dash-docs/en/doxygen/html/schnorr__impl_8h.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
<meta name="generator" content="Doxygen 1.8.14"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<title>Dash Core: src/secp256k1/src/modules/schnorr/schnorr_impl.h File Reference</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="dynsections.js"></script>
<link href="navtree.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="resize.js"></script>
<script type="text/javascript" src="navtreedata.js"></script>
<script type="text/javascript" src="navtree.js"></script>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
  $(document).ready(initResizable);
/* @license-end */</script>
<link href="search/search.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="search/searchdata.js"></script>
<script type="text/javascript" src="search/search.js"></script>
<link href="doxygen.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
 <tbody>
 <tr style="height: 56px;">
  <td id="projectlogo"><img alt="Logo" src="bitcoin_logo_doxygen.png"/></td>
  <td id="projectalign" style="padding-left: 0.5em;">
   <div id="projectname">Dash Core
   &#160;<span id="projectnumber">0.12.2.1</span>
   </div>
   <div id="projectbrief">P2P Digital Currency</div>
  </td>
 </tr>
 </tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.8.14 -->
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
var searchBox = new SearchBox("searchBox", "search",false,'Search');
/* @license-end */
</script>
<script type="text/javascript" src="menudata.js"></script>
<script type="text/javascript" src="menu.js"></script>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
$(function() {
  initMenu('',true,false,'search.php','Search');
  $(document).ready(function() { init_search(); });
});
/* @license-end */</script>
<div id="main-nav"></div>
</div><!-- top -->
<div id="side-nav" class="ui-resizable side-nav-resizable">
  <div id="nav-tree">
    <div id="nav-tree-contents">
      <div id="nav-sync" class="sync"></div>
    </div>
  </div>
  <div id="splitbar" style="-moz-user-select:none;" 
       class="ui-resizable-handle">
  </div>
</div>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
$(document).ready(function(){initNavTree('schnorr__impl_8h.html','');});
/* @license-end */
</script>
<div id="doc-content">
<!-- window showing the filter options -->
<div id="MSearchSelectWindow"
     onmouseover="return searchBox.OnSearchSelectShow()"
     onmouseout="return searchBox.OnSearchSelectHide()"
     onkeydown="return searchBox.OnSearchSelectKey(event)">
</div>

<!-- iframe showing the search results (closed by default) -->
<div id="MSearchResultsWindow">
<iframe src="javascript:void(0)" frameborder="0" 
        name="MSearchResults" id="MSearchResults">
</iframe>
</div>

