crypto

package
v0.0.0-...-7ee7fde Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 28, 2020 License: Apache-2.0 Imports: 24 Imported by: 20

Documentation

Overview

Copyright (c) 2013-2017 The btcsuite developers Use of this source code is governed by an ISC license that can be found in the LICENSE file.

Copyright (c) 2018-2020. The asimov developers Copyright (c) 2013-2017 The btcsuite developers Use of this source code is governed by an ISC license that can be found in the LICENSE file.

Copyright (c) 2013-2017 The btcsuite developers Use of this source code is governed by an ISC license that can be found in the LICENSE file.

Example (SignMessage)

This example demonstrates signing a message with a secp256k1 private key that is first parsed form raw bytes and serializing the generated signature. 

package main

import (
	"encoding/hex"
	"fmt"
	"github.com/AsimovNetwork/asimov/common"

	"github.com/AsimovNetwork/asimov/crypto"
)

func main() {
	// Decode a hex-encoded private key.
	pkBytes, err := hex.DecodeString("22a47fa09a223f2aa079edf85a7c2d4f87" +
		"20ee63e502ee2869afab7de234b80c")
	if err != nil {
		fmt.Println(err)
		return
	}
	privKey, pubKey := crypto.PrivKeyFromBytes(crypto.S256(), pkBytes)

	// Sign a message using the private key.
	message := "test message"
	messageHash := common.DoubleHashB([]byte(message))
	signature, err := privKey.Sign(messageHash)
	if err != nil {
		fmt.Println(err)
		return
	}

	// Serialize and display the signature.
	fmt.Printf("Serialized Signature: %x\n", signature.Serialize())

	// Verify the signature for the message using the public key.
	verified := signature.Verify(messageHash, pubKey)
	fmt.Printf("Signature Verified? %v\n", verified)

}

Output:

Serialized Signature: 304402201008e236fa8cd0f25df4482dddbb622e8a8b26ef0ba731719458de3ccd93805b022032f8ebe514ba5f672466eba334639282616bb3c2f0ab09998037513d1f9e3d6d
Signature Verified? true
Example (VerifySignature)

This example demonstrates verifying a secp256k1 signature against a public key that is first parsed from raw bytes. The signature is also parsed from raw bytes. 

package main

import (
	"encoding/hex"
	"fmt"
	"github.com/AsimovNetwork/asimov/common"

	"github.com/AsimovNetwork/asimov/crypto"
)

func main() {
	// Decode hex-encoded serialized public key.
	pubKeyBytes, err := hex.DecodeString("02a673638cb9587cb68ea08dbef685c" +
		"6f2d2a751a8b3c6f2a7e9a4999e6e4bfaf5")
	if err != nil {
		fmt.Println(err)
		return
	}
	pubKey, err := crypto.ParsePubKey(pubKeyBytes, crypto.S256())
	if err != nil {
		fmt.Println(err)
		return
	}

	// Decode hex-encoded serialized signature.
	sigBytes, err := hex.DecodeString("30450220090ebfb3690a0ff115bb1b38b" +
		"8b323a667b7653454f1bccb06d4bbdca42c2079022100ec95778b51e707" +
		"1cb1205f8bde9af6592fc978b0452dafe599481c46d6b2e479")

	if err != nil {
		fmt.Println(err)
		return
	}
	signature, err := crypto.ParseSignature(sigBytes, crypto.S256())
	if err != nil {
		fmt.Println(err)
		return
	}

	// Verify the signature for the message using the public key.
	message := "test message"
	messageHash := common.DoubleHashB([]byte(message))
	verified := signature.Verify(messageHash, pubKey)
	fmt.Println("Signature Verified?", verified)

}

Output:

Signature Verified? true

Index

Examples

Constants

View Source 
const (
	PubKeyBytesLenCompressed   = 33
	PubKeyBytesLenUncompressed = 65
	PubKeyBytesLenHybrid       = 65
)

These constants define the lengths of serialized public keys.

View Source 
const PrivKeyBytesLen = 32

PrivKeyBytesLen defines the length in bytes of a serialized private key.

Variables

This section is empty.

