Use local secp256k1 callbacks in kotlin native code

These callbacks are only triggered either by arguments do not match explicit rquirements of the sepc256k1 library, or by hardware failures, memory corruption
or bug in secp256k1, and not by misuse of the library.
In theory we do not need to implement them, except to find bugs in our own code, but the default callbacks print a message to stderr and call abort() which
is not nice especially on mobile apps.

=> Here we introduce 2 specific exceptions, Secp256k1ErrorCallbackException and Secp256k1IllegalCallbackException, which are thrown when the error callback or illegal callback are called.

.github/workflows/release.yml

@@ -28,20 +28,60 @@ jobs:
           path: ~/.gradle
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }}-${{ hashFiles('**/gradle/wrapper/gradle-wrapper.properties') }}
           restore-keys: ${{ runner.os }}-gradle-
+      - name: Android environment
+        if: matrix.os != 'windows-latest'
+        shell: bash
+        run: |
+          echo "ANDROID_HOME=$ANDROID_HOME" >> $GITHUB_ENV
+          echo "ANDROID_NDK_VERSION=25.2.9519653" >> $GITHUB_ENV
+      - name: Cached Android NDK
+        if: matrix.os != 'windows-latest'
+        uses: actions/cache@v2
+        with:
+          path: ${{ format('{0}/ndk/{1}', env.ANDROID_HOME, env.ANDROID_NDK_VERSION) }}
+          key: ${{ runner.os }}-android-ndk-${{ env.ANDROID_NDK_VERSION }}
+      - name: Set up shell
+        if: matrix.os == 'windows-latest'
+        run: |
+          echo "C:\msys64\usr\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
+          rm.exe "C:/WINDOWS/system32/bash.EXE"
+      - name: Install Automake
+        if: matrix.os == 'macOS-latest'
+        run: brew install automake
+      - name: Install Automake (windows)
+        if: matrix.os == 'windows-latest'
+        uses: msys2/setup-msys2@v2
+        with:
+          path-type: minimal
+          update: true
+          install: >-
+            base-devel
+            autotools
+            mingw-w64-x86_64-gcc
+      - name: Set up JDK 8
+        uses: actions/setup-java@v1
+        with:
+          java-version: 8
+      - name: Setup Android
+        if: matrix.os != 'windows-latest'
+        shell: bash
+        run: |
+          $ANDROID_HOME/tools/bin/sdkmanager "ndk;$ANDROID_NDK_VERSION"
+      - name: Setup Android
+        if: matrix.os == 'windows-latest'
+        shell: msys2 {0}
+        run: |
+          echo "skip.android=true" > local.properties
       - name: Set up JDK 11
         uses: actions/setup-java@v1
         with:
           java-version: 11
-      - name: Install Automake
-        if: matrix.os == 'macOS-latest'
-        run: brew install automake
-      - name: Set up shell
-        if: matrix.os == 'windows-latest'
-        run: |
-          echo ::add-path::C:\msys64\usr\bin\
-          rm.exe "C:/WINDOWS/system32/bash.EXE"
       - name: Check JVM
-        shell: bash
+        if: matrix.os != 'windows-latest'
+        run: ./gradlew jvmTest
+      - name: Check JVM (Windows)
+        if: matrix.os == 'windows-latest'
+        shell: msys2 {0}
         run: ./gradlew jvmTest
       - name: Check Linux
         if: matrix.os == 'ubuntu-latest'
@@ -55,34 +95,31 @@ jobs:
         if: matrix.os == 'macOS-latest'
         uses: reactivecircus/android-emulator-runner@v2
         with:
-          api-level: 29
-          ndk: 21.3.6528147
-          cmake: 3.10.2.4988404
+          api-level: 27
+          emulator-options: -no-snapshot-save -no-window -gpu swiftshader_indirect -noaudio -no-boot-anim -camera-back none
+          ndk: ${{ env.ANDROID_NDK_VERSION }}
+          cmake: 3.22.1
           script: ./gradlew connectedCheck
       - name: Publish Linux
         if: matrix.os == 'ubuntu-latest'
-        env:
-          BINTRAY_USER: ${{ secrets.bintray_user }}
-          BINTRAY_APIKEY: ${{ secrets.bintray_apikey }}
         shell: bash
-        run: ./gradlew publishLinuxPublicationToBintrayRepository :jni:jvm:linux:publishJvmPublicationToBintrayRepository
+        run: ./gradlew publishLinuxPublicationToMavenLocal :jni:jvm:linux:publishJvmPublicationToMavenLocal
       - name: Publish Windows
         if: matrix.os == 'windows-latest'
-        env:
-          BINTRAY_USER: ${{ secrets.bintray_user }}
-          BINTRAY_APIKEY: ${{ secrets.bintray_apikey }}
-        shell: bash
-        run: ./gradlew :jni:jvm:mingw:publishJvmPublicationToBintrayRepository
+        shell: msys2 {0}
+        run: ./gradlew :jni:jvm:mingw:publishToMavenLocal
       - name: Publish MacOS
         if: matrix.os == 'macOS-latest'
-        env:
-          BINTRAY_USER: ${{ secrets.bintray_user }}
-          BINTRAY_APIKEY: ${{ secrets.bintray_apikey }}
         shell: bash
-        run: ./gradlew publish
-      - name: Discard
-        if: ${{ failure() || cancelled() }}
-        env:
-          BINTRAY_USER: ${{ secrets.bintray_user }}
-          BINTRAY_APIKEY: ${{ secrets.bintray_apikey }}
-        run: ./gradlew postBintrayDiscard
+        run: ./gradlew publishToMavenLocal
+      - name: Copy artifact files
+        run: |
+          mkdir -p maven-local/release
+          cp -r ~/.m2/repository/* maven-local/release
+      - name: Upload artifacts
+        uses: actions/upload-artifact@v2
+        with:
+          name: release
+          path: |
+            maven-local
+            !maven-local/**/maven-metadata-local.xml

.github/workflows/snapshot.yml

@@ -3,6 +3,7 @@ name: Publish snapshot
 on:
   push:
     branches:
+      - 'master'
       - 'snapshot/*'
     paths-ignore:
       - '**.md'
@@ -36,20 +37,60 @@ jobs:
           path: ~/.gradle
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }}-${{ hashFiles('**/gradle/wrapper/gradle-wrapper.properties') }}
           restore-keys: ${{ runner.os }}-gradle-
+      - name: Android environment
+        if: matrix.os != 'windows-latest'
+        shell: bash
+        run: |
+          echo "ANDROID_HOME=$ANDROID_HOME" >> $GITHUB_ENV
+          echo "ANDROID_NDK_VERSION=25.2.9519653" >> $GITHUB_ENV
+      - name: Cached Android NDK
+        if: matrix.os != 'windows-latest'
+        uses: actions/cache@v2
+        with:
+          path: ${{ format('{0}/ndk/{1}', env.ANDROID_HOME, env.ANDROID_NDK_VERSION) }}
+          key: ${{ runner.os }}-android-ndk-${{ env.ANDROID_NDK_VERSION }}
+      - name: Set up shell
+        if: matrix.os == 'windows-latest'
+        run: |
+          echo "C:\msys64\usr\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
+          rm.exe "C:/WINDOWS/system32/bash.EXE"
+      - name: Install Automake
+        if: matrix.os == 'macOS-latest'
+        run: brew install automake
+      - name: Install Automake (windows)
+        if: matrix.os == 'windows-latest'
+        uses: msys2/setup-msys2@v2
+        with:
+          path-type: minimal
+          update: true
+          install: >-
+            base-devel
+            autotools
+            mingw-w64-x86_64-gcc
+      - name: Set up JDK 8
+        uses: actions/setup-java@v1
+        with:
+          java-version: 8
+      - name: Setup Android
+        if: matrix.os != 'windows-latest'
+        shell: bash
+        run: |
+          $ANDROID_HOME/tools/bin/sdkmanager "ndk;$ANDROID_NDK_VERSION"
+      - name: Setup Android
+        if: matrix.os == 'windows-latest'
+        shell: msys2 {0}
+        run: |
+          echo "skip.android=true" > local.properties
       - name: Set up JDK 11
         uses: actions/setup-java@v1
         with:
           java-version: 11
-      - name: Install Automake
-        if: matrix.os == 'macOS-latest'
-        run: brew install automake
-      - name: Set up shell
-        if: matrix.os == 'windows-latest'
-        run: |
-          echo ::add-path::C:\msys64\usr\bin\
-          rm.exe "C:/WINDOWS/system32/bash.EXE"
       - name: Check JVM
-        shell: bash
+        if: matrix.os != 'windows-latest'
+        run: ./gradlew jvmTest
+      - name: Check JVM (Windows)
+        if: matrix.os == 'windows-latest'
+        shell: msys2 {0}
         run: ./gradlew jvmTest
       - name: Check Linux
         if: matrix.os == 'ubuntu-latest'
@@ -63,59 +104,32 @@ jobs:
         if: matrix.os == 'macOS-latest'
         uses: reactivecircus/android-emulator-runner@v2
         with:
-          api-level: 29
-          ndk: 21.3.6528147
-          cmake: 3.10.2.4988404
+          api-level: 27
+          emulator-options: -no-snapshot-save -no-window -gpu swiftshader_indirect -noaudio -no-boot-anim -camera-back none
+          ndk: ${{ env.ANDROID_NDK_VERSION }}
+          cmake: 3.22.1
           script: ./gradlew connectedCheck
       - name: Publish Linux
         if: matrix.os == 'ubuntu-latest'
-        env:
-          BINTRAY_USER: ${{ secrets.bintray_user }}
-          BINTRAY_APIKEY: ${{ secrets.bintray_apikey }}
         shell: bash
-        run: ./gradlew publishLinuxPublicationToBintrayRepository :jni:jvm:linux:publishJvmPublicationToBintrayRepository -PsnapshotNumber=${{ github.run_number }} -PgitRef=${{ github.ref }}
+        run: ./gradlew publishLinuxPublicationToMavenLocal :jni:jvm:linux:publishJvmPublicationToMavenLocal -PsnapshotNumber=${{ github.run_number }} -PgitRef=${{ github.ref }}
       - name: Publish Windows
         if: matrix.os == 'windows-latest'
-        env:
-          BINTRAY_USER: ${{ secrets.bintray_user }}
-          BINTRAY_APIKEY: ${{ secrets.bintray_apikey }}
-        shell: bash
-        run: ./gradlew :jni:jvm:mingw:publishJvmPublicationToBintrayRepository -PsnapshotNumber=${{ github.run_number }} -PgitRef=${{ github.ref }}
+        shell: msys2 {0}
+        run: ./gradlew :jni:jvm:mingw:publishToMavenLocal -PsnapshotNumber=${{ github.run_number }} -PgitRef=${{ github.ref }}
       - name: Publish MacOS
         if: matrix.os == 'macOS-latest'
-        env:
-          BINTRAY_USER: ${{ secrets.bintray_user }}
-          BINTRAY_APIKEY: ${{ secrets.bintray_apikey }}
         shell: bash
-        run: ./gradlew publish -PsnapshotNumber=${{ github.run_number }} -PgitRef=${{ github.ref }}
-      - name: Discard
-        if: ${{ failure() || cancelled() }}
-        env:
-          BINTRAY_USER: ${{ secrets.bintray_user }}
-          BINTRAY_APIKEY: ${{ secrets.bintray_apikey }}
-        run: ./gradlew postBintrayDiscard -PsnapshotNumber=${{ github.run_number }} -PgitRef=${{ github.ref }}
+        run: ./gradlew publishToMavenLocal -PsnapshotNumber=${{ github.run_number }} -PgitRef=${{ github.ref }}
+      - name: Copy artifact files
+        run: |
+          mkdir -p maven-local/snapshot
+          cp -r ~/.m2/repository/* maven-local/snapshot
+      - name: Upload artifacts
+        uses: actions/upload-artifact@v2
+        with:
+          name: snapshot
+          path: |
+            maven-local
+            !maven-local/**/maven-metadata-local.xml
 
-  publish:
-    name: Publish
-    needs: upload
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out
-        uses: actions/checkout@v2
-        with:
-          submodules: 'true'
-      - name: Cached Gradle
-        uses: actions/cache@v2
-        with:
-          path: ~/.gradle
-          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }}-${{ hashFiles('**/gradle/wrapper/gradle-wrapper.properties') }}
-          restore-keys: ${{ runner.os }}-gradle-
-      - name: Set up JDK 11
-        uses: actions/setup-java@v1
-        with:
-          java-version: 11
-      - name: Publish
-        env:
-          BINTRAY_USER: ${{ secrets.bintray_user }}
-          BINTRAY_APIKEY: ${{ secrets.bintray_apikey }}
-        run: ./gradlew postBintrayPublish -PsnapshotNumber=${{ github.run_number }} -PgitRef=${{ github.ref }}

.github/workflows/test.yml

@@ -10,7 +10,8 @@ on:
       - '!.github/workflows/test.yml'
   push:
     branches:
-      - 'master'
+      - '!master'
+      - '!snapshot/*'
     paths-ignore:
       - '**.md'
       - '**.adoc'
@@ -42,20 +43,60 @@ jobs:
           path: ~/.gradle
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }}-${{ hashFiles('**/gradle/wrapper/gradle-wrapper.properties') }}
           restore-keys: ${{ runner.os }}-gradle-
+      - name: Android environment
+        if: matrix.os != 'windows-latest'
+        shell: bash
+        run: |
+          echo "ANDROID_HOME=$ANDROID_HOME" >> $GITHUB_ENV
+          echo "ANDROID_NDK_VERSION=25.2.9519653" >> $GITHUB_ENV
+      - name: Cached Android NDK
+        if: matrix.os != 'windows-latest'
+        uses: actions/cache@v2
+        with:
+          path: ${{ format('{0}/ndk/{1}', env.ANDROID_HOME, env.ANDROID_NDK_VERSION) }}
+          key: ${{ runner.os }}-android-ndk-${{ env.ANDROID_NDK_VERSION }}
+      - name: Set up shell
+        if: matrix.os == 'windows-latest'
+        run: |
+          echo "C:\msys64\usr\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
+          rm.exe "C:/WINDOWS/system32/bash.EXE"
+      - name: Install Automake
+        if: matrix.os == 'macOS-latest'
+        run: brew install automake
+      - name: Install Automake (windows)
+        if: matrix.os == 'windows-latest'
+        uses: msys2/setup-msys2@v2
+        with:
+          path-type: minimal
+          update: true
+          install: >-
+            base-devel
+            autotools
+            mingw-w64-x86_64-gcc
+      - name: Set up JDK 8
+        uses: actions/setup-java@v1
+        with:
+          java-version: 8
+      - name: Setup Android
+        if: matrix.os != 'windows-latest'
+        shell: bash
+        run: |
+          $ANDROID_HOME/tools/bin/sdkmanager "ndk;$ANDROID_NDK_VERSION"
+      - name: Setup Android
+        if: matrix.os == 'windows-latest'
+        shell: msys2 {0}
+        run: |
+          echo "skip.android=true" > local.properties
       - name: Set up JDK 11
         uses: actions/setup-java@v1
         with:
           java-version: 11
-      - name: Install Automake
-        if: matrix.os == 'macOS-latest'
-        run: brew install automake
-      - name: Set up shell
-        if: matrix.os == 'windows-latest'
-        run: |
-          echo ::add-path::C:\msys64\usr\bin\
-          rm.exe "C:/WINDOWS/system32/bash.EXE"
       - name: Check JVM
-        shell: bash
+        if: matrix.os != 'windows-latest'
+        run: ./gradlew jvmTest
+      - name: Check JVM (Windows)
+        if: matrix.os == 'windows-latest'
+        shell: msys2 {0}
         run: ./gradlew jvmTest
       - name: Check Linux
         if: matrix.os == 'ubuntu-latest'
@@ -69,7 +110,8 @@ jobs:
         if: matrix.os == 'macOS-latest'
         uses: reactivecircus/android-emulator-runner@v2
         with:
-          api-level: 29
-          ndk: 21.3.6528147
-          cmake: 3.10.2.4988404
+          api-level: 27
+          emulator-options: -no-snapshot-save -no-window -gpu swiftshader_indirect -noaudio -no-boot-anim -camera-back none
+          ndk: ${{ env.ANDROID_NDK_VERSION }}
+          cmake: 3.22.1
           script: ./gradlew connectedCheck

README.md

@@ -1,19 +1,15 @@
+[![Kotlin](https://img.shields.io/badge/Kotlin-1.8.21-blue.svg?style=flat&logo=kotlin)](http://kotlinlang.org)
+[![Maven Central](https://img.shields.io/maven-central/v/fr.acinq.secp256k1/secp256k1-kmp)](https://search.maven.org/search?q=g:fr.acinq.secp256k1%20a:secp256k1-kmp*)
+![Github Actions](https://github.com/ACINQ/secp256k1-kmp/actions/workflows/test.yml/badge.svg)
+[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://github.com/ACINQ/secp256k1-kmp/blob/master/LICENSE)
+
 # Secp256k1 for Kotlin/Multiplatform
 
 Kotlin/Multiplatform wrapper for Bitcoin Core's secp256k1 library. Targets: JVM, Android, iOS & Linux.
 
 ## Installation
 
-[ ![Download](https://api.bintray.com/packages/acinq/libs/secp256k1/images/download.svg) ](https://bintray.com/acinq/libs/secp256k1-kmp/)
-
-First, you need to add the ACINQ libraries repository:
-
-```kotlin
-// build.gradle.kts
-repositories {
-    maven(url = "https://dl.bintray.com/acinq/libs")
-}
-```
+secp256k1-kmp is available on [maven central](https://search.maven.org/search?q=g:fr.acinq.secp256k1%20a:secp256k1-kmp*)
 
 Then, the actual dependency depends on your targeted platform(s):
 
@@ -34,19 +30,19 @@ kotlin {
         val commonMain by getting {
             dependencies {
                 implementation(kotlin("stdlib-common"))
-                implementation(kotlin("fr.acinq.secp256k1:secp256k1:$secp256k1_version"))
+                implementation("fr.acinq.secp256k1:secp256k1-kmp:$secp256k1_version")
             }
         }
         val jvmMain by getting {
             dependencies {
                 implementation(kotlin("stdlib"))
-                implementation(kotlin("fr.acinq.secp256k1:secp256k1-jni-jvm:$secp256k1_version"))
+                implementation("fr.acinq.secp256k1:secp256k1-kmp-jni-jvm:$secp256k1_version")
             }
         }
         val androidMain by getting {
             dependencies {
                 implementation(kotlin("stdlib"))
-                implementation(kotlin("fr.acinq.secp256k1:secp256k1-jni-android:$secp256k1_version"))
+                implementation("fr.acinq.secp256k1:secp256k1-kmp-jni-android:$secp256k1_version")
             }
         }
     }
@@ -62,22 +58,22 @@ Native targets include libsecp256k1, called through KMP's c-interop, simply add
 The JVM library uses JNI bindings for libsecp256k1, which is much faster than BouncyCastle. It will extract and load native bindings for your operating system in a temporary directory.
 
 JNI libraries are included for:
-- Linux 64 bits
-- Windows 64 bits
-- Macos 64 bits
+- Linux 64 bits (x86_64 and arm64)
+- Windows 64 bits (x86_64)
+- Macos 64 bits (x86_64 and arm64)
 
 Along this library, you **must** specify which JNI native library to use in your dependency manager:
 
 * **For desktop or server JVMs**, you must add the dependency:
-  * Either the `fr.acinq.secp256k1:secp256k1-jni-jvm` dependency which imports all supported platforms.
+  * Either the `fr.acinq.secp256k1:secp256k1-kmp-jni-jvm` dependency which imports all supported platforms.
   * Or the platform specific dependencies (note that you can add multiple as they do not conflict):
-    * `fr.acinq.secp256k1:secp256k1-jni-jvm-linux` for Linux
-    * `fr.acinq.secp256k1:secp256k1-jni-jvm-darwin` for Mac OS X
-    * `fr.acinq.secp256k1:secp256k1-jni-jvm-mingw` for Windows
-* **For Android**, you must add the `fr.acinq.secp256k1:secp256k1-jni-android` dependency
+    * `fr.acinq.secp256k1:secp256k1-kmp-jni-jvm-linux` for Linux
+    * `fr.acinq.secp256k1:secp256k1-kmp-jni-jvm-darwin` for Mac OS X
+    * `fr.acinq.secp256k1:secp256k1-kmp-jni-jvm-mingw` for Windows
+* **For Android**, you must add the `fr.acinq.secp256k1:secp256k1-kmp-jni-android` dependency
 
 If you are using the JVM on an OS for which we don't provide JNI bindings (32 bits OS for example), you can use your own library native library by
-adding the `fr.acinq.secp256k1:secp256k1-jni-jvm` dependency and specifying its path with `-Dfr.acinq.secp256k1.lib.path` and optionally its name with `-Dfr.acinq.secp256k1.lib.name`
+adding the `fr.acinq.secp256k1:secp256k1-kmp-jni-jvm` dependency and specifying its path with `-Dfr.acinq.secp256k1.lib.path` and optionally its name with `-Dfr.acinq.secp256k1.lib.name`
 (if unspecified bitcoink use the standard name for your OS i.e. libsecp256k1.so on Linux, secp256k1.dll on Windows, ...).
 
 To compile your own JNI bindings, have a look add the `native/build.sh` and `jni/build.sh` scripts.
@@ -88,3 +84,58 @@ You can also specify the temporary directory where the library will be extracted
 ## Usage
 
 Please have a look at unit tests, more samples will be added soon.
+
+## Building
+
+**secp256k1-kmp** is a [Kotlin Multiplatform](https://kotlinlang.org/docs/multiplatform.html) wrapper for Bitcoin Core's [secp256k1 library](https://github.com/bitcoin-core/secp256k1).
+
+To build the library you need the following:
+- Window 64 bits, Linux 64 bits, or MacOs 64 Bits
+- OpenJDK11 (we recommend using packages provided by https://adoptopenjdk.net/ but there are other options)
+- (optional) Android SDK
+
+It may work with other Operating Systems and JDKs, but then you're on your own (in particular we don't plan to support 32 bits Operating Systems).
+To build the library and publish compiled artefacts locally (so they can be used by other projects):
+
+```sh
+./gradlew :build
+./gradlew :publishToMavenLocal
+```
+
+To run all tests on all platforms:
+
+```sh
+./gradlew allTests
+```
+
+To run tests on a single platform, for example the JVM:
+
+```sh
+./gradlew jvmTest
+```
+
+If you want to skip building Android artefacts create a `local.properties` file in the project's root directory and add the following line:
+
+```
+skip.android=true
+```
+
+## Contributing to and extending the library
+
+secp256k1-kmp follows 2 simples rules:
+- copy as literally as possible what the original [secp256k1 library](https://github.com/bitcoin-core/secp256k1) does: use the same function names, parameters, options, ... 
+- follow JNI best practices (memory allocation, error handling, ...)
+ 
+"Porting" C/C++ code that uses [secp256k1](https://github.com/bitcoin-core/secp256k1) should be a no-brainer and we should not have to document secp256k1-kmp
+
+
+To extend this library and support methods that have been added to specific versions of [secp256k1](https://github.com/bitcoin-core/secp256k1) you have to:
+- add new methods to the Secp256k1 interface src/commonMain/kotlin/fr/acinq/secp256k1/Secp256k1.kt (please follow rule #1 above and try and match secp256k1's interface as much as possible)
+- implement these new methods in jni/src/main/kotlin/fr/acinq/secp256k1/NativeSecp256k1.kt (JNI implementation) and src/nativeMain/kotlin/fr/acinq/secp256k1/Secp256k1Native.kt (native linux/ios/... implementation)
+- update the JNI interface src/main/java/fr/acinq/secp256k1/Secp256k1CFunctions.java (NativeSecp256k1 calls Secp256k1CFunctions)
+- generate a new JNI header file jni/c/headers/java/fr_acinq_secp256k1_Secp256k1CFunctions.h with `javac -h jni/c/headers/java jni/src/main/java/fr/acinq/secp256k1/Secp256k1CFunctions.java`
+- implement the new methods in jni/c/src/fr_acinq_secp256k1_Secp256k1CFunctions.c
+
+You may also need to modify build files if you need to compile [secp256k1](https://github.com/bitcoin-core/secp256k1) with custom options
+
+We use [secp256k1](https://github.com/bitcoin-core/secp256k1) through git submodules so you may also need to change what they point to

build.gradle.kts

@@ -1,59 +1,49 @@
-import org.apache.http.impl.client.HttpClients
-import org.apache.http.client.methods.HttpPost
-import org.apache.http.entity.ContentType
-import org.apache.http.entity.StringEntity
-import org.apache.http.impl.auth.BasicScheme
-import org.apache.http.auth.UsernamePasswordCredentials
+import org.gradle.internal.os.OperatingSystem
+import org.jetbrains.kotlin.gradle.plugin.mpp.KotlinNativeTarget
+import org.jetbrains.dokka.Platform
 
 plugins {
-    kotlin("multiplatform") version "1.4.0-rc"
+    kotlin("multiplatform") version "1.8.21"
+    id("org.jetbrains.dokka") version "1.8.10"
     `maven-publish`
 }
 
 buildscript {
     repositories {
         google()
-        maven("https://dl.bintray.com/kotlin/kotlin-eap")
-        jcenter()
+        mavenCentral()
     }
 
     dependencies {
-        classpath("com.android.tools.build:gradle:4.0.0")
+        classpath("com.android.tools.build:gradle:7.3.1")
+        classpath("org.jetbrains.dokka:dokka-gradle-plugin:1.8.10")
     }
 }
 
 allprojects {
     group = "fr.acinq.secp256k1"
-    version = "0.3.0-1.4-rc"
+    version = "0.12.0-SNAPSHOT"
 
     repositories {
-        jcenter()
         google()
-        maven(url = "https://dl.bintray.com/kotlin/kotlin-eap")
+        mavenCentral()
     }
 }
 
-val currentOs = org.gradle.internal.os.OperatingSystem.current()
+val currentOs = OperatingSystem.current()
 
 kotlin {
     explicitApi()
 
-    val commonMain by sourceSets.getting {
-        dependencies {
-            implementation(kotlin("stdlib-common"))
-        }
-    }
+    val commonMain by sourceSets.getting
 
     jvm {
         compilations.all {
             kotlinOptions.jvmTarget = "1.8"
         }
-        compilations["main"].dependencies {
-            implementation(kotlin("stdlib-jdk8"))
-        }
     }
 
-    fun org.jetbrains.kotlin.gradle.plugin.mpp.KotlinNativeTarget.secp256k1CInterop(target: String) {
+    fun KotlinNativeTarget.secp256k1CInterop(target: String) {
         compilations["main"].cinterops {
             val libsecp256k1 by creating {
                 includeDirs.headerFilterOnly(project.file("native/secp256k1/include/"))
@@ -66,35 +56,34 @@ kotlin {
 
     linuxX64("linux") {
         secp256k1CInterop("host")
+        compilations["main"].defaultSourceSet.dependsOn(nativeMain)
         // https://youtrack.jetbrains.com/issue/KT-39396
         compilations["main"].kotlinOptions.freeCompilerArgs += listOf("-include-binary", "$rootDir/native/build/linux/libsecp256k1.a")
-        compilations["main"].defaultSourceSet.dependsOn(nativeMain)
     }
 
     ios {
         secp256k1CInterop("ios")
+        compilations["main"].defaultSourceSet.dependsOn(nativeMain)
         // https://youtrack.jetbrains.com/issue/KT-39396
         compilations["main"].kotlinOptions.freeCompilerArgs += listOf("-include-binary", "$rootDir/native/build/ios/libsecp256k1.a")
-        compilations["main"].defaultSourceSet.dependsOn(nativeMain)
     }
 
     sourceSets.all {
-        languageSettings.useExperimentalAnnotation("kotlin.RequiresOptIn")
+        languageSettings.optIn("kotlin.RequiresOptIn")
     }
-
 }
 
 // Disable cross compilation
 allprojects {
     plugins.withId("org.jetbrains.kotlin.multiplatform") {
         afterEvaluate {
-            val currentOs = org.gradle.internal.os.OperatingSystem.current()
+            val currentOs = OperatingSystem.current()
             val targets = when {
                 currentOs.isLinux -> listOf()
                 currentOs.isMacOsX -> listOf("linux")
                 currentOs.isWindows -> listOf("linux")
                 else -> listOf("linux")
-            }.mapNotNull { kotlin.targets.findByName(it) as? org.jetbrains.kotlin.gradle.plugin.mpp.KotlinNativeTarget }
+            }.mapNotNull { kotlin.targets.findByName(it) as? KotlinNativeTarget }
 
             configure(targets) {
                 compilations.all {
@@ -114,41 +103,27 @@ allprojects {
     }
 }
 
-val snapshotNumber: String? by project
-val gitRef: String? by project
-val eapBranch = gitRef?.split("/")?.last() ?: "dev"
-val bintrayVersion = if (snapshotNumber != null) "${project.version}-$eapBranch-$snapshotNumber" else project.version.toString()
-val bintrayRepo = if (snapshotNumber != null) "snapshots" else "libs"
-
-val bintrayUsername: String? = (properties["bintrayUsername"] as String?) ?: System.getenv("BINTRAY_USER")
-val bintrayApiKey: String? = (properties["bintrayApiKey"] as String?) ?: System.getenv("BINTRAY_APIKEY")
-val hasBintray = bintrayUsername != null && bintrayApiKey != null
-if (!hasBintray) logger.warn("Skipping bintray configuration as bintrayUsername or bintrayApiKey is not defined")
-
 allprojects {
+    val javadocJar = tasks.create<Jar>("javadocJar") {
+        archiveClassifier.set("javadoc")
+        duplicatesStrategy = DuplicatesStrategy.EXCLUDE
+    }
+
+    // Publication
     plugins.withId("maven-publish") {
         publishing {
-            if (hasBintray) {
-                repositories {
-                    maven {
-                        name = "bintray"
-                        setUrl("https://api.bintray.com/maven/acinq/$bintrayRepo/${rootProject.name}/;publish=0")
-                        credentials {
-                            username = bintrayUsername
-                            password = bintrayApiKey
-                        }
-                    }
-                }
-            }
-
             publications.withType<MavenPublication>().configureEach {
-                version = bintrayVersion
+                version = project.version.toString()
+                artifact(javadocJar)
                 pom {
+                    name.set("secp256k1 for Kotlin/Multiplatform")
                     description.set("Bitcoin's secp256k1 library ported to Kotlin/Multiplatform for JVM, Android, iOS & Linux")
                     url.set("https://github.com/ACINQ/secp256k1-kmp")
                     licenses {
-                        name.set("Apache License v2.0")
-                        url.set("https://www.apache.org/licenses/LICENSE-2.0")
+                        license {
+                            name.set("Apache License v2.0")
+                            url.set("https://www.apache.org/licenses/LICENSE-2.0")
+                        }
                     }
                     issueManagement {
                         system.set("Github")
@@ -156,45 +131,62 @@ allprojects {
                     }
                     scm {
                         connection.set("https://github.com/ACINQ/secp256k1-kmp.git")
+                        url.set("https://github.com/ACINQ/secp256k1-kmp")
+                    }
+                    developers {
+                        developer {
+                            name.set("ACINQ")
+                            email.set("hello@acinq.co")
+                        }
                     }
                 }
             }
         }
     }
-}
 
-if (hasBintray) {
-    val postBintrayPublish by tasks.creating {
-        doLast {
-            HttpClients.createDefault().use { client ->
-                val post = HttpPost("https://api.bintray.com/content/acinq/$bintrayRepo/${rootProject.name}/$bintrayVersion/publish").apply {
-                    entity = StringEntity("{}", ContentType.APPLICATION_JSON)
-                    addHeader(BasicScheme().authenticate(UsernamePasswordCredentials(bintrayUsername, bintrayApiKey), this, null))
+    if (project.name !in listOf("native", "tests")) {
+        afterEvaluate {
+            val dokkaOutputDir = buildDir.resolve("dokka")
+
+            tasks.dokkaHtml {
+                outputDirectory.set(file(dokkaOutputDir))
+                dokkaSourceSets {
+                    configureEach {
+                        val platformName = when (platform.get()) {
+                            Platform.jvm -> "jvm"
+                            Platform.js -> "js"
+                            Platform.native -> "native"
+                            Platform.common -> "common"
+                            Platform.wasm -> "wasm"
+                        }
+                        displayName.set(platformName)
+
+                        perPackageOption {
+                            matchingRegex.set(".*\\.internal.*") // will match all .internal packages and sub-packages
+                            suppress.set(true)
+                        }
+                    }
                 }
-                client.execute(post)
             }
+
+            val deleteDokkaOutputDir by tasks.register<Delete>("deleteDokkaOutputDirectory") {
+                delete(dokkaOutputDir)
+            }
+
+            javadocJar.dependsOn(deleteDokkaOutputDir, tasks.dokkaHtml)
+            javadocJar.from(dokkaOutputDir)
         }
     }
+}
 
-    val postBintrayDiscard by tasks.creating {
-        doLast {
-            HttpClients.createDefault().use { client ->
-                val post = HttpPost("https://api.bintray.com/content/acinq/$bintrayRepo/${rootProject.name}/$bintrayVersion/publish").apply {
-                    entity = StringEntity("{ \"discard\": true }", ContentType.APPLICATION_JSON)
-                    addHeader(BasicScheme().authenticate(UsernamePasswordCredentials(bintrayUsername, bintrayApiKey), this, null))
-                }
-                client.execute(post)
+allprojects {
+    afterEvaluate {
+        tasks.withType<AbstractTestTask>() {
+            testLogging {
+                events("passed", "skipped", "failed", "standard_out", "standard_error")
+                showExceptions = true
+                showStackTraces = true
             }
         }
     }
 }
-
-afterEvaluate {
-    tasks.withType<AbstractTestTask>() {
-        testLogging {
-            events("passed", "skipped", "failed", "standard_out", "standard_error")
-            showExceptions = true
-            showStackTraces = true
-        }
-    }
-}

gradle.properties

@@ -4,14 +4,8 @@ org.gradle.parallel = true
 
 # kotlin
 kotlin.code.style = official
-kotlin.incremental.multiplatform = true
-kotlin.parallel.tasks.in.project = true
-#kotlin.mpp.enableGranularSourceSetsMetadata = true
-kotlin.native.enableDependencyPropagation = false
 kotlin.native.ignoreDisabledTargets = true
-
-# https://github.com/gradle/gradle/issues/11412
-systemProp.org.gradle.internal.publish.checksums.insecure = true
+kotlin.mpp.enableCInteropCommonization=true
 
 # Android
 android.useAndroidX = true

gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.5-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-7.5.1-bin.zip
+distributionSha256Sum=f6b8596b10cce501591e92f229816aa4046424f3b24d771751b06779d58c8ec4
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

gradlew

@@ -82,6 +82,7 @@ esac
 
 CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
 
+
 # Determine the Java command to use to start the JVM.
 if [ -n "$JAVA_HOME" ] ; then
     if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
@@ -129,6 +130,7 @@ fi
 if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then
     APP_HOME=`cygpath --path --mixed "$APP_HOME"`
     CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
+
     JAVACMD=`cygpath --unix "$JAVACMD"`
 
     # We build the pattern for arguments to be converted via cygpath

gradlew.bat

@@ -1,103 +1,89 @@
-@rem
-@rem Copyright 2015 the original author or authors.
-@rem
-@rem Licensed under the Apache License, Version 2.0 (the "License");
-@rem you may not use this file except in compliance with the License.
-@rem You may obtain a copy of the License at
-@rem
-@rem      https://www.apache.org/licenses/LICENSE-2.0
-@rem
-@rem Unless required by applicable law or agreed to in writing, software
-@rem distributed under the License is distributed on an "AS IS" BASIS,
-@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-@rem See the License for the specific language governing permissions and
-@rem limitations under the License.
-@rem
-
-@if "%DEBUG%" == "" @echo off
-@rem ##########################################################################
-@rem
-@rem  Gradle startup script for Windows
-@rem
-@rem ##########################################################################
-
-@rem Set local scope for the variables with windows NT shell
-if "%OS%"=="Windows_NT" setlocal
-
-set DIRNAME=%~dp0
-if "%DIRNAME%" == "" set DIRNAME=.
-set APP_BASE_NAME=%~n0
-set APP_HOME=%DIRNAME%
-
-@rem Resolve any "." and ".." in APP_HOME to make it shorter.
-for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
-
-@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
-
-@rem Find java.exe
-if defined JAVA_HOME goto findJavaFromJavaHome
-
-set JAVA_EXE=java.exe
-%JAVA_EXE% -version >NUL 2>&1
-if "%ERRORLEVEL%" == "0" goto init
-
-echo.
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
-
-goto fail
-
-:findJavaFromJavaHome
-set JAVA_HOME=%JAVA_HOME:"=%
-set JAVA_EXE=%JAVA_HOME%/bin/java.exe
-
-if exist "%JAVA_EXE%" goto init
-
-echo.
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
-
-goto fail
-
-:init
-@rem Get command-line arguments, handling Windows variants
-
-if not "%OS%" == "Windows_NT" goto win9xME_args
-
-:win9xME_args
-@rem Slurp the command line arguments.
-set CMD_LINE_ARGS=
-set _SKIP=2
-
-:win9xME_args_slurp
-if "x%~1" == "x" goto execute
-
-set CMD_LINE_ARGS=%*
-
-:execute
-@rem Setup the command line
-
-set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
-
-@rem Execute Gradle
-"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
-
-:end
-@rem End local scope for the variables with windows NT shell
-if "%ERRORLEVEL%"=="0" goto mainEnd
-
-:fail
-rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
-rem the _cmd.exe /c_ return code!
-if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
-exit /b 1
-
-:mainEnd
-if "%OS%"=="Windows_NT" endlocal
-
-:omega
+@rem
+@rem Copyright 2015 the original author or authors.
+@rem
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem      https://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+@rem
+
+@if "%DEBUG%" == "" @echo off
+@rem ##########################################################################
+@rem
+@rem  Gradle startup script for Windows
+@rem
+@rem ##########################################################################
+
+@rem Set local scope for the variables with windows NT shell
+if "%OS%"=="Windows_NT" setlocal
+
+set DIRNAME=%~dp0
+if "%DIRNAME%" == "" set DIRNAME=.
+set APP_BASE_NAME=%~n0
+set APP_HOME=%DIRNAME%
+
+@rem Resolve any "." and ".." in APP_HOME to make it shorter.
+for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
+
+@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
+
+@rem Find java.exe
+if defined JAVA_HOME goto findJavaFromJavaHome
+
+set JAVA_EXE=java.exe
+%JAVA_EXE% -version >NUL 2>&1
+if "%ERRORLEVEL%" == "0" goto execute
+
+echo.
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:findJavaFromJavaHome
+set JAVA_HOME=%JAVA_HOME:"=%
+set JAVA_EXE=%JAVA_HOME%/bin/java.exe
+
+if exist "%JAVA_EXE%" goto execute
+
+echo.
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:execute
+@rem Setup the command line
+
+set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
+
+
+@rem Execute Gradle
+"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
+
+:end
+@rem End local scope for the variables with windows NT shell
+if "%ERRORLEVEL%"=="0" goto mainEnd
+
+:fail
+rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
+rem the _cmd.exe /c_ return code!
+if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
+exit /b 1
+
+:mainEnd
+if "%OS%"=="Windows_NT" endlocal
+
+:omega

jni/android/build.gradle.kts

@@ -1,6 +1,7 @@
 plugins {
     id("com.android.library")
     kotlin("android")
+    id("org.jetbrains.dokka")
     `maven-publish`
 }
 
