package ecdsa

Import Path
	crypto/ecdsa (on go.dev)

Dependency Relation
	imports 11 packages, and imported by 4 packages

Involved Source Files

	   #d ecdsa.go
		Package ecdsa implements the Elliptic Curve Digital Signature Algorithm, as
		defined in FIPS 186-4 and SEC 1, Version 2.0.

		Signatures generated by this package are not deterministic, but entropy is
		mixed with the private key and the message, achieving the same level of
		security in case of randomness source failure.

	      ecdsa_noasm.go
Code Examples

	
		package main
		
		import (
			"crypto/ecdsa"
			"crypto/elliptic"
			"crypto/rand"
			"crypto/sha256"
			"fmt"
		)
		
		func main() {
			privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
			if err != nil {
				panic(err)
			}
		
			msg := "hello, world"
			hash := sha256.Sum256([]byte(msg))
		
			sig, err := ecdsa.SignASN1(rand.Reader, privateKey, hash[:])
			if err != nil {
				panic(err)
			}
			fmt.Printf("signature: %x\n", sig)
		
			valid := ecdsa.VerifyASN1(&privateKey.PublicKey, hash[:], sig)
			fmt.Println("signature verified:", valid)
		}


Package-Level Type Names (total 5, in which 2 are exported)

	/* sort exporteds by: alphabet | popularity */
	 type PrivateKey (struct)
		PrivateKey represents an ECDSA private key.

		Fields (total 5, all are exported)
			D *big.Int
			PublicKey PublicKey
			PublicKey.Curve elliptic.Curve
			PublicKey.X *big.Int
			PublicKey.Y *big.Int
		Methods (total 9, all are exported)
			( PrivateKey) Add(x1, y1, x2, y2 *big.Int) (x, y *big.Int)
				Add returns the sum of (x1,y1) and (x2,y2)

			( PrivateKey) Double(x1, y1 *big.Int) (x, y *big.Int)
				Double returns 2*(x,y)

			(*PrivateKey) Equal(x crypto.PrivateKey) bool
				Equal reports whether priv and x have the same value.

				See PublicKey.Equal for details on how Curve is compared.

			( PrivateKey) IsOnCurve(x, y *big.Int) bool
				IsOnCurve reports whether the given (x,y) lies on the curve.

			( PrivateKey) Params() *elliptic.CurveParams
				Params returns the parameters for the curve.

			(*PrivateKey) Public() crypto.PublicKey
				Public returns the public key corresponding to priv.

			( PrivateKey) ScalarBaseMult(k []byte) (x, y *big.Int)
				ScalarBaseMult returns k*G, where G is the base point of the group
				and k is an integer in big-endian form.

			( PrivateKey) ScalarMult(x1, y1 *big.Int, k []byte) (x, y *big.Int)
				ScalarMult returns k*(Bx,By) where k is a number in big-endian form.

			(*PrivateKey) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)
				Sign signs digest with priv, reading randomness from rand. The opts argument
				is not currently used but, in keeping with the crypto.Signer interface,
				should be the hash function used to digest the message.

				This method implements crypto.Signer, which is an interface to support keys
				where the private part is kept in, for example, a hardware module. Common
				uses can use the SignASN1 function in this package directly.

