mirror of
https://github.com/seigler/dash-docs
synced 2025-07-27 17:56:16 +00:00
158 lines
63 KiB
HTML
158 lines
63 KiB
HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
|
|
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
|
|
<meta name="generator" content="Doxygen 1.8.14"/>
|
|
<meta name="viewport" content="width=device-width, initial-scale=1"/>
|
|
<title>Dash Core: src/secp256k1/src/ecdsa_impl.h Source File</title>
|
|
<link href="tabs.css" rel="stylesheet" type="text/css"/>
|
|
<script type="text/javascript" src="jquery.js"></script>
|
|
<script type="text/javascript" src="dynsections.js"></script>
|
|
<link href="navtree.css" rel="stylesheet" type="text/css"/>
|
|
<script type="text/javascript" src="resize.js"></script>
|
|
<script type="text/javascript" src="navtreedata.js"></script>
|
|
<script type="text/javascript" src="navtree.js"></script>
|
|
<script type="text/javascript">
|
|
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&dn=gpl-2.0.txt GPL-v2 */
|
|
$(document).ready(initResizable);
|
|
/* @license-end */</script>
|
|
<link href="search/search.css" rel="stylesheet" type="text/css"/>
|
|
<script type="text/javascript" src="search/searchdata.js"></script>
|
|
<script type="text/javascript" src="search/search.js"></script>
|
|
<link href="doxygen.css" rel="stylesheet" type="text/css" />
|
|
</head>
|
|
<body>
|
|
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
|
|
<div id="titlearea">
|
|
<table cellspacing="0" cellpadding="0">
|
|
<tbody>
|
|
<tr style="height: 56px;">
|
|
<td id="projectlogo"><img alt="Logo" src="bitcoin_logo_doxygen.png"/></td>
|
|
<td id="projectalign" style="padding-left: 0.5em;">
|
|
<div id="projectname">Dash Core
|
|
 <span id="projectnumber">0.12.2.1</span>
|
|
</div>
|
|
<div id="projectbrief">P2P Digital Currency</div>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
<!-- end header part -->
|
|
<!-- Generated by Doxygen 1.8.14 -->
|
|
<script type="text/javascript">
|
|
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&dn=gpl-2.0.txt GPL-v2 */
|
|
var searchBox = new SearchBox("searchBox", "search",false,'Search');
|
|
/* @license-end */
|
|
</script>
|
|
<script type="text/javascript" src="menudata.js"></script>
|
|
<script type="text/javascript" src="menu.js"></script>
|
|
<script type="text/javascript">
|
|
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&dn=gpl-2.0.txt GPL-v2 */
|
|
$(function() {
|
|
initMenu('',true,false,'search.php','Search');
|
|
$(document).ready(function() { init_search(); });
|
|
});
|
|
/* @license-end */</script>
|
|
<div id="main-nav"></div>
|
|
</div><!-- top -->
|
|
<div id="side-nav" class="ui-resizable side-nav-resizable">
|
|
<div id="nav-tree">
|
|
<div id="nav-tree-contents">
|
|
<div id="nav-sync" class="sync"></div>
|
|
</div>
|
|
</div>
|
|
<div id="splitbar" style="-moz-user-select:none;"
|
|
class="ui-resizable-handle">
|
|
</div>
|
|
</div>
|
|
<script type="text/javascript">
|
|
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&dn=gpl-2.0.txt GPL-v2 */
|
|
$(document).ready(function(){initNavTree('ecdsa__impl_8h_source.html','');});
|
|
/* @license-end */
|
|
</script>
|
|
<div id="doc-content">
|
|
<!-- window showing the filter options -->
|
|
<div id="MSearchSelectWindow"
|
|
onmouseover="return searchBox.OnSearchSelectShow()"
|
|
onmouseout="return searchBox.OnSearchSelectHide()"
|
|
onkeydown="return searchBox.OnSearchSelectKey(event)">
|
|
</div>
|
|
|
|
<!-- iframe showing the search results (closed by default) -->
|
|
<div id="MSearchResultsWindow">
|
|
<iframe src="javascript:void(0)" frameborder="0"
|
|
name="MSearchResults" id="MSearchResults">
|
|
</iframe>
|
|
</div>
|
|
|
|
<div class="header">
|
|
<div class="headertitle">
|
|
<div class="title">ecdsa_impl.h</div> </div>
|
|
</div><!--header-->
|
|
<div class="contents">
|
|
<a href="ecdsa__impl_8h.html">Go to the documentation of this file.</a><div class="fragment"><div class="line"><a name="l00001"></a><span class="lineno"> 1</span> <span class="comment">/**********************************************************************</span></div><div class="line"><a name="l00002"></a><span class="lineno"> 2</span> <span class="comment"> * Copyright (c) 2013-2015 Pieter Wuille *</span></div><div class="line"><a name="l00003"></a><span class="lineno"> 3</span> <span class="comment"> * Distributed under the MIT software license, see the accompanying *</span></div><div class="line"><a name="l00004"></a><span class="lineno"> 4</span> <span class="comment"> * file COPYING or http://www.opensource.org/licenses/mit-license.php.*</span></div><div class="line"><a name="l00005"></a><span class="lineno"> 5</span> <span class="comment"> **********************************************************************/</span></div><div class="line"><a name="l00006"></a><span class="lineno"> 6</span> </div><div class="line"><a name="l00007"></a><span class="lineno"> 7</span> </div><div class="line"><a name="l00008"></a><span class="lineno"> 8</span> <span class="preprocessor">#ifndef _SECP256K1_ECDSA_IMPL_H_</span></div><div class="line"><a name="l00009"></a><span class="lineno"> 9</span> <span class="preprocessor">#define _SECP256K1_ECDSA_IMPL_H_</span></div><div class="line"><a name="l00010"></a><span class="lineno"> 10</span> </div><div class="line"><a name="l00011"></a><span class="lineno"> 11</span> <span class="preprocessor">#include "<a class="code" href="scalar_8h.html">scalar.h</a>"</span></div><div class="line"><a name="l00012"></a><span class="lineno"> 12</span> <span class="preprocessor">#include "<a class="code" href="field_8h.html">field.h</a>"</span></div><div class="line"><a name="l00013"></a><span class="lineno"> 13</span> <span class="preprocessor">#include "<a class="code" href="group_8h.html">group.h</a>"</span></div><div class="line"><a name="l00014"></a><span class="lineno"> 14</span> <span class="preprocessor">#include "<a class="code" href="ecmult_8h.html">ecmult.h</a>"</span></div><div class="line"><a name="l00015"></a><span class="lineno"> 15</span> <span class="preprocessor">#include "<a class="code" href="ecmult__gen_8h.html">ecmult_gen.h</a>"</span></div><div class="line"><a name="l00016"></a><span class="lineno"> 16</span> <span class="preprocessor">#include "<a class="code" href="ecdsa_8h.html">ecdsa.h</a>"</span></div><div class="line"><a name="l00017"></a><span class="lineno"> 17</span> </div><div class="line"><a name="l00031"></a><span class="lineno"><a class="line" href="ecdsa__impl_8h.html#a46b45ada7a9487fc9ecda46927094f74"> 31</a></span> <span class="keyword">static</span> <span class="keyword">const</span> <a class="code" href="structsecp256k1__fe.html">secp256k1_fe</a> <a class="code" href="ecdsa__impl_8h.html#a46b45ada7a9487fc9ecda46927094f74">secp256k1_ecdsa_const_order_as_fe</a> = <a class="code" href="field__10x26_8h.html#a8c00ba3d97ea0d9b0d461463e890de15">SECP256K1_FE_CONST</a>(</div><div class="line"><a name="l00032"></a><span class="lineno"> 32</span>  0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFEUL,</div><div class="line"><a name="l00033"></a><span class="lineno"> 33</span>  0xBAAEDCE6UL, 0xAF48A03BUL, 0xBFD25E8CUL, 0xD0364141UL</div><div class="line"><a name="l00034"></a><span class="lineno"> 34</span> );</div><div class="line"><a name="l00035"></a><span class="lineno"> 35</span> </div><div class="line"><a name="l00045"></a><span class="lineno"><a class="line" href="ecdsa__impl_8h.html#a2f1a533c601e3dfa234d2f860670d137"> 45</a></span> <span class="keyword">static</span> <span