Use local secp256k1 callbacks in kotlin native code

These callbacks are only triggered either by arguments do not match explicit rquirements of the sepc256k1 library, or by hardware failures, memory corruption
or bug in secp256k1, and not by misuse of the library.
In theory we do not need to implement them, except to find bugs in our own code, but the default callbacks print a message to stderr and call abort() which
is not nice especially on mobile apps.

=> Here we introduce 2 specific exceptions, Secp256k1ErrorCallbackException and Secp256k1IllegalCallbackException, which are thrown when the error callback or illegal callback are called.

.github/workflows/release.yml

@@ -33,7 +33,7 @@ jobs:
         shell: bash
         run: |
           echo "ANDROID_HOME=$ANDROID_HOME" >> $GITHUB_ENV
-          echo "ANDROID_NDK_VERSION=21.4.7075529" >> $GITHUB_ENV
+          echo "ANDROID_NDK_VERSION=25.2.9519653" >> $GITHUB_ENV
       - name: Cached Android NDK
         if: matrix.os != 'windows-latest'
         uses: actions/cache@v2
@@ -96,10 +96,9 @@ jobs:
         uses: reactivecircus/android-emulator-runner@v2
         with:
           api-level: 27
-          emulator-build: 7425822  # workaround to emulator bug: https://github.com/ReactiveCircus/android-emulator-runner/issues/160
           emulator-options: -no-snapshot-save -no-window -gpu swiftshader_indirect -noaudio -no-boot-anim -camera-back none
           ndk: ${{ env.ANDROID_NDK_VERSION }}
-          cmake: 3.10.2.4988404
+          cmake: 3.22.1
           script: ./gradlew connectedCheck
       - name: Publish Linux
         if: matrix.os == 'ubuntu-latest'

.github/workflows/snapshot.yml

@@ -42,7 +42,7 @@ jobs:
         shell: bash
         run: |
           echo "ANDROID_HOME=$ANDROID_HOME" >> $GITHUB_ENV
-          echo "ANDROID_NDK_VERSION=21.4.7075529" >> $GITHUB_ENV
+          echo "ANDROID_NDK_VERSION=25.2.9519653" >> $GITHUB_ENV
       - name: Cached Android NDK
         if: matrix.os != 'windows-latest'
         uses: actions/cache@v2
@@ -105,10 +105,9 @@ jobs:
         uses: reactivecircus/android-emulator-runner@v2
         with:
           api-level: 27
-          -build: 7425822  # workaround to emulator bug: https://github.com/ReactiveCircus/android-emulator-runner/issues/160
           emulator-options: -no-snapshot-save -no-window -gpu swiftshader_indirect -noaudio -no-boot-anim -camera-back none
           ndk: ${{ env.ANDROID_NDK_VERSION }}
-          cmake: 3.10.2.4988404
+          cmake: 3.22.1
           script: ./gradlew connectedCheck
       - name: Publish Linux
         if: matrix.os == 'ubuntu-latest'

.github/workflows/test.yml

@@ -48,7 +48,7 @@ jobs:
         shell: bash
         run: |
           echo "ANDROID_HOME=$ANDROID_HOME" >> $GITHUB_ENV
-          echo "ANDROID_NDK_VERSION=21.4.7075529" >> $GITHUB_ENV
+          echo "ANDROID_NDK_VERSION=25.2.9519653" >> $GITHUB_ENV
       - name: Cached Android NDK
         if: matrix.os != 'windows-latest'
         uses: actions/cache@v2
@@ -111,8 +111,7 @@ jobs:
         uses: reactivecircus/android-emulator-runner@v2
         with:
           api-level: 27
-          emulator-build: 7425822  # workaround to emulator bug: https://github.com/ReactiveCircus/android-emulator-runner/issues/160
           emulator-options: -no-snapshot-save -no-window -gpu swiftshader_indirect -noaudio -no-boot-anim -camera-back none
           ndk: ${{ env.ANDROID_NDK_VERSION }}
-          cmake: 3.10.2.4988404
+          cmake: 3.22.1
           script: ./gradlew connectedCheck

README.md

@@ -1,4 +1,4 @@
-[![Kotlin](https://img.shields.io/badge/Kotlin-1.5.31-blue.svg?style=flat&logo=kotlin)](http://kotlinlang.org)
+[![Kotlin](https://img.shields.io/badge/Kotlin-1.8.21-blue.svg?style=flat&logo=kotlin)](http://kotlinlang.org)
 [![Maven Central](https://img.shields.io/maven-central/v/fr.acinq.secp256k1/secp256k1-kmp)](https://search.maven.org/search?q=g:fr.acinq.secp256k1%20a:secp256k1-kmp*)
 ![Github Actions](https://github.com/ACINQ/secp256k1-kmp/actions/workflows/test.yml/badge.svg)
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://github.com/ACINQ/secp256k1-kmp/blob/master/LICENSE)
@@ -30,19 +30,19 @@ kotlin {
         val commonMain by getting {
             dependencies {
                 implementation(kotlin("stdlib-common"))
-                implementation(kotlin("fr.acinq.secp256k1:secp256k1:$secp256k1_version"))
+                implementation("fr.acinq.secp256k1:secp256k1-kmp:$secp256k1_version")
             }
         }
         val jvmMain by getting {
             dependencies {
                 implementation(kotlin("stdlib"))
-                implementation(kotlin("fr.acinq.secp256k1:secp256k1-jni-jvm:$secp256k1_version"))
+                implementation("fr.acinq.secp256k1:secp256k1-kmp-jni-jvm:$secp256k1_version")
             }
         }
         val androidMain by getting {
             dependencies {
                 implementation(kotlin("stdlib"))
-                implementation(kotlin("fr.acinq.secp256k1:secp256k1-jni-android:$secp256k1_version"))
+                implementation("fr.acinq.secp256k1:secp256k1-kmp-jni-android:$secp256k1_version")
             }
         }
     }
@@ -58,22 +58,22 @@ Native targets include libsecp256k1, called through KMP's c-interop, simply add
 The JVM library uses JNI bindings for libsecp256k1, which is much faster than BouncyCastle. It will extract and load native bindings for your operating system in a temporary directory.
 
 JNI libraries are included for:
-- Linux 64 bits
-- Windows 64 bits
-- Macos 64 bits
+- Linux 64 bits (x86_64 and arm64)
+- Windows 64 bits (x86_64)
+- Macos 64 bits (x86_64 and arm64)
 
 Along this library, you **must** specify which JNI native library to use in your dependency manager:
 
 * **For desktop or server JVMs**, you must add the dependency:
-  * Either the `fr.acinq.secp256k1:secp256k1-jni-jvm` dependency which imports all supported platforms.
+  * Either the `fr.acinq.secp256k1:secp256k1-kmp-jni-jvm` dependency which imports all supported platforms.
   * Or the platform specific dependencies (note that you can add multiple as they do not conflict):
-    * `fr.acinq.secp256k1:secp256k1-jni-jvm-linux` for Linux
-    * `fr.acinq.secp256k1:secp256k1-jni-jvm-darwin` for Mac OS X
-    * `fr.acinq.secp256k1:secp256k1-jni-jvm-mingw` for Windows
-* **For Android**, you must add the `fr.acinq.secp256k1:secp256k1-jni-android` dependency
+    * `fr.acinq.secp256k1:secp256k1-kmp-jni-jvm-linux` for Linux
+    * `fr.acinq.secp256k1:secp256k1-kmp-jni-jvm-darwin` for Mac OS X
+    * `fr.acinq.secp256k1:secp256k1-kmp-jni-jvm-mingw` for Windows
+* **For Android**, you must add the `fr.acinq.secp256k1:secp256k1-kmp-jni-android` dependency
 