<div class="header">
  <div class="summary">
<a href="#func-members">Functions</a>  </div>
  <div class="headertitle">
<div class="title">schnorr_impl.h File Reference</div>  </div>
</div><!--header-->
<div class="contents">
<div class="textblock"><code>#include &lt;string.h&gt;</code><br />
<code>#include &quot;<a class="el" href="schnorr_8h_source.html">schnorr.h</a>&quot;</code><br />
<code>#include &quot;<a class="el" href="num_8h_source.html">num.h</a>&quot;</code><br />
<code>#include &quot;<a class="el" href="field_8h_source.html">field.h</a>&quot;</code><br />
<code>#include &quot;<a class="el" href="group_8h_source.html">group.h</a>&quot;</code><br />
<code>#include &quot;<a class="el" href="ecmult_8h_source.html">ecmult.h</a>&quot;</code><br />
<code>#include &quot;<a class="el" href="ecmult__gen_8h_source.html">ecmult_gen.h</a>&quot;</code><br />
</div>
<p><a href="schnorr__impl_8h_source.html">Go to the source code of this file.</a></p>
<table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="func-members"></a>
Functions</h2></td></tr>
<tr class="memitem:ab58ca77446a7d8daff985d07d43e7175"><td class="memItemLeft" align="right" valign="top">static int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="schnorr__impl_8h.html#ab58ca77446a7d8daff985d07d43e7175">secp256k1_schnorr_sig_sign</a> (const <a class="el" href="structsecp256k1__ecmult__gen__context.html">secp256k1_ecmult_gen_context</a> *<a class="el" href="tests_8c.html#a06a3e29ada83211a695a49e8f7405842">ctx</a>, unsigned char *sig64, const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *key, const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *nonce, const <a class="el" href="structsecp256k1__ge.html">secp256k1_ge</a> *pubnonce, <a class="el" href="schnorr_8h.html#a4543078e8c14fe94160f35b293dff0e4">secp256k1_schnorr_msghash</a> hash, const unsigned char *msg32)</td></tr>
<tr class="separator:ab58ca77446a7d8daff985d07d43e7175"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:ad8ac32b20746524ea3b97ab609117daa"><td class="memItemLeft" align="right" valign="top">static int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="schnorr__impl_8h.html#ad8ac32b20746524ea3b97ab609117daa">secp256k1_schnorr_sig_verify</a> (const <a class="el" href="structsecp256k1__ecmult__context.html">secp256k1_ecmult_context</a> *<a class="el" href="tests_8c.html#a06a3e29ada83211a695a49e8f7405842">ctx</a>, const unsigned char *sig64, const <a class="el" href="structsecp256k1__ge.html">secp256k1_ge</a> *pubkey, <a class="el" href="schnorr_8h.html#a4543078e8c14fe94160f35b293dff0e4">secp256k1_schnorr_msghash</a> hash, const unsigned char *msg32)</td></tr>
<tr class="separator:ad8ac32b20746524ea3b97ab609117daa"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a41cf1a1167f3b8c7b6fdd4fea6abdbce"><td class="memItemLeft" align="right" valign="top">static int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="schnorr__impl_8h.html#a41cf1a1167f3b8c7b6fdd4fea6abdbce">secp256k1_schnorr_sig_recover</a> (const <a class="el" href="structsecp256k1__ecmult__context.html">secp256k1_ecmult_context</a> *<a class="el" href="tests_8c.html#a06a3e29ada83211a695a49e8f7405842">ctx</a>, const unsigned char *sig64, <a class="el" href="structsecp256k1__ge.html">secp256k1_ge</a> *pubkey, <a class="el" href="schnorr_8h.html#a4543078e8c14fe94160f35b293dff0e4">secp256k1_schnorr_msghash</a> hash, const unsigned char *msg32)</td></tr>
<tr class="separator:a41cf1a1167f3b8c7b6fdd4fea6abdbce"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:ad2c15e4e57e6bf00cde3a4b229330b12"><td class="memItemLeft" align="right" valign="top">static int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="schnorr__impl_8h.html#ad2c15e4e57e6bf00cde3a4b229330b12">secp256k1_schnorr_sig_combine</a> (unsigned char *sig64, size_t n, const unsigned char *const *sig64ins)</td></tr>
<tr class="separator:ad2c15e4e57e6bf00cde3a4b229330b12"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table>
<h2 class="groupheader">Function Documentation</h2>
<a id="ad2c15e4e57e6bf00cde3a4b229330b12"></a>
<h2 class="memtitle"><span class="permalink"><a href="#ad2c15e4e57e6bf00cde3a4b229330b12">&#9670;&nbsp;</a></span>secp256k1_schnorr_sig_combine()</h2>

<div class="memitem">
<div class="memproto">
<table class="mlabels">
  <tr>
  <td class="mlabels-left">
      <table class="memname">
        <tr>
          <td class="memname">static int secp256k1_schnorr_sig_combine </td>
          <td>(</td>
          <td class="paramtype">unsigned char *&#160;</td>
          <td class="paramname"><em>sig64</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype">size_t&#160;</td>
          <td class="paramname"><em>n</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype">const unsigned char *const *&#160;</td>
          <td class="paramname"><em>sig64ins</em>&#160;</td>
        </tr>
        <tr>
          <td></td>
          <td>)</td>
          <td></td><td></td>
        </tr>
      </table>
  </td>
  <td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span></span>  </td>
  </tr>
</table>
</div><div class="memdoc">

<p class="definition">Definition at line <a class="el" href="schnorr__impl_8h_source.html#l00181">181</a> of file <a class="el" href="schnorr__impl_8h_source.html">schnorr_impl.h</a>.</p>

</div>
</div>
<a id="a41cf1a1167f3b8c7b6fdd4fea6abdbce"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a41cf1a1167f3b8c7b6fdd4fea6abdbce">&#9670;&nbsp;</a></span>secp256k1_schnorr_sig_recover()</h2>