@@ -10,17 +11,13 @@ kotlin {
 
 dependencies {
     api(project(":jni"))
-    implementation(kotlin("stdlib-jdk8"))
 }
 
 android {
     defaultConfig {
-        compileSdkVersion(30)
-        minSdkVersion(21)
+        compileSdk = 33
+        minSdk = 21
         testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
-        externalNativeBuild {
-            cmake {}
-        }
     }
 
     compileOptions {
@@ -30,10 +27,12 @@ android {
 
     externalNativeBuild {
         cmake {
-            setPath("src/main/CMakeLists.txt")
+            version = "3.22.1"
+            path("src/main/CMakeLists.txt")
         }
     }
-    ndkVersion = "21.3.6528147"
+
+    ndkVersion = "25.2.9519653"
 
     afterEvaluate {
         tasks.withType<com.android.build.gradle.tasks.factory.AndroidUnitTest>().all {
@@ -43,23 +42,22 @@ android {
 }
 
 afterEvaluate {
-    configure(listOf("Debug", "Release").map { tasks["externalNativeBuild$it"] }) {
-        dependsOn(":native:buildSecp256k1Android")
+    tasks.filter { it.name.startsWith("configureCMake") }.forEach {
+        it.dependsOn(":native:buildSecp256k1Android")
     }
 }
 
-android {
-    afterEvaluate {
-        publishing {
-            publications {
-                create<MavenPublication>("android") {
-                    artifactId = "secp256k1-jni-android"
-                    from(components["release"])
+afterEvaluate {
+    publishing {
+        publications {
+            create<MavenPublication>("android") {
+                artifactId = "secp256k1-kmp-jni-android"
+                from(components["release"])
+                val sourcesJar = task<Jar>("sourcesJar") {
+                    archiveClassifier.set("sources")
+                    from(android.sourceSets["main"].java.srcDirs)
                 }
-//                create<MavenPublication>("androidDebug") {
-//                    artifactId = "secp256k1-jni-android-debug"
-//                    from(components["debug"])
-//                }
+                artifact(sourcesJar)
             }
         }
     }

jni/android/src/main/CMakeLists.txt

@@ -1,5 +1,7 @@
 cmake_minimum_required(VERSION 3.10.0)
 
+project(secp256k1jni)
+
 add_library( secp256k1-jni SHARED
     ${CMAKE_CURRENT_LIST_DIR}/../../../c/src/fr_acinq_secp256k1_Secp256k1CFunctions.c
 )

jni/build.gradle.kts

@@ -1,5 +1,6 @@
 plugins {
     kotlin("jvm")
+    id("org.jetbrains.dokka")
     `maven-publish`
 }
 
@@ -14,13 +15,12 @@ kotlin {
 
 dependencies {
     api(rootProject)
-    implementation(kotlin("stdlib-jdk8"))
 }
 
 val generateHeaders by tasks.creating(JavaCompile::class) {
     group = "build"
     classpath = sourceSets["main"].compileClasspath
-    destinationDir = file("${buildDir}/generated/jni")
+    destinationDirectory.set(file("${buildDir}/generated/jni"))
     source = sourceSets["main"].java
     options.compilerArgs = listOf(
         "-h", file("${buildDir}/generated/jni").absolutePath,
@@ -35,8 +35,13 @@ val generateHeaders by tasks.creating(JavaCompile::class) {
 publishing {
     publications {
         create<MavenPublication>("jvm") {
-            artifactId = "secp256k1-jni-common"
+            artifactId = "secp256k1-kmp-jni-common"
             from(components["java"])
+            val sourcesJar = task<Jar>("sourcesJar") {
+                archiveClassifier.set("sources")
+                from(sourceSets["main"].allSource)
+            }
+            artifact(sourcesJar)
         }
     }
 }

jni/c/headers/java/fr_acinq_secp256k1_Secp256k1CFunctions.h

@@ -119,14 +119,6 @@ JNIEXPORT jbyteArray JNICALL Java_fr_acinq_secp256k1_Secp256k1CFunctions_secp256
 JNIEXPORT jbyteArray JNICALL Java_fr_acinq_secp256k1_Secp256k1CFunctions_secp256k1_1ec_1pubkey_1tweak_1mul
   (JNIEnv *, jclass, jlong, jbyteArray, jbyteArray);
 
-/*
- * Class:     fr_acinq_secp256k1_Secp256k1CFunctions
- * Method:    secp256k1_ec_pubkey_add
- * Signature: (J[B[B)[B
- */
-JNIEXPORT jbyteArray JNICALL Java_fr_acinq_secp256k1_Secp256k1CFunctions_secp256k1_1ec_1pubkey_1add
-  (JNIEnv *, jclass, jlong, jbyteArray, jbyteArray);
-
 /*
  * Class:     fr_acinq_secp256k1_Secp256k1CFunctions
  * Method:    secp256k1_ec_pubkey_combine
@@ -159,6 +151,22 @@ JNIEXPORT jbyteArray JNICALL Java_fr_acinq_secp256k1_Secp256k1CFunctions_secp256
 JNIEXPORT jbyteArray JNICALL Java_fr_acinq_secp256k1_Secp256k1CFunctions_secp256k1_1compact_1to_1der
   (JNIEnv *, jclass, jlong, jbyteArray);
 
+/*
+ * Class:     fr_acinq_secp256k1_Secp256k1CFunctions
+ * Method:    secp256k1_schnorrsig_sign
+ * Signature: (J[B[B[B)[B
+ */
+JNIEXPORT jbyteArray JNICALL Java_fr_acinq_secp256k1_Secp256k1CFunctions_secp256k1_1schnorrsig_1sign
+  (JNIEnv *, jclass, jlong, jbyteArray, jbyteArray, jbyteArray);
+
+/*
+ * Class:     fr_acinq_secp256k1_Secp256k1CFunctions
+ * Method:    secp256k1_schnorrsig_verify
+ * Signature: (J[B[B[B)I
+ */
+JNIEXPORT jint JNICALL Java_fr_acinq_secp256k1_Secp256k1CFunctions_secp256k1_1schnorrsig_1verify
+  (JNIEnv *, jclass, jlong, jbyteArray, jbyteArray, jbyteArray);
+
 #ifdef __cplusplus
 }
 #endif

jni/jvm/all/build.gradle.kts

@@ -1,7 +1,7 @@
 plugins {
     `java-library`
-//    `maven-publish`
-    id("ru.vyarus.pom") version "2.1.0"
+    id("org.jetbrains.dokka")
+    `maven-publish`
 }
 
 dependencies {
@@ -13,8 +13,12 @@ dependencies {
 publishing {
     publications {
         create<MavenPublication>("jvm") {
-            artifactId = "secp256k1-jni-jvm"
+            artifactId = "secp256k1-kmp-jni-jvm"
             from(components["java"])
+            val sourcesJar = task<Jar>("sourcesJar") {
+                archiveClassifier.set("sources")
+            }
+            artifact(sourcesJar)
         }
     }
 }

jni/jvm/build.gradle.kts

@@ -1,5 +1,6 @@
 plugins {
     kotlin("jvm")
+    id("org.jetbrains.dokka")
     `maven-publish`
 }
 
@@ -28,14 +29,17 @@ val buildNativeHost by tasks.creating(Exec::class) {
 
 dependencies {
     api(project(":jni"))
-    implementation(kotlin("stdlib-jdk8"))
 }
 
 publishing {
     publications {
         create<MavenPublication>("jvm") {
-            artifactId = "secp256k1-jni-jvm-extract"
+            artifactId = "secp256k1-kmp-jni-jvm-extract"
             from(components["java"])
+            val sourcesJar = task<Jar>("sourcesJar") {
+                archiveClassifier.set("sources")
+            }
+            artifact(sourcesJar)
         }
     }
 }

jni/jvm/build.sh

@@ -14,11 +14,9 @@ JNI_HEADERS=$TARGET
 
 if [ "$TARGET" == "linux" ]; then
   OUTFILE=libsecp256k1-jni.so
-  ADD_LIB=-lgmp
   CC_OPTS="-fPIC"
 elif [ "$TARGET" == "darwin" ]; then
   OUTFILE=libsecp256k1-jni.dylib
-  ADD_LIB=-lgmp
 elif [ "$TARGET" == "mingw" ]; then
   OUTFILE=secp256k1-jni.dll
   CC=x86_64-w64-mingw32-gcc

jni/jvm/darwin/build.gradle.kts

@@ -1,5 +1,7 @@
 plugins {
     kotlin("jvm")
+    `java-library`
+    id("org.jetbrains.dokka")
     `maven-publish`
 }
 
@@ -10,8 +12,12 @@ dependencies {
 val copyJni by tasks.creating(Sync::class) {
     onlyIf { org.gradle.internal.os.OperatingSystem.current().isMacOsX }
     dependsOn(":jni:jvm:buildNativeHost")
+    val arch = when (System.getProperty("os.arch")) {
+        "aarch64" -> "aarch64"
+        else -> "x86_64"
+    }
     from(rootDir.resolve("jni/jvm/build/darwin/libsecp256k1-jni.dylib"))
-    into(buildDir.resolve("jniResources/fr/acinq/secp256k1/jni/native/darwin-x86_64"))
+    into(buildDir.resolve("jniResources/fr/acinq/secp256k1/jni/native/darwin-$arch"))
 }
 
 (tasks["processResources"] as ProcessResources).apply {
@@ -23,8 +29,12 @@ val copyJni by tasks.creating(Sync::class) {
 publishing {
     publications {
         val pub = create<MavenPublication>("jvm") {
-            artifactId = "secp256k1-jni-jvm-darwin"
+            artifactId = "secp256k1-kmp-jni-jvm-darwin"
             from(components["java"])
+            val sourcesJar = task<Jar>("sourcesJar") {
+                archiveClassifier.set("sources")
+            }
+            artifact(sourcesJar)
         }
         if (!org.gradle.internal.os.OperatingSystem.current().isMacOsX) {
             tasks.withType<AbstractPublishToMaven>().all { onlyIf { publication != pub } }

jni/jvm/linux/build.gradle.kts

@@ -1,5 +1,6 @@
 plugins {
     kotlin("jvm")
+    id("org.jetbrains.dokka")
     `maven-publish`
 }
 
@@ -23,8 +24,12 @@ val copyJni by tasks.creating(Sync::class) {
 publishing {
     publications {
         val pub = create<MavenPublication>("jvm") {
-            artifactId = "secp256k1-jni-jvm-linux"
+            artifactId = "secp256k1-kmp-jni-jvm-linux"
             from(components["java"])
+            val sourcesJar = task<Jar>("sourcesJar") {
+                archiveClassifier.set("sources")
+            }
+            artifact(sourcesJar)
         }
         if (!org.gradle.internal.os.OperatingSystem.current().isLinux) {
             tasks.withType<AbstractPublishToMaven>().all { onlyIf { publication != pub } }

jni/jvm/mingw/build.gradle.kts

@@ -1,5 +1,6 @@
 plugins {
     kotlin("jvm")
+    id("org.jetbrains.dokka")
     `maven-publish`
 }
 
@@ -23,8 +24,12 @@ val copyJni by tasks.creating(Sync::class) {
 publishing {
     publications {
         val pub = create<MavenPublication>("jvm") {
-            artifactId = "secp256k1-jni-jvm-mingw"
+            artifactId = "secp256k1-kmp-jni-jvm-mingw"
             from(components["java"])
+            val sourcesJar = task<Jar>("sourcesJar") {
+                archiveClassifier.set("sources")
+            }
+            artifact(sourcesJar)
         }
         if (!org.gradle.internal.os.OperatingSystem.current().isWindows) {
             tasks.withType<AbstractPublishToMaven>().all { onlyIf { publication != pub } }

jni/jvm/src/main/kotlin/fr/acinq/secp256k1/jni/OSInfo.kt

@@ -154,7 +154,7 @@ internal object OSInfo {
                if (systemOsArch.startsWith("arm")) {
                    resolveArmArchType()
                } else {
-                   val lc = systemOsArch.toLowerCase(Locale.US)
+                   val lc = systemOsArch.lowercase(Locale.US)
                    if (archMapping.containsKey(lc)) return archMapping[lc]
                    systemOsArch
                }

jni/src/main/java/fr/acinq/secp256k1/Secp256k1CFunctions.java

@@ -5,29 +5,29 @@ public class Secp256k1CFunctions {
      * All flags' lower 8 bits indicate what they're for. Do not use directly.
      */
     public static int SECP256K1_FLAGS_TYPE_MASK = ((1 << 8) - 1);
-    public static int SECP256K1_FLAGS_TYPE_CONTEXT = (1 << 0);
-    public static int SECP256K1_FLAGS_TYPE_COMPRESSION = (1 << 1);
+    public static final int SECP256K1_FLAGS_TYPE_CONTEXT = (1 << 0);
+    public static final int SECP256K1_FLAGS_TYPE_COMPRESSION = (1 << 1);
 
     /**
      * The higher bits contain the actual data. Do not use directly.
      */
-    public static int SECP256K1_FLAGS_BIT_CONTEXT_VERIFY = (1 << 8);
-    public static int SECP256K1_FLAGS_BIT_CONTEXT_SIGN = (1 << 9);
-    public static int SECP256K1_FLAGS_BIT_COMPRESSION = (1 << 8);
+    public static final int SECP256K1_FLAGS_BIT_CONTEXT_VERIFY = (1 << 8);
+    public static final int SECP256K1_FLAGS_BIT_CONTEXT_SIGN = (1 << 9);
+    public static final int SECP256K1_FLAGS_BIT_COMPRESSION = (1 << 8);
 
     /**
      * Flags to pass to secp256k1_context_create, secp256k1_context_preallocated_size, and
      * secp256k1_context_preallocated_create.
      */
-    public static int SECP256K1_CONTEXT_VERIFY = (SECP256K1_FLAGS_TYPE_CONTEXT | SECP256K1_FLAGS_BIT_CONTEXT_VERIFY);
-    public static int SECP256K1_CONTEXT_SIGN = (SECP256K1_FLAGS_TYPE_CONTEXT | SECP256K1_FLAGS_BIT_CONTEXT_SIGN);
-    public static int SECP256K1_CONTEXT_NONE = (SECP256K1_FLAGS_TYPE_CONTEXT);
+    public static final int SECP256K1_CONTEXT_VERIFY = (SECP256K1_FLAGS_TYPE_CONTEXT | SECP256K1_FLAGS_BIT_CONTEXT_VERIFY);
+    public static final int SECP256K1_CONTEXT_SIGN = (SECP256K1_FLAGS_TYPE_CONTEXT | SECP256K1_FLAGS_BIT_CONTEXT_SIGN);
+    public static final int SECP256K1_CONTEXT_NONE = (SECP256K1_FLAGS_TYPE_CONTEXT);
 
     /**
      * Flag to pass to secp256k1_ec_pubkey_serialize.
      */
-    public static int SECP256K1_EC_COMPRESSED = (SECP256K1_FLAGS_TYPE_COMPRESSION | SECP256K1_FLAGS_BIT_COMPRESSION);
-    public static int SECP256K1_EC_UNCOMPRESSED = (SECP256K1_FLAGS_TYPE_COMPRESSION);
+    public static final int SECP256K1_EC_COMPRESSED = (SECP256K1_FLAGS_TYPE_COMPRESSION | SECP256K1_FLAGS_BIT_COMPRESSION);
+    public static final int SECP256K1_EC_UNCOMPRESSED = (SECP256K1_FLAGS_TYPE_COMPRESSION);
 
     public static native long secp256k1_context_create(int flags);
 
@@ -57,8 +57,6 @@ public class Secp256k1CFunctions {
 
     public static native byte[] secp256k1_ec_pubkey_tweak_mul(long ctx, byte[] pubkey, byte[] tweak);
 
-    public static native byte[] secp256k1_ec_pubkey_add(long ctx, byte[] pubkey1, byte[] pubkey2);
-
     public static native byte[] secp256k1_ec_pubkey_combine(long ctx, byte[][] pubkeys);
 
     public static native byte[] secp256k1_ecdh(long ctx, byte[] seckey, byte[] pubkey);
@@ -66,4 +64,8 @@ public class Secp256k1CFunctions {
     public static native byte[] secp256k1_ecdsa_recover(long ctx, byte[] sig, byte[] msg32, int recid);
 
     public static native byte[] secp256k1_compact_to_der(long ctx, byte[] sig);
+
+    public static native byte[] secp256k1_schnorrsig_sign(long ctx, byte[] msg, byte[] seckey, byte[] aux_rand32);
+
+    public static native int secp256k1_schnorrsig_verify(long ctx, byte[] sig, byte[] msg, byte[] pubkey);
 }

jni/src/main/kotlin/fr/acinq/secp256k1/NativeSecp256k1.kt

@@ -14,15 +14,16 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+
 package fr.acinq.secp256k1
 
 public object NativeSecp256k1 : Secp256k1 {
-    override fun verify(signature: ByteArray, data: ByteArray, pub: ByteArray): Boolean {
-        return Secp256k1CFunctions.secp256k1_ecdsa_verify(Secp256k1Context.getContext(), signature, data, pub) == 1
+    override fun verify(signature: ByteArray, message: ByteArray, pubkey: ByteArray): Boolean {
+        return Secp256k1CFunctions.secp256k1_ecdsa_verify(Secp256k1Context.getContext(), signature, message, pubkey) == 1
     }
 
-    override fun sign(data: ByteArray, sec: ByteArray): ByteArray {
-        return Secp256k1CFunctions.secp256k1_ecdsa_sign(Secp256k1Context.getContext(), data, sec)
+    override fun sign(message: ByteArray, privkey: ByteArray): ByteArray {
+        return Secp256k1CFunctions.secp256k1_ecdsa_sign(Secp256k1Context.getContext(), message, privkey)
     }
 
     override fun signatureNormalize(sig: ByteArray): Pair<ByteArray, Boolean> {
@@ -31,35 +32,30 @@ public object NativeSecp256k1 : Secp256k1 {
         return Pair(sigout, result == 1)
     }
 
