|
|
|---|
|
|
|
|---|
Executable attachment for the ECDSA interface for the curve secp256k1.
We define a wrapper of the secp256k1 deterministic signature definition with public key recovery, and attach the wrapper to the constrained function. The wrapper serves to use the fixtypes for byte lists and to fix all the inputs and convert bytes to bits as required by the signature definition.
Function:
(defun secp256k1-sign-det-rec-wrapper (hash key small-x? small-s?) (declare (xargs :guard (and (byte-listp hash) (secp256k1-priv-key-p key) (booleanp small-x?) (booleanp small-s?)))) (let ((acl2::__function__ 'secp256k1-sign-det-rec-wrapper)) (declare (ignorable acl2::__function__)) (b* ((key (mbe :logic (secp256k1-priv-key-fix key) :exec key)) (small-x? (mbe :logic (bool-fix small-x?) :exec small-x?)) (small-s? (mbe :logic (bool-fix small-s?) :exec small-s?)) (hash-bits (bebytes=>bits hash)) ((mv error? x-index y-even? r s) (ecdsa-sign-deterministic-prehashed hash-bits key small-x? small-s?)) ((when error?) (mv t 0 nil 0 0))) (mv nil x-index y-even? r s))))
Theorem:
(defthm booleanp-of-secp256k1-sign-det-rec-wrapper.error? (b* (((mv ?error? ?x-index ?y-even? ?r ?s) (secp256k1-sign-det-rec-wrapper hash key small-x? small-s?))) (booleanp error?)) :rule-classes :rewrite)
Theorem:
(defthm natp-of-secp256k1-sign-det-rec-wrapper.x-index (b* (((mv ?error? ?x-index ?y-even? ?r ?s) (secp256k1-sign-det-rec-wrapper hash key small-x? small-s?))) (natp x-index)) :rule-classes :rewrite)
Theorem:
(defthm booleanp-of-secp256k1-sign-det-rec-wrapper.y-even? (b* (((mv ?error? ?x-index ?y-even? ?r ?s) (secp256k1-sign-det-rec-wrapper hash key small-x? small-s?))) (booleanp y-even?)) :rule-classes :rewrite)
Theorem:
(defthm secp256k1-fieldp-of-secp256k1-sign-det-rec-wrapper.r (b* (((mv ?error? ?x-index ?y-even? ?r ?s) (secp256k1-sign-det-rec-wrapper hash key small-x? small-s?))) (secp256k1-fieldp r)) :rule-classes :rewrite)
Theorem:
(defthm secp256k1-fieldp-of-secp256k1-sign-det-rec-wrapper.s (b* (((mv ?error? ?x-index ?y-even? ?r ?s) (secp256k1-sign-det-rec-wrapper hash key small-x? small-s?))) (secp256k1-fieldp s)) :rule-classes :rewrite)
Theorem:
(defthm secp256k1-sign-det-rec-wrapper-of-byte-list-fix-hash (equal (secp256k1-sign-det-rec-wrapper (byte-list-fix hash) key small-x? small-s?) (secp256k1-sign-det-rec-wrapper hash key small-x? small-s?)))
Theorem:
(defthm secp256k1-sign-det-rec-wrapper-byte-list-equiv-congruence-on-hash (implies (byte-list-equiv hash hash-equiv) (equal (secp256k1-sign-det-rec-wrapper hash key small-x? small-s?) (secp256k1-sign-det-rec-wrapper hash-equiv key small-x? small-s?))) :rule-classes :congruence)
Theorem:
(defthm secp256k1-sign-det-rec-wrapper-of-secp256k1-priv-key-fix-key (equal (secp256k1-sign-det-rec-wrapper hash (secp256k1-priv-key-fix key) small-x? small-s?) (secp256k1-sign-det-rec-wrapper hash key small-x? small-s?)))
Theorem:
(defthm secp256k1-sign-det-rec-wrapper-secp256k1-priv-key-equiv-congruence-on-key (implies (secp256k1-priv-key-equiv key key-equiv) (equal (secp256k1-sign-det-rec-wrapper hash key small-x? small-s?) (secp256k1-sign-det-rec-wrapper hash key-equiv small-x? small-s?))) :rule-classes :congruence)
Theorem:
(defthm secp256k1-sign-det-rec-wrapper-of-bool-fix-small-x? (equal (secp256k1-sign-det-rec-wrapper hash key (bool-fix small-x?) small-s?) (secp256k1-sign-det-rec-wrapper hash key small-x? small-s?)))
Theorem:
(defthm secp256k1-sign-det-rec-wrapper-iff-congruence-on-small-x? (implies (iff small-x? small-x?-equiv) (equal (secp256k1-sign-det-rec-wrapper hash key small-x? small-s?) (secp256k1-sign-det-rec-wrapper hash key small-x?-equiv small-s?))) :rule-classes :congruence)
Theorem:
(defthm secp256k1-sign-det-rec-wrapper-of-bool-fix-small-s? (equal (secp256k1-sign-det-rec-wrapper hash key small-x? (bool-fix small-s?)) (secp256k1-sign-det-rec-wrapper hash key small-x? small-s?)))
Theorem:
(defthm secp256k1-sign-det-rec-wrapper-iff-congruence-on-small-s? (implies (iff small-s? small-s?-equiv) (equal (secp256k1-sign-det-rec-wrapper hash key small-x? small-s?) (secp256k1-sign-det-rec-wrapper hash key small-x? small-s?-equiv))) :rule-classes :congruence)