Functions

func CompressPubkey 

func CompressPubkey(pubkey *ecdsa.PublicKey) []byte

CompressPubkey encodes a public key to the 33-byte compressed format.

func CreateAddress 

func CreateAddress(b common.Address, nonce uint64) common.Address

CreateAddress creates an ethereum address given the bytes and the nonce

func CreateAddress2 

func CreateAddress2(b common.Address, salt [32]byte, code []byte) common.Address

CreateAddress2 creates an ethereum address given the address bytes, initial contract code and a salt.

func CreateContractAddress 

func CreateContractAddress(key []byte, code []byte, inputHash []byte) (common.Address, error)

crate contract address for vvs

func DecompressPubkey 

func DecompressPubkey(pubkey []byte) (*ecdsa.PublicKey, error)

DecompressPubkey parses a public key in the 33-byte compressed format.

func Ecrecover 

func Ecrecover(hash, sig []byte) ([]byte, error)

Ecrecover returns the uncompressed public key that created the given signature.

func FromECDSA 

func FromECDSA(priv *ecdsa.PrivateKey) []byte

FromECDSA exports a private key into a binary dump.

func FromECDSAPub 

func FromECDSAPub(pub *ecdsa.PublicKey) []byte

func GenerateKey 

func GenerateKey() (*ecdsa.PrivateKey, error)

func HexToECDSA 

func HexToECDSA(hexkey string) (*ecdsa.PrivateKey, error)

HexToECDSA parses a secp256k1 private key.

func IsCompressedPubKey 

func IsCompressedPubKey(pubKey []byte) bool

IsCompressedPubKey returns true the the passed serialized public key has been encoded in compressed format, and false otherwise.

func Keccak256 

func Keccak256(data ...[]byte) []byte

Keccak256 calculates and returns the Keccak256 hash of the input data.

func Keccak256Hash 

func Keccak256Hash(data ...[]byte) (h common.Hash)

Keccak256Hash calculates and returns the Keccak256 hash of the input data, converting it to an internal Hash data structure.

func Keccak512 

func Keccak512(data ...[]byte) []byte

Keccak512 calculates and returns the Keccak512 hash of the input data.

func LoadECDSA 

func LoadECDSA(file string) (*ecdsa.PrivateKey, error)

LoadECDSA loads a secp256k1 private key from the given file.

func NAF 

func NAF(k []byte) ([]byte, []byte)

NAF takes a positive integer k and returns the Non-Adjacent Form (NAF) as two byte slices. The first is where 1s will be. The second is where -1s will be. NAF is convenient in that on average, only 1/3rd of its values are non-zero. This is algorithm 3.30 from [GECC].

Essentially, this makes it possible to minimize the number of operations since the resulting ints returned will be at least 50% 0s.

func PrivKeyFromBytes 

func PrivKeyFromBytes(curve elliptic.Curve, pk []byte) (*PrivateKey,
	*PublicKey)

PrivKeyFromBytes returns a private and public key for `curve' based on the private key passed as an argument as a byte slice.

func PubkeyToAddress 

func PubkeyToAddress(p ecdsa.PublicKey) common.Address

func SaveECDSA 

func SaveECDSA(file string, key *ecdsa.PrivateKey) error

SaveECDSA saves a secp256k1 private key to the given file with restrictive permissions. The key data is saved hex-encoded.

func SigToPub 

func SigToPub(hash, sig []byte) (*ecdsa.PublicKey, error)

SigToPub returns the public key that created the given signature.

func Sign 

func Sign(hash []byte, prv *ecdsa.PrivateKey) ([]byte, error)

Sign calculates an ECDSA signature.

This function is susceptible to chosen plaintext attacks that can leak information about the private key that is used for signing. Callers must be aware that the given hash cannot be chosen by an adversery. Common solution is to hash any input before calculating the signature.

The produced signature is in the [R || S || V] format where V is 0 or 1.

func SignCompact 

func SignCompact(curve *KoblitzCurve, key *PrivateKey,
	hash []byte, isCompressedKey bool) ([]byte, error)

SignCompact produces a compact signature of the data in hash with the given private key on the given koblitz curve. The isCompressed parameter should be used to detail if the given signature should reference a compressed public key or not. If successful the bytes of the compact signature will be returned in the format: <(byte of 27+public key solution)+4 if compressed >< padded bytes for signature R><padded bytes for signature S> where the R and S parameters are padde up to the bitlengh of the curve.

func ToECDSA 

func ToECDSA(d []byte) (*ecdsa.PrivateKey, error)

ToECDSA creates a private key with the given D value.

func ToECDSAUnsafe 

func ToECDSAUnsafe(d []byte) *ecdsa.PrivateKey

ToECDSAUnsafe blindly converts a binary blob to a private key. It should almost never be used unless you are sure the input is valid and want to avoid hitting errors due to bad origin encoding (0 prefixes cut off).

