libsecp256k1-0.0.2: Bindings for secp256k1
LicenseUNLICENSE
MaintainerKeagan McClelland <keagan.mcclelland@gmail.com>
Stabilityexperimental
PortabilityPOSIX
Safe HaskellSafe-Inferred
LanguageHaskell2010

Crypto.Secp256k1

Description

Crytpographic functions from Bitcoin’s secp256k1 library.

Synopsis

Core Types

data SecKey Source #

data PubKeyXY Source #

data PubKeyXO Source #

data KeyPair Source #

data Signature Source #

data RecoverableSignature Source #

data Tweak Source #

Parsing and Serialization

importSecKey :: ByteString -> Maybe SecKey Source #

Parses SecKey, will be Nothing if the ByteString corresponds to 0{32} or is not 32 bytes in length

importPubKeyXY :: ByteString -> Maybe PubKeyXY Source #

Parses a 33 or 65 byte PubKeyXY, all other lengths will result in Nothing

exportPubKeyXY :: Bool -> PubKeyXY -> ByteString Source #

Serialize PubKeyXY. First argument True for compressed output (33 bytes), False for uncompressed (65 bytes).

importPubKeyXO :: ByteString -> Maybe PubKeyXO Source #

Parses PubKeyXO from ByteString, will be Nothing if the pubkey corresponds to the Point at Infinity or the the ByteString is not 32 bytes long

exportPubKeyXO :: PubKeyXO -> ByteString Source #

Serializes PubKeyXO to 32 byte ByteString

importSignature :: ByteString -> Maybe Signature Source #

Parses Signature from DER (71 | 72 | 73 bytes) or Compact (64 bytes) representations.

exportSignatureCompact :: Signature -> ByteString Source #

Serializes Signature to Compact (64 byte) representation

exportSignatureDer :: Signature -> ByteString Source #

Serializes Signature to DER (71 | 72 bytes) representation

importRecoverableSignature :: ByteString -> Maybe RecoverableSignature Source #

Parses RecoverableSignature from Compact (65 byte) representation

exportRecoverableSignature :: RecoverableSignature -> ByteString Source #

Serializes RecoverableSignature to Compact (65 byte) representation

importTweak :: ByteString -> Maybe Tweak Source #

Parses Tweak from 32 byte ByteString. If the ByteString is an invalid SecKey then this will yield Nothing

ECDSA Operations

ecdsaVerify :: ByteString -> PubKeyXY -> Signature -> Bool Source #

Verify message signature. True means that the signature is correct.

ecdsaSign :: SecKey -> ByteString -> Maybe Signature Source #

Signs ByteString with SecKey only if ByteString is 32 bytes.

ecdsaSignRecoverable :: SecKey -> ByteString -> Maybe RecoverableSignature Source #

Signs ByteString with SecKey only if ByteString is 32 bytes. Retains ability to compute PubKeyXY from the RecoverableSignature and the original message (ByteString)

ecdsaRecover :: RecoverableSignature -> ByteString -> Maybe PubKeyXY Source #

Computes PubKeyXY from RecoverableSignature and the original message that was signed (must be 32 bytes).

Conversions

recSigToSig :: RecoverableSignature -> Signature Source #

Forgets the recovery id of a signature

derivePubKey :: SecKey -> PubKeyXY Source #

Use SecKey to compute the corresponding PubKeyXY

keyPairCreate :: SecKey -> KeyPair Source #

Compute KeyPair structure from SecKey

keyPairPubKeyXY :: KeyPair -> PubKeyXY Source #

Project PubKeyXY from KeyPair

keyPairPubKeyXO :: KeyPair -> (PubKeyXO, Bool) Source #

Project PubKeyXO from KeyPair as well as parity bit. True indicates that the public key is the same as it would be if you had serialized the PubKeyXO and it was prefixed with flagsTagPubkeyOdd. False indicates it would be prefixed by flagsTagPubkeyEven

xyToXO :: PubKeyXY -> (PubKeyXO, Bool) Source #

Convert PubKeyXY to PubKeyXO. See keyPairPubKeyXO for more information on how to interpret the parity bit.

Tweaks

ecSecKeyTweakAdd :: SecKey -> Tweak -> Maybe SecKey Source #

ecSecKeyTweakMul :: SecKey -> Tweak -> Maybe SecKey Source #

Multiply SecKey by Tweak.

keyPairPubKeyXOTweakAdd :: KeyPair -> Tweak -> Maybe KeyPair Source #

Tweak a KeyPair with a Tweak. If the resulting KeyPair is invalid (0, Infinity), then the result is Nothing

pubKeyCombine :: [PubKeyXY] -> Maybe PubKeyXY Source #

Combine a list of PubKeyXYs into a single PubKeyXY. This will result in Nothing if the group operation results in the Point at Infinity

pubKeyNegate :: PubKeyXY -> PubKeyXY Source #

Negate a PubKeyXY

secKeyNegate :: SecKey -> SecKey Source #

Negate a SecKey

pubKeyTweakAdd :: PubKeyXY -> Tweak -> Maybe PubKeyXY Source #

Add Tweak to PubKeyXY. This will result in Nothing if the group operation results in the Point at Infinity

pubKeyTweakMul :: PubKeyXY -> Tweak -> Maybe PubKeyXY Source #

Multiply PubKeyXY by Tweak. This will result in Nothing if the group operation results in the Point at Infinity

pubKeyXOTweakAdd :: PubKeyXO -> Tweak -> Maybe PubKeyXY Source #

Add Tweak to PubKeyXO. This will result in Nothing if the group operation results in the Point at Infinity

pubKeyXOTweakAddCheck :: PubKeyXO -> Bool -> PubKeyXO -> Tweak -> Bool Source #

Check that a PubKeyXO is the result of the specified tweak operation. True means it was.

Schnorr Operations

schnorrSign :: KeyPair -> ByteString -> Maybe Signature Source #

Compute a schnorr signature using a KeyPair. The ByteString must be 32 bytes long to get a Just out of this function

data SchnorrExtra a Source #

Extra parameters object for alternative nonce generation

Constructors

Storable a => SchnorrExtra 

Fields

schnorrSignCustom :: forall a. KeyPair -> ByteString -> SchnorrExtra a -> Maybe Signature Source #

Compute a schnorr signature with an alternative scheme for generating nonces, it is not recommended you use this unless you know what you are doing. Instead, favor the usage of schnorrSign

schnorrVerify :: PubKeyXO -> ByteString -> Signature -> Bool Source #

Verify the authenticity of a schnorr signature. True means the Signature is correct.

Other

taggedSha256 :: ByteString -> ByteString -> Digest SHA256 Source #

Generate a tagged sha256 digest as specified in BIP340

ecdh :: SecKey -> PubKeyXY -> Digest SHA256 Source #

Compute a shared secret using ECDH and SHA256. This algorithm uses your own SecKey, your counterparty's PubKeyXY and results in a 32 byte SHA256 Digest.