go-ethereum: github.com/axiomzen/go-ethereum/crypto/secp256k1 Index | Files

package secp256k1

import "github.com/axiomzen/go-ethereum/crypto/secp256k1"

Package secp256k1 wraps the bitcoin secp256k1 C library.

Index

Package Files

curve.go panic_cb.go secp256.go

Variables

var (
    ErrInvalidMsgLen       = errors.New("invalid message length, need 32 bytes")
    ErrInvalidSignatureLen = errors.New("invalid signature length")
    ErrInvalidRecoveryID   = errors.New("invalid signature recovery id")
    ErrInvalidKey          = errors.New("invalid private key")
    ErrInvalidPubkey       = errors.New("invalid public key")
    ErrSignFailed          = errors.New("signing failed")
    ErrRecoverFailed       = errors.New("recovery failed")
)

func CompressPubkey Uses

func CompressPubkey(x, y *big.Int) []byte

CompressPubkey encodes a public key to 33-byte compressed format.

func DecompressPubkey Uses

func DecompressPubkey(pubkey []byte) (x, y *big.Int)

DecompressPubkey parses a public key in the 33-byte compressed format. It returns non-nil coordinates if the public key is valid.

func RecoverPubkey Uses

func RecoverPubkey(msg []byte, sig []byte) ([]byte, error)

RecoverPubkey returns the public key of the signer. msg must be the 32-byte hash of the message to be signed. sig must be a 65-byte compact ECDSA signature containing the recovery id as the last element.

func Sign Uses

func Sign(msg []byte, seckey []byte) ([]byte, error)

Sign creates a recoverable ECDSA signature. The produced signature is in the 65-byte [R || S || V] format where V is 0 or 1.

The caller is responsible for ensuring that msg cannot be chosen directly by an attacker. It is usually preferable to use a cryptographic hash function on any input before handing it to this function.

func VerifySignature Uses

func VerifySignature(pubkey, msg, signature []byte) bool

VerifySignature checks that the given pubkey created signature over message. The signature should be in [R || S] format.

type BitCurve Uses

type BitCurve struct {
    P       *big.Int // the order of the underlying field
    N       *big.Int // the order of the base point
    B       *big.Int // the constant of the BitCurve equation
    Gx, Gy  *big.Int // (x,y) of the base point
    BitSize int      // the size of the underlying field
}

A BitCurve represents a Koblitz Curve with a=0. See http://www.hyperelliptic.org/EFD/g1p/auto-shortw.html

func S256 Uses

func S256() *BitCurve

S256 returns a BitCurve which implements secp256k1.

func (*BitCurve) Add Uses

func (BitCurve *BitCurve) Add(x1, y1, x2, y2 *big.Int) (*big.Int, *big.Int)

Add returns the sum of (x1,y1) and (x2,y2)

func (*BitCurve) Double Uses

func (BitCurve *BitCurve) Double(x1, y1 *big.Int) (*big.Int, *big.Int)

Double returns 2*(x,y)

func (*BitCurve) IsOnCurve Uses

func (BitCurve *BitCurve) IsOnCurve(x, y *big.Int) bool

IsOnCurve returns true if the given (x,y) lies on the BitCurve.

func (*BitCurve) Marshal Uses

func (BitCurve *BitCurve) Marshal(x, y *big.Int) []byte

Marshal converts a point into the form specified in section 4.3.6 of ANSI X9.62.

func (*BitCurve) Params Uses

func (BitCurve *BitCurve) Params() *elliptic.CurveParams

func (*BitCurve) ScalarBaseMult Uses

func (BitCurve *BitCurve) ScalarBaseMult(k []byte) (*big.Int, *big.Int)

ScalarBaseMult returns k*G, where G is the base point of the group and k is an integer in big-endian form.

func (*BitCurve) ScalarMult Uses

func (BitCurve *BitCurve) ScalarMult(Bx, By *big.Int, scalar []byte) (*big.Int, *big.Int)

func (*BitCurve) Unmarshal Uses

func (BitCurve *BitCurve) Unmarshal(data []byte) (x, y *big.Int)

Unmarshal converts a point, serialised by Marshal, into an x, y pair. On error, x = nil.

Package secp256k1 imports 5 packages (graph). Updated 2019-07-06. Refresh now. Tools for package owners.