secp256k1

package
v0.0.0-...-bb8424b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 13, 2023 License: LGPL-3.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

View Source 
const EncodedAdaptorSize = 33 + 33 + (32 * 3)
View Source 
const MessageLength = 32

Variables

This section is empty.

Functions

func RecoverFromAdaptorAndSignature 

func RecoverFromAdaptorAndSignature(adaptor *EncryptedSignature, encryptionKey *PublicKey, sig *Signature) (*secp256k1.ModNScalar, error)

RecoverFromAdaptorAndSignature recovers the decryption key given an encrypted signature and the signature that was decrypted from it.

Types

type EncryptedSignature 

type EncryptedSignature struct {
	R, R_a *Point
	// contains filtered or unexported fields
}

EncryptedSignature is an "encrypted" ECDSA signature aka adaptor signature (R || R_a || s || dleqProof).

func (*EncryptedSignature) Decode 

func (s *EncryptedSignature) Decode(b []byte) error

Decode parses bytes buffer `b` into EncryptedSignature.

func (*EncryptedSignature) Decrypt 

func (a *EncryptedSignature) Decrypt(sk *secp256k1.ModNScalar) (*Signature, error)

Decrypt function is used to decrypt an encrypted signature yielding the plain ECDSA signature.

* Before calling this method you should be certain that the EncryptedSignature is what you think it is by calling PublicKey.VerifyAdaptor on it first.

* Once you give the decrypted Signature to anyone who has seen EncryptedSignature, they will be able to learn decryption key aka secret by calling RecoverFromAdaptorAndSignature.

func (*EncryptedSignature) Encode 

func (s *EncryptedSignature) Encode() ([]byte, error)

Encode encodes EncryptedSignature into EncodedAdaptorSize bytes buffer as follows (R || R_a || s || proof.z | proof.s).

func (*EncryptedSignature) MarshalJSON 

func (s *EncryptedSignature) MarshalJSON() ([]byte, error)

MarshalJSON serializes EncryptedSignature into JSON format based on the Encode method.

func (*EncryptedSignature) UnmarshalJSON 

func (s *EncryptedSignature) UnmarshalJSON(in []byte) error

UnmarshalJSON deserializes EncryptedSignature from JSON formatted bytes based on the Decode method.

type Keypair 

type Keypair struct {
	// contains filtered or unexported fields
}

Keypair defines pair of ECDSA PrivateKey and PublicKey.

func GenerateKeypair 

func GenerateKeypair() *Keypair

GenerateKeypair generates a random PrivateKey scalar and derives point on secp256k1 curve as a corresponding PublicKey. If private scalar generates no point on a curve, this step would be repeated until it is.

func KeypairFromHex 

func KeypairFromHex(s string) *Keypair

KeypairFromHex decodes hex formatted (without "0x") string `s` into a Keypair.

func (*Keypair) AdaptorSign 

func (kp *Keypair) AdaptorSign(msg []byte, encKey *PublicKey, nonceFnOpt ...NonceFunc) (*EncryptedSignature, error)

AdaptorSign create an encrypted signature aka "adaptor signature" aka "pre-signature".

The `msg` param is a 32 bytes hash. Use `nonceFnOpt` to specify custom NonceFunc. Default is WithRFC6979.

func (*Keypair) Private 

func (kp *Keypair) Private() *PrivateKey

Private returns PrivateKey component.

func (*Keypair) Public 

func (kp *Keypair) Public() *PublicKey

Public returns PublicKey component.

func (*Keypair) Sign 

func (kp *Keypair) Sign(msg []byte) (*Signature, error)

Sign performs ECDSA signing of the 32 bytes `msg` hash.

If `msg` length overflows 32 bytes error will be returned.

type NonceFunc 

type NonceFunc = func() (*secp256k1.ModNScalar, error)

NonceFunc defines nonce generation algorithm.

func WithRFC6979 

func WithRFC6979(sk *PrivateKey, msg []byte, encKey *PublicKey) NonceFunc

WithRFC6979 can be used to specify deterministic nonce generation based on the RFC-6979 spec.

This is the default way of generation nonce in this library.

func WithRandom 

func WithRandom() NonceFunc

WithRandom can be used to specify random nonce generation.

type Point 

type Point struct {
	*secp256k1.JacobianPoint
}

Point is the library's internal elliptic curve point representation and is a wrapper around `secp256k1.JacobianPoint` https://github.com/decred/dcrd/tree/master/dcrec/secp256k1.

