License	UNLICENSE
Maintainer	Keagan McClelland <keagan.mcclelland@gmail.com>
Stability	experimental
Portability	POSIX
Safe Haskell	Safe-Inferred
Language	Haskell2010

Crypto.Secp256k1

Contents

Core Types
Parsing and Serialization
ECDSA Operations
Conversions
Tweaks
Schnorr Operations
Other

Description

Crytpographic functions from Bitcoin’s secp256k1 library.

Synopsis

data SecKey
data PubKeyXY
data PubKeyXO
data KeyPair
data Signature
data RecoverableSignature
data Tweak
importSecKey :: ByteString -> Maybe SecKey
exportSecKey :: SecKey -> ByteString
importPubKeyXY :: ByteString -> Maybe PubKeyXY
exportPubKeyXY :: Bool -> PubKeyXY -> ByteString
importPubKeyXO :: ByteString -> Maybe PubKeyXO
exportPubKeyXO :: PubKeyXO -> ByteString
importSignature :: ByteString -> Maybe Signature
exportSignatureCompact :: Signature -> ByteString
exportSignatureDer :: Signature -> ByteString
importRecoverableSignature :: ByteString -> Maybe RecoverableSignature
exportRecoverableSignature :: RecoverableSignature -> ByteString
importTweak :: ByteString -> Maybe Tweak
ecdsaVerify :: ByteString -> PubKeyXY -> Signature -> Bool
ecdsaSign :: SecKey -> ByteString -> Maybe Signature
ecdsaSignRecoverable :: SecKey -> ByteString -> Maybe RecoverableSignature
ecdsaRecover :: RecoverableSignature -> ByteString -> Maybe PubKeyXY
recSigToSig :: RecoverableSignature -> Signature
derivePubKey :: SecKey -> PubKeyXY
keyPairCreate :: SecKey -> KeyPair
keyPairSecKey :: KeyPair -> SecKey
keyPairPubKeyXY :: KeyPair -> PubKeyXY
keyPairPubKeyXO :: KeyPair -> (PubKeyXO, Bool)
xyToXO :: PubKeyXY -> (PubKeyXO, Bool)
secKeyTweakAdd :: SecKey -> Tweak -> Maybe SecKey
secKeyTweakMul :: SecKey -> Tweak -> Maybe SecKey
keyPairPubKeyXOTweakAdd :: KeyPair -> Tweak -> Maybe KeyPair
pubKeyCombine :: [PubKeyXY] -> Maybe PubKeyXY
pubKeyNegate :: PubKeyXY -> PubKeyXY
secKeyNegate :: SecKey -> SecKey
pubKeyTweakAdd :: PubKeyXY -> Tweak -> Maybe PubKeyXY
pubKeyTweakMul :: PubKeyXY -> Tweak -> Maybe PubKeyXY
pubKeyXOTweakAdd :: PubKeyXO -> Tweak -> Maybe PubKeyXY
pubKeyXOTweakAddCheck :: PubKeyXO -> Bool -> PubKeyXO -> Tweak -> Bool
schnorrSign :: KeyPair -> ByteString -> Maybe Signature
schnorrVerify :: PubKeyXO -> ByteString -> Signature -> Bool
taggedSha256 :: ByteString -> ByteString -> SizedByteArray 32 ByteString
ecdh :: SecKey -> PubKeyXY -> SizedByteArray 32 ByteString

Core Types

data SecKey Source #

Secret Key

Instances

Instances details

Show SecKey Source #
Instance details Defined in Crypto.Secp256k1 Methods showsPrec :: Int -> SecKey -> ShowS # show :: SecKey -> String # showList :: [SecKey] -> ShowS #
Eq SecKey Source #
Instance details Defined in Crypto.Secp256k1 Methods (==) :: SecKey -> SecKey -> Bool # (/=) :: SecKey -> SecKey -> Bool #
Ord SecKey Source #
Instance details Defined in Crypto.Secp256k1 Methods compare :: SecKey -> SecKey -> Ordering # (<) :: SecKey -> SecKey -> Bool # (<=) :: SecKey -> SecKey -> Bool # (>) :: SecKey -> SecKey -> Bool # (>=) :: SecKey -> SecKey -> Bool # max :: SecKey -> SecKey -> SecKey # min :: SecKey -> SecKey -> SecKey #

data PubKeyXY Source #

Public Key with both X and Y coordinates

Instances

Instances details

Show PubKeyXY Source #
Instance details Defined in Crypto.Secp256k1 Methods showsPrec :: Int -> PubKeyXY -> ShowS # show :: PubKeyXY -> String # showList :: [PubKeyXY] -> ShowS #
Eq PubKeyXY Source #
Instance details Defined in Crypto.Secp256k1 Methods (==) :: PubKeyXY -> PubKeyXY -> Bool # (/=) :: PubKeyXY -> PubKeyXY -> Bool #
Ord PubKeyXY Source #
Instance details Defined in Crypto.Secp256k1 Methods compare :: PubKeyXY -> PubKeyXY -> Ordering # (<) :: PubKeyXY -> PubKeyXY -> Bool # (<=) :: PubKeyXY -> PubKeyXY -> Bool # (>) :: PubKeyXY -> PubKeyXY -> Bool # (>=) :: PubKeyXY -> PubKeyXY -> Bool # max :: PubKeyXY -> PubKeyXY -> PubKeyXY # min :: PubKeyXY -> PubKeyXY -> PubKeyXY #

data PubKeyXO Source #

Public Key with only an X coordinate.

