SECP256K1_API jint JNICALL Java_org_commercium_NativeSecp256k1_secp256k1_1ecdsa_1verify (JNIEnv* env, jclass classObject, jobject byteBufferObject, jlong ctx_l, jint siglen, jint publen) { secp256k1_context *ctx = (secp256k1_context*)(uintptr_t)ctx_l; unsigned char* data = (unsigned char*) (*env)->GetDirectBufferAddress(env, byteBufferObject); const unsigned char* sigdata = { (unsigned char*) (data + 32) }; const unsigned char* pubdata = { (unsigned char*) (data + siglen + 32) }; secp256k1_ecdsa_signature sig; secp256k1_pubkey pubkey; int ret = secp256k1_ecdsa_signature_parse_der(ctx, &sig, sigdata, siglen); if( ret ) { ret = secp256k1_ec_pubkey_parse(ctx, &pubkey, pubdata, publen); if( ret ) { ret = secp256k1_ecdsa_verify(ctx, &sig, data, &pubkey); } } (void)classObject; return ret; }
static bool pubkey_parse(const secp256k1_context *ctx, secp256k1_pubkey* pubkey, struct onion_pubkey *pkey) { unsigned char tmp[33]; tmp[0] = 0x2; memcpy(tmp+1, pkey, sizeof(*pkey)); return secp256k1_ec_pubkey_parse(ctx, pubkey, tmp, sizeof(tmp)); }
static bool parse_onion_pubkey(secp256k1_context *ctx, const char *arg, secp256k1_pubkey *pubkey) { unsigned char tmp[33] = { }; if (!hex_decode(arg, strlen(arg), tmp, sizeof(tmp))) return false; return secp256k1_ec_pubkey_parse(ctx, pubkey, tmp, sizeof(tmp)); }
bool verifyDigest (PublicKey const& publicKey, uint256 const& digest, Slice const& sig, bool mustBeFullyCanonical) { if (publicKeyType(publicKey) != KeyType::secp256k1) LogicError("sign: secp256k1 required for digest signing"); auto const canonicality = ecdsaCanonicality(sig); if (! canonicality) return false; if (mustBeFullyCanonical && (*canonicality != ECDSACanonicality::fullyCanonical)) return false; secp256k1_pubkey pubkey_imp; if(secp256k1_ec_pubkey_parse( secp256k1Context(), &pubkey_imp, reinterpret_cast<unsigned char const*>( publicKey.data()), publicKey.size()) != 1) return false; secp256k1_ecdsa_signature sig_imp; if(secp256k1_ecdsa_signature_parse_der( secp256k1Context(), &sig_imp, reinterpret_cast<unsigned char const*>( sig.data()), sig.size()) != 1) return false; if (*canonicality != ECDSACanonicality::fullyCanonical) { secp256k1_ecdsa_signature sig_norm; if(secp256k1_ecdsa_signature_normalize( secp256k1Context(), &sig_norm, &sig_imp) != 1) return false; return secp256k1_ecdsa_verify( secp256k1Context(), &sig_norm, reinterpret_cast<unsigned char const*>( digest.data()), &pubkey_imp) == 1; } return secp256k1_ecdsa_verify( secp256k1Context(), &sig_imp, reinterpret_cast<unsigned char const*>( digest.data()), &pubkey_imp) == 1; }
bool bp_pubkey_set(struct bp_key *key, const void *pubkey, size_t pk_len) { secp256k1_context *ctx = get_secp256k1_context(); if (!ctx) { return false; } if (secp256k1_ec_pubkey_parse(ctx, &key->pubkey, pubkey, pk_len)) { memset(key->secret, 0, sizeof(key->secret)); return true; } return false; }
bool ecc_verify_pubkey(const uint8_t *public_key, int compressed) { secp256k1_pubkey pubkey; assert(secp256k1_ctx); if (!secp256k1_ec_pubkey_parse(secp256k1_ctx, &pubkey, public_key, compressed ? 33 : 65)) { memset(&pubkey, 0, sizeof(pubkey)); return false; } memset(&pubkey, 0, sizeof(pubkey)); return true; }
static void bench_ecdh_setup(void* arg) { int i; bench_ecdh_t *data = (bench_ecdh_t*)arg; const unsigned char point[] = { 0x03, 0x54, 0x94, 0xc1, 0x5d, 0x32, 0x09, 0x97, 0x06, 0xc2, 0x39, 0x5f, 0x94, 0x34, 0x87, 0x45, 0xfd, 0x75, 0x7c, 0xe3, 0x0e, 0x4e, 0x8c, 0x90, 0xfb, 0xa2, 0xba, 0xd1, 0x84, 0xf8, 0x83, 0xc6, 0x9f }; data->ctx = secp256k1_context_create(0); for (i = 0; i < 32; i++) data->scalar[i] = i + 1; CHECK(secp256k1_ec_pubkey_parse(data->ctx, &data->point, point, sizeof(point)) == 1); }
bool ecc_verify_sig(const uint8_t *public_key, int compressed, const uint8_t *hash, unsigned char *sigder, size_t siglen) { assert(secp256k1_ctx); secp256k1_ecdsa_signature sig; secp256k1_pubkey pubkey; if (!secp256k1_ec_pubkey_parse(secp256k1_ctx, &pubkey, public_key, compressed ? 33 : 65)) return false; if (!secp256k1_ecdsa_signature_parse_der(secp256k1_ctx, &sig, sigder, siglen)) return false; return secp256k1_ecdsa_verify(secp256k1_ctx, &sig, hash, &pubkey); }
bool bip32_pubkey(const struct ext_key *bip32_base, struct pubkey *pubkey, u32 index) { const uint32_t flags = BIP32_FLAG_KEY_PUBLIC | BIP32_FLAG_SKIP_HASH; struct ext_key ext; if (index >= BIP32_INITIAL_HARDENED_CHILD) return false; if (bip32_key_from_parent(bip32_base, index, flags, &ext) != WALLY_OK) return false; if (!secp256k1_ec_pubkey_parse(secp256k1_ctx, &pubkey->pubkey, ext.pub_key, sizeof(ext.pub_key))) return false; return true; }
bool ecc_public_key_tweak_add(uint8_t *public_key_inout, const uint8_t *tweak) { int out; secp256k1_pubkey pubkey; assert(secp256k1_ctx); if (!secp256k1_ec_pubkey_parse(secp256k1_ctx, &pubkey, public_key_inout, 33)) return false; if (!secp256k1_ec_pubkey_tweak_add(secp256k1_ctx, &pubkey, (const unsigned char *)tweak)) return false; if (!secp256k1_ec_pubkey_serialize(secp256k1_ctx, public_key_inout, (size_t *)&out, &pubkey, SECP256K1_EC_COMPRESSED)) return false; return true; }
static void bench_ecdh_setup(void* arg) { int i; bench_ecdh_t *data = (bench_ecdh_t*)arg; const unsigned char point[] = { 0x03, 0x54, 0x94, 0xc1, 0x5d, 0x32, 0x09, 0x97, 0x06, 0xc2, 0x39, 0x5f, 0x94, 0x34, 0x87, 0x45, 0xfd, 0x75, 0x7c, 0xe3, 0x0e, 0x4e, 0x8c, 0x90, 0xfb, 0xa2, 0xba, 0xd1, 0x84, 0xf8, 0x83, 0xc6, 0x9f }; /* create a context with no capabilities */ data->ctx = secp256k1_context_create(SECP256K1_FLAGS_TYPE_CONTEXT); for (i = 0; i < 32; i++) { data->scalar[i] = i + 1; } CHECK(secp256k1_ec_pubkey_parse(data->ctx, &data->point, point, sizeof(point)) == 1); }
static void benchmark_verify(void* arg) { int i; benchmark_verify_t* data = (benchmark_verify_t*)arg; for (i = 0; i < 20000; i++) { secp256k1_pubkey_t pubkey; secp256k1_ecdsa_signature_t sig; data->sig[data->siglen - 1] ^= (i & 0xFF); data->sig[data->siglen - 2] ^= ((i >> 8) & 0xFF); data->sig[data->siglen - 3] ^= ((i >> 16) & 0xFF); CHECK(secp256k1_ec_pubkey_parse(data->ctx, &pubkey, data->pubkey, data->pubkeylen) == 1); CHECK(secp256k1_ecdsa_signature_parse_der(data->ctx, &sig, data->sig, data->siglen) == 1); CHECK(secp256k1_ecdsa_verify(data->ctx, &sig, data->msg, &pubkey) == (i == 0)); data->sig[data->siglen - 1] ^= (i & 0xFF); data->sig[data->siglen - 2] ^= ((i >> 8) & 0xFF); data->sig[data->siglen - 3] ^= ((i >> 16) & 0xFF); } }
