RecoverPubkey returns the public key of the signer. msg must be the 32-byte hash of the message to be signed. sig must be a 65-byte compact ECDSA signature containing the recovery id as the last element.
(msg []byte, sig []byte)
| 99 | // sig must be a 65-byte compact ECDSA signature containing the |
| 100 | // recovery id as the last element. |
| 101 | func RecoverPubkey(msg []byte, sig []byte) ([]byte, error) { |
| 102 | if len(msg) != 32 { |
| 103 | return nil, ErrInvalidMsgLen |
| 104 | } |
| 105 | if err := checkSignature(sig); err != nil { |
| 106 | return nil, err |
| 107 | } |
| 108 | |
| 109 | var ( |
| 110 | pubkey = make([]byte, 65) |
| 111 | sigdata = (*C.uchar)(unsafe.Pointer(&sig[0])) |
| 112 | msgdata = (*C.uchar)(unsafe.Pointer(&msg[0])) |
| 113 | ) |
| 114 | if C.secp256k1_ext_ecdsa_recover(context, (*C.uchar)(unsafe.Pointer(&pubkey[0])), sigdata, msgdata) == 0 { |
| 115 | return nil, ErrRecoverFailed |
| 116 | } |
| 117 | return pubkey, nil |
| 118 | } |
| 119 | |
| 120 | // VerifySignature checks that the given pubkey created signature over message. |
| 121 | // The signature should be in [R || S] format. |