public static byte[] SignCompact(byte[] data, byte[] seckey, out int recoveryId) { if (data == null) { throw new ArgumentNullException(nameof(data)); } if (data.Length == 0) { throw new ArgumentOutOfRangeException(nameof(data)); } if (seckey == null) { throw new ArgumentNullException(nameof(seckey)); } if (seckey.Length != 32) { throw new ArgumentOutOfRangeException(nameof(seckey)); } recoveryId = 0; EcdsaRecoverableSignature recoverableSignature = new EcdsaRecoverableSignature(); if (!Secp256K1Manager.Secp256K1EcdsaSignRecoverable(Secp256K1Manager.Ctx, recoverableSignature, data, seckey, (NonceFunction)null, (byte[])null)) { return((byte[])null); } byte[] output64 = new byte[64]; byte recid; if (!Secp256K1Manager.Secp256K1EcdsaRecoverableSignatureSerializeCompact(Secp256K1Manager.Ctx, output64, out recid, recoverableSignature)) { return((byte[])null); } recoveryId = (int)recid; return(output64); }
private static byte[] SignCompact(byte[] data, byte[] seckey, out byte recoveryId) { EcdsaRecoverableSignature sig = new EcdsaRecoverableSignature(); byte loop = 0; int index = 0; bool rec; var extra = new byte[32]; do { extra[index] = loop++; if (loop == 0xff) { index = index + 1; loop = 0; } rec = Secp256K1EcdsaSignRecoverable(Ctx, sig, data, seckey, null, extra); } while (!rec); var output64 = new byte[64]; Secp256K1EcdsaRecoverableSignatureSerializeCompact(Ctx, output64, out recoveryId, sig); return(output64); }
/// <summary> /// Get compressed and compact signature (possible in not canonical form) /// </summary> /// <param name="data">Hashed data</param> /// <param name="seckey">Private key (32 bytes)</param> /// <returns> 65 bytes compressed / compact</returns> public static byte[] SignCompressedCompact(byte[] data, byte[] seckey) { if (data == null) { throw new ArgumentNullException(nameof(data)); } if (data.Length == 0) { throw new ArgumentOutOfRangeException(nameof(data)); } if (seckey == null) { throw new ArgumentNullException(nameof(seckey)); } if (seckey.Length != 32) { throw new ArgumentOutOfRangeException(nameof(seckey)); } byte recoveryId = 0; EcdsaRecoverableSignature sig = new EcdsaRecoverableSignature(); byte loop = 0; int index = 0; bool rec; byte[] extra = null; var r = RandomNumberGenerator.Create(); do { if (loop == 0xff) { index = index + 1; loop = 0; } if (loop > 0) { extra = new byte[32]; r.GetBytes(extra); } loop++; rec = Secp256K1EcdsaSignRecoverable(Ctx, sig, data, seckey, null, extra); } while (!(rec && IsCanonical(sig.Data))); var output65 = new byte[65]; Secp256K1EcdsaRecoverableSignatureSerializeCompact(Ctx, output65, 1, out recoveryId, sig); //4 - compressed | 27 - compact output65[0] = (byte)(recoveryId + 4 + 27); return(output65); }
public static byte[] SignCompressedCompact(byte[] data, byte[] seckey) { if (data == null) { throw new ArgumentNullException(nameof(data)); } if (data.Length == 0) { throw new ArgumentOutOfRangeException(nameof(data)); } if (seckey == null) { throw new ArgumentNullException(nameof(seckey)); } if (seckey.Length != 32) { throw new ArgumentOutOfRangeException(nameof(seckey)); } byte recid = 0; EcdsaRecoverableSignature recoverableSignature = new EcdsaRecoverableSignature(); byte num1 = 0; int num2 = 0; byte[] numArray = (byte[])null; RandomNumberGenerator randomNumberGenerator = RandomNumberGenerator.Create(); do { if (num1 == byte.MaxValue) { ++num2; num1 = (byte)0; } if (num1 > (byte)0) { numArray = new byte[32]; randomNumberGenerator.GetBytes(numArray); } ++num1; }while (!Secp256K1Manager.Secp256K1EcdsaSignRecoverable(Secp256K1Manager.Ctx, recoverableSignature, data, seckey, (NonceFunction)null, numArray) || !Secp256K1Manager.IsCanonical(recoverableSignature.Data)); byte[] outputxx = new byte[65]; Secp256K1Manager.Secp256K1EcdsaRecoverableSignatureSerializeCompact(Secp256K1Manager.Ctx, outputxx, 1, out recid, recoverableSignature); outputxx[0] = (byte)((int)recid + 4 + 27); return(outputxx); }
