Make pubkeys, set_xo, ... ge instead of gej
This commit is contained in:
Pieter Wuille
@@ -17,22 +17,22 @@ void static secp256k1_ecdsa_sig_free(secp256k1_ecdsa_sig_t *r) {
|
||||
secp256k1_num_free(&r->s);
|
||||
}
|
||||
|
||||
int static secp256k1_ecdsa_pubkey_parse(secp256k1_gej_t *elem, const unsigned char *pub, int size) {
|
||||
int static secp256k1_ecdsa_pubkey_parse(secp256k1_ge_t *elem, const unsigned char *pub, int size) {
|
||||
if (size == 33 && (pub[0] == 0x02 || pub[0] == 0x03)) {
|
||||
secp256k1_fe_t x;
|
||||
secp256k1_fe_set_b32(&x, pub+1);
|
||||
secp256k1_gej_set_xo(elem, &x, pub[0] == 0x03);
|
||||
secp256k1_ge_set_xo(elem, &x, pub[0] == 0x03);
|
||||
} else if (size == 65 && (pub[0] == 0x04 || pub[0] == 0x06 || pub[0] == 0x07)) {
|
||||
secp256k1_fe_t x, y;
|
||||
secp256k1_fe_set_b32(&x, pub+1);
|
||||
secp256k1_fe_set_b32(&y, pub+33);
|
||||
secp256k1_gej_set_xy(elem, &x, &y);
|
||||
secp256k1_ge_set_xy(elem, &x, &y);
|
||||
if ((pub[0] == 0x06 || pub[0] == 0x07) && secp256k1_fe_is_odd(&y) != (pub[0] == 0x07))
|
||||
return 0;
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
return secp256k1_gej_is_valid(elem);
|
||||
return secp256k1_ge_is_valid(elem);
|
||||
}
|
||||
|
||||
int static secp256k1_ecdsa_sig_parse(secp256k1_ecdsa_sig_t *r, const unsigned char *sig, int size) {
|
||||
@@ -72,7 +72,7 @@ int static secp256k1_ecdsa_sig_serialize(unsigned char *sig, int *size, const se
|
||||
return 1;
|
||||
}
|
||||
|
||||
int static secp256k1_ecdsa_sig_recompute(secp256k1_num_t *r2, const secp256k1_ecdsa_sig_t *sig, const secp256k1_gej_t *pubkey, const secp256k1_num_t *message) {
|
||||
int static secp256k1_ecdsa_sig_recompute(secp256k1_num_t *r2, const secp256k1_ecdsa_sig_t *sig, const secp256k1_ge_t *pubkey, const secp256k1_num_t *message) {
|
||||
const secp256k1_ge_consts_t *c = secp256k1_ge_consts;
|
||||
|
||||
if (secp256k1_num_is_neg(&sig->r) || secp256k1_num_is_neg(&sig->s))
|
||||
@@ -90,7 +90,8 @@ int static secp256k1_ecdsa_sig_recompute(secp256k1_num_t *r2, const secp256k1_ec
|
||||
secp256k1_num_mod_inverse(&sn, &sig->s, &c->order);
|
||||
secp256k1_num_mod_mul(&u1, &sn, message, &c->order);
|
||||
secp256k1_num_mod_mul(&u2, &sn, &sig->r, &c->order);
|
||||
secp256k1_gej_t pr; secp256k1_ecmult(&pr, pubkey, &u2, &u1);
|
||||
secp256k1_gej_t pubkeyj; secp256k1_gej_set_ge(&pubkeyj, pubkey);
|
||||
secp256k1_gej_t pr; secp256k1_ecmult(&pr, &pubkeyj, &u2, &u1);
|
||||
if (!secp256k1_gej_is_infinity(&pr)) {
|
||||
secp256k1_fe_t xr; secp256k1_gej_get_x(&xr, &pr);
|
||||
secp256k1_fe_normalize(&xr);
|
||||
@@ -105,7 +106,7 @@ int static secp256k1_ecdsa_sig_recompute(secp256k1_num_t *r2, const secp256k1_ec
|
||||
return ret;
|
||||
}
|
||||
|
||||
int static secp256k1_ecdsa_sig_verify(const secp256k1_ecdsa_sig_t *sig, const secp256k1_gej_t *pubkey, const secp256k1_num_t *message) {
|
||||
int static secp256k1_ecdsa_sig_verify(const secp256k1_ecdsa_sig_t *sig, const secp256k1_ge_t *pubkey, const secp256k1_num_t *message) {
|
||||
secp256k1_num_t r2;
|
||||
secp256k1_num_init(&r2);
|
||||
int ret = 0;
|
||||
|
||||
@@ -73,7 +73,7 @@ void static secp256k1_gej_set_xy(secp256k1_gej_t *r, const secp256k1_fe_t *x, co
|
||||
secp256k1_fe_set_int(&r->z, 1);
|
||||
}
|
||||
|
||||
void static secp256k1_gej_set_xo(secp256k1_gej_t *r, const secp256k1_fe_t *x, int odd) {
|
||||
void static secp256k1_ge_set_xo(secp256k1_ge_t *r, const secp256k1_fe_t *x, int odd) {
|
||||
r->x = *x;
|
||||
secp256k1_fe_t x2; secp256k1_fe_sqr(&x2, x);
|
||||
secp256k1_fe_t x3; secp256k1_fe_mul(&x3, x, &x2);
|
||||
@@ -81,7 +81,6 @@ void static secp256k1_gej_set_xo(secp256k1_gej_t *r, const secp256k1_fe_t *x, in
|
||||
secp256k1_fe_t c; secp256k1_fe_set_int(&c, 7);
|
||||
secp256k1_fe_add(&c, &x3);
|
||||
secp256k1_fe_sqrt(&r->y, &c);
|
||||
secp256k1_fe_set_int(&r->z, 1);
|
||||
secp256k1_fe_normalize(&r->y);
|
||||
if (secp256k1_fe_is_odd(&r->y) != odd)
|
||||
secp256k1_fe_negate(&r->y, &r->y, 1);
|
||||
@@ -130,6 +129,19 @@ int static secp256k1_gej_is_valid(const secp256k1_gej_t *a) {
|
||||
return secp256k1_fe_equal(&y2, &x3);
|
||||
}
|
||||
|
||||
int static secp256k1_ge_is_valid(const secp256k1_ge_t *a) {
|
||||
if (a->infinity)
|
||||
return 0;
|
||||
// y^2 = x^3 + 7
|
||||
secp256k1_fe_t y2; secp256k1_fe_sqr(&y2, &a->y);
|
||||
secp256k1_fe_t x3; secp256k1_fe_sqr(&x3, &a->x); secp256k1_fe_mul(&x3, &x3, &a->x);
|
||||
secp256k1_fe_t c; secp256k1_fe_set_int(&c, 7);
|
||||
secp256k1_fe_add(&x3, &c);
|
||||
secp256k1_fe_normalize(&y2);
|
||||
secp256k1_fe_normalize(&x3);
|
||||
return secp256k1_fe_equal(&y2, &x3);
|
||||
}
|
||||
|
||||
void static secp256k1_gej_double(secp256k1_gej_t *r, const secp256k1_gej_t *a) {
|
||||
secp256k1_fe_t t5 = a->y;
|
||||
secp256k1_fe_normalize(&t5);
|
||||
|
||||
Reference in New Issue
Block a user