Changeset View
Changeset View
Standalone View
Standalone View
src/secp256k1/src/modules/extrakeys/main_impl.h
Show First 20 Lines • Show All 119 Lines • ▼ Show 20 Lines | int secp256k1_xonly_pubkey_tweak_add_check(const secp256k1_context* ctx, const unsigned char *tweaked_pubkey32, int tweaked_pk_parity, const secp256k1_xonly_pubkey *internal_pubkey, const unsigned char *tweak32) { | ||||
secp256k1_fe_normalize_var(&pk.x); | secp256k1_fe_normalize_var(&pk.x); | ||||
secp256k1_fe_normalize_var(&pk.y); | secp256k1_fe_normalize_var(&pk.y); | ||||
secp256k1_fe_get_b32(pk_expected32, &pk.x); | secp256k1_fe_get_b32(pk_expected32, &pk.x); | ||||
return memcmp(&pk_expected32, tweaked_pubkey32, 32) == 0 | return memcmp(&pk_expected32, tweaked_pubkey32, 32) == 0 | ||||
&& secp256k1_fe_is_odd(&pk.y) == tweaked_pk_parity; | && secp256k1_fe_is_odd(&pk.y) == tweaked_pk_parity; | ||||
} | } | ||||
static void secp256k1_keypair_save(secp256k1_keypair *keypair, const secp256k1_scalar *sk, secp256k1_ge *pk) { | |||||
secp256k1_scalar_get_b32(&keypair->data[0], sk); | |||||
secp256k1_pubkey_save((secp256k1_pubkey *)&keypair->data[32], pk); | |||||
} | |||||
static int secp256k1_keypair_seckey_load(const secp256k1_context* ctx, secp256k1_scalar *sk, const secp256k1_keypair *keypair) { | |||||
int ret; | |||||
ret = secp256k1_scalar_set_b32_seckey(sk, &keypair->data[0]); | |||||
/* We can declassify ret here because sk is only zero if a keypair function | |||||
* failed (which zeroes the keypair) and its return value is ignored. */ | |||||
secp256k1_declassify(ctx, &ret, sizeof(ret)); | |||||
ARG_CHECK(ret); | |||||
return ret; | |||||
} | |||||
/* Load a keypair into pk and sk (if non-NULL). This function declassifies pk | |||||
* and ARG_CHECKs that the keypair is not invalid. It always initializes sk and | |||||
* pk with dummy values. */ | |||||
static int secp256k1_keypair_load(const secp256k1_context* ctx, secp256k1_scalar *sk, secp256k1_ge *pk, const secp256k1_keypair *keypair) { | |||||
int ret; | |||||
const secp256k1_pubkey *pubkey = (const secp256k1_pubkey *)&keypair->data[32]; | |||||
/* Need to declassify the pubkey because pubkey_load ARG_CHECKs if it's | |||||
* invalid. */ | |||||
secp256k1_declassify(ctx, pubkey, sizeof(*pubkey)); | |||||
ret = secp256k1_pubkey_load(ctx, pk, pubkey); | |||||
if (sk != NULL) { | |||||
ret = ret && secp256k1_keypair_seckey_load(ctx, sk, keypair); | |||||
} | |||||
if (!ret) { | |||||
*pk = secp256k1_ge_const_g; | |||||
if (sk != NULL) { | |||||
*sk = secp256k1_scalar_one; | |||||
} | |||||
} | |||||
return ret; | |||||
} | |||||
int secp256k1_keypair_create(const secp256k1_context* ctx, secp256k1_keypair *keypair, const unsigned char *seckey32) { | |||||
secp256k1_scalar sk; | |||||
secp256k1_ge pk; | |||||
int ret = 0; | |||||
VERIFY_CHECK(ctx != NULL); | |||||
ARG_CHECK(keypair != NULL); | |||||
memset(keypair, 0, sizeof(*keypair)); | |||||
ARG_CHECK(secp256k1_ecmult_gen_context_is_built(&ctx->ecmult_gen_ctx)); | |||||
ARG_CHECK(seckey32 != NULL); | |||||
ret = secp256k1_ec_pubkey_create_helper(&ctx->ecmult_gen_ctx, &sk, &pk, seckey32); | |||||
secp256k1_keypair_save(keypair, &sk, &pk); | |||||
memczero(keypair, sizeof(*keypair), !ret); | |||||
secp256k1_scalar_clear(&sk); | |||||
return ret; | |||||
} | |||||
int secp256k1_keypair_pub(const secp256k1_context* ctx, secp256k1_pubkey *pubkey, const secp256k1_keypair *keypair) { | |||||
VERIFY_CHECK(ctx != NULL); | |||||
ARG_CHECK(pubkey != NULL); | |||||
memset(pubkey, 0, sizeof(*pubkey)); | |||||
ARG_CHECK(keypair != NULL); | |||||
memcpy(pubkey->data, &keypair->data[32], sizeof(*pubkey)); | |||||
return 1; | |||||
} | |||||
int secp256k1_keypair_xonly_pub(const secp256k1_context* ctx, secp256k1_xonly_pubkey *pubkey, int *pk_parity, const secp256k1_keypair *keypair) { | |||||
secp256k1_ge pk; | |||||
int tmp; | |||||
VERIFY_CHECK(ctx != NULL); | |||||
ARG_CHECK(pubkey != NULL); | |||||
memset(pubkey, 0, sizeof(*pubkey)); | |||||
ARG_CHECK(keypair != NULL); | |||||
if (!secp256k1_keypair_load(ctx, NULL, &pk, keypair)) { | |||||
return 0; | |||||
} | |||||
tmp = secp256k1_extrakeys_ge_even_y(&pk); | |||||
if (pk_parity != NULL) { | |||||
*pk_parity = tmp; | |||||
} | |||||
secp256k1_xonly_pubkey_save(pubkey, &pk); | |||||
return 1; | |||||
} | |||||
#endif | #endif |