ecdsa

package standard library
go1.24.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 11, 2025 License: BSD-3-Clause Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func TestingOnlyNewDRBG 

func TestingOnlyNewDRBG(hash func() fips140.Hash, entropy, nonce []byte, s []byte) *hmacDRBG

TestingOnlyNewDRBG creates an SP 800-90A Rev. 1 HMAC_DRBG with a plain personalization string.

This should only be used for ACVP testing. hmacDRBG is not intended to be used directly.

func Verify 

func Verify[P Point[P]](c *Curve[P], pub *PublicKey, hash []byte, sig *Signature) error

Verify verifies the signature, sig, of hash (which should be the result of hashing a larger message) using the public key, pub. If the hash is longer than the bit-length of the private key's curve order, the hash will be truncated to that length.

The inputs are not considered confidential, and may leak through timing side channels, or if an attacker has control of part of the inputs.

Types

type Curve 

type Curve[P Point[P]] struct {
	N *bigmod.Modulus
	// contains filtered or unexported fields
}

func P224 

func P224() *Curve[*nistec.P224Point]

func P256 

func P256() *Curve[*nistec.P256Point]

func P384 

func P384() *Curve[*nistec.P384Point]

func P521 

func P521() *Curve[*nistec.P521Point]

type Point 

type Point[P any] interface {
	*nistec.P224Point | *nistec.P256Point | *nistec.P384Point | *nistec.P521Point
	Bytes() []byte
	BytesX() ([]byte, error)
	SetBytes([]byte) (P, error)
	ScalarMult(P, []byte) (P, error)
	ScalarBaseMult([]byte) (P, error)
	Add(p1, p2 P) P
}

Point is a generic constraint for the nistec Point types.

type PrivateKey 

type PrivateKey struct {
	// contains filtered or unexported fields
}

func GenerateKey 

func GenerateKey[P Point[P]](c *Curve[P], rand io.Reader) (*PrivateKey, error)

GenerateKey generates a new ECDSA private key pair for the specified curve.

func NewPrivateKey 

func NewPrivateKey[P Point[P]](c *Curve[P], D, Q []byte) (*PrivateKey, error)

func (*PrivateKey) Bytes 

func (priv *PrivateKey) Bytes() []byte

func (*PrivateKey) PublicKey 

func (priv *PrivateKey) PublicKey() *PublicKey

type PublicKey 

type PublicKey struct {
	// contains filtered or unexported fields
}

func NewPublicKey 

func NewPublicKey[P Point[P]](c *Curve[P], Q []byte) (*PublicKey, error)

func (*PublicKey) Bytes 

func (pub *PublicKey) Bytes() []byte

type Signature 

type Signature struct {
	R, S []byte
}

Signature is an ECDSA signature, where r and s are represented as big-endian byte slices of the same length as the curve order.

func Sign 

func Sign[P Point[P], H fips140.Hash](c *Curve[P], h func() H, priv *PrivateKey, rand io.Reader, hash []byte) (*Signature, error)

Sign signs a hash (which shall be the result of hashing a larger message with the hash function H) using the private key, priv. If the hash is longer than the bit-length of the private key's curve order, the hash will be truncated to that length.

func SignDeterministic 

func SignDeterministic[P Point[P], H fips140.Hash](c *Curve[P], h func() H, priv *PrivateKey, hash []byte) (*Signature, error)

SignDeterministic signs a hash (which shall be the result of hashing a larger message with the hash function H) using the private key, priv. If the hash is longer than the bit-length of the private key's curve order, the hash will be truncated to that length. This applies Deterministic ECDSA as specified in FIPS 186-5 and RFC 6979.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.