7 #ifndef SECP256K1_MODULE_RECOVERY_MAIN_H 8 #define SECP256K1_MODULE_RECOVERY_MAIN_H 10 #include "../../../include/secp256k1_recovery.h" 21 secp256k1_scalar_set_b32(r, &sig->
data[0], NULL);
22 secp256k1_scalar_set_b32(s, &sig->
data[32], NULL);
24 *recid = sig->
data[64];
32 secp256k1_scalar_get_b32(&sig->
data[0], r);
33 secp256k1_scalar_get_b32(&sig->
data[32], s);
35 sig->
data[64] = recid;
44 ARG_CHECK(sig != NULL);
45 ARG_CHECK(input64 != NULL);
46 ARG_CHECK(recid >= 0 && recid <= 3);
48 secp256k1_scalar_set_b32(&r, &input64[0], &overflow);
50 secp256k1_scalar_set_b32(&s, &input64[32], &overflow);
53 secp256k1_ecdsa_recoverable_signature_save(sig, &r, &s, recid);
55 memset(sig, 0,
sizeof(*sig));
64 ARG_CHECK(output64 != NULL);
65 ARG_CHECK(sig != NULL);
66 ARG_CHECK(recid != NULL);
68 secp256k1_ecdsa_recoverable_signature_load(ctx, &r, &s, recid, sig);
69 secp256k1_scalar_get_b32(&output64[0], &r);
70 secp256k1_scalar_get_b32(&output64[32], &s);
79 ARG_CHECK(sig != NULL);
80 ARG_CHECK(sigin != NULL);
82 secp256k1_ecdsa_recoverable_signature_load(ctx, &r, &s, &recid, sigin);
83 secp256k1_ecdsa_signature_save(sig, &r, &s);
88 unsigned char brx[32];
96 if (secp256k1_scalar_is_zero(sigr) || secp256k1_scalar_is_zero(sigs)) {
100 secp256k1_scalar_get_b32(brx, sigr);
101 r = secp256k1_fe_set_b32(&fx, brx);
105 if (secp256k1_fe_cmp_var(&fx, &secp256k1_ecdsa_const_p_minus_order) >= 0) {
108 secp256k1_fe_add(&fx, &secp256k1_ecdsa_const_order_as_fe);
110 if (!secp256k1_ge_set_xo_var(&x, &fx, recid & 1)) {
113 secp256k1_gej_set_ge(&xj, &x);
114 secp256k1_scalar_inverse_var(&rn, sigr);
115 secp256k1_scalar_mul(&u1, &rn,
message);
116 secp256k1_scalar_negate(&u1, &u1);
117 secp256k1_scalar_mul(&u2, &rn, sigs);
118 secp256k1_ecmult(&qj, &xj, &u2, &u1);
119 secp256k1_ge_set_gej_var(pubkey, &qj);
120 return !secp256k1_gej_is_infinity(&qj);
127 ARG_CHECK(secp256k1_ecmult_gen_context_is_built(&ctx->ecmult_gen_ctx));
128 ARG_CHECK(msghash32 != NULL);
130 ARG_CHECK(seckey != NULL);
132 ret = secp256k1_ecdsa_sign_inner(ctx, &r, &s, &recid, msghash32, seckey, noncefp, noncedata);
133 secp256k1_ecdsa_recoverable_signature_save(
signature, &r, &s, recid);
143 ARG_CHECK(msghash32 != NULL);
145 ARG_CHECK(pubkey != NULL);
147 secp256k1_ecdsa_recoverable_signature_load(ctx, &r, &s, &recid,
signature);
149 secp256k1_scalar_set_b32(&m, msghash32, NULL);
150 if (secp256k1_ecdsa_sig_recover(&r, &s, &q, &m, recid)) {
151 secp256k1_pubkey_save(pubkey, &q);
154 memset(pubkey, 0,
sizeof(*pubkey));
#define VERIFY_CHECK(cond)
int secp256k1_ecdsa_recoverable_signature_convert(const secp256k1_context *ctx, secp256k1_ecdsa_signature *sig, const secp256k1_ecdsa_recoverable_signature *sigin)
int secp256k1_ecdsa_recoverable_signature_serialize_compact(const secp256k1_context *ctx, unsigned char *output64, int *recid, const secp256k1_ecdsa_recoverable_signature *sig)
int secp256k1_ecdsa_recover(const secp256k1_context *ctx, secp256k1_pubkey *pubkey, const secp256k1_ecdsa_recoverable_signature *signature, const unsigned char *msghash32)
int secp256k1_ecdsa_recoverable_signature_parse_compact(const secp256k1_context *ctx, secp256k1_ecdsa_recoverable_signature *sig, const unsigned char *input64, int recid)
struct secp256k1_context_struct secp256k1_context
std::string message("Message requiring signing")
int(* secp256k1_nonce_function)(unsigned char *nonce32, const unsigned char *msg32, const unsigned char *key32, const unsigned char *algo16, void *data, unsigned int attempt)
void * memcpy(void *a, const void *b, size_t c)
int secp256k1_ecdsa_sign_recoverable(const secp256k1_context *ctx, secp256k1_ecdsa_recoverable_signature *signature, const unsigned char *msghash32, const unsigned char *seckey, secp256k1_nonce_function noncefp, const void *noncedata)