forked from RaghavSood/ripple
/
signature.go
78 lines (70 loc) · 1.97 KB
/
signature.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
package crypto
import (
"fmt"
"github.com/agl/ed25519"
"github.com/btcsuite/btcd/btcec"
)
func Sign(privateKey, hash, msg []byte) ([]byte, error) {
switch len(privateKey) {
case ed25519.PrivateKeySize:
return signEd25519(privateKey, msg)
case btcec.PrivKeyBytesLen:
return signECDSA(privateKey, hash)
default:
return nil, fmt.Errorf("Unknown private key format")
}
}
func Verify(publicKey, hash, msg, signature []byte) (bool, error) {
switch publicKey[0] {
case 0xED:
return verifyEd25519(publicKey, signature, msg)
case 0x02, 0x03:
return verifyECDSA(publicKey, signature, hash)
default:
return false, fmt.Errorf("Unknown public key format")
}
}
func signEd25519(privateKey, msg []byte) ([]byte, error) {
var p [ed25519.PrivateKeySize]byte
copy(p[:], privateKey)
return ed25519.Sign(&p, msg)[:], nil
}
func verifyEd25519(pubKey, signature, msg []byte) (bool, error) {
var (
p [ed25519.PublicKeySize]byte
s [ed25519.SignatureSize]byte
)
switch {
case len(pubKey) != ed25519.PublicKeySize+1:
return false, fmt.Errorf("Wrong public key length: %d", len(pubKey))
case pubKey[0] != 0xED:
return false, fmt.Errorf("Wrong public format:")
case len(signature) != ed25519.SignatureSize:
return false, fmt.Errorf("Wrong Signature length: %d", len(signature))
default:
copy(p[:], pubKey[1:])
copy(s[:], signature)
return ed25519.Verify(&p, msg, &s), nil
}
}
// Returns DER encoded signature from input hash
func signECDSA(privateKey, hash []byte) ([]byte, error) {
priv, _ := btcec.PrivKeyFromBytes(btcec.S256(), privateKey)
sig, err := priv.Sign(hash)
if err != nil {
return nil, err
}
return sig.Serialize(), nil
}
// Verifies a hash using DER encoded signature
func verifyECDSA(pubKey, signature, hash []byte) (bool, error) {
sig, err := btcec.ParseDERSignature(signature, btcec.S256())
if err != nil {
return false, err
}
pk, err := btcec.ParsePubKey(pubKey, btcec.S256())
if err != nil {
return false, nil
}
return sig.Verify(hash, pk), nil
}