 If you are using the JVM on an OS for which we don't provide JNI bindings (32 bits OS for example), you can use your own library native library by
-adding the `fr.acinq.secp256k1:secp256k1-jni-jvm` dependency and specifying its path with `-Dfr.acinq.secp256k1.lib.path` and optionally its name with `-Dfr.acinq.secp256k1.lib.name`
+adding the `fr.acinq.secp256k1:secp256k1-kmp-jni-jvm` dependency and specifying its path with `-Dfr.acinq.secp256k1.lib.path` and optionally its name with `-Dfr.acinq.secp256k1.lib.name`
 (if unspecified bitcoink use the standard name for your OS i.e. libsecp256k1.so on Linux, secp256k1.dll on Windows, ...).
 
 To compile your own JNI bindings, have a look add the `native/build.sh` and `jni/build.sh` scripts.
@@ -138,4 +138,4 @@ To extend this library and support methods that have been added to specific vers
 
 You may also need to modify build files if you need to compile [secp256k1](https://github.com/bitcoin-core/secp256k1) with custom options
 
-We use [secp256k1](https://github.com/bitcoin-core/secp256k1) through git submodules so you may also need to change what they point to
+We use [secp256k1](https://github.com/bitcoin-core/secp256k1) through git submodules so you may also need to change what they point to

build.gradle.kts

@@ -3,8 +3,8 @@ import org.jetbrains.kotlin.gradle.plugin.mpp.KotlinNativeTarget
 import org.jetbrains.dokka.Platform
 
 plugins {
-    kotlin("multiplatform") version "1.5.31"
-    id("org.jetbrains.dokka") version "1.5.30"
+    kotlin("multiplatform") version "1.8.21"
+    id("org.jetbrains.dokka") version "1.8.10"
     `maven-publish`
 }
 
@@ -15,14 +15,14 @@ buildscript {
     }
 
     dependencies {
-        classpath("com.android.tools.build:gradle:4.0.2")
-        classpath("org.jetbrains.dokka:dokka-gradle-plugin:1.5.30")
+        classpath("com.android.tools.build:gradle:7.3.1")
+        classpath("org.jetbrains.dokka:dokka-gradle-plugin:1.8.10")
     }
 }
 
 allprojects {
     group = "fr.acinq.secp256k1"
-    version = "0.6.4"
+    version = "0.12.0-SNAPSHOT"
 
     repositories {
         google()
@@ -69,7 +69,7 @@ kotlin {
     }
 
     sourceSets.all {
-        languageSettings.useExperimentalAnnotation("kotlin.RequiresOptIn")
+        languageSettings.optIn("kotlin.RequiresOptIn")
     }
 }
 
@@ -157,6 +157,7 @@ allprojects {
                             Platform.js -> "js"
                             Platform.native -> "native"
                             Platform.common -> "common"
+                            Platform.wasm -> "wasm"
                         }
                         displayName.set(platformName)
 

gradle.properties

@@ -4,14 +4,8 @@ org.gradle.parallel = true
 
 # kotlin
 kotlin.code.style = official
-kotlin.incremental.multiplatform = true
-kotlin.parallel.tasks.in.project = true
-#kotlin.mpp.enableGranularSourceSetsMetadata = true
-kotlin.native.enableDependencyPropagation = false
 kotlin.native.ignoreDisabledTargets = true
-
-# https://github.com/gradle/gradle/issues/11412
-systemProp.org.gradle.internal.publish.checksums.insecure = true
+kotlin.mpp.enableCInteropCommonization=true
 
 # Android
 android.useAndroidX = true

gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.8.3-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-7.5.1-bin.zip
+distributionSha256Sum=f6b8596b10cce501591e92f229816aa4046424f3b24d771751b06779d58c8ec4
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

gradlew

@@ -82,6 +82,7 @@ esac
 
 CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
 
+
 # Determine the Java command to use to start the JVM.
 if [ -n "$JAVA_HOME" ] ; then
     if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
@@ -129,6 +130,7 @@ fi
 if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then
     APP_HOME=`cygpath --path --mixed "$APP_HOME"`
     CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
+
     JAVACMD=`cygpath --unix "$JAVACMD"`
 
     # We build the pattern for arguments to be converted via cygpath

gradlew.bat

@@ -1,103 +1,89 @@
-@rem
-@rem Copyright 2015 the original author or authors.
-@rem
-@rem Licensed under the Apache License, Version 2.0 (the "License");
-@rem you may not use this file except in compliance with the License.
-@rem You may obtain a copy of the License at
-@rem
-@rem      https://www.apache.org/licenses/LICENSE-2.0
-@rem
-@rem Unless required by applicable law or agreed to in writing, software
-@rem distributed under the License is distributed on an "AS IS" BASIS,
-@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-@rem See the License for the specific language governing permissions and
-@rem limitations under the License.
-@rem
-
-@if "%DEBUG%" == "" @echo off
-@rem ##########################################################################
-@rem
-@rem  Gradle startup script for Windows
-@rem
-@rem ##########################################################################
-
-@rem Set local scope for the variables with windows NT shell
-if "%OS%"=="Windows_NT" setlocal
-
-set DIRNAME=%~dp0
-if "%DIRNAME%" == "" set DIRNAME=.
-set APP_BASE_NAME=%~n0
-set APP_HOME=%DIRNAME%
-
-@rem Resolve any "." and ".." in APP_HOME to make it shorter.
-for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
-
-@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
-
-@rem Find java.exe
-if defined JAVA_HOME goto findJavaFromJavaHome
-
-set JAVA_EXE=java.exe
-%JAVA_EXE% -version >NUL 2>&1
-if "%ERRORLEVEL%" == "0" goto init
-
-echo.
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
-
-goto fail
-
-:findJavaFromJavaHome
-set JAVA_HOME=%JAVA_HOME:"=%
-set JAVA_EXE=%JAVA_HOME%/bin/java.exe
-
-if exist "%JAVA_EXE%" goto init
-
-echo.
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
-
-goto fail
-
-:init
-@rem Get command-line arguments, handling Windows variants
-
-if not "%OS%" == "Windows_NT" goto win9xME_args
-
-:win9xME_args
-@rem Slurp the command line arguments.
-set CMD_LINE_ARGS=
-set _SKIP=2
-
-:win9xME_args_slurp
-if "x%~1" == "x" goto execute
-
-set CMD_LINE_ARGS=%*
-
-:execute
-@rem Setup the command line
-
-set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
-
-@rem Execute Gradle
-"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
-
-:end
-@rem End local scope for the variables with windows NT shell
-if "%ERRORLEVEL%"=="0" goto mainEnd
-
-:fail
-rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
-rem the _cmd.exe /c_ return code!
-if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
-exit /b 1
-
-:mainEnd
-if "%OS%"=="Windows_NT" endlocal
-
-:omega
+@rem
+@rem Copyright 2015 the original author or authors.
+@rem
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem      https://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+@rem
+
+@if "%DEBUG%" == "" @echo off
+@rem ##########################################################################
+@rem
+@rem  Gradle startup script for Windows
+@rem
+@rem ##########################################################################
+
+@rem Set local scope for the variables with windows NT shell
+if "%OS%"=="Windows_NT" setlocal
+
+set DIRNAME=%~dp0
+if "%DIRNAME%" == "" set DIRNAME=.
+set APP_BASE_NAME=%~n0
+set APP_HOME=%DIRNAME%
+
+@rem Resolve any "." and ".." in APP_HOME to make it shorter.
+for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
+
+@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
+
+@rem Find java.exe
+if defined JAVA_HOME goto findJavaFromJavaHome
+
+set JAVA_EXE=java.exe
+%JAVA_EXE% -version >NUL 2>&1
+if "%ERRORLEVEL%" == "0" goto execute
+
+echo.
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:findJavaFromJavaHome
+set JAVA_HOME=%JAVA_HOME:"=%
+set JAVA_EXE=%JAVA_HOME%/bin/java.exe
+
+if exist "%JAVA_EXE%" goto execute
+
+echo.
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:execute
+@rem Setup the command line
+
+set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
+
+
+@rem Execute Gradle
+"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
+
+:end
+@rem End local scope for the variables with windows NT shell
+if "%ERRORLEVEL%"=="0" goto mainEnd
+
+:fail
+rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
+rem the _cmd.exe /c_ return code!
+if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
+exit /b 1
+
+:mainEnd
+if "%OS%"=="Windows_NT" endlocal
+
+:omega

