Improve examples/documentation: remove key generation loops
Co-Authored by: Sebastian Falbesoner <sebastian.falbesoner@gmail.com>
This commit is contained in:
cheapshot003
@@ -42,18 +42,16 @@ int main(void) {
|
|||||||
assert(return_val);
|
assert(return_val);
|
||||||
|
|
||||||
/*** Key Generation ***/
|
/*** Key Generation ***/
|
||||||
|
if (!fill_random(seckey1, sizeof(seckey1)) || !fill_random(seckey2, sizeof(seckey2))) {
|
||||||
/* If the secret key is zero or out of range (bigger than secp256k1's
|
printf("Failed to generate randomness\n");
|
||||||
* order), we try to sample a new key. Note that the probability of this
|
return 1;
|
||||||
* happening is negligible. */
|
}
|
||||||
while (1) {
|
/* If the secret key is zero or out of range (greater than secp256k1's
|
||||||
if (!fill_random(seckey1, sizeof(seckey1)) || !fill_random(seckey2, sizeof(seckey2))) {
|
* order), we fail. Note that the probability of this occurring
|
||||||
printf("Failed to generate randomness\n");
|
* is negligible with a properly functioning random number generator. */
|
||||||
return 1;
|
if (!secp256k1_ec_seckey_verify(ctx, seckey1) || !secp256k1_ec_seckey_verify(ctx, seckey2)) {
|
||||||
}
|
printf("Generated secret key is invalid. This indicates an issue with the random number generator.\n");
|
||||||
if (secp256k1_ec_seckey_verify(ctx, seckey1) && secp256k1_ec_seckey_verify(ctx, seckey2)) {
|
return 1;
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Public key creation using a valid context with a verified secret key should never fail */
|
/* Public key creation using a valid context with a verified secret key should never fail */
|
||||||
|
|||||||
@@ -49,18 +49,16 @@ int main(void) {
|
|||||||
assert(return_val);
|
assert(return_val);
|
||||||
|
|
||||||
/*** Key Generation ***/
|
/*** Key Generation ***/
|
||||||
|
/* If the secret key is zero or out of range (greater than secp256k1's
|
||||||
/* If the secret key is zero or out of range (bigger than secp256k1's
|
* order), we return 1. Note that the probability of this occurring
|
||||||
* order), we try to sample a new key. Note that the probability of this
|
* is negligible with a properly functioning random number generator. */
|
||||||
* happening is negligible. */
|
if (!fill_random(seckey, sizeof(seckey))) {
|
||||||
while (1) {
|
printf("Failed to generate randomness\n");
|
||||||
if (!fill_random(seckey, sizeof(seckey))) {
|
return 1;
|
||||||
printf("Failed to generate randomness\n");
|
}
|
||||||
return 1;
|
if (!secp256k1_ec_seckey_verify(ctx, seckey)) {
|
||||||
}
|
printf("Generated secret key is invalid. This indicates an issue with the random number generator.\n");
|
||||||
if (secp256k1_ec_seckey_verify(ctx, seckey)) {
|
return 1;
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Public key creation using a valid context with a verified secret key should never fail */
|
/* Public key creation using a valid context with a verified secret key should never fail */
|
||||||
|
|||||||
@@ -48,17 +48,16 @@ int main(void) {
|
|||||||
|
|
||||||
/*** Generate secret keys ***/
|
/*** Generate secret keys ***/
|
||||||
|
|
||||||
/* If the secret key is zero or out of range (bigger than secp256k1's
|
/* If the secret key is zero or out of range (greater than secp256k1's
|
||||||
* order), we try to sample a new key. Note that the probability of this
|
* order), we return 1. Note that the probability of this occurring
|
||||||
* happening is negligible. */
|
* is negligible with a properly functioning random number generator. */
|
||||||
while (1) {
|
if (!fill_random(seckey1, sizeof(seckey1)) || !fill_random(seckey2, sizeof(seckey2))) {
|
||||||
if (!fill_random(seckey1, sizeof(seckey1)) || !fill_random(seckey2, sizeof(seckey2))) {
|
printf("Failed to generate randomness\n");
|
||||||
printf("Failed to generate randomness\n");
|
return 1;
|
||||||
return 1;
|
}
|
||||||
}
|
if (!secp256k1_ec_seckey_verify(ctx, seckey1) || !secp256k1_ec_seckey_verify(ctx, seckey2)) {
|
||||||
if (secp256k1_ec_seckey_verify(ctx, seckey1) && secp256k1_ec_seckey_verify(ctx, seckey2)) {
|
printf("Generated secret key is invalid. This indicates an issue with the random number generator.\n");
|
||||||
break;
|
return 1;
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Generate ElligatorSwift public keys. This should never fail with valid context and
|
/* Generate ElligatorSwift public keys. This should never fail with valid context and
|
||||||
|
|||||||
@@ -43,20 +43,18 @@ int main(void) {
|
|||||||
assert(return_val);
|
assert(return_val);
|
||||||
|
|
||||||
/*** Key Generation ***/
|
/*** Key Generation ***/
|
||||||
|
/* If the secret key is zero or out of range (greater than secp256k1's
|
||||||
/* If the secret key is zero or out of range (bigger than secp256k1's
|
* order), we return 1. Note that the probability of this occurring
|
||||||
* order), we try to sample a new key. Note that the probability of this
|
* is negligible with a properly functioning random number generator. */
|
||||||
* happening is negligible. */
|
if (!fill_random(seckey, sizeof(seckey))) {
|
||||||
while (1) {
|
printf("Failed to generate randomness\n");
|
||||||
if (!fill_random(seckey, sizeof(seckey))) {
|
return 1;
|
||||||
printf("Failed to generate randomness\n");
|
}
|
||||||
return 1;
|
/* Try to create a keypair with a valid context, it should only fail if
|
||||||
}
|
* the secret key is zero or out of range. */
|
||||||
/* Try to create a keypair with a valid context, it should only fail if
|
if (!secp256k1_keypair_create(ctx, &keypair, seckey)) {
|
||||||
* the secret key is zero or out of range. */
|
printf("Generated secret key is invalid. This indicates an issue with the random number generator.\n");
|
||||||
if (secp256k1_keypair_create(ctx, &keypair, seckey)) {
|
return 1;
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Extract the X-only public key from the keypair. We pass NULL for
|
/* Extract the X-only public key from the keypair. We pass NULL for
|
||||||
|
|||||||
@@ -679,12 +679,14 @@ SECP256K1_API int secp256k1_ecdsa_sign(
|
|||||||
const void *ndata
|
const void *ndata
|
||||||
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
|
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4);
|
||||||
|
|
||||||
/** Verify an ECDSA secret key.
|
/** Verify an elliptic curve secret key.
|
||||||
*
|
*
|
||||||
* A secret key is valid if it is not 0 and less than the secp256k1 curve order
|
* A secret key is valid if it is not 0 and less than the secp256k1 curve order
|
||||||
* when interpreted as an integer (most significant byte first). The
|
* when interpreted as an integer (most significant byte first). The
|
||||||
* probability of choosing a 32-byte string uniformly at random which is an
|
* probability of choosing a 32-byte string uniformly at random which is an
|
||||||
* invalid secret key is negligible.
|
* invalid secret key is negligible. However, if it does happen it should
|
||||||
|
* be assumed that the randomness source is severely broken and there should
|
||||||
|
* be no retry.
|
||||||
*
|
*
|
||||||
* Returns: 1: secret key is valid
|
* Returns: 1: secret key is valid
|
||||||
* 0: secret key is invalid
|
* 0: secret key is invalid
|
||||||
|
|||||||
Reference in New Issue
Block a user