secp256k1

package
v0.0.0-...-4c49fd5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 18, 2023 License: GPL-2.0, GPL-3.0 Imports: 5 Imported by: 1

Documentation

Overview

Package secp256k1 wraps the bitcoin secp256k1 C library.

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrInvalidMsgLen       = errors.New("invalid message length, need 32 bytes")
	ErrInvalidSignatureLen = errors.New("invalid signature length")
	ErrInvalidRecoveryID   = errors.New("invalid signature recovery id")
	ErrInvalidKey          = errors.New("invalid private key")
	ErrInvalidPubkey       = errors.New("invalid public key")
	ErrSignFailed          = errors.New("signing failed")
	ErrRecoverFailed       = errors.New("recovery failed")
)

Functions

func CompressPubkey

func CompressPubkey(keytype string, x, y *big.Int) []byte

CompressPubkey encodes a public key to 33-byte compressed format.

func DecompressPubkey

func DecompressPubkey(pubkey []byte) (x, y *big.Int)

DecompressPubkey parses a public key in the 33-byte compressed format. It returns non-nil coordinates if the public key is valid.

func Get_ecdsa_sign_v

func Get_ecdsa_sign_v(rx *big.Int, ry *big.Int) int

func MathReadBits

func MathReadBits(bigint *big.Int, buf []byte)

MathReadBits encodes the absolute value of bigint as big-endian bytes. Callers must ensure that buf has enough space. If buf is too short the result will be incomplete.

func RecoverPubkey

func RecoverPubkey(msg []byte, sig []byte) ([]byte, error)

RecoverPubkey returns the public key of the signer. msg must be the 32-byte hash of the message to be signed. sig must be a 65-byte compact ECDSA signature containing the recovery id as the last element.

func Sign

func Sign(msg []byte, seckey []byte) ([]byte, error)

Sign creates a recoverable ECDSA signature. The produced signature is in the 65-byte [R || S || V] format where V is 0 or 1.

The caller is responsible for ensuring that msg cannot be chosen directly by an attacker. It is usually preferable to use a cryptographic hash function on any input before handing it to this function.

func VerifySignature

func VerifySignature(pubkey, msg, signature []byte) bool

VerifySignature checks that the given pubkey created signature over message. The signature should be in [R || S] format.

Types

type BitCurve

type BitCurve struct {
	P       *big.Int // the order of the underlying field
	N       *big.Int // the order of the base point
	B       *big.Int // the constant of the BitCurve equation
	Gx, Gy  *big.Int // (x,y) of the base point
	BitSize int      // the size of the underlying field
}

A BitCurve represents a Koblitz Curve with a=0. See http://www.hyperelliptic.org/EFD/g1p/auto-shortw.html

func (*BitCurve) Add

func (BitCurve *BitCurve) Add(x1, y1, x2, y2 *big.Int) (*big.Int, *big.Int)

Add returns the sum of (x1,y1) and (x2,y2)

func (*BitCurve) Double

func (BitCurve *BitCurve) Double(x1, y1 *big.Int) (*big.Int, *big.Int)

Double returns 2*(x,y)

func (*BitCurve) GX

func (bitCurve *BitCurve) GX() *big.Int

func (*BitCurve) GY

func (bitCurve *BitCurve) GY() *big.Int

func (*BitCurve) GetY

func (bitCurve *BitCurve) GetY(x *big.Int) *big.Int

GetY get y^2

func (*BitCurve) IsOnCurve

func (BitCurve *BitCurve) IsOnCurve(x, y *big.Int) bool

IsOnCurve returns true if the given (x,y) lies on the BitCurve.

func (*BitCurve) KMulG

func (BitCurve *BitCurve) KMulG(k []byte) (*big.Int, *big.Int)

return value is normalized.

func (*BitCurve) Marshal

func (BitCurve *BitCurve) Marshal(x, y *big.Int) []byte

Marshal converts a point into the form specified in section 4.3.6 of ANSI X9.62.

func (*BitCurve) N1

func (bitCurve *BitCurve) N1() *big.Int

func (*BitCurve) N3

func (bitCurve *BitCurve) N3() *big.Int

func (*BitCurve) Params

func (BitCurve *BitCurve) Params() *elliptic.CurveParams

func (*BitCurve) ScalarBaseMult

func (BitCurve *BitCurve) ScalarBaseMult(k []byte) (*big.Int, *big.Int)

ScalarBaseMult returns k*G, where G is the base point of the group and k is an integer in big-endian form.

