Documentation
¶
Overview ¶
Package ecc provides an implementation of elliptic curves of short Weierstass form over finite fields, used for cryptography.
Index ¶
- Variables
- func CompressPublicKey(publicKey []byte) ([]byte, error)
- func DeserializePoint(serialized []byte) (x, y *big.Int, err error)
- func GetPublicKey(privateKey []byte, compressed bool) []byte
- func GetPublicKeyCompressed(privateKey []byte) []byte
- func GetPublicKeySchnorr(privateKey []byte) []byte
- func GetPublicKeyUncompressed(privateKey []byte) []byte
- func IsCompressedPublicKey(key []byte) bool
- func NewPrivateKey(random io.Reader) ([]byte, error)
- func SerializePoint(x, y *big.Int, compressed bool) []byte
- func SerializePointCompressed(x, y *big.Int) []byte
- func SerializePointUncompressed(x, y *big.Int) []byte
- func SharedSecret(priv, pubX, pubY *big.Int) []byte
- func SignECDSA(privateKey, messageHash []byte) (r, s *big.Int)
- func SignSchnorr(privateKey, messageHash, auxRand []byte) []byte
- func SumPrivateKeys(privateKeys ...[]byte) ([]byte, error)
- func SumPublicKeys(publicKeys ...[]byte) ([]byte, error)
- func UncompressPublicKey(publicKey []byte) ([]byte, error)
- func VerifyECDSA(pubBytes, messageHash []byte, r, s *big.Int) bool
- func VerifySchnorr(pubBytes, messageHash, sig []byte) bool
Constants ¶
This section is empty.
Variables ¶
Curve is the secp256k1 curve modeled as an elliptic.Curve interface.
var ErrPointNotOnCurve = errors.New("failed to deserialize point not on secp256k1 curve")
ErrPointNotOnCurve is returned upon deserializing an invalid point (one which does not satisfy the secp256k1 curve equation).
var Q = rfc6979.NewQ(ekliptic.Secp256k1_CurveOrder)
Functions ¶
func CompressPublicKey ¶
CompressPublicKey takes a given public key of any format, deserializes it, and re-encodes it in compressed format. Returns ErrPointNotOnCurve if the key is invalid.
func DeserializePoint ¶
DeserializePoint decodes the given serialized curve point, which should either be length 65 (uncompressed), 33 (compressed), or 32 (BIP-340 schnorr). Returns ErrPointNotOnCurve if the resulting point is not on the secp256k1 curve.
func GetPublicKey ¶
GetPublicKey returns the encoded public key for the given private key, with a boolean parameter to decide whether the output public key will be compressed or not.
func GetPublicKeyCompressed ¶
GetPublicKeyCompressed returns the 33-byte compressed public key of a given private key.
func GetPublicKeySchnorr ¶
GetPublicKeySchnorr returns the 32-byte encoded x coordinate of the public key belonging to the given private key.
func GetPublicKeyUncompressed ¶
GetPublicKeyUncompressed returns the 65-byte uncompressed public key of a given private key.
func IsCompressedPublicKey ¶
IsCompressedPublicKey returns true if the given byte slice appears to be a 33-byte compressed public key. It does not check whether the key encodes a valid secp256k1 point.
func NewPrivateKey ¶
NewPrivateKey generates a private key by reading data from a random source. This source should come from a secure high-entropy RNG like crypto/rand.Reader.
func SerializePoint ¶
SerializePoint serializes the given curve point in compressed format if compressed is true, otherwise it returns the uncompressed serialization.
func SerializePointCompressed ¶
SerializePointCompressed serializes the given curve point in 33-byte compressed format.
func SerializePointUncompressed ¶
SerializePointUncompressed serializes the given curve point in 65-byte uncompressed format.
func SharedSecret ¶
SharedSecret generates a shared secret based on a private key and a public key using Diffie-Hellman key exchange (ECDH) (RFC 4753). RFC5903 Section 9 states we should only return x.
func SignECDSA ¶
SignECDSA signs the given hash with the given private key d and returns the two components of the signature: r and s.
SignECDSA calculates the secret signature nonce value k deterministically using RFC6979.
func SignSchnorr ¶
SignSchnorr signs a given 32-byte messageHash with the given private key, using auxRand as the seed to derive a nonce value.
func SumPrivateKeys ¶
SumPrivateKeys combines any number of private keys together into one key which can form an aggregate signature.
Returns an error if any of the keys are not valid secp256k1 scalar values.
func SumPublicKeys ¶
SumPublicKeys combines any number of schnorr public keys together into one key which can be used to verify signatures aggregated from the component keys.
Returns an error if any of the keys are not schnorr public keys.
func UncompressPublicKey ¶
UncompressPublicKey takes a given public key of any format, deserializes it, and re-encodes it in uncompressed format. Returns ErrPointNotOnCurve if the key is invalid.
func VerifyECDSA ¶
VerifyECDSA calculates if the given signature (r, s) is a valid ECDSA signature on messageHash from the given public key. Note that non-canonical ECDSA signatures (where s > N/2) are acceptable.
func VerifySchnorr ¶
VerifySchnorr returns true if the given signature was made by the owner of the given public key on the given message hash.
Types ¶
This section is empty.
Source Files