diff options
| author | Pieter Wuille <pieter.wuille@gmail.com> | 2014-11-06 06:54:50 -0800 |
|---|---|---|
| committer | Pieter Wuille <pieter.wuille@gmail.com> | 2014-11-20 17:22:06 +0100 |
| commit | a53fd4148596f5814409e15647714bdd2a71468b (patch) | |
| tree | 56ceafe58e482181a7858ed59018a164e76d7cff /src/key.cpp | |
| parent | 3060e360980f3e80db1d903085d759338ab27f4a (diff) | |
Deterministic signing
Diffstat (limited to 'src/key.cpp')
| -rw-r--r-- | src/key.cpp | 29 |
1 files changed, 18 insertions, 11 deletions
diff --git a/src/key.cpp b/src/key.cpp index 9b3cf8f019..0fb7a5c7c5 100644 --- a/src/key.cpp +++ b/src/key.cpp @@ -5,6 +5,7 @@ #include "key.h" #include "crypto/hmac_sha512.h" +#include "crypto/rfc6979_hmac_sha256.h" #include "eccryptoverify.h" #include "pubkey.h" #include "random.h" @@ -71,19 +72,22 @@ CPubKey CKey::GetPubKey() const { return result; } -bool CKey::Sign(const uint256 &hash, std::vector<unsigned char>& vchSig) const { +bool CKey::Sign(const uint256 &hash, std::vector<unsigned char>& vchSig, uint32_t test_case) const { if (!fValid) return false; vchSig.resize(72); - int nSigLen = 72; - CKey nonce; + RFC6979_HMAC_SHA256 prng(begin(), 32, (unsigned char*)&hash, 32); do { - nonce.MakeNewKey(true); - if (secp256k1_ecdsa_sign((const unsigned char*)&hash, 32, (unsigned char*)&vchSig[0], &nSigLen, begin(), nonce.begin())) - break; + uint256 nonce; + prng.Generate((unsigned char*)&nonce, 32); + nonce += test_case; + int nSigLen = 72; + int ret = secp256k1_ecdsa_sign((const unsigned char*)&hash, 32, (unsigned char*)&vchSig[0], &nSigLen, begin(), (unsigned char*)&nonce); + vchSig.resize(nSigLen); + nonce = 0; + if (ret) + return true; } while(true); - vchSig.resize(nSigLen); - return true; } bool CKey::SignCompact(const uint256 &hash, std::vector<unsigned char>& vchSig) const { @@ -91,10 +95,13 @@ bool CKey::SignCompact(const uint256 &hash, std::vector<unsigned char>& vchSig) return false; vchSig.resize(65); int rec = -1; - CKey nonce; + RFC6979_HMAC_SHA256 prng(begin(), 32, (unsigned char*)&hash, 32); do { - nonce.MakeNewKey(true); - if (secp256k1_ecdsa_sign_compact((const unsigned char*)&hash, 32, &vchSig[1], begin(), nonce.begin(), &rec)) + uint256 nonce; + prng.Generate((unsigned char*)&nonce, 32); + int ret = secp256k1_ecdsa_sign_compact((const unsigned char*)&hash, 32, &vchSig[1], begin(), (unsigned char*)&nonce, &rec); + nonce = 0; + if (ret) break; } while(true); assert(rec != -1); |