Crate bitcoinsecp256k1_schnorr

Structs

SchnorrSigExtraParams

| Data structure that contains additional | arguments for schnorrsig_sign_custom. | | A schnorrsig_extraparams structure object can | be initialized correctly by setting it to | SCHNORRSIG_EXTRAPARAMS_INIT. | | Members: | | magic: set to SCHNORRSIG_EXTRAPARAMS_MAGIC | at initialization and has no other | function than making sure the | object is initialized. | | noncefp: pointer to a nonce generation | function. If NULL, | nonce_function_bip340 is used | | ndata: pointer to arbitrary data used by | the nonce generation function (can | be NULL). If it is non-NULL and | nonce_function_bip340 is used, then | ndata must be a pointer to 32-byte | auxiliary randomness as per | BIP-340.

Constants

BIP340_ALGO

| algo argument for nonce_function_bip340 | to derive the nonce exactly as stated | in BIP-340 by using the correct tagged | hash function. | | NOTE: in c++ this was 13 bytes long

NONCE_FUNCTION_BIP340

SCHNORRSIG_EXTRAPARAMS_MAGIC

Functions

hardened_nonce_function_smallint

nonce_function_0

| Nonce function that sets nonce to 0 |

nonce_function_bip340

nonce_function_bip340_bitflip

| Checks that a bit flip in the n_flip-th | argument (that has n_bytes many bytes) | changes the hash function |

nonce_function_bip340_sha256_tagged

| Initializes SHA256 with fixed midstate. | This midstate was computed by applying | | SHA256 to SHA256(“BIP0340/nonce”)||SHA256(“BIP0340/nonce”). |

nonce_function_bip340_sha256_tagged_aux

| Initializes SHA256 with fixed midstate. | This midstate was computed by applying | | SHA256 to SHA256(“BIP0340/aux”)||SHA256(“BIP0340/aux”). |

nonce_function_failing

| Nonce function that returns constant | 0 |

nonce_function_overflowing

| Nonce function that sets nonce to 0xFF…0xFF |

run_nonce_function_bip340_tests

run_schnorrsig_tests

schnorrsig_challenge

schnorrsig_sha256_tagged

| Initializes SHA256 with fixed midstate. | This midstate was computed by applying | | SHA256 to SHA256(“BIP0340/challenge”)||SHA256(“BIP0340/challenge”). |

schnorrsig_sign

schnorrsig_sign_custom

schnorrsig_sign_internal

schnorrsig_verify

test_exhaustive_schnorrsig

test_exhaustive_schnorrsig_sign

test_exhaustive_schnorrsig_verify

test_schnorrsig_api

test_schnorrsig_bip_vectors

| Test vectors according to BIP-340 (“Schnorr | Signatures for secp256k1”). See https://github.com/bitcoin/bips/blob/master/bip-0340/test-vectors.csv. |

test_schnorrsig_bip_vectors_check_signing

| Helper function for schnorrsig_bip_vectors | | Signs the message and checks that it’s | the same as expected_sig. |

test_schnorrsig_bip_vectors_check_verify

| Helper function for schnorrsig_bip_vectors | | Checks that both verify and verify_batch | (TODO) return the same value as expected. |

test_schnorrsig_sha256_tagged

| Checks that hash initialized by schnorrsig_sha256_tagged | has the expected state. |

test_schnorrsig_sign

test_schnorrsig_sign_verify

| Creates N_SIGS valid signatures and | verifies them with verify and verify_batch | (TODO). Then flips some bits and checks | that verification now fails. |

test_schnorrsig_taproot

test_sha256_eq

| Tests for the equality of two sha256 | structs. This function only produces | a correct result if an integer multiple | of 64 many bytes have been written into | the hash functions. |

Type Aliases

NonceFunctionHardened

| A pointer to a function to deterministically | generate a nonce. | | Same as nonce function with the | exception of accepting an additional pubkey | argument and not requiring an attempt | argument. The pubkey argument can protect | signature schemes with key-prefixed challenge | hash inputs against reusing the nonce when | signing with the wrong precomputed pubkey. | | Returns: 1 if a nonce was successfully | generated. 0 will cause signing to | return an error. | | Out: nonce32: pointer to a 32-byte array to | be filled by the function | | In: msg: the message being verified. Is | NULL if and only if msglen is | 0. | | msglen: the length of the message | | key32: pointer to a 32-byte secret key | (will not be NULL) | | xonly_pk32: the 32-byte serialized xonly | pubkey corresponding to key32 | (will not be NULL) | | algo: pointer to an array describing | the signature algorithm (will | not be NULL) | | algolen: the length of the algo array | | data: arbitrary data pointer that is | passed through | | Except for test cases, this function should | compute some cryptographic hash of the | message, the key, the pubkey, the algorithm | description, and data.