-    override fun secKeyVerify(seckey: ByteArray): Boolean {
-        val result = Secp256k1CFunctions.secp256k1_ec_seckey_verify(Secp256k1Context.getContext(), seckey);
-        return result == 1;
+    override fun secKeyVerify(privkey: ByteArray): Boolean {
+        return Secp256k1CFunctions.secp256k1_ec_seckey_verify(Secp256k1Context.getContext(), privkey) == 1
     }
 
-    override fun pubkeyCreate(seckey: ByteArray): ByteArray {
-        return Secp256k1CFunctions.secp256k1_ec_pubkey_create(Secp256k1Context.getContext(), seckey)
+    override fun pubkeyCreate(privkey: ByteArray): ByteArray {
+        return Secp256k1CFunctions.secp256k1_ec_pubkey_create(Secp256k1Context.getContext(), privkey)
     }
 
     override fun pubkeyParse(pubkey: ByteArray): ByteArray {
         return Secp256k1CFunctions.secp256k1_ec_pubkey_parse(Secp256k1Context.getContext(), pubkey)
     }
 
-    override fun cleanup() {
-        return Secp256k1CFunctions.secp256k1_context_destroy(Secp256k1Context.getContext())
-    }
-
     override fun privKeyNegate(privkey: ByteArray): ByteArray {
         return Secp256k1CFunctions.secp256k1_ec_privkey_negate(Secp256k1Context.getContext(), privkey)
     }
 
-    override fun privKeyTweakMul(privkey: ByteArray, tweak: ByteArray): ByteArray {
-        return Secp256k1CFunctions.secp256k1_ec_privkey_tweak_mul(Secp256k1Context.getContext(), privkey, tweak)
-    }
-
     override fun privKeyTweakAdd(privkey: ByteArray, tweak: ByteArray): ByteArray {
         return Secp256k1CFunctions.secp256k1_ec_privkey_tweak_add(Secp256k1Context.getContext(), privkey, tweak)
     }
 
+    override fun privKeyTweakMul(privkey: ByteArray, tweak: ByteArray): ByteArray {
+        return Secp256k1CFunctions.secp256k1_ec_privkey_tweak_mul(Secp256k1Context.getContext(), privkey, tweak)
+    }
+
     override fun pubKeyNegate(pubkey: ByteArray): ByteArray {
         return Secp256k1CFunctions.secp256k1_ec_pubkey_negate(Secp256k1Context.getContext(), pubkey)
     }
@@ -72,12 +68,12 @@ public object NativeSecp256k1 : Secp256k1 {
         return Secp256k1CFunctions.secp256k1_ec_pubkey_tweak_mul(Secp256k1Context.getContext(), pubkey, tweak)
     }
 
-    override fun pubKeyAdd(pubkey1: ByteArray, pubkey2: ByteArray): ByteArray {
-        return Secp256k1CFunctions.secp256k1_ec_pubkey_add(Secp256k1Context.getContext(), pubkey1, pubkey2)
+    override fun pubKeyCombine(pubkeys: Array<ByteArray>): ByteArray {
+        return Secp256k1CFunctions.secp256k1_ec_pubkey_combine(Secp256k1Context.getContext(), pubkeys)
     }
 
-    override fun ecdh(seckey: ByteArray, pubkey: ByteArray): ByteArray {
-        return Secp256k1CFunctions.secp256k1_ecdh(Secp256k1Context.getContext(), seckey, pubkey)
+    override fun ecdh(privkey: ByteArray, pubkey: ByteArray): ByteArray {
+        return Secp256k1CFunctions.secp256k1_ecdh(Secp256k1Context.getContext(), privkey, pubkey)
     }
 
     override fun ecdsaRecover(sig: ByteArray, message: ByteArray, recid: Int): ByteArray {
@@ -87,4 +83,16 @@ public object NativeSecp256k1 : Secp256k1 {
     override fun compact2der(sig: ByteArray): ByteArray {
         return Secp256k1CFunctions.secp256k1_compact_to_der(Secp256k1Context.getContext(), sig)
     }
+
+    override fun verifySchnorr(signature: ByteArray, data: ByteArray, pub: ByteArray): Boolean {
+        return Secp256k1CFunctions.secp256k1_schnorrsig_verify(Secp256k1Context.getContext(), signature, data, pub) == 1
+    }
+
+    override fun signSchnorr(data: ByteArray, sec: ByteArray, auxrand32: ByteArray?): ByteArray {
+        return Secp256k1CFunctions.secp256k1_schnorrsig_sign(Secp256k1Context.getContext(), data, sec, auxrand32)
+    }
+
+    override fun cleanup() {
+        return Secp256k1CFunctions.secp256k1_context_destroy(Secp256k1Context.getContext())
+    }
 }

native/build-android.sh

@@ -19,23 +19,21 @@ else
 fi
 
 TARGET=$SYS-linux-android
-TOOLTARGET=$TARGET
 if [ "$SYS" == "armv7a" ]; then
   TARGET=armv7a-linux-androideabi
-  TOOLTARGET=arm-linux-androideabi
 fi
 
 export CC=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/${TARGET}21-clang
-export LD=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/$TOOLTARGET-ld
-export AR=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/$TOOLTARGET-ar
-export AS=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/$TOOLTARGET-as
-export RANLIB=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/$TOOLTARGET-ranlib
-export STRIP=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/$TOOLTARGET-strip
+export LD=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/ld
+export AR=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/llvm-ar
+export AS=$CC
+export RANLIB=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/llvm-ranlib
+export STRIP=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/llvm-strip
 
 cd secp256k1
 
 ./autogen.sh
-./configure CFLAGS=-fpic --host=$TARGET --enable-experimental --enable-module_ecdh --enable-module-recovery --enable-benchmark=no --enable-shared=no --enable-exhaustive-tests=no --enable-tests=no
+./configure CFLAGS=-fpic --host=$TARGET --enable-experimental --enable-module_ecdh --enable-module-recovery --enable-module-schnorrsig --enable-benchmark=no --enable-shared=no --enable-exhaustive-tests=no --enable-tests=no
 make clean
 make
 

native/build-ios.sh

@@ -6,7 +6,7 @@ cp xconfigure.sh secp256k1
 cd secp256k1
 
 ./autogen.sh
-sh xconfigure.sh --enable-experimental --enable-module_ecdh --enable-module-recovery --enable-benchmark=no --enable-shared=no --enable-exhaustive-tests=no --enable-tests=no
+sh xconfigure.sh --enable-experimental --enable-module_ecdh --enable-module-recovery --enable-module-schnorrsig --enable-benchmark=no --enable-shared=no --enable-exhaustive-tests=no --enable-tests=no
 
 mkdir -p ../build/ios
 cp -v _build/universal/* ../build/ios/

native/build.gradle.kts

@@ -1,7 +1,13 @@
-evaluationDependsOn(":jni:android")
+import org.gradle.internal.os.OperatingSystem
 
-val currentOs = org.gradle.internal.os.OperatingSystem.current()
-val bash = if (currentOs.isWindows) "bash.exe" else "bash"
+val includeAndroid = System.getProperty("includeAndroid")?.toBoolean() ?: true
+
+if (includeAndroid) {
+    evaluationDependsOn(":jni:android")
+}
+
+val currentOs = OperatingSystem.current()
+val bash = "bash"
 
 val buildSecp256k1 by tasks.creating { group = "build" }
 
@@ -13,7 +19,7 @@ val buildSecp256k1Host by tasks.creating(Exec::class) {
         currentOs.isLinux -> "linux"
         currentOs.isMacOsX -> "darwin"
         currentOs.isWindows -> "mingw"
-        else -> error("UnsupportedmOS $currentOs")
+        else -> error("Unsupported OS $currentOs")
     }
 
     inputs.files(projectDir.resolve("build.sh"))
@@ -21,7 +27,7 @@ val buildSecp256k1Host by tasks.creating(Exec::class) {
 
     workingDir = projectDir
     environment("TARGET", target)
-    commandLine(bash, "build.sh")
+    commandLine(bash, "-l", "build.sh")
 }
 
 val buildSecp256k1Ios by tasks.creating(Exec::class) {
@@ -37,34 +43,39 @@ val buildSecp256k1Ios by tasks.creating(Exec::class) {
     commandLine(bash, "build-ios.sh")
 }
 
-val buildSecp256k1Android by tasks.creating {
-    group = "build"
-    buildSecp256k1.dependsOn(this)
-}
-fun creatingBuildSecp256k1Android(arch: String) = tasks.creating(Exec::class) {
-    group = "build"
-    buildSecp256k1Android.dependsOn(this)
+if (includeAndroid) {
 
-    inputs.files(projectDir.resolve("build-android.sh"))
-    outputs.dir(projectDir.resolve("build/android/$arch"))
-
-    workingDir = projectDir
-
-    val toolchain = when {
-        currentOs.isLinux -> "linux-x86_64"
-        currentOs.isMacOsX -> "darwin-x86_64"
-        currentOs.isWindows -> "windows-x86_64"
-        else -> error("No Android toolchain defined for this OS: $currentOs")
+    val buildSecp256k1Android by tasks.creating {
+        group = "build"
+        buildSecp256k1.dependsOn(this)
     }
-    environment("TOOLCHAIN", toolchain)
-    environment("ARCH", arch)
-    environment("ANDROID_NDK", (project(":jni:android").extensions["android"] as com.android.build.gradle.LibraryExtension).ndkDirectory)
-    commandLine(bash, "build-android.sh")
+
+    fun creatingBuildSecp256k1Android(arch: String) = tasks.creating(Exec::class) {
+        group = "build"
+        buildSecp256k1Android.dependsOn(this)
+
+        inputs.files(projectDir.resolve("build-android.sh"))
+        outputs.dir(projectDir.resolve("build/android/$arch"))
+
+        workingDir = projectDir
+
+        val toolchain = when {
+            currentOs.isLinux -> "linux-x86_64"
+            currentOs.isMacOsX -> "darwin-x86_64"
+            currentOs.isWindows -> "windows-x86_64"
+            else -> error("No Android toolchain defined for this OS: $currentOs")
+        }
+        environment("TOOLCHAIN", toolchain)
+        environment("ARCH", arch)
+        environment("ANDROID_NDK", (project(":jni:android").extensions["android"] as com.android.build.gradle.LibraryExtension).ndkDirectory)
+        commandLine(bash, "build-android.sh")
+    }
+
+    val buildSecp256k1AndroidX86_64 by creatingBuildSecp256k1Android("x86_64")
+    val buildSecp256k1AndroidX86 by creatingBuildSecp256k1Android("x86")
+    val buildSecp256k1AndroidArm64v8a by creatingBuildSecp256k1Android("arm64-v8a")
+    val buildSecp256k1AndroidArmeabiv7a by creatingBuildSecp256k1Android("armeabi-v7a")
 }
-val buildSecp256k1AndroidX86_64 by creatingBuildSecp256k1Android("x86_64")
-val buildSecp256k1AndroidX86 by creatingBuildSecp256k1Android("x86")
-val buildSecp256k1AndroidArm64v8a by creatingBuildSecp256k1Android("arm64-v8a")
-val buildSecp256k1AndroidArmeabiv7a by creatingBuildSecp256k1Android("armeabi-v7a")
 
 val clean by tasks.creating {
     group = "build"

native/build.sh

@@ -15,16 +15,15 @@ if [ "$TARGET" == "mingw" ]; then
   CONF_OPTS="CFLAGS=-fPIC --host=x86_64-w64-mingw32"
 elif [ "$TARGET" == "linux" ]; then
   CONF_OPTS="CFLAGS=-fPIC"
-  [ "$CROSS" == "1" ] && sudo apt -y install libgmp-dev
 elif [ "$TARGET" == "darwin" ]; then
-  CONF_OPTS="--host=x86_64-w64-darwin"
+  CONF_OPTS=""
 else
   echo "Unknown TARGET=$TARGET"
   exit 1
 fi
 
 ./autogen.sh
-./configure $CONF_OPTS --enable-experimental --enable-module_ecdh --enable-module-recovery --enable-benchmark=no --enable-shared=no --enable-exhaustive-tests=no --enable-tests=no
+./configure $CONF_OPTS --enable-experimental --enable-module_ecdh --enable-module-recovery --enable-module-schnorrsig --enable-benchmark=no --enable-shared=no --enable-exhaustive-tests=no --enable-tests=no
 make clean
 make
 

publishing/PUBLISHING.md

@@ -0,0 +1,57 @@
+# Publishing secp256k1-kmp artifacts
+
+## snapshots
+
+Snapshots are published to the Sonatype snapshot repository (https://oss.sonatype.org/content/repositories/snapshots/).
+To publish snapshot, you must add your sonatype credentials for the `ossrh` server to your local maven settings (typically in $HOME/.m2/settings.xml)
+
+- Download `snapshot.zip` generated by the `Publish snapshot` github action
+- unzip `snapshot.zip` in the `publishing` directory
+- add additional JNI bindings (optional, see below)
+- edit `secp256k1-kmp-snapshot-deploy.sh` and update the `VERSION` environment variable if needed
+- run `secp256k1-kmp-snapshot-deploy.sh`
+
+## releases
+
+Releases are published to the Sonatype staging repository. If all items are valid they will be published to `maven central` repository.
+You must edit `secp256k1-kmp-staging-upload.sh` and add your sonatype credentials. You must also have a valid GPG key.
+
+- Download `release.zip` generated by the `Publish release` github action (which is triggered every time you publish a github release)
+- unzip `release.zip` in the `publishing` directory
+- add additional JNI bindings (optional, see below)
+- edit `secp256k1-kmp-staging-upload.sh` and update the `VERSION` environment variable if needed
+- sign all artifacts with a valid gpg key: `find release -type f -print -exec gpg -ab {} \;`
+- run `secp256k1-kmp-staging-upload.sh`
+- log into sonatype, close and publish your staging repository. Artifacts will be available on Maven Central within a few hours.
+
+## Adding custom JNI bindings
+
+Github CI currently generates JNI bindings for Windows x64, Linux x64 and iOS x64. But it is possible to add custom bindings to JNI packages before 
+they are published to maven central. 
+
+This is how we add linux arm64 bindings:
+- compile JNI bindings for Linux Arm64 (on a Linux Arm64 machine, cross-compilation is not supported)
+  - git clone --recursive https://github.com/ACINQ/secp256k1-kmp.git
+  - cd secp256k1-kmp 
+  - TARGET=linux ./native/build.sh 
+  - mkdir -p jni/jvm/build/linux 
+  - TARGET=linux ./jni/jvm/build.sh 
+  - JNI library is: jni/jvm/build/linux/libsecp256k1-jni.so
+- copy libsecp256k1-jni.so to fr/acinq/secp256k1/jni/native/linux-aarch64/libsecp256k1-jni.so
+- run `secp256k1-kmp-add-linuxarm64.sh` and specify either `release` or `snapshot` and the `VERSION` environment variable, for example:
+  - VERSION=0.9.0-SNAPSHOT ./secp256k1-kmp-add-linuxarm64.sh snapshot
+  - VERSION=0.9.0 ./secp256k1-kmp-add-linuxarm64.sh release
+
+This is how we add macos arm64 (M1/M2) bindings:
+- compile JNI bindings for macos Arm64 (on a macos Arm64 machine, cross-compilation is not supported)
+  - git clone --recursive https://github.com/ACINQ/secp256k1-kmp.git
+  - cd secp256k1-kmp
+  - TARGET=darwin ./native/build.sh
+  - mkdir -p jni/jvm/build/darwin
+  - TARGET=darwin ./jni/jvm/build.sh
+  - JNI library is: jni/jvm/build/darwin/libsecp256k1-jni.dylib
+- copy libsecp256k1-jni.dylib to fr/acinq/secp256k1/jni/native/darwin-aarch64/libsecp256k1-jni.dylib
+- run `secp256k1-kmp-add-darwinaarch64.sh` and specify either `release` or `snapshot` and the `VERSION` environment variable, for example:
+  - VERSION=0.9.0-SNAPSHOT ./secp256k1-kmp-add-darwinaarch64.sh snapshot
+  - VERSION=0.9.0 ./secp256k1-kmp-add-darwinaarch64.sh release
+

publishing/secp256k1-kmp-add-darwinaarch64.sh

@@ -0,0 +1,17 @@
+#!/bin/bash -x
+
+if [ $# -eq 0 ]
+  then
+    echo "specify either snapshot or release"
+    exit 1
+fi
+
+# add aarch64 (ARM64) library to the darwin jar
+if [ -e fr/acinq/secp256k1/jni/native/darwin-aarch64/libsecp256k1-jni.dylib ]
+then
+    jar -uf $1/fr/acinq/secp256k1/secp256k1-kmp-jni-jvm-darwin/$VERSION/secp256k1-kmp-jni-jvm-darwin-$VERSION.jar fr || exit
+else
+    libsecp256k1-jni.dylib for arch64 is missing
+    exit 1
+fi
+

publishing/secp256k1-kmp-add-linuxarm64.sh

@@ -0,0 +1,17 @@
+#!/bin/bash -x
+
+if [ $# -eq 0 ]
+  then
+    echo "specify either snapshot or release"
+    exit 1
+fi
+
+# add aarch64 (ARM64) library to the linux jar
+if [ -e fr/acinq/secp256k1/jni/native/linux-aarch64/libsecp256k1-jni.so ]
+then
+    jar -uf $1/fr/acinq/secp256k1/secp256k1-kmp-jni-jvm-linux/$VERSION/secp256k1-kmp-jni-jvm-linux-$VERSION.jar fr || exit
+else
+    libsecp256k1-jni.so for arch64 is missing
+    exit 1
+fi
+

