Refactor the DNSSEC private key code
Now PrivateKey is an interface exposing Sign() and String(). Common implementations are wrappers for {rsa|dsa|ecdsa}.PrivateKey but this allows for custom signers, and abstracts away the private-ops code to a single place.
This commit is contained in:
parent
3fd8a8eef6
commit
e9faa971b3
85
dnssec.go
85
dnssec.go
|
@ -20,7 +20,6 @@ import (
|
|||
"crypto/ecdsa"
|
||||
"crypto/elliptic"
|
||||
"crypto/md5"
|
||||
"crypto/rand"
|
||||
"crypto/rsa"
|
||||
"crypto/sha1"
|
||||
"crypto/sha256"
|
||||
|
@ -256,63 +255,36 @@ func (rr *RRSIG) Sign(k PrivateKey, rrset []RR) error {
|
|||
}
|
||||
signdata = append(signdata, wire...)
|
||||
|
||||
var sighash []byte
|
||||
var h hash.Hash
|
||||
var ch crypto.Hash // Only need for RSA
|
||||
var intlen int
|
||||
switch rr.Algorithm {
|
||||
case DSA, DSANSEC3SHA1:
|
||||
// Implicit in the ParameterSizes
|
||||
// TODO: this seems bugged, will panic
|
||||
case RSASHA1, RSASHA1NSEC3SHA1:
|
||||
h = sha1.New()
|
||||
ch = crypto.SHA1
|
||||
case RSASHA256, ECDSAP256SHA256:
|
||||
h = sha256.New()
|
||||
ch = crypto.SHA256
|
||||
intlen = 32
|
||||
case ECDSAP384SHA384:
|
||||
h = sha512.New384()
|
||||
intlen = 48
|
||||
case RSASHA512:
|
||||
h = sha512.New()
|
||||
ch = crypto.SHA512
|
||||
case RSAMD5:
|
||||
fallthrough // Deprecated in RFC 6725
|
||||
default:
|
||||
return ErrAlg
|
||||
}
|
||||
io.WriteString(h, string(signdata))
|
||||
sighash = h.Sum(nil)
|
||||
|
||||
switch p := k.(type) {
|
||||
case *dsa.PrivateKey:
|
||||
r1, s1, err := dsa.Sign(rand.Reader, p, sighash)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
signature := []byte{0x4D} // T value, here the ASCII M for Miek (not used in DNSSEC)
|
||||
signature = append(signature, intToBytes(r1, 20)...)
|
||||
signature = append(signature, intToBytes(s1, 20)...)
|
||||
rr.Signature = toBase64(signature)
|
||||
case *rsa.PrivateKey:
|
||||
// We can use nil as rand.Reader here (says AGL)
|
||||
signature, err := rsa.SignPKCS1v15(nil, p, ch, sighash)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
rr.Signature = toBase64(signature)
|
||||
case *ecdsa.PrivateKey:
|
||||
r1, s1, err := ecdsa.Sign(rand.Reader, p, sighash)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
signature := intToBytes(r1, intlen)
|
||||
signature = append(signature, intToBytes(s1, intlen)...)
|
||||
rr.Signature = toBase64(signature)
|
||||
default:
|
||||
// Not given the correct key
|
||||
return ErrKeyAlg
|
||||
_, err = h.Write(signdata)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
sighash := h.Sum(nil)
|
||||
|
||||
signature, err := k.Sign(sighash, rr.Algorithm)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
rr.Signature = toBase64(signature)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
|
@ -405,7 +377,7 @@ func (rr *RRSIG) Verify(k *DNSKEY, rrset []RR) error {
|
|||
sighash := h.Sum(nil)
|
||||
return rsa.VerifyPKCS1v15(pubkey, ch, sighash, sigbuf)
|
||||
case ECDSAP256SHA256, ECDSAP384SHA384:
|
||||
pubkey := k.publicKeyCurve()
|
||||
pubkey := k.publicKeyECDSA()
|
||||
if pubkey == nil {
|
||||
return ErrKey
|
||||
}
|
||||
|
@ -458,31 +430,6 @@ func (s *RRSIG) sigBuf() []byte {
|
|||
return sigbuf
|
||||
}
|
||||
|
||||
// setPublicKeyInPrivate sets the public key in the private key.
