, message: ByteArray, recid: Int): ByteArray {
         require(sig.size == 64)
         require(message.size == 32)
-        require(recid in 0..3)
+        // we do not check that recid is valid, which should trigger our illegal callback handler to throw a Secp256k1IllegalCallbackException
-        memScoped {
+        // require(recid in 0..3)
-            val nSig = toNat(sig)
+
-            val rSig = alloc<secp256k1_ecdsa_recoverable_signature>()
+        CallbackHandler(ctx).use { callbackHandler ->
-            secp256k1_ecdsa_recoverable_signature_parse_compact(ctx, rSig.ptr, nSig, recid).requireSuccess("secp256k1_ecdsa_recoverable_signature_parse_compact() failed")
+            memScoped {
-            val nMessage = toNat(message)
+                val nSig = toNat(sig)
-            val pubkey = alloc<secp256k1_pubkey>()
+                val rSig = alloc<secp256k1_ecdsa_recoverable_signature>()
-            secp256k1_ecdsa_recover(ctx, pubkey.ptr, rSig.ptr, nMessage).requireSuccess("secp256k1_ecdsa_recover() failed")
+                secp256k1_ecdsa_recoverable_signature_parse_compact(ctx, rSig.ptr, nSig, recid).requireSuccess(callbackHandler, "secp256k1_ecdsa_recoverable_signature_parse_compact() failed")
-            return serializePubkey(pubkey)
+                val nMessage = toNat(message)
+                val pubkey = alloc<secp256k1_pubkey>()
+                secp256k1_ecdsa_recover(ctx, pubkey.ptr, rSig.ptr, nMessage).requireSuccess(callbackHandler, "secp256k1_ecdsa_recover() failed")
+                return serializePubkey(pubkey)
+            }
         }
     }
 
     public override fun compact2der(sig: ByteArray): ByteArray {
         require(sig.size == 64)
-        memScoped {
+        CallbackHandler(ctx).use { callbackHandler ->
-            val nSig = allocSignature(sig)
+            memScoped {
-            val natOutput = allocArray<UByteVar>(73)
+                val nSig = allocSignature(sig)
-            val len = alloc<size_tVar>()
+                val natOutput = allocArray<UByteVar>(73)
-            len.value = 73.convert()
+                val len = alloc<size_tVar>()
-            secp256k1_ecdsa_signature_serialize_der(ctx, natOutput, len.ptr, nSig.ptr).requireSuccess("secp256k1_ecdsa_signature_serialize_der() failed")
+                len.value = 73.convert()
-            return natOutput.readBytes(len.value.toInt())
+                secp256k1_ecdsa_signature_serialize_der(ctx, natOutput, len.ptr, nSig.ptr).requireSuccess(callbackHandler, "secp256k1_ecdsa_signature_serialize_der() failed")
+                return natOutput.readBytes(len.value.toInt())
+            }
         }
     }
 
@@ -232,13 +320,15 @@ public object Secp256k1Native : Secp256k1 {
         require(signature.size == 64)
         require(data.size == 32)
         require(pub.size == 32)
-        memScoped {
+        CallbackHandler(ctx).use { callbackHandler ->
-            val nPub = toNat(pub)
+            memScoped {
-            val pubkey = alloc<secp256k1_xonly_pubkey>()
+                val nPub = toNat(pub)
-            secp256k1_xonly_pubkey_parse(ctx, pubkey.ptr, nPub).requireSuccess("secp256k1_xonly_pubkey_parse() failed")
+                val pubkey = alloc<secp256k1_xonly_pubkey>()
-            val nData = toNat(data)
+                secp256k1_xonly_pubkey_parse(ctx, pubkey.ptr, nPub).requireSuccess(callbackHandler, "secp256k1_xonly_pubkey_parse() failed")
-            val nSig = toNat(signature)
+                val nData = toNat(data)
-            return secp256k1_schnorrsig_verify(ctx, nSig, nData, 32u, pubkey.ptr) == 1
+                val nSig = toNat(signature)
+                return secp256k1_schnorrsig_verify(ctx, nSig, nData, 32u, pubkey.ptr) == 1
+            }
         }
     }
 
