csecp256k1

Haskell FFI bindings to bitcoin-core/secp256k1 (docs.ppad.tech/csecp256k1).
git clone git://git.ppad.tech/csecp256k1.git
Log | Files | Refs | README | LICENSE

main_impl.h (2762B)

      1 /***********************************************************************
      2  * Copyright (c) 2015 Andrew Poelstra                                  *
      3  * Distributed under the MIT software license, see the accompanying    *
      4  * file COPYING or https://www.opensource.org/licenses/mit-license.php.*
      5  ***********************************************************************/
      6 
      7 #ifndef SECP256K1_MODULE_ECDH_MAIN_H
      8 #define SECP256K1_MODULE_ECDH_MAIN_H
      9 
     10 #include "../../../include/secp256k1_ecdh.h"
     11 #include "../../ecmult_const_impl.h"
     12 
     13 static int ecdh_hash_function_sha256(unsigned char *output, const unsigned char *x32, const unsigned char *y32, void *data) {
     14     unsigned char version = (y32[31] & 0x01) | 0x02;
     15     haskellsecp256k1_v0_1_0_sha256 sha;
     16     (void)data;
     17 
     18     haskellsecp256k1_v0_1_0_sha256_initialize(&sha);
     19     haskellsecp256k1_v0_1_0_sha256_write(&sha, &version, 1);
     20     haskellsecp256k1_v0_1_0_sha256_write(&sha, x32, 32);
     21     haskellsecp256k1_v0_1_0_sha256_finalize(&sha, output);
     22 
     23     return 1;
     24 }
     25 
     26 const haskellsecp256k1_v0_1_0_ecdh_hash_function haskellsecp256k1_v0_1_0_ecdh_hash_function_sha256 = ecdh_hash_function_sha256;
     27 const haskellsecp256k1_v0_1_0_ecdh_hash_function haskellsecp256k1_v0_1_0_ecdh_hash_function_default = ecdh_hash_function_sha256;
     28 
     29 int haskellsecp256k1_v0_1_0_ecdh(const haskellsecp256k1_v0_1_0_context* ctx, unsigned char *output, const haskellsecp256k1_v0_1_0_pubkey *point, const unsigned char *scalar, haskellsecp256k1_v0_1_0_ecdh_hash_function hashfp, void *data) {
     30     int ret = 0;
     31     int overflow = 0;
     32     haskellsecp256k1_v0_1_0_gej res;
     33     haskellsecp256k1_v0_1_0_ge pt;
     34     haskellsecp256k1_v0_1_0_scalar s;
     35     unsigned char x[32];
     36     unsigned char y[32];
     37 
     38     VERIFY_CHECK(ctx != NULL);
     39     ARG_CHECK(output != NULL);
     40     ARG_CHECK(point != NULL);
     41     ARG_CHECK(scalar != NULL);
     42 
     43     if (hashfp == NULL) {
     44         hashfp = haskellsecp256k1_v0_1_0_ecdh_hash_function_default;
     45     }
     46 
     47     haskellsecp256k1_v0_1_0_pubkey_load(ctx, &pt, point);
     48     haskellsecp256k1_v0_1_0_scalar_set_b32(&s, scalar, &overflow);
     49 
     50     overflow |= haskellsecp256k1_v0_1_0_scalar_is_zero(&s);
     51     haskellsecp256k1_v0_1_0_scalar_cmov(&s, &haskellsecp256k1_v0_1_0_scalar_one, overflow);
     52 
     53     haskellsecp256k1_v0_1_0_ecmult_const(&res, &pt, &s);
     54     haskellsecp256k1_v0_1_0_ge_set_gej(&pt, &res);
     55 
     56     /* Compute a hash of the point */
     57     haskellsecp256k1_v0_1_0_fe_normalize(&pt.x);
     58     haskellsecp256k1_v0_1_0_fe_normalize(&pt.y);
     59     haskellsecp256k1_v0_1_0_fe_get_b32(x, &pt.x);
     60     haskellsecp256k1_v0_1_0_fe_get_b32(y, &pt.y);
     61 
     62     ret = hashfp(output, x, y, data);
     63 
     64     memset(x, 0, 32);
     65     memset(y, 0, 32);
     66     haskellsecp256k1_v0_1_0_scalar_clear(&s);
     67 
     68     return !!ret & !overflow;
     69 }
     70 
     71 #endif /* SECP256K1_MODULE_ECDH_MAIN_H */