<div class="memitem">
<div class="memproto">
<table class="mlabels">
  <tr>
  <td class="mlabels-left">
      <table class="memname">
        <tr>
          <td class="memname">static int secp256k1_schnorr_sig_recover </td>
          <td>(</td>
          <td class="paramtype">const <a class="el" href="structsecp256k1__ecmult__context.html">secp256k1_ecmult_context</a> *&#160;</td>
          <td class="paramname"><em>ctx</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype">const unsigned char *&#160;</td>
          <td class="paramname"><em>sig64</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype"><a class="el" href="structsecp256k1__ge.html">secp256k1_ge</a> *&#160;</td>
          <td class="paramname"><em>pubkey</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype"><a class="el" href="schnorr_8h.html#a4543078e8c14fe94160f35b293dff0e4">secp256k1_schnorr_msghash</a>&#160;</td>
          <td class="paramname"><em>hash</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype">const unsigned char *&#160;</td>
          <td class="paramname"><em>msg32</em>&#160;</td>
        </tr>
        <tr>
          <td></td>
          <td>)</td>
          <td></td><td></td>
        </tr>
      </table>
  </td>
  <td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span></span>  </td>
  </tr>
</table>
</div><div class="memdoc">

<p class="definition">Definition at line <a class="el" href="schnorr__impl_8h_source.html#l00144">144</a> of file <a class="el" href="schnorr__impl_8h_source.html">schnorr_impl.h</a>.</p>

</div>
</div>
<a id="ab58ca77446a7d8daff985d07d43e7175"></a>
<h2 class="memtitle"><span class="permalink"><a href="#ab58ca77446a7d8daff985d07d43e7175">&#9670;&nbsp;</a></span>secp256k1_schnorr_sig_sign()</h2>

<div class="memitem">
<div class="memproto">
<table class="mlabels">
  <tr>
  <td class="mlabels-left">
      <table class="memname">
        <tr>
          <td class="memname">static int secp256k1_schnorr_sig_sign </td>
          <td>(</td>
          <td class="paramtype">const <a class="el" href="structsecp256k1__ecmult__gen__context.html">secp256k1_ecmult_gen_context</a> *&#160;</td>
          <td class="paramname"><em>ctx</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype">unsigned char *&#160;</td>
          <td class="paramname"><em>sig64</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype">const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *&#160;</td>
          <td class="paramname"><em>key</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype">const <a class="el" href="structsecp256k1__scalar.html">secp256k1_scalar</a> *&#160;</td>
          <td class="paramname"><em>nonce</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype">const <a class="el" href="structsecp256k1__ge.html">secp256k1_ge</a> *&#160;</td>
          <td class="paramname"><em>pubnonce</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype"><a class="el" href="schnorr_8h.html#a4543078e8c14fe94160f35b293dff0e4">secp256k1_schnorr_msghash</a>&#160;</td>
          <td class="paramname"><em>hash</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype">const unsigned char *&#160;</td>
          <td class="paramname"><em>msg32</em>&#160;</td>
        </tr>
        <tr>
          <td></td>
          <td>)</td>
          <td></td><td></td>
        </tr>
      </table>
  </td>
  <td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span></span>  </td>
  </tr>
</table>
</div><div class="memdoc">
<p>Custom Schnorr-based signature scheme. They support multiparty signing, public key recovery and batch validation.</p>
<p>Rationale for verifying R's y coordinate: In order to support batch validation and public key recovery, the full R point must be known to verifiers, rather than just its x coordinate. In order to not risk being more strict in batch validation than normal validation, validators must be required to reject signatures with incorrect y coordinate. This is only possible by including a (relatively slow) field inverse, or a field square root. However, batch validation offers potentially much higher benefits than this cost.</p>
<p>Rationale for having an implicit y coordinate oddness: If we commit to having the full R point known to verifiers, there are two mechanism. Either include its oddness in the signature, or give it an implicit fixed value. As the R y coordinate can be flipped by a simple negation of the nonce, we choose the latter, as it comes with nearly zero impact on signing or validation performance, and saves a byte in the signature.</p>
<p>Signing: Inputs: 32-byte message m, 32-byte scalar key x (!=0), 32-byte scalar nonce k (!=0)</p>
<p>Compute point R = k * G. Reject nonce if R's y coordinate is odd (or negate nonce). Compute 32-byte r, the serialization of R's x coordinate. Compute scalar h = Hash(r || m). Reject nonce if h == 0 or h &gt;= order. Compute scalar s = k - h * x. The signature is (r, s).</p>
<p>Verification: Inputs: 32-byte message m, public key point Q, signature: (32-byte r, scalar s)</p>
<p>Signature is invalid if s &gt;= order. Signature is invalid if r &gt;= p. Compute scalar h = Hash(r || m). Signature is invalid if h == 0 or h &gt;= order. Option 1 (faster for single verification): Compute point R = h * Q + s * G. Signature is invalid if R is infinity or R's y coordinate is odd. Signature is valid if the serialization of R's x coordinate equals r. Option 2 (allows batch validation and pubkey recovery): Decompress x coordinate r into point R, with odd y coordinate. Fail if R is not on the curve. Signature is valid if R + h * Q + s * G == 0. </p>