|
||||
func (k *DNSKEY) setPublicKeyInPrivate(p PrivateKey) bool {
|
||||
switch t := p.(type) {
|
||||
case *dsa.PrivateKey:
|
||||
x := k.publicKeyDSA()
|
||||
if x == nil {
|
||||
return false
|
||||
}
|
||||
t.PublicKey = *x
|
||||
case *rsa.PrivateKey:
|
||||
x := k.publicKeyRSA()
|
||||
if x == nil {
|
||||
return false
|
||||
}
|
||||
t.PublicKey = *x
|
||||
case *ecdsa.PrivateKey:
|
||||
x := k.publicKeyCurve()
|
||||
if x == nil {
|
||||
return false
|
||||
}
|
||||
t.PublicKey = *x
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
// publicKeyRSA returns the RSA public key from a DNSKEY record.
|
||||
func (k *DNSKEY) publicKeyRSA() *rsa.PublicKey {
|
||||
keybuf, err := fromBase64([]byte(k.PublicKey))
|
||||
|
@ -521,8 +468,8 @@ func (k *DNSKEY) publicKeyRSA() *rsa.PublicKey {
|
|||
return pubkey
|
||||
}
|
||||
|
||||
// publicKeyCurve returns the Curve public key from the DNSKEY record.
|
||||
func (k *DNSKEY) publicKeyCurve() *ecdsa.PublicKey {
|
||||
// publicKeyECDSA returns the Curve public key from the DNSKEY record.
|
||||
func (k *DNSKEY) publicKeyECDSA() *ecdsa.PublicKey {
|
||||
keybuf, err := fromBase64([]byte(k.PublicKey))
|
||||
if err != nil {
|
||||
return nil
|
||||
|
@ -585,7 +532,7 @@ func (k *DNSKEY) setPublicKeyRSA(_E int, _N *big.Int) bool {
|
|||
}
|
||||
|
||||
// Set the public key for Elliptic Curves
|
||||
func (k *DNSKEY) setPublicKeyCurve(_X, _Y *big.Int) bool {
|
||||
func (k *DNSKEY) setPublicKeyECDSA(_X, _Y *big.Int) bool {
|
||||
if _X == nil || _Y == nil {
|
||||
return false
|
||||
}
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
package dns
|
||||
|
||||
import (
|
||||
"crypto/rsa"
|
||||
"reflect"
|
||||
"strings"
|
||||
"testing"
|
||||
|
@ -389,7 +388,7 @@ Activate: 20110302104537`
|
|||
t.Fail()
|
||||
}
|
||||
switch priv := p.(type) {
|
||||
case *rsa.PrivateKey:
|
||||
case *RSAPrivateKey:
|
||||
if 65537 != priv.PublicKey.E {
|
||||
t.Log("exponenent should be 65537")
|
||||
t.Fail()
|
||||
|
|
146
keygen.go
146
keygen.go
|
@ -1,6 +1,7 @@
|
|||
package dns
|
||||
|
||||
import (
|
||||
"crypto"
|
||||
"crypto/dsa"
|
||||
"crypto/ecdsa"
|
||||
"crypto/elliptic"
|
||||
|
@ -12,9 +13,10 @@ import (
|
|||
|
||||
const _FORMAT = "Private-key-format: v1.3\n"
|
||||
|
||||
// Empty interface that is used as a wrapper around all possible
|
||||
// private key implementations from the crypto package.
|
||||
type PrivateKey interface{}
|
||||
type PrivateKey interface {
|
||||
Sign([]byte, uint8) ([]byte, error)
|
||||
String(uint8) string
|
||||
}
|
||||
|
||||
// Generate generates a DNSKEY of the given bit size.
|
||||
// The public part is put inside the DNSKEY record.