publishing/secp256k1-kmp-snapshot-deploy.sh

@@ -0,0 +1,65 @@
+#!/bin/bash -x
+
+GROUP_ID=fr.acinq.secp256k1
+ARTIFACT_ID_BASE=secp256k1-kmp
+
+if [[ -z "${VERSION}" ]]; then
+  echo "VERSION is not defined"
+  exit 1
+fi
+
+cd snapshot
+pushd .
+cd fr/acinq/secp256k1/secp256k1-kmp/$VERSION
+mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/content/repositories/snapshots/ \
+  -DpomFile=$ARTIFACT_ID_BASE-$VERSION.pom \
+  -Dfile=$ARTIFACT_ID_BASE-$VERSION.jar \
+  -Dfiles=$ARTIFACT_ID_BASE-$VERSION.module,$ARTIFACT_ID_BASE-$VERSION-kotlin-tooling-metadata.json \
+  -Dtypes=module,json \
+  -Dclassifiers=,kotlin-tooling-metadata \
+  -Dsources=$ARTIFACT_ID_BASE-$VERSION-sources.jar \
+  -Djavadoc=$ARTIFACT_ID_BASE-$VERSION-javadoc.jar
+popd
+pushd .
+for i in iosarm64 iosx64 jni-android jni-common jni-jvm-darwin jni-jvm-extract jni-jvm-linux jni-jvm-mingw jni-jvm jvm linux; do
+  cd fr/acinq/secp256k1/secp256k1-kmp-$i/$VERSION
+  if [ $i == iosarm64 ] || [ $i == iosx64 ]; then
+    mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/content/repositories/snapshots/ \
+      -DpomFile=$ARTIFACT_ID_BASE-$i-$VERSION.pom \
+      -Dfile=$ARTIFACT_ID_BASE-$i-$VERSION.klib \
+      -Dfiles=$ARTIFACT_ID_BASE-$i-$VERSION-metadata.jar,$ARTIFACT_ID_BASE-$i-$VERSION.module,$ARTIFACT_ID_BASE-$i-$VERSION-cinterop-libsecp256k1.klib \
+      -Dtypes=jar,module,klib \
+      -Dclassifiers=metadata,,cinterop-libsecp256k1 \
+      -Dsources=$ARTIFACT_ID_BASE-$i-$VERSION-sources.jar \
+      -Djavadoc=$ARTIFACT_ID_BASE-$i-$VERSION-javadoc.jar
+  elif [ $i == linux ]; then
+    mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/content/repositories/snapshots/ \
+      -DpomFile=$ARTIFACT_ID_BASE-$i-$VERSION.pom \
+      -Dfile=$ARTIFACT_ID_BASE-$i-$VERSION.klib \
+      -Dfiles=$ARTIFACT_ID_BASE-$i-$VERSION.module,$ARTIFACT_ID_BASE-$i-$VERSION-cinterop-libsecp256k1.klib \
+      -Dtypes=module,klib \
+      -Dclassifiers=,cinterop-libsecp256k1 \
+      -Dsources=$ARTIFACT_ID_BASE-$i-$VERSION-sources.jar \
+      -Djavadoc=$ARTIFACT_ID_BASE-$i-$VERSION-javadoc.jar
+  elif [ $i == jni-android ]; then
+    mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/content/repositories/snapshots/ \
+      -DpomFile=$ARTIFACT_ID_BASE-$i-$VERSION.pom \
+      -Dfile=$ARTIFACT_ID_BASE-$i-$VERSION.aar \
+      -Dfiles=$ARTIFACT_ID_BASE-$i-$VERSION.module \
+      -Dtypes=module \
+      -Dclassifiers= \
+      -Dsources=$ARTIFACT_ID_BASE-$i-$VERSION-sources.jar \
+      -Djavadoc=$ARTIFACT_ID_BASE-$i-$VERSION-javadoc.jar
+  else
+    mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/content/repositories/snapshots/ \
+      -DpomFile=$ARTIFACT_ID_BASE-$i-$VERSION.pom \
+      -Dfile=$ARTIFACT_ID_BASE-$i-$VERSION.jar \
+      -Dfiles=$ARTIFACT_ID_BASE-$i-$VERSION.module \
+      -Dtypes=module \
+      -Dclassifiers= \
+      -Dsources=$ARTIFACT_ID_BASE-$i-$VERSION-sources.jar \
+      -Djavadoc=$ARTIFACT_ID_BASE-$i-$VERSION-javadoc.jar
+  fi
+  popd
+  pushd .
+done

publishing/secp256k1-kmp-staging-upload.sh

@@ -0,0 +1,28 @@
+#!/bin/bash -x
+#
+# first you must sign all files:
+# find release -type f -print -exec gpg -ab {} \;
+
+VERSION=0.6.2
+for i in 	secp256k1-kmp \
+		secp256k1-kmp-iosarm64 \
+		secp256k1-kmp-iosx64 \
+		secp256k1-kmp-jni-android \
+		secp256k1-kmp-jni-common \
+		secp256k1-kmp-jni-jvm \
+		secp256k1-kmp-jni-jvm-darwin \
+		secp256k1-kmp-jni-jvm-extract \
+		secp256k1-kmp-jni-jvm-linux \
+		secp256k1-kmp-jni-jvm-mingw \
+		secp256k1-kmp-jvm \
+		secp256k1-kmp-linux
+do
+	pushd .
+	cd release/fr/acinq/secp256k1/$i/$VERSION
+	pwd
+	jar -cvf bundle.jar *
+	# use correct sonatype credentials here
+  curl -v -XPOST -u USER:PASSWORD --upload-file bundle.jar https://oss.sonatype.org/service/local/staging/bundle_upload
+  popd
+done
+

settings.gradle.kts

@@ -1,21 +1,42 @@
 pluginManagement {
     repositories {
         google()
-        maven("https://dl.bintray.com/kotlin/kotlin-eap")
         gradlePluginPortal()
-        jcenter()
+    }
+    resolutionStrategy {
+        eachPlugin {
+            if (requested.id.namespace == "com.android" || requested.id.name == "kotlin-android-extensions") {
+                useModule("com.android.tools.build:gradle:7.3.1")
+            }
+        }
     }
 }
-rootProject.name = "secp256k1"
+rootProject.name = "secp256k1-kmp"
+
+// We use a property defined in `local.properties` to know whether we should build the android application or not.
+// For example, iOS developers may want to skip that most of the time.
+val skipAndroid = File("$rootDir/local.properties").takeIf { it.exists() }
+    ?.inputStream()?.use { java.util.Properties().apply { load(it) } }
+    ?.run { getProperty("skip.android", "false")?.toBoolean() }
+    ?: false
+
+// Use system properties to inject the property in other gradle build files.
+System.setProperty("includeAndroid", (!skipAndroid).toString())
 
 include(
     ":native",
     ":jni",
-    ":jni:android",
     ":jni:jvm",
     ":jni:jvm:darwin",
     ":jni:jvm:linux",
     ":jni:jvm:mingw",
     ":jni:jvm:all",
     ":tests"
-)
+)
+
+if (!skipAndroid) {
+    print("building android library")
+    include(":jni:android")
+} else {
+    print("skipping android build")
+}

src/commonMain/kotlin/fr/acinq/secp256k1/Secp256k1.kt

@@ -20,60 +20,163 @@ import kotlin.jvm.JvmStatic
 
 public interface Secp256k1 {
 
-    public fun verify(signature: ByteArray, data: ByteArray, pub: ByteArray): Boolean
+    /**
+     * Verify an ECDSA signature.
+     *
+     * @param signature signature using either compact encoding (64 bytes) or der-encoding.
+     * @param message message signed.
+     * @param pubkey signer's public key.
+     */
+    public fun verify(signature: ByteArray, message: ByteArray, pubkey: ByteArray): Boolean
 
-    public fun sign(data: ByteArray, sec: ByteArray): ByteArray
+    /**
+     * Create a normalized ECDSA signature.
+     *
+     * @param message message to sign.
+     * @param privkey signer's private key.
+     */
+    public fun sign(message: ByteArray, privkey: ByteArray): ByteArray
 
+    /**
+     * Verify a Schnorr signature.
+     *
+     * @param signature 64 bytes signature.
+     * @param data message signed.
+     * @param pub signer's x-only public key (32 bytes).
+     */
+    public fun verifySchnorr(signature: ByteArray, data: ByteArray, pub: ByteArray): Boolean
+
+    /**
+     * Create a Schnorr signature.
+     *
+     * @param data message to sign.
+     * @param sec signer's private key.
+     * @param auxrand32 32 bytes of fresh randomness (optional).
+     */
+    public fun signSchnorr(data: ByteArray, sec: ByteArray, auxrand32: ByteArray?): ByteArray
+
+   /**
+     * Convert an ECDSA signature to a normalized lower-S form (bitcoin standardness rule).
+     * Returns the normalized signature and a boolean set to true if the input signature was not normalized.
+     *
+     * @param sig signature that should be normalized.
+     */
     public fun signatureNormalize(sig: ByteArray): Pair<ByteArray, Boolean>
 
-    public fun secKeyVerify(seckey: ByteArray): Boolean
+    /**
+     * Verify the validity of a private key.
+     */
+    public fun secKeyVerify(privkey: ByteArray): Boolean
 
-    public fun pubkeyCreate(seckey: ByteArray): ByteArray
+    /**
+     * Get the public key corresponding to the given private key.
+     * Returns the uncompressed public key (65 bytes).
+     */
+    public fun pubkeyCreate(privkey: ByteArray): ByteArray
 
+    /**
+     * Parse a serialized public key.
+     * Returns the uncompressed public key (65 bytes).
+     */
     public fun pubkeyParse(pubkey: ByteArray): ByteArray
 
-    public fun cleanup()
-
+    /**
+     * Negate the given private key.
+     */
     public fun privKeyNegate(privkey: ByteArray): ByteArray
 
-    public fun privKeyTweakMul(privkey: ByteArray, tweak: ByteArray): ByteArray
-
+    /**
+     * Tweak a private key by adding tweak to it.
+     */
     public fun privKeyTweakAdd(privkey: ByteArray, tweak: ByteArray): ByteArray
 
+    /**
+     * Tweak a private key by multiplying it by a tweak.
+     */
+    public fun privKeyTweakMul(privkey: ByteArray, tweak: ByteArray): ByteArray
+
+    /**
+     * Negate the given public key.
+     * Returns the uncompressed public key (65 bytes).
+     */
     public fun pubKeyNegate(pubkey: ByteArray): ByteArray
 
+    /**
+     * Tweak a public key by adding tweak times the generator to it.
+     * Returns the uncompressed public key (65 bytes).
+     */
     public fun pubKeyTweakAdd(pubkey: ByteArray, tweak: ByteArray): ByteArray
 
+    /**
+     * Tweak a public key by multiplying it by a tweak value.
+     * Returns the uncompressed public key (65 bytes).
+     */
     public fun pubKeyTweakMul(pubkey: ByteArray, tweak: ByteArray): ByteArray
 
-    public fun pubKeyAdd(pubkey1: ByteArray, pubkey2: ByteArray): ByteArray
+    /**
+     * Add a number of public keys together.
+     * Returns the uncompressed public key (65 bytes).
+     */
+    public fun pubKeyCombine(pubkeys: Array<ByteArray>): ByteArray
 
-    public fun ecdh(seckey: ByteArray, pubkey: ByteArray): ByteArray
+    /**
+     * Compute an elliptic curve Diffie-Hellman secret.
+     */
+    public fun ecdh(privkey: ByteArray, pubkey: ByteArray): ByteArray
 
+    /**
+     * Recover a public key from an ECDSA signature.
+     *
+     * @param sig ecdsa compact signature (64 bytes).
+     * @param message message signed.
+     * @param recid recoveryId (should have been provided with the signature to allow recovery).
+     */
     public fun ecdsaRecover(sig: ByteArray, message: ByteArray, recid: Int): ByteArray
 
+    /**
+     * Convert a compact ECDSA signature (64 bytes) to a der-encoded ECDSA signature.
+     */
     public fun compact2der(sig: ByteArray): ByteArray
 
-    public fun pubKeyCompress(pubkey: ByteArray) : ByteArray {
+    /**
+     * Serialize a public key to compact form (33 bytes).
+     */
+    public fun pubKeyCompress(pubkey: ByteArray): ByteArray {
         return when {
             pubkey.size == 33 && (pubkey[0] == 2.toByte() || pubkey[0] == 3.toByte()) -> pubkey
             pubkey.size == 65 && pubkey[0] == 4.toByte() -> {
-                val pub1 = pubkey.copyOf(33)
-                pub1[0] = if (pubkey.last() % 2 == 0) 2.toByte() else 3.toByte()
-                pub1
+                val compressed = pubkey.copyOf(33)
+                compressed[0] = if (pubkey.last() % 2 == 0) 2.toByte() else 3.toByte()
+                compressed
             }
             else -> throw Secp256k1Exception("invalid public key")
         }
     }
 
+    /**
+     * Delete the secp256k1 context from dynamic memory.
+     */
+    public fun cleanup()
+
     public companion object : Secp256k1 by getSecpk256k1() {
-        @JvmStatic public fun get(): Secp256k1 = this
+        @JvmStatic
+        public fun get(): Secp256k1 = this
     }
 }
 
 internal expect fun getSecpk256k1(): Secp256k1
 
-public class Secp256k1Exception : RuntimeException {
-    public constructor() : super() {}
-    public constructor(message: String?) : super(message) {}
+public open class Secp256k1Exception : RuntimeException {
+    public constructor() : super()
+    public constructor(message: String?) : super(message)
+}
+
+public class Secp256k1ErrorCallbackException : Secp256k1Exception {
+    public constructor() : super()
+    public constructor(message: String?) : super(message)
+}
+
+public class Secp256k1IllegalCallbackException : Secp256k1Exception {
+    public constructor() : super()
+    public constructor(message: String?) : super(message)
 }

src/jvmMain/kotlin/fr/acinq/secp256k1/Secp256k1Jvm.kt

@@ -20,12 +20,12 @@ import java.util.*
 
 
 private fun tryLoad(platform: String): Secp256k1? {
-    try {
-        val cls = Class.forName("fr.acinq.secp256k1.jni.NativeSecp256k1${platform.capitalize(Locale.ROOT)}Loader")
+    return try {
+        val cls = Class.forName("fr.acinq.secp256k1.jni.NativeSecp256k1${platform.replaceFirstChar { if (it.isLowerCase()) it.titlecase(Locale.ROOT) else it.toString() }}Loader")
         val load = cls.getMethod("load")
-        return load.invoke(null) as Secp256k1
+        load.invoke(null) as Secp256k1
     } catch (ex: ClassNotFoundException) {
-        return null
+        null
     }
 }
 

src/nativeInterop/cinterop/libsecp256k1.def

@@ -1,10 +1,10 @@
 package = secp256k1
 
-headers = secp256k1.h secp256k1_ecdh.h secp256k1_recovery.h
-headerFilter = secp256k1/** secp256k1_ecdh.h secp256k1_recovery.h secp256k1.h
+headers = secp256k1.h secp256k1_ecdh.h secp256k1_recovery.h secp256k1_extrakeys.h secp256k1_schnorrsig.h
+headerFilter = secp256k1/** secp256k1_ecdh.h secp256k1_recovery.h secp256k1_extrakeys.h secp256k1_schnorrsig.h secp256k1.h
 
 libraryPaths.linux = c/secp256k1/build/linux/
-linkerOpts.linux = -L/usr/lib64 -L/usr/lib/x86_64-linux-gnu -L/usr/local/lib -lgmp
+linkerOpts.linux = -L/usr/lib64 -L/usr/lib/x86_64-linux-gnu -L/usr/local/lib
 
 libraryPaths.ios = c/secp256k1/build/ios/ /usr/local/lib
 linkerOpts.ios = -framework Security -framework Foundation

src/nativeMain/kotlin/fr/acinq/secp256k1/Secp256k1Native.kt

@@ -4,15 +4,67 @@ import kotlinx.cinterop.*
 import platform.posix.size_tVar
 import secp256k1.*
 
-@OptIn(ExperimentalUnsignedTypes::class)
+private typealias Secp256k1CallbackHandler = (String) -> Unit
+
+@OptIn(ExperimentalStdlibApi::class)
+private class CallbackHandler(ctx: CPointer<secp256k1_context>) : AutoCloseable {
+    var illegalCallBackMessage: String? = null
+    val illegalHandler: Secp256k1CallbackHandler = { x: String -> illegalCallBackMessage = x }
+    val illegalCallbackRef = StableRef.create(illegalHandler)
+    var errorCallBackMessage: String? = null
+    val errorHandler: Secp256k1CallbackHandler = { x: String -> errorCallBackMessage = x }
+    val errorCallbackRef = StableRef.create(errorHandler)
+
+    init {
+        secp256k1_context_set_error_callback(
+            ctx, staticCFunction { buffer: CPointer<ByteVar>?, data: COpaquePointer? ->
+                if (data != null) {
+                    val callback = data.asStableRef<Secp256k1CallbackHandler>().get()
+                    callback(buffer?.toKString() ?: "error callback triggered")
+                }
+            },
+            errorCallbackRef.asCPointer()
+        )
+        secp256k1_context_set_illegal_callback(
+            ctx, staticCFunction { buffer: CPointer<ByteVar>?, data: COpaquePointer? ->
+                if (data != null) {
+                    val callback = data.asStableRef<Secp256k1CallbackHandler>().get()
+                    callback(buffer?.toKString() ?: "illegal callback triggered")
+                }
+            },
+            illegalCallbackRef.asCPointer()
+        )
+    }
+
+    fun checkForErrors() {
+        errorCallBackMessage?.let { throw Secp256k1ErrorCallbackException(it) }
+        illegalCallBackMessage?.let { throw Secp256k1IllegalCallbackException(it) }
+    }
+
+    override fun close() {
+        // StableRef instances have to be disposed of manually
+        illegalCallbackRef.dispose()
+        errorCallbackRef.dispose()
+    }
+}
+
+@OptIn(ExperimentalUnsignedTypes::class, ExperimentalStdlibApi::class)
 public object Secp256k1Native : Secp256k1 {
 
     private val ctx: CPointer<secp256k1_context> by lazy {
+
         secp256k1_context_create((SECP256K1_FLAGS_TYPE_CONTEXT or SECP256K1_FLAGS_BIT_CONTEXT_SIGN or SECP256K1_FLAGS_BIT_CONTEXT_VERIFY).toUInt())
-            ?: error("Could not create segp256k1 context")
+            ?: error("Could not create secp256k1 context")
     }
 
-    private fun Int.requireSuccess(message: String): Int = if (this != 1) throw Secp256k1Exception(message) else this
+    private fun Int.requireSuccess(message: String): Int {
+        return if (this != 1) throw Secp256k1Exception(message) else this
+    }
+
+    private fun Int.requireSuccess(callbackHandler: CallbackHandler, message: String): Int {
+        callbackHandler.checkForErrors()
+        return if (this != 1) throw Secp256k1Exception(message) else this
+    }
 
     private fun MemScope.allocSignature(input: ByteArray): secp256k1_ecdsa_signature {
         val sig = alloc<secp256k1_ecdsa_signature>()
@@ -55,178 +107,254 @@ public object Secp256k1Native : Secp256k1 {
         return pinned.addressOf(0)
     }
 
-    public override fun verify(signature: ByteArray, data: ByteArray, pub: ByteArray): Boolean {
-        require(data.size == 32)
-        require(pub.size == 33 || pub.size == 65)
-        memScoped {
-            val nPubkey = allocPublicKey(pub)
-            val nData = toNat(data)
-            val nSig = allocSignature(signature)
-            return secp256k1_ecdsa_verify(ctx, nSig.ptr, nData, nPubkey.ptr) == 1
+    public override fun verify(signature: ByteArray, message: ByteArray, pubkey: ByteArray): Boolean {
+        require(message.size == 32)
+        require(pubkey.size == 33 || pubkey.size == 65)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPubkey = allocPublicKey(pubkey)
+                val nMessage = toNat(message)
+                val nSig = allocSignature(signature)
+                val verify = secp256k1_ecdsa_verify(ctx, nSig.ptr, nMessage, nPubkey.ptr)
+                callbackHandler.checkForErrors()
+                return verify == 1
+            }
         }
     }
 
