crypto/secp256k1: sign with deterministic K (rfc6979) (#3561)

96778a1c · Felix Lange · GitHub · 935d891e · 96778a1c · 96778a1c
Commit 96778a1c authored Jan 22, 2017 by Felix Lange Committed by GitHub Jan 22, 2017
Show whitespace changes
Inline Side-by-side

Showing with 22 additions and 8 deletions

secp256.go crypto/secp256k1/secp256.go +4 -8

secp256_test.go crypto/secp256k1/secp256_test.go +18 -0

No files found.
--- a/crypto/secp256k1/secp256.go
+++ b/crypto/secp256k1/secp256.go
@@ -40,8 +40,6 @@ import (
 	"errors"
 	"math/big"
 	"unsafe"
-
-	"github.com/ethereum/go-ethereum/crypto/randentropy"
 )

 var (
@@ -90,12 +88,10 @@ func Sign(msg []byte, seckey []byte) ([]byte, error) {

 	var (
 		msgdata   = (*C.uchar)(unsafe.Pointer(&msg[0]))
-		nonce         = randentropy.GetEntropyCSPRNG(32)
-		noncefunc     = &(*C.secp256k1_nonce_function_default)
-		noncefuncData = unsafe.Pointer(&nonce[0])
+		noncefunc = C.secp256k1_nonce_function_rfc6979
 		sigstruct C.secp256k1_ecdsa_recoverable_signature
 	)
-	if C.secp256k1_ecdsa_sign_recoverable(context, &sigstruct, msgdata, seckeydata, noncefunc, noncefuncData) == 0 {
+	if C.secp256k1_ecdsa_sign_recoverable(context, &sigstruct, msgdata, seckeydata, noncefunc, nil) == 0 {
 		return nil, ErrSignFailed
 	}


--- a/crypto/secp256k1/secp256_test.go
+++ b/crypto/secp256k1/secp256_test.go
@@ -112,6 +112,24 @@ func TestSignAndRecover(t *testing.T) {
 	}
 }

+func TestSignDeterministic(t *testing.T) {
+	_, seckey := generateKeyPair()
+	msg := make([]byte, 32)
+	copy(msg, "hi there")
+
+	sig1, err := Sign(msg, seckey)
+	if err != nil {
+		t.Fatal(err)
+	}
+	sig2, err := Sign(msg, seckey)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !bytes.Equal(sig1, sig2) {
+		t.Fatal("signatures not equal")
+	}
+}
+
 func TestRandomMessagesWithSameKey(t *testing.T) {
 	pubkey, seckey := generateKeyPair()
 	keys := func() ([]byte, []byte) {