jni/android/build.gradle.kts

@@ -1,5 +1,3 @@
-import org.jetbrains.dokka.Platform
-
 plugins {
     id("com.android.library")
     kotlin("android")
@@ -17,12 +15,9 @@ dependencies {
 
 android {
     defaultConfig {
-        compileSdkVersion(30)
-        minSdkVersion(21)
+        compileSdk = 33
+        minSdk = 21
         testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
-        externalNativeBuild {
-            cmake {}
-        }
     }
 
     compileOptions {
@@ -32,10 +27,12 @@ android {
 
     externalNativeBuild {
         cmake {
-            setPath("src/main/CMakeLists.txt")
+            version = "3.22.1"
+            path("src/main/CMakeLists.txt")
         }
     }
-    ndkVersion = "21.4.7075529"
+
+    ndkVersion = "25.2.9519653"
 
     afterEvaluate {
         tasks.withType<com.android.build.gradle.tasks.factory.AndroidUnitTest>().all {
@@ -45,8 +42,8 @@ android {
 }
 
 afterEvaluate {
-    configure(listOf("Debug", "Release").map { tasks["externalNativeBuild$it"] }) {
-        dependsOn(":native:buildSecp256k1Android")
+    tasks.filter { it.name.startsWith("configureCMake") }.forEach {
+        it.dependsOn(":native:buildSecp256k1Android")
     }
 }
 

jni/android/src/main/CMakeLists.txt

@@ -1,5 +1,7 @@
 cmake_minimum_required(VERSION 3.10.0)
 
+project(secp256k1jni)
+
 add_library( secp256k1-jni SHARED
     ${CMAKE_CURRENT_LIST_DIR}/../../../c/src/fr_acinq_secp256k1_Secp256k1CFunctions.c
 )

jni/build.gradle.kts

@@ -1,5 +1,3 @@
-import org.jetbrains.dokka.Platform
-
 plugins {
     kotlin("jvm")
     id("org.jetbrains.dokka")
@@ -22,7 +20,7 @@ dependencies {
 val generateHeaders by tasks.creating(JavaCompile::class) {
     group = "build"
     classpath = sourceSets["main"].compileClasspath
-    destinationDir = file("${buildDir}/generated/jni")
+    destinationDirectory.set(file("${buildDir}/generated/jni"))
     source = sourceSets["main"].java
     options.compilerArgs = listOf(
         "-h", file("${buildDir}/generated/jni").absolutePath,

jni/jvm/darwin/build.gradle.kts

@@ -12,8 +12,12 @@ dependencies {
 val copyJni by tasks.creating(Sync::class) {
     onlyIf { org.gradle.internal.os.OperatingSystem.current().isMacOsX }
     dependsOn(":jni:jvm:buildNativeHost")
+    val arch = when (System.getProperty("os.arch")) {
+        "aarch64" -> "aarch64"
+        else -> "x86_64"
+    }
     from(rootDir.resolve("jni/jvm/build/darwin/libsecp256k1-jni.dylib"))
-    into(buildDir.resolve("jniResources/fr/acinq/secp256k1/jni/native/darwin-x86_64"))
+    into(buildDir.resolve("jniResources/fr/acinq/secp256k1/jni/native/darwin-$arch"))
 }
 
 (tasks["processResources"] as ProcessResources).apply {

jni/src/main/java/fr/acinq/secp256k1/Secp256k1CFunctions.java

@@ -5,29 +5,29 @@ public class Secp256k1CFunctions {
      * All flags' lower 8 bits indicate what they're for. Do not use directly.
      */
     public static int SECP256K1_FLAGS_TYPE_MASK = ((1 << 8) - 1);
-    public static int SECP256K1_FLAGS_TYPE_CONTEXT = (1 << 0);
-    public static int SECP256K1_FLAGS_TYPE_COMPRESSION = (1 << 1);
+    public static final int SECP256K1_FLAGS_TYPE_CONTEXT = (1 << 0);
+    public static final int SECP256K1_FLAGS_TYPE_COMPRESSION = (1 << 1);
 
     /**
      * The higher bits contain the actual data. Do not use directly.
      */
-    public static int SECP256K1_FLAGS_BIT_CONTEXT_VERIFY = (1 << 8);
-    public static int SECP256K1_FLAGS_BIT_CONTEXT_SIGN = (1 << 9);
-    public static int SECP256K1_FLAGS_BIT_COMPRESSION = (1 << 8);
+    public static final int SECP256K1_FLAGS_BIT_CONTEXT_VERIFY = (1 << 8);
+    public static final int SECP256K1_FLAGS_BIT_CONTEXT_SIGN = (1 << 9);
+    public static final int SECP256K1_FLAGS_BIT_COMPRESSION = (1 << 8);
 
     /**
      * Flags to pass to secp256k1_context_create, secp256k1_context_preallocated_size, and
      * secp256k1_context_preallocated_create.
      */
-    public static int SECP256K1_CONTEXT_VERIFY = (SECP256K1_FLAGS_TYPE_CONTEXT | SECP256K1_FLAGS_BIT_CONTEXT_VERIFY);
-    public static int SECP256K1_CONTEXT_SIGN = (SECP256K1_FLAGS_TYPE_CONTEXT | SECP256K1_FLAGS_BIT_CONTEXT_SIGN);
-    public static int SECP256K1_CONTEXT_NONE = (SECP256K1_FLAGS_TYPE_CONTEXT);
+    public static final int SECP256K1_CONTEXT_VERIFY = (SECP256K1_FLAGS_TYPE_CONTEXT | SECP256K1_FLAGS_BIT_CONTEXT_VERIFY);
+    public static final int SECP256K1_CONTEXT_SIGN = (SECP256K1_FLAGS_TYPE_CONTEXT | SECP256K1_FLAGS_BIT_CONTEXT_SIGN);
+    public static final int SECP256K1_CONTEXT_NONE = (SECP256K1_FLAGS_TYPE_CONTEXT);
 
