Bump secp256k1 subtree

7 years ago · 7a448d3fa5
56 changed files with 266 additions and 257 deletions
--- a/src/secp256k1/contrib/lax_der_parsing.h
+++ b/src/secp256k1/contrib/lax_der_parsing.h
@ -48,14 +48,14 @@
 *   8.3.1.
 */

-#ifndef _SECP256K1_CONTRIB_LAX_DER_PARSING_H_
-#define _SECP256K1_CONTRIB_LAX_DER_PARSING_H_
+#ifndef SECP256K1_CONTRIB_LAX_DER_PARSING_H
+#define SECP256K1_CONTRIB_LAX_DER_PARSING_H

 #include <secp256k1.h>

-# ifdef __cplusplus
+#ifdef __cplusplus
 extern "C" {
-# endif
+#endif

 /** Parse a signature in "lax DER" format
 *
@ -88,4 +88,4 @@ int ecdsa_signature_parse_der_lax(
 }
 #endif

-#endif
+#endif /* SECP256K1_CONTRIB_LAX_DER_PARSING_H */
--- a/src/secp256k1/contrib/lax_der_privatekey_parsing.h
+++ b/src/secp256k1/contrib/lax_der_privatekey_parsing.h
@ -25,14 +25,14 @@
 * library are sufficient.
 */

-#ifndef _SECP256K1_CONTRIB_BER_PRIVATEKEY_H_
-#define _SECP256K1_CONTRIB_BER_PRIVATEKEY_H_
+#ifndef SECP256K1_CONTRIB_BER_PRIVATEKEY_H
+#define SECP256K1_CONTRIB_BER_PRIVATEKEY_H

 #include <secp256k1.h>

-# ifdef __cplusplus
+#ifdef __cplusplus
 extern "C" {
-# endif
+#endif

 /** Export a private key in DER format.
 *
@ -87,4 +87,4 @@ SECP256K1_WARN_UNUSED_RESULT int ec_privkey_import_der(
 }
 #endif

-#endif
+#endif /* SECP256K1_CONTRIB_BER_PRIVATEKEY_H */
--- a/src/secp256k1/include/secp256k1.h
+++ b/src/secp256k1/include/secp256k1.h
@ -1,9 +1,9 @@
-#ifndef _SECP256K1_
-# define _SECP256K1_
+#ifndef SECP256K1_H
+#define SECP256K1_H

-# ifdef __cplusplus
+#ifdef __cplusplus
 extern "C" {
-# endif
+#endif

 #include <stddef.h>

@ -61,7 +61,7 @@ typedef struct {
 *  however guaranteed to be 64 bytes in size, and can be safely copied/moved.
 *  If you need to convert to a format suitable for storage, transmission, or
 *  comparison, use the secp256k1_ecdsa_signature_serialize_* and
- *  secp256k1_ecdsa_signature_serialize_* functions.
+ *  secp256k1_ecdsa_signature_parse_* functions.
 */
 typedef struct {
    unsigned char data[64];
@ -159,6 +159,13 @@ typedef int (*secp256k1_nonce_function)(
 #define SECP256K1_EC_COMPRESSED (SECP256K1_FLAGS_TYPE_COMPRESSION | SECP256K1_FLAGS_BIT_COMPRESSION)
 #define SECP256K1_EC_UNCOMPRESSED (SECP256K1_FLAGS_TYPE_COMPRESSION)

+/** Prefix byte used to tag various encoded curvepoints for specific purposes */
+#define SECP256K1_TAG_PUBKEY_EVEN 0x02
+#define SECP256K1_TAG_PUBKEY_ODD 0x03
+#define SECP256K1_TAG_PUBKEY_UNCOMPRESSED 0x04
+#define SECP256K1_TAG_PUBKEY_HYBRID_EVEN 0x06
+#define SECP256K1_TAG_PUBKEY_HYBRID_ODD 0x07
+
 /** Create a secp256k1 context object.
 *
 *  Returns: a newly created context object.
@ -607,8 +614,8 @@ SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_combine(
    size_t n
 ) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);

-# ifdef __cplusplus
+#ifdef __cplusplus
 }
-# endif
-
 #endif
+
+#endif /* SECP256K1_H */
--- a/src/secp256k1/include/secp256k1_ecdh.h
+++ b/src/secp256k1/include/secp256k1_ecdh.h
@ -1,11 +1,11 @@
-#ifndef _SECP256K1_ECDH_
-# define _SECP256K1_ECDH_
+#ifndef SECP256K1_ECDH_H
+#define SECP256K1_ECDH_H

-# include "secp256k1.h"
+#include "secp256k1.h"

-# ifdef __cplusplus
+#ifdef __cplusplus
 extern "C" {
-# endif
+#endif

 /** Compute an EC Diffie-Hellman secret in constant time
 *  Returns: 1: exponentiation was successful
@ -24,8 +24,8 @@ SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ecdh(
  const unsigned char *privkey
 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);

-# ifdef __cplusplus
+#ifdef __cplusplus
 }
-# endif
-
 #endif
+
+#endif /* SECP256K1_ECDH_H */
--- a/src/secp256k1/include/secp256k1_recovery.h
+++ b/src/secp256k1/include/secp256k1_recovery.h
@ -1,11 +1,11 @@
-#ifndef _SECP256K1_RECOVERY_
-# define _SECP256K1_RECOVERY_
+#ifndef SECP256K1_RECOVERY_H
+#define SECP256K1_RECOVERY_H

-# include "secp256k1.h"
+#include "secp256k1.h"

-# ifdef __cplusplus
+#ifdef __cplusplus
 extern "C" {
-# endif
+#endif

 /** Opaque data structured that holds a parsed ECDSA signature,
 *  supporting pubkey recovery.
@ -103,8 +103,8 @@ SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ecdsa_recover(
    const unsigned char *msg32
 ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);

-# ifdef __cplusplus
+#ifdef __cplusplus
 }
-# endif
-
 #endif
+
+#endif /* SECP256K1_RECOVERY_H */
--- a/src/secp256k1/sage/group_prover.sage
+++ b/src/secp256k1/sage/group_prover.sage
@ -3,7 +3,7 @@
 # to independently set assumptions on input or intermediary variables.
 #
 # The general approach is:
-# * A constraint is a tuple of two sets of of symbolic expressions:
+# * A constraint is a tuple of two sets of symbolic expressions:
 #   the first of which are required to evaluate to zero, the second of which
 #   are required to evaluate to nonzero.
 #   - A constraint is said to be conflicting if any of its nonzero expressions
@ -17,7 +17,7 @@
 #   - A constraint describing the requirements of the law, called "require"
 # * Implementations are transliterated into functions that operate as well on
 #   algebraic input points, and are called once per combination of branches
-#   exectured. Each execution returns:
+#   executed. Each execution returns:
 #   - A constraint describing the assumptions this implementation requires
 #     (such as Z1=1), called "assumeFormula"
 #   - A constraint describing the assumptions this specific branch requires,
--- a/src/secp256k1/src/asm/field_10x26_arm.s
+++ b/src/secp256k1/src/asm/field_10x26_arm.s
@ -11,7 +11,7 @@ Note:

 - To avoid unnecessary loads and make use of available registers, two
  'passes' have every time been interleaved, with the odd passes accumulating c' and d' 
-  which will be added to c and d respectively in the the even passes
+  which will be added to c and d respectively in the even passes

 */

@ -23,7 +23,7 @@ Note:
 	.eabi_attribute 10, 0 @ Tag_FP_arch = none
 	.eabi_attribute 24, 1 @ Tag_ABI_align_needed = 8-byte
 	.eabi_attribute 25, 1 @ Tag_ABI_align_preserved = 8-byte, except leaf SP
-	.eabi_attribute 30, 2 @ Tag_ABI_optimization_goals = Agressive Speed
+	.eabi_attribute 30, 2 @ Tag_ABI_optimization_goals = Aggressive Speed
 	.eabi_attribute 34, 1 @ Tag_CPU_unaligned_access = v6
 	.text

--- a/src/secp256k1/src/basic-config.h
+++ b/src/secp256k1/src/basic-config.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_BASIC_CONFIG_
-#define _SECP256K1_BASIC_CONFIG_
+#ifndef SECP256K1_BASIC_CONFIG_H
+#define SECP256K1_BASIC_CONFIG_H