-    public override fun sign(data: ByteArray, sec: ByteArray): ByteArray {
-        require(sec.size == 32)
-        require(data.size == 32)
-        memScoped {
-            val nSec = toNat(sec)
-            val nData = toNat(data)
-            val nSig = alloc<secp256k1_ecdsa_signature>()
-            secp256k1_ecdsa_sign(ctx, nSig.ptr, nData, nSec, null, null).requireSuccess("secp256k1_ecdsa_sign() failed")
-            return serializeSignature(nSig)
+    public override fun sign(message: ByteArray, privkey: ByteArray): ByteArray {
+        require(privkey.size == 32)
+        require(message.size == 32)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPrivkey = toNat(privkey)
+                val nMessage = toNat(message)
+                val nSig = alloc<secp256k1_ecdsa_signature>()
+                secp256k1_ecdsa_sign(ctx, nSig.ptr, nMessage, nPrivkey, null, null).requireSuccess(callbackHandler, "secp256k1_ecdsa_sign() failed")
+                return serializeSignature(nSig)
+            }
         }
     }
 
     public override fun signatureNormalize(sig: ByteArray): Pair<ByteArray, Boolean> {
-        require(sig.size == 64 || sig.size in 70..73)
-        memScoped {
-            val nSig = allocSignature(sig)
-            val isHighS = secp256k1_ecdsa_signature_normalize(ctx, nSig.ptr, nSig.ptr)
-            return Pair(serializeSignature(nSig), isHighS == 1)
+        require(sig.size >= 64) { "invalid signature ${Hex.encode(sig)}" }
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nSig = allocSignature(sig)
+                val isHighS = secp256k1_ecdsa_signature_normalize(ctx, nSig.ptr, nSig.ptr)
+                callbackHandler.checkForErrors()
+                return Pair(serializeSignature(nSig), isHighS == 1)
+            }
         }
     }
 
-    public override fun secKeyVerify(seckey: ByteArray): Boolean {
-        require(seckey.size == 32)
-        memScoped {
-            val nSec = toNat(seckey)
-            return secp256k1_ec_seckey_verify(ctx, nSec) == 1
+    public override fun secKeyVerify(privkey: ByteArray): Boolean {
+        if (privkey.size != 32) return false
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPrivkey = toNat(privkey)
+                val result = secp256k1_ec_seckey_verify(ctx, nPrivkey) == 1
+                callbackHandler.checkForErrors()
+                return result
+            }
         }
     }
 
-    public override fun pubkeyCreate(seckey: ByteArray): ByteArray {
-        require(seckey.size == 32)
-        memScoped {
-            val nSec = toNat(seckey)
-            val nPubkey = alloc<secp256k1_pubkey>()
-            secp256k1_ec_pubkey_create(ctx, nPubkey.ptr, nSec).requireSuccess("secp256k1_ec_pubkey_create() failed")
-            return serializePubkey(nPubkey)
+    public override fun pubkeyCreate(privkey: ByteArray): ByteArray {
+        require(privkey.size == 32)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPrivkey = toNat(privkey)
+                val nPubkey = alloc<secp256k1_pubkey>()
+                secp256k1_ec_pubkey_create(ctx, nPubkey.ptr, nPrivkey).requireSuccess(callbackHandler, "secp256k1_ec_pubkey_create() failed")
+                return serializePubkey(nPubkey)
+            }
         }
     }
 
     public override fun pubkeyParse(pubkey: ByteArray): ByteArray {
         require(pubkey.size == 33 || pubkey.size == 65)
-        memScoped {
-            val nPubkey = allocPublicKey(pubkey)
-            return serializePubkey(nPubkey)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPubkey = allocPublicKey(pubkey)
+                val result = serializePubkey(nPubkey)
+                callbackHandler.checkForErrors()
+                return result
+            }
         }
     }
 
-    public override fun cleanup() {
-        secp256k1_context_destroy(ctx)
-    }
-
     public override fun privKeyNegate(privkey: ByteArray): ByteArray {
         require(privkey.size == 32)
-        memScoped {
-            val negated = privkey.copyOf()
-            val negPriv = toNat(negated)
-            secp256k1_ec_privkey_negate(ctx, negPriv).requireSuccess("secp256k1_ec_privkey_negate() failed")
-            return negated
-        }
-    }
-
-    public override fun privKeyTweakMul(privkey: ByteArray, tweak: ByteArray): ByteArray {
-        require(privkey.size == 32)
-        memScoped {
-            val multiplied = privkey.copyOf()
-            val natMul = toNat(multiplied)
-            val natTweak = toNat(tweak)
-            secp256k1_ec_privkey_tweak_mul(ctx, natMul, natTweak).requireSuccess("secp256k1_ec_privkey_tweak_mul() failed")
-            return multiplied
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val negated = privkey.copyOf()
+                val negPriv = toNat(negated)
+                secp256k1_ec_seckey_negate(ctx, negPriv).requireSuccess(callbackHandler, "secp256k1_ec_seckey_negate() failed")
+                return negated
+            }
         }
     }
 
     public override fun privKeyTweakAdd(privkey: ByteArray, tweak: ByteArray): ByteArray {
         require(privkey.size == 32)
-        memScoped {
-            val added = privkey.copyOf()
-            val natAdd = toNat(added)
-            val natTweak = toNat(tweak)
-            secp256k1_ec_privkey_tweak_add(ctx, natAdd, natTweak).requireSuccess("secp256k1_ec_privkey_tweak_add() failed")
-            return added
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val added = privkey.copyOf()
+                val natAdd = toNat(added)
+                val natTweak = toNat(tweak)
+                secp256k1_ec_seckey_tweak_add(ctx, natAdd, natTweak).requireSuccess(callbackHandler, "secp256k1_ec_seckey_tweak_add() failed")
+                return added
+            }
+        }
+    }
+
+    public override fun privKeyTweakMul(privkey: ByteArray, tweak: ByteArray): ByteArray {
+        require(privkey.size == 32)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val multiplied = privkey.copyOf()
+                val natMul = toNat(multiplied)
+                val natTweak = toNat(tweak)
+                secp256k1_ec_privkey_tweak_mul(ctx, natMul, natTweak).requireSuccess(callbackHandler, "secp256k1_ec_privkey_tweak_mul() failed")
+                return multiplied
+            }
         }
     }
 
     public override fun pubKeyNegate(pubkey: ByteArray): ByteArray {
         require(pubkey.size == 33 || pubkey.size == 65)
-        memScoped {
-            val nPubkey = allocPublicKey(pubkey)
-            secp256k1_ec_pubkey_negate(ctx, nPubkey.ptr).requireSuccess("secp256k1_ec_pubkey_negate() failed")
-            return serializePubkey(nPubkey)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPubkey = allocPublicKey(pubkey)
+                secp256k1_ec_pubkey_negate(ctx, nPubkey.ptr).requireSuccess(callbackHandler, "secp256k1_ec_pubkey_negate() failed")
+                return serializePubkey(nPubkey)
+            }
         }
     }
 
     public override fun pubKeyTweakAdd(pubkey: ByteArray, tweak: ByteArray): ByteArray {
         require(pubkey.size == 33 || pubkey.size == 65)
-        memScoped {
-            val nPubkey = allocPublicKey(pubkey)
-            val nTweak = toNat(tweak)
-            secp256k1_ec_pubkey_tweak_add(ctx, nPubkey.ptr, nTweak).requireSuccess("secp256k1_ec_pubkey_tweak_add() failed")
-            return serializePubkey(nPubkey)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPubkey = allocPublicKey(pubkey)
+                val nTweak = toNat(tweak)
+                secp256k1_ec_pubkey_tweak_add(ctx, nPubkey.ptr, nTweak).requireSuccess(callbackHandler, "secp256k1_ec_pubkey_tweak_add() failed")
+                return serializePubkey(nPubkey)
+            }
         }
     }
 
     public override fun pubKeyTweakMul(pubkey: ByteArray, tweak: ByteArray): ByteArray {
         require(pubkey.size == 33 || pubkey.size == 65)
-        memScoped {
-            val nPubkey = allocPublicKey(pubkey)
-            val nTweak = toNat(tweak)
-            secp256k1_ec_pubkey_tweak_mul(ctx, nPubkey.ptr, nTweak).requireSuccess("secp256k1_ec_pubkey_tweak_mul() failed")
-            return serializePubkey(nPubkey)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPubkey = allocPublicKey(pubkey)
+                val nTweak = toNat(tweak)
+                secp256k1_ec_pubkey_tweak_mul(ctx, nPubkey.ptr, nTweak).requireSuccess(callbackHandler, "secp256k1_ec_pubkey_tweak_mul() failed")
+                return serializePubkey(nPubkey)
+            }
         }
     }
 
-    public override fun pubKeyAdd(pubkey1: ByteArray, pubkey2: ByteArray): ByteArray {
-        require(pubkey1.size == 33 || pubkey1.size == 65)
-        require(pubkey2.size == 33 || pubkey2.size == 65)
-        memScoped {
-            val nPubkey1 = allocPublicKey(pubkey1)
-            val nPubkey2 = allocPublicKey(pubkey2)
-            val combined = alloc<secp256k1_pubkey>()
-            secp256k1_ec_pubkey_combine(ctx, combined.ptr, cValuesOf(nPubkey1.ptr, nPubkey2.ptr), 2.convert()).requireSuccess("secp256k1_ec_pubkey_combine() failed")
-            return serializePubkey(combined)
+    public override fun pubKeyCombine(pubkeys: Array<ByteArray>): ByteArray {
+        pubkeys.forEach { require(it.size == 33 || it.size == 65) }
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPubkeys = pubkeys.map { allocPublicKey(it).ptr }
+                val combined = alloc<secp256k1_pubkey>()
+                secp256k1_ec_pubkey_combine(ctx, combined.ptr, nPubkeys.toCValues(), pubkeys.size.convert()).requireSuccess(callbackHandler, "secp256k1_ec_pubkey_combine() failed")
+                return serializePubkey(combined)
+            }
         }
     }
 
-    public override fun ecdh(seckey: ByteArray, pubkey: ByteArray): ByteArray {
-        require(seckey.size == 32)
+    public override fun ecdh(privkey: ByteArray, pubkey: ByteArray): ByteArray {
+        require(privkey.size == 32)
         require(pubkey.size == 33 || pubkey.size == 65)
-        memScoped {
-            val nPubkey = allocPublicKey(pubkey)
-            val nSeckey = toNat(seckey)
-            val output = allocArray<UByteVar>(32)
-            secp256k1_ecdh(ctx, output, nPubkey.ptr, nSeckey, null, null).requireSuccess("secp256k1_ecdh() failed")
-            return output.readBytes(32)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPubkey = allocPublicKey(pubkey)
+                val nPrivkey = toNat(privkey)
+                val output = allocArray<UByteVar>(32)
+                secp256k1_ecdh(ctx, output, nPubkey.ptr, nPrivkey, null, null).requireSuccess(callbackHandler, "secp256k1_ecdh() failed")
+                return output.readBytes(32)
+            }
         }
     }
 
     public override fun ecdsaRecover(sig: ByteArray, message: ByteArray, recid: Int): ByteArray {
         require(sig.size == 64)
         require(message.size == 32)
-        memScoped {
-            val nSig = toNat(sig)
-            val rSig = alloc<secp256k1_ecdsa_recoverable_signature>()
-            secp256k1_ecdsa_recoverable_signature_parse_compact(ctx, rSig.ptr, nSig, recid).requireSuccess("secp256k1_ecdsa_recoverable_signature_parse_compact() failed")
-            val nMessage = toNat(message)
-            val pubkey = alloc<secp256k1_pubkey>()
-            secp256k1_ecdsa_recover(ctx, pubkey.ptr, rSig.ptr, nMessage).requireSuccess("secp256k1_ecdsa_recover() failed")
-            return serializePubkey(pubkey)
+        // we do not check that recid is valid, which should trigger our illegal callback handler to throw a Secp256k1IllegalCallbackException
+        // require(recid in 0..3)
+
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nSig = toNat(sig)
+                val rSig = alloc<secp256k1_ecdsa_recoverable_signature>()
+                secp256k1_ecdsa_recoverable_signature_parse_compact(ctx, rSig.ptr, nSig, recid).requireSuccess(callbackHandler, "secp256k1_ecdsa_recoverable_signature_parse_compact() failed")
+                val nMessage = toNat(message)
+                val pubkey = alloc<secp256k1_pubkey>()
+                secp256k1_ecdsa_recover(ctx, pubkey.ptr, rSig.ptr, nMessage).requireSuccess(callbackHandler, "secp256k1_ecdsa_recover() failed")
+                return serializePubkey(pubkey)
+            }
         }
     }
 
     public override fun compact2der(sig: ByteArray): ByteArray {
         require(sig.size == 64)
-        memScoped {
-            val nSig = allocSignature(sig)
-            val natOutput = allocArray<UByteVar>(73)
-            val len = alloc<size_tVar>()
-            len.value = 73.convert()
-            secp256k1_ecdsa_signature_serialize_der(ctx, natOutput, len.ptr, nSig.ptr).requireSuccess("secp256k1_ecdsa_signature_serialize_der() failed")
-            return natOutput.readBytes(len.value.toInt())
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nSig = allocSignature(sig)
+                val natOutput = allocArray<UByteVar>(73)
+                val len = alloc<size_tVar>()
+                len.value = 73.convert()
+                secp256k1_ecdsa_signature_serialize_der(ctx, natOutput, len.ptr, nSig.ptr).requireSuccess(callbackHandler, "secp256k1_ecdsa_signature_serialize_der() failed")
+                return natOutput.readBytes(len.value.toInt())
+            }
         }
     }
+
+    override fun verifySchnorr(signature: ByteArray, data: ByteArray, pub: ByteArray): Boolean {
+        require(signature.size == 64)
+        require(data.size == 32)
+        require(pub.size == 32)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPub = toNat(pub)
+                val pubkey = alloc<secp256k1_xonly_pubkey>()
+                secp256k1_xonly_pubkey_parse(ctx, pubkey.ptr, nPub).requireSuccess(callbackHandler, "secp256k1_xonly_pubkey_parse() failed")
+                val nData = toNat(data)
+                val nSig = toNat(signature)
+                return secp256k1_schnorrsig_verify(ctx, nSig, nData, 32u, pubkey.ptr) == 1
+            }
+        }
+    }
+
+    override fun signSchnorr(data: ByteArray, sec: ByteArray, auxrand32: ByteArray?): ByteArray {
+        require(sec.size == 32)
+        require(data.size == 32)
+        auxrand32?.let { require(it.size == 32) }
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nSec = toNat(sec)
+                val nData = toNat(data)
+                val nAuxrand32 = auxrand32?.let { toNat(it) }
+                val nSig = allocArray<UByteVar>(64)
+                val keypair = alloc<secp256k1_keypair>()
+                secp256k1_keypair_create(ctx, keypair.ptr, nSec).requireSuccess(callbackHandler, "secp256k1_keypair_create() failed")
+                secp256k1_schnorrsig_sign32(ctx, nSig, nData, keypair.ptr, nAuxrand32).requireSuccess(callbackHandler, "secp256k1_ecdsa_sign() failed")
+                return nSig.readBytes(64)
+            }
+        }
+    }
+    
+    public override fun cleanup() {
+        secp256k1_context_destroy(ctx)
+    }
+
+
 }
 
 internal actual fun getSecpk256k1(): Secp256k1 = Secp256k1Native

tests/build.gradle.kts

@@ -1,19 +1,24 @@
+
 plugins {
     kotlin("multiplatform")
-    id("com.android.library")
+    if (System.getProperty("includeAndroid")?.toBoolean() == true) {
+        id("com.android.library")
+    }
 }
 
 kotlin {
     explicitApi()
 
+    val includeAndroid = System.getProperty("includeAndroid")?.toBoolean() ?: true
+
     val commonMain by sourceSets.getting {
         dependencies {
-            implementation(kotlin("stdlib-common"))
             implementation(rootProject)
         }
     }
     val commonTest by sourceSets.getting {
         dependencies {
+            implementation(kotlin("test-common"))
             implementation(kotlin("test-annotations-common"))
         }
     }
@@ -23,7 +28,6 @@ kotlin {
             kotlinOptions.jvmTarget = "1.8"
         }
         compilations["main"].dependencies {
-            implementation(kotlin("stdlib-jdk8"))
             implementation(project(":jni:jvm:all"))
         }
         compilations["test"].dependencies {
@@ -31,18 +35,19 @@ kotlin {
         }
     }
 
-    android {
-        compilations.all {
-            kotlinOptions.jvmTarget = "1.8"
-        }
-        sourceSets["androidMain"].dependencies {
-            implementation(kotlin("stdlib-jdk8"))
-            implementation(project(":jni:android"))
-        }
-        sourceSets["androidTest"].dependencies {
-            implementation(kotlin("test-junit"))
-            implementation("androidx.test.ext:junit:1.1.1")
-            implementation("androidx.test.espresso:espresso-core:3.2.0")
+    if (includeAndroid) {
+        android {
+            compilations.all {
+                kotlinOptions.jvmTarget = "1.8"
+            }
+            sourceSets["androidMain"].dependencies {
+                implementation(project(":jni:android"))
+            }
+            sourceSets["androidTest"].dependencies {
+                implementation(kotlin("test-junit"))
+                implementation("androidx.test.ext:junit:1.1.2")
+                implementation("androidx.test.espresso:espresso-core:3.3.0")
+            }
         }
     }
 
@@ -51,23 +56,26 @@ kotlin {
     ios()
 }
 
-android {
-    defaultConfig {
-        compileSdkVersion(30)
-        minSdkVersion(21)
-        testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
-    }
+val includeAndroid = System.getProperty("includeAndroid")?.toBoolean() ?: true
+if (includeAndroid) {
+    extensions.configure<com.android.build.gradle.LibraryExtension>("android") {
+        defaultConfig {
+            compileSdkVersion(30)
+            minSdkVersion(21)
+            testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
+        }
 
-    compileOptions {
-        sourceCompatibility = JavaVersion.VERSION_1_8
-        targetCompatibility = JavaVersion.VERSION_1_8
-    }
+        compileOptions {
+            sourceCompatibility = JavaVersion.VERSION_1_8
+            targetCompatibility = JavaVersion.VERSION_1_8
+        }
 
-    sourceSets["main"].manifest.srcFile("src/androidMain/AndroidManifest.xml")
+        sourceSets["main"].manifest.srcFile("src/androidMain/AndroidManifest.xml")
 
-    afterEvaluate {
-        tasks.withType<com.android.build.gradle.tasks.factory.AndroidUnitTest>().all {
-            enabled = false
+        afterEvaluate {
+            tasks.withType<com.android.build.gradle.tasks.factory.AndroidUnitTest>().all {
+                enabled = false
+            }
         }
     }
-}
+}

tests/src/androidTest/java/fr/acinq/secp256k1/AndroidTest.kt

@@ -1,7 +0,0 @@
-package fr.acinq.secp256k1
-
-import org.junit.Test
-import kotlin.test.assertEquals
-
-
-class AndroidTest {}

tests/src/commonTest/kotlin/fr/acinq/secp256k1/Secp256k1Test.kt

@@ -3,272 +3,362 @@ package fr.acinq.secp256k1
 import kotlin.random.Random
 import kotlin.test.*
 
-
-/**
- * This class holds test cases defined for testing this library.
- */
 class Secp256k1Test {
-    //TODO improve comments/add more tests
 
