partiallyblindrsa

package
v0.0.0-...-ac9c40d Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 24, 2024 License: BSD-3-Clause Imports: 11 Imported by: 0

Documentation

Overview

Package partiallyblindrsa implements a partially blind RSA protocol.

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrInvalidPrivateKey is the error used if a private key is invalid
	ErrInvalidPrivateKey    = errors.New("blindsign/blindrsa/partiallyblindrsa: invalid private key")
	ErrUnexpectedSize       = common.ErrUnexpectedSize
	ErrInvalidMessageLength = common.ErrInvalidMessageLength
	ErrInvalidRandomness    = common.ErrInvalidRandomness
)

Functions

This section is empty.

Types

type Signer

type Signer struct {
	// contains filtered or unexported fields
}

An Signer represents the Signer in the blind RSA protocol. It carries the raw RSA private key used for signing blinded messages.

func NewSigner

func NewSigner(sk *rsa.PrivateKey, h crypto.Hash) (Signer, error)

NewSigner creates a new Signer for the blind RSA protocol using an RSA private key.

func (Signer) BlindSign

func (signer Signer) BlindSign(data, metadata []byte) ([]byte, error)

BlindSign blindly computes the RSA operation using the Signer's private key on the blinded message input, if it's of valid length, and returns an error should the function fail.

See the specification for more details: https://datatracker.ietf.org/doc/html/draft-amjad-cfrg-partially-blind-rsa-00#name-blindsign

type Verifier

type Verifier interface {
	// Blind initializes the partially blind RSA protocol using an input message and source of
	// randomness. The signature includes a randomly generated PSS salt whose length equals the
	// size of the underlying hash function. This function fails if randomness was not provided.
	Blind(random io.Reader, message, metadata []byte) ([]byte, VerifierState, error)

	// FixedBlind initializes the partially blind RSA protocol using an input message, metadata, and randomness values.
	FixedBlind(message, metadata, salt, blind, blindInv []byte) ([]byte, VerifierState, error)

	// Verify verifies the input (message, signature) pair using the augmented public key
	// and produces an error upon failure.
	Verify(message, signature, metadata []byte) error

	// Hash returns the hash function associated with the Verifier.
	Hash() hash.Hash
}

Verifier is a type that implements the client side of the partially blind RSA protocol, described in https://datatracker.ietf.org/doc/html/draft-amjad-cfrg-partially-blind-rsa-00

func NewVerifier

func NewVerifier(pk *rsa.PublicKey, hash crypto.Hash) Verifier

NewVerifier creates a new PBRSAVerifier using the corresponding Signer parameters. This corresponds to the RSAPBSSA-SHA384-PSS-Deterministic variant. See the specification for more details: https://datatracker.ietf.org/doc/html/draft-amjad-cfrg-partially-blind-rsa#name-rsapbssa-variants

type VerifierState

type VerifierState struct {
	// contains filtered or unexported fields
}

A VerifierState carries state needed to complete the blind signature protocol as a verifier.

func (VerifierState) CopyBlind

func (state VerifierState) CopyBlind() []byte

CopyBlind returns an encoding of the blind value used in the protocol.

func (VerifierState) CopySalt

func (state VerifierState) CopySalt() []byte

CopySalt returns an encoding of the per-message salt used in the protocol.

func (VerifierState) Finalize

func (state VerifierState) Finalize(data []byte) ([]byte, error)

Finalize computes and outputs the final signature, if it's valid. Otherwise, it returns an error.

See the specification for more details: https://datatracker.ietf.org/doc/html/draft-amjad-cfrg-partially-blind-rsa-00#name-finalize

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL