pub struct Secp256k1<C>where
C: Context,{ /* private fields */ }
Expand description
The secp256k1 engine, used to execute all signature operations.
Implementations§
§impl<C> Secp256k1<C>where
C: Context,
impl<C> Secp256k1<C>where
C: Context,
pub fn gen_new() -> Secp256k1<C>
pub fn gen_new() -> Secp256k1<C>
Lets you create a context in a generic manner (sign/verify/all).
If rand-std
feature is enabled, context will have been randomized using thread_rng
.
If rand-std
feature is not enabled please consider randomizing the context as follows:
let mut ctx = Secp256k1::new();
// let seed = <32 bytes of random data>
ctx.seeded_randomize(&seed);
§impl Secp256k1<SignOnly>
impl Secp256k1<SignOnly>
pub fn signing_only() -> Secp256k1<SignOnly>
pub fn signing_only() -> Secp256k1<SignOnly>
Creates a new Secp256k1 context that can only be used for signing.
If rand-std
feature is enabled, context will have been randomized using thread_rng
.
If rand-std
feature is not enabled please consider randomizing the context (see docs
for Secp256k1::gen_new()
).
§impl Secp256k1<VerifyOnly>
impl Secp256k1<VerifyOnly>
pub fn verification_only() -> Secp256k1<VerifyOnly>
pub fn verification_only() -> Secp256k1<VerifyOnly>
Creates a new Secp256k1 context that can only be used for verification.
If rand-std
feature is enabled, context will have been randomized using thread_rng
.
If rand-std
feature is not enabled please consider randomizing the context (see docs
for Secp256k1::gen_new()
).
§impl<'buf, C> Secp256k1<C>where
C: Context + PreallocatedContext<'buf>,
impl<'buf, C> Secp256k1<C>where
C: Context + PreallocatedContext<'buf>,
pub fn preallocated_gen_new(
buf: &'buf mut [AlignedType],
) -> Result<Secp256k1<C>, Error>
pub fn preallocated_gen_new( buf: &'buf mut [AlignedType], ) -> Result<Secp256k1<C>, Error>
Lets you create a context with a preallocated buffer in a generic manner (sign/verify/all).
§impl<'buf> Secp256k1<AllPreallocated<'buf>>
impl<'buf> Secp256k1<AllPreallocated<'buf>>
pub fn preallocated_new(
buf: &'buf mut [AlignedType],
) -> Result<Secp256k1<AllPreallocated<'buf>>, Error>
pub fn preallocated_new( buf: &'buf mut [AlignedType], ) -> Result<Secp256k1<AllPreallocated<'buf>>, Error>
Creates a new Secp256k1 context with all capabilities
pub fn preallocate_size() -> usize
pub fn preallocate_size() -> usize
Uses the ffi secp256k1_context_preallocated_size
to check the memory size needed for a context.
pub unsafe fn from_raw_all(
raw_ctx: *mut Context,
) -> ManuallyDrop<Secp256k1<AllPreallocated<'buf>>>
pub unsafe fn from_raw_all( raw_ctx: *mut Context, ) -> ManuallyDrop<Secp256k1<AllPreallocated<'buf>>>
Create a context from a raw context.
§Safety
This is highly unsafe, due to the number of conditions that aren’t checked.
raw_ctx
needs to be a valid Secp256k1 context pointer. that was generated by exactly the same code/version of the libsecp256k1 used here.- The capabilities (All/SignOnly/VerifyOnly) of the context must match the flags passed to libsecp256k1 when generating the context.
- The user must handle the freeing of the context(using the correct functions) by himself.
- Violating these may lead to Undefined Behavior.
§impl<'buf> Secp256k1<SignOnlyPreallocated<'buf>>
impl<'buf> Secp256k1<SignOnlyPreallocated<'buf>>
pub fn preallocated_signing_only(
buf: &'buf mut [AlignedType],
) -> Result<Secp256k1<SignOnlyPreallocated<'buf>>, Error>
pub fn preallocated_signing_only( buf: &'buf mut [AlignedType], ) -> Result<Secp256k1<SignOnlyPreallocated<'buf>>, Error>
Creates a new Secp256k1 context that can only be used for signing.
pub fn preallocate_signing_size() -> usize
pub fn preallocate_signing_size() -> usize
Uses the ffi secp256k1_context_preallocated_size
to check the memory size needed for the context.
pub unsafe fn from_raw_signining_only(
raw_ctx: *mut Context,
) -> ManuallyDrop<Secp256k1<SignOnlyPreallocated<'buf>>>
pub unsafe fn from_raw_signining_only( raw_ctx: *mut Context, ) -> ManuallyDrop<Secp256k1<SignOnlyPreallocated<'buf>>>
Create a context from a raw context.
