Module: Bitcoin::Secp256k1::RFC6979

Defined in:: lib/bitcoin/secp256k1/rfc6979.rb

Constant Summary collapse

INITIAL_V =

'0101010101010101010101010101010101010101010101010101010101010101'.htb

INITIAL_K =

'0000000000000000000000000000000000000000000000000000000000000000'.htb

ZERO_B =

'00'.htb

ONE_B =

'01'.htb

Class Method Summary collapse

.generate_rfc6979_nonce(key_data, extra_entropy) ⇒ Integer

generate temporary key k to be used when ECDSA sign.

Class Method Details

.generate_rfc6979_nonce(key_data, extra_entropy) ⇒ `Integer`

generate temporary key k to be used when ECDSA sign. tools.ietf.org/html/rfc6979#section-3.2

Parameters:

key_data (String) —

a data contains private key and message.
extra_entropy (String) —

extra entropy with binary format.

Returns:

(Integer) —

a nonce.

# File 'lib/bitcoin/secp256k1/rfc6979.rb', line 17

def generate_rfc6979_nonce(key_data, extra_entropy)
  v = INITIAL_V # 3.2.b
  k = INITIAL_K # 3.2.c
  # 3.2.d
  k = Bitcoin.hmac_sha256(k, v + ZERO_B + key_data + extra_entropy)
  # 3.2.e
  v = Bitcoin.hmac_sha256(k, v)
  # 3.2.f
  k = Bitcoin.hmac_sha256(k, v + ONE_B + key_data + extra_entropy)
  # 3.2.g
  v = Bitcoin.hmac_sha256(k, v)
  # 3.2.h
  t = ''
  10000.times do
    v = Bitcoin.hmac_sha256(k, v)
    t = (t + v)
    t_num = t.bth.to_i(16)
    return t_num if 1 <= t_num && t_num < Bitcoin::Secp256k1::GROUP.order
    k = Bitcoin.hmac_sha256(k, v + '00'.htb)
    v = Bitcoin.hmac_sha256(k, v)
  end
  raise 'A valid nonce was not found.'
end

Module: Bitcoin::Secp256k1::RFC6979

Constant Summary collapse

Class Method Summary collapse

Class Method Details

.generate_rfc6979_nonce(key_data, extra_entropy) ⇒ Integer

.generate_rfc6979_nonce(key_data, extra_entropy) ⇒ `Integer`