     /**
      * Flag to pass to secp256k1_ec_pubkey_serialize.
      */
-    public static int SECP256K1_EC_COMPRESSED = (SECP256K1_FLAGS_TYPE_COMPRESSION | SECP256K1_FLAGS_BIT_COMPRESSION);
-    public static int SECP256K1_EC_UNCOMPRESSED = (SECP256K1_FLAGS_TYPE_COMPRESSION);
+    public static final int SECP256K1_EC_COMPRESSED = (SECP256K1_FLAGS_TYPE_COMPRESSION | SECP256K1_FLAGS_BIT_COMPRESSION);
+    public static final int SECP256K1_EC_UNCOMPRESSED = (SECP256K1_FLAGS_TYPE_COMPRESSION);
 
     public static native long secp256k1_context_create(int flags);
 

native/build-android.sh

@@ -19,18 +19,16 @@ else
 fi
 
 TARGET=$SYS-linux-android
-TOOLTARGET=$TARGET
 if [ "$SYS" == "armv7a" ]; then
   TARGET=armv7a-linux-androideabi
-  TOOLTARGET=arm-linux-androideabi
 fi
 
 export CC=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/${TARGET}21-clang
-export LD=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/$TOOLTARGET-ld
-export AR=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/$TOOLTARGET-ar
-export AS=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/$TOOLTARGET-as
-export RANLIB=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/$TOOLTARGET-ranlib
-export STRIP=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/$TOOLTARGET-strip
+export LD=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/ld
+export AR=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/llvm-ar
+export AS=$CC
+export RANLIB=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/llvm-ranlib
+export STRIP=$ANDROID_NDK/toolchains/llvm/prebuilt/$TOOLCHAIN/bin/llvm-strip
 
 cd secp256k1
 

native/build.sh

@@ -16,7 +16,7 @@ if [ "$TARGET" == "mingw" ]; then
 elif [ "$TARGET" == "linux" ]; then
   CONF_OPTS="CFLAGS=-fPIC"
 elif [ "$TARGET" == "darwin" ]; then
-  CONF_OPTS="--host=x86_64-w64-darwin"
+  CONF_OPTS=""
 else
   echo "Unknown TARGET=$TARGET"
   exit 1

publishing/PUBLISHING.md

@@ -27,7 +27,9 @@ You must edit `secp256k1-kmp-staging-upload.sh` and add your sonatype credential
 ## Adding custom JNI bindings
 
 Github CI currently generates JNI bindings for Windows x64, Linux x64 and iOS x64. But it is possible to add custom bindings to JNI packages before 
-they are published to maven central. This is how we add linux arm64 bindings:
+they are published to maven central. 
+
+This is how we add linux arm64 bindings:
 - compile JNI bindings for Linux Arm64 (on a Linux Arm64 machine, cross-compilation is not supported)
   - git clone --recursive https://github.com/ACINQ/secp256k1-kmp.git
   - cd secp256k1-kmp 
@@ -37,6 +39,19 @@ they are published to maven central. This is how we add linux arm64 bindings:
   - JNI library is: jni/jvm/build/linux/libsecp256k1-jni.so
 - copy libsecp256k1-jni.so to fr/acinq/secp256k1/jni/native/linux-aarch64/libsecp256k1-jni.so
 - run `secp256k1-kmp-add-linuxarm64.sh` and specify either `release` or `snapshot` and the `VERSION` environment variable, for example:
-  - VERSION=0.6.4-SNAPSHOT ./secp256k1-kmp-add-linuxarm64.sh snapshot
-  - VERSION=0.6.3 ./secp256k1-kmp-add-linuxarm64.sh release
+  - VERSION=0.9.0-SNAPSHOT ./secp256k1-kmp-add-linuxarm64.sh snapshot
+  - VERSION=0.9.0 ./secp256k1-kmp-add-linuxarm64.sh release
+
+This is how we add macos arm64 (M1/M2) bindings:
+- compile JNI bindings for macos Arm64 (on a macos Arm64 machine, cross-compilation is not supported)
+  - git clone --recursive https://github.com/ACINQ/secp256k1-kmp.git
+  - cd secp256k1-kmp
+  - TARGET=darwin ./native/build.sh
+  - mkdir -p jni/jvm/build/darwin
+  - TARGET=darwin ./jni/jvm/build.sh
+  - JNI library is: jni/jvm/build/darwin/libsecp256k1-jni.dylib
+- copy libsecp256k1-jni.dylib to fr/acinq/secp256k1/jni/native/darwin-aarch64/libsecp256k1-jni.dylib
+- run `secp256k1-kmp-add-darwinaarch64.sh` and specify either `release` or `snapshot` and the `VERSION` environment variable, for example:
+  - VERSION=0.9.0-SNAPSHOT ./secp256k1-kmp-add-darwinaarch64.sh snapshot
+  - VERSION=0.9.0 ./secp256k1-kmp-add-darwinaarch64.sh release
 

publishing/secp256k1-kmp-add-darwinaarch64.sh

@@ -0,0 +1,17 @@
+#!/bin/bash -x
+
+if [ $# -eq 0 ]
+  then
+    echo "specify either snapshot or release"
+    exit 1
+fi
+
+# add aarch64 (ARM64) library to the darwin jar
+if [ -e fr/acinq/secp256k1/jni/native/darwin-aarch64/libsecp256k1-jni.dylib ]
+then
+    jar -uf $1/fr/acinq/secp256k1/secp256k1-kmp-jni-jvm-darwin/$VERSION/secp256k1-kmp-jni-jvm-darwin-$VERSION.jar fr || exit
+else
+    libsecp256k1-jni.dylib for arch64 is missing
+    exit 1
+fi
+

publishing/secp256k1-kmp-snapshot-deploy.sh

@@ -2,52 +2,64 @@
 
 GROUP_ID=fr.acinq.secp256k1
 ARTIFACT_ID_BASE=secp256k1-kmp
-VERSION=0.6.3-SNAPSHOT
+
+if [[ -z "${VERSION}" ]]; then
+  echo "VERSION is not defined"
+  exit 1
+fi
 