func UnmarshalPubkey 

func UnmarshalPubkey(pub []byte) (*ecdsa.PublicKey, error)

UnmarshalPubkey converts bytes to a secp256k1 public key.

func ValidateSignatureValues 

func ValidateSignatureValues(v byte, r, s *big.Int, homestead bool) bool

ValidateSignatureValues verifies whether the signature values are valid with the given chain rules. The v value is assumed to be either 0 or 1.

func VerifySignature 

func VerifySignature(pubkey, hash, signature []byte) bool

VerifySignature checks that the given public key created signature over hash. The public key should be in compressed (33 bytes) or uncompressed (65 bytes) format. The signature should have the 64 byte [R || S] format.

Types

type Account 

type Account struct {
	PrivateKey PrivateKey
	PublicKey  PublicKey
	Address    *common.Address
}

crypto object

func NewAccount 

func NewAccount(privateKey string) (*Account, error)

type KoblitzCurve 

type KoblitzCurve struct {
	*elliptic.CurveParams

	H int // cofactor of the curve.
	// contains filtered or unexported fields
}

KoblitzCurve supports a koblitz curve implementation that fits the ECC Curve interface from crypto/elliptic.

func S256 

func S256() *KoblitzCurve

S256 returns a Curve which implements secp256k1.

func (*KoblitzCurve) Add 

func (curve *KoblitzCurve) Add(x1, y1, x2, y2 *big.Int) (*big.Int, *big.Int)

Add returns the sum of (x1,y1) and (x2,y2). Part of the elliptic.Curve interface.

func (*KoblitzCurve) Double 

func (curve *KoblitzCurve) Double(x1, y1 *big.Int) (*big.Int, *big.Int)

Double returns 2*(x1,y1). Part of the elliptic.Curve interface.

func (*KoblitzCurve) IsOnCurve 

func (curve *KoblitzCurve) IsOnCurve(x, y *big.Int) bool

IsOnCurve returns boolean if the point (x,y) is on the curve. Part of the elliptic.Curve interface. This function differs from the crypto/elliptic algorithm since a = 0 not -3.

func (*KoblitzCurve) Params 

func (curve *KoblitzCurve) Params() *elliptic.CurveParams

Params returns the parameters for the curve.

func (*KoblitzCurve) Q 

func (curve *KoblitzCurve) Q() *big.Int

Q returns the (P+1)/4 constant for the curve for use in calculating square roots via exponentiation.

func (*KoblitzCurve) QPlus1Div4 

func (curve *KoblitzCurve) QPlus1Div4() *big.Int

QPlus1Div4 returns the (P+1)/4 constant for the curve for use in calculating square roots via exponentiation.

DEPRECATED: The actual value returned is (P+1)/4, where as the original method name implies that this value is (((P+1)/4)+1)/4. This method is kept to maintain backwards compatibility of the API. Use Q() instead.

func (*KoblitzCurve) ScalarBaseMult 

func (curve *KoblitzCurve) ScalarBaseMult(k []byte) (*big.Int, *big.Int)

ScalarBaseMult returns k*G where G is the base point of the group and k is a big endian integer. Part of the elliptic.Curve interface.

func (*KoblitzCurve) ScalarMult 

func (curve *KoblitzCurve) ScalarMult(Bx, By *big.Int, k []byte) (*big.Int, *big.Int)

ScalarMult returns k*(Bx, By) where k is a big endian integer. Part of the elliptic.Curve interface.

type PrivateKey 

type PrivateKey ecdsa.PrivateKey

PrivateKey wraps an ecdsa.PrivateKey as a convenience mainly for signing things with the the private key without having to directly import the ecdsa package.

func NewPrivateKey 

func NewPrivateKey(curve elliptic.Curve) (*PrivateKey, error)

NewPrivateKey is a wrapper for ecdsa.GenerateKey that returns a PrivateKey instead of the normal ecdsa.PrivateKey.

func (*PrivateKey) PubKey 

func (p *PrivateKey) PubKey() *PublicKey

PubKey returns the PublicKey corresponding to this private key.

func (*PrivateKey) Serialize 

func (p *PrivateKey) Serialize() []byte

Serialize returns the private key number d as a big-endian binary-encoded number, padded to a length of 32 bytes.

func (*PrivateKey) Sign 

func (p *PrivateKey) Sign(hash []byte) (*Signature, error)

