sign method
Implementation
Future<Uint8List> sign(Uint8List message, Uint8List privateKey) async {
if (privateKey.length != PrivateKeySize)
throw ("incorrect privatekey length");
var h = Sha512().newHashSink();
h.add(privateKey.sublist(0, 32));
Uint8List digest1 = new Uint8List(64);
Uint8List messageDigest = new Uint8List(64);
Uint8List hramDigest = new Uint8List(64);
var expandedSecretKeyBuilder = BytesBuilder();
Uint8List expandedSecretKey = new Uint8List(32);
h.close();
var hash = await h.hash();
digest1 = Uint8List.fromList(hash.bytes);
expandedSecretKeyBuilder.add(digest1);
expandedSecretKey = expandedSecretKeyBuilder.toBytes();
expandedSecretKey[0] &= 248;
expandedSecretKey[31] &= 63;
expandedSecretKey[31] |= 64;
h = Sha512().newHashSink();
h.add(digest1.sublist(32));
h.add(message);
h.close();
hash = await h.hash();
messageDigest = Uint8List.fromList(hash.bytes);
Uint8List messageDigestReduced = new Uint8List(32);
ScReduce(messageDigestReduced, messageDigest);
ExtendedGroupElement R = new ExtendedGroupElement();
GeScalarMultBase(R, messageDigestReduced);
Uint8List encodedR = new Uint8List(32);
R.ToBytes(encodedR);
h = Sha512().newHashSink();
h.add(encodedR);
h.add(message);
h.close();
hash = await h.hash();
hramDigest = Uint8List.fromList(hash.bytes);
Uint8List hramDigestReduced = new Uint8List(32);
ScReduce(hramDigestReduced, hramDigest);
Uint8List s = new Uint8List(32);
ScMulAdd(s, hramDigestReduced, expandedSecretKey, messageDigestReduced);
var sigBuilder = BytesBuilder();
Uint8List sig = new Uint8List(SignatureSize);
sigBuilder.add(encodedR);
sigBuilder.add(s);
sig = sigBuilder.toBytes();
return sig;
}
