aboutsummaryrefslogtreecommitdiff
path: root/src/crypto/internal/boring/ecdsa.go
diff options
context:
space:
mode:
Diffstat (limited to 'src/crypto/internal/boring/ecdsa.go')
-rw-r--r--src/crypto/internal/boring/ecdsa.go37
1 files changed, 6 insertions, 31 deletions
diff --git a/src/crypto/internal/boring/ecdsa.go b/src/crypto/internal/boring/ecdsa.go
index 20612e6a2c..884c4b746d 100644
--- a/src/crypto/internal/boring/ecdsa.go
+++ b/src/crypto/internal/boring/ecdsa.go
@@ -10,15 +10,13 @@ package boring
// #include "goboringcrypto.h"
import "C"
import (
- "encoding/asn1"
"errors"
- "math/big"
"runtime"
"unsafe"
)
type ecdsaSignature struct {
- R, S *big.Int
+ R, S BigInt
}
type PrivateKeyECDSA struct {
@@ -53,7 +51,7 @@ func curveNID(curve string) (C.int, error) {
return 0, errUnknownCurve
}
-func NewPublicKeyECDSA(curve string, X, Y *big.Int) (*PublicKeyECDSA, error) {
+func NewPublicKeyECDSA(curve string, X, Y BigInt) (*PublicKeyECDSA, error) {
key, err := newECKey(curve, X, Y)
if err != nil {
return nil, err
@@ -67,7 +65,7 @@ func NewPublicKeyECDSA(curve string, X, Y *big.Int) (*PublicKeyECDSA, error) {
return k, nil
}
-func newECKey(curve string, X, Y *big.Int) (*C.GO_EC_KEY, error) {
+func newECKey(curve string, X, Y BigInt) (*C.GO_EC_KEY, error) {
nid, err := curveNID(curve)
if err != nil {
return nil, err
@@ -100,7 +98,7 @@ func newECKey(curve string, X, Y *big.Int) (*C.GO_EC_KEY, error) {
return key, nil
}
-func NewPrivateKeyECDSA(curve string, X, Y *big.Int, D *big.Int) (*PrivateKeyECDSA, error) {
+func NewPrivateKeyECDSA(curve string, X, Y BigInt, D BigInt) (*PrivateKeyECDSA, error) {
key, err := newECKey(curve, X, Y)
if err != nil {
return nil, err
@@ -123,22 +121,6 @@ func NewPrivateKeyECDSA(curve string, X, Y *big.Int, D *big.Int) (*PrivateKeyECD
return k, nil
}
-func SignECDSA(priv *PrivateKeyECDSA, hash []byte) (r, s *big.Int, err error) {
- // We could use ECDSA_do_sign instead but would need to convert
- // the resulting BIGNUMs to *big.Int form. If we're going to do a
- // conversion, converting the ASN.1 form is more convenient and
- // likely not much more expensive.
- sig, err := SignMarshalECDSA(priv, hash)
- if err != nil {
- return nil, nil, err
- }
- var esig ecdsaSignature
- if _, err := asn1.Unmarshal(sig, &esig); err != nil {
- return nil, nil, err
- }
- return esig.R, esig.S, nil
-}
-
func SignMarshalECDSA(priv *PrivateKeyECDSA, hash []byte) ([]byte, error) {
size := C._goboringcrypto_ECDSA_size(priv.key)
sig := make([]byte, size)
@@ -150,20 +132,13 @@ func SignMarshalECDSA(priv *PrivateKeyECDSA, hash []byte) ([]byte, error) {
return sig[:sigLen], nil
}
-func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, r, s *big.Int) bool {
- // We could use ECDSA_do_verify instead but would need to convert
- // r and s to BIGNUM form. If we're going to do a conversion, marshaling
- // to ASN.1 is more convenient and likely not much more expensive.
- sig, err := asn1.Marshal(ecdsaSignature{r, s})
- if err != nil {
- return false
- }
+func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, sig []byte) bool {
ok := C._goboringcrypto_ECDSA_verify(0, base(hash), C.size_t(len(hash)), (*C.uint8_t)(unsafe.Pointer(&sig[0])), C.size_t(len(sig)), pub.key) != 0
runtime.KeepAlive(pub)
return ok
}
-func GenerateKeyECDSA(curve string) (X, Y, D *big.Int, err error) {
+func GenerateKeyECDSA(curve string) (X, Y, D BigInt, err error) {
nid, err := curveNID(curve)
if err != nil {
return nil, nil, nil, err
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion