/// Converts a DER-encoded byte slice to a signature public static Signiture from_der(Secp256K1 secp, byte[] data) { var ret = new byte[64]; if (Proxy.secp256k1_ecdsa_signature_parse_der(secp.Ctx, ret, data, data.Length) == 1) { return(new Signiture(ret)); } throw new Exception("InvalidSignature"); }
public byte[] serialize_compact(Secp256K1 secp) { var ret = new byte[64]; var err = Proxy.secp256k1_ecdsa_signature_serialize_compact(secp.Ctx, ret, Value); if (err == 1) { return(ret); } throw new Exception("Should never happen!"); }
public Signiture To_standard(Secp256K1 secp) { var ret = new byte[65]; var err = Proxy.secp256k1_ecdsa_recoverable_signature_convert(secp.Ctx, ret, Value); if (err == 1) { return(Signiture.From(ret)); } throw new Exception("This should never happen!"); }
public (RecoveryId, byte[]) Serialize_compact(Secp256K1 secp) { var ret = new byte[64]; var recid = 0; var err = Proxy.secp256k1_ecdsa_recoverable_signature_serialize_compact(secp.Ctx, ret, ref recid, Value); if (err == 1) { return(RecoveryId.from_i32(recid), ret); } throw new Exception("This should never happen!"); }
public byte[] serialize_der(Secp256K1 secp) { var ret = new byte[72]; long retLen = ret.Length; var err = Proxy.secp256k1_ecdsa_signature_serialize_der(secp.Ctx, ret, ref retLen, Value); if (err == 1) { Array.Resize(ref ret, (int)retLen); return(ret); } throw new Exception("Should never happen!"); }
public static RecoverableSigniture From_compact(Secp256K1 secp, byte[] data, RecoveryId recid) { if (data.Length != 64) { throw new Exception("InvalidSignature"); } var ret = new byte[65]; if (Proxy.secp256k1_ecdsa_recoverable_signature_parse_compact(secp.Ctx, ret, data, recid.Value) == 1) { return(new RecoverableSigniture(ret)); } throw new Exception("InvalidSignature"); }
/// Converts a 64-byte compact-encoded byte slice to a signature public static Signiture from_compact(Secp256K1 secp, byte[] data) { var ret = new byte[64]; if (data.Length != 64) { throw new Exception("InvalidSignature"); } if (Proxy.secp256k1_ecdsa_signature_parse_compact(secp.Ctx, ret, data) == 1) { return(new Signiture(ret)); } else { throw new Exception("InvalidSignature"); } }
/// Normalizes a signature to a "low S" form. In ECDSA, signatures are /// of the form (r, s) where r and s are numbers lying in some finite /// field. The verification equation will pass for (r, s) iff it passes /// for (r, -s), so it is possible to ``modify'' signatures in transit /// by flipping the sign of s. This does not constitute a forgery since /// the signed message still cannot be changed, but for some applications, /// changing even the signature itself can be a problem. Such applications /// require a "strong signature". It is believed that ECDSA is a strong /// signature except for this ambiguity in the sign of s, so to accomodate /// these applications libsecp256k1 will only accept signatures for which /// s is in the lower half of the field range. This eliminates the /// ambiguity. /// /// However, for some systems, signatures with high s-values are considered /// valid. (For example, parsing the historic Bitcoin blockchain requires /// this.) For these applications we provide this normalization function, /// which ensures that the s value lies in the lower half of its range. public void normalize_s(Secp256K1 secp) { // Ignore return value, which indicates whether the sig // was already normalized. We don't care. Proxy.secp256k1_ecdsa_signature_normalize(secp.Ctx, Value, Value); }