// This example demonstrates verifying a secp256k1 signature against a public
// key that is first parsed from raw bytes. The signature is also parsed from
// raw bytes.
func Example_verifySignature() {
// Decode hex-encoded serialized public key.
pubKeyBytes, err := hex.DecodeString("02a673638cb9587cb68ea08dbef685c" +
"6f2d2a751a8b3c6f2a7e9a4999e6e4bfaf5")
if err != nil {
fmt.Println(err)
return
}
pubKey, err := secp256k1.ParsePubKey(pubKeyBytes, secp256k1.S256())
if err != nil {
fmt.Println(err)
return
}
// Decode hex-encoded serialized signature.
sigBytes, err := hex.DecodeString("3045022100fcc0a8768cfbcefcf2cadd7cfb0" +
"fb18ed08dd2e2ae84bef1a474a3d351b26f0302200fc1a350b45f46fa0010139130" +
"2818d748c2b22615511a3ffd5bb638bd777207")
if err != nil {
fmt.Println(err)
return
}
signature, err := secp256k1.ParseSignature(sigBytes, secp256k1.S256())
if err != nil {
fmt.Println(err)
return
}
// Verify the signature for the message using the public key.
message := "test message"
messageHash := chainhash.HashFuncB([]byte(message))
verified := signature.Verify(messageHash, pubKey)
fmt.Println("Signature Verified?", verified)
// Output:
// Signature Verified? true
}
func TestSignatures(t *testing.T) {
for _, test := range signatureTests {
var err error
if test.der {
_, err = secp256k1.ParseDERSignature(test.sig, secp256k1.S256())
} else {
_, err = secp256k1.ParseSignature(test.sig, secp256k1.S256())
}
if err != nil {
if test.isValid {
t.Errorf("%s signature failed when shouldn't %v",
test.name, err)
} /* else {
t.Errorf("%s got error %v", test.name, err)
} */
continue
}
if !test.isValid {
t.Errorf("%s counted as valid when it should fail",
test.name)
}
}
}
// newSecp256k1DSA instatiates a function DSA subsystem over the secp256k1
// curve. A caveat for the functions below is that they're all routed through
// interfaces, and nil returns from the library itself for interfaces must
// ALWAYS be checked by checking the return value by attempted dereference
// (== nil).
func newSecp256k1DSA() DSA {
var secp DSA = &secp256k1DSA{
// Constants
getP: func() *big.Int {
return secp256k1Curve.P
},
getN: func() *big.Int {
return secp256k1Curve.N
},
// EC Math
add: func(x1, y1, x2, y2 *big.Int) (*big.Int, *big.Int) {
return secp256k1Curve.Add(x1, y1, x2, y2)
},
isOnCurve: func(x, y *big.Int) bool {
return secp256k1Curve.IsOnCurve(x, y)
},
scalarMult: func(x, y *big.Int, k []byte) (*big.Int, *big.Int) {
return secp256k1Curve.ScalarMult(x, y, k)
},
scalarBaseMult: func(k []byte) (*big.Int, *big.Int) {
return secp256k1Curve.ScalarBaseMult(k)
},
// Private keys
newPrivateKey: func(d *big.Int) PrivateKey {
if d == nil {
return nil
}
pk := secp256k1.NewPrivateKey(secp256k1Curve, d)
if pk != nil {
return PrivateKey(pk)
}
return nil
},
privKeyFromBytes: func(pk []byte) (PrivateKey, PublicKey) {
priv, pub := secp256k1.PrivKeyFromBytes(secp256k1Curve, pk)
if priv == nil {
return nil, nil
}
if pub == nil {
return nil, nil
}
tpriv := PrivateKey(priv)
tpub := PublicKey(pub)
return tpriv, tpub
},
privKeyFromScalar: func(pk []byte) (PrivateKey, PublicKey) {
