Bitcoin ABC 0.30.7
P2P Digital Currency
secp256k1.h
Go to the documentation of this file.
1#ifndef SECP256K1_H
2#define SECP256K1_H
3
4#ifdef __cplusplus
5extern "C" {
6#endif
7
8#include <stddef.h>
9
10/* Unless explicitly stated all pointer arguments must not be NULL.
11 *
12 * The following rules specify the order of arguments in API calls:
13 *
14 * 1. Context pointers go first, followed by output arguments, combined
15 * output/input arguments, and finally input-only arguments.
16 * 2. Array lengths always immediately follow the argument whose length
17 * they describe, even if this violates rule 1.
18 * 3. Within the OUT/OUTIN/IN groups, pointers to data that is typically generated
19 * later go first. This means: signatures, public nonces, secret nonces,
20 * messages, public keys, secret keys, tweaks.
21 * 4. Arguments that are not data pointers go last, from more complex to less
22 * complex: function pointers, algorithm names, messages, void pointers,
23 * counts, flags, booleans.
24 * 5. Opaque data pointers follow the function pointer they are to be passed to.
25 */
26
47
60
70typedef struct {
71 unsigned char data[64];
73
83typedef struct {
84 unsigned char data[64];
86
104 unsigned char *nonce32,
105 const unsigned char *msg32,
106 const unsigned char *key32,
107 const unsigned char *algo16,
108 void *data,
109 unsigned int attempt
110);
111
112# if !defined(SECP256K1_GNUC_PREREQ)
113# if defined(__GNUC__)&&defined(__GNUC_MINOR__)
114# define SECP256K1_GNUC_PREREQ(_maj,_min) \
115 ((__GNUC__<<16)+__GNUC_MINOR__>=((_maj)<<16)+(_min))
116# else
117# define SECP256K1_GNUC_PREREQ(_maj,_min) 0
118# endif
119# endif
120
121# if (!defined(__STDC_VERSION__) || (__STDC_VERSION__ < 199901L) )
122# if SECP256K1_GNUC_PREREQ(2,7)
123# define SECP256K1_INLINE __inline__
124# elif (defined(_MSC_VER))
125# define SECP256K1_INLINE __inline
126# else
127# define SECP256K1_INLINE
128# endif
129# else
130# define SECP256K1_INLINE inline
131# endif
132
133#ifndef SECP256K1_API
134# if defined(_WIN32)
135# ifdef SECP256K1_BUILD
136# define SECP256K1_API __declspec(dllexport)
137# else
138# define SECP256K1_API
139# endif
140# elif defined(__GNUC__) && (__GNUC__ >= 4) && defined(SECP256K1_BUILD)
141# define SECP256K1_API __attribute__ ((visibility ("default")))
142# else
143# define SECP256K1_API
144# endif
145#endif
146
150# if defined(__GNUC__) && SECP256K1_GNUC_PREREQ(3, 4)
151# define SECP256K1_WARN_UNUSED_RESULT __attribute__ ((__warn_unused_result__))
152# else
153# define SECP256K1_WARN_UNUSED_RESULT
154# endif
155# if !defined(SECP256K1_BUILD) && defined(__GNUC__) && SECP256K1_GNUC_PREREQ(3, 4)
156# define SECP256K1_ARG_NONNULL(_x) __attribute__ ((__nonnull__(_x)))
157# else
158# define SECP256K1_ARG_NONNULL(_x)
159# endif
160
162#define SECP256K1_FLAGS_TYPE_MASK ((1 << 8) - 1)
163#define SECP256K1_FLAGS_TYPE_CONTEXT (1 << 0)
164#define SECP256K1_FLAGS_TYPE_COMPRESSION (1 << 1)
166#define SECP256K1_FLAGS_BIT_CONTEXT_VERIFY (1 << 8)
167#define SECP256K1_FLAGS_BIT_CONTEXT_SIGN (1 << 9)
168#define SECP256K1_FLAGS_BIT_CONTEXT_DECLASSIFY (1 << 10)
169#define SECP256K1_FLAGS_BIT_COMPRESSION (1 << 8)
170
173#define SECP256K1_CONTEXT_VERIFY (SECP256K1_FLAGS_TYPE_CONTEXT | SECP256K1_FLAGS_BIT_CONTEXT_VERIFY)
174#define SECP256K1_CONTEXT_SIGN (SECP256K1_FLAGS_TYPE_CONTEXT | SECP256K1_FLAGS_BIT_CONTEXT_SIGN)
175#define SECP256K1_CONTEXT_DECLASSIFY (SECP256K1_FLAGS_TYPE_CONTEXT | SECP256K1_FLAGS_BIT_CONTEXT_DECLASSIFY)
