Documentation
¶
Index ¶
- Variables
- func PrivateKeyTo(key *PrivateKey) []byte
- func PublicKeyTo(key *PublicKey) []byte
- func Sign(rand io.Reader, priv *PrivateKey, h Hasher, data []byte) (sig []byte, err error)
- func SignBytes(rand io.Reader, priv *PrivateKey, h Hasher, data []byte) (sig []byte, err error)
- func SignToRS(rand io.Reader, priv *PrivateKey, hashFunc Hasher, msg []byte) (r, s *big.Int, err error)
- func Verify(pub *PublicKey, h Hasher, data, sig []byte) bool
- func VerifyBytes(pub *PublicKey, h Hasher, data, sig []byte) bool
- func VerifyWithRS(pub *PublicKey, hashFunc Hasher, data []byte, r, s *big.Int) bool
- type Hasher
- type PrivateKey
- type PublicKey
- type SignerOpts
Constants ¶
This section is empty.
Variables ¶
Functions ¶
func SignToRS ¶
func SignToRS(rand io.Reader, priv *PrivateKey, hashFunc Hasher, msg []byte) (r, s *big.Int, err error)
*| IUF - ECFSDSA signature *| *| I 1. Get a random value k in ]0,q[ *| I 2. Compute W = (W_x,W_y) = kG *| I 3. Compute r = FE2OS(W_x)||FE2OS(W_y) *| I 4. If r is an all zero string, restart the process at step 1. *| IUF 5. Compute h = H(r||m) *| F 6. Compute e = OS2I(h) mod q *| F 7. Compute s = (k + ex) mod q *| F 8. If s is 0, restart the process at step 1 (see c. below) *| F 9. Return (r,s) * * Implementation notes: * * a) sig is built as the concatenation of r and s. r is encoded on * 2*ceil(bitlen(p)) bytes and s on ceil(bitlen(q)) bytes. * b) in EC-FSDSA, the public part of the key is not needed per se during * the signature but - as it is needed in other signature algs implemented * in the library - the whole key pair is passed instead of just the * private key.
func Verify ¶
Verify verifies the ASN.1 encoded signature, sig, M, of hash using the public key, pub. Its return value records whether the signature is valid.
func VerifyBytes ¶
Verify verifies the Bytes encoded signature
func VerifyWithRS ¶
*| IUF - ECFSDSA verification *| *| I 1. Reject the signature if r is not a valid point on the curve. *| I 2. Reject the signature if s is not in ]0,q[ *| IUF 3. Compute h = H(r||m) *| F 4. Convert h to an integer and then compute e = -h mod q *| F 5. compute W' = sG + eY, where Y is the public key *| F 6. Compute r' = FE2OS(W'_x)||FE2OS(W'_y) *| F 7. Accept the signature if and only if r equals r' *
Types ¶
type PrivateKey ¶
ec-gdsa PrivateKey
func GenerateKey ¶
Generate the PrivateKey
func NewPrivateKey ¶
func NewPrivateKey(curve elliptic.Curve, k []byte) (*PrivateKey, error)
New a PrivateKey from privatekey data
func (*PrivateKey) Equal ¶
func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool
Equal reports whether pub and x have the same value.
func (*PrivateKey) Public ¶
func (priv *PrivateKey) Public() crypto.PublicKey
Public returns the public key corresponding to priv.
func (*PrivateKey) Sign ¶
func (priv *PrivateKey) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)
crypto.Signer
type PublicKey ¶
ec-gdsa PublicKey
func NewPublicKey ¶
根据公钥明文初始化公钥 New a PublicKey from publicKey data
type SignerOpts ¶
type SignerOpts struct {
Hash Hasher
}
SignerOpts contains options for creating and verifying EC-GDSA signatures.
func (*SignerOpts) GetHash ¶
func (opts *SignerOpts) GetHash() Hasher
GetHash returns func() hash.Hash
func (*SignerOpts) HashFunc ¶
func (opts *SignerOpts) HashFunc() crypto.Hash
HashFunc returns opts.Hash
Source Files