Bitcoin ABC 0.30.7
P2P Digital Currency
|
Go to the source code of this file.
Functions | |
static void | secp256k1_nonce_function_bip340_sha256_tagged (secp256k1_sha256 *sha) |
static void | secp256k1_nonce_function_bip340_sha256_tagged_aux (secp256k1_sha256 *sha) |
static int | nonce_function_bip340 (unsigned char *nonce32, const unsigned char *msg, size_t msglen, const unsigned char *key32, const unsigned char *xonly_pk32, const unsigned char *algo, size_t algolen, void *data) |
static void | secp256k1_schnorrsig_sha256_tagged (secp256k1_sha256 *sha) |
static void | secp256k1_schnorrsig_challenge (secp256k1_scalar *e, const unsigned char *r32, const unsigned char *msg, size_t msglen, const unsigned char *pubkey32) |
int | secp256k1_schnorrsig_sign_internal (const secp256k1_context *ctx, unsigned char *sig64, const unsigned char *msg, size_t msglen, const secp256k1_keypair *keypair, secp256k1_nonce_function_hardened noncefp, void *ndata) |
int | secp256k1_schnorrsig_sign (const secp256k1_context *ctx, unsigned char *sig64, const unsigned char *msg32, const secp256k1_keypair *keypair, unsigned char *aux_rand32) |
Create a Schnorr signature. More... | |
int | secp256k1_schnorrsig_sign_custom (const secp256k1_context *ctx, unsigned char *sig64, const unsigned char *msg, size_t msglen, const secp256k1_keypair *keypair, secp256k1_schnorrsig_extraparams *extraparams) |
Create a Schnorr signature with a more flexible API. More... | |
int | secp256k1_schnorrsig_verify (const secp256k1_context *ctx, const unsigned char *sig64, const unsigned char *msg, size_t msglen, const secp256k1_xonly_pubkey *pubkey) |
Verify a Schnorr signature. More... | |
Variables | |
static const unsigned char | bip340_algo [13] = "BIP0340/nonce" |
static const unsigned char | schnorrsig_extraparams_magic [4] = SECP256K1_SCHNORRSIG_EXTRAPARAMS_MAGIC |
const secp256k1_nonce_function_hardened | secp256k1_nonce_function_bip340 = nonce_function_bip340 |
An implementation of the nonce generation function as defined in Bitcoin Improvement Proposal 340 "Schnorr Signatures for secp256k1" (https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki). More... | |
|
static |
Definition at line 52 of file main_impl.h.
|
static |
Definition at line 16 of file main_impl.h.
|
static |
Definition at line 32 of file main_impl.h.
|
static |
Definition at line 109 of file main_impl.h.
|
static |
Definition at line 96 of file main_impl.h.
int secp256k1_schnorrsig_sign | ( | const secp256k1_context * | ctx, |
unsigned char * | sig64, | ||
const unsigned char * | msg32, | ||
const secp256k1_keypair * | keypair, | ||
unsigned char * | aux_rand32 | ||
) |
Create a Schnorr signature.
Does not strictly follow BIP-340 because it does not verify the resulting signature. Instead, you can manually use secp256k1_schnorrsig_verify and abort if it fails.
This function only signs 32-byte messages. If you have messages of a different size (or the same size but without a context-specific tag prefix), it is recommended to create a 32-byte message hash with secp256k1_tagged_sha256 and then sign the hash. Tagged hashing allows providing an context-specific tag for domain separation. This prevents signatures from being valid in multiple contexts by accident.
Returns 1 on success, 0 on failure. Args: ctx: pointer to a context object, initialized for signing (cannot be NULL) Out: sig64: pointer to a 64-byte array to store the serialized signature (cannot be NULL) In: msg32: the 32-byte message being signed (cannot be NULL) keypair: pointer to an initialized keypair (cannot be NULL) aux_rand32: 32 bytes of fresh randomness. While recommended to provide this, it is only supplemental to security and can be NULL. See BIP-340 "Default Signing" for a full explanation of this argument and for guidance if randomness is expensive.
Definition at line 188 of file main_impl.h.
int secp256k1_schnorrsig_sign_custom | ( | const secp256k1_context * | ctx, |
unsigned char * | sig64, | ||
const unsigned char * | msg, | ||
size_t | msglen, | ||
const secp256k1_keypair * | keypair, | ||
secp256k1_schnorrsig_extraparams * | extraparams | ||
) |
Create a Schnorr signature with a more flexible API.
Same arguments as secp256k1_schnorrsig_sign except that it allows signing variable length messages and accepts a pointer to an extraparams object that allows customizing signing by passing additional arguments.
Creates the same signatures as schnorrsig_sign if msglen is 32 and the extraparams.ndata is the same as aux_rand32.
In: msg: the message being signed. Can only be NULL if msglen is 0. msglen: length of the message extraparams: pointer to a extraparams object (can be NULL)
Definition at line 192 of file main_impl.h.
int secp256k1_schnorrsig_sign_internal | ( | const secp256k1_context * | ctx, |
unsigned char * | sig64, | ||
const unsigned char * | msg, | ||
size_t | msglen, | ||
const secp256k1_keypair * | keypair, | ||
secp256k1_nonce_function_hardened | noncefp, | ||
void * | ndata | ||
) |
Definition at line 125 of file main_impl.h.
int secp256k1_schnorrsig_verify | ( | const secp256k1_context * | ctx, |
const unsigned char * | sig64, | ||
const unsigned char * | msg, | ||
size_t | msglen, | ||
const secp256k1_xonly_pubkey * | pubkey | ||
) |
Verify a Schnorr signature.
Returns: 1: correct signature 0: incorrect signature Args: ctx: a secp256k1 context object, initialized for verification. In: sig64: pointer to the 64-byte signature to verify (cannot be NULL) msg: the message being verified. Can only be NULL if msglen is 0. msglen: length of the message pubkey: pointer to an x-only public key to verify with (cannot be NULL)
Definition at line 207 of file main_impl.h.
|
static |
Definition at line 48 of file main_impl.h.
|
static |
Definition at line 50 of file main_impl.h.
const secp256k1_nonce_function_hardened secp256k1_nonce_function_bip340 = nonce_function_bip340 |
An implementation of the nonce generation function as defined in Bitcoin Improvement Proposal 340 "Schnorr Signatures for secp256k1" (https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki).
If a data pointer is passed, it is assumed to be a pointer to 32 bytes of auxiliary random data as defined in BIP-340. If the data pointer is NULL, the nonce derivation procedure follows BIP-340 by setting the auxiliary random data to zero. The algo argument must be non-NULL, otherwise the function will fail and return 0. The hash will be tagged with algo. Therefore, to create BIP-340 compliant signatures, algo must be set to "BIP0340/nonce" and algolen to 13.
Definition at line 92 of file main_impl.h.