forked from veraison/go-cose
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ed25519.go
48 lines (41 loc) · 1.43 KB
/
ed25519.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
package cose
import (
"crypto"
"crypto/ed25519"
"io"
)
// ed25519Signer is a Pure EdDSA based signer with a generic crypto.Signer.
type ed25519Signer struct {
key crypto.Signer
}
// Algorithm returns the signing algorithm associated with the private key.
func (es *ed25519Signer) Algorithm() Algorithm {
return AlgorithmEd25519
}
// Sign signs digest with the private key, possibly using entropy from rand.
// The resulting signature should follow RFC 8152 section 8.2.
//
// Reference: https://datatracker.ietf.org/doc/html/rfc8152#section-8.2
func (es *ed25519Signer) Sign(rand io.Reader, digest []byte) ([]byte, error) {
// crypto.Hash(0) must be passed as an option.
// Reference: https://pkg.go.dev/crypto/ed25519#PrivateKey.Sign
return es.key.Sign(rand, digest, crypto.Hash(0))
}
// ed25519Verifier is a Pure EdDSA based verifier with golang built-in keys.
type ed25519Verifier struct {
key ed25519.PublicKey
}
// Algorithm returns the signing algorithm associated with the public key.
func (ev *ed25519Verifier) Algorithm() Algorithm {
return AlgorithmEd25519
}
// Verify verifies digest with the public key, returning nil for success.
// Otherwise, it returns ErrVerification.
//
// Reference: https://datatracker.ietf.org/doc/html/rfc8152#section-8.2
func (ev *ed25519Verifier) Verify(digest []byte, signature []byte) error {
if verified := ed25519.Verify(ev.key, digest, signature); !verified {
return ErrVerification
}
return nil
}