frost/secp256k1-zkp
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

examples: let musig use random.h instead of /dev/urandom

Browse Source
This commit is contained in:
Jonas Nick 2022-03-31 13:38:30 +00:00
parent eccba5b4e5
commit 645d9c53c4
1 changed files with 11 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
examples/musig.c
View File

@ -18,6 +18,8 @@
#include <secp256k1_schnorrsig.h> #include <secp256k1_schnorrsig.h>
#include <secp256k1_musig.h> #include <secp256k1_musig.h>
#include "random.h"
struct signer_secrets { struct signer_secrets {
secp256k1_keypair keypair; secp256k1_keypair keypair;
secp256k1_musig_secnonce secnonce; secp256k1_musig_secnonce secnonce;
@ -34,20 +36,14 @@ struct signer {
/* Create a key pair, store it in signer_secrets->keypair and signer->pubkey */ /* Create a key pair, store it in signer_secrets->keypair and signer->pubkey */
int create_keypair(const secp256k1_context* ctx, struct signer_secrets *signer_secrets, struct signer *signer) { int create_keypair(const secp256k1_context* ctx, struct signer_secrets *signer_secrets, struct signer *signer) {
unsigned char seckey[32]; unsigned char seckey[32];
FILE *frand = fopen("/dev/urandom", "r"); while (1) {
if (frand == NULL) { if (!fill_random(seckey, sizeof(seckey))) {
return 0; printf("Failed to generate randomness\n");
} return 1;
do { }
if(!fread(seckey, sizeof(seckey), 1, frand)) { if (secp256k1_keypair_create(ctx, &signer_secrets->keypair, seckey)) {
fclose(frand); break;
return 0; }
}
/* The probability that this not a valid secret key is approximately 2^-128 */
} while (!secp256k1_ec_seckey_verify(ctx, seckey));
fclose(frand);
if (!secp256k1_keypair_create(ctx, &signer_secrets->keypair, seckey)) {
return 0;
} }
if (!secp256k1_keypair_xonly_pub(ctx, &signer->pubkey, NULL, &signer_secrets->keypair)) { if (!secp256k1_keypair_xonly_pub(ctx, &signer->pubkey, NULL, &signer_secrets->keypair)) {
return 0; return 0;
@ -103,21 +99,14 @@ int sign(const secp256k1_context* ctx, struct signer_secrets *signer_secrets, st
secp256k1_musig_session session; secp256k1_musig_session session;
for (i = 0; i < N_SIGNERS; i++) { for (i = 0; i < N_SIGNERS; i++) {
FILE *frand;
unsigned char seckey[32]; unsigned char seckey[32];
unsigned char session_id[32]; unsigned char session_id[32];
/* Create random session ID. It is absolutely necessary that the session ID /* Create random session ID. It is absolutely necessary that the session ID
* is unique for every call of secp256k1_musig_nonce_gen. Otherwise * is unique for every call of secp256k1_musig_nonce_gen. Otherwise
* it's trivial for an attacker to extract the secret key! */ * it's trivial for an attacker to extract the secret key! */
frand = fopen("/dev/urandom", "r"); if (!fill_random(session_id, sizeof(session_id))) {
if(frand == NULL) {
return 0; return 0;
} }
if (!fread(session_id, 32, 1, frand)) {
fclose(frand);
return 0;
}
fclose(frand);
if (!secp256k1_keypair_sec(ctx, seckey, &signer_secrets[i].keypair)) { if (!secp256k1_keypair_sec(ctx, seckey, &signer_secrets[i].keypair)) {
return 0; return 0;
} }