§Safety
This is highly unsafe, due to the number of conditions that aren’t checked.
raw_ctx
needs to be a valid Secp256k1 context pointer. that was generated by exactly the same code/version of the libsecp256k1 used here.- The capabilities (All/SignOnly/VerifyOnly) of the context must match the flags passed to libsecp256k1 when generating the context.
- The user must handle the freeing of the context(using the correct functions) by himself.
- This list is not exhaustive, and any violation may lead to Undefined Behavior.
§impl<'buf> Secp256k1<VerifyOnlyPreallocated<'buf>>
impl<'buf> Secp256k1<VerifyOnlyPreallocated<'buf>>
pub fn preallocated_verification_only(
buf: &'buf mut [AlignedType],
) -> Result<Secp256k1<VerifyOnlyPreallocated<'buf>>, Error>
pub fn preallocated_verification_only( buf: &'buf mut [AlignedType], ) -> Result<Secp256k1<VerifyOnlyPreallocated<'buf>>, Error>
Creates a new Secp256k1 context that can only be used for verification
pub fn preallocate_verification_size() -> usize
pub fn preallocate_verification_size() -> usize
Uses the ffi secp256k1_context_preallocated_size
to check the memory size needed for the context.
pub unsafe fn from_raw_verification_only(
raw_ctx: *mut Context,
) -> ManuallyDrop<Secp256k1<VerifyOnlyPreallocated<'buf>>>
pub unsafe fn from_raw_verification_only( raw_ctx: *mut Context, ) -> ManuallyDrop<Secp256k1<VerifyOnlyPreallocated<'buf>>>
Create a context from a raw context.
§Safety
This is highly unsafe, due to the number of conditions that aren’t checked.
raw_ctx
needs to be a valid Secp256k1 context pointer. that was generated by exactly the same code/version of the libsecp256k1 used here.- The capabilities (All/SignOnly/VerifyOnly) of the context must match the flags passed to libsecp256k1 when generating the context.
- The user must handle the freeing of the context(using the correct functions) by himself.
- This list is not exhaustive, and any violation may lead to Undefined Behavior.
§impl<C> Secp256k1<C>where
C: Signing,
impl<C> Secp256k1<C>where
C: Signing,
pub fn sign_recoverable(
&self,
msg: &Message,
sk: &SecretKey,
) -> RecoverableSignature
👎Deprecated since 0.21.0: Use sign_ecdsa_recoverable instead.
pub fn sign_recoverable( &self, msg: &Message, sk: &SecretKey, ) -> RecoverableSignature
Constructs a signature for msg
using the secret key sk
and RFC6979 nonce.
Requires a signing-capable context.
pub fn sign_ecdsa_recoverable(
&self,
msg: &Message,
sk: &SecretKey,
) -> RecoverableSignature
pub fn sign_ecdsa_recoverable( &self, msg: &Message, sk: &SecretKey, ) -> RecoverableSignature
Constructs a signature for msg
using the secret key sk
and RFC6979 nonce
Requires a signing-capable context.
pub fn sign_ecdsa_recoverable_with_noncedata(
&self,
msg: &Message,
sk: &SecretKey,
noncedata: &[u8; 32],
) -> RecoverableSignature
pub fn sign_ecdsa_recoverable_with_noncedata( &self, msg: &Message, sk: &SecretKey, noncedata: &[u8; 32], ) -> RecoverableSignature
Constructs a signature for msg
using the secret key sk
and RFC6979 nonce
and includes 32 bytes of noncedata in the nonce generation via inclusion in
one of the hash operations during nonce generation. This is useful when multiple
signatures are needed for the same Message and SecretKey while still using RFC6979.
Requires a signing-capable context.
§impl<C> Secp256k1<C>where
C: Verification,
impl<C> Secp256k1<C>where
C: Verification,
pub fn recover(
&self,
msg: &Message,
sig: &RecoverableSignature,
) -> Result<PublicKey, Error>
👎Deprecated since 0.21.0: Use recover_ecdsa instead.
pub fn recover( &self, msg: &Message, sig: &RecoverableSignature, ) -> Result<PublicKey, Error>
Determines the public key for which sig
is a valid signature for
msg
. Requires a verify-capable context.
pub fn recover_ecdsa(
&self,
msg: &Message,
sig: &RecoverableSignature,
) -> Result<PublicKey, Error>
pub fn recover_ecdsa( &self, msg: &Message, sig: &RecoverableSignature, ) -> Result<PublicKey, Error>
Determines the public key for which sig
is a valid signature for
msg
. Requires a verify-capable context.