priv, pub := secp256k1.PrivKeyFromScalar(secp256k1Curve, pk)
if priv == nil {
return nil, nil
}
if pub == nil {
return nil, nil
}
tpriv := PrivateKey(priv)
tpub := PublicKey(pub)
return tpriv, tpub
},
privKeyBytesLen: func() int {
return secp256k1.PrivKeyBytesLen
},
// Public keys
newPublicKey: func(x *big.Int, y *big.Int) PublicKey {
pk := secp256k1.NewPublicKey(secp256k1Curve, x, y)
tpk := PublicKey(pk)
return tpk
},
parsePubKey: func(pubKeyStr []byte) (PublicKey, error) {
pk, err := secp256k1.ParsePubKey(pubKeyStr, secp256k1Curve)
if err != nil {
return nil, err
}
tpk := PublicKey(pk)
return tpk, err
},
pubKeyBytesLen: func() int {
return secp256k1.PubKeyBytesLenCompressed
},
pubKeyBytesLenUncompressed: func() int {
return secp256k1.PubKeyBytesLenUncompressed
},
pubKeyBytesLenCompressed: func() int {
return secp256k1.PubKeyBytesLenCompressed
},
pubKeyBytesLenHybrid: func() int {
return secp256k1.PubKeyBytesLenHybrid
},
// Signatures
newSignature: func(r *big.Int, s *big.Int) Signature {
sig := secp256k1.NewSignature(r, s)
ts := Signature(sig)
return ts
},
parseDERSignature: func(sigStr []byte) (Signature, error) {
sig, err := secp256k1.ParseDERSignature(sigStr, secp256k1Curve)
if err != nil {
return nil, err
}
ts := Signature(sig)
return ts, err
},
parseSignature: func(sigStr []byte) (Signature, error) {
sig, err := secp256k1.ParseSignature(sigStr, secp256k1Curve)
if err != nil {
return nil, err
}
ts := Signature(sig)
return ts, err
},
recoverCompact: func(signature, hash []byte) (PublicKey, bool, error) {
pk, bl, err := secp256k1.RecoverCompact(secp256k1Curve, signature,
hash)
tpk := PublicKey(pk)
return tpk, bl, err
},
// ECDSA
generateKey: func(rand io.Reader) ([]byte, *big.Int, *big.Int, error) {
return secp256k1.GenerateKey(secp256k1Curve, rand)
},
sign: func(priv PrivateKey, hash []byte) (r, s *big.Int, err error) {
if priv.GetType() != ECTypeSecp256k1 {
return nil, nil, errors.New("wrong type")
}
spriv, ok := priv.(*secp256k1.PrivateKey)
if !ok {
return nil, nil, errors.New("wrong type")
}
sig, err := spriv.Sign(hash)
if sig != nil {
r = sig.GetR()
s = sig.GetS()
}
return
},
verify: func(pub PublicKey, hash []byte, r, s *big.Int) bool {
spub := secp256k1.NewPublicKey(secp256k1Curve, pub.GetX(), pub.GetY())
ssig := secp256k1.NewSignature(r, s)
return ssig.Verify(hash, spub)
},
// Symmetric cipher encryption
generateSharedSecret: func(privkey []byte, x, y *big.Int) []byte {
sprivkey, _ := secp256k1.PrivKeyFromBytes(secp256k1Curve, privkey)
if sprivkey == nil {
return nil
}
spubkey := secp256k1.NewPublicKey(secp256k1Curve, x, y)
return secp256k1.GenerateSharedSecret(sprivkey, spubkey)
},
encrypt: func(x, y *big.Int, in []byte) ([]byte, error) {
spubkey := secp256k1.NewPublicKey(secp256k1Curve, x, y)
return secp256k1.Encrypt(spubkey, in)
},
decrypt: func(privkey []byte, in []byte) ([]byte, error) {
sprivkey, _ := secp256k1.PrivKeyFromBytes(secp256k1Curve, privkey)
if sprivkey == nil {
return nil, fmt.Errorf("failure deserializing privkey")
}
return secp256k1.Decrypt(sprivkey, in)
},
}
return secp.(DSA)
}