176#define SECP256K1_CONTEXT_NONE (SECP256K1_FLAGS_TYPE_CONTEXT)
177
179#define SECP256K1_EC_COMPRESSED (SECP256K1_FLAGS_TYPE_COMPRESSION | SECP256K1_FLAGS_BIT_COMPRESSION)
180#define SECP256K1_EC_UNCOMPRESSED (SECP256K1_FLAGS_TYPE_COMPRESSION)
181
183#define SECP256K1_TAG_PUBKEY_EVEN 0x02
184#define SECP256K1_TAG_PUBKEY_ODD 0x03
185#define SECP256K1_TAG_PUBKEY_UNCOMPRESSED 0x04
186#define SECP256K1_TAG_PUBKEY_HYBRID_EVEN 0x06
187#define SECP256K1_TAG_PUBKEY_HYBRID_ODD 0x07
188
195
208 unsigned int flags
210
223
239);
240
280 void (*fun)(const char* message, void* data),
281 const void* data
283
305 void (*fun)(const char* message, void* data),
306 const void* data
308
317 const secp256k1_context* ctx,
318 size_t size
320
328 const secp256k1_context* ctx,
331
347 const secp256k1_context* ctx,
348 secp256k1_pubkey* pubkey,
349 const unsigned char *input,
350 size_t inputlen
352
369 const secp256k1_context* ctx,
370 unsigned char *output,
371 size_t *outputlen,
372 const secp256k1_pubkey* pubkey,
373 unsigned int flags
375
386 const secp256k1_context* ctx,
387 const secp256k1_pubkey* pubkey1,
388 const secp256k1_pubkey* pubkey2
390
407 const secp256k1_context* ctx,
409 const unsigned char *input64
411
428 const secp256k1_context* ctx,
430 const unsigned char *input,
431 size_t inputlen
433
446 const secp256k1_context* ctx,
447 unsigned char *output,
448 size_t *outputlen,
451
462 const secp256k1_context* ctx,
463 unsigned char *output64,
466
493 const secp256k1_context* ctx,
495 const unsigned char *msghash32,
496 const secp256k1_pubkey *pubkey
498
542 const secp256k1_context* ctx,
544 const secp256k1_ecdsa_signature *sigin
546
552
555
571 const secp256k1_context* ctx,
573 const unsigned char *msghash32,
574 const unsigned char *seckey,
576 const void *ndata
578
592 const secp256k1_context* ctx,
593 const unsigned char *seckey
595
605 const secp256k1_context* ctx,
606 secp256k1_pubkey *pubkey,
607 const unsigned char *seckey
609
622 const secp256k1_context* ctx,
623 unsigned char *seckey
625
629 const secp256k1_context* ctx,
630 unsigned char *seckey
632
640 const secp256k1_context* ctx,
641 secp256k1_pubkey *pubkey
643
660 const secp256k1_context* ctx,
661 unsigned char *seckey,
662 const unsigned char *tweak32
664
668 const secp256k1_context* ctx,
669 unsigned char *seckey,
670 const unsigned char *tweak32
672
688 const secp256k1_context* ctx,
689 secp256k1_pubkey *pubkey,
690 const unsigned char *tweak32
692
707 const secp256k1_context* ctx,
708 unsigned char *seckey,
709 const unsigned char *tweak32
711
715 const secp256k1_context* ctx,
716 unsigned char *seckey,
717 const unsigned char *tweak32
719
733 const secp256k1_context* ctx,
734 secp256k1_pubkey *pubkey,
735 const unsigned char *tweak32
737
765 const unsigned char *seed32
767
779 const secp256k1_context* ctx,
780 secp256k1_pubkey *out,
781 const secp256k1_pubkey * const * ins,
782 size_t n
784
802 const secp256k1_context* ctx,
803 unsigned char *hash32,
804 const unsigned char *tag,
805 size_t taglen,
806 const unsigned char *msg,
807 size_t msglen
809
810#ifdef __cplusplus
811}
812#endif
813
814#endif /* SECP256K1_H */
secp256k1_context * ctx
int flags
Definition: bitcoin-tx.cpp:541
SchnorrSig sig
Definition: processor.cpp:498
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_seckey_tweak_mul(const secp256k1_context *ctx, unsigned char *seckey, const unsigned char *tweak32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Tweak a secret key by multiplying it by a tweak.