class="keyword">const</span> <a class="code" href="structsecp256k1__fe.html">secp256k1_fe</a> <a class="code" href="ecdsa__impl_8h.html#a2f1a533c601e3dfa234d2f860670d137">secp256k1_ecdsa_const_p_minus_order</a> = <a class="code" href="field__10x26_8h.html#a8c00ba3d97ea0d9b0d461463e890de15">SECP256K1_FE_CONST</a>(</div><div class="line"><a name="l00046"></a><span class="lineno"> 46</span>  0, 0, 0, 1, 0x45512319UL, 0x50B75FC4UL, 0x402DA172UL, 0x2FC9BAEEUL</div><div class="line"><a name="l00047"></a><span class="lineno"> 47</span> );</div><div class="line"><a name="l00048"></a><span class="lineno"> 48</span> </div><div class="line"><a name="l00049"></a><span class="lineno"><a class="line" href="ecdsa__impl_8h.html#a77ce85411873130e59bc88f17c81b49c"> 49</a></span> <span class="keyword">static</span> <span class="keywordtype">int</span> <a class="code" href="ecdsa__impl_8h.html#a77ce85411873130e59bc88f17c81b49c">secp256k1_der_read_len</a>(<span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> **sigp, <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *sigend) {</div><div class="line"><a name="l00050"></a><span class="lineno"> 50</span>  <span class="keywordtype">int</span> lenleft, b1;</div><div class="line"><a name="l00051"></a><span class="lineno"> 51</span>  <span class="keywordtype">size_t</span> ret = 0;</div><div class="line"><a name="l00052"></a><span class="lineno"> 52</span>  <span class="keywordflow">if</span> (*sigp >= sigend) {</div><div class="line"><a name="l00053"></a><span class="lineno"> 53</span>  <span class="keywordflow">return</span> -1;</div><div class="line"><a name="l00054"></a><span class="lineno"> 54</span>  }</div><div class="line"><a name="l00055"></a><span class="lineno"> 55</span>  b1 = *((*sigp)++);</div><div class="line"><a name="l00056"></a><span class="lineno"> 56</span>  <span class="keywordflow">if</span> (b1 == 0xFF) {</div><div class="line"><a name="l00057"></a><span class="lineno"> 57</span>  <span class="comment">/* X.690-0207 8.1.3.5.c the value 0xFF shall not be used. */</span></div><div class="line"><a name="l00058"></a><span class="lineno"> 58</span>  <span class="keywordflow">return</span> -1;</div><div class="line"><a name="l00059"></a><span class="lineno"> 59</span>  }</div><div class="line"><a name="l00060"></a><span class="lineno"> 60</span>  <span class="keywordflow">if</span> ((b1 & 0x80) == 0) {</div><div class="line"><a name="l00061"></a><span class="lineno"> 61</span>  <span class="comment">/* X.690-0207 8.1.3.4 short form length octets */</span></div><div class="line"><a name="l00062"></a><span class="lineno"> 62</span>  <span class="keywordflow">return</span> b1;</div><div class="line"><a name="l00063"></a><span class="lineno"> 63</span>  }</div><div class="line"><a name="l00064"></a><span class="lineno"> 64</span>  <span class="keywordflow">if</span> (b1 == 0x80) {</div><div class="line"><a name="l00065"></a><span class="lineno"> 65</span>  <span class="comment">/* Indefinite length is not allowed in DER. */</span></div><div class="line"><a name="l00066"></a><span class="lineno"> 66</span>  <span class="keywordflow">return</span> -1;</div><div class="line"><a name="l00067"></a><span class="lineno"> 67</span>  }</div><div class="line"><a name="l00068"></a><span class="lineno"> 68</span>  <span class="comment">/* X.690-207 8.1.3.5 long form length octets */</span></div><div class="line"><a name="l00069"></a><span class="lineno"> 69</span>  lenleft = b1 & 0x7F;</div><div class="line"><a name="l00070"></a><span class="lineno"> 70</span>  <span class="keywordflow">if</span> (lenleft > sigend - *sigp) {</div><div class="line"><a name="l00071"></a><span class="lineno"> 71</span>  <span class="keywordflow">return</span> -1;</div><div class="line"><a name="l00072"></a><span class="lineno"> 72</span>  }</div><div class="line"><a name="l00073"></a><span class="lineno"> 73</span>  <span class="keywordflow">if</span> (**sigp == 0) {</div><div class="line"><a name="l00074"></a><span class="lineno"> 74</span>  <span class="comment">/* Not the shortest possible length encoding. */</span></div><div class="line"><a name="l00075"></a><span class="lineno"> 75</span>  <span class="keywordflow">return</span> -1;</div><div class="line"><a name="l00076"></a><span class="lineno"> 76</span>  }</div><div class="line"><a name="l00077"></a><span class="lineno"> 77</span>  <span class="keywordflow">if</span> ((<span class="keywordtype">size_t</span>)lenleft > <span class="keyword">sizeof</span>(size_t)) {</div><div class="line"><a name="l00078"></a><span class="lineno"> 78</span>  <span class="comment">/* The resulting length would exceed the range of a size_t, so</span></div><div class="line"><a name="l00079"></a><span class="lineno"> 79</span> <span class="comment"> * certainly longer than the passed array size.</span></div><div class="line"><a name="l00080"></a><span class="lineno"> 80</span> <span class="comment"> */</span></div><div class="line"><a name="l00081"></a><span class="lineno"> 81</span>  <span class="keywordflow">return</span> -1;</div><div class="line"><a name="l00082"></a><span class="lineno"> 82</span>  }</div><div class="line"><a name="l00083"></a><span class="lineno"> 83</span>  <span class="keywordflow">while</span> (lenleft > 0) {</div><div class="line"><a name="l00084"></a><span class="lineno"> 84</span>  <span class="keywordflow">if</span> ((ret >> ((<span class="keyword">sizeof</span>(<span class="keywordtype">size_t</span>) - 1) * 8)) != 0) {</div><div class="line"><a name="l00085"></a><span class="lineno"> 85</span>  }</div><div class="line"><a name="l00086"></a><span class="lineno"> 86</span>  ret = (ret << 8) | **sigp;</div><div class="line"><a name="l00087"></a><span class="lineno"> 87</span>  <span class="keywordflow">if</span> (ret + lenleft > (<span class="keywordtype">size_t</span>)(sigend - *sigp)) {</div><div class="line"><a name="l00088"></a><span class="lineno"> 88</span>  <span class="comment">/* Result exceeds the length of the passed array. */</span></div><div class="line"><a name="l00089"></a><span class="lineno"> 89</span>  <span class="keywordflow">return</span> -1;</div><div class="line"><a name="l00090"></a><span class="lineno"> 90</span>  }</div><div class="line"><a name="l00091"></a><span class="lineno"> 91</span>  (*sigp)++;</div><div class="line"><a name="l00092"></a><span class="lineno"> 92</span>  lenleft--;</div><div class="line"><a name="l00093"></a><span class="lineno"> 93</span>  }</div><div class="line"><a name="l00094"></a><span class="lineno"> 94</span>  <span class="keywordflow">if</span> (ret < 128) {</div><div class="line"><a name="l00095"></a><span class="lineno"> 95</span>  <span class="comment">/* Not the shortest possible length encoding. */</span></div><div class="line"><a name="l00096"></a><span class="lineno"> 96</span>  <span class="keywordflow">return</span> -1;</div><div class="line"><a name="l00097"></a><span class="lineno"> 97</span>  }</div><div class="line"><a name="l00098"></a><span class="lineno"> 98</span>  <span class="keywordflow">return</span> ret;</div><div class="line"><a name="l00099"></a><span class="lineno"> 99</span> }</div><div class="line"><a name="l00100"></a><span class="lineno"> 100</span> </div><div class="line"><a name="l00101"></a><span class="lineno"><a class="line" href="ecdsa__impl_8h.html#a701c7cf2fd0fa52c2e3301f719f3fe4a"> 101</a></span> <span class="keyword">static</span> <span class="keywordtype">int</span> <a