     @Test
-    fun testVerifyPos() {
-        var result: Boolean
-        val data: ByteArray = Hex.decode("CF80CD8AED482D5D1527D7DC72FCEFF84E6326592848447D2DC0B0E87DFC9A90".toLowerCase()) //sha256hash of "testing"
-        val sig: ByteArray = Hex.decode("3044022079BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F817980220294F14E883B3F525B5367756C2A11EF6CF84B730B36C17CB0C56F0AAB2C98589".toLowerCase())
-        val pub: ByteArray = Hex.decode("040A629506E1B65CD9D2E0BA9C75DF9C4FED0DB16DC9625ED14397F0AFC836FAE595DC53F8B0EFE61E703075BD9B143BAC75EC0E19F82A2208CAEB32BE53414C40".toLowerCase())
-        result = Secp256k1.verify(sig, data, pub)
-        assertTrue(result, "testVerifyPos")
-        val sigCompact: ByteArray = Hex.decode("79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798294F14E883B3F525B5367756C2A11EF6CF84B730B36C17CB0C56F0AAB2C98589".toLowerCase())
-        result = Secp256k1.verify(sigCompact, data, pub)
-        assertTrue(result, "testVerifyPos")
+    fun verifyValidPrivateKey() {
+        val priv = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".lowercase())
+        assertTrue(Secp256k1.secKeyVerify(priv))
     }
 
     @Test
-    fun testVerifyNeg() {
-        var result: Boolean
-        val data: ByteArray = Hex.decode("CF80CD8AED482D5D1527D7DC72FCEFF84E6326592848447D2DC0B0E87DFC9A91".toLowerCase()) //sha256hash of "testing"
-        val sig: ByteArray = Hex.decode("3044022079BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F817980220294F14E883B3F525B5367756C2A11EF6CF84B730B36C17CB0C56F0AAB2C98589".toLowerCase())
-        val pub: ByteArray = Hex.decode("040A629506E1B65CD9D2E0BA9C75DF9C4FED0DB16DC9625ED14397F0AFC836FAE595DC53F8B0EFE61E703075BD9B143BAC75EC0E19F82A2208CAEB32BE53414C40".toLowerCase())
-        result = Secp256k1.verify(sig, data, pub)
-        assertFalse(result, "testVerifyNeg")
+    fun verifyInvalidPrivateKey() {
+        val invalidSize = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A106353001")
+        assertFalse(Secp256k1.secKeyVerify(invalidSize))
+        val curveOrder = Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141".lowercase())
+        assertFalse(Secp256k1.secKeyVerify(curveOrder))
+        val zero = Hex.decode("0000000000000000000000000000000000000000000000000000000000000000".lowercase())
+        assertFalse(Secp256k1.secKeyVerify(zero))
     }
 
     @Test
-    fun testSecKeyVerifyPos() {
-        var result: Boolean
-        val sec: ByteArray = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".toLowerCase())
-        result = Secp256k1.secKeyVerify(sec)
-        assertTrue(result, "testSecKeyVerifyPos")
-    }
-
-    @Test
-    fun testSecKeyVerifyNeg() {
-        var result: Boolean
-        val sec: ByteArray = Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF".toLowerCase())
-        result = Secp256k1.secKeyVerify(sec)
-        assertFalse(result, "testSecKeyVerifyNeg")
-    }
-
-    @Test
-    fun testPubKeyCreatePos() {
-        val sec: ByteArray = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".toLowerCase())
-        val resultArr: ByteArray = Secp256k1.pubkeyCreate(sec)
-        val pubkeyString: String = Hex.encode(resultArr).toUpperCase()
+    fun createValidPublicKey() {
+        val priv = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".lowercase())
+        val pub = Secp256k1.pubkeyCreate(priv)
         assertEquals(
             "04C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2D2103ED494718C697AC9AEBCFD19612E224DB46661011863ED2FC54E71861E2A6",
-            pubkeyString,
-            "testPubKeyCreatePos"
+            Hex.encode(pub).uppercase(),
         )
     }
 
     @Test
-    fun testPubKeyCreateNeg() {
-        val sec: ByteArray = Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF".toLowerCase())
-        assertFailsWith<Secp256k1Exception> {
-            Secp256k1.pubkeyCreate(sec)
-        }
+    fun createInvalidPublicKey() {
+        assertFailsWith<Secp256k1Exception> { Secp256k1.pubkeyCreate(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000".lowercase())) }
+        assertFailsWith<Secp256k1Exception> { Secp256k1.pubkeyCreate(Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141".lowercase())) }
+        assertFailsWith<Secp256k1Exception> { Secp256k1.pubkeyCreate(Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF".lowercase())) }
     }
 
     @Test
-    fun testPubkeyCompress() {
+    fun compressPublicKey() {
         val pub = Hex.decode("04C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2D2103ED494718C697AC9AEBCFD19612E224DB46661011863ED2FC54E71861E2A6")
         val compressed = Secp256k1.pubKeyCompress(pub)
-        assertEquals("02C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2D", Hex.encode(compressed).toUpperCase())
+        assertEquals("02C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2D", Hex.encode(compressed).uppercase())
     }
 
     @Test
-    fun testPubKeyNegatePos() {
-        val sec: ByteArray = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".toLowerCase())
-        val pubkey: ByteArray = Secp256k1.pubkeyCreate(sec)
-        val pubkeyString: String = Hex.encode(pubkey).toUpperCase()
+    fun negatePublicKey() {
+        val priv = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".lowercase())
+        val pub = Secp256k1.pubkeyCreate(priv)
         assertEquals(
             "04C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2D2103ED494718C697AC9AEBCFD19612E224DB46661011863ED2FC54E71861E2A6",
-            pubkeyString,
-            "testPubKeyCreatePos"
+            Hex.encode(pub).uppercase(),
         )
-        val pubkey1: ByteArray = Secp256k1.pubKeyNegate(pubkey)
-        val pubkeyString1: String = Hex.encode(pubkey1).toUpperCase()
+        assertEquals(
+            "02C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2D",
+            Hex.encode(Secp256k1.pubKeyCompress(pub)).uppercase()
+        )
+        val npub = Secp256k1.pubKeyNegate(pub)
         assertEquals(
             "04C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2DDEFC12B6B8E73968536514302E69ED1DDB24B999EFEE79C12D03AB17E79E1989",
-            pubkeyString1,
-            "testPubKeyNegatePos"
+            Hex.encode(npub).uppercase(),
         )
+        assertEquals(
+            "03C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2D",
+            Hex.encode(Secp256k1.pubKeyCompress(npub)).uppercase()
+        )
+        val nnpub = Secp256k1.pubKeyNegate(npub)
+        assertContentEquals(pub, nnpub)
     }
 
     @Test
-    fun testPubKeyParse() {
-        val pub: ByteArray = Hex.decode("02C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2D".toLowerCase())
-        val resultArr: ByteArray = Secp256k1.pubkeyParse(pub)
-        val pubkeyString: String = Hex.encode(resultArr).toUpperCase()
+    fun parsePublicKey() {
+        val pub = Hex.decode("02C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2D".lowercase())
+        val parsed1 = Secp256k1.pubkeyParse(pub)
         assertEquals(
             "04C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2D2103ED494718C697AC9AEBCFD19612E224DB46661011863ED2FC54E71861E2A6",
-            pubkeyString,
-            "testPubKeyAdd"
+            Hex.encode(parsed1).uppercase(),
         )
+        val parsed2 = Secp256k1.pubkeyParse(parsed1)
+        assertContentEquals(parsed1, parsed2)
     }
 
     @Test
-    fun testPubKeyAdd() {
-        val pub1: ByteArray = Hex.decode("041b84c5567b126440995d3ed5aaba0565d71e1834604819ff9c17f5e9d5dd078f70beaf8f588b541507fed6a642c5ab42dfdf8120a7f639de5122d47a69a8e8d1".toLowerCase())
-        val pub2: ByteArray = Hex.decode("044d4b6cd1361032ca9bd2aeb9d900aa4d45d9ead80ac9423374c451a7254d07662a3eada2d0fe208b6d257ceb0f064284662e857f57b66b54c198bd310ded36d0".toLowerCase())
-        val pub3: ByteArray = Secp256k1.pubKeyAdd(pub1, pub2)
-        val pubkeyString: String = Hex.encode(pub3).toUpperCase()
+    fun parseInvalidPublicKey() {
+        // Not a valid curve point.
+        assertFailsWith<Secp256k1Exception> { Secp256k1.pubkeyParse(Hex.decode("02FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF".lowercase())) }
+        // Invalid first byte.
+        assertFailsWith<Secp256k1Exception> { Secp256k1.pubkeyParse(Hex.decode("02C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2D2103ED494718C697AC9AEBCFD19612E224DB46661011863ED2FC54E71861E2A6".lowercase())) }
+        assertFailsWith<Secp256k1Exception> { Secp256k1.pubkeyParse(Hex.decode("03C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2D2103ED494718C697AC9AEBCFD19612E224DB46661011863ED2FC54E71861E2A6".lowercase())) }
+        assertFailsWith<Secp256k1Exception> { Secp256k1.pubkeyParse(Hex.decode("05C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2D2103ED494718C697AC9AEBCFD19612E224DB46661011863ED2FC54E71861E2A6".lowercase())) }
+        assertFailsWith<Secp256k1Exception> { Secp256k1.pubkeyParse(Hex.decode("01C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2D".lowercase())) }
+        assertFailsWith<Secp256k1Exception> { Secp256k1.pubkeyParse(Hex.decode("04C591A8FF19AC9C4E4E5793673B83123437E975285E7B442F4EE2654DFFCA5E2D".lowercase())) }
+    }
+
+    @Test
+    fun combinePublicKeys() {
+        // Mixture of compressed and uncompressed public keys.
+        val pub1 = Hex.decode("041b84c5567b126440995d3ed5aaba0565d71e1834604819ff9c17f5e9d5dd078f70beaf8f588b541507fed6a642c5ab42dfdf8120a7f639de5122d47a69a8e8d1")
+        val pub2 = Hex.decode("044d4b6cd1361032ca9bd2aeb9d900aa4d45d9ead80ac9423374c451a7254d07662a3eada2d0fe208b6d257ceb0f064284662e857f57b66b54c198bd310ded36d0")
+        val pub3 = Hex.decode("02eec7245d6b7d2ccb30380bfbe2a3648cd7a942653f5aa340edcea1f283686619")
+        val pub4 = Secp256k1.pubKeyCombine(arrayOf(pub1, pub2, pub3))
         assertEquals(
-            "04531FE6068134503D2723133227C867AC8FA6C83C537E9A44C3C5BDBDCB1FE3379E92C265E71E481BA82A84675A47AC705A200FCD524E92D93B0E7386F26A5458",
-            pubkeyString,
-            "testPubKeyAdd"
+            "042C0B7CF95324A07D05398B240174DC0C2BE444D96B159AA6C7F7B1E668680991AE31A9C671A36543F46CEA8FCE6984608AA316AA0472A7EED08847440218CB2F",
+            Hex.encode(pub4).uppercase(),
         )
     }
 
     @Test
-    fun testSignPos() {
-        val data: ByteArray = Hex.decode("CF80CD8AED482D5D1527D7DC72FCEFF84E6326592848447D2DC0B0E87DFC9A90".toLowerCase()) //sha256hash of "testing"
-        val sec: ByteArray = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".toLowerCase())
-        val resultArr: ByteArray = Secp256k1.sign(data, sec)
-        val sigString: String = Hex.encode(resultArr).toUpperCase()
+    fun createEcdsaSignature() {
+        val message = Hex.decode("CF80CD8AED482D5D1527D7DC72FCEFF84E6326592848447D2DC0B0E87DFC9A90".lowercase()) //sha256hash of "testing"
+        val priv = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".lowercase())
+        val sig = Secp256k1.sign(message, priv)
         assertEquals(
             "182A108E1448DC8F1FB467D06A0F3BB8EA0533584CB954EF8DA112F1D60E39A21C66F36DA211C087F3AF88B50EDF4F9BDAA6CF5FD6817E74DCA34DB12390C6E9",
-            sigString,
-            "testSignPos"
+            Hex.encode(sig).uppercase(),
         )
     }
 
     @Test
-    fun testSignatureNormalize() {
-        val data: ByteArray = Hex.decode("30440220182A108E1448DC8F1FB467D06A0F3BB8EA0533584CB954EF8DA112F1D60E39A202201C66F36DA211C087F3AF88B50EDF4F9BDAA6CF5FD6817E74DCA34DB12390C6E9".toLowerCase())
-        val (resultArr, isHighS) = Secp256k1.signatureNormalize(data)
-        val sigString: String = Hex.encode(resultArr).toUpperCase()
+    fun normalizeEcdsaSignature() {
+        val normalizedDerSig = Hex.decode("30440220182A108E1448DC8F1FB467D06A0F3BB8EA0533584CB954EF8DA112F1D60E39A202201C66F36DA211C087F3AF88B50EDF4F9BDAA6CF5FD6817E74DCA34DB12390C6E9".lowercase())
+        val (normalizedCompactSig1, wasNotNormalized1) = Secp256k1.signatureNormalize(normalizedDerSig)
+        assertFalse(wasNotNormalized1)
         assertEquals(
             "182A108E1448DC8F1FB467D06A0F3BB8EA0533584CB954EF8DA112F1D60E39A21C66F36DA211C087F3AF88B50EDF4F9BDAA6CF5FD6817E74DCA34DB12390C6E9",
-            sigString,
-            "testSignPos"
+            Hex.encode(normalizedCompactSig1).uppercase(),
+        )
+        val notNormalizedDerSig = Hex.decode("30450220182A108E1448DC8F1FB467D06A0F3BB8EA0533584CB954EF8DA112F1D60E39A2022100E3990C925DEE3F780C50774AF120B062E0080D86D8C721C6E32F10DBACA57A58".lowercase())
+        val (normalizedCompactSig2, wasNotNormalized2) = Secp256k1.signatureNormalize(notNormalizedDerSig)
+        assertTrue(wasNotNormalized2)
+        assertEquals(
+            "182A108E1448DC8F1FB467D06A0F3BB8EA0533584CB954EF8DA112F1D60E39A21C66F36DA211C087F3AF88B50EDF4F9BDAA6CF5FD6817E74DCA34DB12390C6E9",
+            Hex.encode(normalizedCompactSig2).uppercase(),
+        )
+        val normalizedCompactSig = Hex.decode("182A108E1448DC8F1FB467D06A0F3BB8EA0533584CB954EF8DA112F1D60E39A21C66F36DA211C087F3AF88B50EDF4F9BDAA6CF5FD6817E74DCA34DB12390C6E9".lowercase())
+        val (normalizedCompactSig3, wasNotNormalized3) = Secp256k1.signatureNormalize(normalizedCompactSig)
+        assertFalse(wasNotNormalized3)
+        assertEquals(
+            "182A108E1448DC8F1FB467D06A0F3BB8EA0533584CB954EF8DA112F1D60E39A21C66F36DA211C087F3AF88B50EDF4F9BDAA6CF5FD6817E74DCA34DB12390C6E9",
+            Hex.encode(normalizedCompactSig3).uppercase(),
+        )
+        val notNormalizedCompactSig = Hex.decode("182A108E1448DC8F1FB467D06A0F3BB8EA0533584CB954EF8DA112F1D60E39A2E3990C925DEE3F780C50774AF120B062E0080D86D8C721C6E32F10DBACA57A58".lowercase())
+        val (normalizedCompactSig4, wasNotNormalized4) = Secp256k1.signatureNormalize(notNormalizedCompactSig)
+        assertTrue(wasNotNormalized4)
+        assertEquals(
+            "182A108E1448DC8F1FB467D06A0F3BB8EA0533584CB954EF8DA112F1D60E39A21C66F36DA211C087F3AF88B50EDF4F9BDAA6CF5FD6817E74DCA34DB12390C6E9",
+            Hex.encode(normalizedCompactSig4).uppercase(),
         )
-        assertFalse(isHighS, "isHighS")
     }
 
     @Test
-    fun testSignNeg() {
-        val data: ByteArray = Hex.decode("CF80CD8AED482D5D1527D7DC72FCEFF84E6326592848447D2DC0B0E87DFC9A90".toLowerCase()) //sha256hash of "testing"
-        val sec: ByteArray = Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF".toLowerCase())
+    fun failToCreateEcdsaSignature() {
+        val message = Hex.decode("CF80CD8AED482D5D1527D7DC72FCEFF84E6326592848447D2DC0B0E87DFC9A90".lowercase()) //sha256hash of "testing"
+        val priv = Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF".lowercase())
         assertFailsWith<Secp256k1Exception> {
-            Secp256k1.sign(data, sec)
+            Secp256k1.sign(message, priv)
         }
     }
 
     @Test
-    fun testSignCompactPos() {
-        val data: ByteArray = Hex.decode("CF80CD8AED482D5D1527D7DC72FCEFF84E6326592848447D2DC0B0E87DFC9A90".toLowerCase()) //sha256hash of "testing"
-        val sec: ByteArray = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".toLowerCase())
-        val resultArr: ByteArray = Secp256k1.sign(data, sec)
-        val sigString: String = Hex.encode(resultArr).toUpperCase()
+    fun createCompactEcdsaSignature() {
+        val message = Hex.decode("CF80CD8AED482D5D1527D7DC72FCEFF84E6326592848447D2DC0B0E87DFC9A90".lowercase()) //sha256hash of "testing"
+        val priv = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".lowercase())
+        val sig = Secp256k1.sign(message, priv)
         assertEquals(
             "182A108E1448DC8F1FB467D06A0F3BB8EA0533584CB954EF8DA112F1D60E39A21C66F36DA211C087F3AF88B50EDF4F9BDAA6CF5FD6817E74DCA34DB12390C6E9",
-            sigString,
-            "testSignCompactPos"
+            Hex.encode(sig).uppercase(),
         )
     }
 
     @Test
-    fun testPrivKeyTweakNegate() {
-        val sec: ByteArray = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".toLowerCase())
-        val sec1: ByteArray = Secp256k1.privKeyNegate(sec)
+    fun verifyValidEcdsaSignatures() {
+        val message = Hex.decode("CF80CD8AED482D5D1527D7DC72FCEFF84E6326592848447D2DC0B0E87DFC9A90".lowercase()) //sha256hash of "testing"
+        val sig = Hex.decode("3044022079BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F817980220294F14E883B3F525B5367756C2A11EF6CF84B730B36C17CB0C56F0AAB2C98589".lowercase())
+        val pub = Hex.decode("040A629506E1B65CD9D2E0BA9C75DF9C4FED0DB16DC9625ED14397F0AFC836FAE595DC53F8B0EFE61E703075BD9B143BAC75EC0E19F82A2208CAEB32BE53414C40".lowercase())
+        assertTrue(Secp256k1.verify(sig, message, pub))
+        val sigCompact = Hex.decode("79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798294F14E883B3F525B5367756C2A11EF6CF84B730B36C17CB0C56F0AAB2C98589".lowercase())
+        assertTrue(Secp256k1.verify(sigCompact, message, pub))
+    }
+
+    @Test
+    fun verifyInvalidEcdsaSignatures() {
+        val message = Hex.decode("CF80CD8AED482D5D1527D7DC72FCEFF84E6326592848447D2DC0B0E87DFC9A91".lowercase()) //sha256hash of "testing"
+        val sig = Hex.decode("3044022079BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F817980220294F14E883B3F525B5367756C2A11EF6CF84B730B36C17CB0C56F0AAB2C98589".lowercase())
+        val pub = Hex.decode("040A629506E1B65CD9D2E0BA9C75DF9C4FED0DB16DC9625ED14397F0AFC836FAE595DC53F8B0EFE61E703075BD9B143BAC75EC0E19F82A2208CAEB32BE53414C40".lowercase())
+        assertFalse(Secp256k1.verify(sig, message, pub))
+    }
+
+    @Test
+    fun negatePrivateKey() {
+        val priv = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".lowercase())
+        val npriv = Secp256k1.privKeyNegate(priv)
         assertEquals(
             "981A9A7DD677A622518DA068D66D5F824E5F22F084B8A0E2F195B5662F300C11",
-            Hex.encode(sec1).toUpperCase(),
-            "testPrivKeyNegate"
+            Hex.encode(npriv).uppercase(),
         )
-        val sec2: ByteArray = Secp256k1.privKeyNegate(sec1)
-        assertTrue(sec.contentEquals(sec2))
+        val nnpriv: ByteArray = Secp256k1.privKeyNegate(npriv)
+        assertContentEquals(priv, nnpriv)
     }
 
