Home Explore Help
Sign In
mmgen
/
mmgen-wallet
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: d4c46ad28e
Branches Tags
mmgen-wallet
/
extmod
/
secp256k1mod.c

secp256k1mod.c 12 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439 
  1. /*
    2. 

  2.   mmgen = Multi-Mode GENerator, command-line Bitcoin cold storage solution
    3. 

  3.   Copyright (C)2013-2025 The MMGen Project <mmgen@tuta.io>
    4. 

  4. 

  5.   This program is free software: you can redistribute it and/or modify it under
    6. 

  6.   the terms of the GNU General Public License as published by the Free Software
    7. 

  7.   Foundation, either version 3 of the License, or (at your option) any later
    8. 

  8.   version.
    9. 

  9. 

  10.   This program is distributed in the hope that it will be useful, but WITHOUT
    11. 

  11.   ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
    12. 

  12.   FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
    13. 

  13.   details.
    14. 

  14. 

  15.   You should have received a copy of the GNU General Public License along with
    16. 

  16.   this program.  If not, see <http://www.gnu.org/licenses/>.
    17. 

  17. */
    18. 

  18. 

  19. /*
    20. 

  20.    NOTE: deprecated context flags SECP256K1_CONTEXT_SIGN | SECP256K1_CONTEXT_VERIFY
    21. 

  21.    must be used for now instead of SECP256K1_CONTEXT_NONE (see libsecp256k1 CHANGELOG)
    22. 

  22.    for backward compatibility with libsecp256k1 <v0.2.0 (i.e. pre-bookworm distros).
    23. 

  23. */
    24. 

  24. 

  25. #define PY_SSIZE_T_CLEAN
    26. 

  26. #include <Python.h>
    27. 

  27. #include <secp256k1.h>
    28. 

  28. #include <secp256k1_recovery.h>
    29. 

  29. #include "random.h"
    30. 

  30. 

  31. static secp256k1_context * create_context(
    32. 

  32. 		const unsigned char randomize
    33. 

  33. 	) {
    34. 

  34. 	secp256k1_context *ctx = secp256k1_context_create(
    35. 

  35. 		SECP256K1_CONTEXT_SIGN | SECP256K1_CONTEXT_VERIFY
    36. 

  36. 		/* SECP256K1_CONTEXT_NONE */ /* see NOTE above */
    37. 

  37. 	);
    38. 

  38. 	if (randomize) {
    39. 

  39. 		unsigned char buf[32];
    40. 

  40. 		if (!fill_random(buf, sizeof(buf))) {
    41. 

  41. 			printf("Failed to generate entropy\n");
    42. 

  42. 			return NULL;
    43. 

  43. 		}
    44. 

  44. 		if (!secp256k1_context_randomize(ctx, buf)) {
    45. 

  45. 			printf("Failed to randomize context\n");
    46. 

  46. 			return NULL;
    47. 

  47. 		}
    48. 

  48. 	}
    49. 

  49. 	return ctx;
    50. 

  50. }
    51. 

  51. 

  52. static int privkey_check(
    53. 

  53. 		const secp256k1_context * ctx,
    54. 

  54. 		const unsigned char *     privkey_bytes,
    55. 

  55. 		const Py_ssize_t          privkey_bytes_len,
    56. 

  56. 		const char *              desc
    57. 

  57. 	) {
    58. 

  58. 	if (privkey_bytes_len != 32) {
    59. 

  59. 		char buf[64 + strlen(desc)];
    60. 

  60. 		sprintf(buf, "%s length not 32 bytes", desc);
    61. 

  61. 		PyErr_SetString(PyExc_ValueError, buf);
    62. 

  62. 		return 0;
    63. 

  63. 	}
    64. 

  64. 	if (secp256k1_ec_seckey_verify(ctx, privkey_bytes) != 1) {
    65. 

  65. 		char buf[64 + strlen(desc)];
    66. 

  66. 		sprintf(buf, "%s not in allowable range", desc);
    67. 

  67. 		PyErr_SetString(PyExc_ValueError, buf);
    68. 

  68. 		return 0;
    69. 

  69. 	}
    70. 

  70. 	return 1;
    71. 

  71. }
    72. 

  72. 

  73. static int pubkey_parse_with_check(
    74. 

  74. 		const secp256k1_context * ctx,
    75. 

  75. 		secp256k1_pubkey *        pubkey_ptr,
    76. 

  76. 		const unsigned char *     pubkey_bytes,
    77. 

  77. 		const Py_ssize_t          pubkey_bytes_len
    78. 

  78. 	) {
    79. 

  79. 	if (ctx == NULL) {
    80. 

  80. 		PyErr_SetString(PyExc_RuntimeError, "Context initialization failed");
    81. 

  81. 		return 0;
    82. 

  82. 	}
    83. 

  83. 	if (pubkey_bytes_len == 33) {
    84. 

  84. 		if (pubkey_bytes[0] != 3 && pubkey_bytes[0] != 2) {
    85. 

  85. 			PyErr_SetString(
    86. 

  86. 				PyExc_ValueError,
    87. 

  87. 				"Invalid first byte for serialized compressed public key");
    88. 

  88. 			return 0;
    89. 

  89. 		}
    90. 

  90. 	} else if (pubkey_bytes_len == 65) {
    91. 

  91. 		if (pubkey_bytes[0] != 4) {
    92. 

  92. 			PyErr_SetString(
    93. 

  93. 				PyExc_ValueError,
    94. 

  94. 				"Invalid first byte for serialized uncompressed public key");
    95. 

  95. 			return 0;
    96. 

  96. 		}
    97. 

  97. 	} else {
    98. 

  98. 		PyErr_SetString(PyExc_ValueError, "Serialized public key length not 33 or 65 bytes");
    99. 

  99. 		return 0;
    100. 

  100. 	}
    101. 

  101. 	/* checks for point-at-infinity (via secp256k1_pubkey_save) */
    102. 

  102. 	if (secp256k1_ec_pubkey_parse(ctx, pubkey_ptr, pubkey_bytes, pubkey_bytes_len) != 1) {
    103. 

  103. 		PyErr_SetString(
    104. 

  104. 			PyExc_ValueError,
    105. 

  105. 			"Public key could not be parsed or encodes point-at-infinity");
    106. 

  106. 		return 0;
    107. 

  107. 	}
    108. 

  108. 	return 1;
    109. 

  109. }
    110. 

  110. 

  111. static PyObject * pubkey_gen(PyObject *self, PyObject *args) {
    112. 

  112. 	const unsigned char * privkey_bytes;
    113. 

  113. 	Py_ssize_t privkey_bytes_len;
    114. 

  114. 	int compressed;
    115. 

  115. 	if (!PyArg_ParseTuple(args, "y#i", &privkey_bytes, &privkey_bytes_len, &compressed)) {
    116. 

  116. 		PyErr_SetString(PyExc_ValueError, "Unable to parse extension mod arguments");
    117. 

  117. 		return NULL;
    118. 

  118. 	}
    119. 

  119. 	size_t pubkey_bytes_len = compressed == 1 ? 33 : 65;
    120. 

  120. 	unsigned char pubkey_bytes[pubkey_bytes_len];
    121. 

  121. 	secp256k1_pubkey pubkey;
    122. 

  122. 	secp256k1_context *ctx = create_context(1);
    123. 

  123. 	if (ctx == NULL) {
    124. 

  124. 		PyErr_SetString(PyExc_RuntimeError, "Context initialization failed");
    125. 

  125. 		return NULL;
    126. 

  126. 	}
    127. 

  127. 	if (!privkey_check(ctx, privkey_bytes, privkey_bytes_len, "Private key")) {
    128. 

  128. 		return NULL;
    129. 

  129. 	}
    130. 

  130. 	if (secp256k1_ec_pubkey_create(ctx, &pubkey, privkey_bytes) != 1) {
    131. 

  131. 		PyErr_SetString(PyExc_RuntimeError, "Public key creation failed");
    132. 

  132. 		return NULL;
    133. 

  133. 	}
    134. 

  134. 	if (secp256k1_ec_pubkey_serialize(ctx, pubkey_bytes, &pubkey_bytes_len, &pubkey,
    135. 

  135. 			compressed == 1 ? SECP256K1_EC_COMPRESSED : SECP256K1_EC_UNCOMPRESSED) != 1) {
    136. 

  136. 		PyErr_SetString(PyExc_RuntimeError, "Public key serialization failed");
    137. 

  137. 		return NULL;
    138. 

  138. 	}
    139. 

