joshua/dash-docs
1
0
Fork 0
mirror of https://github.com/seigler/dash-docs synced 2025-07-27 09:46:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
dash-docs/en/doxygen/html/ecdsa__impl_8h.html

512 lines
27 KiB
HTML
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
<meta name="generator" content="Doxygen 1.8.14"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<title>Dash Core: src/secp256k1/src/ecdsa_impl.h File Reference</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="dynsections.js"></script>
<link href="navtree.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="resize.js"></script>
<script type="text/javascript" src="navtreedata.js"></script>
<script type="text/javascript" src="navtree.js"></script>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
$(document).ready(initResizable);
/* @license-end */</script>
<link href="search/search.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="search/searchdata.js"></script>
<script type="text/javascript" src="search/search.js"></script>
<link href="doxygen.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
<tbody>
<tr style="height: 56px;">
<td id="projectlogo"><img alt="Logo" src="bitcoin_logo_doxygen.png"/></td>
<td id="projectalign" style="padding-left: 0.5em;">
<div id="projectname">Dash Core
&#160;<span id="projectnumber">0.12.2.1</span>
</div>
<div id="projectbrief">P2P Digital Currency</div>
</td>
</tr>
</tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.8.14 -->
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
var searchBox = new SearchBox("searchBox", "search",false,'Search');
/* @license-end */
</script>
<script type="text/javascript" src="menudata.js"></script>
<script type="text/javascript" src="menu.js"></script>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
$(function() {
initMenu('',true,false,'search.php','Search');
$(document).ready(function() { init_search(); });
});
/* @license-end */</script>
<div id="main-nav"></div>
</div><!-- top -->
<div id="side-nav" class="ui-resizable side-nav-resizable">
<div id="nav-tree">
<div id="nav-tree-contents">
<div id="nav-sync" class="sync"></div>
</div>
</div>
<div id="splitbar" style="-moz-user-select:none;"
class="ui-resizable-handle">
</div>
</div>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
$(document).ready(function(){initNavTree('ecdsa__impl_8h.html','');});
/* @license-end */
</script>
<div id="doc-content">
<!-- window showing the filter options -->
<div id="MSearchSelectWindow"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
onkeydown="return searchBox.OnSearchSelectKey(event)">
</div>
<!-- iframe showing the search results (closed by default) -->
<div id="MSearchResultsWindow">
<iframe src="javascript:void(0)" frameborder="0"
name="MSearchResults" id="MSearchResults">
</iframe>
</div>
<div class="header">
<div class="summary">
<a href="#func-members">Functions</a> &#124;
<a href="#var-members">Variables</a> </div>
<div class="headertitle">
<div class="title">ecdsa_impl.h File Reference</div> </div>
</div><!--header-->
<div class="contents">
<div class="textblock"><code>#include &quot;<a class="el" href="scalar_8h_source.html">scalar.h</a>&quot;</code><br />
<code>#include &quot;<a class="el" href="field_8h_source.html">field.h</a>&quot;</code><br />
<code>#include &quot;<a class="el" href="group_8h_source.html">group.h</a>&quot;</code><br />
<code>#include &quot;<a class="el" href="ecmult_8h_source.html">ecmult.h</a>&quot;</code><br />
<code>#include &quot;<a class="el" href="ecmult__gen_8h_source.html">ecmult_gen.h</a>&quot;</code><br />
<code>#include &quot;<a class="el" href="ecdsa_8h_source.html">ecdsa.h</a>&quot;</code><br />
</div>
<p><a href="ecdsa__impl_8h_source.html">Go to the source code of this file.</a></p>
<table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="func-members"></a>
Functions</h2></td></tr>
<tr class="memitem:a77ce85411873130e59bc88f17c81b49c"><td class="memItemLeft" align="right" valign="top">static int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="ecdsa__impl_8h.html#a77ce85411873130e59bc88f17c81b49c">secp256k1_der_read_len</a> (const unsigned char **sigp, const unsigned char *sigend)</td></tr>
