Skip to content

Commit

Permalink
Use linear combination in ECDSA verification
Browse files Browse the repository at this point in the history
  • Loading branch information
fjarri committed Jul 14, 2021
1 parent 2df2e72 commit e78587c
Showing 1 changed file with 10 additions and 3 deletions.
13 changes: 10 additions & 3 deletions k256/src/ecdsa/verify.rs
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
//! ECDSA verifier
use super::{recoverable, Error, Signature};
use crate::arithmetic::lincomb;
use crate::{
AffinePoint, CompressedPoint, EncodedPoint, ProjectivePoint, PublicKey, Scalar, Secp256k1,
};
Expand Down Expand Up @@ -90,9 +91,15 @@ impl VerifyPrimitive<Secp256k1> for AffinePoint {
let u1 = z * &s_inv;
let u2 = *r * s_inv;

let x = ((ProjectivePoint::generator() * u1) + (ProjectivePoint::from(*self) * u2))
.to_affine()
.x;
//let x = ((ProjectivePoint::generator() * u1) + (ProjectivePoint::from(*self) * u2))
let x = lincomb(
&ProjectivePoint::generator(),
&ProjectivePoint::from(*self),
&u1,
&u2,
)
.to_affine()
.x;

if Scalar::from_bytes_reduced(&x.to_bytes()).eq(&r) {
Ok(())
Expand Down

0 comments on commit e78587c

Please sign in to comment.