1 files changed, 47 insertions, 31 deletions

diff --git a/src/valgrind_ctime_test.c b/src/valgrind_ctime_test.c
index 3169e3651c..cfca5a196e 100644
--- a/src/valgrind_ctime_test.c
+++ b/src/valgrind_ctime_test.c
@@ -1,10 +1,12 @@
-/**********************************************************************
- * Copyright (c) 2020 Gregory Maxwell                                 *
- * Distributed under the MIT software license, see the accompanying   *
- * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
- **********************************************************************/
+/***********************************************************************
+ * Copyright (c) 2020 Gregory Maxwell                                  *
+ * Distributed under the MIT software license, see the accompanying    *
+ * file COPYING or https://www.opensource.org/licenses/mit-license.php.*
+ ***********************************************************************/
 
 #include <valgrind/memcheck.h>
+#include <stdio.h>
+
 #include "include/secp256k1.h"
 #include "assumptions.h"
 #include "util.h"
@@ -25,8 +27,42 @@
 #include "include/secp256k1_schnorrsig.h"
 #endif
 
+void run_tests(secp256k1_context *ctx, unsigned char *key);
+
 int main(void) {
     secp256k1_context* ctx;
+    unsigned char key[32];
+    int ret, i;
+
+    if (!RUNNING_ON_VALGRIND) {
+        fprintf(stderr, "This test can only usefully be run inside valgrind.\n");
+        fprintf(stderr, "Usage: libtool --mode=execute valgrind ./valgrind_ctime_test\n");
+        return 1;
+    }
+    ctx = secp256k1_context_create(SECP256K1_CONTEXT_SIGN
+                                   | SECP256K1_CONTEXT_VERIFY
+                                   | SECP256K1_CONTEXT_DECLASSIFY);
+    /** In theory, testing with a single secret input should be sufficient:
+     *  If control flow depended on secrets the tool would generate an error.
+     */
+    for (i = 0; i < 32; i++) {
+        key[i] = i + 65;
+    }
+
+    run_tests(ctx, key);
+
+    /* Test context randomisation. Do this last because it leaves the context
+     * tainted. */
+    VALGRIND_MAKE_MEM_UNDEFINED(key, 32);
+    ret = secp256k1_context_randomize(ctx, key);
+    VALGRIND_MAKE_MEM_DEFINED(&ret, sizeof(ret));
+    CHECK(ret);
+
+    secp256k1_context_destroy(ctx);
+    return 0;
+}
+
+void run_tests(secp256k1_context *ctx, unsigned char *key) {
     secp256k1_ecdsa_signature signature;
     secp256k1_pubkey pubkey;
     size_t siglen = 74;
@@ -34,7 +70,6 @@ int main(void) {
     int i;
     int ret;
     unsigned char msg[32];
-    unsigned char key[32];
     unsigned char sig[74];
     unsigned char spubkey[33];
 #ifdef ENABLE_MODULE_RECOVERY
@@ -45,26 +80,10 @@ int main(void) {
     secp256k1_keypair keypair;
 #endif
 
-    if (!RUNNING_ON_VALGRIND) {
-        fprintf(stderr, "This test can only usefully be run inside valgrind.\n");
-        fprintf(stderr, "Usage: libtool --mode=execute valgrind ./valgrind_ctime_test\n");
-        exit(1);
-    }
-
-    /** In theory, testing with a single secret input should be sufficient:
-     *  If control flow depended on secrets the tool would generate an error.
-     */
-    for (i = 0; i < 32; i++) {
-        key[i] = i + 65;
-    }
     for (i = 0; i < 32; i++) {
         msg[i] = i + 1;
     }
 
-    ctx = secp256k1_context_create(SECP256K1_CONTEXT_SIGN
-                                   | SECP256K1_CONTEXT_VERIFY
-                                   | SECP256K1_CONTEXT_DECLASSIFY);
-
     /* Test keygen. */
     VALGRIND_MAKE_MEM_UNDEFINED(key, 32);
     ret = secp256k1_ec_pubkey_create(ctx, &pubkey, key);
@@ -122,12 +141,6 @@ int main(void) {
     VALGRIND_MAKE_MEM_DEFINED(&ret, sizeof(ret));
     CHECK(ret == 1);
 
-    /* Test context randomisation. Do this last because it leaves the context tainted. */
-    VALGRIND_MAKE_MEM_UNDEFINED(key, 32);
-    ret = secp256k1_context_randomize(ctx, key);
-    VALGRIND_MAKE_MEM_DEFINED(&ret, sizeof(ret));
-    CHECK(ret);
-
     /* Test keypair_create and keypair_xonly_tweak_add. */
 #ifdef ENABLE_MODULE_EXTRAKEYS
     VALGRIND_MAKE_MEM_UNDEFINED(key, 32);
@@ -140,6 +153,12 @@ int main(void) {
     ret = secp256k1_keypair_xonly_tweak_add(ctx, &keypair, msg);
     VALGRIND_MAKE_MEM_DEFINED(&ret, sizeof(ret));
     CHECK(ret == 1);
+
+    VALGRIND_MAKE_MEM_UNDEFINED(key, 32);
+    VALGRIND_MAKE_MEM_UNDEFINED(&keypair, sizeof(keypair));
+    ret = secp256k1_keypair_sec(ctx, key, &keypair);
+    VALGRIND_MAKE_MEM_DEFINED(&ret, sizeof(ret));
+    CHECK(ret == 1);
 #endif
 
 #ifdef ENABLE_MODULE_SCHNORRSIG
@@ -151,7 +170,4 @@ int main(void) {
     VALGRIND_MAKE_MEM_DEFINED(&ret, sizeof(ret));
     CHECK(ret == 1);
 #endif
-
-    secp256k1_context_destroy(ctx);
-    return 0;
 }