<tr class="separator:a77ce85411873130e59bc88f17c81b49c"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a701c7cf2fd0fa52c2e3301f719f3fe4a"><td class="memItemLeft" align="right" valign="top">static int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="ecdsa__impl_8h.html#a701c7cf2fd0fa52c2e3301f719f3fe4a">secp256k1_der_parse_integer</a> (<a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *r, const unsigned char **sig, const unsigned char *sigend)</td></tr>
<tr class="separator:a701c7cf2fd0fa52c2e3301f719f3fe4a"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:af5f863608f65607ecc117a594448baf1"><td class="memItemLeft" align="right" valign="top">static int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="ecdsa__impl_8h.html#af5f863608f65607ecc117a594448baf1">secp256k1_ecdsa_sig_parse</a> (<a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *rr, <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *rs, const unsigned char *sig, size_t size)</td></tr>
<tr class="separator:af5f863608f65607ecc117a594448baf1"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a6c508d97dd87ab97fa01e9abac597a53"><td class="memItemLeft" align="right" valign="top">static int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="ecdsa__impl_8h.html#a6c508d97dd87ab97fa01e9abac597a53">secp256k1_ecdsa_sig_serialize</a> (unsigned char *sig, size_t *size, const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *ar, const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *as)</td></tr>
<tr class="separator:a6c508d97dd87ab97fa01e9abac597a53"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a3f5883c08cc865fd9a4ca3f6173b1c26"><td class="memItemLeft" align="right" valign="top">static int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="ecdsa__impl_8h.html#a3f5883c08cc865fd9a4ca3f6173b1c26">secp256k1_ecdsa_sig_verify</a> (const <a class="el" href="structsecp256k1__ecmult__context.html">secp256k1_ecmult_context</a> *<a class="el" href="tests_8c.html#a06a3e29ada83211a695a49e8f7405842">ctx</a>, const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *sigr, const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *sigs, const <a class="el" href="structsecp256k1__ge.html">secp256k1_ge</a> *pubkey, const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *message)</td></tr>
<tr class="separator:a3f5883c08cc865fd9a4ca3f6173b1c26"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a3eaa1b23550fa2ccf948e67f2c87a330"><td class="memItemLeft" align="right" valign="top">static int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="ecdsa__impl_8h.html#a3eaa1b23550fa2ccf948e67f2c87a330">secp256k1_ecdsa_sig_sign</a> (const <a class="el" href="structsecp256k1__ecmult__gen__context.html">secp256k1_ecmult_gen_context</a> *<a class="el" href="tests_8c.html#a06a3e29ada83211a695a49e8f7405842">ctx</a>, <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *sigr, <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *sigs, const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *seckey, const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *message, const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *nonce, int *recid)</td></tr>
<tr class="separator:a3eaa1b23550fa2ccf948e67f2c87a330"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="var-members"></a>
Variables</h2></td></tr>
<tr class="memitem:a46b45ada7a9487fc9ecda46927094f74"><td class="memItemLeft" align="right" valign="top">static const <a class="el" href="structsecp256k1__fe.html">secp256k1_fe</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="ecdsa__impl_8h.html#a46b45ada7a9487fc9ecda46927094f74">secp256k1_ecdsa_const_order_as_fe</a></td></tr>
<tr class="separator:a46b45ada7a9487fc9ecda46927094f74"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a2f1a533c601e3dfa234d2f860670d137"><td class="memItemLeft" align="right" valign="top">static const <a class="el" href="structsecp256k1__fe.html">secp256k1_fe</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="ecdsa__impl_8h.html#a2f1a533c601e3dfa234d2f860670d137">secp256k1_ecdsa_const_p_minus_order</a></td></tr>
<tr class="separator:a2f1a533c601e3dfa234d2f860670d137"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table>
