// GoGOST -- Pure Go GOST cryptographic functions library
-// Copyright (C) 2015-2016 Sergey Matveev <stargrave@stargrave.org>
+// Copyright (C) 2015-2019 Sergey Matveev <stargrave@stargrave.org>
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
)
type PrivateKey struct {
- c *Curve
- ds int
- key *big.Int
+ c *Curve
+ mode Mode
+ key *big.Int
}
-func NewPrivateKey(curve *Curve, ds DigestSize, raw []byte) (*PrivateKey, error) {
- key := make([]byte, len(raw))
- copy(key, raw)
- reverse(key)
+func NewPrivateKey(curve *Curve, mode Mode, raw []byte) (*PrivateKey, error) {
+ if len(raw) != int(mode) {
+ errors.New("Invalid private key length")
+ }
+ key := make([]byte, int(mode))
+ for i := 0; i < len(key); i++ {
+ key[i] = raw[len(raw)-i-1]
+ }
k := bytes2big(key)
if k.Cmp(zero) == 0 {
- return nil, errors.New("zero private key")
+ return nil, errors.New("Zero private key")
}
- return &PrivateKey{curve, int(ds), k}, nil
+ return &PrivateKey{curve, mode, k}, nil
}
-func GenPrivateKey(curve *Curve, ds DigestSize, rand io.Reader) (*PrivateKey, error) {
- raw := make([]byte, int(ds))
+func GenPrivateKey(curve *Curve, mode Mode, rand io.Reader) (*PrivateKey, error) {
+ raw := make([]byte, int(mode))
if _, err := io.ReadFull(rand, raw); err != nil {
return nil, err
}
- return NewPrivateKey(curve, ds, raw)
+ return NewPrivateKey(curve, mode, raw)
}
-func (pk *PrivateKey) Raw() []byte {
- raw := pad(pk.key.Bytes(), pk.ds)
+func (prv *PrivateKey) Raw() []byte {
+ raw := pad(prv.key.Bytes(), int(prv.mode))
reverse(raw)
return raw
}
-func (pk *PrivateKey) PublicKey() (*PublicKey, error) {
- x, y, err := pk.c.Exp(pk.key, pk.c.Bx, pk.c.By)
+func (prv *PrivateKey) PublicKey() (*PublicKey, error) {
+ x, y, err := prv.c.Exp(prv.key, prv.c.Bx, prv.c.By)
if err != nil {
return nil, err
}
- return &PublicKey{pk.c, pk.ds, x, y}, nil
+ return &PublicKey{prv.c, prv.mode, x, y}, nil
}
-func (pk *PrivateKey) SignDigest(digest []byte, rand io.Reader) ([]byte, error) {
- if len(digest) != pk.ds {
- return nil, errors.New("Invalid input digest length")
- }
+func (prv *PrivateKey) SignDigest(digest []byte, rand io.Reader) ([]byte, error) {
e := bytes2big(digest)
- e.Mod(e, pk.c.Q)
+ e.Mod(e, prv.c.Q)
if e.Cmp(zero) == 0 {
e = big.NewInt(1)
}
- kRaw := make([]byte, pk.ds)
+ kRaw := make([]byte, int(prv.mode))
var err error
var k *big.Int
var r *big.Int
return nil, err
}
k = bytes2big(kRaw)
- k.Mod(k, pk.c.Q)
+ k.Mod(k, prv.c.Q)
if k.Cmp(zero) == 0 {
goto Retry
}
- r, _, err = pk.c.Exp(k, pk.c.Bx, pk.c.By)
+ r, _, err = prv.c.Exp(k, prv.c.Bx, prv.c.By)
if err != nil {
return nil, err
}
- r.Mod(r, pk.c.Q)
+ r.Mod(r, prv.c.Q)
if r.Cmp(zero) == 0 {
goto Retry
}
- d.Mul(pk.key, r)
+ d.Mul(prv.key, r)
k.Mul(k, e)
s.Add(d, k)
- s.Mod(s, pk.c.Q)
+ s.Mod(s, prv.c.Q)
if s.Cmp(zero) == 0 {
goto Retry
}
- return append(pad(s.Bytes(), pk.ds), pad(r.Bytes(), pk.ds)...), nil
+ return append(
+ pad(s.Bytes(), int(prv.mode)),
+ pad(r.Bytes(), int(prv.mode))...,
+ ), nil
}