 #ifdef USE_BASIC_CONFIG

@ -28,5 +28,6 @@
 #define USE_FIELD_10X26 1
 #define USE_SCALAR_8X32 1

-#endif // USE_BASIC_CONFIG
-#endif // _SECP256K1_BASIC_CONFIG_
+#endif /* USE_BASIC_CONFIG */
+
+#endif /* SECP256K1_BASIC_CONFIG_H */
--- a/src/secp256k1/src/bench.h
+++ b/src/secp256k1/src/bench.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_BENCH_H_
-#define _SECP256K1_BENCH_H_
+#ifndef SECP256K1_BENCH_H
+#define SECP256K1_BENCH_H

 #include <stdio.h>
 #include <math.h>
@ -63,4 +63,4 @@ void run_benchmark(char *name, void (*benchmark)(void*), void (*setup)(void*), v
    printf("us\n");
 }

-#endif
+#endif /* SECP256K1_BENCH_H */
--- a/src/secp256k1/src/bench_ecdh.c
+++ b/src/secp256k1/src/bench_ecdh.c
@ -15,11 +15,11 @@ typedef struct {
    secp256k1_context *ctx;
    secp256k1_pubkey point;
    unsigned char scalar[32];
-} bench_ecdh_t;
+} bench_ecdh;

 static void bench_ecdh_setup(void* arg) {
    int i;
-    bench_ecdh_t *data = (bench_ecdh_t*)arg;
+    bench_ecdh *data = (bench_ecdh*)arg;
    const unsigned char point[] = {
        0x03,
        0x54, 0x94, 0xc1, 0x5d, 0x32, 0x09, 0x97, 0x06,
@ -39,7 +39,7 @@ static void bench_ecdh_setup(void* arg) {
 static void bench_ecdh(void* arg) {
    int i;
    unsigned char res[32];
-    bench_ecdh_t *data = (bench_ecdh_t*)arg;
+    bench_ecdh *data = (bench_ecdh*)arg;

    for (i = 0; i < 20000; i++) {
        CHECK(secp256k1_ecdh(data->ctx, res, &data->point, data->scalar) == 1);
@ -47,7 +47,7 @@ static void bench_ecdh(void* arg) {
 }

 int main(void) {
-    bench_ecdh_t data;
+    bench_ecdh data;

    run_benchmark("ecdh", bench_ecdh, bench_ecdh_setup, NULL, &data, 10, 20000);
    return 0;
--- a/src/secp256k1/src/bench_internal.c
+++ b/src/secp256k1/src/bench_internal.c
@ -25,10 +25,10 @@ typedef struct {
    secp256k1_gej gej_x, gej_y;
    unsigned char data[64];
    int wnaf[256];
-} bench_inv_t;
+} bench_inv;

 void bench_setup(void* arg) {
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    static const unsigned char init_x[32] = {
        0x02, 0x03, 0x05, 0x07, 0x0b, 0x0d, 0x11, 0x13,
@ -58,7 +58,7 @@ void bench_setup(void* arg) {

 void bench_scalar_add(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 2000000; i++) {
        secp256k1_scalar_add(&data->scalar_x, &data->scalar_x, &data->scalar_y);
@ -67,7 +67,7 @@ void bench_scalar_add(void* arg) {

 void bench_scalar_negate(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 2000000; i++) {
        secp256k1_scalar_negate(&data->scalar_x, &data->scalar_x);
@ -76,7 +76,7 @@ void bench_scalar_negate(void* arg) {

 void bench_scalar_sqr(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 200000; i++) {
        secp256k1_scalar_sqr(&data->scalar_x, &data->scalar_x);
@ -85,7 +85,7 @@ void bench_scalar_sqr(void* arg) {

 void bench_scalar_mul(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 200000; i++) {
        secp256k1_scalar_mul(&data->scalar_x, &data->scalar_x, &data->scalar_y);
@ -95,7 +95,7 @@ void bench_scalar_mul(void* arg) {
 #ifdef USE_ENDOMORPHISM
 void bench_scalar_split(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 20000; i++) {
        secp256k1_scalar l, r;
@ -107,7 +107,7 @@ void bench_scalar_split(void* arg) {

 void bench_scalar_inverse(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 2000; i++) {
        secp256k1_scalar_inverse(&data->scalar_x, &data->scalar_x);
@ -117,7 +117,7 @@ void bench_scalar_inverse(void* arg) {

 void bench_scalar_inverse_var(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 2000; i++) {
        secp256k1_scalar_inverse_var(&data->scalar_x, &data->scalar_x);
@ -127,7 +127,7 @@ void bench_scalar_inverse_var(void* arg) {

 void bench_field_normalize(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 2000000; i++) {
        secp256k1_fe_normalize(&data->fe_x);
@ -136,7 +136,7 @@ void bench_field_normalize(void* arg) {

 void bench_field_normalize_weak(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 2000000; i++) {
        secp256k1_fe_normalize_weak(&data->fe_x);
@ -145,7 +145,7 @@ void bench_field_normalize_weak(void* arg) {

 void bench_field_mul(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 200000; i++) {
        secp256k1_fe_mul(&data->fe_x, &data->fe_x, &data->fe_y);
@ -154,7 +154,7 @@ void bench_field_mul(void* arg) {

 void bench_field_sqr(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 200000; i++) {
        secp256k1_fe_sqr(&data->fe_x, &data->fe_x);
@ -163,7 +163,7 @@ void bench_field_sqr(void* arg) {

 void bench_field_inverse(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 20000; i++) {
        secp256k1_fe_inv(&data->fe_x, &data->fe_x);
@ -173,7 +173,7 @@ void bench_field_inverse(void* arg) {

 void bench_field_inverse_var(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 20000; i++) {
        secp256k1_fe_inv_var(&data->fe_x, &data->fe_x);
@ -183,7 +183,7 @@ void bench_field_inverse_var(void* arg) {

 void bench_field_sqrt(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 20000; i++) {
        secp256k1_fe_sqrt(&data->fe_x, &data->fe_x);
@ -193,7 +193,7 @@ void bench_field_sqrt(void* arg) {

 void bench_group_double_var(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 200000; i++) {
        secp256k1_gej_double_var(&data->gej_x, &data->gej_x, NULL);
@ -202,7 +202,7 @@ void bench_group_double_var(void* arg) {

 void bench_group_add_var(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 200000; i++) {
        secp256k1_gej_add_var(&data->gej_x, &data->gej_x, &data->gej_y, NULL);
@ -211,7 +211,7 @@ void bench_group_add_var(void* arg) {

 void bench_group_add_affine(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 200000; i++) {
        secp256k1_gej_add_ge(&data->gej_x, &data->gej_x, &data->ge_y);
@ -220,7 +220,7 @@ void bench_group_add_affine(void* arg) {

 void bench_group_add_affine_var(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 200000; i++) {
        secp256k1_gej_add_ge_var(&data->gej_x, &data->gej_x, &data->ge_y, NULL);
@ -229,7 +229,7 @@ void bench_group_add_affine_var(void* arg) {

 void bench_group_jacobi_var(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 20000; i++) {
        secp256k1_gej_has_quad_y_var(&data->gej_x);
@ -238,7 +238,7 @@ void bench_group_jacobi_var(void* arg) {

 void bench_ecmult_wnaf(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 20000; i++) {
        secp256k1_ecmult_wnaf(data->wnaf, 256, &data->scalar_x, WINDOW_A);
@ -248,7 +248,7 @@ void bench_ecmult_wnaf(void* arg) {

 void bench_wnaf_const(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;

    for (i = 0; i < 20000; i++) {
        secp256k1_wnaf_const(data->wnaf, data->scalar_x, WINDOW_A);
@ -259,8 +259,8 @@ void bench_wnaf_const(void* arg) {

 void bench_sha256(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
-    secp256k1_sha256_t sha;
+    bench_inv *data = (bench_inv*)arg;
+    secp256k1_sha256 sha;

    for (i = 0; i < 20000; i++) {
        secp256k1_sha256_initialize(&sha);
@ -271,8 +271,8 @@ void bench_sha256(void* arg) {

 void bench_hmac_sha256(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
-    secp256k1_hmac_sha256_t hmac;
+    bench_inv *data = (bench_inv*)arg;
+    secp256k1_hmac_sha256 hmac;

