Skip to main content

sign_prehashed_rfc6979

Function sign_prehashed_rfc6979 

Source
pub fn sign_prehashed_rfc6979<C, D>(
    d: &NonZeroScalar<C>,
    z: &FieldBytes<C>,
    ad: &[u8],
) -> Result<(Signature<C>, RecoveryId)>
Expand description

Try to sign the given message digest deterministically using the method described in RFC6979 for computing ECDSA ephemeral scalar k.

Accepts the following parameters:

  • d: signing key. MUST BE UNIFORMLY RANDOM!!!
  • z: message digest to be signed, i.e. H(m). Does not have to be reduced in advance.
  • ad: optional additional data, e.g. added entropy from an RNG

ยงErrors

This will return an error if a zero-scalar was generated. It can be tried again with different entropy ad.