Documentation ¶
Overview ¶
Implementation of Bitcoin signing algorithms (ECDSA, Schnorr)
Index ¶
- func GenerateBitcoinPublicKey(privateKeyBytes []byte) ([]byte, error)
- func GenerateTweek(point []byte, tweak []byte) ([]byte, error)
- func IsPoint(p []uint8) bool
- func IsValidBitcoinPrivateKey(privateKeyBytes []byte) bool
- func ListBigIntToDER(bigIntList []*big.Int) []byte
- func MarshalCompressed(curve elliptic.Curve, x, y *big.Int) []byte
- func P256k1() elliptic.Curve
- func P384() elliptic.Curve
- func P521() elliptic.Curve
- func PointAddScalar(public []byte, tweak []byte, compress bool) ([]byte, error)
- func ReEncodedForm(public []byte, compressed bool) []byte
- func ReEncodedFromForm(public []byte, compressed bool) []byte
- func RecoverPublicKey(recId int, sig []byte, message []byte) []byte
- func ScalarBaseMultBigInt(curve elliptic.Curve, k big.Int) (*big.Int, *big.Int)
- func SchnorrSign(message []byte, secret []byte, aux []byte) []byte
- func SingDer(message []byte, privateKey []byte, entryPointes []byte) []byte
- func SingInput(privateKey []byte, message []byte, sigHash int) string
- func SingMessage(message []byte, privateKey []byte) []byte
- func TweakTaprootPoint(pub []byte, twek []byte) []byte
- func TweakTaprootPrivate(secret []byte, tweak []byte) []byte
- func UnCompressedPoint(public []byte) (*big.Int, *big.Int)
- func UnmarshalCompressed(curve elliptic.Curve, data []byte) (x, y *big.Int)
- func VerifySchnorr(message []byte, publicKey []byte, signature []byte) bool
- type CurveParams
- func (curve *CurveParams) Add(x1, y1, x2, y2 *big.Int) (*big.Int, *big.Int)
- func (curve *CurveParams) Double(x1, y1 *big.Int) (*big.Int, *big.Int)
- func (curve *CurveParams) IsOnCurve(x, y *big.Int) bool
- func (curve *CurveParams) Params() *elliptic.CurveParams
- func (curve *CurveParams) ScalarBaseMult(k []byte) (*big.Int, *big.Int)
- func (curve *CurveParams) ScalarMult(Bx, By *big.Int, k []byte) (*big.Int, *big.Int)
- type RFC6979KCalculator
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GenerateBitcoinPublicKey ¶
GenerateBitcoinPublicKey derives a compressed Bitcoin public key from a private key.
func GenerateTweek ¶
GenerateTweek generates a tweaked private key using a given point and tweak. It takes a byte slice 'point' representing a Bitcoin private key and a byte slice 'tweak' representing the tweak value. The function validates the input point and tweak for their correctness. It checks if the point is a valid Bitcoin private key and if the tweak is a valid scalar within the curve's order.
If either the point or the tweak is invalid, it returns an error.
If both the point and tweak are valid, the function computes the tweaked private key by adding the tweak to the point (in modular arithmetic), ensuring that the result stays within the curve's order. The resulting tweaked private key is returned as a byte slice.
If the computed tweaked private key is invalid, it returns an error.
func IsValidBitcoinPrivateKey ¶
IsValidBitcoinPrivateKey checks if the given bytes represent a valid Bitcoin private key.
func ListBigIntToDER ¶
ListBigIntToDER converts a list of BigInt values into a DER-encoded byte slice. implements for Bitcoin transaction signature
func MarshalCompressed ¶
MarshalCompressed converts a point on the curve into the compressed form specified in section 4.3.6 of ANSI X9.62.
func P256k1 ¶
P256k1 returns a Curve which implements secp256k1 (https://www.secg.org/sec2-v2.pdf, section 2.4.1), also known as secp521k1. The CurveParams.Name of this Curve is "P-256k1".
Multiple invocations of this function will return the same value, so it can be used for equality checks and switch statements.
The cryptographic operations do not use constant-time algorithms.
func P384 ¶
P384 returns a Curve which implements NIST P-384 (FIPS 186-3, section D.2.4), also known as secp384r1. The CurveParams.Name of this Curve is "P-384".