    for (i = 0; i < 20000; i++) {
        secp256k1_hmac_sha256_initialize(&hmac, data->data, 32);
@ -283,8 +283,8 @@ void bench_hmac_sha256(void* arg) {

 void bench_rfc6979_hmac_sha256(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
-    secp256k1_rfc6979_hmac_sha256_t rng;
+    bench_inv *data = (bench_inv*)arg;
+    secp256k1_rfc6979_hmac_sha256 rng;

    for (i = 0; i < 20000; i++) {
        secp256k1_rfc6979_hmac_sha256_initialize(&rng, data->data, 64);
@ -311,7 +311,7 @@ void bench_context_sign(void* arg) {
 #ifndef USE_NUM_NONE
 void bench_num_jacobi(void* arg) {
    int i;
-    bench_inv_t *data = (bench_inv_t*)arg;
+    bench_inv *data = (bench_inv*)arg;
    secp256k1_num nx, norder;

    secp256k1_scalar_get_num(&nx, &data->scalar_x);
@ -340,7 +340,7 @@ int have_flag(int argc, char** argv, char *flag) {
 }

 int main(int argc, char **argv) {
-    bench_inv_t data;
+    bench_inv data;
    if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "add")) run_benchmark("scalar_add", bench_scalar_add, bench_setup, NULL, &data, 10, 2000000);
    if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "negate")) run_benchmark("scalar_negate", bench_scalar_negate, bench_setup, NULL, &data, 10, 2000000);
    if (have_flag(argc, argv, "scalar") || have_flag(argc, argv, "sqr")) run_benchmark("scalar_sqr", bench_scalar_sqr, bench_setup, NULL, &data, 10, 200000);
--- a/src/secp256k1/src/bench_recover.c
+++ b/src/secp256k1/src/bench_recover.c
@ -13,11 +13,11 @@ typedef struct {
    secp256k1_context *ctx;
    unsigned char msg[32];
    unsigned char sig[64];
-} bench_recover_t;
+} bench_recover;

 void bench_recover(void* arg) {
    int i;
-    bench_recover_t *data = (bench_recover_t*)arg;
+    bench_recover *data = (bench_recover*)arg;
    secp256k1_pubkey pubkey;
    unsigned char pubkeyc[33];

@ -38,7 +38,7 @@ void bench_recover(void* arg) {

 void bench_recover_setup(void* arg) {
    int i;
-    bench_recover_t *data = (bench_recover_t*)arg;
+    bench_recover *data = (bench_recover*)arg;

    for (i = 0; i < 32; i++) {
        data->msg[i] = 1 + i;
@ -49,7 +49,7 @@ void bench_recover_setup(void* arg) {
 }

 int main(void) {
-    bench_recover_t data;
+    bench_recover data;

    data.ctx = secp256k1_context_create(SECP256K1_CONTEXT_VERIFY);

--- a/src/secp256k1/src/bench_sign.c
+++ b/src/secp256k1/src/bench_sign.c
@ -12,11 +12,11 @@ typedef struct {
    secp256k1_context* ctx;
    unsigned char msg[32];
    unsigned char key[32];
-} bench_sign_t;
+} bench_sign;

 static void bench_sign_setup(void* arg) {
    int i;
-    bench_sign_t *data = (bench_sign_t*)arg;
+    bench_sign *data = (bench_sign*)arg;

    for (i = 0; i < 32; i++) {
        data->msg[i] = i + 1;
@ -26,9 +26,9 @@ static void bench_sign_setup(void* arg) {
    }
 }

-static void bench_sign(void* arg) {
+static void bench_sign_run(void* arg) {
    int i;
-    bench_sign_t *data = (bench_sign_t*)arg;
+    bench_sign *data = (bench_sign*)arg;

    unsigned char sig[74];
    for (i = 0; i < 20000; i++) {
@ -45,11 +45,11 @@ static void bench_sign(void* arg) {
 }

 int main(void) {
-    bench_sign_t data;
+    bench_sign data;

    data.ctx = secp256k1_context_create(SECP256K1_CONTEXT_SIGN);

-    run_benchmark("ecdsa_sign", bench_sign, bench_sign_setup, NULL, &data, 10, 20000);
+    run_benchmark("ecdsa_sign", bench_sign_run, bench_sign_setup, NULL, &data, 10, 20000);

    secp256k1_context_destroy(data.ctx);
    return 0;
--- a/src/secp256k1/src/ecdsa.h
+++ b/src/secp256k1/src/ecdsa.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_ECDSA_
-#define _SECP256K1_ECDSA_
+#ifndef SECP256K1_ECDSA_H
+#define SECP256K1_ECDSA_H

 #include <stddef.h>

@ -18,4 +18,4 @@ static int secp256k1_ecdsa_sig_serialize(unsigned char *sig, size_t *size, const
 static int secp256k1_ecdsa_sig_verify(const secp256k1_ecmult_context *ctx, const secp256k1_scalar* r, const secp256k1_scalar* s, const secp256k1_ge *pubkey, const secp256k1_scalar *message);
 static int secp256k1_ecdsa_sig_sign(const secp256k1_ecmult_gen_context *ctx, secp256k1_scalar* r, secp256k1_scalar* s, const secp256k1_scalar *seckey, const secp256k1_scalar *message, const secp256k1_scalar *nonce, int *recid);

-#endif
+#endif /* SECP256K1_ECDSA_H */
--- a/src/secp256k1/src/ecdsa_impl.h
+++ b/src/secp256k1/src/ecdsa_impl.h
@ -5,8 +5,8 @@
 **********************************************************************/


-#ifndef _SECP256K1_ECDSA_IMPL_H_
-#define _SECP256K1_ECDSA_IMPL_H_
+#ifndef SECP256K1_ECDSA_IMPL_H
+#define SECP256K1_ECDSA_IMPL_H

 #include "scalar.h"
 #include "field.h"
@ -81,8 +81,6 @@ static int secp256k1_der_read_len(const unsigned char **sigp, const unsigned cha
        return -1;
    }
    while (lenleft > 0) {
-        if ((ret >> ((sizeof(size_t) - 1) * 8)) != 0) {
-        }
        ret = (ret << 8) | **sigp;
        if (ret + lenleft > (size_t)(sigend - *sigp)) {
            /* Result exceeds the length of the passed array. */
@ -312,4 +310,4 @@ static int secp256k1_ecdsa_sig_sign(const secp256k1_ecmult_gen_context *ctx, sec
    return 1;
 }

-#endif
+#endif /* SECP256K1_ECDSA_IMPL_H */
--- a/src/secp256k1/src/eckey.h
+++ b/src/secp256k1/src/eckey.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_ECKEY_
-#define _SECP256K1_ECKEY_
+#ifndef SECP256K1_ECKEY_H
+#define SECP256K1_ECKEY_H

 #include <stddef.h>

@ -22,4 +22,4 @@ static int secp256k1_eckey_pubkey_tweak_add(const secp256k1_ecmult_context *ctx,
 static int secp256k1_eckey_privkey_tweak_mul(secp256k1_scalar *key, const secp256k1_scalar *tweak);
 static int secp256k1_eckey_pubkey_tweak_mul(const secp256k1_ecmult_context *ctx, secp256k1_ge *key, const secp256k1_scalar *tweak);

-#endif
+#endif /* SECP256K1_ECKEY_H */
--- a/src/secp256k1/src/eckey_impl.h
+++ b/src/secp256k1/src/eckey_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_ECKEY_IMPL_H_
-#define _SECP256K1_ECKEY_IMPL_H_
+#ifndef SECP256K1_ECKEY_IMPL_H
+#define SECP256K1_ECKEY_IMPL_H

 #include "eckey.h"

