diff --git a/dsa.go b/dsa.go index 4742308..8f5b95d 100644 --- a/dsa.go +++ b/dsa.go @@ -5,14 +5,14 @@ import ( "math/big" ) -// Sign signs an arbitrary length hash (which should be the result of hashing a -// larger message) using the private key, priv. It returns the signature as a +// SignDSA signs an arbitrary length hash (which should be the result of hashing +// a larger message) using the private key, priv. It returns the signature as a // pair of integers. // // Note that FIPS 186-3 section 4.6 specifies that the hash should be truncated // to the byte-length of the subgroup. This function does not perform that // truncation itself. -func SignDSA(priv *dsa.PrivateKey, hash []byte, alg HashAlgorithm) (r, s *big.Int, err error) { +func SignDSA(priv *dsa.PrivateKey, hash []byte, alg HashFunc) (r, s *big.Int, err error) { n := priv.Q.BitLen() if n&7 != 0 { err = dsa.ErrInvalidPublicKey @@ -21,7 +21,7 @@ func SignDSA(priv *dsa.PrivateKey, hash []byte, alg HashAlgorithm) (r, s *big.In n >>= 3 generateSecret(priv.Q, priv.X, alg, hash, func(k *big.Int) bool { - kInv := new(big.Int).ModInverse(k, priv.Q) + inv := new(big.Int).ModInverse(k, priv.Q) r = new(big.Int).Exp(priv.G, k, priv.P) r.Mod(r, priv.Q) @@ -34,7 +34,7 @@ func SignDSA(priv *dsa.PrivateKey, hash []byte, alg HashAlgorithm) (r, s *big.In s = new(big.Int).Mul(priv.X, r) s.Add(s, z) s.Mod(s, priv.Q) - s.Mul(s, kInv) + s.Mul(s, inv) s.Mod(s, priv.Q) return s.Sign() != 0 diff --git a/dsa_test.go b/dsa_test.go index fd7296c..4a64918 100644 --- a/dsa_test.go +++ b/dsa_test.go @@ -13,7 +13,7 @@ import ( type dsaFixture struct { name string key *dsaKey - alg HashAlgorithm + alg HashFunc message string r, s string } diff --git a/ecdsa.go b/ecdsa.go index 9bdf4d4..55e9b63 100644 --- a/ecdsa.go +++ b/ecdsa.go @@ -22,19 +22,19 @@ func hashToInt(hash []byte, c elliptic.Curve) *big.Int { return ret } -// Sign signs an arbitrary length hash (which should be the result of hashing a -// larger message) using the private key, priv. It returns the signature as a -// pair of integers. +// SignECDSA signs an arbitrary length hash (which should be the result of +// hashing a larger message) using the private key, priv. It returns the +// signature as a pair of integers. // // Note that FIPS 186-3 section 4.6 specifies that the hash should be truncated // to the byte-length of the subgroup. This function does not perform that // truncation itself. -func SignECDSA(priv *ecdsa.PrivateKey, hash []byte, alg HashAlgorithm) (r, s *big.Int, err error) { +func SignECDSA(priv *ecdsa.PrivateKey, hash []byte, alg HashFunc) (r, s *big.Int, err error) { c := priv.PublicKey.Curve N := c.Params().N generateSecret(N, priv.D, alg, hash, func(k *big.Int) bool { - kInv := new(big.Int).ModInverse(k, N) + inv := new(big.Int).ModInverse(k, N) r, _ = priv.Curve.ScalarBaseMult(k.Bytes()) r.Mod(r, N) @@ -45,7 +45,7 @@ func SignECDSA(priv *ecdsa.PrivateKey, hash []byte, alg HashAlgorithm) (r, s *bi e := hashToInt(hash, c) s = new(big.Int).Mul(priv.D, r) s.Add(s, e) - s.Mul(s, kInv) + s.Mul(s, inv) s.Mod(s, N) return s.Sign() != 0 diff --git a/ecdsa_test.go b/ecdsa_test.go index cc244e7..7955b81 100644 --- a/ecdsa_test.go +++ b/ecdsa_test.go @@ -13,7 +13,7 @@ import ( type ecdsaFixture struct { name string key *ecdsaKey - alg HashAlgorithm + alg HashFunc message string r, s string } diff --git a/rfc6979.go b/rfc6979.go index b3d5941..f5d2289 100644 --- a/rfc6979.go +++ b/rfc6979.go @@ -1,15 +1,13 @@ /* -Paraphrasing RFC6979: +Package rfc6979 is an implementation of RFC 6979's deterministic DSA: - This package implements a deterministic digital signature generation - procedure. Such signatures are compatible with standard Digital - Signature Algorithm (DSA) and Elliptic Curve Digital Signature - Algorithm (ECDSA) digital signatures and can be processed with - unmodified verifiers, which need not be aware of the procedure - described therein. Deterministic signatures retain the cryptographic - security features associated with digital signatures but can be more - easily implemented in various environments, since they do not need - access to a source of high-quality randomness. + Such signatures are compatible with standard Digital Signature Algorithm + (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA) digital + signatures and can be processed with unmodified verifiers, which need not be + aware of the procedure described therein. Deterministic signatures retain + the cryptographic security features associated with digital signatures but + can be more easily implemented in various environments, since they do not + need access to a source of high-quality randomness. Provides functions similar to crypto/dsa and crypto/ecdsa. @@ -24,11 +22,11 @@ import ( "math/big" ) -// A function which provides a fresh Hash (e.g., sha256.New). -type HashAlgorithm func() hash.Hash +// HashFunc is a function which provides a fresh Hash (e.g., sha256.New). +type HashFunc func() hash.Hash // mac returns an HMAC of the given key and message. -func (alg HashAlgorithm) mac(k []byte, m []byte) []byte { +func (alg HashFunc) mac(k []byte, m []byte) []byte { h := hmac.New(alg, k) h.Write(m) return h.Sum(nil) @@ -78,7 +76,7 @@ func bits2octets(in []byte, q *big.Int, qlen, rolen int) []byte { var one = big.NewInt(1) // https://tools.ietf.org/html/rfc6979#section-3.2 -func generateSecret(q, x *big.Int, alg HashAlgorithm, hash []byte, test func(*big.Int) bool) { +func generateSecret(q, x *big.Int, alg HashFunc, hash []byte, test func(*big.Int) bool) { qlen := q.BitLen() holen := alg().Size() rolen := (qlen + 7) >> 3