Added uECC_sign_recoverable for signing with recovery ID #80
Conversation
| @@ -1233,6 +1233,7 @@ static int uECC_sign_with_k(const uint8_t *private_key, | |||
| const uint8_t *message_hash, | |||
| unsigned hash_size, | |||
| uECC_word_t *k, | |||
| uint8_t *recid, | |||
There was a problem hiding this comment.
Instead of adding another parameter, you could return the recid in the first byte of k. That would reduce the overhead when people don't care about the recid.
There was a problem hiding this comment.
Uh, that looks quite hacky. And uECC_sign_with_k is a static function, only used internally.
|
It looks good to me, but presumably people might also want to get the recid for a deterministic signature. Maybe it would be better after all to just add a recid parameter to uECC_sign() and uECC_sign_deterministic() (and keep uECC_sign_with_k() the way you have it, ignore my comment). What do you think? |
|
Yeah, I thought about that. I still have a slight preference for making new functions. This avoids adding a parameter that many [all of the current] users don't care about. Adding a function is very little overhead. I'll add the deterministic version. |
This is only the first step to getting full "recovery ID" support.
The recovery ID ("recid") allows one to recover the public key from a ECDSA signature.
TODO: create a verify/recover method for doing the actual recovery; add deterministic version.