<h2 class="groupheader">Function Documentation</h2>
<a id="a701c7cf2fd0fa52c2e3301f719f3fe4a"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a701c7cf2fd0fa52c2e3301f719f3fe4a">&#9670;&nbsp;</a></span>secp256k1_der_parse_integer()</h2>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname">static int secp256k1_der_parse_integer </td>
<td>(</td>
<td class="paramtype"><a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *&#160;</td>
<td class="paramname"><em>r</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const unsigned char **&#160;</td>
<td class="paramname"><em>sig</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const unsigned char *&#160;</td>
<td class="paramname"><em>sigend</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<p class="definition">Definition at line <a class="el" href="ecdsa__impl_8h_source.html#l00101">101</a> of file <a class="el" href="ecdsa__impl_8h_source.html">ecdsa_impl.h</a>.</p>
<p class="reference">Referenced by <a class="el" href="ecdsa__impl_8h_source.html#l00147">secp256k1_ecdsa_sig_parse()</a>.</p>
</div>
</div>
<a id="a77ce85411873130e59bc88f17c81b49c"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a77ce85411873130e59bc88f17c81b49c">&#9670;&nbsp;</a></span>secp256k1_der_read_len()</h2>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname">static int secp256k1_der_read_len </td>
<td>(</td>
<td class="paramtype">const unsigned char **&#160;</td>
<td class="paramname"><em>sigp</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const unsigned char *&#160;</td>
<td class="paramname"><em>sigend</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<p class="definition">Definition at line <a class="el" href="ecdsa__impl_8h_source.html#l00049">49</a> of file <a class="el" href="ecdsa__impl_8h_source.html">ecdsa_impl.h</a>.</p>
<p class="reference">Referenced by <a class="el" href="ecdsa__impl_8h_source.html#l00101">secp256k1_der_parse_integer()</a>, and <a class="el" href="ecdsa__impl_8h_source.html#l00147">secp256k1_ecdsa_sig_parse()</a>.</p>
</div>
</div>
<a id="af5f863608f65607ecc117a594448baf1"></a>
<h2 class="memtitle"><span class="permalink"><a href="#af5f863608f65607ecc117a594448baf1">&#9670;&nbsp;</a></span>secp256k1_ecdsa_sig_parse()</h2>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname">static int secp256k1_ecdsa_sig_parse </td>
<td>(</td>
<td class="paramtype"><a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *&#160;</td>
<td class="paramname"><em>rr</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *&#160;</td>
<td class="paramname"><em>rs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const unsigned char *&#160;</td>
<td class="paramname"><em>sig</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">size_t&#160;</td>
<td class="paramname"><em>size</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<p class="definition">Definition at line <a class="el" href="ecdsa__impl_8h_source.html#l00147">147</a> of file <a class="el" href="ecdsa__impl_8h_source.html">ecdsa_impl.h</a>.</p>
</div>
</div>
<a id="a6c508d97dd87ab97fa01e9abac597a53"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a6c508d97dd87ab97fa01e9abac597a53">&#9670;&nbsp;</a></span>secp256k1_ecdsa_sig_serialize()</h2>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname">static int secp256k1_ecdsa_sig_serialize </td>
<td>(</td>
<td class="paramtype">unsigned char *&#160;</td>
<td class="paramname"><em>sig</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">size_t *&#160;</td>
<td class="paramname"><em>size</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *&#160;</td>
<td class="paramname"><em>ar</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *&#160;</td>
<td class="paramname"><em>as</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<p class="definition">Definition at line <a class="el" href="ecdsa__impl_8h_source.html#l00179">179</a> of file <a class="el" href="ecdsa__impl_8h_source.html">ecdsa_impl.h</a>.</p>
</div>
</div>
<a id="a3eaa1b23550fa2ccf948e67f2c87a330"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a3eaa1b23550fa2ccf948e67f2c87a330">&#9670;&nbsp;</a></span>secp256k1_ecdsa_sig_sign()</h2>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname">static int secp256k1_ecdsa_sig_sign </td>