		Implements (at least 2, both are exported)
			*PrivateKey : crypto.Signer
			 PrivateKey : crypto/elliptic.Curve
		As Outputs Of (at least 6, in which 4 are exported)
			func GenerateKey(c elliptic.Curve, rand io.Reader) (*PrivateKey, error)
			func crypto/x509.ParseECPrivateKey(der []byte) (*PrivateKey, error)
			func github.com/aws/aws-sdk-go-v2/internal/v4a/internal/crypto.ECDSAKey(curve elliptic.Curve, d []byte) *PrivateKey
			func github.com/aws/aws-sdk-go-v2/internal/v4a/internal/crypto.ECDSAKeyFromPoint(curve elliptic.Curve, d *big.Int) *PrivateKey
			/* 2+ unexporteds ... *//* 2+ unexporteds: */
			func crypto/x509.parseECPrivateKey(namedCurveOID *asn1.ObjectIdentifier, der []byte) (key *PrivateKey, err error)
			func github.com/aws/aws-sdk-go-v2/internal/v4a.deriveKeyFromAccessKeyPair(accessKey, secretKey string) (*PrivateKey, error)
		As Inputs Of (at least 6, in which 3 are exported)
			func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)
			func SignASN1(rand io.Reader, priv *PrivateKey, hash []byte) ([]byte, error)
			func crypto/x509.MarshalECPrivateKey(key *PrivateKey) ([]byte, error)
			/* 3+ unexporteds ... *//* 3+ unexporteds: */
			func sign(priv *PrivateKey, csprng *cipher.StreamReader, c elliptic.Curve, hash []byte) (r, s *big.Int, err error)
			func signGeneric(priv *PrivateKey, csprng *cipher.StreamReader, c elliptic.Curve, hash []byte) (r, s *big.Int, err error)
			func crypto/x509.marshalECPrivateKeyWithOID(key *PrivateKey, oid asn1.ObjectIdentifier) ([]byte, error)

	 type PublicKey (struct)
		PublicKey represents an ECDSA public key.

		Fields (total 3, all are exported)
			Curve elliptic.Curve
			X *big.Int
			Y *big.Int
		Methods (total 7, all are exported)
			( PublicKey) Add(x1, y1, x2, y2 *big.Int) (x, y *big.Int)
				Add returns the sum of (x1,y1) and (x2,y2)

			( PublicKey) Double(x1, y1 *big.Int) (x, y *big.Int)
				Double returns 2*(x,y)

			(*PublicKey) Equal(x crypto.PublicKey) bool
				Equal reports whether pub and x have the same value.

				Two keys are only considered to have the same value if they have the same Curve value.
				Note that for example elliptic.P256() and elliptic.P256().Params() are different
				values, as the latter is a generic not constant time implementation.

			( PublicKey) IsOnCurve(x, y *big.Int) bool
				IsOnCurve reports whether the given (x,y) lies on the curve.

			( PublicKey) Params() *elliptic.CurveParams
				Params returns the parameters for the curve.

			( PublicKey) ScalarBaseMult(k []byte) (x, y *big.Int)
				ScalarBaseMult returns k*G, where G is the base point of the group
				and k is an integer in big-endian form.

			( PublicKey) ScalarMult(x1, y1 *big.Int, k []byte) (x, y *big.Int)
				ScalarMult returns k*(Bx,By) where k is a number in big-endian form.

		Implements (at least one exported)
			 PublicKey : crypto/elliptic.Curve
		As Outputs Of (at least one exported)
			func github.com/aws/aws-sdk-go-v2/internal/v4a/internal/crypto.ECDSAPublicKey(curve elliptic.Curve, x, y []byte) (*PublicKey, error)
		As Inputs Of (at least 5, in which 3 are exported)
			func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool
			func VerifyASN1(pub *PublicKey, hash, sig []byte) bool
			func github.com/aws/aws-sdk-go-v2/internal/v4a/internal/crypto.VerifySignature(key *PublicKey, hash []byte, signature []byte) (bool, error)
			/* 2+ unexporteds ... *//* 2+ unexporteds: */
			func verify(pub *PublicKey, c elliptic.Curve, hash []byte, r, s *big.Int) bool
			func verifyGeneric(pub *PublicKey, c elliptic.Curve, hash []byte, r, s *big.Int) bool

	/* 3 unexporteds ... *//* 3 unexporteds: */
	 type combinedMult (interface)
		A combinedMult implements fast combined multiplication for verification.

		Methods (only one, which is exported)
			( combinedMult) CombinedMult(Px, Py *big.Int, s1, s2 []byte) (x, y *big.Int)
				CombinedMult returns [s1]G + [s2]P where G is the generator.

		Implemented By (at least one unexported)
			/* at least one unexported ... *//* at least one unexported: */
			 crypto/elliptic.p256Curve

	 type invertible (interface)
		A invertible implements fast inverse in GF(N).

