Bitcoin Core  0.20.99
P2P Digital Currency
Functions | Variables
main_impl.h File Reference
#include "include/secp256k1.h"
#include "include/secp256k1_schnorrsig.h"
#include "hash.h"
Include dependency graph for main_impl.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

static void secp256k1_nonce_function_bip340_sha256_tagged (secp256k1_sha256 *sha)
 
static void secp256k1_nonce_function_bip340_sha256_tagged_aux (secp256k1_sha256 *sha)
 
static int nonce_function_bip340 (unsigned char *nonce32, const unsigned char *msg32, const unsigned char *key32, const unsigned char *xonly_pk32, const unsigned char *algo16, void *data)
 
static void secp256k1_schnorrsig_sha256_tagged (secp256k1_sha256 *sha)
 
static void secp256k1_schnorrsig_challenge (secp256k1_scalar *e, const unsigned char *r32, const unsigned char *msg32, const unsigned char *pubkey32)
 
int secp256k1_schnorrsig_sign (const secp256k1_context *ctx, unsigned char *sig64, const unsigned char *msg32, const secp256k1_keypair *keypair, secp256k1_nonce_function_hardened noncefp, void *ndata)
 Create a Schnorr signature. More...
 
int secp256k1_schnorrsig_verify (const secp256k1_context *ctx, const unsigned char *sig64, const unsigned char *msg32, const secp256k1_xonly_pubkey *pubkey)
 Verify a Schnorr signature. More...
 

Variables

static const unsigned char bip340_algo16 [16] = "BIP0340/nonce\0\0\0"
 
const secp256k1_nonce_function_hardened secp256k1_nonce_function_bip340 = nonce_function_bip340
 An implementation of the nonce generation function as defined in Bitcoin Improvement Proposal 340 "Schnorr Signatures for secp256k1" (https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki). More...
 

Function Documentation

◆ nonce_function_bip340()

static int nonce_function_bip340 ( unsigned char *  nonce32,
const unsigned char *  msg32,
const unsigned char *  key32,
const unsigned char *  xonly_pk32,
const unsigned char *  algo16,
void *  data 
)
static

Definition at line 50 of file main_impl.h.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ secp256k1_nonce_function_bip340_sha256_tagged()

static void secp256k1_nonce_function_bip340_sha256_tagged ( secp256k1_sha256 sha)
static

Definition at line 16 of file main_impl.h.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ secp256k1_nonce_function_bip340_sha256_tagged_aux()

static void secp256k1_nonce_function_bip340_sha256_tagged_aux ( secp256k1_sha256 sha)
static

Definition at line 32 of file main_impl.h.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ secp256k1_schnorrsig_challenge()

static void secp256k1_schnorrsig_challenge ( secp256k1_scalar e,
const unsigned char *  r32,
const unsigned char *  msg32,
const unsigned char *  pubkey32 
)
static

Definition at line 111 of file main_impl.h.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ secp256k1_schnorrsig_sha256_tagged()

static void secp256k1_schnorrsig_sha256_tagged ( secp256k1_sha256 sha)
static

Definition at line 98 of file main_impl.h.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ secp256k1_schnorrsig_sign()

int secp256k1_schnorrsig_sign ( const secp256k1_context ctx,
unsigned char *  sig64,
const unsigned char *  msg32,
const secp256k1_keypair keypair,
secp256k1_nonce_function_hardened  noncefp,
void *  ndata 
)

Create a Schnorr signature.

Does not strictly follow BIP-340 because it does not verify the resulting signature. Instead, you can manually use secp256k1_schnorrsig_verify and abort if it fails.

Otherwise BIP-340 compliant if the noncefp argument is NULL or secp256k1_nonce_function_bip340 and the ndata argument is 32-byte auxiliary randomness.

Returns 1 on success, 0 on failure. Args: ctx: pointer to a context object, initialized for signing (cannot be NULL) Out: sig64: pointer to a 64-byte array to store the serialized signature (cannot be NULL) In: msg32: the 32-byte message being signed (cannot be NULL) keypair: pointer to an initialized keypair (cannot be NULL) noncefp: pointer to a nonce generation function. If NULL, secp256k1_nonce_function_bip340 is used ndata: pointer to arbitrary data used by the nonce generation function (can be NULL). If it is non-NULL and secp256k1_nonce_function_bip340 is used, then ndata must be a pointer to 32-byte auxiliary randomness as per BIP-340.

Definition at line 127 of file main_impl.h.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ secp256k1_schnorrsig_verify()

int secp256k1_schnorrsig_verify ( const secp256k1_context ctx,
const unsigned char *  sig64,
const unsigned char *  msg32,
const secp256k1_xonly_pubkey pubkey 
)

Verify a Schnorr signature.

Returns: 1: correct signature 0: incorrect signature Args: ctx: a secp256k1 context object, initialized for verification. In: sig64: pointer to the 64-byte signature to verify (cannot be NULL) msg32: the 32-byte message being verified (cannot be NULL) pubkey: pointer to an x-only public key to verify with (cannot be NULL)

Definition at line 190 of file main_impl.h.

Here is the call graph for this function:
Here is the caller graph for this function:

Variable Documentation

◆ bip340_algo16

const unsigned char bip340_algo16[16] = "BIP0340/nonce\0\0\0"
static

Definition at line 48 of file main_impl.h.

◆ secp256k1_nonce_function_bip340

const secp256k1_nonce_function_hardened secp256k1_nonce_function_bip340 = nonce_function_bip340

An implementation of the nonce generation function as defined in Bitcoin Improvement Proposal 340 "Schnorr Signatures for secp256k1" (https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki).

If a data pointer is passed, it is assumed to be a pointer to 32 bytes of auxiliary random data as defined in BIP-340. If the data pointer is NULL, schnorrsig_sign does not produce BIP-340 compliant signatures. The algo16 argument must be non-NULL, otherwise the function will fail and return 0. The hash will be tagged with algo16 after removing all terminating null bytes. Therefore, to create BIP-340 compliant signatures, algo16 must be set to "BIP0340/nonce\0\0\0"

Definition at line 94 of file main_impl.h.