Definition: secp256k1.c:708
#define SECP256K1_ARG_NONNULL(_x)
Definition: secp256k1.h:158
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT secp256k1_scratch_space * secp256k1_scratch_space_create(const secp256k1_context *ctx, size_t size) SECP256K1_ARG_NONNULL(1)
Create a secp256k1 scratch space object.
Definition: secp256k1.c:221
SECP256K1_API const secp256k1_context * secp256k1_context_no_precomp
A simple secp256k1 context object with no precomputed tables.
Definition: secp256k1.c:84
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_context_randomize(secp256k1_context *ctx, const unsigned char *seed32) SECP256K1_ARG_NONNULL(1)
Updates the context randomization to protect against side-channel leakage.
Definition: secp256k1.c:756
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_seckey_negate(const secp256k1_context *ctx, unsigned char *seckey) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2)
Negates a secret key in place.
Definition: secp256k1.c:617
SECP256K1_API const secp256k1_nonce_function secp256k1_nonce_function_default
A default safe nonce generation function (currently equal to secp256k1_nonce_function_rfc6979).
Definition: secp256k1.c:503
SECP256K1_API int secp256k1_ecdsa_signature_parse_compact(const secp256k1_context *ctx, secp256k1_ecdsa_signature *sig, const unsigned char *input64) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Parse an ECDSA signature in compact (64 bytes) format.
Definition: secp256k1.c:385
SECP256K1_API int secp256k1_ec_pubkey_serialize(const secp256k1_context *ctx, unsigned char *output, size_t *outputlen, const secp256k1_pubkey *pubkey, unsigned int flags) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
Serialize a pubkey object into a serialized byte sequence.
Definition: secp256k1.c:296
SECP256K1_API void secp256k1_context_set_error_callback(secp256k1_context *ctx, void(*fun)(const char *message, void *data), const void *data) SECP256K1_ARG_NONNULL(1)
Set a callback function to be called when an internal consistency check fails.
Definition: secp256k1.c:212
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_cmp(const secp256k1_context *ctx, const secp256k1_pubkey *pubkey1, const secp256k1_pubkey *pubkey2) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Compare two public keys using lexicographic (of compressed serialization) order.
Definition: secp256k1.c:319
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_seckey_verify(const secp256k1_context *ctx, const unsigned char *seckey) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2)
Verify an ECDSA secret key.
Definition: secp256k1.c:576
SECP256K1_API secp256k1_context * secp256k1_context_create(unsigned int flags) SECP256K1_WARN_UNUSED_RESULT
Create a secp256k1 context object (in dynamically allocated memory).
Definition: secp256k1.c:152
SECP256K1_API void secp256k1_context_set_illegal_callback(secp256k1_context *ctx, void(*fun)(const char *message, void *data), const void *data) SECP256K1_ARG_NONNULL(1)
Set a callback function to be called when an illegal argument is passed to an API call.
Definition: secp256k1.c:203
#define SECP256K1_API
Definition: secp256k1.h:143
SECP256K1_API int secp256k1_ecdsa_sign(const secp256k1_context *ctx, secp256k1_ecdsa_signature *sig, const unsigned char *msghash32, const unsigned char *seckey, secp256k1_nonce_function noncefp, const void *ndata) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
Create an ECDSA signature.
Definition: secp256k1.c:561
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_combine(const secp256k1_context *ctx, secp256k1_pubkey *out, const secp256k1_pubkey *const *ins, size_t n) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Add a number of public keys together.
Definition: secp256k1.c:764
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_parse(const secp256k1_context *ctx, secp256k1_pubkey *pubkey, const unsigned char *input, size_t inputlen) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Parse a variable-length public key into the pubkey object.
Definition: secp256k1.c:278
int(* secp256k1_nonce_function)(unsigned char *nonce32, const unsigned char *msg32, const unsigned char *key32, const unsigned char *algo16, void *data, unsigned int attempt)
A pointer to a function to deterministically generate a nonce.
Definition: secp256k1.h:103
SECP256K1_API int secp256k1_ecdsa_signature_parse_der(const secp256k1_context *ctx, secp256k1_ecdsa_signature *sig, const unsigned char *input, size_t inputlen) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Parse a DER ECDSA signature.