@ -15,16 +15,17 @@
 #include "ecmult_gen.h"

 static int secp256k1_eckey_pubkey_parse(secp256k1_ge *elem, const unsigned char *pub, size_t size) {
-    if (size == 33 && (pub[0] == 0x02 || pub[0] == 0x03)) {
+    if (size == 33 && (pub[0] == SECP256K1_TAG_PUBKEY_EVEN || pub[0] == SECP256K1_TAG_PUBKEY_ODD)) {
        secp256k1_fe x;
-        return secp256k1_fe_set_b32(&x, pub+1) && secp256k1_ge_set_xo_var(elem, &x, pub[0] == 0x03);
+        return secp256k1_fe_set_b32(&x, pub+1) && secp256k1_ge_set_xo_var(elem, &x, pub[0] == SECP256K1_TAG_PUBKEY_ODD);
    } else if (size == 65 && (pub[0] == 0x04 || pub[0] == 0x06 || pub[0] == 0x07)) {
        secp256k1_fe x, y;
        if (!secp256k1_fe_set_b32(&x, pub+1) || !secp256k1_fe_set_b32(&y, pub+33)) {
            return 0;
        }
        secp256k1_ge_set_xy(elem, &x, &y);
-        if ((pub[0] == 0x06 || pub[0] == 0x07) && secp256k1_fe_is_odd(&y) != (pub[0] == 0x07)) {
+        if ((pub[0] == SECP256K1_TAG_PUBKEY_HYBRID_EVEN || pub[0] == SECP256K1_TAG_PUBKEY_HYBRID_ODD) &&
+            secp256k1_fe_is_odd(&y) != (pub[0] == SECP256K1_TAG_PUBKEY_HYBRID_ODD)) {
            return 0;
        }
        return secp256k1_ge_is_valid_var(elem);
@ -42,10 +43,10 @@ static int secp256k1_eckey_pubkey_serialize(secp256k1_ge *elem, unsigned char *p
    secp256k1_fe_get_b32(&pub[1], &elem->x);
    if (compressed) {
        *size = 33;
-        pub[0] = 0x02 | (secp256k1_fe_is_odd(&elem->y) ? 0x01 : 0x00);
+        pub[0] = secp256k1_fe_is_odd(&elem->y) ? SECP256K1_TAG_PUBKEY_ODD : SECP256K1_TAG_PUBKEY_EVEN;
    } else {
        *size = 65;
-        pub[0] = 0x04;
+        pub[0] = SECP256K1_TAG_PUBKEY_UNCOMPRESSED;
        secp256k1_fe_get_b32(&pub[33], &elem->y);
    }
    return 1;
@ -96,4 +97,4 @@ static int secp256k1_eckey_pubkey_tweak_mul(const secp256k1_ecmult_context *ctx,
    return 1;
 }

-#endif
+#endif /* SECP256K1_ECKEY_IMPL_H */
--- a/src/secp256k1/src/ecmult.h
+++ b/src/secp256k1/src/ecmult.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_ECMULT_
-#define _SECP256K1_ECMULT_
+#ifndef SECP256K1_ECMULT_H
+#define SECP256K1_ECMULT_H

 #include "num.h"
 #include "group.h"
@ -28,4 +28,4 @@ static int secp256k1_ecmult_context_is_built(const secp256k1_ecmult_context *ctx
 /** Double multiply: R = na*A + ng*G */
 static void secp256k1_ecmult(const secp256k1_ecmult_context *ctx, secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_scalar *na, const secp256k1_scalar *ng);

-#endif
+#endif /* SECP256K1_ECMULT_H */
--- a/src/secp256k1/src/ecmult_const.h
+++ b/src/secp256k1/src/ecmult_const.h
@ -4,12 +4,12 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_ECMULT_CONST_
-#define _SECP256K1_ECMULT_CONST_
+#ifndef SECP256K1_ECMULT_CONST_H
+#define SECP256K1_ECMULT_CONST_H

 #include "scalar.h"
 #include "group.h"

 static void secp256k1_ecmult_const(secp256k1_gej *r, const secp256k1_ge *a, const secp256k1_scalar *q);

-#endif
+#endif /* SECP256K1_ECMULT_CONST_H */
--- a/src/secp256k1/src/ecmult_const_impl.h
+++ b/src/secp256k1/src/ecmult_const_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_ECMULT_CONST_IMPL_
-#define _SECP256K1_ECMULT_CONST_IMPL_
+#ifndef SECP256K1_ECMULT_CONST_IMPL_H
+#define SECP256K1_ECMULT_CONST_IMPL_H

 #include "scalar.h"
 #include "group.h"
@ -42,11 +42,12 @@
 } while(0)


-/** Convert a number to WNAF notation. The number becomes represented by sum(2^{wi} * wnaf[i], i=0..return_val)
- *  with the following guarantees:
+/** Convert a number to WNAF notation.
+ *  The number becomes represented by sum(2^{wi} * wnaf[i], i=0..WNAF_SIZE(w)+1) - return_val.
+ *  It has the following guarantees:
 *  - each wnaf[i] an odd integer between -(1 << w) and (1 << w)
 *  - each wnaf[i] is nonzero
- *  - the number of words set is returned; this is always (WNAF_BITS + w - 1) / w
+ *  - the number of words set is always WNAF_SIZE(w) + 1
 *
 *  Adapted from `The Width-w NAF Method Provides Small Memory and Fast Elliptic Scalar
 *  Multiplications Secure against Side Channel Attacks`, Okeya and Tagaki. M. Joye (Ed.)
@ -236,4 +237,4 @@ static void secp256k1_ecmult_const(secp256k1_gej *r, const secp256k1_ge *a, cons
    }
 }

-#endif
+#endif /* SECP256K1_ECMULT_CONST_IMPL_H */
--- a/src/secp256k1/src/ecmult_gen.h
+++ b/src/secp256k1/src/ecmult_gen.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_ECMULT_GEN_
-#define _SECP256K1_ECMULT_GEN_
+#ifndef SECP256K1_ECMULT_GEN_H
+#define SECP256K1_ECMULT_GEN_H

 #include "scalar.h"
 #include "group.h"
@ -40,4 +40,4 @@ static void secp256k1_ecmult_gen(const secp256k1_ecmult_gen_context* ctx, secp25

 static void secp256k1_ecmult_gen_blind(secp256k1_ecmult_gen_context *ctx, const unsigned char *seed32);

-#endif
+#endif /* SECP256K1_ECMULT_GEN_H */
--- a/src/secp256k1/src/ecmult_gen_impl.h
+++ b/src/secp256k1/src/ecmult_gen_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_ECMULT_GEN_IMPL_H_
-#define _SECP256K1_ECMULT_GEN_IMPL_H_
+#ifndef SECP256K1_ECMULT_GEN_IMPL_H
+#define SECP256K1_ECMULT_GEN_IMPL_H

 #include "scalar.h"
 #include "group.h"
@ -161,7 +161,7 @@ static void secp256k1_ecmult_gen_blind(secp256k1_ecmult_gen_context *ctx, const
    secp256k1_gej gb;
    secp256k1_fe s;
    unsigned char nonce32[32];
-    secp256k1_rfc6979_hmac_sha256_t rng;
+    secp256k1_rfc6979_hmac_sha256 rng;
    int retry;
    unsigned char keydata[64] = {0};
    if (seed32 == NULL) {
@ -207,4 +207,4 @@ static void secp256k1_ecmult_gen_blind(secp256k1_ecmult_gen_context *ctx, const
    secp256k1_gej_clear(&gb);
 }

-#endif
+#endif /* SECP256K1_ECMULT_GEN_IMPL_H */
--- a/src/secp256k1/src/ecmult_impl.h
+++ b/src/secp256k1/src/ecmult_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_ECMULT_IMPL_H_
-#define _SECP256K1_ECMULT_IMPL_H_
+#ifndef SECP256K1_ECMULT_IMPL_H
+#define SECP256K1_ECMULT_IMPL_H

 #include <string.h>

@ -403,4 +403,4 @@ static void secp256k1_ecmult(const secp256k1_ecmult_context *ctx, secp256k1_gej
    }
 }

-#endif
+#endif /* SECP256K1_ECMULT_IMPL_H */
--- a/src/secp256k1/src/field.h
+++ b/src/secp256k1/src/field.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_FIELD_
-#define _SECP256K1_FIELD_
+#ifndef SECP256K1_FIELD_H
+#define SECP256K1_FIELD_H

 /** Field element module.
 *
@ -129,4 +129,4 @@ static void secp256k1_fe_storage_cmov(secp256k1_fe_storage *r, const secp256k1_f
 /** If flag is true, set *r equal to *a; otherwise leave it. Constant-time. */
 static void secp256k1_fe_cmov(secp256k1_fe *r, const secp256k1_fe *a, int flag);

