crypto/secp256k1: sign with deterministic K (rfc6979) (#3561)

This commit is contained in:
Felix Lange 2017-01-22 23:28:47 +01:00 committed by GitHub
parent 935d891e9d
commit 96778a1c21
2 changed files with 22 additions and 8 deletions

View File

@ -40,8 +40,6 @@ import (
"errors"
"math/big"
"unsafe"
"github.com/ethereum/go-ethereum/crypto/randentropy"
)
var (
@ -89,13 +87,11 @@ func Sign(msg []byte, seckey []byte) ([]byte, error) {
}
var (
msgdata = (*C.uchar)(unsafe.Pointer(&msg[0]))
nonce = randentropy.GetEntropyCSPRNG(32)
noncefunc = &(*C.secp256k1_nonce_function_default)
noncefuncData = unsafe.Pointer(&nonce[0])
sigstruct C.secp256k1_ecdsa_recoverable_signature
msgdata = (*C.uchar)(unsafe.Pointer(&msg[0]))
noncefunc = C.secp256k1_nonce_function_rfc6979
sigstruct C.secp256k1_ecdsa_recoverable_signature
)
if C.secp256k1_ecdsa_sign_recoverable(context, &sigstruct, msgdata, seckeydata, noncefunc, noncefuncData) == 0 {
if C.secp256k1_ecdsa_sign_recoverable(context, &sigstruct, msgdata, seckeydata, noncefunc, nil) == 0 {
return nil, ErrSignFailed
}

View File

@ -112,6 +112,24 @@ func TestSignAndRecover(t *testing.T) {
}
}
func TestSignDeterministic(t *testing.T) {
_, seckey := generateKeyPair()
msg := make([]byte, 32)
copy(msg, "hi there")
sig1, err := Sign(msg, seckey)
if err != nil {
t.Fatal(err)
}
sig2, err := Sign(msg, seckey)
if err != nil {
t.Fatal(err)
}
if !bytes.Equal(sig1, sig2) {
t.Fatal("signatures not equal")
}
}
func TestRandomMessagesWithSameKey(t *testing.T) {
pubkey, seckey := generateKeyPair()
keys := func() ([]byte, []byte) {