Documentation ¶
Index ¶
- Variables
- func GenerateKeyPair() ([]byte, []byte)
- func GeneratePubKey(seckey []byte) ([]byte, error)
- func RecoverPubkey(msg []byte, sig []byte) ([]byte, error)
- func Sign(msg []byte, seckey []byte) ([]byte, error)
- func SignNondeterministic(msg []byte, seckey []byte) ([]byte, error)
- func VerifySeckeyValidity(seckey []byte) error
- type BitCurve
- func (BitCurve *BitCurve) Add(x1, y1, x2, y2 *big.Int) (*big.Int, *big.Int)
- func (BitCurve *BitCurve) Double(x1, y1 *big.Int) (*big.Int, *big.Int)
- func (BitCurve *BitCurve) GenerateKey(rand io.Reader) (priv []byte, x, y *big.Int, err error)
- func (BitCurve *BitCurve) IsOnCurve(x, y *big.Int) bool
- func (BitCurve *BitCurve) Marshal(x, y *big.Int) []byte
- func (BitCurve *BitCurve) Params() *elliptic.CurveParams
- func (BitCurve *BitCurve) ScalarBaseMult(k []byte) (*big.Int, *big.Int)
- func (BitCurve *BitCurve) ScalarMult(Bx, By *big.Int, scalar []byte) (*big.Int, *big.Int)
- func (BitCurve *BitCurve) Unmarshal(data []byte) (x, y *big.Int)
Constants ¶
This section is empty.
Variables ¶
var ( N *big.Int HalfN *big.Int )
holds ptr to secp256k1_context_struct (see secp256k1/include/secp256k1.h)
var ( ErrInvalidMsgLen = errors.New("invalid message length for signature recovery") ErrInvalidSignatureLen = errors.New("invalid signature length") ErrInvalidRecoveryID = errors.New("invalid signature recovery id") ErrInvalidKey = errors.New("invalid private key") ErrInvalidPubkey = errors.New("invalid public key") ErrSignFailed = errors.New("signing failed") ErrRecoverFailed = errors.New("recovery failed") )
Functions ¶
func GenerateKeyPair ¶
func GeneratePubKey ¶
func RecoverPubkey ¶
RecoverPubkey returns the the public key of the signer. msg must be the 32-byte hash of the message to be signed. sig must be a 65-byte compact ECDSA signature containing the recovery id as the last element.
func Sign ¶
Sign creates a recoverable ECDSA signature. The produced signature is in the 65-byte [R || S || V] format where V is 0 or 1.
The caller is responsible for ensuring that msg cannot be chosen directly by an attacker. It is usually preferable to use a cryptographic hash function on any input before handing it to this function.
func SignNondeterministic ¶
SignNondeterministic generates nondeterministic signature b/c of a random k-value in the ECDSA algorithm. This function is included only for purpose of demonstration and comparison with the deterministic Sign function.
func VerifySeckeyValidity ¶
Types ¶
type BitCurve ¶ added in v1.4.0
type BitCurve struct { P *big.Int // the order of the underlying field N *big.Int // the order of the base point B *big.Int // the constant of the BitCurve equation Gx, Gy *big.Int // (x,y) of the base point BitSize int // the size of the underlying field }
A BitCurve represents a Koblitz Curve with a=0. See http://www.hyperelliptic.org/EFD/g1p/auto-shortw.html
func S256 ¶ added in v1.4.0
func S256() *BitCurve
S256 returns a BitCurve which implements secp256k1 (see SEC 2 section 2.7.1)
func (*BitCurve) GenerateKey ¶ added in v1.4.0
TODO: double check if it is okay GenerateKey returns a public/private key pair. The private key is generated using the given reader, which must return random data.
func (*BitCurve) IsOnCurve ¶ added in v1.4.0
IsOnBitCurve returns true if the given (x,y) lies on the BitCurve.
func (*BitCurve) Marshal ¶ added in v1.4.0
Marshal converts a point into the form specified in section 4.3.6 of ANSI X9.62.
func (*BitCurve) Params ¶ added in v1.4.0
func (BitCurve *BitCurve) Params() *elliptic.CurveParams
func (*BitCurve) ScalarBaseMult ¶ added in v1.4.0
ScalarBaseMult returns k*G, where G is the base point of the group and k is an integer in big-endian form.