Package ecdsa implements the Elliptic Curve Digital Signature Algorithm, as
defined in FIPS 186-3.
This implementation derives the nonce from an AES-CTR CSPRNG keyed by
ChopMD(256, SHA2-512(priv.D || entropy || hash)). The CSPRNG key is IRO by a
result of Coron; the AES-CTR stream is IRO under standard assumptions.
- func Sign(rand io.Reader, priv PrivateKey, hash byte) (r, s big.Int, err error)
- func Verify(pub PublicKey, hash byte, r, s big.Int) bool
- type PrivateKey
- type PublicKey
Sign signs a hash (which should be the result of hashing a larger message) using
the private key, priv. If the hash is longer than the bit-length of the private
key’s curve order, the hash will be truncated to that length. It returns the
signature as a pair of integers. The security of the private key depends on the
entropy of rand.
Verify verifies the signature in r, s of hash using the public key, pub. Its
return value records whether the signature is valid.
PrivateKey represents an ECDSA private key.
GenerateKey generates a public and private key pair.
Public returns the public key corresponding to priv.
Sign signs digest with priv, reading randomness from rand. The opts argument is
not currently used but, in keeping with the crypto.Signer interface, should be
the hash function used to digest the message.
This method implements crypto.Signer, which is an interface to support keys
where the private part is kept in, for example, a hardware module. Common uses
should use the Sign function in this package directly.
PublicKey represents an ECDSA public key.