Bitcoin Core  27.99.0
P2P Digital Currency
Functions | Variables
pubkey.cpp File Reference
#include <pubkey.h>
#include <hash.h>
#include <secp256k1.h>
#include <secp256k1_ellswift.h>
#include <secp256k1_extrakeys.h>
#include <secp256k1_recovery.h>
#include <secp256k1_schnorrsig.h>
#include <span.h>
#include <uint256.h>
#include <util/strencodings.h>
#include <algorithm>
#include <cassert>
Include dependency graph for pubkey.cpp:

Go to the source code of this file.

Functions

int ecdsa_signature_parse_der_lax (secp256k1_ecdsa_signature *sig, const unsigned char *input, size_t inputlen)
 This function is taken from the libsecp256k1 distribution and implements DER parsing for ECDSA signatures, while supporting an arbitrary subset of format violations. More...
 

Variables

static const std::vector< unsigned char > NUMS_H_DATA {ParseHex("50929b74c1a04954b78b4b6035e97a5e078a5a0f28ec96d547bfee9ace803ac0")}
 Nothing Up My Sleeve (NUMS) point. More...
 
static const HashWriter HASHER_TAPTWEAK {TaggedHash("TapTweak")}
 

Function Documentation

◆ ecdsa_signature_parse_der_lax()

int ecdsa_signature_parse_der_lax ( secp256k1_ecdsa_signature sig,
const unsigned char *  input,
size_t  inputlen 
)

This function is taken from the libsecp256k1 distribution and implements DER parsing for ECDSA signatures, while supporting an arbitrary subset of format violations.

Supported violations include negative integers, excessive padding, garbage at the end, and overly long length descriptors. This is safe to use in Bitcoin because since the activation of BIP66, signatures are verified to be strict DER before being passed to this module, and we know it supports all violations present in the blockchain before that point.

Definition at line 43 of file pubkey.cpp.

Here is the call graph for this function:
Here is the caller graph for this function:

Variable Documentation

◆ HASHER_TAPTWEAK

const HashWriter HASHER_TAPTWEAK {TaggedHash("TapTweak")}
static

Definition at line 240 of file pubkey.cpp.

◆ NUMS_H_DATA

const std::vector<unsigned char> NUMS_H_DATA {ParseHex("50929b74c1a04954b78b4b6035e97a5e078a5a0f28ec96d547bfee9ace803ac0")}
static

Nothing Up My Sleeve (NUMS) point.

NUMS_H is a point with an unknown discrete logarithm, constructed by taking the sha256 of 'g' (uncompressed encoding), which happens to be a point on the curve.

For an example script for calculating H, refer to the unit tests in ./test/functional/test_framework/crypto/secp256k1.py

Definition at line 193 of file pubkey.cpp.

Generated on Sat Jul 27 2024 02:44:54 for Bitcoin Core by doxygen 1.9.1