class="code" href="ecdsa__impl_8h.html#a701c7cf2fd0fa52c2e3301f719f3fe4a">secp256k1_der_parse_integer</a>(<a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *r, <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> **sig, <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *sigend) {</div><div class="line"><a name="l00102"></a><span class="lineno"> 102</span>  <span class="keywordtype">int</span> overflow = 0;</div><div class="line"><a name="l00103"></a><span class="lineno"> 103</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> ra[32] = {0};</div><div class="line"><a name="l00104"></a><span class="lineno"> 104</span>  <span class="keywordtype">int</span> rlen;</div><div class="line"><a name="l00105"></a><span class="lineno"> 105</span> </div><div class="line"><a name="l00106"></a><span class="lineno"> 106</span>  <span class="keywordflow">if</span> (*sig == sigend || **sig != 0x02) {</div><div class="line"><a name="l00107"></a><span class="lineno"> 107</span>  <span class="comment">/* Not a primitive integer (X.690-0207 8.3.1). */</span></div><div class="line"><a name="l00108"></a><span class="lineno"> 108</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00109"></a><span class="lineno"> 109</span>  }</div><div class="line"><a name="l00110"></a><span class="lineno"> 110</span>  (*sig)++;</div><div class="line"><a name="l00111"></a><span class="lineno"> 111</span>  rlen = <a class="code" href="ecdsa__impl_8h.html#a77ce85411873130e59bc88f17c81b49c">secp256k1_der_read_len</a>(sig, sigend);</div><div class="line"><a name="l00112"></a><span class="lineno"> 112</span>  <span class="keywordflow">if</span> (rlen <= 0 || (*sig) + rlen > sigend) {</div><div class="line"><a name="l00113"></a><span class="lineno"> 113</span>  <span class="comment">/* Exceeds bounds or not at least length 1 (X.690-0207 8.3.1). */</span></div><div class="line"><a name="l00114"></a><span class="lineno"> 114</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00115"></a><span class="lineno"> 115</span>  }</div><div class="line"><a name="l00116"></a><span class="lineno"> 116</span>  <span class="keywordflow">if</span> (**sig == 0x00 && rlen > 1 && (((*sig)[1]) & 0x80) == 0x00) {</div><div class="line"><a name="l00117"></a><span class="lineno"> 117</span>  <span class="comment">/* Excessive 0x00 padding. */</span></div><div class="line"><a name="l00118"></a><span class="lineno"> 118</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00119"></a><span class="lineno"> 119</span>  }</div><div class="line"><a name="l00120"></a><span class="lineno"> 120</span>  <span class="keywordflow">if</span> (**sig == 0xFF && rlen > 1 && (((*sig)[1]) & 0x80) == 0x80) {</div><div class="line"><a name="l00121"></a><span class="lineno"> 121</span>  <span class="comment">/* Excessive 0xFF padding. */</span></div><div class="line"><a name="l00122"></a><span class="lineno"> 122</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00123"></a><span class="lineno"> 123</span>  }</div><div class="line"><a name="l00124"></a><span class="lineno"> 124</span>  <span class="keywordflow">if</span> ((**sig & 0x80) == 0x80) {</div><div class="line"><a name="l00125"></a><span class="lineno"> 125</span>  <span class="comment">/* Negative. */</span></div><div class="line"><a name="l00126"></a><span class="lineno"> 126</span>  overflow = 1;</div><div class="line"><a name="l00127"></a><span class="lineno"> 127</span>  }</div><div class="line"><a name="l00128"></a><span class="lineno"> 128</span>  <span class="keywordflow">while</span> (rlen > 0 && **sig == 0) {</div><div class="line"><a name="l00129"></a><span class="lineno"> 129</span>  <span class="comment">/* Skip leading zero bytes */</span></div><div class="line"><a name="l00130"></a><span class="lineno"> 130</span>  rlen--;</div><div class="line"><a name="l00131"></a><span class="lineno"> 131</span>  (*sig)++;</div><div class="line"><a name="l00132"></a><span class="lineno"> 132</span>  }</div><div class="line"><a name="l00133"></a><span class="lineno"> 133</span>  <span class="keywordflow">if</span> (rlen > 32) {</div><div class="line"><a name="l00134"></a><span class="lineno"> 134</span>  overflow = 1;</div><div class="line"><a name="l00135"></a><span class="lineno"> 135</span>  }</div><div class="line"><a name="l00136"></a><span class="lineno"> 136</span>  <span class="keywordflow">if</span> (!overflow) {</div><div class="line"><a name="l00137"></a><span class="lineno"> 137</span>  <a class="code" href="glibc__compat_8cpp.html#a0f46826ab0466591e136db24394923cf">memcpy</a>(ra + 32 - rlen, *sig, rlen);</div><div class="line"><a name="l00138"></a><span class="lineno"> 138</span>  <a class="code" href="scalar_8h.html#a25cc2d45ae1d1765d07c3313cdf46fa0">secp256k1_scalar_set_b32</a>(r, ra, &overflow);</div><div class="line"><a name="l00139"></a><span class="lineno"> 139</span>  }</div><div class="line"><a name="l00140"></a><span class="lineno"> 140</span>  <span class="keywordflow">if</span> (overflow) {</div><div class="line"><a name="l00141"></a><span class="lineno"> 141</span>  <a class="code" href="scalar_8h.html#a41cb11650e4dea0fe7ac5b59b9fce9dc">secp256k1_scalar_set_int</a>(r, 0);</div><div class="line"><a name="l00142"></a><span class="lineno"> 142</span>  }</div><div class="line"><a name="l00143"></a><span class="lineno"> 143</span>  (*sig) += rlen;</div><div class="line"><a name="l00144"></a><span class="lineno"> 144</span>  <span class="keywordflow">return</span> 1;</div><div class="line"><a name="l00145"></a><span class="lineno"> 145</span> }</div><div class="line"><a name="l00146"></a><span class="lineno"> 146</span> </div><div class="line"><a name="l00147"></a><span class="lineno"><a class="line" href="ecdsa__impl_8h.html#af5f863608f65607ecc117a594448baf1"> 147</a></span> <span class="keyword">static</span> <span class="keywordtype">int</span> <a class="code" href="ecdsa__impl_8h.html#af5f863608f65607ecc117a594448baf1">secp256k1_ecdsa_sig_parse</a>(<a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *rr, <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *rs, <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *sig, <span class="keywordtype">size_t</span> size) {</div><div class="line"><a name="l00148"></a><span class="lineno"> 148</span>  <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *sigend = sig + size;</div><div class="line"><a name="l00149"></a><span class="lineno"> 149</span>  <span class="keywordtype">int</span> rlen;</div><div class="line"><a name="l00150"></a><span class="lineno"> 150</span>  <span class="keywordflow">if</span> (sig == sigend || *(sig++) != 0x30) {</div><div class="line"><a name="l00151"></a><span class="lineno"> 151</span>  <span class="comment">/* The encoding doesn't start with a constructed sequence (X.690-0207 8.9.1). */</span></div><div class="line"><a name="l00152"></a><span class="lineno"> 152</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00153"></a><span class="lineno"> 153</span>  }</div><div class="line"><a name="l00154"></a><span class="lineno"> 154</span>  rlen = <a class="code" href="ecdsa__impl_8h.html#a77ce85411873130e59bc88f17c81b49c">secp256k1_der_read_len</a>(&sig, sigend);</div><div class="line"><a name="l00155"></a><span class="lineno"> 155</span>  <span class="keywordflow">if</span> (rlen < 0 || sig + rlen > sigend) {</div><div class="line"><a name="l00156"></a><span class="lineno"> 156</span>  <span class="comment">/* Tuple exceeds bounds */</span></div><div class="line"><a name="l00157"></a><span class="lineno"> 157</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00158"></a><span class="lineno"> 158</span>  }</div><div class="line"><a name="l00159"></a><span class="lineno"> 159</span>  <span class="keywordflow">if</span> (sig + rlen != sigend) {</div><div class="line"><a name="l00160"></a><span class="lineno"> 160</span>  <span class="comment">/* Garbage after tuple. */</span></div><div class="line"><a name="l00161"></a><span class="lineno"> 161</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00162"></a><span class="lineno"> 162</span>  }</div><div class="line"><a name="l00163"></a><span class="lineno"> 163</span> </div><div class="line"><a name="l00164"></a><span class="lineno"> 164</span>  <span class="keywordflow">if</span> (!