blindrsa

package
v0.0.0-...-8e3605f Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 9, 2022 License: BSD-3-Clause Imports: 11 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// PSSSaltLengthAuto causes the salt in a PSS signature to be as large
	// as possible when signing, and to be auto-detected when verifying.
	PSSSaltLengthAuto = 0
	// PSSSaltLengthEqualsHash causes the salt length to equal the length
	// of the hash used in the signature.
	PSSSaltLengthEqualsHash = -1
)

Variables

View Source 
var (
	// ErrUnexpectedSize is the error used if the size of a parameter does not match its expected value.
	ErrUnexpectedSize = errors.New("blindsign/blindrsa: unexpected input size")

	// ErrInvalidMessageLength is the error used if the size of a protocol message does not match its expected value.
	ErrInvalidMessageLength = errors.New("blindsign/blindrsa: invalid message length")

	// ErrInvalidBlind is the error used if the blind generated by the Verifier fails.
	ErrInvalidBlind = errors.New("blindsign/blindrsa: invalid blind")

	// ErrInvalidRandomness is the error used if caller did not provide randomness to the Blind() function.
	ErrInvalidRandomness = errors.New("blindsign/blindrsa: invalid random parameter")
)
View Source 
var ErrVerification = errors.New("crypto/rsa: verification error")

ErrVerification represents a failure to verify a signature. It is deliberately vague to avoid adaptive attacks.

Functions

func SignPSS 

func SignPSS(rand io.Reader, priv *rsa.PrivateKey, hash crypto.Hash, digest []byte, opts *PSSOptions) ([]byte, error)

SignPSS calculates the signature of digest using PSS.

digest must be the result of hashing the input message using the given hash function. The opts argument may be nil, in which case sensible defaults are used. If opts.Hash is set, it overrides hash.

func VerifyPSS 

func VerifyPSS(pub *rsa.PublicKey, hash hash.Hash, digest []byte, sig []byte, opts *PSSOptions) error

VerifyPSS verifies a PSS signature.

A valid signature is indicated by returning a nil error. digest must be the result of hashing the input message using the given hash function. The opts argument may be nil, in which case sensible defaults are used. opts.Hash is ignored.

Types

type PSSOptions 

type PSSOptions struct {
	// SaltLength controls the length of the salt used in the PSS
	// signature. It can either be a number of bytes, or one of the special
	// PSSSaltLength constants.
	SaltLength int

	// Hash is the hash function used to generate the message digest. If not
	// zero, it overrides the hash function passed to SignPSS. It's required
	// when using PrivateKey.Sign.
	Hash crypto.Hash
}

PSSOptions contains options for creating and verifying PSS signatures.

func (*PSSOptions) HashFunc 

func (opts *PSSOptions) HashFunc() crypto.Hash

HashFunc returns opts.Hash so that PSSOptions implements crypto.SignerOpts.

type RSASigner 

type RSASigner struct {
	// contains filtered or unexported fields
}

An RSASigner represents the Signer in the blind RSA protocol. It carries the raw RSA private key used for signing blinded messages.

func NewRSASigner 

func NewRSASigner(sk *rsa.PrivateKey) RSASigner

NewRSASigner creates a new Signer for the blind RSA protocol using an RSA private key.

func (RSASigner) BlindSign 

func (signer RSASigner) BlindSign(data []byte) ([]byte, error)

BlindSign blindly computes the RSA operation using the Signer's private key on the blinded message input, if it's of valid length, and returns an error should the function fail.

See the specification for more details: https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-rsa-blind-signatures-02#section-5.1.2

type RSAVerifier 

type RSAVerifier struct {
	// contains filtered or unexported fields
}

An RSAVerifier represents a Verifier in the RSA blind signature protocol. It carries state needed to produce and validate an RSA blind signature.

func NewRSAVerifier 

func NewRSAVerifier(pk *rsa.PublicKey, hash hash.Hash) RSAVerifier

NewRSAVerifier creates a new RSAVerifier using the corresponding Signer parameters.

func (RSAVerifier) Blind 

func (v RSAVerifier) Blind(random io.Reader, message []byte) ([]byte, blindsign.VerifierState, error)

Blind initializes the blind RSA protocol using an input message and source of randomness. The signature includes a randomly generated PSS salt whose length equals the size of the underlying hash function. This function fails if randomness was not provided.

See the specification for more details: https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-rsa-blind-signatures-02#section-5.1.1

type RSAVerifierState 

type RSAVerifierState struct {
	// contains filtered or unexported fields
}

An RSAVerifierState carries state needed to complete the blind signature protocol as a verifier.

func (RSAVerifierState) Finalize 

func (state RSAVerifierState) Finalize(data []byte) ([]byte, error)

Finalize computes and outputs the final signature, if it's valid. Otherwise, it returns an error.

See the specification for more details: https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-rsa-blind-signatures-02#section-5.1.3

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.