// GoGOST -- Pure Go GOST cryptographic functions library
-// Copyright (C) 2015-2021 Sergey Matveev <stargrave@stargrave.org>
+// Copyright (C) 2015-2024 Sergey Matveev <stargrave@stargrave.org>
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
)
type PublicKey struct {
- C *Curve
- X *big.Int
- Y *big.Int
+ C *Curve
+ X, Y *big.Int
}
-func NewPublicKey(c *Curve, raw []byte) (*PublicKey, error) {
+// Unmarshal LE(X)||LE(Y) public key. "raw" must be 2*c.PointSize() length.
+func NewPublicKeyLE(c *Curve, raw []byte) (*PublicKey, error) {
pointSize := c.PointSize()
key := make([]byte, 2*pointSize)
if len(raw) != len(key) {
}, nil
}
-func (pub *PublicKey) Raw() []byte {
+// Unmarshal BE(X)||BE(Y) public key. "raw" must be 2*c.PointSize() length.
+func NewPublicKeyBE(c *Curve, raw []byte) (*PublicKey, error) {
+ pointSize := c.PointSize()
+ if len(raw) != 2*pointSize {
+ return nil, fmt.Errorf("gogost/gost3410: len(key) != %d", 2*pointSize)
+ }
+ return &PublicKey{
+ c,
+ bytes2big(raw[:pointSize]),
+ bytes2big(raw[pointSize:]),
+ }, nil
+}
+
+// This is an alias for NewPublicKeyLE().
+func NewPublicKey(c *Curve, raw []byte) (*PublicKey, error) {
+ return NewPublicKeyLE(c, raw)
+}
+
+// Marshal LE(X)||LE(Y) public key. raw will be 2*pub.C.PointSize() length.
+func (pub *PublicKey) RawLE() []byte {
pointSize := pub.C.PointSize()
raw := append(
pad(pub.Y.Bytes(), pointSize),
return raw
}
+// Marshal BE(X)||BE(Y) public key. raw will be 2*pub.C.PointSize() length.
+func (pub *PublicKey) RawBE() []byte {
+ pointSize := pub.C.PointSize()
+ return append(
+ pad(pub.X.Bytes(), pointSize),
+ pad(pub.Y.Bytes(), pointSize)...,
+ )
+}
+
+// This is an alias for RawLE().
+func (pub *PublicKey) Raw() []byte {
+ return pub.RawLE()
+}
+
func (pub *PublicKey) VerifyDigest(digest, signature []byte) (bool, error) {
pointSize := pub.C.PointSize()
if len(signature) != 2*pointSize {
- return false, fmt.Errorf("gogost/gost3410: len(signature) != %d", 2*pointSize)
+ return false, fmt.Errorf("gogost/gost3410: len(signature)=%d != %d", len(signature), 2*pointSize)
}
s := bytes2big(signature[:pointSize])
r := bytes2big(signature[pointSize:])
}
return our.X.Cmp(their.X) == 0 && our.Y.Cmp(their.Y) == 0 && our.C.Equal(their.C)
}
+
+type PublicKeyReverseDigest struct {
+ Pub *PublicKey
+}
+
+func (pub PublicKeyReverseDigest) VerifyDigest(
+ digest, signature []byte,
+) (bool, error) {
+ dgst := make([]byte, len(digest))
+ for i := 0; i < len(digest); i++ {
+ dgst[i] = digest[len(digest)-i-1]
+ }
+ return pub.Pub.VerifyDigest(dgst, signature)
+}
+
+func (pub PublicKeyReverseDigest) Equal(theirKey crypto.PublicKey) bool {
+ return pub.Pub.Equal(theirKey)
+}
+
+type PublicKeyReverseDigestAndSignature struct {
+ Pub *PublicKey
+}
+
+func (pub PublicKeyReverseDigestAndSignature) VerifyDigest(
+ digest, signature []byte,
+) (bool, error) {
+ dgst := make([]byte, len(digest))
+ for i := 0; i < len(digest); i++ {
+ dgst[i] = digest[len(digest)-i-1]
+ }
+ sign := make([]byte, len(signature))
+ for i := 0; i < len(signature); i++ {
+ sign[i] = signature[len(signature)-i-1]
+ }
+ return pub.Pub.VerifyDigest(dgst, sign)
+}
+
+func (pub PublicKeyReverseDigestAndSignature) Equal(theirKey crypto.PublicKey) bool {
+ return pub.Pub.Equal(theirKey)
+}