pubkey: Assert CPubKey's ECCVerifyHandle precondition

[practicalswift]

Assert CPubKey's ECCVerifyHandle precondition.

This makes it more clear for fuzzing harness writers and others that ECCVerifyHandle is expected to be held when interacting with CPubKey.

Related PR #17274.

[laanwj]

Concept ACK, I think the "Users of this module must hold an ECCVerifyHandle." message is unclear, doesn't provide context.
what about a more direct "secp256k1_context_verify must be initialized to use CPubKey"

[practicalswift]

@laanwj

I've now changed to the suggested wording.

The old wording was taken from here:

bitcoin/src/pubkey.h

Line 227 in 7730260

/** Users of this module must hold an ECCVerifyHandle. The constructor and

Please re-review :)

[practicalswift]

@fanquake No longer waiting for author? :)

[practicalswift]

@laanwj Would you mind reviewing? :)

[practicalswift]

I think it would be good to have these assertions in.

Without these it is possible for someone to mess up and have a NULL secp256k1_context_verify passed to the secp256k1-functions (by forgetting the ECCVerifyHandle pre-conditiion).

Consider the following example:

bool CPubKey::IsFullyValid() const {
    if (!IsValid())
        return false;
    secp256k1_pubkey pubkey;
    return secp256k1_ec_pubkey_parse(secp256k1_context_verify, &pubkey, vch, size());
}

That function will return also in cases where secp256k1_context_verify == nullptr.

I think it would be good to guard against those sharp edges by adding the suggested assertions :)

In this case:

bool CPubKey::IsFullyValid() const {
    if (!IsValid())
        return false;
    secp256k1_pubkey pubkey;
    assert(secp256k1_context_verify && "secp256k1_context_verify must be initialized to use CPubKey.");
    return secp256k1_ec_pubkey_parse(secp256k1_context_verify, &pubkey, vch, size());
}

[sipa]

ACK d8daa8f