Key *big.Int
}
+// Unmarshal little-endian private key. "raw" must be c.PointSize() length.
func NewPrivateKey(c *Curve, raw []byte) (*PrivateKey, error) {
pointSize := c.PointSize()
if len(raw) != pointSize {
- return nil, fmt.Errorf("gogost/gost3410: len(key) != %d", pointSize)
+ return nil, fmt.Errorf("gogost/gost3410: len(key)=%d != %d", len(raw), pointSize)
}
key := make([]byte, pointSize)
for i := 0; i < len(key); i++ {
func GenPrivateKey(c *Curve, rand io.Reader) (*PrivateKey, error) {
raw := make([]byte, c.PointSize())
if _, err := io.ReadFull(rand, raw); err != nil {
- return nil, err
+ return nil, fmt.Errorf("gogost/gost3410.GenPrivateKey: %w", err)
}
return NewPrivateKey(c, raw)
}
-func (prv *PrivateKey) Raw() []byte {
- raw := pad(prv.Key.Bytes(), prv.C.PointSize())
+// Marshal little-endian private key. raw will be prv.C.PointSize() length.
+func (prv *PrivateKey) Raw() (raw []byte) {
+ raw = pad(prv.Key.Bytes(), prv.C.PointSize())
reverse(raw)
return raw
}
func (prv *PrivateKey) PublicKey() (*PublicKey, error) {
x, y, err := prv.C.Exp(prv.Key, prv.C.X, prv.C.Y)
if err != nil {
- return nil, err
+ return nil, fmt.Errorf("gogost/gost3410.PrivateKey.PublicKey: %w", err)
}
return &PublicKey{prv.C, x, y}, nil
}
s := big.NewInt(0)
Retry:
if _, err = io.ReadFull(rand, kRaw); err != nil {
- return nil, err
+ return nil, fmt.Errorf("gogost/gost3410.PrivateKey.SignDigest: %w", err)
}
k = bytes2big(kRaw)
k.Mod(k, prv.C.Q)
}
r, _, err = prv.C.Exp(k, prv.C.X, prv.C.Y)
if err != nil {
- return nil, err
+ return nil, fmt.Errorf("gogost/gost3410.PrivateKey.SignDigest: %w", err)
}
r.Mod(r, prv.C.Q)
if r.Cmp(zero) == 0 {
), nil
}
+// Sign the digest. opts argument is unused.
func (prv *PrivateKey) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error) {
return prv.SignDigest(digest, rand)
}