|
|
|
|
@ -388,6 +388,20 @@ int ecdsa_address_decode(const char *addr, uint8_t *out)
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void uncompress_coords(uint8_t odd, const bignum256 *x, bignum256 *y)
|
|
|
|
|
{
|
|
|
|
|
// y^2 = x^3 + 0*x + 7
|
|
|
|
|
memcpy(y, x, sizeof(bignum256)); // y is x
|
|
|
|
|
bn_multiply(x, y, &prime256k1); // y is x^2
|
|
|
|
|
bn_multiply(x, y, &prime256k1); // y is x^3
|
|
|
|
|
bn_addmodi(y, 7, &prime256k1); // y is x^3 + 7
|
|
|
|
|
bn_sqrt(y, &prime256k1); // y = sqrt(y)
|
|
|
|
|
if ((odd & 0x01) != (y->val[0] & 1)) {
|
|
|
|
|
bn_substract(&prime256k1, y, y); // y = -y
|
|
|
|
|
bn_mod(y, &prime256k1);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int ecdsa_read_pubkey(const uint8_t *pub_key, curve_point *pub)
|
|
|
|
|
{
|
|
|
|
|
if (pub_key[0] == 0x04) {
|
|
|
|
|
@ -395,22 +409,11 @@ int ecdsa_read_pubkey(const uint8_t *pub_key, curve_point *pub)
|
|
|
|
|
bn_read_be(pub_key + 33, &(pub->y));
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (pub_key[0] == 0x02 || pub_key[0] == 0x03) { // compute missing y coords
|
|
|
|
|
// y^2 = x^3 + 0*x + 7
|
|
|
|
|
bn_read_be(pub_key + 1, &(pub->x));
|
|
|
|
|
bn_read_be(pub_key + 1, &(pub->y)); // y is x
|
|
|
|
|
bn_multiply(&(pub->x), &(pub->y), &prime256k1); // y is x^2
|
|
|
|
|
bn_multiply(&(pub->x), &(pub->y), &prime256k1); // y is x^3
|
|
|
|
|
bn_addmodi(&(pub->y), 7, &prime256k1); // y is x^3 + 7
|
|
|
|
|
bn_sqrt(&(pub->y), &prime256k1); // y = sqrt(y)
|
|
|
|
|
if ((pub_key[0] & 0x01) != (pub->y.val[0] & 1)) {
|
|
|
|
|
bn_substract(&prime256k1, &(pub->y), &(pub->y)); // y = -y
|
|
|
|
|
bn_mod(&(pub->y), &prime256k1);
|
|
|
|
|
}
|
|
|
|
|
uncompress_coords(pub_key[0], &(pub->x), &(pub->y));
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// error
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
Pavol Rusnak
11 years ago