pki/ecdsa.go

package pki

import (
  "crypto"
  "crypto/ecdsa"
  "crypto/elliptic"
  "crypto/rand"
  "crypto/x509"
  "encoding/asn1"
  "encoding/pem"
  "errors"
  "math/big"
)

const (
  PemLabelEcdsa = "EC PRIVATE KEY"
)

type (
  // This type handles the function calls to the ecdsa private key by
  // implementing the interface.
  EcdsaPrivateKey struct {
    private_key *ecdsa.PrivateKey
  }

  EcdsaPublicKey struct {
    public_key *ecdsa.PublicKey
  }

  signatureEcdsa struct {
    R, S *big.Int
  }
)

// Create a new ECDSA private key using the specified curve.
func NewPrivateKeyEcdsa(curve elliptic.Curve) (*EcdsaPrivateKey, error) {
  key, err := ecdsa.GenerateKey(curve, rand.Reader)
  if err != nil { return nil, err }
  return &EcdsaPrivateKey{key}, nil
}

// Load the private key from the asn1 representation.
func LoadPrivateKeyEcdsa(raw []byte) (*EcdsaPrivateKey, error) {
  key, err := x509.ParseECPrivateKey(raw)
  if err != nil { return nil, err }
  return &EcdsaPrivateKey{key}, nil
}

// derive a public key from the private key
func (pr EcdsaPrivateKey) Public() PublicKey {
  return &EcdsaPublicKey{pr.private_key.Public().(*ecdsa.PublicKey)}
}

// sign a message with the private key
func (pr EcdsaPrivateKey) Sign(message []byte, hash crypto.Hash) ([]byte, error) {
  empty := make([]byte, 0)
  if !hash.Available() {
    return empty, errors.New("Hash method is not available!")
  }
  hashed_message := hash.New()
  hashed_message.Write(message)
  return pr.private_key.Sign(rand.Reader, hashed_message.Sum(nil), hash)
}

// get the private key
func (pr EcdsaPrivateKey) PrivateKey() crypto.PrivateKey {
  return pr.private_key
}

// implement Pemmer interface
func (pr EcdsaPrivateKey) MarshalPem() (marshalledPemBlock, error) {
  asn1, err := x509.MarshalECPrivateKey(pr.private_key)
  if err != nil { return nil, err }
  pem_block := pem.Block{Type: PemLabelEcdsa, Bytes: asn1}
  return pem.EncodeToMemory(&pem_block), nil
}

// load an ecdsa public key
func LoadPublicKeyEcdsa(raw []byte) (*EcdsaPublicKey, error) {
  raw_pub, err := x509.ParsePKIXPublicKey(raw)
  if err != nil { return nil, err }

  pub, ok := raw_pub.(*ecdsa.PublicKey)
  if !ok { return nil, errors.New("Not an ecdsa key!") }
  return &EcdsaPublicKey{pub}, nil
}

// marshal the public key to a pem block
func (pu *EcdsaPublicKey) MarshalPem() (marshalledPemBlock, error) {
  asn1, err := x509.MarshalPKIXPublicKey(pu.public_key)
  if err != nil { return nil, err }
  pem_block := pem.Block{Type: PemLabelPublic, Bytes: asn1}
  return pem.EncodeToMemory(&pem_block), nil
}

// verify a message using the ecdsa public key
func (pu *EcdsaPublicKey) Verify(message []byte, signature_raw []byte, hash crypto.Hash) (bool, error) {
  var sig signatureEcdsa
  _, err := asn1.Unmarshal(signature_raw, &sig)
  if err != nil { return false, err }
  hashed_message := hash.New()
  hashed_message.Write(message)
  return ecdsa.Verify(pu.public_key, hashed_message.Sum(nil), sig.R, sig.S), nil
}
add pem support to public key This adds pem support to public keys which can now be handled the same way as private keys. 2015-02-17 21:43:21 +01:00			`package pki`
initial commit for pki pki is a small library to make building some of the crypto stuff easier in go. 2015-02-15 21:04:59 +01:00
			`import (`
			`"crypto"`
			`"crypto/ecdsa"`
			`"crypto/elliptic"`
			`"crypto/rand"`
			`"crypto/x509"`
add sign and verification to ecdsa This commit adds support to sign and verify messages using ecdsa. 2015-02-18 22:55:29 +01:00			`"encoding/asn1"`
initial commit for pki pki is a small library to make building some of the crypto stuff easier in go. 2015-02-15 21:04:59 +01:00			`"encoding/pem"`
			`"errors"`
add sign and verification to ecdsa This commit adds support to sign and verify messages using ecdsa. 2015-02-18 22:55:29 +01:00			`"math/big"`
initial commit for pki pki is a small library to make building some of the crypto stuff easier in go. 2015-02-15 21:04:59 +01:00			`)`

			`const (`
			`PemLabelEcdsa = "EC PRIVATE KEY"`
			`)`

			`type (`
			`// This type handles the function calls to the ecdsa private key by`
			`// implementing the interface.`
			`EcdsaPrivateKey struct {`
			`private_key *ecdsa.PrivateKey`
			`}`