func (*BitCurve) ScalarMult

func (BitCurve *BitCurve) ScalarMult(Bx, By *big.Int, scalar []byte) (*big.Int, *big.Int)

func (*BitCurve) Unmarshal

func (BitCurve *BitCurve) Unmarshal(data []byte) (x, y *big.Int)

Unmarshal converts a point, serialised by Marshal, into an x, y pair. On error, x = nil.

type EC256Curve

type EC256Curve interface {
	Params() *elliptic.CurveParams
	IsOnCurve(x, y *big.Int) bool
	Add(x1, y1, x2, y2 *big.Int) (*big.Int, *big.Int)
	Double(x1, y1 *big.Int) (*big.Int, *big.Int)
	ScalarMult(Bx, By *big.Int, scalar []byte) (*big.Int, *big.Int)
	ScalarBaseMult(k []byte) (*big.Int, *big.Int)
	Marshal(x, y *big.Int) []byte
	Unmarshal(data []byte) (x, y *big.Int)
	KMulG(k []byte) (*big.Int, *big.Int)
	N1() *big.Int
	N3() *big.Int
	GX() *big.Int
	GY() *big.Int
	GetY(x *big.Int) *big.Int
}

func S256

func S256(keytype string) EC256Curve

S256 returns a BitCurve which implements secp256k1.

type StarkCurve

type StarkCurve struct {
	P                                  *big.Int
	N                                  *big.Int
	Alpha, Beta                        *big.Int
	Gx, Gy                             *big.Int
	BitSize                            int // the size of the underlying field
	ShiftPointx, ShiftPointy           *big.Int
	MinusShiftPointx, MinusShiftPointy *big.Int
	Max                                *big.Int
}

Stark Curve, see https://docs.starkware.co/starkex-v4/crypto/stark-curve y^2 = x^3 + alpha*x + beta (mod p)

func Stark

func Stark() *StarkCurve

Stark returns a StarkCurve instance

func (*StarkCurve) Add

func (starkCurve *StarkCurve) Add(x1, y1, x2, y2 *big.Int) (*big.Int, *big.Int)

Add returns the sum of P(x1,y1) and Q(x2,y2), note, P != Q

func (*StarkCurve) Double

func (starkCurve *StarkCurve) Double(x1, y1 *big.Int) (*big.Int, *big.Int)

Double returns 2*(x,y)

func (*StarkCurve) GX

func (starkCurve *StarkCurve) GX() *big.Int

func (*StarkCurve) GY

func (starkCurve *StarkCurve) GY() *big.Int

func (*StarkCurve) GetY

func (starkCurve *StarkCurve) GetY(x *big.Int) *big.Int

GetY get y^2

func (*StarkCurve) IsOnCurve

func (starkCurve *StarkCurve) IsOnCurve(x, y *big.Int) bool

IsOnCurve returns true if the given (x,y) lies on the Stark Curve.

func (*StarkCurve) KMulG

func (starkCurve *StarkCurve) KMulG(k []byte) (*big.Int, *big.Int)

return value is normalized.

func (*StarkCurve) Marshal

func (starkCurve *StarkCurve) Marshal(x, y *big.Int) []byte

Marshal converts a point into the form specified in section 4.3.6 of ANSI X9.62.

func (*StarkCurve) N1

func (starkCurve *StarkCurve) N1() *big.Int

func (*StarkCurve) N3

func (starkCurve *StarkCurve) N3() *big.Int

func (*StarkCurve) Params

func (starkCurve *StarkCurve) Params() *elliptic.CurveParams

func (*StarkCurve) ScalarBaseMult

func (starkCurve *StarkCurve) ScalarBaseMult(k []byte) (*big.Int, *big.Int)

ScalarBaseMult returns k*G, where G is the base point of the group and k is an integer in big-endian form.

func (*StarkCurve) ScalarMult

func (starkCurve *StarkCurve) ScalarMult(Bx, By *big.Int, k []byte) (*big.Int, *big.Int)

ScalarBaseMult returns k*B, where B is a curve point and k is an integer in byte array of big-endian form.

func (*StarkCurve) ScalarMultInt

func (starkCurve *StarkCurve) ScalarMultInt(Bx, By, kInt *big.Int) (*big.Int, *big.Int)

ScalarBaseMult returns k*B, where B is a curve point and kInt is an integer in big.Int form.

func (*StarkCurve) Unmarshal

func (starkCurve *StarkCurve) Unmarshal(data []byte) (x, y *big.Int)

Unmarshal converts a point, serialised by Marshal, into an x, y pair. On error, x = nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL