ecsdsa

package

v1.0.5013 Latest Latest Go to latest Published: Jan 10, 2025 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/deatil/go-cryptobin

Documentation ¶

Index ¶

Variables
func AddNamedCurve(curve elliptic.Curve, oid asn1.ObjectIdentifier)
func MarshalECPrivateKey(key *PrivateKey) ([]byte, error)
func MarshalPrivateKey(key *PrivateKey) ([]byte, error)
func MarshalPublicKey(pub *PublicKey) ([]byte, error)
func NamedCurveFromOid(oid asn1.ObjectIdentifier) elliptic.Curve
func OidFromNamedCurve(curve elliptic.Curve) (asn1.ObjectIdentifier, bool)
func PrivateKeyTo(key *PrivateKey) []byte
func PublicKeyTo(key *PublicKey) []byte
func Sign(rand io.Reader, priv *PrivateKey, h Hasher, data []byte) (sig []byte, err error)
func SignBytes(rand io.Reader, priv *PrivateKey, hashFunc Hasher, data []byte) (sig []byte, err error)
func SignToRS(rand io.Reader, priv *PrivateKey, hashFunc Hasher, msg []byte) (r, s *big.Int, err error)
func Verify(pub *PublicKey, h Hasher, data, sig []byte) bool
func VerifyBytes(pub *PublicKey, hashFunc Hasher, data, sig []byte) bool
func VerifyWithRS(pub *PublicKey, hashFunc Hasher, data []byte, r, s *big.Int) bool
type Hasher
type PrivateKey
- func GenerateKey(random io.Reader, c elliptic.Curve) (*PrivateKey, error)
- func NewPrivateKey(curve elliptic.Curve, k []byte) (*PrivateKey, error)
- func ParseECPrivateKey(der []byte) (*PrivateKey, error)
- func ParsePrivateKey(derBytes []byte) (*PrivateKey, error)
- func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool
- func (priv *PrivateKey) Public() crypto.PublicKey
- func (priv *PrivateKey) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)
type PublicKey
- func NewPublicKey(curve elliptic.Curve, k []byte) (*PublicKey, error)
- func ParsePublicKey(derBytes []byte) (pub *PublicKey, err error)
- func (pub *PublicKey) Equal(x crypto.PublicKey) bool
- func (pub *PublicKey) Verify(msg, sign []byte, opts crypto.SignerOpts) (bool, error)
type SignerOpts
- func (opts *SignerOpts) GetHash() Hasher
- func (opts *SignerOpts) HashFunc() crypto.Hash

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrParametersNotSetUp = errors.New("go-cryptobin/ecsdsa: parameters not set up before generating key")
	ErrInvalidASN1        = errors.New("go-cryptobin/ecsdsa: invalid ASN.1")
	ErrInvalidSignerOpts  = errors.New("go-cryptobin/ecsdsa: opts must be *SignerOpts")
)

Functions ¶

func AddNamedCurve ¶ added in v1.0.5001

func AddNamedCurve(curve elliptic.Curve, oid asn1.ObjectIdentifier)

func MarshalECPrivateKey ¶ added in v1.0.5001

func MarshalECPrivateKey(key *PrivateKey) ([]byte, error)

MarshalECPrivateKey converts an EC private key to SEC 1, ASN.1 DER form.

This kind of key is commonly encoded in PEM blocks of type "EC PRIVATE KEY". For a more flexible key format which is not EC specific, use MarshalPKCS8PrivateKey.

func MarshalPrivateKey ¶ added in v1.0.5001

func MarshalPrivateKey(key *PrivateKey) ([]byte, error)

Marshal PrivateKey to der

func MarshalPublicKey ¶ added in v1.0.5001

func MarshalPublicKey(pub *PublicKey) ([]byte, error)

Marshal PublicKey to der

func NamedCurveFromOid ¶ added in v1.0.5001

func NamedCurveFromOid(oid asn1.ObjectIdentifier) elliptic.Curve

func OidFromNamedCurve ¶ added in v1.0.5001

func OidFromNamedCurve(curve elliptic.Curve) (asn1.ObjectIdentifier, bool)

func Sign ¶

func Sign(rand io.Reader, priv *PrivateKey, h Hasher, data []byte) (sig []byte, err error)

Sign data returns the ASN.1 encoded signature.

func SignBytes ¶

func SignBytes(rand io.Reader, priv *PrivateKey, hashFunc Hasher, data []byte) (sig []byte, err error)

Sign data returns the Bytes encoded signature.

func SignToRS ¶

func SignToRS(rand io.Reader, priv *PrivateKey, hashFunc Hasher, msg []byte) (r, s *big.Int, err error)

* Generic *internal* EC-{,O}SDSA signature functions. There purpose is to * allow passing specific hash functions and the random ephemeral * key k, so that compliance tests against test vector be made * without ugly hack in the code itself. * * The 'optimized' parameter tells the function if the r value of * the signature is computed using only the x ccordinate of the * the user's public key (normal version uses both coordinates). * * Normal: r = h(Wx || Wy || m) * Optimized : r = h(Wx || m) * *| IUF - ECSDSA/ECOSDSA signature *| *| I 1. Get a random value k in ]0, q[ *| I 2. Compute W = kG = (Wx, Wy) *| IUF 3. Compute r = H(Wx [|| Wy] || m) *| - In the normal version (ECSDSA), r = H(Wx || Wy || m). *| - In the optimized version (ECOSDSA), r = H(Wx || m). *| F 4. Compute e = OS2I(r) mod q *| F 5. if e == 0, restart at step 1. *| F 6. Compute s = (k + ex) mod q. *| F 7. if s == 0, restart at step 1. *| F 8. Return (r, s) * * In the project, the normal mode is named ECSDSA, the optimized * one is ECOSDSA. * * Implementation note: * * In ISO-14888-3, the option is provided to the developer to check * whether r = 0 and restart the process in that case. Even if * unlikely to trigger, that check makes a lot of sense because the * verifier expects a non-zero value for r. In the specification, r * is a string (r = H(Wx [|| Wy] || m)). But r is used in practice * - both on the signer and the verifier - after conversion to an * integer and reduction mod q. The value resulting from that step * is named e (e = OS2I(r) mod q). The check for the case when r = 0 * should be replaced by a check for e = 0. This is more conservative * and what is described above and done below in the implementation.

func Verify ¶

func Verify(pub *PublicKey, h Hasher, data, sig []byte) bool

Verify verifies the ASN.1 encoded signature, sig, M, of hash using the public key, pub. Its return value records whether the signature is valid.

func VerifyBytes ¶

func VerifyBytes(pub *PublicKey, hashFunc Hasher, data, sig []byte) bool

Verify verifies the Bytes encoded signature

func VerifyWithRS ¶

func VerifyWithRS(pub *PublicKey, hashFunc Hasher, data []byte, r, s *big.Int) bool

*| IUF - ECSDSA/ECOSDSA verification *| *| I 1. if s is not in ]0,q[, reject the signature. *| I 2. Compute e = -r mod q *| I 3. If e == 0, reject the signature. *| I 4. Compute W' = sG + eY *| IUF 5. Compute r' = H(W'x [|| W'y] || m) *| - In the normal version (ECSDSA), r' = H(W'x || W'y || m). *| - In the optimized version (ECOSDSA), r' = H(W'x || m). *| F 6. Accept the signature if and only if r and r' are the same

Types ¶

type Hasher ¶

type Hasher = func() hash.Hash

type PrivateKey ¶

type PrivateKey struct {
	PublicKey

	D *big.Int
}

EC-SDSA PrivateKey

func GenerateKey ¶

func GenerateKey(random io.Reader, c elliptic.Curve) (*PrivateKey, error)

Generate the PrivateKey

func NewPrivateKey ¶

func NewPrivateKey(curve elliptic.Curve, k []byte) (*PrivateKey, error)

New a PrivateKey from privatekey data

func ParseECPrivateKey ¶ added in v1.0.5001

func ParseECPrivateKey(der []byte) (*PrivateKey, error)

ParseECPrivateKey parses an EC private key in SEC 1, ASN.1 DER form.

This kind of key is commonly encoded in PEM blocks of type "EC PRIVATE KEY".

func ParsePrivateKey ¶ added in v1.0.5001

func ParsePrivateKey(derBytes []byte) (*PrivateKey, error)

Parse PrivateKey der

func (*PrivateKey) Equal ¶

func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool

Equal reports whether pub and x have the same value.

func (*PrivateKey) Public ¶

func (priv *PrivateKey) Public() crypto.PublicKey

Public returns the public key corresponding to priv.

func (*PrivateKey) Sign ¶

func (priv *PrivateKey) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)

crypto.Signer

type PublicKey ¶

type PublicKey struct {
	elliptic.Curve

	X, Y *big.Int
}

EC-SDSA PublicKey

func NewPublicKey ¶

func NewPublicKey(curve elliptic.Curve, k []byte) (*PublicKey, error)

New a PublicKey from publicKey data

func ParsePublicKey ¶ added in v1.0.5001

func ParsePublicKey(derBytes []byte) (pub *PublicKey, err error)

Parse PublicKey der

func (*PublicKey) Equal ¶

func (pub *PublicKey) Equal(x crypto.PublicKey) bool