int secp256k1_ecdsa_pubkey_tweak_add(unsigned char *pubkey, int pubkeylen, const unsigned char *tweak) { int ret = 1; secp256k1_num_t term; secp256k1_num_init(&term); secp256k1_num_set_bin(&term, tweak, 32); if (secp256k1_num_cmp(&term, &secp256k1_ge_consts->order) >= 0) ret = 0; secp256k1_ge_t p; if (ret) { if (!secp256k1_ecdsa_pubkey_parse(&p, pubkey, pubkeylen)) ret = 0; } if (ret) { secp256k1_gej_t pt; secp256k1_ecmult_gen(&pt, &term); secp256k1_gej_add_ge(&pt, &pt, &p); if (secp256k1_gej_is_infinity(&pt)) ret = 0; secp256k1_ge_set_gej(&p, &pt); int oldlen = pubkeylen; secp256k1_ecdsa_pubkey_serialize(&p, pubkey, &pubkeylen, oldlen <= 33); assert(pubkeylen == oldlen); } secp256k1_num_free(&term); return ret; }
int secp256k1_ecdsa_pubkey_tweak_mul(unsigned char *pubkey, int pubkeylen, const unsigned char *tweak) { int ret = 1; secp256k1_num_t factor; secp256k1_num_init(&factor); secp256k1_num_set_bin(&factor, tweak, 32); if (secp256k1_num_is_zero(&factor)) ret = 0; if (secp256k1_num_cmp(&factor, &secp256k1_ge_consts->order) >= 0) ret = 0; secp256k1_ge_t p; if (ret) { if (!secp256k1_ecdsa_pubkey_parse(&p, pubkey, pubkeylen)) ret = 0; } if (ret) { secp256k1_num_t zero; secp256k1_num_init(&zero); secp256k1_num_set_int(&zero, 0); secp256k1_gej_t pt; secp256k1_gej_set_ge(&pt, &p); secp256k1_ecmult(&pt, &pt, &factor, &zero); secp256k1_num_free(&zero); secp256k1_ge_set_gej(&p, &pt); int oldlen = pubkeylen; secp256k1_ecdsa_pubkey_serialize(&p, pubkey, &pubkeylen, oldlen <= 33); assert(pubkeylen == oldlen); } secp256k1_num_free(&factor); return ret; }
int secp256k1_ecdsa_pubkey_tweak_add(unsigned char *pubkey, int pubkeylen, const unsigned char *tweak) { DEBUG_CHECK(secp256k1_ecmult_consts != NULL); DEBUG_CHECK(pubkey != NULL); DEBUG_CHECK(tweak != NULL); int ret = 1; secp256k1_num_t term; secp256k1_num_init(&term); secp256k1_num_set_bin(&term, tweak, 32); if (secp256k1_num_cmp(&term, &secp256k1_ge_consts->order) >= 0) ret = 0; secp256k1_ge_t p; if (ret) { if (!secp256k1_ecdsa_pubkey_parse(&p, pubkey, pubkeylen)) ret = 0; } if (ret) { secp256k1_gej_t pt; secp256k1_gej_set_ge(&pt, &p); secp256k1_num_t one; secp256k1_num_init(&one); secp256k1_num_set_int(&one, 1); secp256k1_ecmult(&pt, &pt, &one, &term); secp256k1_num_free(&one); if (secp256k1_gej_is_infinity(&pt)) ret = 0; secp256k1_ge_set_gej(&p, &pt); int oldlen = pubkeylen; secp256k1_ecdsa_pubkey_serialize(&p, pubkey, &pubkeylen, oldlen <= 33); VERIFY_CHECK(pubkeylen == oldlen); } secp256k1_num_free(&term); return ret; }
int secp256k1_ecdsa_pubkey_decompress(unsigned char *pubkey, int *pubkeylen) { secp256k1_ge_t p; if (!secp256k1_ecdsa_pubkey_parse(&p, pubkey, *pubkeylen)) return 0; secp256k1_ecdsa_pubkey_serialize(&p, pubkey, pubkeylen, 0); return 1; }
int secp256k1_ecdsa_recover_compact(const unsigned char *msg, int msglen, const unsigned char *sig64, unsigned char *pubkey, int *pubkeylen, int compressed, int recid) { DEBUG_CHECK(secp256k1_ecmult_consts != NULL); DEBUG_CHECK(msg != NULL); DEBUG_CHECK(msglen <= 32); DEBUG_CHECK(sig64 != NULL); DEBUG_CHECK(pubkey != NULL); DEBUG_CHECK(pubkeylen != NULL); DEBUG_CHECK(recid >= 0 && recid <= 3); int ret = 0; secp256k1_num_t m; secp256k1_num_init(&m); secp256k1_ecdsa_sig_t sig; secp256k1_ecdsa_sig_init(&sig); secp256k1_num_set_bin(&sig.r, sig64, 32); secp256k1_num_set_bin(&sig.s, sig64 + 32, 32); secp256k1_num_set_bin(&m, msg, msglen); secp256k1_ge_t q; if (secp256k1_ecdsa_sig_recover(&sig, &q, &m, recid)) { secp256k1_ecdsa_pubkey_serialize(&q, pubkey, pubkeylen, compressed); ret = 1; } secp256k1_ecdsa_sig_free(&sig); secp256k1_num_free(&m); return ret; }
int secp256k1_ecdsa_pubkey_compress(unsigned char *pubkey, int *pubkeylen) { DEBUG_CHECK(pubkey != NULL); DEBUG_CHECK(pubkeylen != NULL); secp256k1_ge_t p; if (!secp256k1_ecdsa_pubkey_parse(&p, pubkey, *pubkeylen)) return 0; secp256k1_ecdsa_pubkey_serialize(&p, pubkey, pubkeylen, 1); return 1; }
int secp256k1_ecdsa_pubkey_create(unsigned char *pubkey, int *pubkeylen, const unsigned char *seckey, int compressed) { secp256k1_num_t sec; secp256k1_num_init(&sec); secp256k1_num_set_bin(&sec, seckey, 32); secp256k1_gej_t pj; secp256k1_ecmult_gen(&pj, &sec); secp256k1_ge_t p; secp256k1_ge_set_gej(&p, &pj); secp256k1_ecdsa_pubkey_serialize(&p, pubkey, pubkeylen, compressed); return 1; }
int secp256k1_ecdsa_pubkey_create(unsigned char *pubkey, int *pubkeylen, const unsigned char *seckey, int compressed) { DEBUG_CHECK(secp256k1_ecmult_gen_consts != NULL); DEBUG_CHECK(pubkey != NULL); DEBUG_CHECK(pubkeylen != NULL); DEBUG_CHECK(seckey != NULL); secp256k1_num_t sec; secp256k1_num_init(&sec); secp256k1_num_set_bin(&sec, seckey, 32); secp256k1_gej_t pj; secp256k1_ecmult_gen(&pj, &sec); secp256k1_num_clear(&sec); secp256k1_num_free(&sec); secp256k1_ge_t p; secp256k1_ge_set_gej(&p, &pj); secp256k1_ecdsa_pubkey_serialize(&p, pubkey, pubkeylen, compressed); return 1; }
int secp256k1_ecdsa_recover_compact(const unsigned char *msg, int msglen, const unsigned char *sig64, unsigned char *pubkey, int *pubkeylen, int compressed, int recid) { int ret = 0; secp256k1_num_t m; secp256k1_num_init(&m); secp256k1_ecdsa_sig_t sig; secp256k1_ecdsa_sig_init(&sig); secp256k1_num_set_bin(&sig.r, sig64, 32); secp256k1_num_set_bin(&sig.s, sig64 + 32, 32); secp256k1_num_set_bin(&m, msg, msglen); secp256k1_ge_t q; if (secp256k1_ecdsa_sig_recover(&sig, &q, &m, recid)) { secp256k1_ecdsa_pubkey_serialize(&q, pubkey, pubkeylen, compressed); ret = 1; } secp256k1_ecdsa_sig_free(&sig); secp256k1_num_free(&m); return ret; }