<a class="code" href="ecdsa__impl_8h.html#a701c7cf2fd0fa52c2e3301f719f3fe4a">secp256k1_der_parse_integer</a>(rr, &sig, sigend)) {</div><div class="line"><a name="l00165"></a><span class="lineno"> 165</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00166"></a><span class="lineno"> 166</span>  }</div><div class="line"><a name="l00167"></a><span class="lineno"> 167</span>  <span class="keywordflow">if</span> (!<a class="code" href="ecdsa__impl_8h.html#a701c7cf2fd0fa52c2e3301f719f3fe4a">secp256k1_der_parse_integer</a>(rs, &sig, sigend)) {</div><div class="line"><a name="l00168"></a><span class="lineno"> 168</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00169"></a><span class="lineno"> 169</span>  }</div><div class="line"><a name="l00170"></a><span class="lineno"> 170</span> </div><div class="line"><a name="l00171"></a><span class="lineno"> 171</span>  <span class="keywordflow">if</span> (sig != sigend) {</div><div class="line"><a name="l00172"></a><span class="lineno"> 172</span>  <span class="comment">/* Trailing garbage inside tuple. */</span></div><div class="line"><a name="l00173"></a><span class="lineno"> 173</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00174"></a><span class="lineno"> 174</span>  }</div><div class="line"><a name="l00175"></a><span class="lineno"> 175</span> </div><div class="line"><a name="l00176"></a><span class="lineno"> 176</span>  <span class="keywordflow">return</span> 1;</div><div class="line"><a name="l00177"></a><span class="lineno"> 177</span> }</div><div class="line"><a name="l00178"></a><span class="lineno"> 178</span> </div><div class="line"><a name="l00179"></a><span class="lineno"><a class="line" href="ecdsa__impl_8h.html#a6c508d97dd87ab97fa01e9abac597a53"> 179</a></span> <span class="keyword">static</span> <span class="keywordtype">int</span> <a class="code" href="ecdsa__impl_8h.html#a6c508d97dd87ab97fa01e9abac597a53">secp256k1_ecdsa_sig_serialize</a>(<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *sig, <span class="keywordtype">size_t</span> *size, <span class="keyword">const</span> <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a>* ar, <span class="keyword">const</span> <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a>* as) {</div><div class="line"><a name="l00180"></a><span class="lineno"> 180</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> r[33] = {0}, s[33] = {0};</div><div class="line"><a name="l00181"></a><span class="lineno"> 181</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *rp = r, *sp = s;</div><div class="line"><a name="l00182"></a><span class="lineno"> 182</span>  <span class="keywordtype">size_t</span> lenR = 33, lenS = 33;</div><div class="line"><a name="l00183"></a><span class="lineno"> 183</span>  <a class="code" href="scalar_8h.html#a4fa08f8af5a23f505b44c9ef1bec1831">secp256k1_scalar_get_b32</a>(&r[1], ar);</div><div class="line"><a name="l00184"></a><span class="lineno"> 184</span>  <a class="code" href="scalar_8h.html#a4fa08f8af5a23f505b44c9ef1bec1831">secp256k1_scalar_get_b32</a>(&s[1], as);</div><div class="line"><a name="l00185"></a><span class="lineno"> 185</span>  <span class="keywordflow">while</span> (lenR > 1 && rp[0] == 0 && rp[1] < 0x80) { lenR--; rp++; }</div><div class="line"><a name="l00186"></a><span class="lineno"> 186</span>  <span class="keywordflow">while</span> (lenS > 1 && sp[0] == 0 && sp[1] < 0x80) { lenS--; sp++; }</div><div class="line"><a name="l00187"></a><span class="lineno"> 187</span>  <span class="keywordflow">if</span> (*size < 6+lenS+lenR) {</div><div class="line"><a name="l00188"></a><span class="lineno"> 188</span>  *size = 6 + lenS + lenR;</div><div class="line"><a name="l00189"></a><span class="lineno"> 189</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00190"></a><span class="lineno"> 190</span>  }</div><div class="line"><a name="l00191"></a><span class="lineno"> 191</span>  *size = 6 + lenS + lenR;</div><div class="line"><a name="l00192"></a><span class="lineno"> 192</span>  sig[0] = 0x30;</div><div class="line"><a name="l00193"></a><span class="lineno"> 193</span>  sig[1] = 4 + lenS + lenR;</div><div class="line"><a name="l00194"></a><span class="lineno"> 194</span>  sig[2] = 0x02;</div><div class="line"><a name="l00195"></a><span class="lineno"> 195</span>  sig[3] = lenR;</div><div class="line"><a name="l00196"></a><span class="lineno"> 196</span>  <a class="code" href="glibc__compat_8cpp.html#a0f46826ab0466591e136db24394923cf">memcpy</a>(sig+4, rp, lenR);</div><div class="line"><a name="l00197"></a><span class="lineno"> 197</span>  sig[4+lenR] = 0x02;</div><div class="line"><a name="l00198"></a><span class="lineno"> 198</span>  sig[5+lenR] = lenS;</div><div class="line"><a name="l00199"></a><span class="lineno"> 199</span>  <a class="code" href="glibc__compat_8cpp.html#a0f46826ab0466591e136db24394923cf">memcpy</a>(sig+lenR+6, sp, lenS);</div><div class="line"><a name="l00200"></a><span class="lineno"> 200</span>  <span class="keywordflow">return</span> 1;</div><div class="line"><a name="l00201"></a><span class="lineno"> 201</span> }</div><div class="line"><a name="l00202"></a><span class="lineno"> 202</span> </div><div class="line"><a name="l00203"></a><span class="lineno"><a class="line" href="ecdsa__impl_8h.html#a3f5883c08cc865fd9a4ca3f6173b1c26"> 203</a></span> <span class="keyword">static</span> <span class="keywordtype">int</span> <a class="code" href="ecdsa__impl_8h.html#a3f5883c08cc865fd9a4ca3f6173b1c26">secp256k1_ecdsa_sig_verify</a>(<span class="keyword">const</span> <a class="code" href="structsecp256k1__ecmult__context.html">secp256k1_ecmult_context</a> *<a class="code" href="tests_8c.html#a06a3e29ada83211a695a49e8f7405842">ctx</a>, <span class="keyword">const</span> <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *sigr, <span class="keyword">const</span> <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *sigs, <span class="keyword">const</span> <a class="code" href="structsecp256k1__ge.html">secp256k1_ge</a> *pubkey, <span class="keyword">const</span> <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *message) {</div><div class="line"><a name="l00204"></a><span class="lineno"> 204</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> c[32];</div><div class="line"><a name="l00205"></a><span class="lineno"> 205</span>  <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> sn, u1, u2;</div><div class="line"><a name="l00206"></a><span class="lineno"> 206</span>  <a class="code" href="structsecp256k1__fe.html">secp256k1_fe</a> xr;</div><div class="line"><a name="l00207"></a><span class="lineno"> 207</span>  <a class="code" href="structsecp256k1__gej.html">secp256k1_gej</a> pubkeyj;</div><div class="line"><a name="l00208"></a><span class="lineno"> 208</span>  <a class="code" href="structsecp256k1__gej.html">secp256k1_gej</a> pr;</div><div