ecsdsa

package
v1.0.5008 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 25, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrParametersNotSetUp = errors.New("go-cryptobin/ecsdsa: parameters not set up before generating key")
	ErrInvalidASN1        = errors.New("go-cryptobin/ecsdsa: invalid ASN.1")
	ErrInvalidSignerOpts  = errors.New("go-cryptobin/ecsdsa: opts must be *SignerOpts")
)

Functions

func AddNamedCurve added in v1.0.5001

func AddNamedCurve(curve elliptic.Curve, oid asn1.ObjectIdentifier)

func MarshalECPrivateKey added in v1.0.5001

func MarshalECPrivateKey(key *PrivateKey) ([]byte, error)

MarshalECPrivateKey converts an EC private key to SEC 1, ASN.1 DER form.

This kind of key is commonly encoded in PEM blocks of type "EC PRIVATE KEY". For a more flexible key format which is not EC specific, use MarshalPKCS8PrivateKey.

func MarshalPrivateKey added in v1.0.5001

func MarshalPrivateKey(key *PrivateKey) ([]byte, error)

Marshal PrivateKey to der

func MarshalPublicKey added in v1.0.5001

func MarshalPublicKey(pub *PublicKey) ([]byte, error)

Marshal PublicKey to der

func NamedCurveFromOid added in v1.0.5001

func NamedCurveFromOid(oid asn1.ObjectIdentifier) elliptic.Curve

func OidFromNamedCurve added in v1.0.5001

func OidFromNamedCurve(curve elliptic.Curve) (asn1.ObjectIdentifier, bool)

func PrivateKeyTo

func PrivateKeyTo(key *PrivateKey) []byte

output PrivateKey data

func PublicKeyTo

func PublicKeyTo(key *PublicKey) []byte

output PublicKey data

func Sign

func Sign(rand io.Reader, priv *PrivateKey, h Hasher, data []byte) (sig []byte, err error)

Sign data returns the ASN.1 encoded signature.

func SignBytes

func SignBytes(rand io.Reader, priv *PrivateKey, hashFunc Hasher, data []byte) (sig []byte, err error)

Sign data returns the Bytes encoded signature.

func SignToRS

func SignToRS(rand io.Reader, priv *PrivateKey, hashFunc Hasher, msg []byte) (r, s *big.Int, err error)

* Generic *internal* EC-{,O}SDSA signature functions. There purpose is to * allow passing specific hash functions and the random ephemeral * key k, so that compliance tests against test vector be made * without ugly hack in the code itself. * * The 'optimized' parameter tells the function if the r value of * the signature is computed using only the x ccordinate of the * the user's public key (normal version uses both coordinates). * * Normal: r = h(Wx || Wy || m) * Optimized : r = h(Wx || m) * *| IUF - ECSDSA/ECOSDSA signature *| *| I 1. Get a random value k in ]0, q[ *| I 2. Compute W = kG = (Wx, Wy) *| IUF 3. Compute r = H(Wx [|| Wy] || m) *| - In the normal version (ECSDSA), r = H(Wx || Wy || m). *| - In the optimized version (ECOSDSA), r = H(Wx || m). *| F 4. Compute e = OS2I(r) mod q *| F 5. if e == 0, restart at step 1. *| F 6. Compute s = (k + ex) mod q. *| F 7. if s == 0, restart at step 1. *| F 8. Return (r, s) * * In the project, the normal mode is named ECSDSA, the optimized * one is ECOSDSA. * * Implementation note: * * In ISO-14888-3, the option is provided to the developer to check * whether r = 0 and restart the process in that case. Even if * unlikely to trigger, that check makes a lot of sense because the * verifier expects a non-zero value for r. In the specification, r * is a string (r = H(Wx [|| Wy] || m)). But r is used in practice * - both on the signer and the verifier - after conversion to an * integer and reduction mod q. The value resulting from that step * is named e (e = OS2I(r) mod q). The check for the case when r = 0 * should be replaced by a check for e = 0. This is more conservative * and what is described above and done below in the implementation.

func Verify

func Verify(pub *PublicKey, h Hasher, data, sig []byte) bool

Verify verifies the ASN.1 encoded signature, sig, M, of hash using the public key, pub. Its return value records whether the signature is valid.

func VerifyBytes

func VerifyBytes(pub *PublicKey, hashFunc Hasher, data, sig []byte) bool

Verify verifies the Bytes encoded signature

func VerifyWithRS

func VerifyWithRS(pub *PublicKey, hashFunc Hasher, data []byte, r, s *big.Int) bool

*| IUF - ECSDSA/ECOSDSA verification *| *| I 1. if s is not in ]0,q[, reject the signature. *| I 2. Compute e = -r mod q *| I 3. If e == 0, reject the signature. *| I 4. Compute W' = sG + eY *| IUF 5. Compute r' = H(W'x [|| W'y] || m) *| - In the normal version (ECSDSA), r' = H(W'x || W'y || m). *| - In the optimized version (ECOSDSA), r' = H(W'x || m). *| F 6. Accept the signature if and only if r and r' are the same

Types

type Hasher

type Hasher = func() hash.Hash

type PrivateKey

type PrivateKey struct {
	PublicKey

	D *big.Int
}

EC-SDSA PrivateKey

func GenerateKey

func GenerateKey(random io.Reader, c elliptic.Curve) (*PrivateKey, error)

Generate the PrivateKey

func NewPrivateKey

func NewPrivateKey(curve elliptic.Curve, k []byte) (*PrivateKey, error)

New a PrivateKey from privatekey data

func ParseECPrivateKey added in v1.0.5001

func ParseECPrivateKey(der []byte) (*PrivateKey, error)

ParseECPrivateKey parses an EC private key in SEC 1, ASN.1 DER form.

This kind of key is commonly encoded in PEM blocks of type "EC PRIVATE KEY".

func ParsePrivateKey added in v1.0.5001

func ParsePrivateKey(derBytes []byte) (*PrivateKey, error)

Parse PrivateKey der

func (*PrivateKey) Equal

func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool

Equal reports whether pub and x have the same value.

func (*PrivateKey) Public

func (priv *PrivateKey) Public() crypto.PublicKey

Public returns the public key corresponding to priv.

func (*PrivateKey) Sign

func (priv *PrivateKey) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)

crypto.Signer

type PublicKey

type PublicKey struct {
	elliptic.Curve

	X, Y *big.Int
}

EC-SDSA PublicKey

func NewPublicKey

func NewPublicKey(curve elliptic.Curve, k []byte) (*PublicKey, error)

New a PublicKey from publicKey data

func ParsePublicKey added in v1.0.5001

func ParsePublicKey(derBytes []byte) (pub *PublicKey, err error)

Parse PublicKey der

func (*PublicKey) Equal

func (pub *PublicKey) Equal(x crypto.PublicKey) bool

Equal reports whether pub and x have the same value.

func (*PublicKey) Verify

func (pub *PublicKey) Verify(msg, sign []byte, opts crypto.SignerOpts) (bool, error)

Verify asn.1 marshal data

type SignerOpts

type SignerOpts struct {
	Hash Hasher
}

SignerOpts contains options for creating and verifying EC-GDSA signatures.

func (*SignerOpts) GetHash

func (opts *SignerOpts) GetHash() Hasher

GetHash returns func() hash.Hash

func (*SignerOpts) HashFunc

func (opts *SignerOpts) HashFunc() crypto.Hash

HashFunc returns opts.Hash

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL