Changeset View
Changeset View
Standalone View
Standalone View
src/secp256k1/src/modules/recovery/main_impl.h
| Show First 20 Lines • Show All 116 Lines • ▼ Show 20 Lines | static int secp256k1_ecdsa_sig_recover(const secp256k1_ecmult_context *ctx, const secp256k1_scalar *sigr, const secp256k1_scalar* sigs, secp256k1_ge *pubkey, const secp256k1_scalar *message, int recid) { | ||||
| secp256k1_scalar_mul(&u2, &rn, sigs); | secp256k1_scalar_mul(&u2, &rn, sigs); | ||||
| secp256k1_ecmult(ctx, &qj, &xj, &u2, &u1); | secp256k1_ecmult(ctx, &qj, &xj, &u2, &u1); | ||||
| secp256k1_ge_set_gej_var(pubkey, &qj); | secp256k1_ge_set_gej_var(pubkey, &qj); | ||||
| return !secp256k1_gej_is_infinity(&qj); | return !secp256k1_gej_is_infinity(&qj); | ||||
| } | } | ||||
| int secp256k1_ecdsa_sign_recoverable(const secp256k1_context* ctx, secp256k1_ecdsa_recoverable_signature *signature, const unsigned char *msg32, const unsigned char *seckey, secp256k1_nonce_function noncefp, const void* noncedata) { | int secp256k1_ecdsa_sign_recoverable(const secp256k1_context* ctx, secp256k1_ecdsa_recoverable_signature *signature, const unsigned char *msg32, const unsigned char *seckey, secp256k1_nonce_function noncefp, const void* noncedata) { | ||||
| secp256k1_scalar r, s; | secp256k1_scalar r, s; | ||||
| secp256k1_scalar sec, non, msg; | int ret, recid; | ||||
| int recid; | |||||
| int ret = 0; | |||||
| int overflow = 0; | |||||
| const unsigned char secp256k1_ecdsa_recoverable_algo16[17] = "ECDSA+Recovery "; | const unsigned char secp256k1_ecdsa_recoverable_algo16[17] = "ECDSA+Recovery "; | ||||
| VERIFY_CHECK(ctx != NULL); | VERIFY_CHECK(ctx != NULL); | ||||
| ARG_CHECK(secp256k1_ecmult_gen_context_is_built(&ctx->ecmult_gen_ctx)); | ARG_CHECK(secp256k1_ecmult_gen_context_is_built(&ctx->ecmult_gen_ctx)); | ||||
| ARG_CHECK(msg32 != NULL); | ARG_CHECK(msg32 != NULL); | ||||
| ARG_CHECK(signature != NULL); | ARG_CHECK(signature != NULL); | ||||
| ARG_CHECK(seckey != NULL); | ARG_CHECK(seckey != NULL); | ||||
| if (noncefp == NULL) { | |||||
| noncefp = secp256k1_nonce_function_default; | |||||
| } | |||||
| secp256k1_scalar_set_b32(&sec, seckey, &overflow); | ret = secp256k1_ecdsa_sign_inner(ctx, &r, &s, &recid, msg32, seckey, noncefp, secp256k1_ecdsa_recoverable_algo16, noncedata); | ||||
| /* Fail if the secret key is invalid. */ | |||||
| if (!overflow && !secp256k1_scalar_is_zero(&sec)) { | |||||
| unsigned char nonce32[32]; | |||||
| unsigned int count = 0; | |||||
| secp256k1_scalar_set_b32(&msg, msg32, NULL); | |||||
| while (1) { | |||||
| ret = noncefp(nonce32, msg32, seckey, secp256k1_ecdsa_recoverable_algo16, (void*)noncedata, count); | |||||
| if (!ret) { | |||||
| break; | |||||
| } | |||||
| secp256k1_scalar_set_b32(&non, nonce32, &overflow); | |||||
| if (!overflow && !secp256k1_scalar_is_zero(&non)) { | |||||
| if (secp256k1_ecdsa_sig_sign(&ctx->ecmult_gen_ctx, &r, &s, &sec, &msg, &non, &recid)) { | |||||
| break; | |||||
| } | |||||
| } | |||||
| count++; | |||||
| } | |||||
| memset(nonce32, 0, 32); | |||||
| secp256k1_scalar_clear(&msg); | |||||
| secp256k1_scalar_clear(&non); | |||||
| secp256k1_scalar_clear(&sec); | |||||
| } | |||||
| if (ret) { | |||||
| secp256k1_ecdsa_recoverable_signature_save(signature, &r, &s, recid); | secp256k1_ecdsa_recoverable_signature_save(signature, &r, &s, recid); | ||||
| } else { | |||||
| memset(signature, 0, sizeof(*signature)); | |||||
| } | |||||
| return ret; | return ret; | ||||
| } | } | ||||
| int secp256k1_ecdsa_recover(const secp256k1_context* ctx, secp256k1_pubkey *pubkey, const secp256k1_ecdsa_recoverable_signature *signature, const unsigned char *msg32) { | int secp256k1_ecdsa_recover(const secp256k1_context* ctx, secp256k1_pubkey *pubkey, const secp256k1_ecdsa_recoverable_signature *signature, const unsigned char *msg32) { | ||||
| secp256k1_ge q; | secp256k1_ge q; | ||||
| secp256k1_scalar r, s; | secp256k1_scalar r, s; | ||||
| secp256k1_scalar m; | secp256k1_scalar m; | ||||
| int recid; | int recid; | ||||
| Show All 19 Lines | |||||