			`EcdsaPublicKey struct {`
			`public_key *ecdsa.PublicKey`
			`}`
add sign and verification to ecdsa This commit adds support to sign and verify messages using ecdsa. 2015-02-18 22:55:29 +01:00
			`signatureEcdsa struct {`
			`R, S *big.Int`
			`}`
initial commit for pki pki is a small library to make building some of the crypto stuff easier in go. 2015-02-15 21:04:59 +01:00			`)`

adjust comments on ecdsa a bit 2015-03-16 17:11:08 +01:00			`// Create a new ECDSA private key using the specified curve.`
initial commit for pki pki is a small library to make building some of the crypto stuff easier in go. 2015-02-15 21:04:59 +01:00			`func NewPrivateKeyEcdsa(curve elliptic.Curve) (*EcdsaPrivateKey, error) {`
			`key, err := ecdsa.GenerateKey(curve, rand.Reader)`
			`if err != nil { return nil, err }`
			`return &EcdsaPrivateKey{key}, nil`
			`}`

adjust comments on ecdsa a bit 2015-03-16 17:11:08 +01:00			`// Load the private key from the asn1 representation.`
initial commit for pki pki is a small library to make building some of the crypto stuff easier in go. 2015-02-15 21:04:59 +01:00			`func LoadPrivateKeyEcdsa(raw []byte) (*EcdsaPrivateKey, error) {`
			`key, err := x509.ParseECPrivateKey(raw)`
			`if err != nil { return nil, err }`
			`return &EcdsaPrivateKey{key}, nil`
			`}`

			`// derive a public key from the private key`
			`func (pr EcdsaPrivateKey) Public() PublicKey {`
			`return &EcdsaPublicKey{pr.private_key.Public().(*ecdsa.PublicKey)}`
			`}`

			`// sign a message with the private key`
add sign and verification to ecdsa This commit adds support to sign and verify messages using ecdsa. 2015-02-18 22:55:29 +01:00			`func (pr EcdsaPrivateKey) Sign(message []byte, hash crypto.Hash) ([]byte, error) {`
			`empty := make([]byte, 0)`
			`if !hash.Available() {`
			`return empty, errors.New("Hash method is not available!")`
			`}`
			`hashed_message := hash.New()`
			`hashed_message.Write(message)`
			`return pr.private_key.Sign(rand.Reader, hashed_message.Sum(nil), hash)`
initial commit for pki pki is a small library to make building some of the crypto stuff easier in go. 2015-02-15 21:04:59 +01:00			`}`

			`// get the private key`
make raw private key public 2015-03-15 20:06:09 +01:00			`func (pr EcdsaPrivateKey) PrivateKey() crypto.PrivateKey {`
initial commit for pki pki is a small library to make building some of the crypto stuff easier in go. 2015-02-15 21:04:59 +01:00			`return pr.private_key`
			`}`

			`// implement Pemmer interface`
			`func (pr EcdsaPrivateKey) MarshalPem() (marshalledPemBlock, error) {`
			`asn1, err := x509.MarshalECPrivateKey(pr.private_key)`
			`if err != nil { return nil, err }`
			`pem_block := pem.Block{Type: PemLabelEcdsa, Bytes: asn1}`
			`return pem.EncodeToMemory(&pem_block), nil`
			`}`

add public key loader This adds a way to restore a public key from any data source. 2015-02-19 21:48:08 +01:00			`// load an ecdsa public key`
			`func LoadPublicKeyEcdsa(raw []byte) (*EcdsaPublicKey, error) {`
			`raw_pub, err := x509.ParsePKIXPublicKey(raw)`
			`if err != nil { return nil, err }`

			`pub, ok := raw_pub.(*ecdsa.PublicKey)`
			`if !ok { return nil, errors.New("Not an ecdsa key!") }`
			`return &EcdsaPublicKey{pub}, nil`
			`}`

add pem support to public key This adds pem support to public keys which can now be handled the same way as private keys. 2015-02-17 21:43:21 +01:00			`// marshal the public key to a pem block`
			`func (pu *EcdsaPublicKey) MarshalPem() (marshalledPemBlock, error) {`
			`asn1, err := x509.MarshalPKIXPublicKey(pu.public_key)`
			`if err != nil { return nil, err }`
			`pem_block := pem.Block{Type: PemLabelPublic, Bytes: asn1}`
			`return pem.EncodeToMemory(&pem_block), nil`
			`}`

initial commit for pki pki is a small library to make building some of the crypto stuff easier in go. 2015-02-15 21:04:59 +01:00			`// verify a message using the ecdsa public key`
add sign and verification to ecdsa This commit adds support to sign and verify messages using ecdsa. 2015-02-18 22:55:29 +01:00			`func (pu *EcdsaPublicKey) Verify(message []byte, signature_raw []byte, hash crypto.Hash) (bool, error) {`
			`var sig signatureEcdsa`
			`_, err := asn1.Unmarshal(signature_raw, &sig)`
			`if err != nil { return false, err }`
			`hashed_message := hash.New()`
			`hashed_message.Write(message)`
			`return ecdsa.Verify(pu.public_key, hashed_message.Sum(nil), sig.R, sig.S), nil`
initial commit for pki pki is a small library to make building some of the crypto stuff easier in go. 2015-02-15 21:04:59 +01:00			`}`