summaryrefslogtreecommitdiff
path: root/bip-schnorr
diff options
context:
space:
mode:
authorJonas Nick <jonasd.nick@gmail.com>2019-09-27 09:56:21 +0000
committerPieter Wuille <pieter.wuille@gmail.com>2020-01-19 14:47:33 -0800
commite1d7da3796c3c35508f85bc226b97c1ef7269eb9 (patch)
treed7261ec5612ce6c09f62c2e325373ff2bd8c4959 /bip-schnorr
parentfe8f5f68caa9c8da00fcd2cff4a02303766097c1 (diff)
Add is_quad function to bip-schnorr reference code
Diffstat (limited to 'bip-schnorr')
-rw-r--r--bip-schnorr/reference.py9
1 files changed, 6 insertions, 3 deletions
diff --git a/bip-schnorr/reference.py b/bip-schnorr/reference.py
index bd12212..016ce97 100644
--- a/bip-schnorr/reference.py
+++ b/bip-schnorr/reference.py
@@ -62,6 +62,9 @@ def hash_sha256(b):
def jacobi(x):
return pow(x, (p - 1) // 2, p)
+def is_quad(x):
+ return jacobi(x) == 1
+
def pubkey_gen(seckey):
P = point_mul(G, seckey)
return bytes_from_point(P)
@@ -72,12 +75,12 @@ def schnorr_sign(msg, seckey0):
if not (1 <= seckey0 <= n - 1):
raise ValueError('The secret key must be an integer in the range 1..n-1.')
P = point_mul(G, seckey0)
- seckey = seckey0 if (jacobi(y(P)) == 1) else n - seckey0
+ seckey = seckey0 if is_quad(y(P)) else n - seckey0
k0 = int_from_bytes(tagged_hash("BIPSchnorrDerive", bytes_from_int(seckey) + msg)) % n
if k0 == 0:
raise RuntimeError('Failure. This happens only with negligible probability.')
R = point_mul(G, k0)
- k = n - k0 if (jacobi(y(R)) != 1) else k0
+ k = n - k0 if not is_quad(y(R)) else k0
e = int_from_bytes(tagged_hash("BIPSchnorr", bytes_from_point(R) + bytes_from_point(P) + msg)) % n
return bytes_from_point(R) + bytes_from_int((k + e * seckey) % n)
@@ -97,7 +100,7 @@ def schnorr_verify(msg, pubkey, sig):
return False
e = int_from_bytes(tagged_hash("BIPSchnorr", sig[0:32] + pubkey + msg)) % n
R = point_add(point_mul(G, s), point_mul(P, n - e))
- if R is None or jacobi(y(R)) != 1 or x(R) != r:
+ if R is None or not is_quad(y(R)) or x(R) != r:
return False
return True