Module: Bitcoin::OpenSSL_EC

Defined in:
lib/coin-op/bit.rb

Class Method Summary collapse

Class Method Details

.BN_num_bytes(ptr) ⇒ Object 



76
 
# File 'lib/coin-op/bit.rb', line 76

def self.BN_num_bytes(ptr); (BN_num_bits(ptr) + 7) / 8; end

.repack_der_signature(signature) ⇒ Object

repack signature for OpenSSL 1.0.1k handling of DER signatures github.com/bitcoin/bitcoin/pull/5634/files



80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
 
# File 'lib/coin-op/bit.rb', line 80

def self.repack_der_signature(signature)
  init_ffi_ssl

  return false if signature.empty?

  # New versions of OpenSSL will reject non-canonical DER signatures. de/re-serialize first.
  norm_der = FFI::MemoryPointer.new(:pointer)
  sig_ptr  = FFI::MemoryPointer.new(:pointer).put_pointer(0, FFI::MemoryPointer.from_string(signature))

  norm_sig = d2i_ECDSA_SIG(nil, sig_ptr, signature.bytesize)

  derlen = i2d_ECDSA_SIG(norm_sig, norm_der)
  ECDSA_SIG_free(norm_sig)
  return false if derlen <= 0

  ret = norm_der.read_pointer.read_string(derlen)
  OPENSSL_free(norm_der.read_pointer)

  ret
end

.signature_to_low_s(signature) ⇒ Object

Regenerate a DER-encoded signature such that the S-value complies with the BIP62 specification.



104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
 
# File 'lib/coin-op/bit.rb', line 104

def self.signature_to_low_s(signature)
  init_ffi_ssl

  temp = signature.unpack("C*")
  length_r = temp[3]
  length_s = temp[5+length_r]
  sig = FFI::MemoryPointer.from_string(signature)

  # Calculate the lower s value
  s = BN_bin2bn(sig[6 + length_r], length_s, BN_new())
  eckey = EC_KEY_new_by_curve_name(NID_secp256k1)
  group, order, halforder, ctx = EC_KEY_get0_group(eckey), BN_new(), BN_new(), BN_CTX_new()

  EC_GROUP_get_order(group, order, ctx)
  BN_rshift1(halforder, order)
  if BN_cmp(s, halforder) > 0
    BN_sub(s, order, s)
  end

  BN_free(halforder)
  BN_free(order)
  BN_CTX_free(ctx)
  
  buf = FFI::MemoryPointer.new(:uint8, BN_num_bytes(s))
  BN_bn2bin(s, buf)
  length_s = BN_num_bytes(s)
  # p buf.read_string(length_s).unpack("H*")
  
  # Re-encode the signature in DER format
  sig = [0x30, 0, 0x02, length_r]
  sig.concat(temp.slice(4, length_r))
  sig << 0x02
  sig << length_s
  sig.concat(buf.read_string(length_s).unpack("C*"))
  sig[1] = sig.size - 2

  BN_free(s)
  EC_KEY_free(eckey)

  sig.pack("C*")
end