		Methods (only one, which is exported)
			( invertible) Inverse(k *big.Int) *big.Int
				Inverse returns the inverse of k mod Params().N.

		Implemented By (at least one unexported)
			/* at least one unexported ... *//* at least one unexported: */
			 crypto/elliptic.p256Curve

	 type zr (struct)

		Fields (only one, which is exported)
			Reader io.Reader
		Methods (only one, which is exported)
			(*zr) Read(dst []byte) (n int, err error)
				Read replaces the contents of dst with zeros.

		Implements (at least one exported)
			*zr : io.Reader
		As Types Of (only one, which is unexported)
			/* one unexported ... *//* one unexported: */
			  var zeroReader *zr


Package-Level Functions (total 12, in which 5 are exported)

	 func GenerateKey(c elliptic.Curve, rand io.Reader) (*PrivateKey, error)
		GenerateKey generates a public and private key pair.

	 func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)
		Sign signs a hash (which should be the result of hashing a larger message)
		using the private key, priv. If the hash is longer than the bit-length of the
		private key's curve order, the hash will be truncated to that length. It
		returns the signature as a pair of integers. Most applications should use
		SignASN1 instead of dealing directly with r, s.

	 func SignASN1(rand io.Reader, priv *PrivateKey, hash []byte) ([]byte, error)
		SignASN1 signs a hash (which should be the result of hashing a larger message)
		using the private key, priv. If the hash is longer than the bit-length of the
		private key's curve order, the hash will be truncated to that length. It
		returns the ASN.1 encoded signature.

	 func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool
		Verify verifies the signature in r, s of hash using the public key, pub. Its
		return value records whether the signature is valid. Most applications should
		use VerifyASN1 instead of dealing directly with r, s.

	 func VerifyASN1(pub *PublicKey, hash, sig []byte) bool
		VerifyASN1 verifies the ASN.1 encoded signature, sig, of hash using the
		public key, pub. Its return value records whether the signature is valid.

	/* 7 unexporteds ... *//* 7 unexporteds: */
	 func fermatInverse(k, N *big.Int) *big.Int
		fermatInverse calculates the inverse of k in GF(P) using Fermat's method
		(exponentiation modulo P - 2, per Euler's theorem). This has better
		constant-time properties than Euclid's method (implemented in
		math/big.Int.ModInverse and FIPS 186-4, Appendix C.1) although math/big
		itself isn't strictly constant-time so it's not perfect.

	 func hashToInt(hash []byte, c elliptic.Curve) *big.Int
		hashToInt converts a hash value to an integer. Per FIPS 186-4, Section 6.4,
		we use the left-most bits of the hash to match the bit-length of the order of
		the curve. This also performs Step 5 of SEC 1, Version 2.0, Section 4.1.3.

	 func randFieldElement(c elliptic.Curve, rand io.Reader) (k *big.Int, err error)
		randFieldElement returns a random element of the order of the given
		curve using the procedure given in FIPS 186-4, Appendix B.5.1.

	 func sign(priv *PrivateKey, csprng *cipher.StreamReader, c elliptic.Curve, hash []byte) (r, s *big.Int, err error)
	 func signGeneric(priv *PrivateKey, csprng *cipher.StreamReader, c elliptic.Curve, hash []byte) (r, s *big.Int, err error)
	 func verify(pub *PublicKey, c elliptic.Curve, hash []byte, r, s *big.Int) bool
	 func verifyGeneric(pub *PublicKey, c elliptic.Curve, hash []byte, r, s *big.Int) bool
Package-Level Variables (total 3, none are exported)

	/* 3 unexporteds ... *//* 3 unexporteds: */
	  var errZeroParam error
	  var one *big.Int
	  var zeroReader *zr
Package-Level Constants (only one, which is unexported)

	/* one unexported ... *//* one unexported: */
	const aesIV = "IV for ECDSA CTR"

The pages are generated with Golds v0.4.9. (GOOS=linux GOARCH=amd64)