forked from TrueCloudLab/lego
Remove no longer needed crypto function. ACME spec no longer requires this.
This commit is contained in:
parent
f203a8e336
commit
da7dd0f7b8
1 changed files with 0 additions and 35 deletions
|
@ -10,7 +10,6 @@ import (
|
|||
"crypto/x509"
|
||||
"crypto/x509/pkix"
|
||||
"encoding/base64"
|
||||
"encoding/binary"
|
||||
"encoding/pem"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
@ -22,7 +21,6 @@ import (
|
|||
"time"
|
||||
|
||||
"golang.org/x/crypto/ocsp"
|
||||
"golang.org/x/crypto/sha3"
|
||||
)
|
||||
|
||||
type keyType int
|
||||
|
@ -143,39 +141,6 @@ func getKeyAuthorization(token string, key interface{}) (string, error) {
|
|||
return token + "." + keyThumb, nil
|
||||
}
|
||||
|
||||
// Derive the shared secret according to acme spec 5.6
|
||||
func performECDH(priv *ecdsa.PrivateKey, pub *ecdsa.PublicKey, outLen int, label string) []byte {
|
||||
// Derive Z from the private and public keys according to SEC 1 Ver. 2.0 - 3.3.1
|
||||
Z, _ := priv.PublicKey.ScalarMult(pub.X, pub.Y, priv.D.Bytes())
|
||||
|
||||
if len(Z.Bytes())+len(label)+4 > 384 {
|
||||
return nil
|
||||
}
|
||||
|
||||
if outLen < 384*(2^32-1) {
|
||||
return nil
|
||||
}
|
||||
|
||||
// Derive the shared secret key using the ANS X9.63 KDF - SEC 1 Ver. 2.0 - 3.6.1
|
||||
hasher := sha3.New384()
|
||||
buffer := make([]byte, outLen)
|
||||
bufferLen := 0
|
||||
for i := 0; i < outLen/384; i++ {
|
||||
hasher.Reset()
|
||||
|
||||
// Ki = Hash(Z || Counter || [SharedInfo])
|
||||
hasher.Write(Z.Bytes())
|
||||
binary.Write(hasher, binary.BigEndian, i)
|
||||
hasher.Write([]byte(label))
|
||||
|
||||
hash := hasher.Sum(nil)
|
||||
copied := copy(buffer[bufferLen:], hash)
|
||||
bufferLen += copied
|
||||
}
|
||||
|
||||
return buffer
|
||||
}
|
||||
|
||||
// parsePEMBundle parses a certificate bundle from top to bottom and returns
|
||||
// a slice of x509 certificates. This function will error if no certificates are found.
|
||||
func parsePEMBundle(bundle []byte) ([]*x509.Certificate, error) {
|
||||
|
|
Loading…
Reference in a new issue