Documentation ¶
Index ¶
- func GetE(curve elliptic.Curve, m []byte, Px, Py *big.Int, rX []byte) *big.Int
- func GetK(curve elliptic.Curve, Ry, k0 *big.Int) *big.Int
- func GetK0(m []byte, d []byte, N *big.Int) (*big.Int, error)
- func IntToByte(i *big.Int) []byte
- func Sign(prv *ecdsa.PrivateKey, m []byte) (*big.Int, *big.Int, error)
- func Verify(pub *ecdsa.PublicKey, m []byte, r *big.Int, s *big.Int) bool
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Sign ¶
Sign -- signature with Schnorr, returning a 64 byte signature. https://github.com/sipa/bips/blob/bip-schnorr/bip-schnorr.mediawiki#signing Input:
The secret key d: an integer in the range [1..n-1]. The message m: a 32-byte array
To sign m for public key dG:
Let k' = int(hash(bytes(d) || m)) mod n Fail if k' = 0 Let R = k'G Let k = k' if jacobi(y(R)) = 1, otherwise let k = n - k' Let e = int(hash(bytes(x(R)) || bytes(dG) || m)) mod n The signature is bytes(x(R)) || bytes((k + ed) mod n)
func Verify ¶
Verify -- verify the signature against the public key. https://github.com/sipa/bips/blob/bip-schnorr/bip-schnorr.mediawiki#verification Input:
The public key pk: a 33-byte array The message m: a 32-byte array
A signature sig: a 64-byte array
The signature is valid if and only if the algorithm below does not fail Let P = point(pk); fail if point(pk) fails Let r = int(sig[0:32]); fail if r ≥ p Let s = int(sig[32:64]); fail if s ≥ n Let e = int(hash(bytes(r) || bytes(P) || m)) mod n Let R = sG - eP Fail if infinite(R) Fail if jacobi(y(R)) ≠ 1 or x(R) ≠ r
Types ¶
This section is empty.
Click to show internal directories.
Click to hide internal directories.