MCPcopy
hub / github.com/petertodd/python-bitcoinlib / recover

Method recover

bitcoin/core/key.py:462–563  ·  view source on GitHub ↗

Perform ECDSA key recovery (see SEC1 4.1.6) for curves over (mod p)-fields recid selects which key is recovered if check is non-zero, additional checks are performed

(self, sigR, sigS, msg, msglen, recid, check)

Source from the content-addressed store, hash-verified

460 _ssl.EC_KEY_set_conv_form(self.k, form)
461
462 def recover(self, sigR, sigS, msg, msglen, recid, check):
463 """
464 Perform ECDSA key recovery (see SEC1 4.1.6) for curves over (mod p)-fields
465
466 recid selects which key is recovered
467
468 if check is non-zero, additional checks are performed
469 """
470 i = int(recid / 2)
471
472 r = None
473 s = None
474 ctx = None
475 R = None
476 O = None
477 Q = None
478
479 assert len(sigR) == 32, len(sigR)
480 assert len(sigS) == 32, len(sigS)
481
482 try:
483 r = _ssl.BN_bin2bn(bytes(sigR), len(sigR), _ssl.BN_new())
484 s = _ssl.BN_bin2bn(bytes( sigS), len(sigS), _ssl.BN_new())
485
486 group = _ssl.EC_KEY_get0_group(self.k)
487 ctx = _ssl.BN_CTX_new()
488 order = _ssl.BN_CTX_get(ctx)
489 ctx = _ssl.BN_CTX_new()
490
491 if not _ssl.EC_GROUP_get_order(group, order, ctx):
492 return -2
493
494 x = _ssl.BN_CTX_get(ctx)
495 if not _ssl.BN_copy(x, order):
496 return -1
497 if not _ssl.BN_mul_word(x, i):
498 return -1
499 if not _ssl.BN_add(x, x, r):
500 return -1
501
502 field = _ssl.BN_CTX_get(ctx)
503 if not _ssl.EC_GROUP_get_curve_GFp(group, field, None, None, ctx):
504 return -2
505
506 if _ssl.BN_cmp(x, field) >= 0:
507 return 0
508
509 R = _ssl.EC_POINT_new(group)
510 if R is None:
511 return -2
512 if not _ssl.EC_POINT_set_compressed_coordinates_GFp(group, R, x, recid % 2, ctx):
513 return 0
514
515 if check:
516 O = _ssl.EC_POINT_new(group)
517 if O is None:
518 return -2
519 if not _ssl.EC_POINT_mul(group, O, None, R, order, ctx):

Callers 2

sign_compactMethod · 0.95
recover_compactMethod · 0.95

Calls

no outgoing calls

Tested by

no test coverage detected