class="line"><a name="l00209"></a><span class="lineno"> 209</span> </div><div class="line"><a name="l00210"></a><span class="lineno"> 210</span>  <span class="keywordflow">if</span> (<a class="code" href="scalar_8h.html#a3f0ac84fe49a1c1f51212582a2c149d4">secp256k1_scalar_is_zero</a>(sigr) || <a class="code" href="scalar_8h.html#a3f0ac84fe49a1c1f51212582a2c149d4">secp256k1_scalar_is_zero</a>(sigs)) {</div><div class="line"><a name="l00211"></a><span class="lineno"> 211</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00212"></a><span class="lineno"> 212</span>  }</div><div class="line"><a name="l00213"></a><span class="lineno"> 213</span> </div><div class="line"><a name="l00214"></a><span class="lineno"> 214</span>  <a class="code" href="scalar_8h.html#a58e84d0cabe81139df5c71759f833855">secp256k1_scalar_inverse_var</a>(&sn, sigs);</div><div class="line"><a name="l00215"></a><span class="lineno"> 215</span>  <a class="code" href="scalar_8h.html#a89db15f705c8eafcd10c08181523acd0">secp256k1_scalar_mul</a>(&u1, &sn, message);</div><div class="line"><a name="l00216"></a><span class="lineno"> 216</span>  <a class="code" href="scalar_8h.html#a89db15f705c8eafcd10c08181523acd0">secp256k1_scalar_mul</a>(&u2, &sn, sigr);</div><div class="line"><a name="l00217"></a><span class="lineno"> 217</span>  <a class="code" href="group_8h.html#ad5f813e26afb239f03e83f0e61e05498">secp256k1_gej_set_ge</a>(&pubkeyj, pubkey);</div><div class="line"><a name="l00218"></a><span class="lineno"> 218</span>  <a class="code" href="ecmult_8h.html#aacf8b6ba48671daf24d549adb176366c">secp256k1_ecmult</a>(<a class="code" href="tests_8c.html#a06a3e29ada83211a695a49e8f7405842">ctx</a>, &pr, &pubkeyj, &u2, &u1);</div><div class="line"><a name="l00219"></a><span class="lineno"> 219</span>  <span class="keywordflow">if</span> (<a class="code" href="group_8h.html#a33786d5853579c92d46fac51f6a40093">secp256k1_gej_is_infinity</a>(&pr)) {</div><div class="line"><a name="l00220"></a><span class="lineno"> 220</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00221"></a><span class="lineno"> 221</span>  }</div><div class="line"><a name="l00222"></a><span class="lineno"> 222</span>  <a class="code" href="scalar_8h.html#a4fa08f8af5a23f505b44c9ef1bec1831">secp256k1_scalar_get_b32</a>(c, sigr);</div><div class="line"><a name="l00223"></a><span class="lineno"> 223</span>  <a class="code" href="field_8h.html#a5c86a65052e3b135919c00fe2233a43d">secp256k1_fe_set_b32</a>(&xr, c);</div><div class="line"><a name="l00224"></a><span class="lineno"> 224</span> </div><div class="line"><a name="l00241"></a><span class="lineno"> 241</span>  <span class="keywordflow">if</span> (<a class="code" href="group_8h.html#aa32fc177f081f16d5979045d3632cf8b">secp256k1_gej_eq_x_var</a>(&xr, &pr)) {</div><div class="line"><a name="l00242"></a><span class="lineno"> 242</span>  <span class="comment">/* xr * pr.z^2 mod p == pr.x, so the signature is valid. */</span></div><div class="line"><a name="l00243"></a><span class="lineno"> 243</span>  <span class="keywordflow">return</span> 1;</div><div class="line"><a name="l00244"></a><span class="lineno"> 244</span>  }</div><div class="line"><a name="l00245"></a><span class="lineno"> 245</span>  <span class="keywordflow">if</span> (<a class="code" href="field_8h.html#af372f2088796ef5338bb43dbb6dd5277">secp256k1_fe_cmp_var</a>(&xr, &<a class="code" href="ecdsa__impl_8h.html#a2f1a533c601e3dfa234d2f860670d137">secp256k1_ecdsa_const_p_minus_order</a>) >= 0) {</div><div class="line"><a name="l00246"></a><span class="lineno"> 246</span>  <span class="comment">/* xr + n >= p, so we can skip testing the second case. */</span></div><div class="line"><a name="l00247"></a><span class="lineno"> 247</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00248"></a><span class="lineno"> 248</span>  }</div><div class="line"><a name="l00249"></a><span class="lineno"> 249</span>  <a class="code" href="field_8h.html#a7512f80b60598e4af89c004890880fc7">secp256k1_fe_add</a>(&xr, &<a class="code" href="ecdsa__impl_8h.html#a46b45ada7a9487fc9ecda46927094f74">secp256k1_ecdsa_const_order_as_fe</a>);</div><div class="line"><a name="l00250"></a><span class="lineno"> 250</span>  <span class="keywordflow">if</span> (<a class="code" href="group_8h.html#aa32fc177f081f16d5979045d3632cf8b">secp256k1_gej_eq_x_var</a>(&xr, &pr)) {</div><div class="line"><a name="l00251"></a><span class="lineno"> 251</span>  <span class="comment">/* (xr + n) * pr.z^2 mod p == pr.x, so the signature is valid. */</span></div><div class="line"><a name="l00252"></a><span class="lineno"> 252</span>  <span class="keywordflow">return</span> 1;</div><div class="line"><a name="l00253"></a><span class="lineno"> 253</span>  }</div><div class="line"><a name="l00254"></a><span class="lineno"> 254</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00255"></a><span class="lineno"> 255</span> }</div><div class="line"><a name="l00256"></a><span class="lineno"> 256</span> </div><div class="line"><a name="l00257"></a><span class="lineno"><a class="line" href="ecdsa__impl_8h.html#a3eaa1b23550fa2ccf948e67f2c87a330"> 257</a></span> <span class="keyword">static</span> <span class="keywordtype">int</span> <a class="code" href="ecdsa__impl_8h.html#a3eaa1b23550fa2ccf948e67f2c87a330">secp256k1_ecdsa_sig_sign</a>(<span class="keyword">const</span> <a class="code" href="structsecp256k1__ecmult__gen__context.html">secp256k1_ecmult_gen_context</a> *<a class="code" href="tests_8c.html#a06a3e29ada83211a695a49e8f7405842">ctx</a>, <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *sigr, <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *sigs, <span class="keyword">const</span> <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *seckey, <span class="keyword">const</span> <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *message, <span class="keyword">const</span> <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *nonce, <span class="keywordtype">int</span> *recid) {</div><div class="line"><a name="l00258"></a><span class="lineno"> 258</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> b[32];</div><div class="line"><a name="l00259"></a><span class="lineno"> 259</span>  <a class="code" href="structsecp256k1__gej.html">secp256k1_gej</a> rp;</div><div class="line"><a name="l00260"></a><span class="lineno"> 260</span>  <a class="code" href="structsecp256k1__ge.html">secp256k1_ge</a> r;</div><div class="line"><a name="l00261"></a><span class="lineno"> 261</span>  <a class="code" href="structsecp256k1__scalar.html">secp256k1_scalar</a> <a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a>;</div><div class="line"><a name="l00262"></a><span class="lineno"> 262</span>  <span class="keywordtype">int</span> overflow = 0;</div><div class="line"><a name="l00263"></a><span class="lineno"> 263</span> </div><div class="line"><a name="l00264"></a><span class="lineno"> 264</span>  <a class="code" href="ecmult__gen_8h.html#a5ed744c720cbb0a397c8d4c42c637f24">secp256k1_ecmult_gen</a>(<a class="code" href="tests_8c.html#a06a3e29ada83211a695a49e8f7405842">ctx</a>, &rp, nonce);</div><div class="line"><a name="l00265"></a><span class="lineno"> 265</span>  <a class="code" href="group_8h.html#aa511eebf8cd7419763f06555ed4fb62d">secp256k1_ge_set_gej</a>(&r, &rp);</div><div class="line"><a name="l00266"></a><span class="lineno"> 266</span>  <a class="code" href="field_8h.html#a8e925e94d5a7330d2ae68f6642d0c7b9">secp256k1_fe_normalize</a>(&r.