  139. 	return Py_BuildValue("y#", pubkey_bytes, pubkey_bytes_len);
    140. 

  140. }
    141. 

  141. 

  142. static PyObject * pubkey_tweak_add(PyObject *self, PyObject *args) {
    143. 

  143. 	const unsigned char * pubkey_bytes;
    144. 

  144. 	const unsigned char * tweak_bytes;
    145. 

  145. 	Py_ssize_t pubkey_bytes_len;
    146. 

  146. 	Py_ssize_t tweak_bytes_len;
    147. 

  147. 	if (!PyArg_ParseTuple(
    148. 

  148. 			args,
    149. 

  149. 			"y#y#",
    150. 

  150. 			&pubkey_bytes,
    151. 

  151. 			&pubkey_bytes_len,
    152. 

  152. 			&tweak_bytes,
    153. 

  153. 			&tweak_bytes_len)) {
    154. 

  154. 		PyErr_SetString(PyExc_ValueError, "Unable to parse extension mod arguments");
    155. 

  155. 		return NULL;
    156. 

  156. 	}
    157. 

  157. 	secp256k1_context *ctx = create_context(1);
    158. 

  158. 	secp256k1_pubkey pubkey;
    159. 

  159. 	if (!pubkey_parse_with_check(ctx, &pubkey, pubkey_bytes, pubkey_bytes_len)) {
    160. 

  160. 		return NULL;
    161. 

  161. 	}
    162. 

  162. 	if (!privkey_check(ctx, tweak_bytes, tweak_bytes_len, "Tweak")) {
    163. 

  163. 		return NULL;
    164. 

  164. 	}
    165. 

  165. 	/* checks for point-at-infinity (via secp256k1_pubkey_save) */
    166. 

  166. 	if (secp256k1_ec_pubkey_tweak_add(ctx, &pubkey, tweak_bytes) != 1) {
    167. 

  167. 		PyErr_SetString(
    168. 

  168. 			PyExc_RuntimeError,
    169. 

  169. 			"Adding public key points failed or result was point-at-infinity");
    170. 

  170. 		return NULL;
    171. 

  171. 	}
    172. 

  172. 	unsigned char new_pubkey_bytes[pubkey_bytes_len];
    173. 

  173. 	if (secp256k1_ec_pubkey_serialize(
    174. 

  174. 			ctx,
    175. 

  175. 			new_pubkey_bytes,
    176. 

  176. 			(size_t*) &pubkey_bytes_len,
    177. 

  177. 			&pubkey,
    178. 

  178. 			pubkey_bytes_len == 33 ? SECP256K1_EC_COMPRESSED : SECP256K1_EC_UNCOMPRESSED) != 1) {
    179. 

  179. 		PyErr_SetString(PyExc_RuntimeError, "Public key serialization failed");
    180. 

  180. 		return NULL;
    181. 

  181. 	}
    182. 

  182. 	return Py_BuildValue("y#", new_pubkey_bytes, pubkey_bytes_len);
    183. 

  183. }
    184. 

  184. 

  185. static PyObject * pubkey_check(PyObject *self, PyObject *args) {
    186. 

  186. 	const unsigned char * pubkey_bytes;
    187. 

  187. 	Py_ssize_t pubkey_bytes_len;
    188. 

  188. 	if (!PyArg_ParseTuple(args, "y#", &pubkey_bytes, &pubkey_bytes_len)) {
    189. 

  189. 		PyErr_SetString(PyExc_ValueError, "Unable to parse extension mod arguments");
    190. 

  190. 		return NULL;
    191. 

  191. 	}
    192. 

  192. 	secp256k1_context *ctx = create_context(1);
    193. 

  193. 	secp256k1_pubkey pubkey;
    194. 

  194. 	if (!pubkey_parse_with_check(ctx, &pubkey, pubkey_bytes, pubkey_bytes_len)) {
    195. 

  195. 		return NULL;
    196. 

  196. 	}
    197. 

  197. 	return Py_BuildValue("I", 1);
    198. 

  198. }
    199. 

  199. 

  200. /*
    201. 

  201.  * returns 64-byte serialized signature (r + s) plus integer recovery ID in range 0-3
    202. 

  202.  */
    203. 

  203. static PyObject * sign_msghash(PyObject *self, PyObject *args) {
    204. 

  204. 

  205. 	const unsigned char * msghash_bytes;
    206. 