     @Test
-    fun testPrivKeyTweakAdd_1() {
-        val sec: ByteArray = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".toLowerCase())
-        val data: ByteArray = Hex.decode("3982F19BEF1615BCCFBB05E321C10E1D4CBA3DF0E841C2E41EEB6016347653C3".toLowerCase()) //sha256hash of "tweak"
-        val resultArr: ByteArray = Secp256k1.privKeyTweakAdd(sec, data)
-        val sigString: String = Hex.encode(resultArr).toUpperCase()
+    fun addTweakToPrivateKey() {
+        val priv = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".lowercase())
+        val tweak = Hex.decode("3982F19BEF1615BCCFBB05E321C10E1D4CBA3DF0E841C2E41EEB6016347653C3".lowercase())
+        val tweakedPriv = Secp256k1.privKeyTweakAdd(priv, tweak)
         assertEquals(
             "A168571E189E6F9A7E2D657A4B53AE99B909F7E712D1C23CED28093CD57C88F3",
-            sigString,
-            "testPrivKeyAdd_1"
+            Hex.encode(tweakedPriv).uppercase(),
         )
     }
 
     @Test
-    fun testPrivKeyTweakMul_1() {
-        val sec: ByteArray = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".toLowerCase())
-        val data: ByteArray = Hex.decode("3982F19BEF1615BCCFBB05E321C10E1D4CBA3DF0E841C2E41EEB6016347653C3".toLowerCase()) //sha256hash of "tweak"
-        val resultArr: ByteArray = Secp256k1.privKeyTweakMul(sec, data)
-        val sigString: String = Hex.encode(resultArr).toUpperCase()
+    fun multiplyPrivateKeyWithTweak() {
+        val priv = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".lowercase())
+        val tweak = Hex.decode("3982F19BEF1615BCCFBB05E321C10E1D4CBA3DF0E841C2E41EEB6016347653C3".lowercase())
+        val tweakedPriv = Secp256k1.privKeyTweakMul(priv, tweak)
         assertEquals(
             "97F8184235F101550F3C71C927507651BD3F1CDB4A5A33B8986ACF0DEE20FFFC",
-            sigString,
-            "testPrivKeyMul_1"
+            Hex.encode(tweakedPriv).uppercase(),
         )
     }
 
     @Test
-    fun testPrivKeyTweakAdd_2() {
-        val pub: ByteArray = Hex.decode("040A629506E1B65CD9D2E0BA9C75DF9C4FED0DB16DC9625ED14397F0AFC836FAE595DC53F8B0EFE61E703075BD9B143BAC75EC0E19F82A2208CAEB32BE53414C40".toLowerCase())
-        val data: ByteArray = Hex.decode("3982F19BEF1615BCCFBB05E321C10E1D4CBA3DF0E841C2E41EEB6016347653C3".toLowerCase()) //sha256hash of "tweak"
-        val resultArr: ByteArray = Secp256k1.pubKeyTweakAdd(pub, data)
-        val sigString: String = Hex.encode(resultArr).toUpperCase()
+    fun addTweakToPublicKey() {
+        val pub = Hex.decode("040A629506E1B65CD9D2E0BA9C75DF9C4FED0DB16DC9625ED14397F0AFC836FAE595DC53F8B0EFE61E703075BD9B143BAC75EC0E19F82A2208CAEB32BE53414C40".lowercase())
+        val tweak = Hex.decode("3982F19BEF1615BCCFBB05E321C10E1D4CBA3DF0E841C2E41EEB6016347653C3".lowercase())
+        val tweakedPub = Secp256k1.pubKeyTweakAdd(pub, tweak)
         assertEquals(
             "0411C6790F4B663CCE607BAAE08C43557EDC1A4D11D88DFCB3D841D0C6A941AF525A268E2A863C148555C48FB5FBA368E88718A46E205FABC3DBA2CCFFAB0796EF",
-            sigString,
-            "testPrivKeyAdd_2"
+            Hex.encode(tweakedPub).uppercase(),
         )
     }
 
     @Test
-    fun testPrivKeyTweakMul_2() {
-        val pub: ByteArray = Hex.decode("040A629506E1B65CD9D2E0BA9C75DF9C4FED0DB16DC9625ED14397F0AFC836FAE595DC53F8B0EFE61E703075BD9B143BAC75EC0E19F82A2208CAEB32BE53414C40".toLowerCase())
-        val data: ByteArray = Hex.decode("3982F19BEF1615BCCFBB05E321C10E1D4CBA3DF0E841C2E41EEB6016347653C3".toLowerCase()) //sha256hash of "tweak"
-        val resultArr: ByteArray = Secp256k1.pubKeyTweakMul(pub, data)
-        val sigString: String = Hex.encode(resultArr).toUpperCase()
+    fun multiplyPublicKeyWithTweak() {
+        val pub = Hex.decode("040A629506E1B65CD9D2E0BA9C75DF9C4FED0DB16DC9625ED14397F0AFC836FAE595DC53F8B0EFE61E703075BD9B143BAC75EC0E19F82A2208CAEB32BE53414C40".lowercase())
+        val tweak = Hex.decode("3982F19BEF1615BCCFBB05E321C10E1D4CBA3DF0E841C2E41EEB6016347653C3".lowercase())
+        val tweakedPub = Secp256k1.pubKeyTweakMul(pub, tweak)
         assertEquals(
             "04E0FE6FE55EBCA626B98A807F6CAF654139E14E5E3698F01A9A658E21DC1D2791EC060D4F412A794D5370F672BC94B722640B5F76914151CFCA6E712CA48CC589",
-            sigString,
-            "testPrivKeyMul_2"
+            Hex.encode(tweakedPub).uppercase(),
         )
     }
 
     @Test
-    fun testCreateECDHSecret() {
-        val sec: ByteArray = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".toLowerCase())
-        val pub: ByteArray = Hex.decode("040A629506E1B65CD9D2E0BA9C75DF9C4FED0DB16DC9625ED14397F0AFC836FAE595DC53F8B0EFE61E703075BD9B143BAC75EC0E19F82A2208CAEB32BE53414C40".toLowerCase())
-        val resultArr: ByteArray = Secp256k1.ecdh(sec, pub)
-        val ecdhString: String = Hex.encode(resultArr).toUpperCase()
+    fun createEcdhSecret() {
+        val priv = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".lowercase())
+        val pub = Hex.decode("040A629506E1B65CD9D2E0BA9C75DF9C4FED0DB16DC9625ED14397F0AFC836FAE595DC53F8B0EFE61E703075BD9B143BAC75EC0E19F82A2208CAEB32BE53414C40".lowercase())
+        val secret = Secp256k1.ecdh(priv, pub)
         assertEquals(
             "2A2A67007A926E6594AF3EB564FC74005B37A9C8AEF2033C4552051B5C87F043",
-            ecdhString,
-            "testCreateECDHSecret"
+            Hex.encode(secret).uppercase(),
         )
     }
 
     @Test
-    fun testEcdsaRecover() {
-        val data: ByteArray = Hex.decode("CF80CD8AED482D5D1527D7DC72FCEFF84E6326592848447D2DC0B0E87DFC9A90".toLowerCase()) //sha256hash of "testing"
-        val sec: ByteArray = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".toLowerCase())
-        val pub: ByteArray = Secp256k1.pubkeyCreate(sec)
-        val sig: ByteArray = Secp256k1.sign(data, sec)
-        val pub0: ByteArray = Secp256k1.ecdsaRecover(sig, data, 0)
-        val pub1: ByteArray = Secp256k1.ecdsaRecover(sig, data, 1)
-        assertTrue(pub.contentEquals(pub0) || pub.contentEquals(pub1), "testEcdsaRecover")
+    fun createSymmetricEcdhSecret() {
+        val priv1 = Hex.decode("3580a881ac24eb00530a51235c42bcb65424ba121e2e7d910a70fa531a578d21")
+        val pub1 = Secp256k1.pubkeyCreate(priv1)
+        val priv2 = Hex.decode("f6a353f7a5de654501c3495acde7450293f74d09086c2b7c9a4e524248d0daac")
+        val pub2 = Secp256k1.pubkeyCreate(priv2)
+        val secret1 = Secp256k1.ecdh(priv1, pub2)
+        val secret2 = Secp256k1.ecdh(priv2, pub1)
+        assertContentEquals(secret1, secret2)
     }
 
     @Test
-    fun testCompactToDER() {
-        val sig: ByteArray = Hex.decode("182A108E1448DC8F1FB467D06A0F3BB8EA0533584CB954EF8DA112F1D60E39A21C66F36DA211C087F3AF88B50EDF4F9BDAA6CF5FD6817E74DCA34DB12390C6E9".toLowerCase()) //sha256hash of "testing"
-        val der: ByteArray = Secp256k1.compact2der(sig)
+    fun recoverPublicKeyFromEcdsaSignature() {
+        val message = Hex.decode("CF80CD8AED482D5D1527D7DC72FCEFF84E6326592848447D2DC0B0E87DFC9A90".lowercase()) //sha256hash of "testing"
+        val priv = Hex.decode("67E56582298859DDAE725F972992A07C6C4FB9F62A8FFF58CE3CA926A1063530".lowercase())
+        val pub = Secp256k1.pubkeyCreate(priv)
+        val sig = Secp256k1.sign(message, priv)
+        val pub0 = Secp256k1.ecdsaRecover(sig, message, 0)
+        val pub1 = Secp256k1.ecdsaRecover(sig, message, 1)
+        assertTrue(pub.contentEquals(pub0) || pub.contentEquals(pub1))
+
+        // this is a special case, ecdsaRecover explicitly does not check that recid is valid, which triggers our illegal callback handler
+        assertFailsWith(Secp256k1IllegalCallbackException::class) {
+            Secp256k1.ecdsaRecover(sig, message, 4)
+        }
+    }
+
+    @Test
+    fun convertCompactEcdsaSignatureToDer() {
+        val compact = Hex.decode("182A108E1448DC8F1FB467D06A0F3BB8EA0533584CB954EF8DA112F1D60E39A21C66F36DA211C087F3AF88B50EDF4F9BDAA6CF5FD6817E74DCA34DB12390C6E9".lowercase()) //sha256hash of "testing"
+        val der = Secp256k1.compact2der(compact)
         assertEquals(
             "30440220182A108E1448DC8F1FB467D06A0F3BB8EA0533584CB954EF8DA112F1D60E39A202201C66F36DA211C087F3AF88B50EDF4F9BDAA6CF5FD6817E74DCA34DB12390C6E9",
-            Hex.encode(der).toUpperCase(),
+            Hex.encode(der).uppercase(),
         )
     }
 
     @Test
-    fun testFormatConversion() {
+    fun testSchnorrSignature() {
+        val seckey = Hex.decode("0000000000000000000000000000000000000000000000000000000000000003")
+        val msg = Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")
+        val auxrand32 = Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")
+        val sig = Secp256k1.signSchnorr(msg, seckey, auxrand32)
+        assertEquals(
+            "E907831F80848D1069A5371B402410364BDF1C5F8307B0084C55F1CE2DCA821525F66A4A85EA8B71E482A74F382D2CE5EBEEE8FDB2172F477DF4900D310536C0",
+            Hex.encode(sig).uppercase(),
+        )
+        val pubkey = Secp256k1.pubkeyCreate(seckey).drop(1).take(32).toByteArray()
+        assertEquals(
+            "F9308A019258C31049344F85F89D5229B531C845836F99B08601F113BCE036F9",
+            Hex.encode(pubkey).uppercase()
+        )
+        assertTrue(Secp256k1.verifySchnorr(sig, msg, pubkey))
+    }
+
+    @Test
+    fun testSchnorrTestVectors() {
+        // BIP340 test vectors copied from https://github.com/bitcoin/bips/blob/master/bip-0340/test-vectors.csv
+        val bip340TestVectors = """index,secret key,public key,aux_rand,message,signature,verification result,comment
+0,0000000000000000000000000000000000000000000000000000000000000003,F9308A019258C31049344F85F89D5229B531C845836F99B08601F113BCE036F9,0000000000000000000000000000000000000000000000000000000000000000,0000000000000000000000000000000000000000000000000000000000000000,E907831F80848D1069A5371B402410364BDF1C5F8307B0084C55F1CE2DCA821525F66A4A85EA8B71E482A74F382D2CE5EBEEE8FDB2172F477DF4900D310536C0,TRUE,
+1,B7E151628AED2A6ABF7158809CF4F3C762E7160F38B4DA56A784D9045190CFEF,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,0000000000000000000000000000000000000000000000000000000000000001,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,6896BD60EEAE296DB48A229FF71DFE071BDE413E6D43F917DC8DCF8C78DE33418906D11AC976ABCCB20B091292BFF4EA897EFCB639EA871CFA95F6DE339E4B0A,TRUE,
+2,C90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B14E5C9,DD308AFEC5777E13121FA72B9CC1B7CC0139715309B086C960E18FD969774EB8,C87AA53824B4D7AE2EB035A2B5BBBCCC080E76CDC6D1692C4B0B62D798E6D906,7E2D58D8B3BCDF1ABADEC7829054F90DDA9805AAB56C77333024B9D0A508B75C,5831AAEED7B44BB74E5EAB94BA9D4294C49BCF2A60728D8B4C200F50DD313C1BAB745879A5AD954A72C45A91C3A51D3C7ADEA98D82F8481E0E1E03674A6F3FB7,TRUE,
+3,0B432B2677937381AEF05BB02A66ECD012773062CF3FA2549E44F58ED2401710,25D1DFF95105F5253C4022F628A996AD3A0D95FBF21D468A1B33F8C160D8F517,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF,7EB0509757E246F19449885651611CB965ECC1A187DD51B64FDA1EDC9637D5EC97582B9CB13DB3933705B32BA982AF5AF25FD78881EBB32771FC5922EFC66EA3,TRUE,test fails if msg is reduced modulo p or n
+4,,D69C3509BB99E412E68B0FE8544E72837DFA30746D8BE2AA65975F29D22DC7B9,,4DF3C3F68FCC83B27E9D42C90431A72499F17875C81A599B566C9889B9696703,00000000000000000000003B78CE563F89A0ED9414F5AA28AD0D96D6795F9C6376AFB1548AF603B3EB45C9F8207DEE1060CB71C04E80F593060B07D28308D7F4,TRUE,
+5,,EEFDEA4CDB677750A420FEE807EACF21EB9898AE79B9768766E4FAA04A2D4A34,,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,6CFF5C3BA86C69EA4B7376F31A9BCB4F74C1976089B2D9963DA2E5543E17776969E89B4C5564D00349106B8497785DD7D1D713A8AE82B32FA79D5F7FC407D39B,FALSE,public key not on the curve
+6,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,FFF97BD5755EEEA420453A14355235D382F6472F8568A18B2F057A14602975563CC27944640AC607CD107AE10923D9EF7A73C643E166BE5EBEAFA34B1AC553E2,FALSE,has_even_y(R) is false
+7,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,1FA62E331EDBC21C394792D2AB1100A7B432B013DF3F6FF4F99FCB33E0E1515F28890B3EDB6E7189B630448B515CE4F8622A954CFE545735AAEA5134FCCDB2BD,FALSE,negated message
+8,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,6CFF5C3BA86C69EA4B7376F31A9BCB4F74C1976089B2D9963DA2E5543E177769961764B3AA9B2FFCB6EF947B6887A226E8D7C93E00C5ED0C1834FF0D0C2E6DA6,FALSE,negated s value
+9,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,0000000000000000000000000000000000000000000000000000000000000000123DDA8328AF9C23A94C1FEECFD123BA4FB73476F0D594DCB65C6425BD186051,FALSE,sG - eP is infinite. Test fails in single verification if has_even_y(inf) is defined as true and x(inf) as 0
+10,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,00000000000000000000000000000000000000000000000000000000000000017615FBAF5AE28864013C099742DEADB4DBA87F11AC6754F93780D5A1837CF197,FALSE,sG - eP is infinite. Test fails in single verification if has_even_y(inf) is defined as true and x(inf) as 1
+11,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,4A298DACAE57395A15D0795DDBFD1DCB564DA82B0F269BC70A74F8220429BA1D69E89B4C5564D00349106B8497785DD7D1D713A8AE82B32FA79D5F7FC407D39B,FALSE,sig[0:32] is not an X coordinate on the curve
+12,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F69E89B4C5564D00349106B8497785DD7D1D713A8AE82B32FA79D5F7FC407D39B,FALSE,sig[0:32] is equal to field size
+13,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,6CFF5C3BA86C69EA4B7376F31A9BCB4F74C1976089B2D9963DA2E5543E177769FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141,FALSE,sig[32:64] is equal to curve order
+14,,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC30,,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,6CFF5C3BA86C69EA4B7376F31A9BCB4F74C1976089B2D9963DA2E5543E17776969E89B4C5564D00349106B8497785DD7D1D713A8AE82B32FA79D5F7FC407D39B,FALSE,public key is not a valid X coordinate because it exceeds the field size"""
+
+        bip340TestVectors.split('\n').drop(1).forEach {
+            val testData = it.split(',')
+            val index = testData[0]
+            val seckey = Hex.decode(testData[1])
+            val pubkey = Hex.decode(testData[2])
+            val auxrand = if (testData[3].isEmpty()) null else Hex.decode(testData[3])
+            val msg = Hex.decode(testData[4])
+            val sig = testData[5]
+            val expected = when (testData[6]) {
+                "FALSE" -> false
+                else -> true
+            }
+            val comment = testData[7]
+
+            if (seckey.isNotEmpty()) {
+                val ourSig = Secp256k1.signSchnorr(msg, seckey, auxrand)
+                assertEquals(Hex.encode(ourSig).uppercase(), sig)
+            }
+            val result = try {
+                Secp256k1.verifySchnorr(Hex.decode(sig), msg, pubkey)
+            } catch (t: Throwable) {
+                false
+            }
+            assertEquals(expected, result, "test [$index, $comment] failed")
+        }
+    }
+
+    @Test
+    fun fuzzEcdsaSignVerify() {
         val random = Random.Default
 
         fun randomBytes(length: Int): ByteArray {
@@ -279,11 +369,13 @@ class Secp256k1Test {
 
         repeat(200) {
             val priv = randomBytes(32)
+            assertTrue(Secp256k1.secKeyVerify(priv))
             val pub = Secp256k1.pubkeyCreate(priv)
-            val data = randomBytes(32)
-            val sig = Secp256k1.sign(data, priv)
+            val message = randomBytes(32)
+            val sig = Secp256k1.sign(message, priv)
+            assertTrue(Secp256k1.verify(sig, message, pub))
             val der = Secp256k1.compact2der(sig)
-            Secp256k1.verify(der, data, pub)
+            assertTrue(Secp256k1.verify(der, message, pub))
         }
     }
 }