 cd snapshot
 pushd .
 cd fr/acinq/secp256k1/secp256k1-kmp/$VERSION
 mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/content/repositories/snapshots/ \
-    -DpomFile=$ARTIFACT_ID_BASE-$VERSION.pom \
-    -Dfile=$ARTIFACT_ID_BASE-$VERSION.jar \
-    -Dfiles=$ARTIFACT_ID_BASE-$VERSION.module,$ARTIFACT_ID_BASE-$VERSION-kotlin-tooling-metadata.json \
-    -Dtypes=module,json \
-    -Dclassifiers=,kotlin-tooling-metadata \
-    -Dsources=$ARTIFACT_ID_BASE-$VERSION-sources.jar \
-    -Djavadoc=$ARTIFACT_ID_BASE-$VERSION-javadoc.jar
+  -DpomFile=$ARTIFACT_ID_BASE-$VERSION.pom \
+  -Dfile=$ARTIFACT_ID_BASE-$VERSION.jar \
+  -Dfiles=$ARTIFACT_ID_BASE-$VERSION.module,$ARTIFACT_ID_BASE-$VERSION-kotlin-tooling-metadata.json \
+  -Dtypes=module,json \
+  -Dclassifiers=,kotlin-tooling-metadata \
+  -Dsources=$ARTIFACT_ID_BASE-$VERSION-sources.jar \
+  -Djavadoc=$ARTIFACT_ID_BASE-$VERSION-javadoc.jar
 popd
 pushd .
-for i in iosarm64 iosx64 jni-android jni-common jni-jvm-darwin jni-jvm-extract jni-jvm-linux jni-jvm-mingw jni-jvm jvm linux
-do
-    cd fr/acinq/secp256k1/secp256k1-kmp-$i/$VERSION
-    if [ $i == iosarm64 ] || [ $i == iosx64 ] || [ $i == linux ]; then
-        mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/content/repositories/snapshots/ \
-        -DpomFile=$ARTIFACT_ID_BASE-$i-$VERSION.pom \
-        -Dfile=$ARTIFACT_ID_BASE-$i-$VERSION.klib \
-    	-Dfiles=$ARTIFACT_ID_BASE-$i-$VERSION.module,$ARTIFACT_ID_BASE-$i-$VERSION-cinterop-libsecp256k1.klib  \
-    	-Dtypes=module,klib \
-    	-Dclassifiers=,cinterop-libsecp256k1 \
-        -Dsources=$ARTIFACT_ID_BASE-$i-$VERSION-sources.jar \
-        -Djavadoc=$ARTIFACT_ID_BASE-$i-$VERSION-javadoc.jar
-    elif [ $i == jni-android ]; then
-        mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/content/repositories/snapshots/ \
-        -DpomFile=$ARTIFACT_ID_BASE-$i-$VERSION.pom \
-        -Dfile=$ARTIFACT_ID_BASE-$i-$VERSION.aar \
-    	-Dfiles=$ARTIFACT_ID_BASE-$i-$VERSION.module \
-    	-Dtypes=module \
-        -Dclassifiers= \
-    	-Dsources=$ARTIFACT_ID_BASE-$i-$VERSION-sources.jar \
-        -Djavadoc=$ARTIFACT_ID_BASE-$i-$VERSION-javadoc.jar
-    else
-        mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/content/repositories/snapshots/ \
-        -DpomFile=$ARTIFACT_ID_BASE-$i-$VERSION.pom \
-        -Dfile=$ARTIFACT_ID_BASE-$i-$VERSION.jar \
-    	-Dfiles=$ARTIFACT_ID_BASE-$i-$VERSION.module \
-    	-Dtypes=module \
-        -Dclassifiers= \
-        -Dsources=$ARTIFACT_ID_BASE-$i-$VERSION-sources.jar \
-        -Djavadoc=$ARTIFACT_ID_BASE-$i-$VERSION-javadoc.jar
-    fi    
-    popd
-    pushd .
+for i in iosarm64 iosx64 jni-android jni-common jni-jvm-darwin jni-jvm-extract jni-jvm-linux jni-jvm-mingw jni-jvm jvm linux; do
+  cd fr/acinq/secp256k1/secp256k1-kmp-$i/$VERSION
+  if [ $i == iosarm64 ] || [ $i == iosx64 ]; then
+    mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/content/repositories/snapshots/ \
+      -DpomFile=$ARTIFACT_ID_BASE-$i-$VERSION.pom \
+      -Dfile=$ARTIFACT_ID_BASE-$i-$VERSION.klib \
+      -Dfiles=$ARTIFACT_ID_BASE-$i-$VERSION-metadata.jar,$ARTIFACT_ID_BASE-$i-$VERSION.module,$ARTIFACT_ID_BASE-$i-$VERSION-cinterop-libsecp256k1.klib \
+      -Dtypes=jar,module,klib \
+      -Dclassifiers=metadata,,cinterop-libsecp256k1 \
+      -Dsources=$ARTIFACT_ID_BASE-$i-$VERSION-sources.jar \
+      -Djavadoc=$ARTIFACT_ID_BASE-$i-$VERSION-javadoc.jar
+  elif [ $i == linux ]; then
+    mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/content/repositories/snapshots/ \
+      -DpomFile=$ARTIFACT_ID_BASE-$i-$VERSION.pom \
+      -Dfile=$ARTIFACT_ID_BASE-$i-$VERSION.klib \
+      -Dfiles=$ARTIFACT_ID_BASE-$i-$VERSION.module,$ARTIFACT_ID_BASE-$i-$VERSION-cinterop-libsecp256k1.klib \
+      -Dtypes=module,klib \
+      -Dclassifiers=,cinterop-libsecp256k1 \
+      -Dsources=$ARTIFACT_ID_BASE-$i-$VERSION-sources.jar \
+      -Djavadoc=$ARTIFACT_ID_BASE-$i-$VERSION-javadoc.jar
+  elif [ $i == jni-android ]; then
+    mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/content/repositories/snapshots/ \
+      -DpomFile=$ARTIFACT_ID_BASE-$i-$VERSION.pom \
+      -Dfile=$ARTIFACT_ID_BASE-$i-$VERSION.aar \
+      -Dfiles=$ARTIFACT_ID_BASE-$i-$VERSION.module \
+      -Dtypes=module \
+      -Dclassifiers= \
+      -Dsources=$ARTIFACT_ID_BASE-$i-$VERSION-sources.jar \
+      -Djavadoc=$ARTIFACT_ID_BASE-$i-$VERSION-javadoc.jar
+  else
+    mvn deploy:deploy-file -DrepositoryId=ossrh -Durl=https://oss.sonatype.org/content/repositories/snapshots/ \
+      -DpomFile=$ARTIFACT_ID_BASE-$i-$VERSION.pom \
+      -Dfile=$ARTIFACT_ID_BASE-$i-$VERSION.jar \
+      -Dfiles=$ARTIFACT_ID_BASE-$i-$VERSION.module \
+      -Dtypes=module \
+      -Dclassifiers= \
+      -Dsources=$ARTIFACT_ID_BASE-$i-$VERSION-sources.jar \
+      -Djavadoc=$ARTIFACT_ID_BASE-$i-$VERSION-javadoc.jar
+  fi
+  popd
+  pushd .
 done

settings.gradle.kts

@@ -2,7 +2,13 @@ pluginManagement {
     repositories {
         google()
         gradlePluginPortal()
-        jcenter()
+    }
+    resolutionStrategy {
+        eachPlugin {
+            if (requested.id.namespace == "com.android" || requested.id.name == "kotlin-android-extensions") {
+                useModule("com.android.tools.build:gradle:7.3.1")
+            }
+        }
     }
 }
 rootProject.name = "secp256k1-kmp"

src/commonMain/kotlin/fr/acinq/secp256k1/Secp256k1.kt

@@ -41,16 +41,16 @@ public interface Secp256k1 {
      * Verify a Schnorr signature.
      *
      * @param signature 64 bytes signature.
-     * @param message message signed.
-     * @param pubkey signer's x-only public key (32 bytes).
+     * @param data message signed.
+     * @param pub signer's x-only public key (32 bytes).
      */
     public fun verifySchnorr(signature: ByteArray, data: ByteArray, pub: ByteArray): Boolean
 
