Example #1
0
// Verify determines whether or not the signature is on the given hash and
// belongs to the public key.
func Verify(sig *Signature, pk *eckey.PublicKey, hash []byte) error {
	// Deserialize public key
	pkx, pky := pk.Coords()

	// Compute sG + ePK = (k-er)G + erG = kG
	sGx, sGy := eckey.S256.ScalarBaseMult(sig[SignatureSize/2:])
	ePKx, ePKy := eckey.S256.ScalarMult(pkx, pky, sig[:SignatureSize/2])
	kGx, kGy := eckey.S256.Add(sGx, sGy, ePKx, ePKy)

	// Serialize point
	kG, err := eckey.NewPublicKeyCoords(kGx, kGy)
	if err != nil {
		return err
	}

	// Compute non-interactive challenge
	e := util.Hash256d(append([]byte(hash), kG[:]...))

	// Compare digest with first half of signature
	for i, b := range e {
		if sig[i] != b {
			return ErrECSchnorrVerify
		}
	}

	return nil
}
Example #2
0
func keyPairFromTestCase(test ecTestCase) (*eckey.SecretKey, *eckey.PublicKey) {
	d, _ := new(big.Int).SetString(test.D, 10)
	x, _ := new(big.Int).SetString(test.X, 16)
	y, _ := new(big.Int).SetString(test.Y, 16)

	// Serialize secret key
	sk, _ := eckey.NewSecretKeyInt(d)

	// Serialize public key
	pk, _ := eckey.NewPublicKeyCoords(x, y)

	return sk, pk
}