Struct secp256k1::Secp256k1

pub struct Secp256k1<C: Context> { /* fields omitted */ }

The secp256k1 engine, used to execute all signature operations

Implementations

impl<C: Context> Secp256k1<C>

pub fn gen_new() -> Secp256k1<C>

Lets you create a context in a generic manner(sign/verify/all)

impl Secp256k1<All>

pub fn new() -> Secp256k1<All>

Creates a new Secp256k1 context with all capabilities

impl Secp256k1<SignOnly>

pub fn signing_only() -> Secp256k1<SignOnly>

Creates a new Secp256k1 context that can only be used for signing

impl Secp256k1<VerifyOnly>

pub fn verification_only() -> Secp256k1<VerifyOnly>

Creates a new Secp256k1 context that can only be used for verification

impl<'buf, C: Context + 'buf> Secp256k1<C>

pub fn preallocated_gen_new(
    buf: &'buf mut [AlignedType]
) -> Result<Secp256k1<C>, Error>

Lets you create a context with preallocated buffer in a generic manner(sign/verify/all)

impl<'buf> Secp256k1<AllPreallocated<'buf>>

pub fn preallocated_new(
    buf: &'buf mut [AlignedType]
) -> Result<Secp256k1<AllPreallocated<'buf>>, Error>

Creates a new Secp256k1 context with all capabilities

pub fn preallocate_size() -> usize

Uses the ffi secp256k1_context_preallocated_size to check the memory size needed for a context

pub unsafe fn from_raw_all(
    raw_ctx: *mut Context
) -> ManuallyDrop<Secp256k1<AllPreallocated<'buf>>>

Create a context from a raw context.

Safety

This is highly unsafe, due to the number of conditions that aren’t checked.

• raw_ctx needs to be a valid Secp256k1 context pointer. that was generated by exactly the same code/version of the libsecp256k1 used here.
• The capabilities (All/SignOnly/VerifyOnly) of the context must match the flags passed to libsecp256k1 when generating the context.
• The user must handle the freeing of the context(using the correct functions) by himself.
• Violating these may lead to Undefined Behavior.

impl<'buf> Secp256k1<SignOnlyPreallocated<'buf>>

pub fn preallocated_signing_only(
    buf: &'buf mut [AlignedType]
) -> Result<Secp256k1<SignOnlyPreallocated<'buf>>, Error>

Creates a new Secp256k1 context that can only be used for signing

pub fn preallocate_signing_size() -> usize

Uses the ffi secp256k1_context_preallocated_size to check the memory size needed for the context

pub unsafe fn from_raw_signining_only(
    raw_ctx: *mut Context
) -> ManuallyDrop<Secp256k1<SignOnlyPreallocated<'buf>>>

Create a context from a raw context.

Safety

This is highly unsafe, due to the number of conditions that aren’t checked.

• raw_ctx needs to be a valid Secp256k1 context pointer. that was generated by exactly the same code/version of the libsecp256k1 used here.
• The capabilities (All/SignOnly/VerifyOnly) of the context must match the flags passed to libsecp256k1 when generating the context.
• The user must handle the freeing of the context(using the correct functions) by himself.
• This list is not exhaustive, and any violation may lead to Undefined Behavior.,

impl<'buf> Secp256k1<VerifyOnlyPreallocated<'buf>>

pub fn preallocated_verification_only(
    buf: &'buf mut [AlignedType]
) -> Result<Secp256k1<VerifyOnlyPreallocated<'buf>>, Error>

Creates a new Secp256k1 context that can only be used for verification

pub fn preallocate_verification_size() -> usize

Uses the ffi secp256k1_context_preallocated_size to check the memory size needed for the context

pub unsafe fn from_raw_verification_only(
    raw_ctx: *mut Context
) -> ManuallyDrop<Secp256k1<VerifyOnlyPreallocated<'buf>>>

Create a context from a raw context.

Safety

This is highly unsafe, due to the number of conditions that aren’t checked.

• raw_ctx needs to be a valid Secp256k1 context pointer. that was generated by exactly the same code/version of the libsecp256k1 used here.
• The capabilities (All/SignOnly/VerifyOnly) of the context must match the flags passed to libsecp256k1 when generating the context.
• The user must handle the freeing of the context(using the correct functions) by himself.
• This list is not exhaustive, and any violation may lead to Undefined Behavior.,

impl<C: Signing> Secp256k1<C>

pub fn schnorrsig_sign(&self, msg: &Message, keypair: &KeyPair) -> Signature

Create a schnorr signature internally using the ThreadRng random number generator to generate the auxiliary random data. Requires compilation with “rand-std” feature.

pub fn schnorrsig_sign_no_aux_rand(
    &self,
    msg: &Message,
    keypair: &KeyPair
) -> Signature

Create a schnorr signature without using any auxiliary random data.

pub fn schnorrsig_sign_with_aux_rand(
    &self,
    msg: &Message,
    keypair: &KeyPair,
    aux_rand: &[u8; 32]
) -> Signature

Create a Schnorr signature using the given auxiliary random data.

pub fn schnorrsig_sign_with_rng<R: Rng + CryptoRng>(
    &self,
    msg: &Message,
    keypair: &KeyPair,
    rng: &mut R
) -> Signature

