Commit Graph

16 Commits

Author SHA1 Message Date
Jimmy Song
d312d47298 RecoverCompact and SignCompact now use the btcec.PrivateKey and btcec.PublicKey types.
btcwallet/rpcserver.go needs a corresponding change or else that will break.

This closes #6
2014-09-27 13:37:27 -05:00
Yurii Rashkovskii
b19d0a0232 Enforce low S values, by negating the value (modulo the order) if above order/2.
Reference implementation: b7bba43a14/src/key.cpp (L235-L238)

ht @oleganza
2014-07-31 22:04:14 +02:00
Dave Collins
22014931d4 goimports -w . 2014-07-02 19:39:37 -05:00
Owain G. Ainsworth
d0a4086e29 Add an api to get a pubkey and privkey from a privkey byte string.
ok and some tweaks from @jrick.
2014-03-25 15:10:58 +00:00
Owain G. Ainsworth
ff3fac426d Add code to produce and verify compact signatures.
The format used is identical to that used in bitcoind.
2014-02-13 18:47:10 +00:00
David Hill
d991c18d16 gofmt 2014-02-04 16:17:45 -05:00
Dave Collins
58cab817f0 Add 2014 to copyright dates. 2014-01-08 23:51:37 -06:00
Dave Collins
bb6b277706 Add tests for new Signature.Serialize function.
This is part of the resolution for issue btcscript/#3.
2013-12-23 11:31:26 -06:00
Josh Rickmar
98ac46b37d Add ParseDERSignature.
This change adds an additional signature parsing function which
performs additional checks to verify the signature is serialized in a
valid DER (and thus, unique) format, instead of allowing the less
strict BER signatures that ParseSignature will happily accept.

Added additional tests and updated test coverage to reflect changes.
2013-10-25 15:09:48 -04:00
Josh Rickmar
961636c764 Add functions to serialize an ecdsa public key. 2013-09-30 18:18:03 -04:00
Owain G. Ainsworth
ba51aa8934 partially revert afc2e8100a
Turns out that there are some signatures in the bitcoin blockchain that have
trailing 0s, for example
12a1b29fd6c295075b6a66f5fd90f0126ceb1fda4f15e4b44d92518bd52a5cdf has a signature
length of 0x45 where there are 0x47 bytes following that length check (one is
hashtype and is supposed to be trimmed out prior to calling the function). We
relax the paranoid length check to permit traling data, but not to permit
buffers that are too short. Change the test to passing with a big comment
stating why this is now considered a valid case.
2013-06-24 18:15:25 +01:00
Owain G. Ainsworth
031437decf test 0 length numbers (disallowed) and coordinates of 0 (also) 2013-06-18 00:17:32 +01:00
Owain G. Ainsworth
13cf6091e6 Test the sanity checks for numbers too big for the curve fire correctly. 2013-06-17 23:58:47 +01:00
Owain G. Ainsworth
afc2e8100a Make length check a little more paranoid
Remove trailing crap  from the tests (the hashtype) now that this is
correctly caught.
2013-06-17 17:38:16 +01:00
Owain G. Ainsworth
cd61efe8a8 test a bunch of invalid cases in ParseSignature. 2013-06-17 16:18:58 +01:00
Owain G. Ainsworth
9cb1f47fb9 add signature test harness and try a valid signature for size.
error paths to come.
2013-06-14 01:11:06 +01:00