Check that the sig has a low R value and will be less than 71 bytes
| 200 | |
| 201 | // Check that the sig has a low R value and will be less than 71 bytes |
| 202 | bool SigHasLowR(const secp256k1_ecdsa_signature* sig) |
| 203 | { |
| 204 | unsigned char compact_sig[64]; |
| 205 | secp256k1_ecdsa_signature_serialize_compact(secp256k1_context_sign, compact_sig, sig); |
| 206 | |
| 207 | // In DER serialization, all values are interpreted as big-endian, signed integers. The highest bit in the integer indicates |
| 208 | // its signed-ness; 0 is positive, 1 is negative. When the value is interpreted as a negative integer, it must be converted |
| 209 | // to a positive value by prepending a 0x00 byte so that the highest bit is 0. We can avoid this prepending by ensuring that |
| 210 | // our highest bit is always 0, and thus we must check that the first byte is less than 0x80. |
| 211 | return compact_sig[0] < 0x80; |
| 212 | } |
| 213 | |
| 214 | uint256 CKey::ECDH(const CPubKey& pubkey) const { |
| 215 | assert(fValid); |