From d312d472988a87761a6c852d51c411fff1b760ea Mon Sep 17 00:00:00 2001 From: Jimmy Song Date: Sat, 27 Sep 2014 13:33:45 -0500 Subject: [PATCH] RecoverCompact and SignCompact now use the btcec.PrivateKey and btcec.PublicKey types. btcwallet/rpcserver.go needs a corresponding change or else that will break. This closes #6 --- signature.go | 12 +++++------- signature_test.go | 3 ++- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/signature.go b/signature.go index 2c0e17af..9bd9fa6a 100644 --- a/signature.go +++ b/signature.go @@ -7,7 +7,6 @@ package btcec import ( "crypto/ecdsa" "crypto/elliptic" - "crypto/rand" "errors" "fmt" "math/big" @@ -263,7 +262,7 @@ func hashToInt(hash []byte, c elliptic.Curve) *big.Int { // case in step 1.6. This counter is used in the bitcoin compressed signature // format and thus we match bitcoind's behaviour here. func recoverKeyFromSignature(curve *KoblitzCurve, sig *Signature, msg []byte, - iter int, doChecks bool) (*ecdsa.PublicKey, error) { + iter int, doChecks bool) (*PublicKey, error) { // 1.1 x = (n * i) + r Rx := new(big.Int).Mul(curve.Params().N, new(big.Int).SetInt64(int64(iter/2))) @@ -314,7 +313,7 @@ func recoverKeyFromSignature(curve *KoblitzCurve, sig *Signature, msg []byte, // step to prevent the jacobian conversion back and forth. Qx, Qy := curve.Add(sRx, sRy, minuseGx, minuseGy) - return &ecdsa.PublicKey{ + return &PublicKey{ Curve: curve, X: Qx, Y: Qy, @@ -328,14 +327,13 @@ func recoverKeyFromSignature(curve *KoblitzCurve, sig *Signature, msg []byte, // returned in the format: // <(byte of 27+public key solution)+4 if compressed >< padded bytes for signature R> // where the R and S parameters are padde up to the bitlengh of the curve. -func SignCompact(curve *KoblitzCurve, key *ecdsa.PrivateKey, +func SignCompact(curve *KoblitzCurve, key *PrivateKey, hash []byte, isCompressedKey bool) ([]byte, error) { - r, s, err := ecdsa.Sign(rand.Reader, key, hash) + sig, err := key.Sign(hash) if err != nil { return nil, err } - sig := &Signature{R: r, S: s} // bitcoind checks the bit length of R and S here. The ecdsa signature // algorithm returns R and S mod N therefore they will be the bitsize of // the curve, and thus correctly sized. @@ -377,7 +375,7 @@ func SignCompact(curve *KoblitzCurve, key *ecdsa.PrivateKey, // key will be returned as well as a boolen if the original key was compressed // or not, else an error will be returned. func RecoverCompact(curve *KoblitzCurve, signature, - hash []byte) (*ecdsa.PublicKey, bool, error) { + hash []byte) (*PublicKey, bool, error) { bitlen := (curve.BitSize + 7) / 8 if len(signature) != 1+bitlen*2 { return nil, false, errors.New("invalid compact signature size") diff --git a/signature_test.go b/signature_test.go index 8ea3b11a..087f329e 100644 --- a/signature_test.go +++ b/signature_test.go @@ -427,7 +427,8 @@ func TestSignatureSerialize(t *testing.T) { func testSignCompact(t *testing.T, tag string, curve *btcec.KoblitzCurve, data []byte, isCompressed bool) { - priv, _ := ecdsa.GenerateKey(curve, rand.Reader) + tmp, _ := ecdsa.GenerateKey(curve, rand.Reader) + priv := (*btcec.PrivateKey)(tmp) hashed := []byte("testing") sig, err := btcec.SignCompact(curve, priv, hashed, isCompressed)