recoverPublicKey method

ECDSAPublicKey recoverPublicKey(
  1. List<int> hash,
  2. ProjectiveECCPoint generator,
  3. int recId
)

Recovers public key from the ECDSA signature and a hash of the message.

Parameters:

  • hash: A hash of the message to be verified.
  • generator: The generator point for the elliptic curve.
  • recId: recovery id

Implementation

ECDSAPublicKey recoverPublicKey(
  List<int> hash,
  ProjectiveECCPoint generator,
  int recId,
) {
  final curve = generator.curve;
  final order = generator.order!;
  final secret = BigintUtils.fromBytes(hash);
  final alpha =
      (r.modPow(BigInt.from(3), curve.p) + curve.a * r + curve.b) % curve.p;
  final beta = ECDSAUtils.modularSquareRootPrime(alpha, curve.p);
  BigInt y = (beta % BigInt.two == BigInt.zero) ? beta : (curve.p - beta);
  if (recId > 0) {
    y = -y;
  }
  final ProjectiveECCPoint r1 = ProjectiveECCPoint(
    curve: curve,
    x: r,
    y: y,
    z: BigInt.one,
    order: order,
  );
  final ProjectiveECCPoint q1 =
      ((r1 * s) + (generator * (-secret % order))) *
              BigintUtils.inverseMod(r, order)
          as ProjectiveECCPoint;
  return ECDSAPublicKey(generator, q1);
}