Electroneum
main_impl.h
Go to the documentation of this file.
1 /***********************************************************************
2  * Copyright (c) 2015 Andrew Poelstra *
3  * Distributed under the MIT software license, see the accompanying *
4  * file COPYING or https://www.opensource.org/licenses/mit-license.php.*
5  ***********************************************************************/
6 
7 #ifndef SECP256K1_MODULE_ECDH_MAIN_H
8 #define SECP256K1_MODULE_ECDH_MAIN_H
9 
10 #include "../../../include/secp256k1_ecdh.h"
11 #include "../../ecmult_const_impl.h"
12 
13 static int ecdh_hash_function_sha256(unsigned char *output, const unsigned char *x32, const unsigned char *y32, void *data) {
14  unsigned char version = (y32[31] & 0x01) | 0x02;
15  secp256k1_sha256 sha;
16  (void)data;
17 
18  secp256k1_sha256_initialize(&sha);
19  secp256k1_sha256_write(&sha, &version, 1);
20  secp256k1_sha256_write(&sha, x32, 32);
21  secp256k1_sha256_finalize(&sha, output);
22 
23  return 1;
24 }
25 
28 
29 int secp256k1_ecdh(const secp256k1_context* ctx, unsigned char *output, const secp256k1_pubkey *point, const unsigned char *scalar, secp256k1_ecdh_hash_function hashfp, void *data) {
30  int ret = 0;
31  int overflow = 0;
33  secp256k1_ge pt;
35  unsigned char x[32];
36  unsigned char y[32];
37 
38  VERIFY_CHECK(ctx != NULL);
39  ARG_CHECK(output != NULL);
40  ARG_CHECK(point != NULL);
41  ARG_CHECK(scalar != NULL);
42 
43  if (hashfp == NULL) {
45  }
46 
47  secp256k1_pubkey_load(ctx, &pt, point);
48  secp256k1_scalar_set_b32(&s, scalar, &overflow);
49 
50  overflow |= secp256k1_scalar_is_zero(&s);
51  secp256k1_scalar_cmov(&s, &secp256k1_scalar_one, overflow);
52 
53  secp256k1_ecmult_const(&res, &pt, &s, 256);
54  secp256k1_ge_set_gej(&pt, &res);
55 
56  /* Compute a hash of the point */
57  secp256k1_fe_normalize(&pt.x);
58  secp256k1_fe_normalize(&pt.y);
59  secp256k1_fe_get_b32(x, &pt.x);
60  secp256k1_fe_get_b32(y, &pt.y);
61 
62  ret = hashfp(output, x, y, data);
63 
64  memset(x, 0, 32);
65  memset(y, 0, 32);
66  secp256k1_scalar_clear(&s);
67 
68  return !!ret & !overflow;
69 }
70 
71 #endif /* SECP256K1_MODULE_ECDH_MAIN_H */
const char * res
Definition: hmac_keccak.cpp:41
#define VERIFY_CHECK(cond)
Definition: util.h:96
int secp256k1_ecdh(const secp256k1_context *ctx, unsigned char *output, const secp256k1_pubkey *point, const unsigned char *scalar, secp256k1_ecdh_hash_function hashfp, void *data)
Definition: main_impl.h:29
struct secp256k1_context_struct secp256k1_context
Definition: secp256k1.h:50
const secp256k1_ecdh_hash_function secp256k1_ecdh_hash_function_sha256
Definition: main_impl.h:26
secp256k1_fe x
Definition: group.h:17
const secp256k1_ecdh_hash_function secp256k1_ecdh_hash_function_default
Definition: main_impl.h:27
version
Supported socks variants.
Definition: socks.h:57
int(* secp256k1_ecdh_hash_function)(unsigned char *output, const unsigned char *x32, const unsigned char *y32, void *data)
secp256k1_fe y
Definition: group.h:18