Electroneum
secp256k1_recovery.h File Reference
#include "secp256k1.h"
Include dependency graph for secp256k1_recovery.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  secp256k1_ecdsa_recoverable_signature
 

Functions

SECP256K1_API int secp256k1_ecdsa_recoverable_signature_parse_compact (const secp256k1_context *ctx, secp256k1_ecdsa_recoverable_signature *sig, const unsigned char *input64, int recid) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
 
SECP256K1_API int secp256k1_ecdsa_recoverable_signature_convert (const secp256k1_context *ctx, secp256k1_ecdsa_signature *sig, const secp256k1_ecdsa_recoverable_signature *sigin) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
 
SECP256K1_API int secp256k1_ecdsa_recoverable_signature_serialize_compact (const secp256k1_context *ctx, unsigned char *output64, int *recid, const secp256k1_ecdsa_recoverable_signature *sig) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
 
SECP256K1_API int secp256k1_ecdsa_sign_recoverable (const secp256k1_context *ctx, secp256k1_ecdsa_recoverable_signature *sig, const unsigned char *msghash32, const unsigned char *seckey, secp256k1_nonce_function noncefp, const void *ndata) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
 
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ecdsa_recover (const secp256k1_context *ctx, secp256k1_pubkey *pubkey, const secp256k1_ecdsa_recoverable_signature *sig, const unsigned char *msghash32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
 

Function Documentation

◆ secp256k1_ecdsa_recover()

SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ecdsa_recover ( const secp256k1_context ctx,
secp256k1_pubkey pubkey,
const secp256k1_ecdsa_recoverable_signature sig,
const unsigned char *  msghash32 
)

Recover an ECDSA public key from a signature.

Returns: 1: public key successfully recovered (which guarantees a correct signature). 0: otherwise. Args: ctx: pointer to a context object. Out: pubkey: pointer to the recovered public key. In: sig: pointer to initialized signature that supports pubkey recovery. msghash32: the 32-byte message hash assumed to be signed.

Definition at line 137 of file main_impl.h.

137  {
138  secp256k1_ge q;
139  secp256k1_scalar r, s;
141  int recid;
142  VERIFY_CHECK(ctx != NULL);
143  ARG_CHECK(msghash32 != NULL);
144  ARG_CHECK(signature != NULL);
145  ARG_CHECK(pubkey != NULL);
146 
147  secp256k1_ecdsa_recoverable_signature_load(ctx, &r, &s, &recid, signature);
148  VERIFY_CHECK(recid >= 0 && recid < 4); /* should have been caught in parse_compact */
149  secp256k1_scalar_set_b32(&m, msghash32, NULL);
150  if (secp256k1_ecdsa_sig_recover(&r, &s, &q, &m, recid)) {
151  secp256k1_pubkey_save(pubkey, &q);
152  return 1;
153  } else {
154  memset(pubkey, 0, sizeof(*pubkey));
155  return 0;
156  }
157 }
#define VERIFY_CHECK(cond)
Definition: util.h:96
POD_CLASS signature
Definition: crypto.h:108

◆ secp256k1_ecdsa_recoverable_signature_convert()

SECP256K1_API int secp256k1_ecdsa_recoverable_signature_convert ( const secp256k1_context ctx,
secp256k1_ecdsa_signature sig,
const secp256k1_ecdsa_recoverable_signature sigin 
)

Convert a recoverable signature into a normal signature.

Returns: 1 Args: ctx: a secp256k1 context object. Out: sig: a pointer to a normal signature. In: sigin: a pointer to a recoverable signature.

Definition at line 74 of file main_impl.h.

74  {
75  secp256k1_scalar r, s;
76  int recid;
77 
78  VERIFY_CHECK(ctx != NULL);
79  ARG_CHECK(sig != NULL);
80  ARG_CHECK(sigin != NULL);
81 
82  secp256k1_ecdsa_recoverable_signature_load(ctx, &r, &s, &recid, sigin);
83  secp256k1_ecdsa_signature_save(sig, &r, &s);
84  return 1;
85 }
#define VERIFY_CHECK(cond)
Definition: util.h:96

◆ secp256k1_ecdsa_recoverable_signature_parse_compact()

SECP256K1_API int secp256k1_ecdsa_recoverable_signature_parse_compact ( const secp256k1_context ctx,
secp256k1_ecdsa_recoverable_signature sig,
const unsigned char *  input64,
int  recid 
)

Parse a compact ECDSA signature (64 bytes + recovery id).

