Merge pull request #7 from nspcc-dev/NEOFS_CRYPTO-4_Use_sha512_instead_of_sha256
Use SHA512 instead of SHA256
This commit is contained in:
commit
5bcaeeca4e
2 changed files with 12 additions and 6 deletions
8
ecdsa.go
8
ecdsa.go
|
@ -4,7 +4,7 @@ import (
|
||||||
"crypto/ecdsa"
|
"crypto/ecdsa"
|
||||||
"crypto/elliptic"
|
"crypto/elliptic"
|
||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
"crypto/sha256"
|
"crypto/sha512"
|
||||||
"crypto/x509"
|
"crypto/x509"
|
||||||
"math/big"
|
"math/big"
|
||||||
|
|
||||||
|
@ -183,9 +183,9 @@ func MarshalPrivateKey(key *ecdsa.PrivateKey) []byte {
|
||||||
return key.D.Bytes()
|
return key.D.Bytes()
|
||||||
}
|
}
|
||||||
|
|
||||||
// hashBytes returns the sha256 sum.
|
// hashBytes returns the sha512 sum.
|
||||||
func hashBytes(data []byte) []byte {
|
func hashBytes(data []byte) []byte {
|
||||||
buf := sha256.Sum256(data)
|
buf := sha512.Sum512(data)
|
||||||
return buf[:]
|
return buf[:]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -203,7 +203,7 @@ func Verify(pub *ecdsa.PublicKey, msg, sig []byte) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Sign signs a message using the private key. If the sha256 hash of msg
|
// Sign signs a message using the private key. If the sha512 hash of msg
|
||||||
// is longer than the bit-length of the private key's curve order, the hash
|
// is longer than the bit-length of the private key's curve order, the hash
|
||||||
// will be truncated to that length. It returns the signature as slice bytes.
|
// will be truncated to that length. It returns the signature as slice bytes.
|
||||||
// The security of the private key depends on the entropy of rand.
|
// The security of the private key depends on the entropy of rand.
|
||||||
|
|
10
rfc6979.go
10
rfc6979.go
|
@ -21,6 +21,12 @@ const (
|
||||||
ErrWrongSignature = internal.Error("wrong signature")
|
ErrWrongSignature = internal.Error("wrong signature")
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// hashBytesRFC6979 returns the sha256 sum.
|
||||||
|
func hashBytesRFC6979(data []byte) []byte {
|
||||||
|
sign := sha256.Sum256(data)
|
||||||
|
return sign[:]
|
||||||
|
}
|
||||||
|
|
||||||
// SignRFC6979 signs an arbitrary length hash (which should be the result of
|
// SignRFC6979 signs an arbitrary length hash (which should be the result of
|
||||||
// hashing a larger message) using the private key. It returns the
|
// hashing a larger message) using the private key. It returns the
|
||||||
// signature as a pair of integers.
|
// signature as a pair of integers.
|
||||||
|
@ -28,7 +34,7 @@ const (
|
||||||
// Note that FIPS 186-3 section 4.6 specifies that the hash should be truncated
|
// Note that FIPS 186-3 section 4.6 specifies that the hash should be truncated
|
||||||
// to the byte-length of the subgroup. This function does not perform that.
|
// to the byte-length of the subgroup. This function does not perform that.
|
||||||
func SignRFC6979(key *ecdsa.PrivateKey, msg []byte) ([]byte, error) {
|
func SignRFC6979(key *ecdsa.PrivateKey, msg []byte) ([]byte, error) {
|
||||||
r, s, err := rfc6979.SignECDSA(key, hashBytes(msg), sha256.New)
|
r, s, err := rfc6979.SignECDSA(key, hashBytesRFC6979(msg), sha256.New)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -49,7 +55,7 @@ func decodeSignature(sig []byte) (*big.Int, *big.Int, error) {
|
||||||
func VerifyRFC6979(key *ecdsa.PublicKey, msg, sig []byte) error {
|
func VerifyRFC6979(key *ecdsa.PublicKey, msg, sig []byte) error {
|
||||||
if r, s, err := decodeSignature(sig); err != nil {
|
if r, s, err := decodeSignature(sig); err != nil {
|
||||||
return err
|
return err
|
||||||
} else if !ecdsa.Verify(key, hashBytes(msg), r, s) {
|
} else if !ecdsa.Verify(key, hashBytesRFC6979(msg), r, s) {
|
||||||
return ErrWrongSignature
|
return ErrWrongSignature
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue