Bitcoin ABC 0.32.6
P2P Digital Currency
main_impl.h
Go to the documentation of this file.
1/***********************************************************************
2 * Copyright (c) 2017 Amaury Séchet *
3 * Distributed under the MIT software license, see the accompanying *
4 * file COPYING or https://www.opensource.org/licenses/mit-license.php.*
5 ***********************************************************************/
6
7#ifndef SECP256K1_MODULE_SCHNORR_MAIN_H
8#define SECP256K1_MODULE_SCHNORR_MAIN_H
9
10#include "include/secp256k1_schnorr.h"
11#include "modules/schnorr/schnorr_impl.h"
12
13int secp256k1_schnorr_verify(
14 const secp256k1_context* ctx,
15 const unsigned char *sig64,
16 const unsigned char *msghash32,
17 const secp256k1_pubkey *pubkey
18) {
19 secp256k1_ge q;
20 VERIFY_CHECK(ctx != NULL);
21 ARG_CHECK(msghash32 != NULL);
22 ARG_CHECK(sig64 != NULL);
23 ARG_CHECK(pubkey != NULL);
24
25 if (!secp256k1_pubkey_load(ctx, &q, pubkey)) {
26 return 0;
27 }
28
29 return secp256k1_schnorr_sig_verify(sig64, &q, msghash32);
30}
31
32int secp256k1_schnorr_sign(
33 const secp256k1_context *ctx,
34 unsigned char *sig64,
35 const unsigned char *msghash32,
36 const unsigned char *seckey,
37 secp256k1_nonce_function noncefp,
38 const void *ndata
39) {
40 secp256k1_scalar sec;
41 secp256k1_pubkey pubkey;
42 secp256k1_ge p;
43 int overflow;
44 int ret = 0;
45 int pubkeyret;
46 VERIFY_CHECK(ctx != NULL);
47 ARG_CHECK(secp256k1_ecmult_gen_context_is_built(&ctx->ecmult_gen_ctx));
48 ARG_CHECK(msghash32 != NULL);
49 ARG_CHECK(sig64 != NULL);
50 ARG_CHECK(seckey != NULL);
51
52 pubkeyret = secp256k1_ec_pubkey_create(ctx, &pubkey, seckey);
53 secp256k1_declassify(ctx, &pubkeyret, sizeof(pubkeyret));
54 if (!pubkeyret) {
55 return 0;
56 }
57
58 secp256k1_declassify(ctx, &pubkey, sizeof(pubkey));
59 if (!secp256k1_pubkey_load(ctx, &p, &pubkey)) {
60 return 0;
61 }
62
63 secp256k1_scalar_set_b32(&sec, seckey, &overflow);
64 overflow |= secp256k1_scalar_is_zero(&sec);
65 secp256k1_scalar_cmov(&sec, &secp256k1_scalar_one, overflow);
66
67 ret = secp256k1_schnorr_sig_sign(ctx, sig64, msghash32, &sec, &p, noncefp, ndata);
68 if (!ret) {
69 memset(sig64, 0, 64);
70 }
71
72 secp256k1_scalar_clear(&sec);
73 return !!ret & !overflow;
74}
75
76#endif
ctx
secp256k1_context * ctx
Definition: bench_multiset.c:12
secp256k1_ecmult_gen_context_is_built
static int secp256k1_ecmult_gen_context_is_built(const secp256k1_ecmult_gen_context *ctx)
secp256k1_scalar_cmov
static void secp256k1_scalar_cmov(secp256k1_scalar *r, const secp256k1_scalar *a, int flag)
If flag is true, set *r equal to *a; otherwise leave it.
secp256k1_scalar_set_b32
static void secp256k1_scalar_set_b32(secp256k1_scalar *r, const unsigned char *bin, int *overflow)
Set a scalar from a big endian byte array.
secp256k1_scalar_is_zero
static int secp256k1_scalar_is_zero(const secp256k1_scalar *a)
Check whether a scalar equals zero.
secp256k1_scalar_clear
static void secp256k1_scalar_clear(secp256k1_scalar *r)
Clear a scalar to prevent the leak of sensitive data.
secp256k1_scalar_one
static const secp256k1_scalar secp256k1_scalar_one
Definition: scalar_impl.h:31
secp256k1_schnorr_sign
int secp256k1_schnorr_sign(const secp256k1_context *ctx, unsigned char *sig64, const unsigned char *msghash32, const unsigned char *seckey, secp256k1_nonce_function noncefp, const void *ndata)
Create a signature using a custom EC-Schnorr-SHA256 construction.
Definition: main_impl.h:32
secp256k1_schnorr_verify
int secp256k1_schnorr_verify(const secp256k1_context *ctx, const unsigned char *sig64, const unsigned char *msghash32, const secp256k1_pubkey *pubkey)
Verify a signature created by secp256k1_schnorr_sign.
Definition: main_impl.h:13
secp256k1_schnorr_sig_verify
static int secp256k1_schnorr_sig_verify(const unsigned char *sig64, secp256k1_ge *pubkey, const unsigned char *msg32)
secp256k1_schnorr_sig_sign
static int secp256k1_schnorr_sig_sign(const secp256k1_context *ctx, unsigned char *sig64, const unsigned char *msg32, const secp256k1_scalar *privkey, secp256k1_ge *pubkey, secp256k1_nonce_function noncefp, const void *ndata)
schnorr_impl.h
VERIFY_CHECK
#define VERIFY_CHECK(cond)
Definition: util.h:68
ARG_CHECK
#define ARG_CHECK(cond)
Definition: secp256k1.c:34
secp256k1_declassify
static SECP256K1_INLINE void secp256k1_declassify(const secp256k1_context *ctx, const void *p, size_t len)
Definition: secp256k1.c:227
secp256k1_pubkey_load
static int secp256k1_pubkey_load(const secp256k1_context *ctx, secp256k1_ge *ge, const secp256k1_pubkey *pubkey)
Definition: secp256k1.c:237
secp256k1_nonce_function
int(* secp256k1_nonce_function)(unsigned char *nonce32, const unsigned char *msg32, const unsigned char *key32, const unsigned char *algo16, void *data, unsigned int attempt)
A pointer to a function to deterministically generate a nonce.
Definition: secp256k1.h:103
secp256k1_ec_pubkey_create
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_create(const secp256k1_context *ctx, secp256k1_pubkey *pubkey, const unsigned char *seckey) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Compute the public key for a secret key.
Definition: secp256k1.c:590
secp256k1_schnorr.h
secp256k1_context_struct
Definition: secp256k1.c:75
secp256k1_context_struct::ecmult_gen_ctx
secp256k1_ecmult_gen_context ecmult_gen_ctx
Definition: secp256k1.c:76
secp256k1_ge
A group element of the secp256k1 curve, in affine coordinates.
Definition: group.h:13
secp256k1_pubkey
Opaque data structure that holds a parsed and valid public key.
Definition: secp256k1.h:70
secp256k1_scalar
A scalar modulo the group order of the secp256k1 curve.
Definition: scalar_4x64.h:13
Generated on Tue Jan 13 2026 20:42:10 for Bitcoin ABC by doxygen 1.9.4