<td>(</td>
<td class="paramtype">const <a class="el" href="structsecp256k1__ecmult__gen__context.html">secp256k1_ecmult_gen_context</a> *&#160;</td>
<td class="paramname"><em>ctx</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *&#160;</td>
<td class="paramname"><em>sigr</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *&#160;</td>
<td class="paramname"><em>sigs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *&#160;</td>
<td class="paramname"><em>seckey</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *&#160;</td>
<td class="paramname"><em>message</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *&#160;</td>
<td class="paramname"><em>nonce</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">int *&#160;</td>
<td class="paramname"><em>recid</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<p class="definition">Definition at line <a class="el" href="ecdsa__impl_8h_source.html#l00257">257</a> of file <a class="el" href="ecdsa__impl_8h_source.html">ecdsa_impl.h</a>.</p>
</div>
</div>
<a id="a3f5883c08cc865fd9a4ca3f6173b1c26"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a3f5883c08cc865fd9a4ca3f6173b1c26">&#9670;&nbsp;</a></span>secp256k1_ecdsa_sig_verify()</h2>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname">static int secp256k1_ecdsa_sig_verify </td>
<td>(</td>
<td class="paramtype">const <a class="el" href="structsecp256k1__ecmult__context.html">secp256k1_ecmult_context</a> *&#160;</td>
<td class="paramname"><em>ctx</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *&#160;</td>
<td class="paramname"><em>sigr</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *&#160;</td>
<td class="paramname"><em>sigs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const <a class="el" href="structsecp256k1__ge.html">secp256k1_ge</a> *&#160;</td>
<td class="paramname"><em>pubkey</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *&#160;</td>
<td class="paramname"><em>message</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<p>We now have the recomputed R point in pr, and its claimed x coordinate (modulo n) in xr. Naively, we would extract the x coordinate from pr (requiring a inversion modulo p), compute the remainder modulo n, and compare it to xr. However: </p><pre class="fragment"> xr == X(pr) mod n
</pre><p> &lt;=&gt; exists h. (xr + h * n &lt; p &amp;&amp; xr + h * n == <a class="el" href="net_8cpp.html#a826edd40636cbaa44266b97c8c6a4fa3">X(pr)</a>) [Since 2 * n &gt; p, h can only be 0 or 1] &lt;=&gt; (xr == <a class="el" href="net_8cpp.html#a826edd40636cbaa44266b97c8c6a4fa3">X(pr)</a>) || (xr + n &lt; p &amp;&amp; xr + n == <a class="el" href="net_8cpp.html#a826edd40636cbaa44266b97c8c6a4fa3">X(pr)</a>) [In Jacobian coordinates, <a class="el" href="net_8cpp.html#a826edd40636cbaa44266b97c8c6a4fa3">X(pr)</a> is pr.x / pr.z^2 mod p] &lt;=&gt; (xr == pr.x / pr.z^2 mod p) || (xr + n &lt; p &amp;&amp; xr + n == pr.x / pr.z^2 mod p) [Multiplying both sides of the equations by pr.z^2 mod p] &lt;=&gt; (xr * pr.z^2 mod p == pr.x) || (xr + n &lt; p &amp;&amp; (xr + n) * pr.z^2 mod p == pr.x)</p>
<p>Thus, we can avoid the inversion, but we have to check both cases separately. secp256k1_gej_eq_x implements the (xr * pr.z^2 mod p == pr.x) test.</p>
<p class="definition">Definition at line <a class="el" href="ecdsa__impl_8h_source.html#l00203">203</a> of file <a class="el" href="ecdsa__impl_8h_source.html">ecdsa_impl.h</a>.</p>
</div>
</div>
<h2 class="groupheader">Variable Documentation</h2>
