mirror of
https://github.com/bitcoin/bitcoin.git
synced 2025-01-12 04:42:36 -03:00
1d84107924
2bfb82bMerge pull request #35106aeea5Turn secp256k1_ec_pubkey_serialize outlen to in/out970164dMerge pull request #3486466625Improvements for coordinate decompressione2100adMerge pull request #3478e48787Change secp256k1_ec_pubkey_combine's count argument to size_t.c69dea0Clear output in more cases for pubkey_combine, adds tests.269d422Comment copyediting.b4d17daMerge pull request #3444709265Merge pull request #34526abce7Adds 32 static test vectors for scalar mul, sqr, inv.5b71a3fBetter error case handling for pubkey_create & pubkey_serialize, more tests.3b7bc69Merge pull request #343eed87afChange contrib/laxder from headers-only to files compilable as standalone Cd7eb1aeMerge pull request #3427914a6eMake lax_der_privatekey_parsing.h not depend on internal code73f64ffMerge pull request #3399234391Overhaul flags handling1a36898Make flags more explicit, add runtime checks.1a3e03aMerge pull request #34096be204Add additional tests for eckey and arg-checks.bb5aa4dMake the tweak function zeroize-output-on-fail behavior consistent.4a243daMove secp256k1_ec_privkey_import/export to contrib.1b3efc1Move secp256k1_ecdsa_sig_recover into the recovery module.e3cd679Eliminate all side-effects from VERIFY_CHECK() usage.b30fc85Avoid nonce_function_rfc6979 algo16 argument emulation.70d4640Make secp256k1_ec_pubkey_create skip processing invalid secret keys.6c476a8Minor comment improvements.131afe5Merge pull request #3340c6ab2fIntroduce explicit lower-S normalizationfea19e7Add contrib/lax_der_parsing.h3bb9c44Rewrite ECDSA signature parsing codefa57f1bUse secp256k1_rand_int and secp256k1_rand_bits more49b3749Add new tests for the extra testrand functionsf684d7dFaster secp256k1_rand_int implementation251b1a6Improve testrand: add extra random functions31994c8Merge pull request #338f79aa88Bugfix: swap arguments to noncefpc98df26Merge pull request #31967f7da4Extensive interface and operations tests for secp256k1_ec_pubkey_parse.ee2cb40Add ARG_CHECKs to secp256k1_ec_pubkey_parse/secp256k1_ec_pubkey_serialize7450ef1Merge pull request #32868a3c76Merge pull request #32998135eeMerge pull request #33237100d7improve ECDH header-docb13d749Fix couple of typos in API comments7c823e3travis: fixup module configscc3141aMerge pull request #325ee58faeMerge pull request #326213aa67Do not force benchmarks to be statically linked.338fc8bAdd API exports to secp256k1_nonce_function_default and secp256k1_nonce_function_rfc6979.52fd03fMerge pull request #3209f6993fRemove some dead code.357f8cdMerge pull request #314118cd82Use explicit symbol visibility.4e64608Include public module headers when compiling modules.1f41437Merge pull request #316fe0d463Merge pull request #317cfe0ed9Fix miscellaneous style nits that irritate overactive static analysis.2b199deUse the explicit NULL macro for pointer comparisons.9e90516Merge pull request #294dd891e0Get rid of _t as it is POSIX reserved201819bMerge pull request #313912f203Eliminate a few unbraced statements that crept into the code.eeab823Merge pull request #299486b9bbUse a flags bitfield for compressed option to secp256k1_ec_pubkey_serialize and secp256k1_ec_privkey_export05732c5Callback data: Accept pointers to either const or non-const data1973c73Bugfix: Reinitialise buffer lengths that have been used as outputs788038dUse size_t for lengths (at least in external API)c9d7c2asecp256k1_context_set_{error,illegal}_callback: Restore default handler by passing NULL as function argument9aac008secp256k1_context_destroy: Allow NULL argument as a no-op64b730bsecp256k1_context_create: Use unsigned type for flags bitfieldcb04ab5Merge pull request #309a551669Merge pull request #29581e45ffUpdate group_impl.h85e3a2cMerge pull request #112b2eb63bMerge pull request #293dc0ce9f[API BREAK] Change argument order to out/outin/in6d947caMerge pull request #298c822693Merge pull request #3016d04350Merge pull request #3037ab311cMerge pull request #3045fb3229Fixes a bug where bench_sign would fail due to passing in too small a buffer.263dcbcremove unused assignmentb183b41bugfix: "ARG_CHECK(ctx != NULL)" makes no