func (*Point) Add 

func (p *Point) Add(a, b *Point)

func (*Point) BaseExp 

func (p *Point) BaseExp(k *secp256k1.ModNScalar)

func (*Point) Copy 

func (p *Point) Copy() *Point

func (*Point) Equal 

func (p *Point) Equal(other *Point) bool

func (*Point) Negate 

func (p *Point) Negate()

func (*Point) PutBytes 

func (p *Point) PutBytes(dst []byte)

func (*Point) Scale 

func (p *Point) Scale(point *Point, k *secp256k1.ModNScalar)

func (*Point) SetBytes 

func (p *Point) SetBytes(bc []byte) error

func (*Point) Sub 

func (p *Point) Sub(a, b *Point)

func (*Point) ToBytes 

func (p *Point) ToBytes() []byte

func (*Point) XY 

func (p *Point) XY() (*secp256k1.FieldVal, *secp256k1.FieldVal, error)

type PrivateKey 

type PrivateKey struct {
	// contains filtered or unexported fields
}

PrivateKey wraps secp256k1 scalar field being a secret component of the ECDSA scheme.

func (*PrivateKey) Decode 

func (k *PrivateKey) Decode(b []byte) error

Decode parses bytes buffer `b` into PrivateKey.

If buffer overflows 32 bytes error will be returned.

func (*PrivateKey) Encode 

func (k *PrivateKey) Encode() ([]byte, error)

Encode encodes PrivateKey into a 32 bytes buffer.

func (*PrivateKey) Inner 

func (k *PrivateKey) Inner() *secp256k1.ModNScalar

Inner returns secp256k1.ModNScalar behind PrivateKey.

func (*PrivateKey) MarshalJSON 

func (k *PrivateKey) MarshalJSON() ([]byte, error)

MarshalJSON serializes PrivateKey into JSON format based on the Encode method.

func (*PrivateKey) Public 

func (k *PrivateKey) Public() *PublicKey

Public derives PublicKey (X) by generating point with secret scalar (x): X = G^x.

func (*PrivateKey) UnmarshalJSON 

func (k *PrivateKey) UnmarshalJSON(in []byte) error

UnmarshalJSON deserializes JSON formatted bytes into PrivateKey.

type PublicKey 

type PublicKey struct {
	// contains filtered or unexported fields
}

PublicKey wraps point on the secp256k1 curve being a public component of the ECDSA scheme.

func (*PublicKey) Decode 

func (k *PublicKey) Decode(b []byte) error

Decode decodes bytes buffer `b` into a PublicKey automatically recognizing compression type.

func (*PublicKey) Encode 

func (k *PublicKey) Encode() ([]byte, error)

Encode encodes PublicKey into a 33 bytes buffer in a compressed form.

To comply with go-ethereum requirements first byte specifies this "type" (ie. compressed, uncompressed, or hybrid) https://github.com/quan8/go-ethereum/blob/a1c09b93871dd3770adffb177086abda1b2ff3af/vendor/github.com/btcsuite/btcd/btcec/pubkey.go#L69

func (*PublicKey) EncodeDecompressed 

func (k *PublicKey) EncodeDecompressed() ([]byte, error)

EncodeDecompressed encodes PublicKey into a 64 bytes buffer in an uncompressed form (x||y).

func (*PublicKey) MarshalJSON 

func (k *PublicKey) MarshalJSON() ([]byte, error)

MarshalJSON serializes PublicKey into JSON format based on the Encode method.

func (*PublicKey) UnmarshalJSON 

func (k *PublicKey) UnmarshalJSON(in []byte) error

UnmarshalJSON deserializes JSON formatted bytes into PublicKey.

func (*PublicKey) Verify 

func (k *PublicKey) Verify(msg []byte, sig *Signature) (bool, error)

Verify verifies that given Signature was signed from a `msg` by the receiver PublicKey.

func (*PublicKey) VerifyAdaptor 

func (k *PublicKey) VerifyAdaptor(msg []byte, encryptionKey *PublicKey, adaptor *EncryptedSignature) (bool, error)

VerifyAdaptor verifies an encrypted signature is valid i.e. if it is decrypted it will yield a signature on `msg` under receiver PublicKey.

type Signature 

type Signature struct {
	// contains filtered or unexported fields
}

Signature is a standard ECDSA signature (v||r||s).

func (*Signature) Decode 

func (s *Signature) Decode(b []byte) error

Decode parses 64/65 bytes buffer `b` into a receiver Signature.

In case `b` is 65 bytes the last 65-th byte would be decoded as `recovery_id` aka `v`.

func (*Signature) Encode 

func (s *Signature) Encode() ([]byte, error)

Encode encodes Signature into a 64 bytes buffer.

func (*Signature) EncodeRecoverable 

func (s *Signature) EncodeRecoverable() ([]byte, error)

EncodeRecoverable encodes Signature into a 65 bytes buffer where last byte is a `receiver_id` aka `v`.

func (*Signature) MarshalJSON 

func (s *Signature) MarshalJSON() ([]byte, error)

MarshalJSON serializes Signature into JSON format based on the Encode method.

func (*Signature) UnmarshalJSON 

func (s *Signature) UnmarshalJSON(in []byte) error

UnmarshalJSON deserializes JSON formatted bytes into Signature.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.