  206. 	const unsigned char * privkey_bytes;
    207. 

  207. 	Py_ssize_t msghash_bytes_len;
    208. 

  208. 	Py_ssize_t privkey_bytes_len;
    209. 

  209. 

  210. 	if (!PyArg_ParseTuple(
    211. 

  211. 			args,
    212. 

  212. 			"y#y#",
    213. 

  213. 			&msghash_bytes,
    214. 

  214. 			&msghash_bytes_len,
    215. 

  215. 			&privkey_bytes,
    216. 

  216. 			&privkey_bytes_len)) {
    217. 

  217. 		PyErr_SetString(PyExc_ValueError, "Unable to parse extension mod arguments");
    218. 

  218. 		return NULL;
    219. 

  219. 	}
    220. 

  220. 

  221. 	if (msghash_bytes_len != 32) {
    222. 

  222. 		PyErr_SetString(PyExc_RuntimeError, "Invalid message hash length (not 32 bytes)");
    223. 

  223. 		return NULL;
    224. 

  224. 	}
    225. 

  225. 

  226. 	secp256k1_context *ctx = create_context(1);
    227. 

  227. 

  228. 	if (!privkey_check(ctx, privkey_bytes, privkey_bytes_len, "Private key")) {
    229. 

  229. 		return NULL;
    230. 

  230. 	}
    231. 

  231. 

  232. 	secp256k1_ecdsa_recoverable_signature rsig;
    233. 

  233. 	unsigned char rsig_serialized[65];
    234. 

  234. 	int recid;
    235. 

  235. 

  236. 	if (!secp256k1_ecdsa_sign_recoverable(ctx, &rsig, msghash_bytes, privkey_bytes, NULL, NULL)) {
    237. 

  237. 		PyErr_SetString(PyExc_ValueError, "Unable to sign message hash");
    238. 

  238. 		return NULL;
    239. 

  239. 	}
    240. 

  240. 	if (!secp256k1_ecdsa_recoverable_signature_serialize_compact(ctx, rsig_serialized, &recid, &rsig)) {
    241. 

  241. 		PyErr_SetString(PyExc_ValueError, "Unable to serialize signature");
    242. 

  242. 		return NULL;
    243. 

  243. 	}
    244. 

  244. 	/* truncate serialized sig to 64 bytes */
    245. 

  245. 	return Py_BuildValue("y#I", rsig_serialized, 64, recid);
    246. 

  246. }
    247. 

  247. 

  248. static PyObject * verify_sig(PyObject *self, PyObject *args) {
    249. 

  249. 

  250. 	const unsigned char * sig_bytes;
    251. 

  251. 	const unsigned char * msghash_bytes;
    252. 

  252. 	const unsigned char * pubkey_bytes;
    253. 

  253. 	Py_ssize_t sig_bytes_len;
    254. 

  254. 	Py_ssize_t msghash_bytes_len;
    255. 

  255. 	Py_ssize_t pubkey_bytes_len;
    256. 

  256. 

  257. 	if (!PyArg_ParseTuple(
    258. 

  258. 			args,
    259. 

  259. 			"y#y#y#",
    260. 

  260. 			&sig_bytes,
    261. 

  261. 			&sig_bytes_len,
    262. 

  262. 			&msghash_bytes,
    263. 

  263. 			&msghash_bytes_len,
    264. 

  264. 			&pubkey_bytes,
    265. 

  265. 			&pubkey_bytes_len)) {
    266. 

  266. 		PyErr_SetString(PyExc_ValueError, "Unable to parse extension mod arguments");
    267. 

  267. 		return NULL;
    268. 

  268. 	}
    269. 

  269. 

  270. 	if (sig_bytes_len != 64) {
    271. 

  271. 		PyErr_SetString(PyExc_RuntimeError, "Invalid signature length (not 64 bytes)");
    272. 

  272. 		return NULL;
    273. 

  273. 	}
    274. 

  274. 	if (msghash_bytes_len != 32) {
    275. 

  275. 		PyErr_SetString(PyExc_RuntimeError, "Invalid message hash length (not 32 bytes)");
    276. 

  276. 		return NULL;
    277. 

  277. 	}
    278. 

  278. 

  279. 	secp256k1_ecdsa_signature sig;
    280. 

  280. 	secp256k1_pubkey pubkey;
    281. 

