Function verify [src]

Verify that the signature is valid for the entire message. This function uses cofactored verification for broad interoperability. It aligns single-signature verification with common batch verification approaches. Return IdentityElement or NonCanonical if the public key or signature are not in the expected range, or SignatureVerificationError if the signature is invalid for the given message and key.

Prototype

pub fn verify(self: *Verifier) VerifyError!void

Parameters

self: *Verifier

Possible Errors

IdentityElement IdentityElementError

SignatureVerificationFailed SignatureVerificationError

WeakPublicKey WeakPublicKeyError

Source

  pub fn verify(self: *Verifier) VerifyError!void {
    var hram64: [Sha512.digest_length]u8 = undefined;
    self.h.final(&hram64);
    const hram = Curve.scalar.reduce64(hram64);
    const sb_ah = (try Curve.basePoint.mulDoubleBasePublic(
        Curve.scalar.mul8(self.s),
        self.a.clearCofactor().neg(),
        hram,
    ));
    const check = sb_ah.sub(self.expected_r.clearCofactor());
    if (check.rejectIdentity()) |_| {
        return error.SignatureVerificationFailed;
    } else |_| {}
}  