sense6da1446build: fix parallel build5eb4356Merge pull request #291c996d53Print success9f443beMove pubkey recovery code to separate moduled49abbdSeparate ECDSA recovery tests439d34aSeparate recoverable and normal signaturesa7b046eMerge pull request #289f66907fImprove/reformat API documentation secp256k1.h2f77487Add context building benchmarkscc623d5Merge pull request #287de7e398small typo fix9d96e36Merge pull request #280432e1ceMerge pull request #28314727fdUse correct name in gitignore356b0e9Actually test static precomputation in Travisff3a5dfMerge pull request #2842587208Merge pull request #212a5a66c7Add support for custom EC-Schnorr-SHA256 signaturesd84a378Merge pull request #25272ae443Improve perf. of cmov-based table lookup92e53fcImplement endomorphism optimization for secp256k1_ecmult_consted35d43Make `secp256k1_scalar_add_bit` conditional; make `secp256k1_scalar_split_lambda_var` constant time91c0ce9Add benchmarks for ECDH and const-time multiplication0739bbbAdd ECDH module which works by hashing the output of ecmult_const4401500Add constant-time multiply `secp256k1_ecmult_const` for ECDHe4ce393build: fix hard-coded usage of "gen_context"b8e39acbuild: don't use BUILT_SOURCES for the static context headerbaa75datests: add a couple testsae4f0c6Merge pull request #278995c548Introduce callback functions for dealing with errors.c333074Merge pull request #28218c329cRemove the internal secp256k1_ecdsa_sig_t type74a2acdAdd a secp256k1_ecdsa_signature_t type23cfa91Introduce secp256k1_pubkey_t type4c63780Merge pull request #2693e6f1e2Change rfc6979 implementation to be a generic PRNGed5334aUpdate configure.ac to make it build on OpenBSD1b68366Merge pull request #274a83bb48Make ecmult static precomputation default166b32fMerge pull request #276c37812fAdd gen_context src/ecmult_static_context.h to CLEANFILES to fix distclean.125c15dMerge pull request #27576f6769Fix build with static ecmult altroot and make dist.5133f78Merge pull request #254b0a60e6Merge pull request #258733c1e6Add travis build to test the static context.fbecc38Add ability to use a statically generated ecmult context.4fb174dMerge pull request #263 4ab8990 Merge pull request #270bdf0e0cMerge pull request #27131d0c1fMerge pull request #273eb2c8ffAdd missing casts to SECP256K1_FE_CONST_INNER55399c2Further performance improvements to _ecmult_wnaf99fd963Add secp256k1_ec_pubkey_compress(), with test similar to the related decompress() function.145cc6eImprove performance of _ecmult_wnaf36b305aVerify the result of GMP modular inverse using non-GMP code0cbc860Merge pull request #26606ff7feMerge pull request #2675a43124Save 1 _fe_negate since s1 == -s2a5d796eUpdate code comments3f3964eAdd specific VERIFY tests for _fe_cmov7d054cdRefactor to save a _fe_negateb28d02aRefactor to remove a local var55e7fc3Perf. improvement in _gej_add_gea0601cdFix VERIFY calculations in _fe_cmov methods17f7148Merge pull request #2617657420Add tests for adding P+Q with P.x!=Q.x and P.y=-Q.y8c5d5f7tests: Add failing unit test for #257 (bad addition formula)5de4c5dgej_add_ge: fix degenerate case when computing P + (-lambda)Pbcf2fcfgej_add_ge: rearrange algebrae2a07c7Fix compilation with C++873a453Merge pull request #25091eb0daMerge pull request #247210ffedUse separate in and out pointers in `secp256k1_ec_pubkey_decompress`a1d5ae1Tiny optimization729badfMerge pull request #2102d5a186Apply effective-affine trick to precomp4f9791aEffective affine addition in EC multiplication2b4cf41Use pkg-config always when possible, with failover to manual checks for libcrypto git-subtree-dir: src/secp256k1 git-subtree-split:2bfb82b10e
110 lines
4.6 KiB
C
110 lines
4.6 KiB
C
#ifndef _SECP256K1_RECOVERY_
|
|
# define _SECP256K1_RECOVERY_
|
|
|
|
# include "secp256k1.h"
|
|
|
|
# ifdef __cplusplus
|
|
extern "C" {
|
|
# endif
|
|
|
|
/** Opaque data structured that holds a parsed ECDSA signature,
|
|
* supporting pubkey recovery.
|
|
*
|
|
* The exact representation of data inside is implementation defined and not
|
|
* guaranteed to be portable between different platforms or versions. It is
|
|
* however guaranteed to be 65 bytes in size, and can be safely copied/moved.