Instances

Instances details

Show PubKeyXO Source #
Instance details Defined in Crypto.Secp256k1 Methods showsPrec :: Int -> PubKeyXO -> ShowS # show :: PubKeyXO -> String # showList :: [PubKeyXO] -> ShowS #
Eq PubKeyXO Source #
Instance details Defined in Crypto.Secp256k1 Methods (==) :: PubKeyXO -> PubKeyXO -> Bool # (/=) :: PubKeyXO -> PubKeyXO -> Bool #
Ord PubKeyXO Source #
Instance details Defined in Crypto.Secp256k1 Methods compare :: PubKeyXO -> PubKeyXO -> Ordering # (<) :: PubKeyXO -> PubKeyXO -> Bool # (<=) :: PubKeyXO -> PubKeyXO -> Bool # (>) :: PubKeyXO -> PubKeyXO -> Bool # (>=) :: PubKeyXO -> PubKeyXO -> Bool # max :: PubKeyXO -> PubKeyXO -> PubKeyXO # min :: PubKeyXO -> PubKeyXO -> PubKeyXO #

data KeyPair Source #

Structure containing information equivalent to SecKey and PubKeyXY

Instances

Instances details

Eq KeyPair Source #
Instance details Defined in Crypto.Secp256k1 Methods (==) :: KeyPair -> KeyPair -> Bool # (/=) :: KeyPair -> KeyPair -> Bool #

data Signature Source #

Structure containing Signature (R,S) data.

Instances

Instances details

Show Signature Source #
Instance details Defined in Crypto.Secp256k1 Methods showsPrec :: Int -> Signature -> ShowS # show :: Signature -> String # showList :: [Signature] -> ShowS #
Eq Signature Source #
Instance details Defined in Crypto.Secp256k1 Methods (==) :: Signature -> Signature -> Bool # (/=) :: Signature -> Signature -> Bool #

data RecoverableSignature Source #

Structure containing Signature AND recovery ID

Instances

Instances details

Show RecoverableSignature Source #
Instance details Defined in Crypto.Secp256k1 Methods showsPrec :: Int -> RecoverableSignature -> ShowS # show :: RecoverableSignature -> String # showList :: [RecoverableSignature] -> ShowS #
Eq RecoverableSignature Source #
Instance details Defined in Crypto.Secp256k1 Methods (==) :: RecoverableSignature -> RecoverableSignature -> Bool # (/=) :: RecoverableSignature -> RecoverableSignature -> Bool #

data Tweak Source #

Isomorphic to SecKey but specifically used for tweaking (EC Group operations) other keys

Instances

Instances details

Show Tweak Source #
Instance details Defined in Crypto.Secp256k1 Methods showsPrec :: Int -> Tweak -> ShowS # show :: Tweak -> String # showList :: [Tweak] -> ShowS #
Eq Tweak Source #
Instance details Defined in Crypto.Secp256k1 Methods (==) :: Tweak -> Tweak -> Bool # (/=) :: Tweak -> Tweak -> Bool #
Ord Tweak Source #
Instance details Defined in Crypto.Secp256k1 Methods compare :: Tweak -> Tweak -> Ordering # (<) :: Tweak -> Tweak -> Bool # (<=) :: Tweak -> Tweak -> Bool # (>) :: Tweak -> Tweak -> Bool # (>=) :: Tweak -> Tweak -> Bool # max :: Tweak -> Tweak -> Tweak # min :: Tweak -> Tweak -> Tweak #

Parsing and Serialization

importSecKey :: ByteString -> Maybe SecKey Source #

Parses SecKey, will be Nothing if the ByteString corresponds to 0{32} or is not 32 bytes in length

exportSecKey :: SecKey -> ByteString Source #

importPubKeyXY :: ByteString -> Maybe PubKeyXY Source #

Parses a 33 or 65 byte PubKeyXY, all other lengths will result in Nothing

exportPubKeyXY :: Bool -> PubKeyXY -> ByteString Source #

Serialize PubKeyXY. First argument True for compressed output (33 bytes), False for uncompressed (65 bytes).

importPubKeyXO :: ByteString -> Maybe PubKeyXO Source #

Parses PubKeyXO from ByteString, will be Nothing if the pubkey corresponds to the Point at Infinity or the the ByteString is not 32 bytes long

exportPubKeyXO :: PubKeyXO -> ByteString Source #

Serializes PubKeyXO to 32 byte ByteString

importSignature :: ByteString -> Maybe Signature Source #

Parses Signature from DER (71 | 72 | 73 bytes) or Compact (64 bytes) representations.