-#endif
+#endif /* SECP256K1_FIELD_H */
--- a/src/secp256k1/src/field_10x26.h
+++ b/src/secp256k1/src/field_10x26.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_FIELD_REPR_
-#define _SECP256K1_FIELD_REPR_
+#ifndef SECP256K1_FIELD_REPR_H
+#define SECP256K1_FIELD_REPR_H

 #include <stdint.h>

@ -44,4 +44,5 @@ typedef struct {

 #define SECP256K1_FE_STORAGE_CONST(d7, d6, d5, d4, d3, d2, d1, d0) {{ (d0), (d1), (d2), (d3), (d4), (d5), (d6), (d7) }}
 #define SECP256K1_FE_STORAGE_CONST_GET(d) d.n[7], d.n[6], d.n[5], d.n[4],d.n[3], d.n[2], d.n[1], d.n[0]
-#endif
+
+#endif /* SECP256K1_FIELD_REPR_H */
--- a/src/secp256k1/src/field_10x26_impl.h
+++ b/src/secp256k1/src/field_10x26_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_FIELD_REPR_IMPL_H_
-#define _SECP256K1_FIELD_REPR_IMPL_H_
+#ifndef SECP256K1_FIELD_REPR_IMPL_H
+#define SECP256K1_FIELD_REPR_IMPL_H

 #include "util.h"
 #include "num.h"
@ -1158,4 +1158,4 @@ static SECP256K1_INLINE void secp256k1_fe_from_storage(secp256k1_fe *r, const se
 #endif
 }

-#endif
+#endif /* SECP256K1_FIELD_REPR_IMPL_H */
--- a/src/secp256k1/src/field_5x52.h
+++ b/src/secp256k1/src/field_5x52.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_FIELD_REPR_
-#define _SECP256K1_FIELD_REPR_
+#ifndef SECP256K1_FIELD_REPR_H
+#define SECP256K1_FIELD_REPR_H

 #include <stdint.h>

@ -44,4 +44,4 @@ typedef struct {
    (d6) | (((uint64_t)(d7)) << 32) \
 }}

-#endif
+#endif /* SECP256K1_FIELD_REPR_H */
--- a/src/secp256k1/src/field_5x52_asm_impl.h
+++ b/src/secp256k1/src/field_5x52_asm_impl.h
@ -11,8 +11,8 @@
 * - December 2014, Pieter Wuille: converted from YASM to GCC inline assembly
 */

-#ifndef _SECP256K1_FIELD_INNER5X52_IMPL_H_
-#define _SECP256K1_FIELD_INNER5X52_IMPL_H_
+#ifndef SECP256K1_FIELD_INNER5X52_IMPL_H
+#define SECP256K1_FIELD_INNER5X52_IMPL_H

 SECP256K1_INLINE static void secp256k1_fe_mul_inner(uint64_t *r, const uint64_t *a, const uint64_t * SECP256K1_RESTRICT b) {
 /**
@ -499,4 +499,4 @@ __asm__ __volatile__(
 );
 }

-#endif
+#endif /* SECP256K1_FIELD_INNER5X52_IMPL_H */
--- a/src/secp256k1/src/field_5x52_impl.h
+++ b/src/secp256k1/src/field_5x52_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_FIELD_REPR_IMPL_H_
-#define _SECP256K1_FIELD_REPR_IMPL_H_
+#ifndef SECP256K1_FIELD_REPR_IMPL_H
+#define SECP256K1_FIELD_REPR_IMPL_H

 #if defined HAVE_CONFIG_H
 #include "libsecp256k1-config.h"
@ -493,4 +493,4 @@ static SECP256K1_INLINE void secp256k1_fe_from_storage(secp256k1_fe *r, const se
 #endif
 }

-#endif
+#endif /* SECP256K1_FIELD_REPR_IMPL_H */
--- a/src/secp256k1/src/field_5x52_int128_impl.h
+++ b/src/secp256k1/src/field_5x52_int128_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_FIELD_INNER5X52_IMPL_H_
-#define _SECP256K1_FIELD_INNER5X52_IMPL_H_
+#ifndef SECP256K1_FIELD_INNER5X52_IMPL_H
+#define SECP256K1_FIELD_INNER5X52_IMPL_H

 #include <stdint.h>

@ -274,4 +274,4 @@ SECP256K1_INLINE static void secp256k1_fe_sqr_inner(uint64_t *r, const uint64_t
    /* [r4 r3 r2 r1 r0] = [p8 p7 p6 p5 p4 p3 p2 p1 p0] */
 }

-#endif
+#endif /* SECP256K1_FIELD_INNER5X52_IMPL_H */
--- a/src/secp256k1/src/field_impl.h
+++ b/src/secp256k1/src/field_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_FIELD_IMPL_H_
-#define _SECP256K1_FIELD_IMPL_H_
+#ifndef SECP256K1_FIELD_IMPL_H
+#define SECP256K1_FIELD_IMPL_H

 #if defined HAVE_CONFIG_H
 #include "libsecp256k1-config.h"
@ -312,4 +312,4 @@ static int secp256k1_fe_is_quad_var(const secp256k1_fe *a) {
 #endif
 }

-#endif
+#endif /* SECP256K1_FIELD_IMPL_H */
--- a/src/secp256k1/src/group.h
+++ b/src/secp256k1/src/group.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_GROUP_
-#define _SECP256K1_GROUP_
+#ifndef SECP256K1_GROUP_H
+#define SECP256K1_GROUP_H

 #include "num.h"
 #include "field.h"
@ -141,4 +141,4 @@ static void secp256k1_ge_storage_cmov(secp256k1_ge_storage *r, const secp256k1_g
 /** Rescale a jacobian point by b which must be non-zero. Constant-time. */
 static void secp256k1_gej_rescale(secp256k1_gej *r, const secp256k1_fe *b);

-#endif
+#endif /* SECP256K1_GROUP_H */
--- a/src/secp256k1/src/group_impl.h
+++ b/src/secp256k1/src/group_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_GROUP_IMPL_H_
-#define _SECP256K1_GROUP_IMPL_H_
+#ifndef SECP256K1_GROUP_IMPL_H
+#define SECP256K1_GROUP_IMPL_H

 #include "num.h"
 #include "field.h"
@ -697,4 +697,4 @@ static int secp256k1_gej_has_quad_y_var(const secp256k1_gej *a) {
    return secp256k1_fe_is_quad_var(&yz);
 }

-#endif
+#endif /* SECP256K1_GROUP_IMPL_H */
--- a/src/secp256k1/src/hash.h
+++ b/src/secp256k1/src/hash.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_HASH_
-#define _SECP256K1_HASH_
+#ifndef SECP256K1_HASH_H
+#define SECP256K1_HASH_H

 #include <stdlib.h>
 #include <stdint.h>
@ -14,28 +14,28 @@ typedef struct {
    uint32_t s[8];
    uint32_t buf[16]; /* In big endian */
    size_t bytes;
-} secp256k1_sha256_t;
+} secp256k1_sha256;

-static void secp256k1_sha256_initialize(secp256k1_sha256_t *hash);
-static void secp256k1_sha256_write(secp256k1_sha256_t *hash, const unsigned char *data, size_t size);
-static void secp256k1_sha256_finalize(secp256k1_sha256_t *hash, unsigned char *out32);
+static void secp256k1_sha256_initialize(secp256k1_sha256 *hash);
+static void secp256k1_sha256_write(secp256k1_sha256 *hash, const unsigned char *data, size_t size);
+static void secp256k1_sha256_finalize(secp256k1_sha256 *hash, unsigned char *out32);

 typedef struct {
-    secp256k1_sha256_t inner, outer;
-} secp256k1_hmac_sha256_t;
+    secp256k1_sha256 inner, outer;
+} secp256k1_hmac_sha256;

-static void secp256k1_hmac_sha256_initialize(secp256k1_hmac_sha256_t *hash, const unsigned char *key, size_t size);
-static void secp256k1_hmac_sha256_write(secp256k1_hmac_sha256_t *hash, const unsigned char *data, size_t size);
-static void secp256k1_hmac_sha256_finalize(secp256k1_hmac_sha256_t *hash, unsigned char *out32);
+static void secp256k1_hmac_sha256_initialize(secp256k1_hmac_sha256 *hash, const unsigned char *key, size_t size);
+static void secp256k1_hmac_sha256_write(secp256k1_hmac_sha256 *hash, const unsigned char *data, size_t size);
+static void secp256k1_hmac_sha256_finalize(secp256k1_hmac_sha256 *hash, unsigned char *out32);

 typedef struct {
    unsigned char v[32];
    unsigned char k[32];
    int retry;
-} secp256k1_rfc6979_hmac_sha256_t;
+} secp256k1_rfc6979_hmac_sha256;

