Commit graph

13 commits

Author SHA1 Message Date
Yurii Rashkovskii
b19d0a0232 Enforce low S values, by negating the value (modulo the order) if above order/2.
Reference implementation: b7bba43a14/src/key.cpp (L235-L238)

ht @oleganza
2014-07-31 22:04:14 +02:00
Dave Collins
77c02f36ee Cleanup new code introduced by Pull Request #4.
- Keep comments to 80 cols for consistency with the rest of the code base
- Made verify a method off of Signature instead of PublicKey since one
  verifies a signature with a public key as opposed to the other way
  around
- Return new signature from Sign function directly rather than creating a
  local temporary variable
- Modify a couple of comments as recommended by @owainga
- Update sample usage in doc.go for both signing messages and verifying
  signatures

ok @owainga
2014-05-20 10:36:15 -05:00
Owain G. Ainsworth
ff3fac426d Add code to produce and verify compact signatures.
The format used is identical to that used in bitcoind.
2014-02-13 18:47:10 +00:00
Dave Collins
58cab817f0 Add 2014 to copyright dates. 2014-01-08 23:51:37 -06:00
Dave Collins
2067215193 Expose a new Serialize function on Signature type.
This commit exposes a new function named Serialize on the Signature type
which can be used to obtain a DER encoded signature.  Previously this
function was named sigDer and was part of btcscript, but as @donovanhide
pointed out in issue btcscript/#3, it really should have been part of this
package.

ok @owainga
2013-12-23 11:31:08 -06:00
Josh Rickmar
98ac46b37d Add ParseDERSignature.
This change adds an additional signature parsing function which
performs additional checks to verify the signature is serialized in a
valid DER (and thus, unique) format, instead of allowing the less
strict BER signatures that ParseSignature will happily accept.

Added additional tests and updated test coverage to reflect changes.
2013-10-25 15:09:48 -04:00
Josh Rickmar
e748650cc8 Use uncapitalized error strings 2013-09-30 18:20:46 -04:00
Owain G. Ainsworth
abfd6b44af More documentation commentary. 2013-08-06 18:22:16 +01:00
Owain G. Ainsworth
ba51aa8934 partially revert afc2e8100a
Turns out that there are some signatures in the bitcoin blockchain that have
trailing 0s, for example
12a1b29fd6c295075b6a66f5fd90f0126ceb1fda4f15e4b44d92518bd52a5cdf has a signature
length of 0x45 where there are 0x47 bytes following that length check (one is
hashtype and is supposed to be trimmed out prior to calling the function). We
relax the paranoid length check to permit traling data, but not to permit
buffers that are too short. Change the test to passing with a big comment
stating why this is now considered a valid case.
2013-06-24 18:15:25 +01:00
Owain G. Ainsworth
86d150bbb3 Remove accidentally commited printf. 2013-06-17 23:56:25 +01:00
Owain G. Ainsworth
afc2e8100a Make length check a little more paranoid
Remove trailing crap  from the tests (the hashtype) now that this is
correctly caught.
2013-06-17 17:38:16 +01:00
Owain G. Ainsworth
5c8c454a18 fix up some indexing in ParseSignature.
a test i was working on was crashing this otherwise. Make length checks more
paranoid.
2013-06-17 16:18:27 +01:00
Dave Collins
6e9cc57131 Initial implementation. 2013-06-13 14:38:54 -05:00