|
||||
|
@ -59,14 +61,14 @@ func (r *DNSKEY) Generate(bits int) (PrivateKey, error) {
|
|||
return nil, err
|
||||
}
|
||||
r.setPublicKeyDSA(params.Q, params.P, params.G, priv.PublicKey.Y)
|
||||
return priv, nil
|
||||
return (*DSAPrivateKey)(priv), nil
|
||||
case RSAMD5, RSASHA1, RSASHA256, RSASHA512, RSASHA1NSEC3SHA1:
|
||||
priv, err := rsa.GenerateKey(rand.Reader, bits)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
r.setPublicKeyRSA(priv.PublicKey.E, priv.PublicKey.N)
|
||||
return priv, nil
|
||||
return (*RSAPrivateKey)(priv), nil
|
||||
case ECDSAP256SHA256, ECDSAP384SHA384:
|
||||
var c elliptic.Curve
|
||||
switch r.Algorithm {
|
||||
|
@ -79,41 +81,61 @@ func (r *DNSKEY) Generate(bits int) (PrivateKey, error) {
|
|||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
r.setPublicKeyCurve(priv.PublicKey.X, priv.PublicKey.Y)
|
||||
return priv, nil
|
||||
r.setPublicKeyECDSA(priv.PublicKey.X, priv.PublicKey.Y)
|
||||
return (*ECDSAPrivateKey)(priv), nil
|
||||
default:
|
||||
return nil, ErrAlg
|
||||
}
|
||||
return nil, nil // Dummy return
|
||||
}
|
||||
|
||||
// PrivateKeyString converts a PrivateKey to a string. This
|
||||
// string has the same format as the private-key-file of BIND9 (Private-key-format: v1.3).
|
||||
// It needs some info from the key (hashing, keytag), so its a method of the DNSKEY.
|
||||
func (r *DNSKEY) PrivateKeyString(p PrivateKey) (s string) {
|
||||
switch t := p.(type) {
|
||||
case *rsa.PrivateKey:
|
||||
algorithm := strconv.Itoa(int(r.Algorithm)) + " (" + AlgorithmToString[r.Algorithm] + ")"
|
||||
modulus := toBase64(t.PublicKey.N.Bytes())
|
||||
e := big.NewInt(int64(t.PublicKey.E))
|
||||
// PrivateKeyString converts a PrivateKey to a string. This string has the same
|
||||
// format as the private-key-file of BIND9 (Private-key-format: v1.3).
|
||||
// It needs some info from the key (the algorithm), so its a method of the
|
||||
// DNSKEY and calls PrivateKey.String(alg).
|
||||
func (r *DNSKEY) PrivateKeyString(p PrivateKey) string {
|
||||
return p.String(r.Algorithm)
|
||||
}
|
||||
|
||||
type RSAPrivateKey rsa.PrivateKey
|
||||
|
||||
func (p *RSAPrivateKey) Sign(hashed []byte, alg uint8) ([]byte, error) {
|
||||
var hash crypto.Hash
|
||||
switch alg {
|
||||
case RSASHA1, RSASHA1NSEC3SHA1:
|
||||
hash = crypto.SHA1
|
||||
case RSASHA256:
|
||||
hash = crypto.SHA256
|
||||
case RSASHA512:
|
||||
hash = crypto.SHA512
|
||||
default:
|
||||
return nil, ErrAlg
|
||||
}
|
||||
return rsa.SignPKCS1v15(nil, (*rsa.PrivateKey)(p), hash, hashed)
|
||||
}
|
