module Tapyrus::Secp256k1::RFC6979

Constants

INITIAL_K
INITIAL_V
ONE_B
ZERO_B

Public Instance Methods

generate_rfc6979_nonce(key_data, extra_entropy) click to toggle source

generate temporary key k to be used when ECDSA sign. tools.ietf.org/html/rfc6979#section-3.2 @param [String] key_data a data contains private key and message. @param [String] extra_entropy extra entropy with binary format. @return [Integer] a nonce.

# File lib/tapyrus/secp256k1/rfc6979.rb, line 16
def generate_rfc6979_nonce(key_data, extra_entropy)
  v = INITIAL_V # 3.2.b
  k = INITIAL_K # 3.2.c

  # 3.2.d
  k = Tapyrus.hmac_sha256(k, v + ZERO_B + key_data + extra_entropy)

  # 3.2.e
  v = Tapyrus.hmac_sha256(k, v)

  # 3.2.f
  k = Tapyrus.hmac_sha256(k, v + ONE_B + key_data + extra_entropy)

  # 3.2.g
  v = Tapyrus.hmac_sha256(k, v)

  # 3.2.h
  t = ''
  10_000.times do
    v = Tapyrus.hmac_sha256(k, v)
    t = (t + v)
    t_num = t.bth.to_i(16)
    return t_num if 1 <= t_num && t_num < Tapyrus::Secp256k1::GROUP.order
    k = Tapyrus.hmac_sha256(k, v + '00'.htb)
    v = Tapyrus.hmac_sha256(k, v)
  end
  raise 'A valid nonce was not found.'
end