package ecdsa
import "crypto/internal/fips140/ecdsa"
Index ¶
- func TestingOnlyNewDRBG(hash func() fips140.Hash, entropy, nonce []byte, s []byte) *hmacDRBG
- func Verify[P Point[P]](c *Curve[P], pub *PublicKey, hash []byte, sig *Signature) error
- type Curve
- func P224() *Curve[*nistec.P224Point]
- func P256() *Curve[*nistec.P256Point]
- func P384() *Curve[*nistec.P384Point]
- func P521() *Curve[*nistec.P521Point]
- type Point
- type PrivateKey
- func GenerateKey[P Point[P]](c *Curve[P], rand io.Reader) (*PrivateKey, error)
- func NewPrivateKey[P Point[P]](c *Curve[P], D, Q []byte) (*PrivateKey, error)
- func (priv *PrivateKey) Bytes() []byte
- func (priv *PrivateKey) PublicKey() *PublicKey
- type PublicKey
- func NewPublicKey[P Point[P]](c *Curve[P], Q []byte) (*PublicKey, error)
- func (pub *PublicKey) Bytes() []byte
- type Signature
Functions ¶
func TestingOnlyNewDRBG ¶
TestingOnlyNewDRBG creates an SP 800-90A Rev. 1 HMAC_DRBG with a plain personalization string.
This should only be used for ACVP testing. hmacDRBG is not intended to be used directly.
func Verify ¶
Verify verifies the signature, sig, of hash (which should be the result of hashing a larger message) using the public key, pub. If the hash is longer than the bit-length of the private key's curve order, the hash will be truncated to that length.
The inputs are not considered confidential, and may leak through timing side channels, or if an attacker has control of part of the inputs.
Types ¶
type Curve ¶
func P224 ¶
func P256 ¶
func P384 ¶
func P521 ¶
type Point ¶
type Point[P any] interface { *nistec.P224Point | *nistec.P256Point | *nistec.P384Point | *nistec.P521Point Bytes() []byte BytesX() ([]byte, error) SetBytes([]byte) (P, error) ScalarMult(P, []byte) (P, error) ScalarBaseMult([]byte) (P, error) Add(p1, p2 P) P }
Point is a generic constraint for the nistec Point types.
type PrivateKey ¶
type PrivateKey struct {
// contains filtered or unexported fields
}
func GenerateKey ¶
GenerateKey generates a new ECDSA private key pair for the specified curve.
func NewPrivateKey ¶
func NewPrivateKey[P Point[P]](c *Curve[P], D, Q []byte) (*PrivateKey, error)
func (*PrivateKey) Bytes ¶
func (priv *PrivateKey) Bytes() []byte
func (*PrivateKey) PublicKey ¶
func (priv *PrivateKey) PublicKey() *PublicKey
type PublicKey ¶
type PublicKey struct {
// contains filtered or unexported fields
}
func NewPublicKey ¶
func (*PublicKey) Bytes ¶
type Signature ¶
type Signature struct {
R, S []byte
}
Signature is an ECDSA signature, where r and s are represented as big-endian byte slices of the same length as the curve order.
func Sign ¶
func Sign[P Point[P], H fips140.Hash](c *Curve[P], h func() H, priv *PrivateKey, rand io.Reader, hash []byte) (*Signature, error)
Sign signs a hash (which shall be the result of hashing a larger message with the hash function H) using the private key, priv. If the hash is longer than the bit-length of the private key's curve order, the hash will be truncated to that length.
func SignDeterministic ¶
func SignDeterministic[P Point[P], H fips140.Hash](c *Curve[P], h func() H, priv *PrivateKey, hash []byte) (*Signature, error)
SignDeterministic signs a hash (which shall be the result of hashing a larger message with the hash function H) using the private key, priv. If the hash is longer than the bit-length of the private key's curve order, the hash will be truncated to that length. This applies Deterministic ECDSA as specified in FIPS 186-5 and RFC 6979.
Source Files ¶
cast.go ecdsa.go ecdsa_noasm.go hmacdrbg.go
- Version
- v1.24.1 (latest)
- Published
- Feb 27, 2025
- Platform
- js/wasm
- Imports
- 11 packages
- Last checked
- 1 minute ago –
Tools for package owners.