introduce uncompress_coords

ecdsa.c

@@ -388,6 +388,20 @@ int ecdsa_address_decode(const char *addr, uint8_t *out)
 	return 1;
 }
 
+void uncompress_coords(uint8_t odd, const bignum256 *x, bignum256 *y)
+{
+	// y^2 = x^3 + 0*x + 7
+	memcpy(y, x, sizeof(bignum256));       // y is x
+	bn_multiply(x, y, &prime256k1);        // y is x^2
+	bn_multiply(x, y, &prime256k1);        // y is x^3
+	bn_addmodi(y, 7, &prime256k1);         // y is x^3 + 7
+	bn_sqrt(y, &prime256k1);               // y = sqrt(y)
+	if ((odd & 0x01) != (y->val[0] & 1)) {
+		bn_substract(&prime256k1, y, y);   // y = -y
+		bn_mod(y, &prime256k1);
+	}
+}
+
 int ecdsa_read_pubkey(const uint8_t *pub_key, curve_point *pub)
 {
 	if (pub_key[0] == 0x04) {
@@ -395,22 +409,11 @@ int ecdsa_read_pubkey(const uint8_t *pub_key, curve_point *pub)
 		bn_read_be(pub_key + 33, &(pub->y));
 		return 1;
 	}
-
 	if (pub_key[0] == 0x02 || pub_key[0] == 0x03) { // compute missing y coords
-		// y^2 = x^3 + 0*x + 7
 		bn_read_be(pub_key + 1, &(pub->x));
-		bn_read_be(pub_key + 1, &(pub->y));          // y is x
-		bn_multiply(&(pub->x), &(pub->y), &prime256k1); // y is x^2
-		bn_multiply(&(pub->x), &(pub->y), &prime256k1); // y is x^3
-		bn_addmodi(&(pub->y), 7, &prime256k1);       // y is x^3 + 7
-		bn_sqrt(&(pub->y), &prime256k1);             // y = sqrt(y)
-		if ((pub_key[0] & 0x01) != (pub->y.val[0] & 1)) {
-			bn_substract(&prime256k1, &(pub->y), &(pub->y)); // y = -y
-			bn_mod(&(pub->y), &prime256k1);
-		}
+		uncompress_coords(pub_key[0], &(pub->x), &(pub->y));
 		return 1;
 	}
-
 	// error
 	return 0;
 }

ecdsa.h

@@ -35,6 +35,7 @@
 void point_add(const curve_point *cp1, curve_point *cp2);
 void point_double(curve_point *cp);
 void scalar_multiply(bignum256 *k, curve_point *res);
+void uncompress_coords(uint8_t odd, const bignum256 *x, bignum256 *y);
 
 int ecdsa_sign(const uint8_t *priv_key, const uint8_t *msg, uint32_t msg_len, uint8_t *sig);
 int ecdsa_sign_double(const uint8_t *priv_key, const uint8_t *msg, uint32_t msg_len, uint8_t *sig);