File: ecc.go

package info (click to toggle)
golang-github-dvsekhvalnov-jose2go 1.5-1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, bullseye, forky, sid, trixie
  • size: 440 kB
  • sloc: makefile: 4
file content (88 lines) | stat: -rw-r--r-- 2,436 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
 
//package ecc provides helpers for creating elliptic curve leys
package ecc

import (
	"math/big"
	"crypto/ecdsa"
	"crypto/elliptic"	
    "crypto/x509"
	"encoding/pem"	
	"errors"
)

// ReadPublic loads ecdsa.PublicKey from given PKCS1 X509 or PKIX blobs
func ReadPublic(raw []byte) (key *ecdsa.PublicKey,err error) {
	var encoded *pem.Block
	
	if encoded, _ = pem.Decode(raw); encoded == nil {
		return nil, errors.New("Ecc.ReadPublic(): Key must be PEM encoded PKCS1 X509 certificate or PKIX EC public key")
	}
		
	var parsedKey interface{}
	var cert *x509.Certificate
	
	if parsedKey, err = x509.ParsePKIXPublicKey(encoded.Bytes); err != nil {
		if cert,err = x509.ParseCertificate(encoded.Bytes);err!=nil {
			return nil, err
		}
		
		parsedKey=cert.PublicKey
	}
	
	var ok bool
	
	if key, ok = parsedKey.(*ecdsa.PublicKey); !ok {
		return nil, errors.New("Ecc.ReadPublic(): Key is not a valid *ecdsa.PublicKey")
	}
	
	return key, nil
}

// ReadPrivate loads ecdsa.PrivateKey from given PKCS1 or PKCS8 blobs
func ReadPrivate(raw []byte) (key *ecdsa.PrivateKey,err error) {
	var encoded *pem.Block

	if encoded, _ = pem.Decode(raw); encoded == nil {
		return nil, errors.New("Ecc.ReadPrivate(): Key must be PEM encoded PKCS1 or PKCS8 EC private key")
	}

	var parsedKey interface{}

	if parsedKey,err=x509.ParseECPrivateKey(encoded.Bytes);err!=nil {
		if parsedKey, err = x509.ParsePKCS8PrivateKey(encoded.Bytes);err!=nil {
			return nil,err
		}
	}

	var ok bool
		
	if key,ok=parsedKey.(*ecdsa.PrivateKey);!ok {
		return nil, errors.New("Ecc.ReadPrivate(): Key is not valid *ecdsa.PrivateKey")
	}
	
	return key,nil
}

// NewPublic constructs ecdsa.PublicKey from given (X,Y)
func NewPublic(x,y []byte) (*ecdsa.PublicKey) {
	return &ecdsa.PublicKey{ Curve: curve(len(x)), 
							 X:new(big.Int).SetBytes(x), 
							 Y:new(big.Int).SetBytes(y) }
}

// NewPrivate constructs ecdsa.PrivateKey from given (X,Y) and D
func NewPrivate(x,y,d []byte) (*ecdsa.PrivateKey) {
	return &ecdsa.PrivateKey {D:new(big.Int).SetBytes(d),
							  PublicKey: ecdsa.PublicKey{ Curve:curve(len(x)),
								  						  X:new(big.Int).SetBytes(x), 
														  Y:new(big.Int).SetBytes(y)}}
}

func curve(size int) (elliptic.Curve) {
	switch size {
		case 32: return elliptic.P256()
		case 48: return elliptic.P384()
		case 65,66: return elliptic.P521() //adjust for P-521 curve, which can be 65 or 66 bytes
		default: return nil //unsupported curve
	}
}