-static void secp256k1_rfc6979_hmac_sha256_initialize(secp256k1_rfc6979_hmac_sha256_t *rng, const unsigned char *key, size_t keylen);
-static void secp256k1_rfc6979_hmac_sha256_generate(secp256k1_rfc6979_hmac_sha256_t *rng, unsigned char *out, size_t outlen);
-static void secp256k1_rfc6979_hmac_sha256_finalize(secp256k1_rfc6979_hmac_sha256_t *rng);
+static void secp256k1_rfc6979_hmac_sha256_initialize(secp256k1_rfc6979_hmac_sha256 *rng, const unsigned char *key, size_t keylen);
+static void secp256k1_rfc6979_hmac_sha256_generate(secp256k1_rfc6979_hmac_sha256 *rng, unsigned char *out, size_t outlen);
+static void secp256k1_rfc6979_hmac_sha256_finalize(secp256k1_rfc6979_hmac_sha256 *rng);

-#endif
+#endif /* SECP256K1_HASH_H */
--- a/src/secp256k1/src/hash_impl.h
+++ b/src/secp256k1/src/hash_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_HASH_IMPL_H_
-#define _SECP256K1_HASH_IMPL_H_
+#ifndef SECP256K1_HASH_IMPL_H
+#define SECP256K1_HASH_IMPL_H

 #include "hash.h"

@ -33,7 +33,7 @@
 #define BE32(p) ((((p) & 0xFF) << 24) | (((p) & 0xFF00) << 8) | (((p) & 0xFF0000) >> 8) | (((p) & 0xFF000000) >> 24))
 #endif

-static void secp256k1_sha256_initialize(secp256k1_sha256_t *hash) {
+static void secp256k1_sha256_initialize(secp256k1_sha256 *hash) {
    hash->s[0] = 0x6a09e667ul;
    hash->s[1] = 0xbb67ae85ul;
    hash->s[2] = 0x3c6ef372ul;
@ -128,7 +128,7 @@ static void secp256k1_sha256_transform(uint32_t* s, const uint32_t* chunk) {
    s[7] += h;
 }

-static void secp256k1_sha256_write(secp256k1_sha256_t *hash, const unsigned char *data, size_t len) {
+static void secp256k1_sha256_write(secp256k1_sha256 *hash, const unsigned char *data, size_t len) {
    size_t bufsize = hash->bytes & 0x3F;
    hash->bytes += len;
    while (bufsize + len >= 64) {
@ -145,7 +145,7 @@ static void secp256k1_sha256_write(secp256k1_sha256_t *hash, const unsigned char
    }
 }

-static void secp256k1_sha256_finalize(secp256k1_sha256_t *hash, unsigned char *out32) {
+static void secp256k1_sha256_finalize(secp256k1_sha256 *hash, unsigned char *out32) {
    static const unsigned char pad[64] = {0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
    uint32_t sizedesc[2];
    uint32_t out[8];
@ -161,14 +161,14 @@ static void secp256k1_sha256_finalize(secp256k1_sha256_t *hash, unsigned char *o
    memcpy(out32, (const unsigned char*)out, 32);
 }

-static void secp256k1_hmac_sha256_initialize(secp256k1_hmac_sha256_t *hash, const unsigned char *key, size_t keylen) {
+static void secp256k1_hmac_sha256_initialize(secp256k1_hmac_sha256 *hash, const unsigned char *key, size_t keylen) {
    int n;
    unsigned char rkey[64];
    if (keylen <= 64) {
        memcpy(rkey, key, keylen);
        memset(rkey + keylen, 0, 64 - keylen);
    } else {
-        secp256k1_sha256_t sha256;
+        secp256k1_sha256 sha256;
        secp256k1_sha256_initialize(&sha256);
        secp256k1_sha256_write(&sha256, key, keylen);
        secp256k1_sha256_finalize(&sha256, rkey);
@ -189,11 +189,11 @@ static void secp256k1_hmac_sha256_initialize(secp256k1_hmac_sha256_t *hash, cons
    memset(rkey, 0, 64);
 }

-static void secp256k1_hmac_sha256_write(secp256k1_hmac_sha256_t *hash, const unsigned char *data, size_t size) {
+static void secp256k1_hmac_sha256_write(secp256k1_hmac_sha256 *hash, const unsigned char *data, size_t size) {
    secp256k1_sha256_write(&hash->inner, data, size);
 }

-static void secp256k1_hmac_sha256_finalize(secp256k1_hmac_sha256_t *hash, unsigned char *out32) {
+static void secp256k1_hmac_sha256_finalize(secp256k1_hmac_sha256 *hash, unsigned char *out32) {
    unsigned char temp[32];
    secp256k1_sha256_finalize(&hash->inner, temp);
    secp256k1_sha256_write(&hash->outer, temp, 32);
@ -202,8 +202,8 @@ static void secp256k1_hmac_sha256_finalize(secp256k1_hmac_sha256_t *hash, unsign
 }


-static void secp256k1_rfc6979_hmac_sha256_initialize(secp256k1_rfc6979_hmac_sha256_t *rng, const unsigned char *key, size_t keylen) {
-    secp256k1_hmac_sha256_t hmac;
+static void secp256k1_rfc6979_hmac_sha256_initialize(secp256k1_rfc6979_hmac_sha256 *rng, const unsigned char *key, size_t keylen) {
+    secp256k1_hmac_sha256 hmac;
    static const unsigned char zero[1] = {0x00};
    static const unsigned char one[1] = {0x01};

@ -232,11 +232,11 @@ static void secp256k1_rfc6979_hmac_sha256_initialize(secp256k1_rfc6979_hmac_sha2
    rng->retry = 0;
 }

-static void secp256k1_rfc6979_hmac_sha256_generate(secp256k1_rfc6979_hmac_sha256_t *rng, unsigned char *out, size_t outlen) {
+static void secp256k1_rfc6979_hmac_sha256_generate(secp256k1_rfc6979_hmac_sha256 *rng, unsigned char *out, size_t outlen) {
    /* RFC6979 3.2.h. */
    static const unsigned char zero[1] = {0x00};
    if (rng->retry) {
-        secp256k1_hmac_sha256_t hmac;
+        secp256k1_hmac_sha256 hmac;
        secp256k1_hmac_sha256_initialize(&hmac, rng->k, 32);
        secp256k1_hmac_sha256_write(&hmac, rng->v, 32);
        secp256k1_hmac_sha256_write(&hmac, zero, 1);
@ -247,7 +247,7 @@ static void secp256k1_rfc6979_hmac_sha256_generate(secp256k1_rfc6979_hmac_sha256
    }

    while (outlen > 0) {
-        secp256k1_hmac_sha256_t hmac;
+        secp256k1_hmac_sha256 hmac;
        int now = outlen;
        secp256k1_hmac_sha256_initialize(&hmac, rng->k, 32);
        secp256k1_hmac_sha256_write(&hmac, rng->v, 32);
@ -263,7 +263,7 @@ static void secp256k1_rfc6979_hmac_sha256_generate(secp256k1_rfc6979_hmac_sha256
    rng->retry = 1;
 }

-static void secp256k1_rfc6979_hmac_sha256_finalize(secp256k1_rfc6979_hmac_sha256_t *rng) {
+static void secp256k1_rfc6979_hmac_sha256_finalize(secp256k1_rfc6979_hmac_sha256 *rng) {
    memset(rng->k, 0, 32);
    memset(rng->v, 0, 32);
    rng->retry = 0;
@ -278,4 +278,4 @@ static void secp256k1_rfc6979_hmac_sha256_finalize(secp256k1_rfc6979_hmac_sha256
 #undef Maj
 #undef Ch

-#endif
+#endif /* SECP256K1_HASH_IMPL_H */
--- a/src/secp256k1/src/modules/ecdh/main_impl.h
+++ b/src/secp256k1/src/modules/ecdh/main_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_MODULE_ECDH_MAIN_
-#define _SECP256K1_MODULE_ECDH_MAIN_
+#ifndef SECP256K1_MODULE_ECDH_MAIN_H
+#define SECP256K1_MODULE_ECDH_MAIN_H