@@ -246,15 +336,17 @@ public object Secp256k1Native : Secp256k1 {
         require(sec.size == 32)
         require(data.size == 32)
         auxrand32?.let { require(it.size == 32) }
-        memScoped {
+        CallbackHandler(ctx).use { callbackHandler ->
-            val nSec = toNat(sec)
+            memScoped {
-            val nData = toNat(data)
+                val nSec = toNat(sec)
-            val nAuxrand32 = auxrand32?.let { toNat(it) }
+                val nData = toNat(data)
-            val nSig = allocArray<UByteVar>(64)
+                val nAuxrand32 = auxrand32?.let { toNat(it) }
-            val keypair = alloc<secp256k1_keypair>()
+                val nSig = allocArray<UByteVar>(64)
-            secp256k1_keypair_create(ctx, keypair.ptr, nSec).requireSuccess("secp256k1_keypair_create() failed")
+                val keypair = alloc<secp256k1_keypair>()
-            secp256k1_schnorrsig_sign32(ctx, nSig, nData, keypair.ptr, nAuxrand32).requireSuccess("secp256k1_ecdsa_sign() failed")
+                secp256k1_keypair_create(ctx, keypair.ptr, nSec).requireSuccess(callbackHandler, "secp256k1_keypair_create() failed")
-            return nSig.readBytes(64)
+                secp256k1_schnorrsig_sign32(ctx, nSig, nData, keypair.ptr, nAuxrand32).requireSuccess(callbackHandler, "secp256k1_ecdsa_sign() failed")
+                return nSig.readBytes(64)
+            }
         }
     }
     

tests/build.gradle.kts

@@ -1,3 +1,4 @@
+
 plugins {
     kotlin("multiplatform")
     if (System.getProperty("includeAndroid")?.toBoolean() == true) {
@@ -35,14 +36,14 @@ kotlin {
     }
 
     if (includeAndroid) {
-        androidTarget {
+        android {
             compilations.all {
                 kotlinOptions.jvmTarget = "1.8"
             }
             sourceSets["androidMain"].dependencies {
                 implementation(project(":jni:android"))
             }
-            sourceSets["androidUnitTest"].dependencies {
+            sourceSets["androidTest"].dependencies {
                 implementation(kotlin("test-junit"))
                 implementation("androidx.test.ext:junit:1.1.2")
                 implementation("androidx.test.espresso:espresso-core:3.3.0")
@@ -50,18 +51,17 @@ kotlin {
         }
     }
 
-    linuxX64()
+    linuxX64("linux")
-    iosX64()
+
-    iosArm64()
+    ios()
-    iosSimulatorArm64()
 }
 
 val includeAndroid = System.getProperty("includeAndroid")?.toBoolean() ?: true
 if (includeAndroid) {
     extensions.configure<com.android.build.gradle.LibraryExtension>("android") {
         defaultConfig {
-            compileSdk = 30
+            compileSdkVersion(30)
-            minSdk = 21
+            minSdkVersion(21)
             testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
         }
 

tests/src/commonTest/kotlin/fr/acinq/secp256k1/Secp256k1Test.kt

@@ -275,6 +275,11 @@ class Secp256k1Test {
         val pub0 = Secp256k1.ecdsaRecover(sig, message, 0)
         val pub1 = Secp256k1.ecdsaRecover(sig, message, 1)
         assertTrue(pub.contentEquals(pub0) || pub.contentEquals(pub1))
+
+        // this is a special case, ecdsaRecover explicitly does not check that recid is valid, which triggers our illegal callback handler
+        assertFailsWith(Secp256k1IllegalCallbackException::class) {
+            Secp256k1.ecdsaRecover(sig, message, 4)
+        }
     }
 
     @Test
@@ -352,38 +357,6 @@ class Secp256k1Test {
         }
     }
 
-    @Test
-    fun testInvalidArguments() {
-        assertFails {
-            Secp256k1.pubkeyCreate(ByteArray(32))
-        }
-        assertFails {
-            Secp256k1.pubkeyCreate(Hex.decode("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"))
-        }
-        assertFails {
-            Secp256k1.pubkeyParse(ByteArray(33))
-        }
-        assertFails {
-            Secp256k1.pubkeyParse(Hex.decode("03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"))
-        }
-        assertFails {
-            Secp256k1.pubKeyCombine(arrayOf())
-        }
-        assertFails {
-            Secp256k1.pubKeyCombine(arrayOf(ByteArray(0)))
-        }
-        assertFails {
-            Secp256k1.signSchnorr(ByteArray(0), Hex.decode("0101010101010101010101010101010101010101010101010101010101010101"), null)
-        }
-        assertFails {
-            Secp256k1.ecdsaRecover(
-                Hex.decode("01010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101"),
-                Hex.decode("0202020202020202020202020202020202020202020202020202020202020202"),
-                -1
-            )
-        }
-    }
-
     @Test
     fun fuzzEcdsaSignVerify() {
         val random = Random.Default