<a class="code" href="structsecp256k1__ge.html#a3c04a97b606c82ea87e55d4a06f06b6e">x</a>);</div><div class="line"><a name="l00267"></a><span class="lineno"> 267</span>  <a class="code" href="field_8h.html#a8e925e94d5a7330d2ae68f6642d0c7b9">secp256k1_fe_normalize</a>(&r.<a class="code" href="structsecp256k1__ge.html#a604295983a1f4aa6e8b5b0f1e46f9ee0">y</a>);</div><div class="line"><a name="l00268"></a><span class="lineno"> 268</span>  <a class="code" href="field_8h.html#abb1017649be14b9ac1823be3c573e542">secp256k1_fe_get_b32</a>(b, &r.<a class="code" href="structsecp256k1__ge.html#a3c04a97b606c82ea87e55d4a06f06b6e">x</a>);</div><div class="line"><a name="l00269"></a><span class="lineno"> 269</span>  <a class="code" href="scalar_8h.html#a25cc2d45ae1d1765d07c3313cdf46fa0">secp256k1_scalar_set_b32</a>(sigr, b, &overflow);</div><div class="line"><a name="l00270"></a><span class="lineno"> 270</span>  <span class="keywordflow">if</span> (<a class="code" href="scalar_8h.html#a3f0ac84fe49a1c1f51212582a2c149d4">secp256k1_scalar_is_zero</a>(sigr)) {</div><div class="line"><a name="l00271"></a><span class="lineno"> 271</span>  <span class="comment">/* P.x = order is on the curve, so technically sig->r could end up zero, which would be an invalid signature.</span></div><div class="line"><a name="l00272"></a><span class="lineno"> 272</span> <span class="comment"> * This branch is cryptographically unreachable as hitting it requires finding the discrete log of P.x = N.</span></div><div class="line"><a name="l00273"></a><span class="lineno"> 273</span> <span class="comment"> */</span></div><div class="line"><a name="l00274"></a><span class="lineno"> 274</span>  <a class="code" href="group_8h.html#a2454dfbe1e75eba118d2c0a4184a9acc">secp256k1_gej_clear</a>(&rp);</div><div class="line"><a name="l00275"></a><span class="lineno"> 275</span>  <a class="code" href="group_8h.html#a34793cf48794f089bb28597d1a9f23b2">secp256k1_ge_clear</a>(&r);</div><div class="line"><a name="l00276"></a><span class="lineno"> 276</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00277"></a><span class="lineno"> 277</span>  }</div><div class="line"><a name="l00278"></a><span class="lineno"> 278</span>  <span class="keywordflow">if</span> (recid) {</div><div class="line"><a name="l00279"></a><span class="lineno"> 279</span>  <span class="comment">/* The overflow condition is cryptographically unreachable as hitting it requires finding the discrete log</span></div><div class="line"><a name="l00280"></a><span class="lineno"> 280</span> <span class="comment"> * of some P where P.x >= order, and only 1 in about 2^127 points meet this criteria.</span></div><div class="line"><a name="l00281"></a><span class="lineno"> 281</span> <span class="comment"> */</span></div><div class="line"><a name="l00282"></a><span class="lineno"> 282</span>  *recid = (overflow ? 2 : 0) | (<a class="code" href="field_8h.html#a4657d3eea1cc59c7a20cc2d19663bf02">secp256k1_fe_is_odd</a>(&r.<a class="code" href="structsecp256k1__ge.html#a604295983a1f4aa6e8b5b0f1e46f9ee0">y</a>) ? 1 : 0);</div><div class="line"><a name="l00283"></a><span class="lineno"> 283</span>  }</div><div class="line"><a name="l00284"></a><span class="lineno"> 284</span>  <a class="code" href="scalar_8h.html#a89db15f705c8eafcd10c08181523acd0">secp256k1_scalar_mul</a>(&<a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a>, sigr, seckey);</div><div class="line"><a name="l00285"></a><span class="lineno"> 285</span>  <a class="code" href="scalar_8h.html#a83257652850276cd74c7cdd1f9444d9c">secp256k1_scalar_add</a>(&<a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a>, &<a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a>, message);</div><div class="line"><a name="l00286"></a><span class="lineno"> 286</span>  <a class="code" href="scalar_8h.html#ac048cded7c9731249ada44d489a258d5">secp256k1_scalar_inverse</a>(sigs, nonce);</div><div class="line"><a name="l00287"></a><span class="lineno"> 287</span>  <a class="code" href="scalar_8h.html#a89db15f705c8eafcd10c08181523acd0">secp256k1_scalar_mul</a>(sigs, sigs, &<a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a>);</div><div class="line"><a name="l00288"></a><span class="lineno"> 288</span>  <a class="code" href="scalar_8h.html#ad8fb9bc2a828903963bf37806d8edd11">secp256k1_scalar_clear</a>(&<a class="code" href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">n</a>);</div><div class="line"><a name="l00289"></a><span class="lineno"> 289</span>  <a class="code" href="group_8h.html#a2454dfbe1e75eba118d2c0a4184a9acc">secp256k1_gej_clear</a>(&rp);</div><div class="line"><a name="l00290"></a><span class="lineno"> 290</span>  <a class="code" href="group_8h.html#a34793cf48794f089bb28597d1a9f23b2">secp256k1_ge_clear</a>(&r);</div><div class="line"><a name="l00291"></a><span class="lineno"> 291</span>  <span class="keywordflow">if</span> (<a class="code" href="scalar_8h.html#a3f0ac84fe49a1c1f51212582a2c149d4">secp256k1_scalar_is_zero</a>(sigs)) {</div><div class="line"><a name="l00292"></a><span class="lineno"> 292</span>  <span class="keywordflow">return</span> 0;</div><div class="line"><a name="l00293"></a><span class="lineno"> 293</span>  }</div><div class="line"><a name="l00294"></a><span class="lineno"> 294</span>  <span class="keywordflow">if</span> (<a class="code" href="scalar_8h.html#aab66620cbbe49bec3c7c02f4a1219c05">secp256k1_scalar_is_high</a>(sigs)) {</div><div class="line"><a name="l00295"></a><span class="lineno"> 295</span>  <a class="code" href="scalar_8h.html#aa3f1c1d4536adf835ee256878c222968">secp256k1_scalar_negate</a>(sigs, sigs);</div><div class="line"><a name="l00296"></a><span class="lineno"> 296</span>  <span class="keywordflow">if</span> (recid) {</div><div class="line"><a name="l00297"></a><span class="lineno"> 297</span>  *recid ^= 1;</div><div class="line"><a name="l00298"></a><span class="lineno"> 298</span>  }</div><div class="line"><a name="l00299"></a><span class="lineno"> 299</span>  }</div><div class="line"><a name="l00300"></a><span class="lineno"> 300</span>  <span class="keywordflow">return</span> 1;</div><div class="line"><a name="l00301"></a><span class="lineno"> 301</span> }</div><div class="line"><a name="l00302"></a><span class="lineno"> 302</span> </div><div class="line"><a name="l00303"></a><span class="lineno"> 303</span> <span class="preprocessor">#endif</span></div><div class="ttc" id="scalar_8h_html_a89db15f705c8eafcd10c08181523acd0"><div class="ttname"><a href="scalar_8h.html#a89db15f705c8eafcd10c08181523acd0">secp256k1_scalar_mul</a></div><div class="ttdeci">static void secp256k1_scalar_mul(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b)</div></div>
|
|
<div class="ttc" id="group_8h_html_a33786d5853579c92d46fac51f6a40093"><div class="ttname"><a href="group_8h.html#a33786d5853579c92d46fac51f6a40093">secp256k1_gej_is_infinity</a></div><div class="ttdeci">static int secp256k1_gej_is_infinity(const secp256k1_gej *a)</div></div>
|
|
<div class="ttc" id="structsecp256k1__fe_html"><div class="ttname"><a href="structsecp256k1__fe.html">secp256k1_fe</a></div><div class="ttdef"><b>Definition:</b> <a href="field__10x26_8h_source.html#l00012">field_10x26.h:12</a></div></div>
|
|
<div class="ttc" id="ecmult__gen_8h_html_a5ed744c720cbb0a397c8d4c42c637f24"><div class="ttname"><a href="ecmult__gen_8h.html#a5ed744c720cbb0a397c8d4c42c637f24">secp256k1_ecmult_gen</a></div><div class="ttdeci">static void secp256k1_ecmult_gen(const secp256k1_ecmult_gen_context *ctx, secp256k1_gej *r, const secp256k1_scalar *a)</div></div>
|
|