private static int SignCompact(Context ctx, byte[] msg32, byte[] seckey, byte[] output64, out byte recid) { EcdsaRecoverableSignature recoverableSignature = new EcdsaRecoverableSignature(); byte num = 0; int index = 0; byte[] noncedata = new byte[32]; do { noncedata[index] = num; ++num; if (noncedata[index] == byte.MaxValue) { ++index; } }while (!Secp256K1Manager.Secp256K1EcdsaSignRecoverable(ctx, recoverableSignature, msg32, seckey, (NonceFunction)null, noncedata)); Secp256K1Manager.Secp256K1EcdsaRecoverableSignatureSerializeCompact(ctx, output64, out recid, recoverableSignature); return((int)num); }
private static byte[] SignCompact(byte[] data, byte[] seckey, out byte recoveryId) { EcdsaRecoverableSignature recoverableSignature = new EcdsaRecoverableSignature(); byte num = 0; int index = 0; byte[] noncedata = new byte[32]; do { noncedata[index] = num++; if (num == byte.MaxValue) { ++index; num = (byte)0; } }while (!Secp256K1Manager.Secp256K1EcdsaSignRecoverable(Secp256K1Manager.Ctx, recoverableSignature, data, seckey, (NonceFunction)null, noncedata)); byte[] output64 = new byte[64]; Secp256K1Manager.Secp256K1EcdsaRecoverableSignatureSerializeCompact(Secp256K1Manager.Ctx, output64, out recoveryId, recoverableSignature); return(output64); }
/// <summary>Signs a data and returns the signature in compact form. Returns null on failure.</summary> /// <param name="data">The data to sign. This data is not hashed. For use with bitcoins, you probably want to double-SHA256 hash this before calling this method.</param> /// <param name="seckey">The private key to use to sign the data.</param> /// <param name="recoveryId">This will contain the recovery ID needed to retrieve the key from the compact signature using the RecoverKeyFromCompact method.</param> public static byte[] SignCompact(byte[] data, byte[] seckey, out int recoveryId) { if (data == null) { throw new ArgumentNullException(nameof(data)); } if (data.Length == 0) { throw new ArgumentOutOfRangeException(nameof(data)); } if (seckey == null) { throw new ArgumentNullException(nameof(seckey)); } if (seckey.Length != 32) { throw new ArgumentOutOfRangeException(nameof(seckey)); } recoveryId = 0; EcdsaRecoverableSignature sig = new EcdsaRecoverableSignature(); { if (!Secp256K1EcdsaSignRecoverable(Ctx, sig, data, seckey, null, null)) { return(null); } } var sigbytes = new byte[64]; byte recid; { if (!Secp256K1EcdsaRecoverableSignatureSerializeCompact(Ctx, sigbytes, out recid, sig)) { return(null); } } recoveryId = recid; return(sigbytes); }
private static int SignCompact(Context ctx, byte[] msg32, byte[] seckey, byte[] output64, out byte recid) { EcdsaRecoverableSignature sig = new EcdsaRecoverableSignature(); byte loop = 0; int index = 0; bool rec = false; var extra = new byte[32]; do { extra[index] = loop; loop++; if (extra[index] == 0xff) { index = index + 1; } rec = Secp256K1EcdsaSignRecoverable(ctx, sig, msg32, seckey, null, extra); } while (!rec); Secp256K1EcdsaRecoverableSignatureSerializeCompact(ctx, output64, out recid, sig); return(loop); }
private static bool Secp256K1EcdsaSignRecoverable(Context ctx, EcdsaRecoverableSignature signature, byte[] msg32, byte[] seckey, NonceFunction noncefp, byte[] noncedata) { if (ctx == null || msg32 == null || signature == null || seckey == null) { throw new NullReferenceException(); } if (!EcMultGen.ContextIsBuilt(ctx.EcMultGenCtx)) { throw new ArithmeticException(); } if (noncefp == null) { noncefp = Secp256K1T.NonceFunctionDefault; } Scalar r, s; Scalar sec, non, msg; byte recid = 1; bool ret = false; var overflow = false; sec = new Scalar(); Scalar.SetB32(sec, seckey, ref overflow); r = new Scalar(); s = new Scalar(); /* Fail if the secret key is invalid. */ if (!overflow && !Scalar.IsZero(sec)) { var nonce32 = new byte[32]; uint count = 0; msg = new Scalar(); Scalar.SetB32(msg, msg32); non = new Scalar(); while (true) { ret = noncefp(nonce32, msg32, seckey, null, noncedata, count); if (!ret) { break; } Scalar.SetB32(non, nonce32, ref overflow); if (!Scalar.IsZero(non) && !overflow) { if (Secp256K1EcdsaSigSign(ctx.EcMultGenCtx, r, s, sec, msg, non, out recid)) { break; } } count++; } Util.MemSet(nonce32, 0, 32); //memset(nonce32, 0, 32); Scalar.Clear(msg); Scalar.Clear(non); Scalar.Clear(sec); } if (ret) { Secp256K1EcdsaRecoverableSignatureSave(signature, r, s, recid); } else { Util.MemSet(signature.Data, 0, EcdsaRecoverableSignature.Size); //memset(signature, 0, sizeof(* signature)); } return(ret); }