 #include "include/secp256k1_ecdh.h"
 #include "ecmult_const_impl.h"
@ -28,7 +28,7 @@ int secp256k1_ecdh(const secp256k1_context* ctx, unsigned char *result, const se
    } else {
        unsigned char x[32];
        unsigned char y[1];
-        secp256k1_sha256_t sha;
+        secp256k1_sha256 sha;

        secp256k1_ecmult_const(&res, &pt, &s);
        secp256k1_ge_set_gej(&pt, &res);
@ -51,4 +51,4 @@ int secp256k1_ecdh(const secp256k1_context* ctx, unsigned char *result, const se
    return ret;
 }

-#endif
+#endif /* SECP256K1_MODULE_ECDH_MAIN_H */
--- a/src/secp256k1/src/modules/ecdh/tests_impl.h
+++ b/src/secp256k1/src/modules/ecdh/tests_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_MODULE_ECDH_TESTS_
-#define _SECP256K1_MODULE_ECDH_TESTS_
+#ifndef SECP256K1_MODULE_ECDH_TESTS_H
+#define SECP256K1_MODULE_ECDH_TESTS_H

 void test_ecdh_api(void) {
    /* Setup context that just counts errors */
@ -44,7 +44,7 @@ void test_ecdh_generator_basepoint(void) {
    s_one[31] = 1;
    /* Check against pubkey creation when the basepoint is the generator */
    for (i = 0; i < 100; ++i) {
-        secp256k1_sha256_t sha;
+        secp256k1_sha256 sha;
        unsigned char s_b32[32];
        unsigned char output_ecdh[32];
        unsigned char output_ser[32];
@ -102,4 +102,4 @@ void run_ecdh_tests(void) {
    test_bad_scalar();
 }

-#endif
+#endif /* SECP256K1_MODULE_ECDH_TESTS_H */
--- a/src/secp256k1/src/modules/recovery/main_impl.h
+++ b/src/secp256k1/src/modules/recovery/main_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_MODULE_RECOVERY_MAIN_
-#define _SECP256K1_MODULE_RECOVERY_MAIN_
+#ifndef SECP256K1_MODULE_RECOVERY_MAIN_H
+#define SECP256K1_MODULE_RECOVERY_MAIN_H

 #include "include/secp256k1_recovery.h"

@ -190,4 +190,4 @@ int secp256k1_ecdsa_recover(const secp256k1_context* ctx, secp256k1_pubkey *pubk
    }
 }

-#endif
+#endif /* SECP256K1_MODULE_RECOVERY_MAIN_H */
--- a/src/secp256k1/src/modules/recovery/tests_impl.h
+++ b/src/secp256k1/src/modules/recovery/tests_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_MODULE_RECOVERY_TESTS_
-#define _SECP256K1_MODULE_RECOVERY_TESTS_
+#ifndef SECP256K1_MODULE_RECOVERY_TESTS_H
+#define SECP256K1_MODULE_RECOVERY_TESTS_H

 static int recovery_test_nonce_function(unsigned char *nonce32, const unsigned char *msg32, const unsigned char *key32, const unsigned char *algo16, void *data, unsigned int counter) {
    (void) msg32;
@ -390,4 +390,4 @@ void run_recovery_tests(void) {
    test_ecdsa_recovery_edge_cases();
 }

-#endif
+#endif /* SECP256K1_MODULE_RECOVERY_TESTS_H */
--- a/src/secp256k1/src/num.h
+++ b/src/secp256k1/src/num.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_NUM_
-#define _SECP256K1_NUM_
+#ifndef SECP256K1_NUM_H
+#define SECP256K1_NUM_H

 #ifndef USE_NUM_NONE

@ -71,4 +71,4 @@ static void secp256k1_num_negate(secp256k1_num *r);

 #endif

-#endif
+#endif /* SECP256K1_NUM_H */
--- a/src/secp256k1/src/num_gmp.h
+++ b/src/secp256k1/src/num_gmp.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_NUM_REPR_
-#define _SECP256K1_NUM_REPR_
+#ifndef SECP256K1_NUM_REPR_H
+#define SECP256K1_NUM_REPR_H

 #include <gmp.h>

@ -17,4 +17,4 @@ typedef struct {
    int limbs;
 } secp256k1_num;

-#endif
+#endif /* SECP256K1_NUM_REPR_H */
--- a/src/secp256k1/src/num_gmp_impl.h
+++ b/src/secp256k1/src/num_gmp_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_NUM_REPR_IMPL_H_
-#define _SECP256K1_NUM_REPR_IMPL_H_
+#ifndef SECP256K1_NUM_REPR_IMPL_H
+#define SECP256K1_NUM_REPR_IMPL_H

 #include <string.h>
 #include <stdlib.h>
@ -285,4 +285,4 @@ static void secp256k1_num_negate(secp256k1_num *r) {
    r->neg ^= 1;
 }

-#endif
+#endif /* SECP256K1_NUM_REPR_IMPL_H */
--- a/src/secp256k1/src/num_impl.h
+++ b/src/secp256k1/src/num_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_NUM_IMPL_H_
-#define _SECP256K1_NUM_IMPL_H_
+#ifndef SECP256K1_NUM_IMPL_H
+#define SECP256K1_NUM_IMPL_H

 #if defined HAVE_CONFIG_H
 #include "libsecp256k1-config.h"
@ -21,4 +21,4 @@
 #error "Please select num implementation"
 #endif

-#endif
+#endif /* SECP256K1_NUM_IMPL_H */
--- a/src/secp256k1/src/scalar.h
+++ b/src/secp256k1/src/scalar.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_SCALAR_
-#define _SECP256K1_SCALAR_
+#ifndef SECP256K1_SCALAR_H
+#define SECP256K1_SCALAR_H

 #include "num.h"

@ -103,4 +103,4 @@ static void secp256k1_scalar_split_lambda(secp256k1_scalar *r1, secp256k1_scalar
 /** Multiply a and b (without taking the modulus!), divide by 2**shift, and round to the nearest integer. Shift must be at least 256. */
 static void secp256k1_scalar_mul_shift_var(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b, unsigned int shift);

-#endif
+#endif /* SECP256K1_SCALAR_H */
--- a/src/secp256k1/src/scalar_4x64.h
+++ b/src/secp256k1/src/scalar_4x64.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_SCALAR_REPR_
-#define _SECP256K1_SCALAR_REPR_
+#ifndef SECP256K1_SCALAR_REPR_H
+#define SECP256K1_SCALAR_REPR_H

 #include <stdint.h>

@ -16,4 +16,4 @@ typedef struct {

 #define SECP256K1_SCALAR_CONST(d7, d6, d5, d4, d3, d2, d1, d0) {{((uint64_t)(d1)) << 32 | (d0), ((uint64_t)(d3)) << 32 | (d2), ((uint64_t)(d5)) << 32 | (d4), ((uint64_t)(d7)) << 32 | (d6)}}

-#endif
+#endif /* SECP256K1_SCALAR_REPR_H */
--- a/src/secp256k1/src/scalar_4x64_impl.h
+++ b/src/secp256k1/src/scalar_4x64_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_SCALAR_REPR_IMPL_H_
-#define _SECP256K1_SCALAR_REPR_IMPL_H_
+#ifndef SECP256K1_SCALAR_REPR_IMPL_H
+#define SECP256K1_SCALAR_REPR_IMPL_H

 /* Limbs of the secp256k1 order. */
 #define SECP256K1_N_0 ((uint64_t)0xBFD25E8CD0364141ULL)
@ -946,4 +946,4 @@ SECP256K1_INLINE static void secp256k1_scalar_mul_shift_var(secp256k1_scalar *r,
    secp256k1_scalar_cadd_bit(r, 0, (l[(shift - 1) >> 6] >> ((shift - 1) & 0x3f)) & 1);
 }

-#endif
+#endif /* SECP256K1_SCALAR_REPR_IMPL_H */
--- a/src/secp256k1/src/scalar_8x32.h
+++ b/src/secp256k1/src/scalar_8x32.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_SCALAR_REPR_
-#define _SECP256K1_SCALAR_REPR_
+#ifndef SECP256K1_SCALAR_REPR_H
+#define SECP256K1_SCALAR_REPR_H

