Bitcoin ABC 0.26.3
P2P Digital Currency
Loading...
Searching...
No Matches
main_impl.h
Go to the documentation of this file.
1/***********************************************************************
2 * Copyright (c) 2020 Jonas Nick *
3 * Distributed under the MIT software license, see the accompanying *
4 * file COPYING or https://www.opensource.org/licenses/mit-license.php.*
5 ***********************************************************************/
6
7#ifndef SECP256K1_MODULE_EXTRAKEYS_MAIN_H
8#define SECP256K1_MODULE_EXTRAKEYS_MAIN_H
9
10#include "include/secp256k1.h"
12
16
20
22 secp256k1_ge pk;
24
26 ARG_CHECK(pubkey != NULL);
27 memset(pubkey, 0, sizeof(*pubkey));
29
30 if (!secp256k1_fe_set_b32(&x, input32)) {
31 return 0;
32 }
33 if (!secp256k1_ge_set_xo_var(&pk, &x, 0)) {
34 return 0;
35 }
37 return 0;
38 }
39 secp256k1_xonly_pubkey_save(pubkey, &pk);
40 return 1;
41}
42
44 secp256k1_ge pk;
45
48 memset(output32, 0, 32);
49 ARG_CHECK(pubkey != NULL);
50
51 if (!secp256k1_xonly_pubkey_load(ctx, &pk, pubkey)) {
52 return 0;
53 }
55 return 1;
56}
57
59 unsigned char out[2][32];
60 const secp256k1_xonly_pubkey* pk[2];
61 int i;
62
64 pk[0] = pk0; pk[1] = pk1;
65 for (i = 0; i < 2; i++) {
66 /* If the public key is NULL or invalid, xonly_pubkey_serialize will
67 * call the illegal_callback and return 0. In that case we will
68 * serialize the key as all zeros which is less than any valid public
69 * key. This results in consistent comparisons even if NULL or invalid
70 * pubkeys are involved and prevents edge cases such as sorting
71 * algorithms that use this function and do not terminate as a
72 * result. */
73 if (!secp256k1_xonly_pubkey_serialize(ctx, out[i], pk[i])) {
74 /* Note that xonly_pubkey_serialize should already set the output to
75 * zero in that case, but it's not guaranteed by the API, we can't
76 * test it and writing a VERIFY_CHECK is more complex than
77 * explicitly memsetting (again). */
78 memset(out[i], 0, sizeof(out[i]));
79 }
80 }
81 return secp256k1_memcmp_var(out[0], out[1], sizeof(out[1]));
82}
83
88 int y_parity = 0;
90
91 if (secp256k1_fe_is_odd(&r->y)) {
92 secp256k1_fe_negate(&r->y, &r->y, 1);
93 y_parity = 1;
94 }
95 return y_parity;
96}
97
99 secp256k1_ge pk;
100 int tmp;
101
104 ARG_CHECK(pubkey != NULL);
105
106 if (!secp256k1_pubkey_load(ctx, &pk, pubkey)) {
107 return 0;
108 }
110 if (pk_parity != NULL) {
111 *pk_parity = tmp;
112 }
114 return 1;
115}
116
134
156
161
162
164 int ret;
165
167 /* We can declassify ret here because sk is only zero if a keypair function
168 * failed (which zeroes the keypair) and its return value is ignored. */
169 secp256k1_declassify(ctx, &ret, sizeof(ret));
170 ARG_CHECK(ret);
171 return ret;
172}
173
174/* Load a keypair into pk and sk (if non-NULL). This function declassifies pk
175 * and ARG_CHECKs that the keypair is not invalid. It always initializes sk and
176 * pk with dummy values. */
178 int ret;
179 const secp256k1_pubkey *pubkey = (const secp256k1_pubkey *)&keypair->data[32];
180
181 /* Need to declassify the pubkey because pubkey_load ARG_CHECKs if it's
182 * invalid. */
183 secp256k1_declassify(ctx, pubkey, sizeof(*pubkey));
184 ret = secp256k1_pubkey_load(ctx, pk, pubkey);
185 if (sk != NULL) {
187 }
188 if (!ret) {
190 if (sk != NULL) {
192 }
193 }
194 return ret;
195}
196
214
218 memset(seckey, 0, 32);
220
221 memcpy(seckey, &keypair->data[0], 32);
222 return 1;
223}
224
227 ARG_CHECK(pubkey != NULL);
228 memset(pubkey, 0, sizeof(*pubkey));
230
231 memcpy(pubkey->data, &keypair->data[32], sizeof(*pubkey));
232 return 1;
233}
234
236 secp256k1_ge pk;
237 int tmp;
238
240 ARG_CHECK(pubkey != NULL);
241 memset(pubkey, 0, sizeof(*pubkey));
243
244 if (!secp256k1_keypair_load(ctx, NULL, &pk, keypair)) {
245 return 0;
246 }
248 if (pk_parity != NULL) {
249 *pk_parity = tmp;
250 }
251 secp256k1_xonly_pubkey_save(pubkey, &pk);
252
253 return 1;
254}
255
286
287#endif
secp256k1_context * ctx
static int secp256k1_ecmult_context_is_built(const secp256k1_ecmult_context *ctx)
static int secp256k1_ecmult_gen_context_is_built(const secp256k1_ecmult_gen_context *ctx)
static int secp256k1_keypair_load(const secp256k1_context *ctx, secp256k1_scalar *sk, secp256k1_ge *pk, const secp256k1_keypair *keypair)
Definition main_impl.h:177
int secp256k1_keypair_create(const secp256k1_context *ctx, secp256k1_keypair *keypair, const unsigned char *seckey32)
Compute the keypair for a secret key.
Definition main_impl.h:197
static void secp256k1_keypair_save(secp256k1_keypair *keypair, const secp256k1_scalar *sk, secp256k1_ge *pk)
Definition main_impl.h:157
int secp256k1_keypair_xonly_tweak_add(const secp256k1_context *ctx, secp256k1_keypair *keypair, const unsigned char *tweak32)
Tweak a keypair by adding tweak32 to the secret key and updating the public key accordingly.
Definition main_impl.h:256
int secp256k1_xonly_pubkey_tweak_add_check(const secp256k1_context *ctx, const unsigned char *tweaked_pubkey32, int tweaked_pk_parity, const secp256k1_xonly_pubkey *internal_pubkey, const unsigned char *tweak32)
Checks that a tweaked pubkey is the result of calling secp256k1_xonly_pubkey_tweak_add with internal_...
Definition main_impl.h:135
int secp256k1_xonly_pubkey_tweak_add(const secp256k1_context *ctx, secp256k1_pubkey *output_pubkey, const secp256k1_xonly_pubkey *internal_pubkey, const unsigned char *tweak32)
Tweak an x-only public key by adding the generator multiplied with tweak32 to it.
Definition main_impl.h:117
int secp256k1_xonly_pubkey_serialize(const secp256k1_context *ctx, unsigned char *output32, const secp256k1_xonly_pubkey *pubkey)
Serialize an xonly_pubkey object into a 32-byte sequence.
Definition main_impl.h:43
int secp256k1_keypair_sec(const secp256k1_context *ctx, unsigned char *seckey, const secp256k1_keypair *keypair)
Get the secret key from a keypair.
Definition main_impl.h:215
int secp256k1_keypair_xonly_pub(const secp256k1_context *ctx, secp256k1_xonly_pubkey *pubkey, int *pk_parity, const secp256k1_keypair *keypair)
Get the x-only public key from a keypair.
Definition main_impl.h:235
static int secp256k1_keypair_seckey_load(const secp256k1_context *ctx, secp256k1_scalar *sk, const secp256k1_keypair *keypair)
Definition main_impl.h:163
int secp256k1_xonly_pubkey_from_pubkey(const secp256k1_context *ctx, secp256k1_xonly_pubkey *xonly_pubkey, int *pk_parity, const secp256k1_pubkey *pubkey)
Converts a secp256k1_pubkey into a secp256k1_xonly_pubkey.
Definition main_impl.h:98
int secp256k1_keypair_pub(const secp256k1_context *ctx, secp256k1_pubkey *pubkey, const secp256k1_keypair *keypair)
Get the public key from a keypair.
Definition main_impl.h:225
int secp256k1_xonly_pubkey_parse(const secp256k1_context *ctx, secp256k1_xonly_pubkey *pubkey, const unsigned char *input32)
Parse a 32-byte sequence into a xonly_pubkey object.
Definition main_impl.h:21
static SECP256K1_INLINE void secp256k1_xonly_pubkey_save(secp256k1_xonly_pubkey *pubkey, secp256k1_ge *ge)
Definition main_impl.h:17
static SECP256K1_INLINE int secp256k1_xonly_pubkey_load(const secp256k1_context *ctx, secp256k1_ge *ge, const secp256k1_xonly_pubkey *pubkey)
Definition main_impl.h:13
static int secp256k1_extrakeys_ge_even_y(secp256k1_ge *r)
Keeps a group element as is if it has an even Y and otherwise negates it.
Definition main_impl.h:87
int secp256k1_xonly_pubkey_cmp(const secp256k1_context *ctx, const secp256k1_xonly_pubkey *pk0, const secp256k1_xonly_pubkey *pk1)
Compare two x-only public keys using lexicographic order.