||||
|
||||
func (p *RSAPrivateKey) String(alg uint8) string {
|
||||
if true {
|
||||
algorithm := strconv.Itoa(int(alg)) + " (" + AlgorithmToString[alg] + ")"
|
||||
modulus := toBase64(p.PublicKey.N.Bytes())
|
||||
e := big.NewInt(int64(p.PublicKey.E))
|
||||
publicExponent := toBase64(e.Bytes())
|
||||
privateExponent := toBase64(t.D.Bytes())
|
||||
prime1 := toBase64(t.Primes[0].Bytes())
|
||||
prime2 := toBase64(t.Primes[1].Bytes())
|
||||
privateExponent := toBase64(p.D.Bytes())
|
||||
prime1 := toBase64(p.Primes[0].Bytes())
|
||||
prime2 := toBase64(p.Primes[1].Bytes())
|
||||
// Calculate Exponent1/2 and Coefficient as per: http://en.wikipedia.org/wiki/RSA#Using_the_Chinese_remainder_algorithm
|
||||
// and from: http://code.google.com/p/go/issues/detail?id=987
|
||||
one := big.NewInt(1)
|
||||
p_1 := big.NewInt(0).Sub(t.Primes[0], one)
|
||||
q_1 := big.NewInt(0).Sub(t.Primes[1], one)
|
||||
exp1 := big.NewInt(0).Mod(t.D, p_1)
|
||||
exp2 := big.NewInt(0).Mod(t.D, q_1)
|
||||
coeff := big.NewInt(0).ModInverse(t.Primes[1], t.Primes[0])
|
||||
p_1 := big.NewInt(0).Sub(p.Primes[0], one)
|
||||
q_1 := big.NewInt(0).Sub(p.Primes[1], one)
|
||||
exp1 := big.NewInt(0).Mod(p.D, p_1)
|
||||
exp2 := big.NewInt(0).Mod(p.D, q_1)
|
||||
coeff := big.NewInt(0).ModInverse(p.Primes[1], p.Primes[0])
|
||||
|
||||
exponent1 := toBase64(exp1.Bytes())
|
||||
exponent2 := toBase64(exp2.Bytes())
|
||||
coefficient := toBase64(coeff.Bytes())
|
||||
|
||||
s = _FORMAT +
|
||||
return _FORMAT +
|
||||
"Algorithm: " + algorithm + "\n" +
|
||||
"Modulus: " + modulus + "\n" +
|
||||
"PublicExponent: " + publicExponent + "\n" +
|
||||
|
@ -123,28 +145,71 @@ func (r *DNSKEY) PrivateKeyString(p PrivateKey) (s string) {
|
|||
"Exponent1: " + exponent1 + "\n" +
|
||||
"Exponent2: " + exponent2 + "\n" +
|
||||
"Coefficient: " + coefficient + "\n"
|
||||
case *ecdsa.PrivateKey:
|
||||
algorithm := strconv.Itoa(int(r.Algorithm)) + " (" + AlgorithmToString[r.Algorithm] + ")"
|
||||
}
|
||||
}
|
||||
|
||||
type ECDSAPrivateKey ecdsa.PrivateKey
|
||||
|
||||
func (p *ECDSAPrivateKey) Sign(hashed []byte, alg uint8) ([]byte, error) {
|
||||
var intlen int
|
||||
switch alg {
|
||||
case ECDSAP256SHA256:
|
||||
intlen = 32
|
||||
case ECDSAP384SHA384:
|
||||
intlen = 48
|
||||
default:
|
||||
return nil, ErrAlg
|
||||
}
|
||||
r1, s1, err := ecdsa.Sign(rand.Reader, (*ecdsa.PrivateKey)(p), hashed)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
signature := intToBytes(r1, intlen)
|
||||
signature = append(signature, intToBytes(s1, intlen)...)