  281. 	secp256k1_context *ctx = create_context(1);
    282. 

  282. 

  283. 	if (!secp256k1_ecdsa_signature_parse_compact(ctx, &sig, sig_bytes)) {
    284. 

  284. 		PyErr_SetString(PyExc_RuntimeError, "Failed to parse signature");
    285. 

  285. 		return NULL;
    286. 

  286. 	}
    287. 

  287. 

  288. 	if (!secp256k1_ec_pubkey_parse(ctx, &pubkey, pubkey_bytes, pubkey_bytes_len)) {
    289. 

  289. 		PyErr_SetString(PyExc_RuntimeError, "Failed to parse public key");
    290. 

  290. 		return NULL;
    291. 

  291. 	}
    292. 

  292. 

  293. 	/* returns 1 on valid sig, 0 on invalid sig */
    294. 

  294. 	return Py_BuildValue("I", secp256k1_ecdsa_verify(ctx, &sig, msghash_bytes, &pubkey));
    295. 

  295. }
    296. 

  296. 

  297. static PyObject * pubkey_recover(PyObject *self, PyObject *args) {
    298. 

  298. 

  299. 	const unsigned char * msghash_bytes;
    300. 

  300. 	const unsigned char * sig_bytes;
    301. 

  301. 	int recid;
    302. 

  302. 	int compressed;
    303. 

  303. 	Py_ssize_t msghash_bytes_len;
    304. 

  304. 	Py_ssize_t sig_bytes_len;
    305. 

  305. 

  306. 	if (!PyArg_ParseTuple(
    307. 

  307. 			args,
    308. 

  308. 			"y#y#ii",
    309. 

  309. 			&msghash_bytes,
    310. 

  310. 			&msghash_bytes_len,
    311. 

  311. 			&sig_bytes,
    312. 

  312. 			&sig_bytes_len,
    313. 

  313. 			&recid,
    314. 

  314. 			&compressed)) {
    315. 

  315. 		PyErr_SetString(PyExc_ValueError, "Unable to parse extension mod arguments");
    316. 

  316. 		return NULL;
    317. 

  317. 	}
    318. 

  318. 

  319. 	if (recid < 0 || recid > 3) {
    320. 

  320. 		PyErr_SetString(PyExc_RuntimeError, "Invalid recovery ID (not in range 0-3)");
    321. 

  321. 		return NULL;
    322. 

  322. 	}
    323. 

  323. 	if (sig_bytes_len != 64) {
    324. 

  324. 		PyErr_SetString(PyExc_RuntimeError, "Invalid signature length (not 64 bytes)");
    325. 

  325. 		return NULL;
    326. 

  326. 	}
    327. 

  327. 	if (msghash_bytes_len != 32) {
    328. 

  328. 		PyErr_SetString(PyExc_RuntimeError, "Invalid message hash length (not 32 bytes)");
    329. 

  329. 		return NULL;
    330. 

  330. 	}
    331. 

  331. 

  332. 	secp256k1_context *ctx = create_context(1);
    333. 

  333. 	secp256k1_ecdsa_recoverable_signature rsig;
    334. 

  334. 	secp256k1_pubkey pubkey;
    335. 

  335. 	size_t pubkey_bytes_len = compressed == 1 ? 33 : 65;
    336. 

  336. 	unsigned char pubkey_bytes[pubkey_bytes_len];
    337. 

  337. 

  338. 	if (!secp256k1_ecdsa_recoverable_signature_parse_compact(ctx, &rsig, sig_bytes, recid)) {
    339. 

  339. 		PyErr_SetString(PyExc_RuntimeError, "Failed to parse signature");
    340. 

  340. 		return NULL;
    341. 

  341. 	}
    342. 

  342. 	if (!secp256k1_ecdsa_recover(ctx, &pubkey, &rsig, msghash_bytes)) {
    343. 

  343. 		PyErr_SetString(PyExc_RuntimeError, "Failed to recover public key");
    344. 

  344. 		return NULL;
    345. 

  345. 	}
    346. 

  346. 	if (secp256k1_ec_pubkey_serialize(ctx, pubkey_bytes, &pubkey_bytes_len, &pubkey,
    347. 

  347. 			compressed == 1 ? SECP256K1_EC_COMPRESSED : SECP256K1_EC_UNCOMPRESSED) != 1) {
    348. 

