diff options
Diffstat (limited to 'src/crypto/internal/boring/ecdsa.go')
-rw-r--r-- | src/crypto/internal/boring/ecdsa.go | 37 |
1 files changed, 6 insertions, 31 deletions
diff --git a/src/crypto/internal/boring/ecdsa.go b/src/crypto/internal/boring/ecdsa.go index 20612e6a2c..884c4b746d 100644 --- a/src/crypto/internal/boring/ecdsa.go +++ b/src/crypto/internal/boring/ecdsa.go @@ -10,15 +10,13 @@ package boring // #include "goboringcrypto.h" import "C" import ( - "encoding/asn1" "errors" - "math/big" "runtime" "unsafe" ) type ecdsaSignature struct { - R, S *big.Int + R, S BigInt } type PrivateKeyECDSA struct { @@ -53,7 +51,7 @@ func curveNID(curve string) (C.int, error) { return 0, errUnknownCurve } -func NewPublicKeyECDSA(curve string, X, Y *big.Int) (*PublicKeyECDSA, error) { +func NewPublicKeyECDSA(curve string, X, Y BigInt) (*PublicKeyECDSA, error) { key, err := newECKey(curve, X, Y) if err != nil { return nil, err @@ -67,7 +65,7 @@ func NewPublicKeyECDSA(curve string, X, Y *big.Int) (*PublicKeyECDSA, error) { return k, nil } -func newECKey(curve string, X, Y *big.Int) (*C.GO_EC_KEY, error) { +func newECKey(curve string, X, Y BigInt) (*C.GO_EC_KEY, error) { nid, err := curveNID(curve) if err != nil { return nil, err @@ -100,7 +98,7 @@ func newECKey(curve string, X, Y *big.Int) (*C.GO_EC_KEY, error) { return key, nil } -func NewPrivateKeyECDSA(curve string, X, Y *big.Int, D *big.Int) (*PrivateKeyECDSA, error) { +func NewPrivateKeyECDSA(curve string, X, Y BigInt, D BigInt) (*PrivateKeyECDSA, error) { key, err := newECKey(curve, X, Y) if err != nil { return nil, err @@ -123,22 +121,6 @@ func NewPrivateKeyECDSA(curve string, X, Y *big.Int, D *big.Int) (*PrivateKeyECD return k, nil } -func SignECDSA(priv *PrivateKeyECDSA, hash []byte) (r, s *big.Int, err error) { - // We could use ECDSA_do_sign instead but would need to convert - // the resulting BIGNUMs to *big.Int form. If we're going to do a - // conversion, converting the ASN.1 form is more convenient and - // likely not much more expensive. - sig, err := SignMarshalECDSA(priv, hash) - if err != nil { - return nil, nil, err - } - var esig ecdsaSignature - if _, err := asn1.Unmarshal(sig, &esig); err != nil { - return nil, nil, err - } - return esig.R, esig.S, nil -} - func SignMarshalECDSA(priv *PrivateKeyECDSA, hash []byte) ([]byte, error) { size := C._goboringcrypto_ECDSA_size(priv.key) sig := make([]byte, size) @@ -150,20 +132,13 @@ func SignMarshalECDSA(priv *PrivateKeyECDSA, hash []byte) ([]byte, error) { return sig[:sigLen], nil } -func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, r, s *big.Int) bool { - // We could use ECDSA_do_verify instead but would need to convert - // r and s to BIGNUM form. If we're going to do a conversion, marshaling - // to ASN.1 is more convenient and likely not much more expensive. - sig, err := asn1.Marshal(ecdsaSignature{r, s}) - if err != nil { - return false - } +func VerifyECDSA(pub *PublicKeyECDSA, hash []byte, sig []byte) bool { ok := C._goboringcrypto_ECDSA_verify(0, base(hash), C.size_t(len(hash)), (*C.uint8_t)(unsafe.Pointer(&sig[0])), C.size_t(len(sig)), pub.key) != 0 runtime.KeepAlive(pub) return ok } -func GenerateKeyECDSA(curve string) (X, Y, D *big.Int, err error) { +func GenerateKeyECDSA(curve string) (X, Y, D BigInt, err error) { nid, err := curveNID(curve) if err != nil { return nil, nil, nil, err |