§impl<C> Secp256k1<C>where
C: Signing,
impl<C> Secp256k1<C>where
C: Signing,
pub fn sign(&self, msg: &Message, sk: &SecretKey) -> Signature
👎Deprecated since 0.21.0: Use sign_ecdsa instead.
pub fn sign(&self, msg: &Message, sk: &SecretKey) -> Signature
Constructs a signature for msg
using the secret key sk
and RFC6979 nonce
Requires a signing-capable context.
pub fn sign_ecdsa(&self, msg: &Message, sk: &SecretKey) -> Signature
pub fn sign_ecdsa(&self, msg: &Message, sk: &SecretKey) -> Signature
Constructs a signature for msg
using the secret key sk
and RFC6979 nonce
Requires a signing-capable context.
pub fn sign_ecdsa_with_noncedata(
&self,
msg: &Message,
sk: &SecretKey,
noncedata: &[u8; 32],
) -> Signature
pub fn sign_ecdsa_with_noncedata( &self, msg: &Message, sk: &SecretKey, noncedata: &[u8; 32], ) -> Signature
Constructs a signature for msg
using the secret key sk
and RFC6979 nonce
and includes 32 bytes of noncedata in the nonce generation via inclusion in
one of the hash operations during nonce generation. This is useful when multiple
signatures are needed for the same Message and SecretKey while still using RFC6979.
Requires a signing-capable context.
pub fn sign_grind_r(
&self,
msg: &Message,
sk: &SecretKey,
bytes_to_grind: usize,
) -> Signature
👎Deprecated since 0.21.0: Use sign_ecdsa_grind_r instead.
pub fn sign_grind_r( &self, msg: &Message, sk: &SecretKey, bytes_to_grind: usize, ) -> Signature
Constructs a signature for msg
using the secret key sk
, RFC6979 nonce
and “grinds” the nonce by passing extra entropy if necessary to produce
a signature that is less than 71 - bytes_to_grind
bytes. The number
of signing operation performed by this function is exponential in the
number of bytes grinded.
Requires a signing capable context.
pub fn sign_ecdsa_grind_r(
&self,
msg: &Message,
sk: &SecretKey,
bytes_to_grind: usize,
) -> Signature
pub fn sign_ecdsa_grind_r( &self, msg: &Message, sk: &SecretKey, bytes_to_grind: usize, ) -> Signature
Constructs a signature for msg
using the secret key sk
, RFC6979 nonce
and “grinds” the nonce by passing extra entropy if necessary to produce
a signature that is less than 71 - bytes_to_grind
bytes. The number
of signing operation performed by this function is exponential in the
number of bytes grinded.
Requires a signing capable context.
pub fn sign_low_r(&self, msg: &Message, sk: &SecretKey) -> Signature
👎Deprecated since 0.21.0: Use sign_ecdsa_low_r instead.
pub fn sign_low_r(&self, msg: &Message, sk: &SecretKey) -> Signature
Constructs a signature for msg
using the secret key sk
, RFC6979 nonce
and “grinds” the nonce by passing extra entropy if necessary to produce
a signature that is less than 71 bytes and compatible with the low r
signature implementation of bitcoin core. In average, this function
will perform two signing operations.
Requires a signing capable context.
pub fn sign_ecdsa_low_r(&self, msg: &Message, sk: &SecretKey) -> Signature
pub fn sign_ecdsa_low_r(&self, msg: &Message, sk: &SecretKey) -> Signature
Constructs a signature for msg
using the secret key sk
, RFC6979 nonce
and “grinds” the nonce by passing extra entropy if necessary to produce
a signature that is less than 71 bytes and compatible with the low r
signature implementation of bitcoin core. In average, this function
will perform two signing operations.
Requires a signing capable context.
§impl<C> Secp256k1<C>where
C: Verification,
impl<C> Secp256k1<C>where
C: Verification,
pub fn verify(
&self,
msg: &Message,
sig: &Signature,
pk: &PublicKey,
) -> Result<(), Error>
👎Deprecated since 0.21.0: Use verify_ecdsa instead
pub fn verify( &self, msg: &Message, sig: &Signature, pk: &PublicKey, ) -> Result<(), Error>
Checks that sig
is a valid ECDSA signature for msg
using the public
key pubkey
. Returns Ok(())
on success. Note that this function cannot
be used for Bitcoin consensus checking since there may exist signatures
which OpenSSL would verify but not libsecp256k1, or vice-versa. Requires a
verify-capable context.
let message = Message::from_slice(&[0xab; 32]).expect("32 bytes");
let sig = secp.sign(&message, &secret_key);
assert_eq!(secp.verify(&message, &sig, &public_key), Ok(()));
let message = Message::from_slice(&[0xcd; 32]).expect("32 bytes");
assert_eq!(secp.verify(&message, &sig, &public_key), Err(Error::IncorrectSignature));
pub fn verify_ecdsa(
&self,
msg: &Message,
sig: &Signature,
pk: &PublicKey,
) -> Result<(), Error>
pub fn verify_ecdsa( &self, msg: &Message, sig: &Signature, pk: &PublicKey, ) -> Result<(), Error>
Checks that sig
is a valid ECDSA signature for msg
using the public
key pubkey
. Returns Ok(())
on success. Note that this function cannot
be used for Bitcoin consensus checking since there may exist signatures
which OpenSSL would verify but not libsecp256k1, or vice-versa. Requires a
verify-capable context.
let message = Message::from_slice(&[0xab; 32]).expect("32 bytes");
let sig = secp.sign_ecdsa(&message, &secret_key);
assert_eq!(secp.verify_ecdsa(&message, &sig, &public_key), Ok(()));
let message = Message::from_slice(&[0xcd; 32]).expect("32 bytes");
assert_eq!(secp.verify_ecdsa(&message, &sig, &public_key), Err(Error::IncorrectSignature));
§impl<C> Secp256k1<C>where
C: Signing,
impl<C> Secp256k1<C>where
C: Signing,
pub fn schnorrsig_sign_no_aux_rand(
&self,
msg: &Message,
keypair: &KeyPair,
) -> Signature
👎Deprecated since 0.21.0: Use sign_schnorr_no_aux_rand instead.
pub fn schnorrsig_sign_no_aux_rand( &self, msg: &Message, keypair: &KeyPair, ) -> Signature
Create a schnorr signature without using any auxiliary random data.
pub fn sign_schnorr_no_aux_rand(
&self,
msg: &Message,
keypair: &KeyPair,
) -> Signature
pub fn sign_schnorr_no_aux_rand( &self, msg: &Message, keypair: &KeyPair, ) -> Signature
Create a schnorr signature without using any auxiliary random data.
§impl<C> Secp256k1<C>where
C: Verification,
impl<C> Secp256k1<C>where
C: Verification,
pub fn schnorrsig_verify(
&self,
sig: &Signature,
msg: &Message,
pubkey: &XOnlyPublicKey,
) -> Result<(), Error>
👎Deprecated since 0.21.0: Use verify_schnorr instead.
pub fn schnorrsig_verify( &self, sig: &Signature, msg: &Message, pubkey: &XOnlyPublicKey, ) -> Result<(), Error>
Verify a Schnorr signature.
pub fn verify_schnorr(
&self,
sig: &Signature,
msg: &Message,
pubkey: &XOnlyPublicKey,
) -> Result<(), Error>
pub fn verify_schnorr( &self, sig: &Signature, msg: &Message, pubkey: &XOnlyPublicKey, ) -> Result<(), Error>
Verify a Schnorr signature.
§impl<C> Secp256k1<C>where
C: Context,
impl<C> Secp256k1<C>where
C: Context,
pub fn ctx(&self) -> &*mut Context
pub fn ctx(&self) -> &*mut Context
Getter for the raw pointer to the underlying secp256k1 context. This shouldn’t be needed with normal usage of the library. It enables extending the Secp256k1 with more cryptographic algorithms outside of this crate.
pub fn preallocate_size_gen() -> usize
pub fn preallocate_size_gen() -> usize
Returns the required memory for a preallocated context buffer in a generic manner(sign/verify/all).
pub fn seeded_randomize(&mut self, seed: &[u8; 32])
pub fn seeded_randomize(&mut self, seed: &[u8; 32])
(Re)randomizes the Secp256k1 context for extra sidechannel resistance given 32 bytes of cryptographically-secure random data; see comment in libsecp256k1 commit d2275795f by Gregory Maxwell.
Trait Implementations§
impl<C> Eq for Secp256k1<C>where
C: Context,
impl<C> Send for Secp256k1<C>where
C: Context,
impl<C> Sync for Secp256k1<C>where
C: Context,
Auto Trait Implementations§
impl<C> Freeze for Secp256k1<C>
impl<C> RefUnwindSafe for Secp256k1<C>where
C: RefUnwindSafe,
impl<C> Unpin for Secp256k1<C>where
C: Unpin,
impl<C> UnwindSafe for Secp256k1<C>where
C: UnwindSafe,
Blanket Implementations§
§impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
§impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
source§unsafe fn clone_to_uninit(&self, dst: *mut T)
unsafe fn clone_to_uninit(&self, dst: *mut T)
clone_to_uninit
)source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
source§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
key
and return true
if they are equal.§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
key
and return true
if they are equal.§impl<T> Instrument for T
impl<T> Instrument for T
§fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
source§impl<T> IntoRequest<T> for T
impl<T> IntoRequest<T> for T
source§fn into_request(self) -> Request<T>
fn into_request(self) -> Request<T>
T
in a tonic::Request