<p class="definition">Definition at line <a class="el" href="schnorr__impl_8h_source.html#l00062">62</a> of file <a class="el" href="schnorr__impl_8h_source.html">schnorr_impl.h</a>.</p>

</div>
</div>
<a id="ad8ac32b20746524ea3b97ab609117daa"></a>
<h2 class="memtitle"><span class="permalink"><a href="#ad8ac32b20746524ea3b97ab609117daa">&#9670;&nbsp;</a></span>secp256k1_schnorr_sig_verify()</h2>

<div class="memitem">
<div class="memproto">
<table class="mlabels">
  <tr>
  <td class="mlabels-left">
      <table class="memname">
        <tr>
          <td class="memname">static int secp256k1_schnorr_sig_verify </td>
          <td>(</td>
          <td class="paramtype">const <a class="el" href="structsecp256k1__ecmult__context.html">secp256k1_ecmult_context</a> *&#160;</td>
          <td class="paramname"><em>ctx</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype">const unsigned char *&#160;</td>
          <td class="paramname"><em>sig64</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype">const <a class="el" href="structsecp256k1__ge.html">secp256k1_ge</a> *&#160;</td>
          <td class="paramname"><em>pubkey</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype"><a class="el" href="schnorr_8h.html#a4543078e8c14fe94160f35b293dff0e4">secp256k1_schnorr_msghash</a>&#160;</td>
          <td class="paramname"><em>hash</em>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype">const unsigned char *&#160;</td>
          <td class="paramname"><em>msg32</em>&#160;</td>
        </tr>
        <tr>
          <td></td>
          <td>)</td>
          <td></td><td></td>
        </tr>
      </table>
  </td>
  <td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span></span>  </td>
  </tr>
</table>
</div><div class="memdoc">

<p class="definition">Definition at line <a class="el" href="schnorr__impl_8h_source.html#l00106">106</a> of file <a class="el" href="schnorr__impl_8h_source.html">schnorr_impl.h</a>.</p>

</div>
</div>
</div><!-- contents -->
</div><!-- doc-content -->
<!-- start footer part -->
<div id="nav-path" class="navpath"><!-- id is needed for treeview function! -->
  <ul>
    <li class="navelem"><a class="el" href="dir_68267d1309a1af8e8297ef4c3efbcdba.html">src</a></li><li class="navelem"><a class="el" href="dir_44f34d1e62fda08bdb4ca69ab2d205ae.html">secp256k1</a></li><li class="navelem"><a class="el" href="dir_8db2ef784512d48b2a7d00369dfaac28.html">src</a></li><li class="navelem"><a class="el" href="dir_403fe05abfd2d392aa3c0b8c300f7bf6.html">modules</a></li><li class="navelem"><a class="el" href="dir_352c5ce840d1898571e8326f33f31f12.html">schnorr</a></li><li class="navelem"><a class="el" href="schnorr__impl_8h.html">schnorr_impl.h</a></li>
    <li class="footer">Generated on Thu Dec 14 2017 13:15:11 for Dash Core by
    <a href="http://www.doxygen.org/index.html">
    <img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.8.14 </li>
  </ul>
</div>
</body>
</html>