Multiple invocations of this function will return the same value, so it can be used for equality checks and switch statements.
The cryptographic operations do not use constant-time algorithms.
func P521 ¶
P521 returns a Curve which implements NIST P-521 (FIPS 186-3, section D.2.5), also known as secp521r1. The CurveParams.Name of this Curve is "P-521".
Multiple invocations of this function will return the same value, so it can be used for equality checks and switch statements.
The cryptographic operations do not use constant-time algorithms.
func PointAddScalar ¶
PointAddScalar computes a new elliptic curve point by adding a scalar 'tweak' to a given public key point 'public'. The resulting point is returned as a byte slice. The function also takes a 'compress' boolean parameter that determines whether the resulting point should be compressed or not.
The 'public' input must represent a valid elliptic curve point, and the 'tweak' must be a valid scalar within the curve's order. If either the 'public' point or 'tweak' is invalid, the function returns an error.
If 'tweak' is the zero scalar, the function returns the original 'public' point, optionally compressed as specified.
If 'tweak' is not the zero scalar, the function computes the new point as follows: - Adds 'tweak' to the generator point (G) and obtains point (qX, qY). - Adds 'public' and (qX, qY) to obtain point (uX, uY). - Checks if (uX, uY) is a valid elliptic curve point.
If 'compress' is true, the resulting point is compressed; otherwise, it's not compressed. The compressed or uncompressed point is returned as a byte slice.
If any point computation results in an invalid point, the function returns an error.
func ReEncodedForm ¶
ReEncodedFromForm re-encodes the public key bytes in the specified format (compressed or uncompressed).
func ReEncodedFromForm ¶
ReEncodedFromForm re-encodes the public key bytes in the specified format (compressed or uncompressed).
func ScalarBaseMultBigInt ¶
func SchnorrSign ¶
SchnorrSign generates a Schnorr signature for the given message using the secret key and auxiliary data. It returns the Schnorr signature as a byte slice.
func SingDer ¶
SignDer signs the given message using the provided private key and entry points, returning the DER-encoded digital signature as a byte slice.
func SingInput ¶
SignInput signs the given transaction digest using the provided private key, applying the specified signature hash type, and returns the resulting signature as a hexadecimal string.
func SingMessage ¶
SignMessage signs the given message using the provided private key and returns the digital signature as a byte slice.
func TweakTaprootPoint ¶
Tweaks the public key with the specified tweak. Required to create the taproot public key from the internal key.
func TweakTaprootPrivate ¶
Tweaks the private key before signing with it. Check if public key's y is even and negate the private key before tweaking if it is not.
func UnCompressedPoint ¶
UnCompressedPoint extracts the X and Y coordinates of an uncompressed elliptic curve public key.
func UnmarshalCompressed ¶
UnmarshalCompressed converts a point, serialized by MarshalCompressed, into an x, y pair. It is an error if the point is not in compressed form or is not on the curve. On error, x = nil.
Types ¶
type CurveParams ¶
type CurveParams struct { elliptic.CurveParams A *big.Int // the linear coefficient of the curve equation }
CurveParams contains the parameters of an elliptic curve y² = x³ + ax + b, and also provides a generic, non-constant time implementation of Curve.
func (*CurveParams) IsOnCurve ¶
func (curve *CurveParams) IsOnCurve(x, y *big.Int) bool
IsOnCurve returns whether the point (x, y) lies on the curve or not
func (*CurveParams) Params ¶
func (curve *CurveParams) Params() *elliptic.CurveParams
Params returns the curve params
func (*CurveParams) ScalarBaseMult ¶
ScalarBaseMult computes scalar multiplication of the base point
func (*CurveParams) ScalarMult ¶
ScalarMult computes scalar multiplication of a given point
type RFC6979KCalculator ¶
type RFC6979KCalculator struct {
K, V []byte
// contains filtered or unexported fields
}
func NewRFC6979KCalculator ¶
func NewRFC6979KCalculator(mac hash.Hash, n, d *big.Int, message []byte, entryPointes []byte) *RFC6979KCalculator
NewRFC6979KCalculator creates a new RFC6979KCalculator instance initialized with the provided parameters.
func (*RFC6979KCalculator) NextK ¶
func (k *RFC6979KCalculator) NextK() *big.Int