Returns: 1 when the signature could be parsed, 0 otherwise Args: ctx: a secp256k1 context object Out: sig: a pointer to a signature object In: input64: a pointer to a 64-byte compact signature recid: the recovery id (0, 1, 2 or 3)

Definition at line 38 of file main_impl.h.

38  {
39  secp256k1_scalar r, s;
40  int ret = 1;
41  int overflow = 0;
42 
43  VERIFY_CHECK(ctx != NULL);
44  ARG_CHECK(sig != NULL);
45  ARG_CHECK(input64 != NULL);
46  ARG_CHECK(recid >= 0 && recid <= 3);
47 
48  secp256k1_scalar_set_b32(&r, &input64[0], &overflow);
49  ret &= !overflow;
50  secp256k1_scalar_set_b32(&s, &input64[32], &overflow);
51  ret &= !overflow;
52  if (ret) {
53  secp256k1_ecdsa_recoverable_signature_save(sig, &r, &s, recid);
54  } else {
55  memset(sig, 0, sizeof(*sig));
56  }
57  return ret;
58 }
#define VERIFY_CHECK(cond)
Definition: util.h:96

◆ secp256k1_ecdsa_recoverable_signature_serialize_compact()

SECP256K1_API int secp256k1_ecdsa_recoverable_signature_serialize_compact ( const secp256k1_context ctx,
unsigned char *  output64,
int *  recid,
const secp256k1_ecdsa_recoverable_signature sig 
)

Serialize an ECDSA signature in compact format (64 bytes + recovery id).

Returns: 1 Args: ctx: a secp256k1 context object. Out: output64: a pointer to a 64-byte array of the compact signature. recid: a pointer to an integer to hold the recovery id. In: sig: a pointer to an initialized signature object.

Definition at line 60 of file main_impl.h.

60  {
61  secp256k1_scalar r, s;
62 
63  VERIFY_CHECK(ctx != NULL);
64  ARG_CHECK(output64 != NULL);
65  ARG_CHECK(sig != NULL);
66  ARG_CHECK(recid != NULL);
67 
68  secp256k1_ecdsa_recoverable_signature_load(ctx, &r, &s, recid, sig);
69  secp256k1_scalar_get_b32(&output64[0], &r);
70  secp256k1_scalar_get_b32(&output64[32], &s);
71  return 1;
72 }
#define VERIFY_CHECK(cond)
Definition: util.h:96

◆ secp256k1_ecdsa_sign_recoverable()

SECP256K1_API int secp256k1_ecdsa_sign_recoverable ( const secp256k1_context ctx,
secp256k1_ecdsa_recoverable_signature sig,
const unsigned char *  msghash32,
const unsigned char *  seckey,
secp256k1_nonce_function  noncefp,
const void *  ndata 
)

Create a recoverable ECDSA signature.

Returns: 1: signature created 0: the nonce generation function failed, or the secret key was invalid. Args: ctx: pointer to a context object (not secp256k1_context_static). Out: sig: pointer to an array where the signature will be placed. In: msghash32: the 32-byte message hash being signed. seckey: pointer to a 32-byte secret key. noncefp: pointer to a nonce generation function. If NULL, secp256k1_nonce_function_default is used. ndata: pointer to arbitrary data used by the nonce generation function (can be NULL for secp256k1_nonce_function_default).

Definition at line 123 of file main_impl.h.

123  {
124  secp256k1_scalar r, s;
125  int ret, recid;
126  VERIFY_CHECK(ctx != NULL);
127  ARG_CHECK(secp256k1_ecmult_gen_context_is_built(&ctx->ecmult_gen_ctx));
128  ARG_CHECK(msghash32 != NULL);
129  ARG_CHECK(signature != NULL);
130  ARG_CHECK(seckey != NULL);
131 
132  ret = secp256k1_ecdsa_sign_inner(ctx, &r, &s, &recid, msghash32, seckey, noncefp, noncedata);
133  secp256k1_ecdsa_recoverable_signature_save(signature, &r, &s, recid);
134  return ret;
135 }
#define VERIFY_CHECK(cond)
Definition: util.h:96
POD_CLASS signature
Definition: crypto.h:108