     /**
      * Create a Schnorr signature.
      *
-     * @param message message to sign.
-     * @param privkey signer's private key.
+     * @param data message to sign.
+     * @param sec signer's private key.
      * @param auxrand32 32 bytes of fresh randomness (optional).
      */
     public fun signSchnorr(data: ByteArray, sec: ByteArray, auxrand32: ByteArray?): ByteArray
@@ -166,7 +166,17 @@ public interface Secp256k1 {
 
 internal expect fun getSecpk256k1(): Secp256k1
 
-public class Secp256k1Exception : RuntimeException {
+public open class Secp256k1Exception : RuntimeException {
+    public constructor() : super()
+    public constructor(message: String?) : super(message)
+}
+
+public class Secp256k1ErrorCallbackException : Secp256k1Exception {
+    public constructor() : super()
+    public constructor(message: String?) : super(message)
+}
+
+public class Secp256k1IllegalCallbackException : Secp256k1Exception {
     public constructor() : super()
     public constructor(message: String?) : super(message)
 }

src/nativeMain/kotlin/fr/acinq/secp256k1/Secp256k1Native.kt

@@ -4,15 +4,67 @@ import kotlinx.cinterop.*
 import platform.posix.size_tVar
 import secp256k1.*
 
-@OptIn(ExperimentalUnsignedTypes::class)
+private typealias Secp256k1CallbackHandler = (String) -> Unit
+
+@OptIn(ExperimentalStdlibApi::class)
+private class CallbackHandler(ctx: CPointer<secp256k1_context>) : AutoCloseable {
+    var illegalCallBackMessage: String? = null
+    val illegalHandler: Secp256k1CallbackHandler = { x: String -> illegalCallBackMessage = x }
+    val illegalCallbackRef = StableRef.create(illegalHandler)
+    var errorCallBackMessage: String? = null
+    val errorHandler: Secp256k1CallbackHandler = { x: String -> errorCallBackMessage = x }
+    val errorCallbackRef = StableRef.create(errorHandler)
+
+    init {
+        secp256k1_context_set_error_callback(
+            ctx, staticCFunction { buffer: CPointer<ByteVar>?, data: COpaquePointer? ->
+                if (data != null) {
+                    val callback = data.asStableRef<Secp256k1CallbackHandler>().get()
+                    callback(buffer?.toKString() ?: "error callback triggered")
+                }
+            },
+            errorCallbackRef.asCPointer()
+        )
+        secp256k1_context_set_illegal_callback(
+            ctx, staticCFunction { buffer: CPointer<ByteVar>?, data: COpaquePointer? ->
+                if (data != null) {
+                    val callback = data.asStableRef<Secp256k1CallbackHandler>().get()
+                    callback(buffer?.toKString() ?: "illegal callback triggered")
+                }
+            },
+            illegalCallbackRef.asCPointer()
+        )
+    }
+
+    fun checkForErrors() {
+        errorCallBackMessage?.let { throw Secp256k1ErrorCallbackException(it) }
+        illegalCallBackMessage?.let { throw Secp256k1IllegalCallbackException(it) }
+    }
+
+    override fun close() {
+        // StableRef instances have to be disposed of manually
+        illegalCallbackRef.dispose()
+        errorCallbackRef.dispose()
+    }
+}
+
+@OptIn(ExperimentalUnsignedTypes::class, ExperimentalStdlibApi::class)
 public object Secp256k1Native : Secp256k1 {
 
     private val ctx: CPointer<secp256k1_context> by lazy {
+
         secp256k1_context_create((SECP256K1_FLAGS_TYPE_CONTEXT or SECP256K1_FLAGS_BIT_CONTEXT_SIGN or SECP256K1_FLAGS_BIT_CONTEXT_VERIFY).toUInt())
             ?: error("Could not create secp256k1 context")
     }
 
-    private fun Int.requireSuccess(message: String): Int = if (this != 1) throw Secp256k1Exception(message) else this
+    private fun Int.requireSuccess(message: String): Int {
+        return if (this != 1) throw Secp256k1Exception(message) else this
+    }
+
+    private fun Int.requireSuccess(callbackHandler: CallbackHandler, message: String): Int {
+        callbackHandler.checkForErrors()
+        return if (this != 1) throw Secp256k1Exception(message) else this
+    }
 
     private fun MemScope.allocSignature(input: ByteArray): secp256k1_ecdsa_signature {
         val sig = alloc<secp256k1_ecdsa_signature>()
@@ -58,167 +110,209 @@ public object Secp256k1Native : Secp256k1 {
     public override fun verify(signature: ByteArray, message: ByteArray, pubkey: ByteArray): Boolean {
         require(message.size == 32)
         require(pubkey.size == 33 || pubkey.size == 65)
-        memScoped {
-            val nPubkey = allocPublicKey(pubkey)
-            val nMessage = toNat(message)
-            val nSig = allocSignature(signature)
-            return secp256k1_ecdsa_verify(ctx, nSig.ptr, nMessage, nPubkey.ptr) == 1
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPubkey = allocPublicKey(pubkey)
+                val nMessage = toNat(message)
+                val nSig = allocSignature(signature)
+                val verify = secp256k1_ecdsa_verify(ctx, nSig.ptr, nMessage, nPubkey.ptr)
+                callbackHandler.checkForErrors()
+                return verify == 1
+            }
         }
     }
 
     public override fun sign(message: ByteArray, privkey: ByteArray): ByteArray {
         require(privkey.size == 32)
         require(message.size == 32)
-        memScoped {
-            val nPrivkey = toNat(privkey)
-            val nMessage = toNat(message)
-            val nSig = alloc<secp256k1_ecdsa_signature>()
-            secp256k1_ecdsa_sign(ctx, nSig.ptr, nMessage, nPrivkey, null, null).requireSuccess("secp256k1_ecdsa_sign() failed")
-            return serializeSignature(nSig)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPrivkey = toNat(privkey)
+                val nMessage = toNat(message)
+                val nSig = alloc<secp256k1_ecdsa_signature>()
+                secp256k1_ecdsa_sign(ctx, nSig.ptr, nMessage, nPrivkey, null, null).requireSuccess(callbackHandler, "secp256k1_ecdsa_sign() failed")
+                return serializeSignature(nSig)
+            }
         }
     }
 
     public override fun signatureNormalize(sig: ByteArray): Pair<ByteArray, Boolean> {
-        require(sig.size >= 64){ "invalid signature ${Hex.encode(sig)}" }
-        memScoped {
-            val nSig = allocSignature(sig)
-            val isHighS = secp256k1_ecdsa_signature_normalize(ctx, nSig.ptr, nSig.ptr)
-            return Pair(serializeSignature(nSig), isHighS == 1)
+        require(sig.size >= 64) { "invalid signature ${Hex.encode(sig)}" }
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nSig = allocSignature(sig)
+                val isHighS = secp256k1_ecdsa_signature_normalize(ctx, nSig.ptr, nSig.ptr)
+                callbackHandler.checkForErrors()
+                return Pair(serializeSignature(nSig), isHighS == 1)
+            }
         }
     }
 