Sign generates an ECDSA signature for the provided hash (which should be the result of hashing a larger message) using the private key. Produced signature is deterministic (same message and same key yield the same signature) and canonical in accordance with RFC6979 and BIP0062.

func (*PrivateKey) ToECDSA 

func (p *PrivateKey) ToECDSA() *ecdsa.PrivateKey

ToECDSA returns the private key as a *ecdsa.PrivateKey.

type PubKeyCompressed 

type PubKeyCompressed = [PubKeyBytesLenCompressed]byte

type PublicKey 

type PublicKey ecdsa.PublicKey

PublicKey is an ecdsa.PublicKey with additional functions to serialize in uncompressed, compressed, and hybrid formats.

func ParsePubKey 

func ParsePubKey(pubKeyStr []byte, curve *KoblitzCurve) (key *PublicKey, err error)

ParsePubKey parses a public key for a koblitz curve from a bytestring into a ecdsa.Publickey, verifying that it is valid. It supports compressed, uncompressed and hybrid signature formats.

func RecoverCompact 

func RecoverCompact(curve *KoblitzCurve, signature,
	hash []byte) (*PublicKey, bool, error)

RecoverCompact verifies the compact signature "signature" of "hash" for the Koblitz curve in "curve". If the signature matches then the recovered public key will be returned as well as a boolen if the original key was compressed or not, else an error will be returned.

func (*PublicKey) IsEqual 

func (p *PublicKey) IsEqual(otherPubKey *PublicKey) bool

IsEqual compares this PublicKey instance to the one passed, returning true if both PublicKeys are equivalent. A PublicKey is equivalent to another, if they both have the same X and Y coordinate.

func (*PublicKey) SerializeCompressed 

func (p *PublicKey) SerializeCompressed() []byte

SerializeCompressed serializes a public key in a 33-byte compressed format.

func (*PublicKey) SerializeHybrid 

func (p *PublicKey) SerializeHybrid() []byte

SerializeHybrid serializes a public key in a 65-byte hybrid format.

func (*PublicKey) SerializeUncompressed 

func (p *PublicKey) SerializeUncompressed() []byte

SerializeUncompressed serializes a public key in a 65-byte uncompressed format.

func (*PublicKey) ToECDSA 

func (p *PublicKey) ToECDSA() *ecdsa.PublicKey

ToECDSA returns the public key as a *ecdsa.PublicKey.

type Signature 

type Signature struct {
	R *big.Int
	S *big.Int
}

Signature is a type representing an ecdsa signature.

func ParseDERSignature 

func ParseDERSignature(sigStr []byte, curve elliptic.Curve) (*Signature, error)

ParseDERSignature parses a signature in DER format for the curve type `curve` into a Signature type. If parsing according to the less strict BER format is needed, use ParseSignature.

func ParseSignature 

func ParseSignature(sigStr []byte, curve elliptic.Curve) (*Signature, error)

ParseSignature parses a signature in BER format for the curve type `curve' into a Signature type, perfoming some basic sanity checks. If parsing according to the more strict DER format is needed, use ParseDERSignature.

func (*Signature) IsEqual 

func (sig *Signature) IsEqual(otherSig *Signature) bool

IsEqual compares this Signature instance to the one passed, returning true if both Signatures are equivalent. A signature is equivalent to another, if they both have the same scalar value for R and S.

func (*Signature) Serialize 

func (sig *Signature) Serialize() []byte

Serialize returns the ECDSA signature in the more strict DER format. Note that the serialized bytes returned do not include the appended hash type used in Bitcoin signature scripts.

encoding/asn1 is broken so we hand roll this output:

0x30 <length> 0x02 <length r> r 0x02 <length s> s

func (*Signature) Verify 

func (sig *Signature) Verify(hash []byte, pubKey *PublicKey) bool

Verify calls ecdsa.Verify to verify the signature of hash using the public key. It returns true if the signature is valid, false otherwise.

Source Files

View all Source files

Directories

Path Synopsis
Package bn256 implements the Optimal Ate pairing over a 256-bit Barreto-Naehrig curve.
 Package bn256 implements the Optimal Ate pairing over a 256-bit Barreto-Naehrig curve.
cloudflare
Package bn256 implements a particular bilinear group at the 128-bit security level.
 Package bn256 implements a particular bilinear group at the 128-bit security level.
google
Package bn256 implements a particular bilinear group.
 Package bn256 implements a particular bilinear group.
Package secp256k1 wraps the bitcoin secp256k1 C library.
 Package secp256k1 wraps the bitcoin secp256k1 C library.
Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202.
 Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.