/
ecdsa.go
90 lines (70 loc) · 1.9 KB
/
ecdsa.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
package cryptography
import (
"crypto"
"crypto/ecdsa"
"crypto/rand"
"crypto/sha512"
"io"
ethCrypto "github.com/ethereum/go-ethereum/crypto"
"github.com/pkg/errors"
)
type Secp256k1PrivateKey struct {
*ecdsa.PrivateKey
}
func NewEcdsaSecp256k1PrivateKey() (*Secp256k1PrivateKey, error) {
pk, err := ecdsa.GenerateKey(ethCrypto.S256(), rand.Reader)
if err != nil {
return nil, errors.Wrap(err, "generating ecdsa key")
}
return &Secp256k1PrivateKey{pk}, nil
}
func (p *Secp256k1PrivateKey) Bytes() ([]byte, error) {
return ethCrypto.FromECDSA(p.PrivateKey), nil
}
func (p *Secp256k1PrivateKey) Sign(_ io.Reader, digest []byte, _ crypto.SignerOpts) ([]byte, error) {
dig := digest
if len(dig) > 128 {
h := sha512.Sum512(digest)
dig = h[:]
}
return ethCrypto.Sign(dig, p.PrivateKey)
}
func (p *Secp256k1PrivateKey) Public() crypto.PublicKey {
return Secp256k1PublicKey{p.PublicKey}
}
func NewSecp256k1PublicKey(d []byte) (*Secp256k1PublicKey, error) {
pub, err := ethCrypto.UnmarshalPubkey(d)
if err != nil {
return nil, errors.Wrap(err, "unmarshalling ecdsa pub key")
}
return &Secp256k1PublicKey{*pub}, nil
}
type Secp256k1PublicKey struct {
ecdsa.PublicKey
}
func (p *Secp256k1PublicKey) Bytes() ([]byte, error) {
return ethCrypto.FromECDSAPub(&p.PublicKey), nil
}
func (p *Secp256k1PublicKey) Verify(sig, msg []byte) (bool, error) {
return ethCrypto.VerifySignature(
ethCrypto.FromECDSAPub(&p.PublicKey),
msg,
sig,
), nil
}
func ValidateEcdsaSecp256k1(vm VerificationMethod, signature []byte, msg []byte) (bool, error) {
dig := msg
if len(dig) > 128 {
h := sha512.Sum512(msg)
dig = h[:]
}
pkbytes, err := decodeMultibase(vm.PublicKeyMultibase)
if err != nil {
return false, errors.Wrap(err, "decoding multibase")
}
pub, err := NewSecp256k1PublicKey(pkbytes)
if err != nil {
return false, errors.Wrap(err, "unmarshalling public key")
}
return pub.Verify(signature, dig)
}