Definition: secp256k1.c:369
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_privkey_negate(const secp256k1_context *ctx, unsigned char *seckey) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2)
Same as secp256k1_ec_seckey_negate, but DEPRECATED.
Definition: secp256k1.c:632
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_create(const secp256k1_context *ctx, secp256k1_pubkey *pubkey, const unsigned char *seckey) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Compute the public key for a secret key.
Definition: secp256k1.c:599
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_tagged_sha256(const secp256k1_context *ctx, unsigned char *hash32, const unsigned char *tag, size_t taglen, const unsigned char *msg, size_t msglen) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(5)
Compute a tagged hash as defined in BIP-340.
Definition: secp256k1.c:788
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ecdsa_verify(const secp256k1_context *ctx, const secp256k1_ecdsa_signature *sig, const unsigned char *msghash32, const secp256k1_pubkey *pubkey) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
Verify an ECDSA signature.
Definition: secp256k1.c:450
SECP256K1_API int secp256k1_ecdsa_signature_normalize(const secp256k1_context *ctx, secp256k1_ecdsa_signature *sigout, const secp256k1_ecdsa_signature *sigin) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(3)
Convert a signature to a normalized lower-S form.
Definition: secp256k1.c:431
SECP256K1_API secp256k1_context * secp256k1_context_clone(const secp256k1_context *ctx) SECP256K1_ARG_NONNULL(1) SECP256K1_WARN_UNUSED_RESULT
Copy a secp256k1 context object (into dynamically allocated memory).
Definition: secp256k1.c:177
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_tweak_add(const secp256k1_context *ctx, secp256k1_pubkey *pubkey, const unsigned char *tweak32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Tweak a public key by adding tweak times the generator to it.
Definition: secp256k1.c:690
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_privkey_tweak_add(const secp256k1_context *ctx, unsigned char *seckey, const unsigned char *tweak32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Same as secp256k1_ec_seckey_tweak_add, but DEPRECATED.
Definition: secp256k1.c:679
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_privkey_tweak_mul(const secp256k1_context *ctx, unsigned char *seckey, const unsigned char *tweak32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Same as secp256k1_ec_seckey_tweak_mul, but DEPRECATED.
Definition: secp256k1.c:728
SECP256K1_API const secp256k1_nonce_function secp256k1_nonce_function_rfc6979
An implementation of RFC6979 (using HMAC-SHA256) as nonce generation function.
Definition: secp256k1.c:502
SECP256K1_API int secp256k1_ecdsa_signature_serialize_der(const secp256k1_context *ctx, unsigned char *output, size_t *outputlen, const secp256k1_ecdsa_signature *sig) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
Serialize an ECDSA signature in DER format.
Definition: secp256k1.c:406
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_negate(const secp256k1_context *ctx, secp256k1_pubkey *pubkey) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2)
Negates a public key in place.
Definition: secp256k1.c:636
SECP256K1_API void secp256k1_scratch_space_destroy(const secp256k1_context *ctx, secp256k1_scratch_space *scratch) SECP256K1_ARG_NONNULL(1)
Destroy a secp256k1 scratch space.
Definition: secp256k1.c:226
#define SECP256K1_WARN_UNUSED_RESULT
Warning attributes NONNULL is not used if SECP256K1_BUILD is set to avoid the compiler optimizing out...
Definition: secp256k1.h:153
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_seckey_tweak_add(const secp256k1_context *ctx, unsigned char *seckey, const unsigned char *tweak32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Tweak a secret key by adding tweak to it.
Definition: secp256k1.c:663
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_tweak_mul(const secp256k1_context *ctx, secp256k1_pubkey *pubkey, const unsigned char *tweak32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Tweak a public key by multiplying it by a tweak value.
Definition: secp256k1.c:732
SECP256K1_API void secp256k1_context_destroy(secp256k1_context *ctx)
Destroy a secp256k1 context object (created in dynamically allocated memory).
Definition: secp256k1.c:196
SECP256K1_API int secp256k1_ecdsa_signature_serialize_compact(const secp256k1_context *ctx, unsigned char *output64, const secp256k1_ecdsa_signature *sig) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Serialize an ECDSA signature in compact (64 byte) format.
Definition: secp256k1.c:418
Opaque data structured that holds a parsed ECDSA signature.
Definition: secp256k1.h:83
Opaque data structure that holds a parsed and valid public key.
Definition: secp256k1.h:70
void * data
actual allocated data
Definition: scratch.h:16