     public override fun secKeyVerify(privkey: ByteArray): Boolean {
         if (privkey.size != 32) return false
-        memScoped {
-            val nPrivkey = toNat(privkey)
-            return secp256k1_ec_seckey_verify(ctx, nPrivkey) == 1
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPrivkey = toNat(privkey)
+                val result = secp256k1_ec_seckey_verify(ctx, nPrivkey) == 1
+                callbackHandler.checkForErrors()
+                return result
+            }
         }
     }
 
     public override fun pubkeyCreate(privkey: ByteArray): ByteArray {
         require(privkey.size == 32)
-        memScoped {
-            val nPrivkey = toNat(privkey)
-            val nPubkey = alloc<secp256k1_pubkey>()
-            secp256k1_ec_pubkey_create(ctx, nPubkey.ptr, nPrivkey).requireSuccess("secp256k1_ec_pubkey_create() failed")
-            return serializePubkey(nPubkey)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPrivkey = toNat(privkey)
+                val nPubkey = alloc<secp256k1_pubkey>()
+                secp256k1_ec_pubkey_create(ctx, nPubkey.ptr, nPrivkey).requireSuccess(callbackHandler, "secp256k1_ec_pubkey_create() failed")
+                return serializePubkey(nPubkey)
+            }
         }
     }
 
     public override fun pubkeyParse(pubkey: ByteArray): ByteArray {
         require(pubkey.size == 33 || pubkey.size == 65)
-        memScoped {
-            val nPubkey = allocPublicKey(pubkey)
-            return serializePubkey(nPubkey)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPubkey = allocPublicKey(pubkey)
+                val result = serializePubkey(nPubkey)
+                callbackHandler.checkForErrors()
+                return result
+            }
         }
     }
 
     public override fun privKeyNegate(privkey: ByteArray): ByteArray {
         require(privkey.size == 32)
-        memScoped {
-            val negated = privkey.copyOf()
-            val negPriv = toNat(negated)
-            secp256k1_ec_seckey_negate(ctx, negPriv).requireSuccess("secp256k1_ec_seckey_negate() failed")
-            return negated
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val negated = privkey.copyOf()
+                val negPriv = toNat(negated)
+                secp256k1_ec_seckey_negate(ctx, negPriv).requireSuccess(callbackHandler, "secp256k1_ec_seckey_negate() failed")
+                return negated
+            }
         }
     }
 
     public override fun privKeyTweakAdd(privkey: ByteArray, tweak: ByteArray): ByteArray {
         require(privkey.size == 32)
-        memScoped {
-            val added = privkey.copyOf()
-            val natAdd = toNat(added)
-            val natTweak = toNat(tweak)
-            secp256k1_ec_seckey_tweak_add(ctx, natAdd, natTweak).requireSuccess("secp256k1_ec_seckey_tweak_add() failed")
-            return added
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val added = privkey.copyOf()
+                val natAdd = toNat(added)
+                val natTweak = toNat(tweak)
+                secp256k1_ec_seckey_tweak_add(ctx, natAdd, natTweak).requireSuccess(callbackHandler, "secp256k1_ec_seckey_tweak_add() failed")
+                return added
+            }
         }
     }
 
     public override fun privKeyTweakMul(privkey: ByteArray, tweak: ByteArray): ByteArray {
         require(privkey.size == 32)
-        memScoped {
-            val multiplied = privkey.copyOf()
-            val natMul = toNat(multiplied)
-            val natTweak = toNat(tweak)
-            secp256k1_ec_privkey_tweak_mul(ctx, natMul, natTweak).requireSuccess("secp256k1_ec_privkey_tweak_mul() failed")
-            return multiplied
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val multiplied = privkey.copyOf()
+                val natMul = toNat(multiplied)
+                val natTweak = toNat(tweak)
+                secp256k1_ec_privkey_tweak_mul(ctx, natMul, natTweak).requireSuccess(callbackHandler, "secp256k1_ec_privkey_tweak_mul() failed")
+                return multiplied
+            }
         }
     }
 
     public override fun pubKeyNegate(pubkey: ByteArray): ByteArray {
         require(pubkey.size == 33 || pubkey.size == 65)
-        memScoped {
-            val nPubkey = allocPublicKey(pubkey)
-            secp256k1_ec_pubkey_negate(ctx, nPubkey.ptr).requireSuccess("secp256k1_ec_pubkey_negate() failed")
-            return serializePubkey(nPubkey)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPubkey = allocPublicKey(pubkey)
+                secp256k1_ec_pubkey_negate(ctx, nPubkey.ptr).requireSuccess(callbackHandler, "secp256k1_ec_pubkey_negate() failed")
+                return serializePubkey(nPubkey)
+            }
         }
     }
 
     public override fun pubKeyTweakAdd(pubkey: ByteArray, tweak: ByteArray): ByteArray {
         require(pubkey.size == 33 || pubkey.size == 65)
-        memScoped {
-            val nPubkey = allocPublicKey(pubkey)
-            val nTweak = toNat(tweak)
-            secp256k1_ec_pubkey_tweak_add(ctx, nPubkey.ptr, nTweak).requireSuccess("secp256k1_ec_pubkey_tweak_add() failed")
-            return serializePubkey(nPubkey)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPubkey = allocPublicKey(pubkey)
+                val nTweak = toNat(tweak)
+                secp256k1_ec_pubkey_tweak_add(ctx, nPubkey.ptr, nTweak).requireSuccess(callbackHandler, "secp256k1_ec_pubkey_tweak_add() failed")
+                return serializePubkey(nPubkey)
+            }
         }
     }
 
     public override fun pubKeyTweakMul(pubkey: ByteArray, tweak: ByteArray): ByteArray {
         require(pubkey.size == 33 || pubkey.size == 65)
-        memScoped {
-            val nPubkey = allocPublicKey(pubkey)
-            val nTweak = toNat(tweak)
-            secp256k1_ec_pubkey_tweak_mul(ctx, nPubkey.ptr, nTweak).requireSuccess("secp256k1_ec_pubkey_tweak_mul() failed")
-            return serializePubkey(nPubkey)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPubkey = allocPublicKey(pubkey)
+                val nTweak = toNat(tweak)
+                secp256k1_ec_pubkey_tweak_mul(ctx, nPubkey.ptr, nTweak).requireSuccess(callbackHandler, "secp256k1_ec_pubkey_tweak_mul() failed")
+                return serializePubkey(nPubkey)
+            }
         }
     }
 
     public override fun pubKeyCombine(pubkeys: Array<ByteArray>): ByteArray {
         pubkeys.forEach { require(it.size == 33 || it.size == 65) }
-        memScoped {
-            val nPubkeys = pubkeys.map { allocPublicKey(it).ptr }
-            val combined = alloc<secp256k1_pubkey>()
-            secp256k1_ec_pubkey_combine(ctx, combined.ptr, nPubkeys.toCValues(), pubkeys.size.convert()).requireSuccess("secp256k1_ec_pubkey_combine() failed")
-            return serializePubkey(combined)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPubkeys = pubkeys.map { allocPublicKey(it).ptr }
+                val combined = alloc<secp256k1_pubkey>()
+                secp256k1_ec_pubkey_combine(ctx, combined.ptr, nPubkeys.toCValues(), pubkeys.size.convert()).requireSuccess(callbackHandler, "secp256k1_ec_pubkey_combine() failed")
+                return serializePubkey(combined)
+            }
         }
     }
 