SECP256K1_API jobjectArray JNICALL Java_org_commercium_NativeSecp256k1_secp256k1_1pubkey_1tweak_1add (JNIEnv* env, jclass classObject, jobject byteBufferObject, jlong ctx_l, jint publen) { secp256k1_context *ctx = (secp256k1_context*)(uintptr_t)ctx_l; /* secp256k1_pubkey* pubkey = (secp256k1_pubkey*) (*env)->GetDirectBufferAddress(env, byteBufferObject);*/ unsigned char* pkey = (*env)->GetDirectBufferAddress(env, byteBufferObject); const unsigned char* tweak = (unsigned char*) (pkey + publen); jobjectArray retArray; jbyteArray pubArray, intsByteArray; unsigned char intsarray[2]; unsigned char outputSer[65]; size_t outputLen = 65; secp256k1_pubkey pubkey; int ret = secp256k1_ec_pubkey_parse(ctx, &pubkey, pkey, publen); if( ret ) { ret = secp256k1_ec_pubkey_tweak_add(ctx, &pubkey, tweak); } if( ret ) { int ret2 = secp256k1_ec_pubkey_serialize(ctx,outputSer, &outputLen, &pubkey,SECP256K1_EC_UNCOMPRESSED );(void)ret2; } intsarray[0] = outputLen; intsarray[1] = ret; retArray = (*env)->NewObjectArray(env, 2, (*env)->FindClass(env, "[B"), (*env)->NewByteArray(env, 1)); pubArray = (*env)->NewByteArray(env, outputLen); (*env)->SetByteArrayRegion(env, pubArray, 0, outputLen, (jbyte*)outputSer); (*env)->SetObjectArrayElement(env, retArray, 0, pubArray); intsByteArray = (*env)->NewByteArray(env, 2); (*env)->SetByteArrayRegion(env, intsByteArray, 0, 2, (jbyte*)intsarray); (*env)->SetObjectArrayElement(env, retArray, 1, intsByteArray); (void)classObject; return retArray; }
SECP256K1_API jobjectArray JNICALL Java_org_commercium_NativeSecp256k1_secp256k1_1ecdh (JNIEnv* env, jclass classObject, jobject byteBufferObject, jlong ctx_l, jint publen) { secp256k1_context *ctx = (secp256k1_context*)(uintptr_t)ctx_l; const unsigned char* secdata = (*env)->GetDirectBufferAddress(env, byteBufferObject); const unsigned char* pubdata = (const unsigned char*) (secdata + 32); jobjectArray retArray; jbyteArray outArray, intsByteArray; unsigned char intsarray[1]; secp256k1_pubkey pubkey; unsigned char nonce_res[32]; size_t outputLen = 32; int ret = secp256k1_ec_pubkey_parse(ctx, &pubkey, pubdata, publen); if (ret) { ret = secp256k1_ecdh( ctx, nonce_res, &pubkey, secdata ); } intsarray[0] = ret; retArray = (*env)->NewObjectArray(env, 2, (*env)->FindClass(env, "[B"), (*env)->NewByteArray(env, 1)); outArray = (*env)->NewByteArray(env, outputLen); (*env)->SetByteArrayRegion(env, outArray, 0, 32, (jbyte*)nonce_res); (*env)->SetObjectArrayElement(env, retArray, 0, outArray); intsByteArray = (*env)->NewByteArray(env, 1); (*env)->SetByteArrayRegion(env, intsByteArray, 0, 1, (jbyte*)intsarray); (*env)->SetObjectArrayElement(env, retArray, 1, intsByteArray); (void)classObject; return retArray; }
bool verify_signature(data_slice point, const hash_digest& hash, const ec_signature& signature) { // Copy to avoid exposing external types. secp256k1_ecdsa_signature parsed; std::copy(signature.begin(), signature.end(), std::begin(parsed.data)); // secp256k1_ecdsa_verify rejects non-normalized (low-s) signatures, but // bitcoin does not have such a limitation, so we always normalize. secp256k1_ecdsa_signature normal; const auto context = verification.context(); secp256k1_ecdsa_signature_normalize(context, &normal, &parsed); // This uses a data slice and calls secp256k1_ec_pubkey_parse() in place of // parse() so that we can support the der_verify data_chunk optimization. secp256k1_pubkey pubkey; const auto size = point.size(); return secp256k1_ec_pubkey_parse(context, &pubkey, point.data(), size) == 1 && secp256k1_ecdsa_verify(context, &normal, hash.data(), &pubkey) == 1; }
void Sec256DsaEx::ParsePubKey(RCSpan cbuf) { if (!secp256k1_ec_pubkey_parse(g_sec256Ctx, &m_pubkey, cbuf.data(), cbuf.size())) throw CryptoException(make_error_code(ExtErr::Crypto), "Invalid PubKey"); }
bool parse(const secp256k1_context* context, secp256k1_pubkey& out, const byte_array<Size>& point) { return secp256k1_ec_pubkey_parse(context, &out, point.data(), Size) == 1; }