  348. 		PyErr_SetString(PyExc_RuntimeError, "Failed to serialize public key");
    349. 

  349. 		return NULL;
    350. 

  350. 	}
    351. 

  351. 	return Py_BuildValue("y#", pubkey_bytes, pubkey_bytes_len);
    352. 

  352. }
    353. 

  353. 

  354. /* https://docs.python.org/3/howto/cporting.html */
    355. 

  355. 

  356. struct module_state {
    357. 

  357. 	PyObject *error;
    358. 

  358. };
    359. 

  359. 

  360. #define GETSTATE(m) ((struct module_state*)PyModule_GetState(m))
    361. 

  361. 

  362. static PyMethodDef secp256k1_methods[] = {
    363. 

  363. 	{
    364. 

  364. 		"pubkey_gen",
    365. 

  365. 		pubkey_gen,
    366. 

  366. 		METH_VARARGS,
    367. 

  367. 		"Generate a serialized pubkey from privkey bytes"
    368. 

  368. 	},
    369. 

  369. 	{
    370. 

  370. 		"pubkey_tweak_add",
    371. 

  371. 		pubkey_tweak_add,
    372. 

  372. 		METH_VARARGS,
    373. 

  373. 		"Add scalar bytes to a serialized pubkey, returning a serialized pubkey"
    374. 

  374. 	},
    375. 

  375. 	{
    376. 

  376. 		"pubkey_check",
    377. 

  377. 		pubkey_check,
    378. 

  378. 		METH_VARARGS,
    379. 

  379. 		"Check a serialized pubkey, ensuring the encoded point is not point-at-infinity"
    380. 

  380. 	},
    381. 

  381. 	{
    382. 

  382. 		"sign_msghash",
    383. 

  383. 		sign_msghash,
    384. 

  384. 		METH_VARARGS,
    385. 

  385. 		"Sign a 32-byte message hash with a private key"
    386. 

  386. 	},
    387. 

  387. 	{
    388. 

  388. 		"verify_sig",
    389. 

  389. 		verify_sig,
    390. 

  390. 		METH_VARARGS,
    391. 

  391. 		"Verify a signature"
    392. 

  392. 	},
    393. 

  393. 	{
    394. 

  394. 		"pubkey_recover",
    395. 

  395. 		pubkey_recover,
    396. 

  396. 		METH_VARARGS,
    397. 

  397. 		"Recover a serialized pubkey from a recoverable signature plus signed message"
    398. 

  398. 	},
    399. 

  399. 	{NULL, NULL}
    400. 

  400. };
    401. 

  401. 

  402. static int secp256k1_traverse(PyObject *m, visitproc visit, void *arg) {
    403. 

  403. 	Py_VISIT(GETSTATE(m)->error);
    404. 

  404. 	return 0;
    405. 

  405. }
    406. 

  406. 

  407. static int secp256k1_clear(PyObject *m) {
    408. 

  408. 	Py_CLEAR(GETSTATE(m)->error);
    409. 

  409. 	return 0;
    410. 

  410. }
    411. 

  411. 

  412. static struct PyModuleDef moduledef = {
    413. 

  413. 		PyModuleDef_HEAD_INIT,
    414. 

  414. 		"secp256k1",
    415. 

  415. 		NULL,
    416. 

  416. 		sizeof(struct module_state),
    417. 

  417. 		secp256k1_methods,
    418. 

  418. 		NULL,
    419. 

  419. 		secp256k1_traverse,
    420. 

  420. 		secp256k1_clear,
    421. 

  421. 		NULL
    422. 

  422. };
    423. 

  423. 

  424. #define INITERROR return NULL
    425. 

  425. 

  426. PyMODINIT_FUNC PyInit_secp256k1(void) {
    427. 

  427. 	PyObject *module = PyModule_Create(&moduledef);
    428. 

  428. 

  429. 	if (module == NULL)
    430. 

  430. 		INITERROR;
    431. 

  431. 	struct module_state *st = GETSTATE(module);
    432. 

  432. 

  433. 	st->error = PyErr_NewException("secp256k1.Error", NULL, NULL);
    434. 

  434. 	if (st->error == NULL) {
    435. 

  435. 		Py_DECREF(module);
    436. 

  436. 		INITERROR;
    437. 

  437. 	}
    438. 

  438. 	return module;
    439. 

  439. }
    440.