<div class="ttc" id="ecdsa__impl_8h_html_a3f5883c08cc865fd9a4ca3f6173b1c26"><div class="ttname"><a href="ecdsa__impl_8h.html#a3f5883c08cc865fd9a4ca3f6173b1c26">secp256k1_ecdsa_sig_verify</a></div><div class="ttdeci">static int secp256k1_ecdsa_sig_verify(const secp256k1_ecmult_context *ctx, const secp256k1_scalar *sigr, const secp256k1_scalar *sigs, const secp256k1_ge *pubkey, const secp256k1_scalar *message)</div><div class="ttdef"><b>Definition:</b> <a href="ecdsa__impl_8h_source.html#l00203">ecdsa_impl.h:203</a></div></div>
|
|
<div class="ttc" id="ecdsa__impl_8h_html_a3eaa1b23550fa2ccf948e67f2c87a330"><div class="ttname"><a href="ecdsa__impl_8h.html#a3eaa1b23550fa2ccf948e67f2c87a330">secp256k1_ecdsa_sig_sign</a></div><div class="ttdeci">static int secp256k1_ecdsa_sig_sign(const secp256k1_ecmult_gen_context *ctx, secp256k1_scalar *sigr, secp256k1_scalar *sigs, const secp256k1_scalar *seckey, const secp256k1_scalar *message, const secp256k1_scalar *nonce, int *recid)</div><div class="ttdef"><b>Definition:</b> <a href="ecdsa__impl_8h_source.html#l00257">ecdsa_impl.h:257</a></div></div>
|
|
<div class="ttc" id="group_8h_html"><div class="ttname"><a href="group_8h.html">group.h</a></div></div>
|
|
<div class="ttc" id="ecdsa_8h_html"><div class="ttname"><a href="ecdsa_8h.html">ecdsa.h</a></div></div>
|
|
<div class="ttc" id="scalar_8h_html_aa3f1c1d4536adf835ee256878c222968"><div class="ttname"><a href="scalar_8h.html#aa3f1c1d4536adf835ee256878c222968">secp256k1_scalar_negate</a></div><div class="ttdeci">static void secp256k1_scalar_negate(secp256k1_scalar *r, const secp256k1_scalar *a)</div></div>
|
|
<div class="ttc" id="scalar_8h_html_a3f0ac84fe49a1c1f51212582a2c149d4"><div class="ttname"><a href="scalar_8h.html#a3f0ac84fe49a1c1f51212582a2c149d4">secp256k1_scalar_is_zero</a></div><div class="ttdeci">static int secp256k1_scalar_is_zero(const secp256k1_scalar *a)</div></div>
|
|
<div class="ttc" id="ecdsa__impl_8h_html_a6c508d97dd87ab97fa01e9abac597a53"><div class="ttname"><a href="ecdsa__impl_8h.html#a6c508d97dd87ab97fa01e9abac597a53">secp256k1_ecdsa_sig_serialize</a></div><div class="ttdeci">static int secp256k1_ecdsa_sig_serialize(unsigned char *sig, size_t *size, const secp256k1_scalar *ar, const secp256k1_scalar *as)</div><div class="ttdef"><b>Definition:</b> <a href="ecdsa__impl_8h_source.html#l00179">ecdsa_impl.h:179</a></div></div>
|
|
<div class="ttc" id="ecmult_8h_html_aacf8b6ba48671daf24d549adb176366c"><div class="ttname"><a href="ecmult_8h.html#aacf8b6ba48671daf24d549adb176366c">secp256k1_ecmult</a></div><div class="ttdeci">static void secp256k1_ecmult(const secp256k1_ecmult_context *ctx, secp256k1_gej *r, const secp256k1_gej *a, const secp256k1_scalar *na, const secp256k1_scalar *ng)</div></div>
|
|
<div class="ttc" id="scalar_8h_html_a25cc2d45ae1d1765d07c3313cdf46fa0"><div class="ttname"><a href="scalar_8h.html#a25cc2d45ae1d1765d07c3313cdf46fa0">secp256k1_scalar_set_b32</a></div><div class="ttdeci">static void secp256k1_scalar_set_b32(secp256k1_scalar *r, const unsigned char *bin, int *overflow)</div></div>
|
|
<div class="ttc" id="structsecp256k1__gej_html"><div class="ttname"><a href="structsecp256k1__gej.html">secp256k1_gej</a></div><div class="ttdef"><b>Definition:</b> <a href="group_8h_source.html#l00024">group.h:24</a></div></div>
|
|
<div class="ttc" id="ecdsa__impl_8h_html_a46b45ada7a9487fc9ecda46927094f74"><div class="ttname"><a href="ecdsa__impl_8h.html#a46b45ada7a9487fc9ecda46927094f74">secp256k1_ecdsa_const_order_as_fe</a></div><div class="ttdeci">static const secp256k1_fe secp256k1_ecdsa_const_order_as_fe</div><div class="ttdef"><b>Definition:</b> <a href="ecdsa__impl_8h_source.html#l00031">ecdsa_impl.h:31</a></div></div>
|
|
<div class="ttc" id="field__10x26_8h_html_a8c00ba3d97ea0d9b0d461463e890de15"><div class="ttname"><a href="field__10x26_8h.html#a8c00ba3d97ea0d9b0d461463e890de15">SECP256K1_FE_CONST</a></div><div class="ttdeci">#define SECP256K1_FE_CONST(d7, d6, d5, d4, d3, d2, d1, d0)</div><div class="ttdef"><b>Definition:</b> <a href="field__10x26_8h_source.html#l00038">field_10x26.h:38</a></div></div>
|
|
<div class="ttc" id="ecdsa__impl_8h_html_af5f863608f65607ecc117a594448baf1"><div class="ttname"><a href="ecdsa__impl_8h.html#af5f863608f65607ecc117a594448baf1">secp256k1_ecdsa_sig_parse</a></div><div class="ttdeci">static int secp256k1_ecdsa_sig_parse(secp256k1_scalar *rr, secp256k1_scalar *rs, const unsigned char *sig, size_t size)</div><div class="ttdef"><b>Definition:</b> <a href="ecdsa__impl_8h_source.html#l00147">ecdsa_impl.h:147</a></div></div>
|
|
<div class="ttc" id="field_8h_html_a7512f80b60598e4af89c004890880fc7"><div class="ttname"><a href="field_8h.html#a7512f80b60598e4af89c004890880fc7">secp256k1_fe_add</a></div><div class="ttdeci">static void secp256k1_fe_add(secp256k1_fe *r, const secp256k1_fe *a)</div></div>
|
|
<div class="ttc" id="field_8h_html_a4657d3eea1cc59c7a20cc2d19663bf02"><div class="ttname"><a href="field_8h.html#a4657d3eea1cc59c7a20cc2d19663bf02">secp256k1_fe_is_odd</a></div><div class="ttdeci">static int secp256k1_fe_is_odd(const secp256k1_fe *a)</div></div>
|
|
<div class="ttc" id="ecdsa__impl_8h_html_a77ce85411873130e59bc88f17c81b49c"><div class="ttname"><a href="ecdsa__impl_8h.html#a77ce85411873130e59bc88f17c81b49c">secp256k1_der_read_len</a></div><div class="ttdeci">static int secp256k1_der_read_len(const unsigned char **sigp, const unsigned char *sigend)</div><div class="ttdef"><b>Definition:</b> <a href="ecdsa__impl_8h_source.html#l00049">ecdsa_impl.h:49</a></div></div>
|
|
<div class="ttc" id="namespacefix-copyright-headers_html_aed10e06fbf20b2e50f73ff2d61f59e45"><div class="ttname"><a href="namespacefix-copyright-headers.html#aed10e06fbf20b2e50f73ff2d61f59e45">fix-copyright-headers.n</a></div><div class="ttdeci">int n</div><div class="ttdef"><b>Definition:</b> <a href="fix-copyright-headers_8py_source.html#l00046">fix-copyright-headers.py:46</a></div></div>
|
|
<div class="ttc" id="scalar_8h_html_ac048cded7c9731249ada44d489a258d5"><div class="ttname"><a href="scalar_8h.html#ac048cded7c9731249ada44d489a258d5">secp256k1_scalar_inverse</a></div><div class="ttdeci">static void secp256k1_scalar_inverse(secp256k1_scalar *r, const secp256k1_scalar *a)</div></div>
|
|
<div class="ttc" id="ecdsa__impl_8h_html_a701c7cf2fd0fa52c2e3301f719f3fe4a"><div class="ttname"><a href="ecdsa__impl_8h.html#a701c7cf2fd0fa52c2e3301f719f3fe4a">secp256k1_der_parse_integer</a></div><div class="ttdeci">static int secp256k1_der_parse_integer(secp256k1_scalar *r, const unsigned char **sig, const unsigned char *sigend)</div><div class="ttdef"><b>Definition:</b> <a href="ecdsa__impl_8h_source.html#l00101">ecdsa_impl.h:101</a></div></div>
|
|
<div class="ttc" id="tests_8c_html_a06a3e29ada83211a695a49e8f7405842"><div class="ttname"><a href="tests_8c.html#a06a3e29ada83211a695a49e8f7405842">ctx</a></div><div class="ttdeci">static secp256k1_context * ctx</div><div class="ttdef"><b>Definition:</b> <a href="tests_8c_source.html#l00042">tests.c:42</a></div></div>
|
|
<div class="ttc" id="group_8h_html_aa511eebf8cd7419763f06555ed4fb62d"><div class="ttname"><a href="group_8h.html#aa511eebf8cd7419763f06555ed4fb62d">secp256k1_ge_set_gej</a></div><div class="ttdeci">static void secp256k1_ge_set_gej(secp256k1_ge *r, secp256k1_gej *a)</div></div>
|
|
<div class="ttc" id="group_8h_html_a2454dfbe1e75eba118d2c0a4184a9acc"><div class="ttname"><a href="group_8h.html#a2454dfbe1e75eba118d2c0a4184a9acc">secp256k1_gej_clear</a></div><div class="ttdeci">static void secp256k1_gej_clear(secp256k1_gej *r)</div></div>
|
|
