1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62

//! The secp256k1 elliptic curve as defined by Certicom's SECG in
//! SEC 2: Recommended Elliptic Curve Domain Parameters:
//!
//! <http://www.secg.org/sec2-v2.pdf>
//!
//! This curve is most notable for its use in Bitcoin and other cryptocurrencies.

#[cfg(feature = "test-vectors")]
mod test_vectors;

#[cfg(feature = "test-vectors")]
pub use self::test_vectors::SHA256_FIXED_SIZE_TEST_VECTORS;
use super::{WeierstrassCurve, WeierstrassCurveKind};
#[cfg(all(feature = "digest", feature = "sha2"))]
use crate::sha2::Sha256;
use generic_array::typenum::{U32, U33, U64, U65, U73};

/// The secp256k1 elliptic curve: y² = x³ + 7 over a ~256-bit prime field
#[derive(Copy, Clone, Debug, Default, Eq, Hash, PartialEq, PartialOrd, Ord)]
pub struct Secp256k1;

impl WeierstrassCurve for Secp256k1 {
    /// Elliptic curve kind
    const CURVE_KIND: WeierstrassCurveKind = WeierstrassCurveKind::Secp256k1;

    /// Random 256-bit (32-byte) private scalar
    type ScalarSize = U32;

    /// Size of a compressed elliptic curve point serialized using
    /// `Elliptic-Curve-Point-to-Octet-String` encoding
    type CompressedPointSize = U33;

    /// Size of a raw uncompressed elliptic curve point sans the `0x04`
    /// tag byte added in the `UncompressedPointSize` value.
    type UntaggedPointSize = U64;

    /// Size of a raw uncompressed elliptic curve point (i.e sans the `0x04`
    /// tag added by `Elliptic-Curve-Point-to-Octet-String` encoding)
    type UncompressedPointSize = U65;

    /// Maximum size of an ASN.1 DER encoded signature
    // TODO: double check this calculation
    type Asn1SignatureMaxSize = U73;

    /// Concatenated `r || s` values (32-bytes each)
    type FixedSignatureSize = U64;
}

/// secp256k1 secret key
pub type SecretKey = crate::ecdsa::SecretKey<Secp256k1>;

/// secp256k1 public key
pub type PublicKey = crate::ecdsa::PublicKey<Secp256k1>;

/// ASN.1 DER encoded secp256k1 ECDSA signature
pub type Asn1Signature = crate::ecdsa::Asn1Signature<Secp256k1>;

/// Compact, fixed-sized secp256k1 ECDSA signature
pub type FixedSignature = crate::ecdsa::FixedSignature<Secp256k1>;

#[cfg(all(feature = "digest", feature = "sha2"))]
impl_digest_signature!(Sha256, Asn1Signature, FixedSignature);