exportSignatureCompact :: Signature -> ByteString Source #

Serializes Signature to Compact (64 byte) representation

exportSignatureDer :: Signature -> ByteString Source #

Serializes Signature to DER (71 | 72 bytes) representation

importRecoverableSignature :: ByteString -> Maybe RecoverableSignature Source #

Parses RecoverableSignature from Compact (65 byte) representation

exportRecoverableSignature :: RecoverableSignature -> ByteString Source #

Serializes RecoverableSignature to Compact (65 byte) representation

importTweak :: ByteString -> Maybe Tweak Source #

Parses Tweak from 32 byte ByteString. If the ByteString is an invalid SecKey then this will yield Nothing

ECDSA Operations

ecdsaVerify :: ByteString -> PubKeyXY -> Signature -> Bool Source #

Verify message signature. True means that the signature is correct.

ecdsaSign :: SecKey -> ByteString -> Maybe Signature Source #

Signs ByteString with SecKey only if ByteString is 32 bytes.

ecdsaSignRecoverable :: SecKey -> ByteString -> Maybe RecoverableSignature Source #

Signs ByteString with SecKey only if ByteString is 32 bytes. Retains ability to compute PubKeyXY from the RecoverableSignature and the original message (ByteString)

ecdsaRecover :: RecoverableSignature -> ByteString -> Maybe PubKeyXY Source #

Computes PubKeyXY from RecoverableSignature and the original message that was signed (must be 32 bytes).

Conversions

recSigToSig :: RecoverableSignature -> Signature Source #

Forgets the recovery id of a signature

derivePubKey :: SecKey -> PubKeyXY Source #

Use SecKey to compute the corresponding PubKeyXY

keyPairCreate :: SecKey -> KeyPair Source #

Compute KeyPair structure from SecKey

keyPairSecKey :: KeyPair -> SecKey Source #

Project SecKey from KeyPair

keyPairPubKeyXY :: KeyPair -> PubKeyXY Source #

Project PubKeyXY from KeyPair

keyPairPubKeyXO :: KeyPair -> (PubKeyXO, Bool) Source #

Project PubKeyXO from KeyPair as well as parity bit. True indicates that the public key is the same as it would be if you had serialized the PubKeyXO and it was prefixed with flagsTagPubkeyOdd. False indicates it would be prefixed by flagsTagPubkeyEven

xyToXO :: PubKeyXY -> (PubKeyXO, Bool) Source #

Convert PubKeyXY to PubKeyXO. See keyPairPubKeyXO for more information on how to interpret the parity bit.

Tweaks

secKeyTweakAdd :: SecKey -> Tweak -> Maybe SecKey Source #

secKeyTweakMul :: SecKey -> Tweak -> Maybe SecKey Source #

Multiply SecKey by Tweak.

keyPairPubKeyXOTweakAdd :: KeyPair -> Tweak -> Maybe KeyPair Source #

Tweak a KeyPair with a Tweak. If the resulting KeyPair is invalid (0, Infinity), then the result is Nothing

pubKeyCombine :: [PubKeyXY] -> Maybe PubKeyXY Source #

Combine a list of PubKeyXYs into a single PubKeyXY. This will result in Nothing if the group operation results in the Point at Infinity

pubKeyNegate :: PubKeyXY -> PubKeyXY Source #

Negate a PubKeyXY

secKeyNegate :: SecKey -> SecKey Source #

Negate a SecKey

pubKeyTweakAdd :: PubKeyXY -> Tweak -> Maybe PubKeyXY Source #

Add Tweak to PubKeyXY. This will result in Nothing if the group operation results in the Point at Infinity

pubKeyTweakMul :: PubKeyXY -> Tweak -> Maybe PubKeyXY Source #

Multiply PubKeyXY by Tweak. This will result in Nothing if the group operation results in the Point at Infinity

pubKeyXOTweakAdd :: PubKeyXO -> Tweak -> Maybe PubKeyXY Source #

Add Tweak to PubKeyXO. This will result in Nothing if the group operation results in the Point at Infinity

pubKeyXOTweakAddCheck :: PubKeyXO -> Bool -> PubKeyXO -> Tweak -> Bool Source #

Check that a PubKeyXO is the result of the specified tweak operation. True means it was.

Schnorr Operations

schnorrSign :: KeyPair -> ByteString -> Maybe Signature Source #

Compute a schnorr signature using a KeyPair. The ByteString must be 32 bytes long to get a Just out of this function

schnorrVerify :: PubKeyXO -> ByteString -> Signature -> Bool Source #

Verify the authenticity of a schnorr signature. True means the Signature is correct.

Other

taggedSha256 :: ByteString -> ByteString -> SizedByteArray 32 ByteString Source #

Generate a tagged sha256 digest as specified in BIP340

ecdh :: SecKey -> PubKeyXY -> SizedByteArray 32 ByteString Source #

Compute a shared secret using ECDH and SHA256. This algorithm uses your own SecKey, your counterparty's PubKeyXY and results in a 32 byte SHA256 Digest.