<div class="ttc" id="scalar_8h_html_aab66620cbbe49bec3c7c02f4a1219c05"><div class="ttname"><a href="scalar_8h.html#aab66620cbbe49bec3c7c02f4a1219c05">secp256k1_scalar_is_high</a></div><div class="ttdeci">static int secp256k1_scalar_is_high(const secp256k1_scalar *a)</div></div>
|
|
<div class="ttc" id="ecmult__gen_8h_html"><div class="ttname"><a href="ecmult__gen_8h.html">ecmult_gen.h</a></div></div>
|
|
<div class="ttc" id="scalar_8h_html"><div class="ttname"><a href="scalar_8h.html">scalar.h</a></div></div>
|
|
<div class="ttc" id="scalar_8h_html_ad8fb9bc2a828903963bf37806d8edd11"><div class="ttname"><a href="scalar_8h.html#ad8fb9bc2a828903963bf37806d8edd11">secp256k1_scalar_clear</a></div><div class="ttdeci">static void secp256k1_scalar_clear(secp256k1_scalar *r)</div></div>
|
|
<div class="ttc" id="structsecp256k1__ge_html"><div class="ttname"><a href="structsecp256k1__ge.html">secp256k1_ge</a></div><div class="ttdef"><b>Definition:</b> <a href="group_8h_source.html#l00014">group.h:14</a></div></div>
|
|
<div class="ttc" id="structsecp256k1__ge_html_a3c04a97b606c82ea87e55d4a06f06b6e"><div class="ttname"><a href="structsecp256k1__ge.html#a3c04a97b606c82ea87e55d4a06f06b6e">secp256k1_ge::x</a></div><div class="ttdeci">secp256k1_fe x</div><div class="ttdef"><b>Definition:</b> <a href="group_8h_source.html#l00015">group.h:15</a></div></div>
|
|
<div class="ttc" id="group_8h_html_aa32fc177f081f16d5979045d3632cf8b"><div class="ttname"><a href="group_8h.html#aa32fc177f081f16d5979045d3632cf8b">secp256k1_gej_eq_x_var</a></div><div class="ttdeci">static int secp256k1_gej_eq_x_var(const secp256k1_fe *x, const secp256k1_gej *a)</div></div>
|
|
<div class="ttc" id="group_8h_html_a34793cf48794f089bb28597d1a9f23b2"><div class="ttname"><a href="group_8h.html#a34793cf48794f089bb28597d1a9f23b2">secp256k1_ge_clear</a></div><div class="ttdeci">static void secp256k1_ge_clear(secp256k1_ge *r)</div></div>
|
|
<div class="ttc" id="structsecp256k1__ecmult__gen__context_html"><div class="ttname"><a href="structsecp256k1__ecmult__gen__context.html">secp256k1_ecmult_gen_context</a></div><div class="ttdef"><b>Definition:</b> <a href="ecmult__gen_8h_source.html#l00013">ecmult_gen.h:13</a></div></div>
|
|
<div class="ttc" id="structsecp256k1__scalar_html"><div class="ttname"><a href="structsecp256k1__scalar.html">secp256k1_scalar</a></div><div class="ttdef"><b>Definition:</b> <a href="scalar__4x64_8h_source.html#l00013">scalar_4x64.h:13</a></div></div>
|
|
<div class="ttc" id="scalar_8h_html_a4fa08f8af5a23f505b44c9ef1bec1831"><div class="ttname"><a href="scalar_8h.html#a4fa08f8af5a23f505b44c9ef1bec1831">secp256k1_scalar_get_b32</a></div><div class="ttdeci">static void secp256k1_scalar_get_b32(unsigned char *bin, const secp256k1_scalar *a)</div></div>
|
|
<div class="ttc" id="field_8h_html_a5c86a65052e3b135919c00fe2233a43d"><div class="ttname"><a href="field_8h.html#a5c86a65052e3b135919c00fe2233a43d">secp256k1_fe_set_b32</a></div><div class="ttdeci">static int secp256k1_fe_set_b32(secp256k1_fe *r, const unsigned char *a)</div></div>
|
|
<div class="ttc" id="field_8h_html_af372f2088796ef5338bb43dbb6dd5277"><div class="ttname"><a href="field_8h.html#af372f2088796ef5338bb43dbb6dd5277">secp256k1_fe_cmp_var</a></div><div class="ttdeci">static int secp256k1_fe_cmp_var(const secp256k1_fe *a, const secp256k1_fe *b)</div></div>
|
|
<div class="ttc" id="scalar_8h_html_a83257652850276cd74c7cdd1f9444d9c"><div class="ttname"><a href="scalar_8h.html#a83257652850276cd74c7cdd1f9444d9c">secp256k1_scalar_add</a></div><div class="ttdeci">static int secp256k1_scalar_add(secp256k1_scalar *r, const secp256k1_scalar *a, const secp256k1_scalar *b)</div></div>
|
|
<div class="ttc" id="scalar_8h_html_a41cb11650e4dea0fe7ac5b59b9fce9dc"><div class="ttname"><a href="scalar_8h.html#a41cb11650e4dea0fe7ac5b59b9fce9dc">secp256k1_scalar_set_int</a></div><div class="ttdeci">static void secp256k1_scalar_set_int(secp256k1_scalar *r, unsigned int v)</div></div>
|
|
<div class="ttc" id="scalar_8h_html_a58e84d0cabe81139df5c71759f833855"><div class="ttname"><a href="scalar_8h.html#a58e84d0cabe81139df5c71759f833855">secp256k1_scalar_inverse_var</a></div><div class="ttdeci">static void secp256k1_scalar_inverse_var(secp256k1_scalar *r, const secp256k1_scalar *a)</div></div>
|
|
<div class="ttc" id="glibc__compat_8cpp_html_a0f46826ab0466591e136db24394923cf"><div class="ttname"><a href="glibc__compat_8cpp.html#a0f46826ab0466591e136db24394923cf">memcpy</a></div><div class="ttdeci">void * memcpy(void *a, const void *b, size_t c)</div><div class="ttdef"><b>Definition:</b> <a href="glibc__compat_8cpp_source.html#l00017">glibc_compat.cpp:17</a></div></div>
|
|
<div class="ttc" id="field_8h_html_a8e925e94d5a7330d2ae68f6642d0c7b9"><div class="ttname"><a href="field_8h.html#a8e925e94d5a7330d2ae68f6642d0c7b9">secp256k1_fe_normalize</a></div><div class="ttdeci">static void secp256k1_fe_normalize(secp256k1_fe *r)</div></div>
|
|
<div class="ttc" id="field_8h_html"><div class="ttname"><a href="field_8h.html">field.h</a></div></div>
|
|
<div class="ttc" id="ecmult_8h_html"><div class="ttname"><a href="ecmult_8h.html">ecmult.h</a></div></div>
|
|
<div class="ttc" id="field_8h_html_abb1017649be14b9ac1823be3c573e542"><div class="ttname"><a href="field_8h.html#abb1017649be14b9ac1823be3c573e542">secp256k1_fe_get_b32</a></div><div class="ttdeci">static void secp256k1_fe_get_b32(unsigned char *r, const secp256k1_fe *a)</div></div>
|
|
<div class="ttc" id="structsecp256k1__ecmult__context_html"><div class="ttname"><a href="structsecp256k1__ecmult__context.html">secp256k1_ecmult_context</a></div><div class="ttdef"><b>Definition:</b> <a href="ecmult_8h_source.html#l00013">ecmult.h:13</a></div></div>
|
|
<div class="ttc" id="group_8h_html_ad5f813e26afb239f03e83f0e61e05498"><div class="ttname"><a href="group_8h.html#ad5f813e26afb239f03e83f0e61e05498">secp256k1_gej_set_ge</a></div><div class="ttdeci">static void secp256k1_gej_set_ge(secp256k1_gej *r, const secp256k1_ge *a)</div></div>
|
|
<div class="ttc" id="structsecp256k1__ge_html_a604295983a1f4aa6e8b5b0f1e46f9ee0"><div class="ttname"><a href="structsecp256k1__ge.html#a604295983a1f4aa6e8b5b0f1e46f9ee0">secp256k1_ge::y</a></div><div class="ttdeci">secp256k1_fe y</div><div class="ttdef"><b>Definition:</b> <a href="group_8h_source.html#l00016">group.h:16</a></div></div>
|
|
<div class="ttc" id="ecdsa__impl_8h_html_a2f1a533c601e3dfa234d2f860670d137"><div class="ttname"><a href="ecdsa__impl_8h.html#a2f1a533c601e3dfa234d2f860670d137">secp256k1_ecdsa_const_p_minus_order</a></div><div class="ttdeci">static const secp256k1_fe secp256k1_ecdsa_const_p_minus_order</div><div class="ttdef"><b>Definition:</b> <a href="ecdsa__impl_8h_source.html#l00045">ecdsa_impl.h:45</a></div></div>
|
|
</div><!-- fragment --></div><!-- contents -->
|
|
</div><!-- doc-content -->
|
|
<!-- start footer part -->
|
|
<div id="nav-path" class="navpath"><!-- id is needed for treeview function! -->
|
|
<ul>
|
|
<li class="navelem"><a class="el" href="dir_68267d1309a1af8e8297ef4c3efbcdba.html">src</a></li><li class="navelem"><a class="el" href="dir_44f34d1e62fda08bdb4ca69ab2d205ae.html">secp256k1</a></li><li class="navelem"><a class="el" href="dir_8db2ef784512d48b2a7d00369dfaac28.html">src</a></li><li class="navelem"><a class="el" href="ecdsa__impl_8h.html">ecdsa_impl.h</a></li>
|
|
<li class="footer">Generated on Thu Dec 14 2017 13:15:08 for Dash Core by
|
|
<a href="http://www.doxygen.org/index.html">
|
|
<img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.8.14 </li>
|
|
</ul>
|
|
</div>
|
|
</body>
|
|
</html>
|