diff options
| author | Jesper B. Rosenkilde <jbr@humppa.dk> | 2022-05-06 16:06:19 +0200 |
|---|---|---|
| committer | Jesper B. Rosenkilde <jbr@humppa.dk> | 2022-05-06 16:06:19 +0200 |
| commit | 89c0960c3c03d45a8db3ec9e6348e35301cb03ce (patch) | |
| tree | 355420dc2de5cc2082e744efb00499bbd7c454a0 /funcs | |
| parent | 4337ba7131e3d9bb00134046c08c2ad7e4b2148c (diff) | |
Add ECDSA generation functions to crypto funcs
ECDSAGenerateKey takes one of Go's supported named NIST curves and an
argument and returns a newly generated EC private key PEM encoded.
ECDSADerivePublicKey takes a PEM encoded EC private key and derives the
corresponding public key, which is returned PEM encoded.
Diffstat (limited to 'funcs')
| -rw-r--r-- | funcs/crypto.go | 24 | ||||
| -rw-r--r-- | funcs/crypto_test.go | 31 |
2 files changed, 55 insertions, 0 deletions
diff --git a/funcs/crypto.go b/funcs/crypto.go index 6a1156fc..4df8f193 100644 --- a/funcs/crypto.go +++ b/funcs/crypto.go @@ -250,6 +250,30 @@ func (f *CryptoFuncs) RSADerivePublicKey(privateKey string) (string, error) { return string(out), err } +// ECDSAGenerateKey - - +// Experimental! +func (f *CryptoFuncs) ECDSAGenerateKey(args ...interface{}) (string, error) { + if err := checkExperimental(f.ctx); err != nil { + return "", err + } + curve := "P-256" + if len(args) == 1 { + curve = conv.ToString(args[0]) + } else if len(args) > 1 { + return "", fmt.Errorf("wrong number of args: want 0 or 1, got %d", len(args)) + } + out, err := crypto.ECDSAGenerateKey(curve) + return string(out), err +} + +func (f *CryptoFuncs) ECDSADerivePublicKey(privateKey string) (string, error) { + if err := checkExperimental(f.ctx); err != nil { + return "", err + } + out, err := crypto.ECDSADerivePublicKey([]byte(privateKey)) + return string(out), err +} + // EncryptAES - func (f *CryptoFuncs) EncryptAES(key string, args ...interface{}) ([]byte, error) { k, msg, err := parseAESArgs(key, args...) diff --git a/funcs/crypto_test.go b/funcs/crypto_test.go index 5faa3c6a..d14b37e6 100644 --- a/funcs/crypto_test.go +++ b/funcs/crypto_test.go @@ -115,6 +115,37 @@ func TestRSAGenerateKey(t *testing.T) { "-----END RSA PRIVATE KEY-----\n")) } +func TestECDSAGenerateKey(t *testing.T) { + c := testCryptoNS() + _, err := c.ECDSAGenerateKey("") + assert.Error(t, err) + + _, err = c.ECDSAGenerateKey(0, "P-999", true) + assert.Error(t, err) + + key, err := c.ECDSAGenerateKey("P-256") + assert.NoError(t, err) + assert.True(t, strings.HasPrefix(key, + "-----BEGIN EC PRIVATE KEY-----")) + assert.True(t, strings.HasSuffix(key, + "-----END EC PRIVATE KEY-----\n")) +} + +func TestECDSADerivePublicKey(t *testing.T) { + c := testCryptoNS() + + _, err := c.ECDSADerivePublicKey("") + assert.Error(t, err) + + key, _ := c.ECDSAGenerateKey("P-256") + pub, err := c.ECDSADerivePublicKey(key) + assert.NoError(t, err) + assert.True(t, strings.HasPrefix(pub, + "-----BEGIN PUBLIC KEY-----")) + assert.True(t, strings.HasSuffix(pub, + "-----END PUBLIC KEY-----\n")) +} + func TestRSACrypt(t *testing.T) { if testing.Short() { t.Skip("skipping slow test") |