Skip to content
This repository has been archived by the owner on Nov 16, 2021. It is now read-only.

Commit

Permalink
Merge pull request #21 from jhoenicke/master
Browse files Browse the repository at this point in the history 
Fix RFC6979 generation of k.
  • Loading branch information
@prusnak
prusnak committed Feb 11, 2015
2 parents 54aa5a4 + ed9d8c1 commit f4fe7c9
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions ecdsa.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -256,7 +256,7 @@ int generate_k_random(bignum256 *k) {
int generate_k_rfc6979(bignum256 *secret, const uint8_t *priv_key, const uint8_t *hash)
{
int i;
uint8_t v[32], k[32], bx[2*32], buf[32 + 1 + sizeof(bx)], t[32];
uint8_t v[32], k[32], bx[2*32], buf[32 + 1 + sizeof(bx)];
bignum256 z1;

memcpy(bx, priv_key, 32);
Expand All @@ -280,8 +280,8 @@ int generate_k_rfc6979(bignum256 *secret, const uint8_t *priv_key, const uint8_t
hmac_sha256(k, sizeof(k), v, sizeof(k), v);

for (i = 0; i < 10000; i++) {
hmac_sha256(k, sizeof(k), v, sizeof(v), t);
bn_read_be(t, secret);
hmac_sha256(k, sizeof(k), v, sizeof(v), v);
bn_read_be(v, secret);
if ( !bn_is_zero(secret) && bn_is_less(secret, &order256k1) ) {
return 0; // good number -> no error
}
Expand Down

0 comments on commit f4fe7c9

Please sign in to comment.