<a id="a46b45ada7a9487fc9ecda46927094f74"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a46b45ada7a9487fc9ecda46927094f74">&#9670;&nbsp;</a></span>secp256k1_ecdsa_const_order_as_fe</h2>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname">const <a class="el" href="structsecp256k1__fe.html">secp256k1_fe</a> secp256k1_ecdsa_const_order_as_fe</td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<b>Initial value:</b><div class="fragment"><div class="line">= <a class="code" href="field__10x26_8h.html#a8c00ba3d97ea0d9b0d461463e890de15">SECP256K1_FE_CONST</a>(</div><div class="line"> 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFEUL,</div><div class="line"> 0xBAAEDCE6UL, 0xAF48A03BUL, 0xBFD25E8CUL, 0xD0364141UL</div><div class="line">)</div><div class="ttc" id="field__10x26_8h_html_a8c00ba3d97ea0d9b0d461463e890de15"><div class="ttname"><a href="field__10x26_8h.html#a8c00ba3d97ea0d9b0d461463e890de15">SECP256K1_FE_CONST</a></div><div class="ttdeci">#define SECP256K1_FE_CONST(d7, d6, d5, d4, d3, d2, d1, d0)</div><div class="ttdef"><b>Definition:</b> <a href="field__10x26_8h_source.html#l00038">field_10x26.h:38</a></div></div>
</div><!-- fragment --><p>Group order for secp256k1 defined as 'n' in "Standards for Efficient Cryptography" (SEC2) 2.7.1 sage: for t in xrange(1023, -1, -1): .. p = 2**256 - 2**32 - t .. if p.is_prime(): .. print 'x'p .. break 'fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f' sage: a = 0 sage: b = 7 sage: F = FiniteField (p) sage: 'x' % (EllipticCurve ([F (a), F (b)]).order()) 'fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141' </p>
<p class="definition">Definition at line <a class="el" href="ecdsa__impl_8h_source.html#l00031">31</a> of file <a class="el" href="ecdsa__impl_8h_source.html">ecdsa_impl.h</a>.</p>
<p class="reference">Referenced by <a class="el" href="recovery_2main__impl_8h_source.html#l00087">secp256k1_ecdsa_sig_recover()</a>, and <a class="el" href="ecdsa__impl_8h_source.html#l00203">secp256k1_ecdsa_sig_verify()</a>.</p>
</div>
</div>
<a id="a2f1a533c601e3dfa234d2f860670d137"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a2f1a533c601e3dfa234d2f860670d137">&#9670;&nbsp;</a></span>secp256k1_ecdsa_const_p_minus_order</h2>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname">const <a class="el" href="structsecp256k1__fe.html">secp256k1_fe</a> secp256k1_ecdsa_const_p_minus_order</td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<b>Initial value:</b><div class="fragment"><div class="line">= <a class="code" href="field__10x26_8h.html#a8c00ba3d97ea0d9b0d461463e890de15">SECP256K1_FE_CONST</a>(</div><div class="line"> 0, 0, 0, 1, 0x45512319UL, 0x50B75FC4UL, 0x402DA172UL, 0x2FC9BAEEUL</div><div class="line">)</div><div class="ttc" id="field__10x26_8h_html_a8c00ba3d97ea0d9b0d461463e890de15"><div class="ttname"><a href="field__10x26_8h.html#a8c00ba3d97ea0d9b0d461463e890de15">SECP256K1_FE_CONST</a></div><div class="ttdeci">#define SECP256K1_FE_CONST(d7, d6, d5, d4, d3, d2, d1, d0)</div><div class="ttdef"><b>Definition:</b> <a href="field__10x26_8h_source.html#l00038">field_10x26.h:38</a></div></div>
</div><!-- fragment --><p>Difference between field and order, values 'p' and 'n' values defined in "Standards for Efficient Cryptography" (SEC2) 2.7.1. sage: p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F sage: a = 0 sage: b = 7 sage: F = FiniteField (p) sage: 'x' % (p - EllipticCurve ([F (a), F (b)]).order()) '14551231950b75fc4402da1722fc9baee' </p>
<p class="definition">Definition at line <a class="el" href="ecdsa__impl_8h_source.html#l00045">45</a> of file <a class="el" href="ecdsa__impl_8h_source.html">ecdsa_impl.h</a>.</p>
<p class="reference">Referenced by <a class="el" href="recovery_2main__impl_8h_source.html#l00087">secp256k1_ecdsa_sig_recover()</a>, and <a class="el" href="ecdsa__impl_8h_source.html#l00203">secp256k1_ecdsa_sig_verify()</a>.</p>
</div>
</div>
</div><!-- contents -->
</div><!-- doc-content -->
<!-- start footer part -->
<div id="nav-path" class="navpath"><!-- id is needed for treeview function! -->
<ul>
<li class="navelem"><a class="el" href="dir_68267d1309a1af8e8297ef4c3efbcdba.html">src</a></li><li class="navelem"><a class="el" href="dir_44f34d1e62fda08bdb4ca69ab2d205ae.html">secp256k1</a></li><li class="navelem"><a class="el" href="dir_8db2ef784512d48b2a7d00369dfaac28.html">src</a></li><li class="navelem"><a class="el" href="ecdsa__impl_8h.html">ecdsa_impl.h</a></li>
<li class="footer">Generated on Thu Dec 14 2017 13:15:11 for Dash Core by
<a href="http://www.doxygen.org/index.html">
<img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.8.14 </li>
</ul>
</div>
</body>
</html>
Reference in a new issue View git blame Copy permalink