     public override fun ecdh(privkey: ByteArray, pubkey: ByteArray): ByteArray {
         require(privkey.size == 32)
         require(pubkey.size == 33 || pubkey.size == 65)
-        memScoped {
-            val nPubkey = allocPublicKey(pubkey)
-            val nPrivkey = toNat(privkey)
-            val output = allocArray<UByteVar>(32)
-            secp256k1_ecdh(ctx, output, nPubkey.ptr, nPrivkey, null, null).requireSuccess("secp256k1_ecdh() failed")
-            return output.readBytes(32)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPubkey = allocPublicKey(pubkey)
+                val nPrivkey = toNat(privkey)
+                val output = allocArray<UByteVar>(32)
+                secp256k1_ecdh(ctx, output, nPubkey.ptr, nPrivkey, null, null).requireSuccess(callbackHandler, "secp256k1_ecdh() failed")
+                return output.readBytes(32)
+            }
         }
     }
 
     public override fun ecdsaRecover(sig: ByteArray, message: ByteArray, recid: Int): ByteArray {
         require(sig.size == 64)
         require(message.size == 32)
-        memScoped {
-            val nSig = toNat(sig)
-            val rSig = alloc<secp256k1_ecdsa_recoverable_signature>()
-            secp256k1_ecdsa_recoverable_signature_parse_compact(ctx, rSig.ptr, nSig, recid).requireSuccess("secp256k1_ecdsa_recoverable_signature_parse_compact() failed")
-            val nMessage = toNat(message)
-            val pubkey = alloc<secp256k1_pubkey>()
-            secp256k1_ecdsa_recover(ctx, pubkey.ptr, rSig.ptr, nMessage).requireSuccess("secp256k1_ecdsa_recover() failed")
-            return serializePubkey(pubkey)
+        // we do not check that recid is valid, which should trigger our illegal callback handler to throw a Secp256k1IllegalCallbackException
+        // require(recid in 0..3)
+
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nSig = toNat(sig)
+                val rSig = alloc<secp256k1_ecdsa_recoverable_signature>()
+                secp256k1_ecdsa_recoverable_signature_parse_compact(ctx, rSig.ptr, nSig, recid).requireSuccess(callbackHandler, "secp256k1_ecdsa_recoverable_signature_parse_compact() failed")
+                val nMessage = toNat(message)
+                val pubkey = alloc<secp256k1_pubkey>()
+                secp256k1_ecdsa_recover(ctx, pubkey.ptr, rSig.ptr, nMessage).requireSuccess(callbackHandler, "secp256k1_ecdsa_recover() failed")
+                return serializePubkey(pubkey)
+            }
         }
     }
 
     public override fun compact2der(sig: ByteArray): ByteArray {
         require(sig.size == 64)
-        memScoped {
-            val nSig = allocSignature(sig)
-            val natOutput = allocArray<UByteVar>(73)
-            val len = alloc<size_tVar>()
-            len.value = 73.convert()
-            secp256k1_ecdsa_signature_serialize_der(ctx, natOutput, len.ptr, nSig.ptr).requireSuccess("secp256k1_ecdsa_signature_serialize_der() failed")
-            return natOutput.readBytes(len.value.toInt())
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nSig = allocSignature(sig)
+                val natOutput = allocArray<UByteVar>(73)
+                val len = alloc<size_tVar>()
+                len.value = 73.convert()
+                secp256k1_ecdsa_signature_serialize_der(ctx, natOutput, len.ptr, nSig.ptr).requireSuccess(callbackHandler, "secp256k1_ecdsa_signature_serialize_der() failed")
+                return natOutput.readBytes(len.value.toInt())
+            }
         }
     }
 
@@ -226,13 +320,15 @@ public object Secp256k1Native : Secp256k1 {
         require(signature.size == 64)
         require(data.size == 32)
         require(pub.size == 32)
-        memScoped {
-            val nPub = toNat(pub)
-            val pubkey = alloc<secp256k1_xonly_pubkey>()
-            secp256k1_xonly_pubkey_parse(ctx, pubkey.ptr, nPub).requireSuccess("secp256k1_xonly_pubkey_parse() failed")
-            val nData = toNat(data)
-            val nSig = toNat(signature)
-            return secp256k1_schnorrsig_verify(ctx, nSig, nData, 32, pubkey.ptr) == 1
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nPub = toNat(pub)
+                val pubkey = alloc<secp256k1_xonly_pubkey>()
+                secp256k1_xonly_pubkey_parse(ctx, pubkey.ptr, nPub).requireSuccess(callbackHandler, "secp256k1_xonly_pubkey_parse() failed")
+                val nData = toNat(data)
+                val nSig = toNat(signature)
+                return secp256k1_schnorrsig_verify(ctx, nSig, nData, 32u, pubkey.ptr) == 1
+            }
         }
     }
 
@@ -240,15 +336,17 @@ public object Secp256k1Native : Secp256k1 {
         require(sec.size == 32)
         require(data.size == 32)
         auxrand32?.let { require(it.size == 32) }
-        memScoped {
-            val nSec = toNat(sec)
-            val nData = toNat(data)
-            val nAuxrand32 = auxrand32?.let { toNat(it) }
-            val nSig = allocArray<UByteVar>(64)
-            val keypair = alloc<secp256k1_keypair>()
-            secp256k1_keypair_create(ctx, keypair.ptr, nSec).requireSuccess("secp256k1_keypair_create() failed")
-            secp256k1_schnorrsig_sign32(ctx, nSig, nData, keypair.ptr, nAuxrand32).requireSuccess("secp256k1_ecdsa_sign() failed")
-            return nSig.readBytes(64)
+        CallbackHandler(ctx).use { callbackHandler ->
+            memScoped {
+                val nSec = toNat(sec)
+                val nData = toNat(data)
+                val nAuxrand32 = auxrand32?.let { toNat(it) }
+                val nSig = allocArray<UByteVar>(64)
+                val keypair = alloc<secp256k1_keypair>()
+                secp256k1_keypair_create(ctx, keypair.ptr, nSec).requireSuccess(callbackHandler, "secp256k1_keypair_create() failed")
+                secp256k1_schnorrsig_sign32(ctx, nSig, nData, keypair.ptr, nAuxrand32).requireSuccess(callbackHandler, "secp256k1_ecdsa_sign() failed")
+                return nSig.readBytes(64)
+            }
         }
     }
     

tests/src/androidTest/java/fr/acinq/secp256k1/AndroidTest.kt

@@ -1,7 +0,0 @@
-package fr.acinq.secp256k1
-
-import org.junit.Test
-import kotlin.test.assertEquals
-
-
-class AndroidTest {}

tests/src/commonTest/kotlin/fr/acinq/secp256k1/Secp256k1Test.kt

@@ -275,6 +275,11 @@ class Secp256k1Test {
         val pub0 = Secp256k1.ecdsaRecover(sig, message, 0)
         val pub1 = Secp256k1.ecdsaRecover(sig, message, 1)
         assertTrue(pub.contentEquals(pub0) || pub.contentEquals(pub1))
+
+        // this is a special case, ecdsaRecover explicitly does not check that recid is valid, which triggers our illegal callback handler
+        assertFailsWith(Secp256k1IllegalCallbackException::class) {
+            Secp256k1.ecdsaRecover(sig, message, 4)
+        }
     }
 
     @Test