|
||||
return signature, nil
|
||||
}
|
||||
|
||||
func (p *ECDSAPrivateKey) String(alg uint8) string {
|
||||
if true {
|
||||
algorithm := strconv.Itoa(int(alg)) + " (" + AlgorithmToString[alg] + ")"
|
||||
var intlen int
|
||||
switch r.Algorithm {
|
||||
switch alg {
|
||||
case ECDSAP256SHA256:
|
||||
intlen = 32
|
||||
case ECDSAP384SHA384:
|
||||
intlen = 48
|
||||
}
|
||||
private := toBase64(intToBytes(t.D, intlen))
|
||||
s = _FORMAT +
|
||||
private := toBase64(intToBytes(p.D, intlen))
|
||||
return _FORMAT +
|
||||
"Algorithm: " + algorithm + "\n" +
|
||||
"PrivateKey: " + private + "\n"
|
||||
case *dsa.PrivateKey:
|
||||
algorithm := strconv.Itoa(int(r.Algorithm)) + " (" + AlgorithmToString[r.Algorithm] + ")"
|
||||
T := divRoundUp(divRoundUp(t.PublicKey.Parameters.G.BitLen(), 8)-64, 8)
|
||||
prime := toBase64(intToBytes(t.PublicKey.Parameters.P, 64+T*8))
|
||||
subprime := toBase64(intToBytes(t.PublicKey.Parameters.Q, 20))
|
||||
base := toBase64(intToBytes(t.PublicKey.Parameters.G, 64+T*8))
|
||||
priv := toBase64(intToBytes(t.X, 20))
|
||||
pub := toBase64(intToBytes(t.PublicKey.Y, 64+T*8))
|
||||
s = _FORMAT +
|
||||
}
|
||||
}
|
||||
|
||||
type DSAPrivateKey dsa.PrivateKey
|
||||
|
||||
func (p *DSAPrivateKey) Sign(hashed []byte, alg uint8) ([]byte, error) {
|
||||
r1, s1, err := dsa.Sign(rand.Reader, (*dsa.PrivateKey)(p), hashed)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
t := divRoundUp(divRoundUp(p.PublicKey.Y.BitLen(), 8)-64, 8)
|
||||
signature := []byte{byte(t)}
|
||||
signature = append(signature, intToBytes(r1, 20)...)
|
||||
signature = append(signature, intToBytes(s1, 20)...)
|
||||
return signature, nil
|
||||
}
|
||||
|
||||
func (p *DSAPrivateKey) String(alg uint8) string {
|
||||
if true {
|
||||
algorithm := strconv.Itoa(int(alg)) + " (" + AlgorithmToString[alg] + ")"
|
||||
T := divRoundUp(divRoundUp(p.PublicKey.Parameters.G.BitLen(), 8)-64, 8)
|
||||
prime := toBase64(intToBytes(p.PublicKey.Parameters.P, 64+T*8))
|
||||
subprime := toBase64(intToBytes(p.PublicKey.Parameters.Q, 20))
|
||||
base := toBase64(intToBytes(p.PublicKey.Parameters.G, 64+T*8))
|
||||
priv := toBase64(intToBytes(p.X, 20))
|
||||
pub := toBase64(intToBytes(p.PublicKey.Y, 64+T*8))
|
||||
return _FORMAT +
|
||||
"Algorithm: " + algorithm + "\n" +
|
||||
"Prime(p): " + prime + "\n" +
|
||||
"Subprime(q): " + subprime + "\n" +
|
||||
|
@ -152,5 +217,4 @@ func (r *DNSKEY) PrivateKeyString(p PrivateKey) (s string) {
|
|||
"Private_value(x): " + priv + "\n" +
|
||||
"Public_value(y): " + pub + "\n"
|
||||
}
|
||||
return
|
||||
}
|
||||
|
|
49
kscan.go
49
kscan.go
|
@ -18,8 +18,8 @@ func (k *DNSKEY) NewPrivateKey(s string) (PrivateKey, error) {
|
|||
|
||||
// ReadPrivateKey reads a private key from the io.Reader q. The string file is
|
||||
// only used in error reporting.
|
||||
// The public key must be
|
||||
// known, because some cryptographic algorithms embed the public inside the privatekey.
|
||||
// The public key must be known, because some cryptographic algorithms embed
|
||||
// the public inside the privatekey.