private static void Secp256K1EcdsaRecoverableSignatureLoad(Scalar r, Scalar s, out byte recid, EcdsaRecoverableSignature sig) { Buffer.BlockCopy(sig.Data, 0, r.D, 0, 32); Buffer.BlockCopy(sig.Data, 32, s.D, 0, 32); recid = sig.Data[64]; }
private static bool Secp256K1EcdsaRecoverableSignatureSerializeCompact(Context ctx, byte[] outputxx, int skip, out byte recid, EcdsaRecoverableSignature sig) { Scalar r = new Scalar(); Scalar s = new Scalar(); recid = 0; if (outputxx == null) { ctx.IllegalCallback?.Invoke(null, new Callback("(outputxx != null)")); return(false); } //___________________________________________________________________________________________________________________________________ if (sig == null) { ctx.IllegalCallback?.Invoke(null, new Callback("(sig != null)")); return(false); } //___________________________________________________________________________________________________________________________________ Secp256K1EcdsaRecoverableSignatureLoad(r, s, out recid, sig); Scalar.GetB32(outputxx, skip + 0, r); Scalar.GetB32(outputxx, skip + 32, s); return(true); }
private static bool Secp256K1EcdsaRecoverableSignatureSerializeCompact(Context ctx, byte[] output64, out byte recid, EcdsaRecoverableSignature sig) { return(Secp256K1EcdsaRecoverableSignatureSerializeCompact(ctx, output64, 0, out recid, sig)); }
private static void Secp256K1EcdsaRecoverableSignatureSave(EcdsaRecoverableSignature sig, Scalar r, Scalar s, byte recid) { Buffer.BlockCopy(r.D, 0, sig.Data, 0, 32); Buffer.BlockCopy(s.D, 0, sig.Data, 32, 32); sig.Data[64] = recid; }
private static bool Secp256K1EcdsaSignRecoverable(Context ctx, EcdsaRecoverableSignature signature, byte[] msg32, byte[] seckey, NonceFunction noncefp, byte[] noncedata) { if (ctx == null || msg32 == null || (signature == null || seckey == null)) { throw new NullReferenceException(); } if (!EcMultGen.ContextIsBuilt(ctx.EcMultGenCtx)) { throw new ArithmeticException(); } if (noncefp == null) { noncefp = Secp256K1T.NonceFunctionDefault; } byte recid = 1; bool flag = false; bool overflow = false; Scalar scalar1 = new Scalar(); Scalar.SetB32(scalar1, seckey, ref overflow); Scalar scalar2 = new Scalar(); Scalar scalar3 = new Scalar(); if (!overflow && !Scalar.IsZero(scalar1)) { byte[] numArray = new byte[32]; uint attempt = 0; Scalar scalar4 = new Scalar(); Scalar.SetB32(scalar4, msg32); Scalar scalar5 = new Scalar(); while (true) { flag = noncefp(numArray, msg32, seckey, (byte[])null, noncedata, attempt); if (flag) { Scalar.SetB32(scalar5, numArray, ref overflow); if (Scalar.IsZero(scalar5) || overflow || !Secp256K1Manager.Secp256K1EcdsaSigSign(ctx.EcMultGenCtx, scalar2, scalar3, scalar1, scalar4, scalar5, out recid)) { ++attempt; } else { break; } } else { break; } } Util.MemSet(numArray, (byte)0, 32); Scalar.Clear(scalar4); Scalar.Clear(scalar5); Scalar.Clear(scalar1); } if (flag) { Secp256K1Manager.Secp256K1EcdsaRecoverableSignatureSave(signature, scalar2, scalar3, recid); } else { Util.MemSet(signature.Data, (byte)0, 65); } return(flag); }
private static bool Secp256K1EcdsaRecoverableSignatureSerializeCompact(Context ctx, byte[] outputxx, int skip, out byte recid, EcdsaRecoverableSignature sig) { Scalar scalar1 = new Scalar(); Scalar scalar2 = new Scalar(); recid = (byte)0; if (outputxx == null) { EventHandler <Callback> illegalCallback = ctx.IllegalCallback; if (illegalCallback != null) { illegalCallback((object)null, new Callback("(outputxx != null)")); } return(false); } if (sig == null) { EventHandler <Callback> illegalCallback = ctx.IllegalCallback; if (illegalCallback != null) { illegalCallback((object)null, new Callback("(sig != null)")); } return(false); } Secp256K1Manager.Secp256K1EcdsaRecoverableSignatureLoad(scalar1, scalar2, out recid, sig); Scalar.GetB32(outputxx, skip, scalar1); Scalar.GetB32(outputxx, skip + 32, scalar2); return(true); }