|
|
* If you need to convert to a format suitable for storage or transmission, use
|
|
* the secp256k1_ecdsa_signature_serialize_* and
|
|
* secp256k1_ecdsa_signature_parse_* functions.
|
|
*
|
|
* Furthermore, it is guaranteed that identical signatures (including their
|
|
* recoverability) will have identical representation, so they can be
|
|
* memcmp'ed.
|
|
*/
|
|
typedef struct {
|
|
unsigned char data[65];
|
|
} secp256k1_ecdsa_recoverable_signature;
|
|
|
|
/** Parse a compact ECDSA signature (64 bytes + recovery id).
|
|
*
|
|
* Returns: 1 when the signature could be parsed, 0 otherwise
|
|
* Args: ctx: a secp256k1 context object
|
|
* Out: sig: a pointer to a signature object
|
|
* In: input64: a pointer to a 64-byte compact signature
|
|
* recid: the recovery id (0, 1, 2 or 3)
|
|
*/
|
|
SECP256K1_API int secp256k1_ecdsa_recoverable_signature_parse_compact(
|
|
const secp256k1_context* ctx,
|
|
secp256k1_ecdsa_recoverable_signature* sig,
|
|
const unsigned char *input64,
|
|
int recid
|
|
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
|
|
|
|
/** Convert a recoverable signature into a normal signature.
|
|
*
|
|
* Returns: 1
|
|
* Out: sig: a pointer to a normal signature (cannot be NULL).
|
|
* In: sigin: a pointer to a recoverable signature (cannot be NULL).
|
|
*/
|
|
SECP256K1_API int secp256k1_ecdsa_recoverable_signature_convert(
|
|
const secp256k1_context* ctx,
|
|
secp256k1_ecdsa_signature* sig,
|
|
const secp256k1_ecdsa_recoverable_signature* sigin
|
|
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
|
|
|
|
/** Serialize an ECDSA signature in compact format (64 bytes + recovery id).
|
|
*
|
|
* Returns: 1
|
|
* Args: ctx: a secp256k1 context object
|
|
* Out: output64: a pointer to a 64-byte array of the compact signature (cannot be NULL)
|
|
* recid: a pointer to an integer to hold the recovery id (can be NULL).
|
|
* In: sig: a pointer to an initialized signature object (cannot be NULL)
|
|
*/
|
|
SECP256K1_API int secp256k1_ecdsa_recoverable_signature_serialize_compact(
|
|
const secp256k1_context* ctx,
|
|
unsigned char *output64,
|
|
int *recid,
|
|
const secp256k1_ecdsa_recoverable_signature* sig
|
|
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
|
|
|
|
/** Create a recoverable ECDSA signature.
|
|
*
|
|
* Returns: 1: signature created
|
|
* 0: the nonce generation function failed, or the private key was invalid.
|
|
* Args: ctx: pointer to a context object, initialized for signing (cannot be NULL)
|
|
* Out: sig: pointer to an array where the signature will be placed (cannot be NULL)
|
|
* In: msg32: the 32-byte message hash being signed (cannot be NULL)
|
|
* seckey: pointer to a 32-byte secret key (cannot be NULL)
|
|
* noncefp:pointer to a nonce generation function. If NULL, secp256k1_nonce_function_default is used
|
|
* ndata: pointer to arbitrary data used by the nonce generation function (can be NULL)
|
|
*/
|
|
SECP256K1_API int secp256k1_ecdsa_sign_recoverable(
|
|
const secp256k1_context* ctx,
|
|
secp256k1_ecdsa_recoverable_signature *sig,
|
|
const unsigned char *msg32,
|
|
const unsigned char *seckey,
|
|
secp256k1_nonce_function noncefp,
|
|
const void *ndata
|
|
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
|
|
|
|
/** Recover an ECDSA public key from a signature.
|
|
*
|
|
* Returns: 1: public key successfully recovered (which guarantees a correct signature).
|
|
* 0: otherwise.
|
|
* Args: ctx: pointer to a context object, initialized for verification (cannot be NULL)
|
|
* Out: pubkey: pointer to the recovered public key (cannot be NULL)
|
|
* In: sig: pointer to initialized signature that supports pubkey recovery (cannot be NULL)
|
|
* msg32: the 32-byte message hash assumed to be signed (cannot be NULL)
|
|
*/
|
|
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ecdsa_recover(
|
|
const secp256k1_context* ctx,
|
|
secp256k1_pubkey *pubkey,
|
|
const secp256k1_ecdsa_recoverable_signature *sig,
|
|
const unsigned char *msg32
|
|
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
|
|
|
|
# ifdef __cplusplus
|
|
}
|
|
# endif
|
|
|
|
#endif
|