 #include <stdint.h>

@ -16,4 +16,4 @@ typedef struct {

 #define SECP256K1_SCALAR_CONST(d7, d6, d5, d4, d3, d2, d1, d0) {{(d0), (d1), (d2), (d3), (d4), (d5), (d6), (d7)}}

-#endif
+#endif /* SECP256K1_SCALAR_REPR_H */
--- a/src/secp256k1/src/scalar_8x32_impl.h
+++ b/src/secp256k1/src/scalar_8x32_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_SCALAR_REPR_IMPL_H_
-#define _SECP256K1_SCALAR_REPR_IMPL_H_
+#ifndef SECP256K1_SCALAR_REPR_IMPL_H
+#define SECP256K1_SCALAR_REPR_IMPL_H

 /* Limbs of the secp256k1 order. */
 #define SECP256K1_N_0 ((uint32_t)0xD0364141UL)
@ -718,4 +718,4 @@ SECP256K1_INLINE static void secp256k1_scalar_mul_shift_var(secp256k1_scalar *r,
    secp256k1_scalar_cadd_bit(r, 0, (l[(shift - 1) >> 5] >> ((shift - 1) & 0x1f)) & 1);
 }

-#endif
+#endif /* SECP256K1_SCALAR_REPR_IMPL_H */
--- a/src/secp256k1/src/scalar_impl.h
+++ b/src/secp256k1/src/scalar_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_SCALAR_IMPL_H_
-#define _SECP256K1_SCALAR_IMPL_H_
+#ifndef SECP256K1_SCALAR_IMPL_H
+#define SECP256K1_SCALAR_IMPL_H

 #include "group.h"
 #include "scalar.h"
@ -330,4 +330,4 @@ static void secp256k1_scalar_split_lambda(secp256k1_scalar *r1, secp256k1_scalar
 #endif
 #endif

-#endif
+#endif /* SECP256K1_SCALAR_IMPL_H */
--- a/src/secp256k1/src/scalar_low.h
+++ b/src/secp256k1/src/scalar_low.h
@ -4,12 +4,12 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_SCALAR_REPR_
-#define _SECP256K1_SCALAR_REPR_
+#ifndef SECP256K1_SCALAR_REPR_H
+#define SECP256K1_SCALAR_REPR_H

 #include <stdint.h>

 /** A scalar modulo the group order of the secp256k1 curve. */
 typedef uint32_t secp256k1_scalar;

-#endif
+#endif /* SECP256K1_SCALAR_REPR_H */
--- a/src/secp256k1/src/scalar_low_impl.h
+++ b/src/secp256k1/src/scalar_low_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_SCALAR_REPR_IMPL_H_
-#define _SECP256K1_SCALAR_REPR_IMPL_H_
+#ifndef SECP256K1_SCALAR_REPR_IMPL_H
+#define SECP256K1_SCALAR_REPR_IMPL_H

 #include "scalar.h"

@ -111,4 +111,4 @@ SECP256K1_INLINE static int secp256k1_scalar_eq(const secp256k1_scalar *a, const
    return *a == *b;
 }

-#endif
+#endif /* SECP256K1_SCALAR_REPR_IMPL_H */
--- a/src/secp256k1/src/secp256k1.c
+++ b/src/secp256k1/src/secp256k1.c
@ -310,7 +310,7 @@ int secp256k1_ecdsa_verify(const secp256k1_context* ctx, const secp256k1_ecdsa_s
 static int nonce_function_rfc6979(unsigned char *nonce32, const unsigned char *msg32, const unsigned char *key32, const unsigned char *algo16, void *data, unsigned int counter) {
   unsigned char keydata[112];
   int keylen = 64;
-   secp256k1_rfc6979_hmac_sha256_t rng;
+   secp256k1_rfc6979_hmac_sha256 rng;
   unsigned int i;
   /* We feed a byte array to the PRNG as input, consisting of:
    * - the private key (32 bytes) and message (32 bytes), see RFC 6979 3.2d.
--- a/src/secp256k1/src/testrand.h
+++ b/src/secp256k1/src/testrand.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_TESTRAND_H_
-#define _SECP256K1_TESTRAND_H_
+#ifndef SECP256K1_TESTRAND_H
+#define SECP256K1_TESTRAND_H

 #if defined HAVE_CONFIG_H
 #include "libsecp256k1-config.h"
@ -35,4 +35,4 @@ static void secp256k1_rand256_test(unsigned char *b32);
 /** Generate pseudorandom bytes with long sequences of zero and one bits. */
 static void secp256k1_rand_bytes_test(unsigned char *bytes, size_t len);

-#endif
+#endif /* SECP256K1_TESTRAND_H */
--- a/src/secp256k1/src/testrand_impl.h
+++ b/src/secp256k1/src/testrand_impl.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_TESTRAND_IMPL_H_
-#define _SECP256K1_TESTRAND_IMPL_H_
+#ifndef SECP256K1_TESTRAND_IMPL_H
+#define SECP256K1_TESTRAND_IMPL_H

 #include <stdint.h>
 #include <string.h>
@ -13,7 +13,7 @@
 #include "testrand.h"
 #include "hash.h"

-static secp256k1_rfc6979_hmac_sha256_t secp256k1_test_rng;
+static secp256k1_rfc6979_hmac_sha256 secp256k1_test_rng;
 static uint32_t secp256k1_test_rng_precomputed[8];
 static int secp256k1_test_rng_precomputed_used = 8;
 static uint64_t secp256k1_test_rng_integer;
@ -107,4 +107,4 @@ static void secp256k1_rand256_test(unsigned char *b32) {
    secp256k1_rand_bytes_test(b32, 32);
 }

-#endif
+#endif /* SECP256K1_TESTRAND_IMPL_H */
--- a/src/secp256k1/src/tests.c
+++ b/src/secp256k1/src/tests.c
@ -270,7 +270,7 @@ void run_sha256_tests(void) {
    int i;
    for (i = 0; i < 8; i++) {
        unsigned char out[32];
-        secp256k1_sha256_t hasher;
+        secp256k1_sha256 hasher;
        secp256k1_sha256_initialize(&hasher);
        secp256k1_sha256_write(&hasher, (const unsigned char*)(inputs[i]), strlen(inputs[i]));
        secp256k1_sha256_finalize(&hasher, out);
@ -313,7 +313,7 @@ void run_hmac_sha256_tests(void) {
    };
    int i;
    for (i = 0; i < 6; i++) {
-        secp256k1_hmac_sha256_t hasher;
+        secp256k1_hmac_sha256 hasher;
        unsigned char out[32];
        secp256k1_hmac_sha256_initialize(&hasher, (const unsigned char*)(keys[i]), strlen(keys[i]));
        secp256k1_hmac_sha256_write(&hasher, (const unsigned char*)(inputs[i]), strlen(inputs[i]));
@ -345,7 +345,7 @@ void run_rfc6979_hmac_sha256_tests(void) {
        {0x75, 0x97, 0x88, 0x7c, 0xbd, 0x76, 0x32, 0x1f, 0x32, 0xe3, 0x04, 0x40, 0x67, 0x9a, 0x22, 0xcf, 0x7f, 0x8d, 0x9d, 0x2e, 0xac, 0x39, 0x0e, 0x58, 0x1f, 0xea, 0x09, 0x1c, 0xe2, 0x02, 0xba, 0x94}
    };

-    secp256k1_rfc6979_hmac_sha256_t rng;
+    secp256k1_rfc6979_hmac_sha256 rng;
    unsigned char out[32];
    int i;

--- a/src/secp256k1/src/util.h
+++ b/src/secp256k1/src/util.h
@ -4,8 +4,8 @@
 * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
 **********************************************************************/

-#ifndef _SECP256K1_UTIL_H_
-#define _SECP256K1_UTIL_H_
+#ifndef SECP256K1_UTIL_H
+#define SECP256K1_UTIL_H

 #if defined HAVE_CONFIG_H
 #include "libsecp256k1-config.h"
@ -110,4 +110,4 @@ static SECP256K1_INLINE void *checked_malloc(const secp256k1_callback* cb, size_
 SECP256K1_GNUC_EXT typedef unsigned __int128 uint128_t;
 #endif

-#endif
+#endif /* SECP256K1_UTIL_H */