|
||||
func (k *DNSKEY) ReadPrivateKey(q io.Reader, file string) (PrivateKey, error) {
|
||||
m, e := parseKey(q, file)
|
||||
if m == nil {
|
||||
|
@ -34,14 +34,16 @@ func (k *DNSKEY) ReadPrivateKey(q io.Reader, file string) (PrivateKey, error) {
|
|||
// TODO(mg): check if the pubkey matches the private key
|
||||
switch m["algorithm"] {
|
||||
case "3 (DSA)":
|
||||
p, e := readPrivateKeyDSA(m)
|
||||
priv, e := readPrivateKeyDSA(m)
|
||||
if e != nil {
|
||||
return nil, e
|
||||
}
|
||||
if !k.setPublicKeyInPrivate(p) {
|
||||
pub := k.publicKeyDSA()
|
||||
if pub == nil {
|
||||
return nil, ErrKey
|
||||
}
|
||||
return p, e
|
||||
priv.PublicKey = *pub
|
||||
return (*DSAPrivateKey)(priv), e
|
||||
case "1 (RSAMD5)":
|
||||
fallthrough
|
||||
case "5 (RSASHA1)":
|
||||
|
@ -51,38 +53,38 @@ func (k *DNSKEY) ReadPrivateKey(q io.Reader, file string) (PrivateKey, error) {
|
|||
case "8 (RSASHA256)":
|
||||
fallthrough
|
||||
case "10 (RSASHA512)":
|
||||
p, e := readPrivateKeyRSA(m)
|
||||
priv, e := readPrivateKeyRSA(m)
|
||||
if e != nil {
|
||||
return nil, e
|
||||
}
|
||||
if !k.setPublicKeyInPrivate(p) {
|
||||
pub := k.publicKeyRSA()
|
||||
if pub == nil {
|
||||
return nil, ErrKey
|
||||
}
|
||||
return p, e
|
||||
priv.PublicKey = *pub
|
||||
return (*RSAPrivateKey)(priv), e
|
||||
case "12 (ECC-GOST)":
|
||||
p, e := readPrivateKeyGOST(m)
|
||||
if e != nil {
|
||||
return nil, e
|
||||
}
|
||||
// setPublicKeyInPrivate(p)
|
||||
return p, e
|
||||
return nil, ErrPrivKey
|
||||
case "13 (ECDSAP256SHA256)":
|
||||
fallthrough
|
||||
case "14 (ECDSAP384SHA384)":
|
||||
p, e := readPrivateKeyECDSA(m)
|
||||
priv, e := readPrivateKeyECDSA(m)
|
||||
if e != nil {
|
||||
return nil, e
|
||||
}
|
||||
if !k.setPublicKeyInPrivate(p) {
|
||||
pub := k.publicKeyECDSA()
|
||||
if pub == nil {
|
||||
return nil, ErrKey
|
||||
}
|
||||
return p, e
|
||||
priv.PublicKey = *pub
|
||||
return (*ECDSAPrivateKey)(priv), e
|
||||
default:
|
||||
return nil, ErrPrivKey
|
||||
}
|
||||
return nil, ErrPrivKey
|
||||
}
|
||||
|
||||
// Read a private key (file) string and create a public key. Return the private key.
|
||||
func readPrivateKeyRSA(m map[string]string) (PrivateKey, error) {
|
||||
func readPrivateKeyRSA(m map[string]string) (*rsa.PrivateKey, error) {
|
||||
p := new(rsa.PrivateKey)
|
||||
p.Primes = []*big.Int{nil, nil}
|
||||
for k, v := range m {
|
||||
|
@ -119,7 +121,7 @@ func readPrivateKeyRSA(m map[string]string) (PrivateKey, error) {
|
|||
return p, nil
|
||||
}
|
||||
|
||||
func readPrivateKeyDSA(m map[string]string) (PrivateKey, error) {
|
||||
func readPrivateKeyDSA(m map[string]string) (*dsa.PrivateKey, error) {
|
||||
p := new(dsa.PrivateKey)
|
||||
p.X = big.NewInt(0)
|
||||
for k, v := range m {
|
||||
|
@ -137,7 +139,7 @@ func readPrivateKeyDSA(m map[string]string) (PrivateKey, error) {
|
|||
return p, nil
|
||||
}
|
||||
|
||||
func readPrivateKeyECDSA(m map[string]string) (PrivateKey, error) {
|
||||
func readPrivateKeyECDSA(m map[string]string) (*ecdsa.PrivateKey, error) {
|
||||
p := new(ecdsa.PrivateKey)
|
||||
p.D = big.NewInt(0)
|
||||
// TODO: validate that the required flags are present
|
||||
|
@ -156,11 +158,6 @@ func readPrivateKeyECDSA(m map[string]string) (PrivateKey, error) {
|
|||
return p, nil
|
||||
}
|
||||
|
||||
func readPrivateKeyGOST(m map[string]string) (PrivateKey, error) {
|
||||
// TODO(miek)
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
// parseKey reads a private key from r. It returns a map[string]string,
|
||||
// with the key-value pairs, or an error when the file is not correct.
|
||||
func parseKey(r io.Reader, file string) (map[string]string, error) {
|
||||
|
|
|
@ -1265,8 +1265,8 @@ func TestNewPrivateKey(t *testing.T) {
|
|||
}
|
||||
|
||||
switch newPrivKey := newPrivKey.(type) {
|
||||
case *rsa.PrivateKey:
|
||||
newPrivKey.Precompute()
|
||||
case *RSAPrivateKey:
|
||||
(*rsa.PrivateKey)(newPrivKey).Precompute()
|
||||
}
|
||||
|
||||
if !reflect.DeepEqual(privkey, newPrivKey) {
|
||||
|
|
34
sig0.go
34
sig0.go
|
@ -19,7 +19,6 @@ import (
|
|||
"crypto"
|
||||
"crypto/dsa"
|
||||
"crypto/ecdsa"
|
||||
"crypto/rand"
|
||||
"crypto/rsa"
|
||||
"math/big"
|
||||
"strings"
|
||||
|
@ -58,16 +57,13 @@ func (rr *SIG) Sign(k PrivateKey, m *Msg) ([]byte, error) {
|
|||
}
|
||||
buf = buf[:off:cap(buf)]
|
||||
var hash crypto.Hash
|
||||
var intlen int
|
||||
switch rr.Algorithm {
|
||||
case DSA, RSASHA1:
|
||||
hash = crypto.SHA1
|
||||
case RSASHA256, ECDSAP256SHA256:
|
||||
hash = crypto.SHA256
|
||||
intlen = 32
|
||||
case ECDSAP384SHA384:
|
||||
hash = crypto.SHA384
|
||||
intlen = 48
|
||||
case RSASHA512:
|
||||
hash = crypto.SHA512
|
||||
default:
|
||||
|
@ -80,31 +76,9 @@ func (rr *SIG) Sign(k PrivateKey, m *Msg) ([]byte, error) {
|
|||
hasher.Write(buf[:len(mbuf)])
|
||||
hashed := hasher.Sum(nil)
|
||||
|
||||
var sig []byte
|
||||
switch p := k.(type) {
|
||||
case *dsa.PrivateKey:
|
||||
t := divRoundUp(divRoundUp(p.PublicKey.Y.BitLen(), 8)-64, 8)
|
||||
r1, s1, err := dsa.Sign(rand.Reader, p, hashed)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
sig = append(sig, byte(t))
|
||||
sig = append(sig, intToBytes(r1, 20)...)
|
||||
sig = append(sig, intToBytes(s1, 20)...)
|
||||
case *rsa.PrivateKey:
|
||||
sig, err = rsa.SignPKCS1v15(rand.Reader, p, hash, hashed)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
case *ecdsa.PrivateKey:
|
||||
r1, s1, err := ecdsa.Sign(rand.Reader, p, hashed)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
sig = intToBytes(r1, intlen)
|
||||
sig = append(sig, intToBytes(s1, intlen)...)
|
||||
default:
|
||||
return nil, ErrAlg
|
||||
sig, err := k.Sign(hashed, rr.Algorithm)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
rr.Signature = toBase64(sig)
|
||||
buf = append(buf, sig...)
|
||||
|
@ -246,7 +220,7 @@ func (rr *SIG) Verify(k *KEY, buf []byte) error {
|
|||
return rsa.VerifyPKCS1v15(pk, hash, hashed, sig)
|
||||
}
|
||||
case ECDSAP256SHA256, ECDSAP384SHA384:
|
||||
pk := k.publicKeyCurve()
|
||||
pk := k.publicKeyECDSA()
|
||||
r := big.NewInt(0)
|
||||
r.SetBytes(sig[:len(sig)/2])
|
||||
s := big.NewInt(0)
|
||||
|
|
Loading…
Reference in New Issue