Create a schnorr signature using the given random number generator to generate the auxiliary random data. Requires compilation with “rand” feature.

pub fn schnorrsig_verify(
    &self,
    sig: &Signature,
    msg: &Message,
    pubkey: &PublicKey
) -> Result<(), Error>

Verify a Schnorr signature.

pub fn generate_schnorrsig_keypair<R: Rng + ?Sized>(
    &self,
    rng: &mut R
) -> (KeyPair, PublicKey)

Generates a random Schnorr KeyPair and its associated Schnorr PublicKey. Convenience function for schnorrsig::KeyPair::new and schnorrsig::PublicKey::from_keypair; call those functions directly for batch key generation. Requires a signing-capable context. Requires compilation with the “rand” feature.

impl<C: Signing> Secp256k1<C>

pub fn sign_recoverable(
    &self,
    msg: &Message,
    sk: &SecretKey
) -> RecoverableSignature

Constructs a signature for msg using the secret key sk and RFC6979 nonce Requires a signing-capable context.

impl<C: Verification> Secp256k1<C>

pub fn recover(
    &self,
    msg: &Message,
    sig: &RecoverableSignature
) -> Result<PublicKey, Error>

Determines the public key for which sig is a valid signature for msg. Requires a verify-capable context.

impl<C: Context> Secp256k1<C>

pub fn ctx(&self) -> &*mut Context

Getter for the raw pointer to the underlying secp256k1 context. This shouldn’t be needed with normal usage of the library. It enables extending the Secp256k1 with more cryptographic algorithms outside of this crate.

pub fn preallocate_size_gen() -> usize

Returns the required memory for a preallocated context buffer in a generic manner(sign/verify/all)

pub fn randomize<R: Rng + ?Sized>(&mut self, rng: &mut R)

(Re)randomizes the Secp256k1 context for cheap sidechannel resistance; see comment in libsecp256k1 commit d2275795f by Gregory Maxwell. Requires compilation with “rand” feature.

pub fn seeded_randomize(&mut self, seed: &[u8; 32])

(Re)randomizes the Secp256k1 context for cheap sidechannel resistance given 32 bytes of cryptographically-secure random data; see comment in libsecp256k1 commit d2275795f by Gregory Maxwell.

impl<C: Signing> Secp256k1<C>

pub fn sign(&self, msg: &Message, sk: &SecretKey) -> Signature

Constructs a signature for msg using the secret key sk and RFC6979 nonce Requires a signing-capable context.

pub fn sign_grind_r(
    &self,
    msg: &Message,
    sk: &SecretKey,
    bytes_to_grind: usize
) -> Signature

Constructs a signature for msg using the secret key sk, RFC6979 nonce and “grinds” the nonce by passing extra entropy if necessary to produce a signature that is less than 71 - bytes_to_grund bytes. The number of signing operation performed by this function is exponential in the number of bytes grinded. Requires a signing capable context.

pub fn sign_low_r(&self, msg: &Message, sk: &SecretKey) -> Signature

Constructs a signature for msg using the secret key sk, RFC6979 nonce and “grinds” the nonce by passing extra entropy if necessary to produce a signature that is less than 71 bytes and compatible with the low r signature implementation of bitcoin core. In average, this function will perform two signing operations. Requires a signing capable context.

pub fn generate_keypair<R: Rng + ?Sized>(
    &self,
    rng: &mut R
) -> (SecretKey, PublicKey)

Generates a random keypair. Convenience function for key::SecretKey::new and key::PublicKey::from_secret_key; call those functions directly for batch key generation. Requires a signing-capable context. Requires compilation with the “rand” feature.

impl<C: Verification> Secp256k1<C>

pub fn verify(
    &self,
    msg: &Message,
    sig: &Signature,
    pk: &PublicKey
) -> Result<(), Error>

Checks that sig is a valid ECDSA signature for msg using the public key pubkey. Returns Ok(()) on success. Note that this function cannot be used for Bitcoin consensus checking since there may exist signatures which OpenSSL would verify but not libsecp256k1, or vice-versa. Requires a verify-capable context.

let message = Message::from_slice(&[0xab; 32]).expect("32 bytes");
let sig = secp.sign(&message, &secret_key);
assert_eq!(secp.verify(&message, &sig, &public_key), Ok(()));

let message = Message::from_slice(&[0xcd; 32]).expect("32 bytes");
assert_eq!(secp.verify(&message, &sig, &public_key), Err(Error::IncorrectSignature));

Trait Implementations

impl<C: Context> Clone for Secp256k1<C>

fn clone(&self) -> Secp256k1<C>

Returns a copy of the value.

pub fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<C: Context> Debug for Secp256k1<C>

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for Secp256k1<All>

fn default() -> Self

Returns the “default value” for a type.

impl<C: Context> Drop for Secp256k1<C>

fn drop(&mut self)

Executes the destructor for this type.

impl<C: Context> Eq for Secp256k1<C>

impl<C: Context> PartialEq<Secp256k1<C>> for Secp256k1<C>

fn eq(&self, _other: &Secp256k1<C>) -> bool

This method tests for self and other values to be equal, and is used by ==.

#[must_use]

pub fn ne(&self, other: &Rhs) -> bool

This method tests for !=.

impl<C: Context> Send for Secp256k1<C>

impl<C: Context> Sync for Secp256k1<C>