Definition main_impl.h:58
static void secp256k1_fe_normalize_var(secp256k1_fe *r)
Normalize a field element, without constant-time guarantee.
static void secp256k1_fe_negate(secp256k1_fe *r, const secp256k1_fe *a, int m)
Set a field element equal to the additive inverse of another.
static int secp256k1_fe_is_odd(const secp256k1_fe *a)
Check the "oddness" of a field element.
static int secp256k1_fe_set_b32(secp256k1_fe *r, const unsigned char *a)
Set a field element equal to 32-byte big endian value.
static void secp256k1_fe_get_b32(unsigned char *r, const secp256k1_fe *a)
Convert a field element to a 32-byte big endian value.
static int secp256k1_ge_set_xo_var(secp256k1_ge *r, const secp256k1_fe *x, int odd)
Set a group element (affine) equal to the point with the given X coordinate, and given oddness for Y.
static int secp256k1_ge_is_in_correct_subgroup(const secp256k1_ge *ge)
Determine if a point (which is assumed to be on the curve) is in the correct (sub)group of the curve.
static int secp256k1_ge_is_infinity(const secp256k1_ge *a)
Check whether a group element is the point at infinity.
static const secp256k1_ge secp256k1_ge_const_g
Generator for secp256k1, value 'g' defined in "Standards for Efficient Cryptography" (SEC2) 2....
Definition group_impl.h:52
T GetRand(T nMax=std::numeric_limits< T >::max()) noexcept
Generate a uniform random integer of type T in the range [0..nMax) nMax defaults to std::numeric_limi...
Definition random.h:85
static int secp256k1_scalar_set_b32_seckey(secp256k1_scalar *r, const unsigned char *bin)
Set a scalar from a big endian byte array and returns 1 if it is a valid seckey and 0 otherwise.
static void secp256k1_scalar_get_b32(unsigned char *bin, const secp256k1_scalar *a)
Convert a scalar to a byte array.
static void secp256k1_scalar_negate(secp256k1_scalar *r, const secp256k1_scalar *a)
Compute the complement of a scalar (modulo the group order).
static void secp256k1_scalar_clear(secp256k1_scalar *r)
Clear a scalar to prevent the leak of sensitive data.
static const secp256k1_scalar secp256k1_scalar_one
Definition scalar_impl.h:31
static SECP256K1_INLINE int secp256k1_memcmp_var(const void *s1, const void *s2, size_t n)
Semantics like memcmp.
Definition util.h:224
#define VERIFY_CHECK(cond)
Definition util.h:68
static SECP256K1_INLINE void secp256k1_memczero(void *s, size_t len, int flag)
Definition util.h:205
static int secp256k1_ec_seckey_tweak_add_helper(secp256k1_scalar *sec, const unsigned char *tweak32)
Definition secp256k1.c:652
#define ARG_CHECK(cond)
Definition secp256k1.c:28
static int secp256k1_ec_pubkey_create_helper(const secp256k1_ecmult_gen_context *ecmult_gen_ctx, secp256k1_scalar *seckey_scalar, secp256k1_ge *p, const unsigned char *seckey)
Definition secp256k1.c:587
static int secp256k1_ec_pubkey_tweak_add_helper(const secp256k1_ecmult_context *ecmult_ctx, secp256k1_ge *p, const unsigned char *tweak32)
Definition secp256k1.c:683
static SECP256K1_INLINE void secp256k1_declassify(const secp256k1_context *ctx, const void *p, size_t len)
Definition secp256k1.c:235
static int secp256k1_pubkey_load(const secp256k1_context *ctx, secp256k1_ge *ge, const secp256k1_pubkey *pubkey)
Definition secp256k1.c:245
static void secp256k1_pubkey_save(secp256k1_pubkey *pubkey, secp256k1_ge *ge)
Definition secp256k1.c:264
#define SECP256K1_INLINE
Definition secp256k1.h:127
secp256k1_ecmult_gen_context ecmult_gen_ctx
Definition secp256k1.c:71
secp256k1_ecmult_context ecmult_ctx
Definition secp256k1.c:70
A group element of the secp256k1 curve, in affine coordinates.
Definition group.h:13
secp256k1_fe x
Definition group.h:14
secp256k1_fe y
Definition group.h:15
Opaque data structure that holds a keypair consisting of a secret and a public key.
Opaque data structure that holds a parsed and valid public key.
Definition secp256k1.h:70
unsigned char data[64]
Definition secp256k1.h:71
A scalar modulo the group order of the secp256k1 curve.
Definition scalar_4x64.h:13
Opaque data structure that holds a parsed and valid "x-only" public key.