Beispiel #1
0
func main() {
	var privateKey dsa.PrivateKey
	params := &privateKey.Parameters

	// L2048N224 is length of L and N
	if err := dsa.GenerateParameters(params, rand.Reader, dsa.L2048N224); err != nil {
		fmt.Printf("Err: %s", err)
		return
	}

	if err := dsa.GenerateKey(&privateKey, rand.Reader); err != nil {
		fmt.Printf("Err: %s", err)
		return
	}

	hashed := []byte("This is test hashed message")

	// It returns the signature as a pair of integers.
	r, s, err := dsa.Sign(rand.Reader, &privateKey, hashed)
	if err != nil {
		fmt.Printf("Err: %s", err)
		return
	}

	// Check signnature can be verified
	publicKey := &privateKey.PublicKey
	if dsa.Verify(publicKey, hashed, r, s) {
		fmt.Printf("Verified\n")
	}
}
Beispiel #2
0
func generateDSAKey(size uint) (*dsaKey, error) {
	dsakey := new(dsaKey)
	if size == 0 {
		size = T_DSA_PRIV.defaultSize()
	}
	if !T_DSA_PRIV.isAcceptableSize(size) {
		return nil, ErrInvalidKeySize
	}
	var psz dsa.ParameterSizes
	switch size {
	case 1024:
		psz = dsa.L1024N160
	default:
		panic("unknown dsa key size")
	}
	err := dsa.GenerateParameters(&dsakey.key.PublicKey.Parameters, rand.Reader, psz)
	if err != nil {
		return nil, err
	}
	err = dsa.GenerateKey(&dsakey.key, rand.Reader)
	if err != nil {
		return nil, err
	}
	dsakey.publicKey.key = dsakey.key.PublicKey
	return dsakey, nil
}
Beispiel #3
0
// Generates a compatible OpenSSH private key. The key is in the
// raw Go key format. To convert this to a PEM encoded key, see
// MarshalPrivate.
func GenerateKey(keytype Type, size int) (key interface{}, err error) {
	switch keytype {
	case KEY_RSA:
		if size < 2048 {
			return nil, ErrInvalidKeySize
		}
		var rsakey *rsa.PrivateKey
		rsakey, err = rsa.GenerateKey(PRNG, size)
		if err != nil {
			return
		}
		key = rsakey
	case KEY_ECDSA:
		var eckey *ecdsa.PrivateKey
		switch size {
		case 256:
			eckey, err = ecdsa.GenerateKey(elliptic.P256(), PRNG)
		case 384:
			eckey, err = ecdsa.GenerateKey(elliptic.P384(), PRNG)
		case 521:
			eckey, err = ecdsa.GenerateKey(elliptic.P521(), PRNG)
		default:
			return nil, ErrInvalidKeySize
		}
		key = eckey
	case KEY_DSA:
		var sizes dsa.ParameterSizes
		switch size {
		case 1024:
			sizes = dsa.L1024N160
		case 2048:
			sizes = dsa.L2048N256
		case 3072:
			sizes = dsa.L3072N256
		default:
			err = ErrInvalidKeySize
			return
		}

		params := dsa.Parameters{}
		err = dsa.GenerateParameters(&params, rand.Reader, sizes)
		if err != nil {
			return
		}

		dsakey := &dsa.PrivateKey{
			PublicKey: dsa.PublicKey{
				Parameters: params,
			},
		}
		err = dsa.GenerateKey(dsakey, rand.Reader)
		if err != nil {
			return
		}
		key = dsakey
	}

	return
}
Beispiel #4
0
// generate a dsa keypair
func generateDSA(priv *dsa.PrivateKey, rand io.Reader) error {
	// put our paramters in
	priv.P = param.P
	priv.Q = param.Q
	priv.G = param.G
	// generate the keypair
	return dsa.GenerateKey(priv, rand)
}
Beispiel #5
0
func (priv *PrivateKey) Generate(rand io.Reader) {
	if err := dsa.GenerateParameters(&priv.PrivateKey.PublicKey.Parameters, rand, dsa.L1024N160); err != nil {
		panic(err.Error())
	}
	if err := dsa.GenerateKey(&priv.PrivateKey, rand); err != nil {
		panic(err.Error())
	}
	priv.PublicKey.PublicKey = priv.PrivateKey.PublicKey
}
Beispiel #6
0
// Generate will generate a new DSA Private Key with the randomness provided. The parameter size used is 1024 and 160.
func (priv *PrivateKey) Generate(rand io.Reader) error {
	if err := dsa.GenerateParameters(&priv.PrivateKey.PublicKey.Parameters, rand, dsa.L1024N160); err != nil {
		return err
	}
	if err := dsa.GenerateKey(&priv.PrivateKey, rand); err != nil {
		return err
	}
	priv.PublicKey.PublicKey = priv.PrivateKey.PublicKey
	return nil
}
func TestNewSignatureVerifierFailsWithUnsupportedKeyType(t *testing.T) {
	var k dsa.PrivateKey
	if err := dsa.GenerateParameters(&k.Parameters, rand.Reader, dsa.L1024N160); err != nil {
		t.Fatalf("Failed to generate DSA key parameters: %v", err)
	}
	if err := dsa.GenerateKey(&k, rand.Reader); err != nil {
		t.Fatalf("Failed to generate DSA key: %v", err)
	}
	if _, err := NewSignatureVerifier(k); err == nil {
		t.Fatal("Creating a SignatureVerifier with a DSA key unexpectedly succeeded")
	}
}
Beispiel #8
0
func MakeKey() *dsa.PrivateKey {
	key := new(dsa.PrivateKey)
	err := dsa.GenerateParameters(&key.Parameters, rand.Reader, dsa.L2048N256)
	if err != nil {
		log.Fatalf("failed to parameters: %s", err)
	}
	err = dsa.GenerateKey(key, rand.Reader)
	if err != nil {
		log.Fatalf("failed to generate key: %s", err)
	}
	return key
}
Beispiel #9
0
func TestDSA(t *testing.T) {
	params := dsa.Parameters{}
	if !assert.NoError(t, dsa.GenerateParameters(&params, rand.Reader, dsa.L2048N256), "Parameter generation succeeds") {
		return
	}

	privkey := dsa.PrivateKey{
		PublicKey: dsa.PublicKey{
			Parameters: params,
		},
	}

	if !assert.NoError(t, dsa.GenerateKey(&privkey, rand.Reader), "GenerateKey succeeds") {
		return
	}

	key := NewDSA(&privkey.PublicKey)
	xmlstr, err := key.Serialize()
	if !assert.NoError(t, err, "Serialize succeeds") {
		return
	}

	t.Logf("%s", xmlstr)

	key2, err := Parse([]byte(xmlstr))
	if !assert.NoError(t, err, "Parse succeeds") {
		return
	}

	switch key2.(type) {
	case *DSA:
	default:
		if !assert.Fail(t, "expected *DSA type, but got something else") {
			return
		}
	}
}
Beispiel #10
0
func generateDSAKey() ([]byte, []byte, error) {
	params := &dsa.Parameters{}
	if err := dsa.GenerateParameters(params, rand.Reader, dsa.L1024N160); err != nil {
		return nil, nil, err
	}
	dsaKey := &dsa.PrivateKey{
		PublicKey: dsa.PublicKey{
			Parameters: *params,
		},
	}
	if err := dsa.GenerateKey(dsaKey, rand.Reader); err != nil {
		return nil, nil, err
	}
	pubKey, err := ssh.NewPublicKey(&dsaKey.PublicKey)
	if err != nil {
		return nil, nil, err
	}
	dsaKeyASN1, err := asn1.Marshal(struct {
		Version       int
		P, Q, G, Y, X *big.Int
	}{
		0,
		dsaKey.P,
		dsaKey.Q,
		dsaKey.G,
		dsaKey.Y,
		dsaKey.X,
	})
	if err != nil {
		return nil, nil, err
	}
	return pem.EncodeToMemory(&pem.Block{
		Type:  "DSA PRIVATE KEY",
		Bytes: dsaKeyASN1,
	}), ssh.MarshalAuthorizedKey(pubKey), nil
}
Beispiel #11
0
// Generate generates a DNSKEY of the given bit size.
// The public part is put inside the DNSKEY record.
// The Algorithm in the key must be set as this will define
// what kind of DNSKEY will be generated.
// The ECDSA algorithms imply a fixed keysize, in that case
// bits should be set to the size of the algorithm.
func (r *RR_DNSKEY) Generate(bits int) (PrivateKey, error) {
	switch r.Algorithm {
	case DSA, DSANSEC3SHA1:
		if bits != 1024 {
			return nil, ErrKeySize
		}
	case RSAMD5, RSASHA1, RSASHA256, RSASHA1NSEC3SHA1:
		if bits < 512 || bits > 4096 {
			return nil, ErrKeySize
		}
	case RSASHA512:
		if bits < 1024 || bits > 4096 {
			return nil, ErrKeySize
		}
	case ECDSAP256SHA256:
		if bits != 256 {
			return nil, ErrKeySize
		}
	case ECDSAP384SHA384:
		if bits != 384 {
			return nil, ErrKeySize
		}
	}

	switch r.Algorithm {
	case DSA, DSANSEC3SHA1:
		params := new(dsa.Parameters)
		if err := dsa.GenerateParameters(params, rand.Reader, dsa.L1024N160); err != nil {
			return nil, err
		}
		priv := new(dsa.PrivateKey)
		priv.PublicKey.Parameters = *params
		err := dsa.GenerateKey(priv, rand.Reader)
		if err != nil {
			return nil, err
		}
		r.setPublicKeyDSA(params.Q, params.P, params.G, priv.PublicKey.Y)
		return priv, nil
	case RSAMD5, RSASHA1, RSASHA256, RSASHA512, RSASHA1NSEC3SHA1:
		priv, err := rsa.GenerateKey(rand.Reader, bits)
		if err != nil {
			return nil, err
		}
		r.setPublicKeyRSA(priv.PublicKey.E, priv.PublicKey.N)
		return priv, nil
	case ECDSAP256SHA256, ECDSAP384SHA384:
		var c elliptic.Curve
		switch r.Algorithm {
		case ECDSAP256SHA256:
			c = elliptic.P256()
		case ECDSAP384SHA384:
			c = elliptic.P384()
		}
		priv, err := ecdsa.GenerateKey(c, rand.Reader)
		if err != nil {
			return nil, err
		}
		r.setPublicKeyCurve(priv.PublicKey.X, priv.PublicKey.Y)
		return priv, nil
	default:
		return nil, ErrAlg
	}
	return nil, nil // Dummy return
}
Beispiel #12
0
func SignatureGenerateServerKey() *dsa.PrivateKey {
	priv := dsa.PrivateKey{}
	dsa.GenerateParameters(&priv.Parameters, rand.Reader, dsa.L3072N256)
	dsa.GenerateKey(&priv, rand.Reader)
	return &priv
}
Beispiel #13
0
// Creates a DSA private/public keypair. Returns the private key as a byte slice.
func MakeDSAKeypair(name string, keysize int) {
	// TODO - Implement functionality to create and return a DSA private key.
	keypair, err := dsa.GenerateKey(rand.Reader, keysize)
	check(err)
	fmt.Println(keypair)
}
Beispiel #14
0
func TestMetadata(t *testing.T) {
	params := dsa.Parameters{}
	if !assert.NoError(t, dsa.GenerateParameters(&params, rand.Reader, dsa.L2048N256), "Parameter generation succeeds") {
		return
	}

	privkey := dsa.PrivateKey{
		PublicKey: dsa.PublicKey{
			Parameters: params,
		},
	}

	if !assert.NoError(t, dsa.GenerateKey(&privkey, rand.Reader), "GenerateKey succeeds") {
		return
	}

	md := md.Metadata{
		EntityDescriptors: []md.EntityDescriptor{
			md.IDPDescriptor{
				ContactPerson: &md.ContactPerson{
					Type:            "technical",
					GivenName:       "Daisuke",
					SurName:         "Maki",
					EmailAddress:    "*****@*****.**",
					TelephoneNumber: "000-1234-5678",
				},
				KeyDescriptor: &md.KeyDescriptor{
					Key: key.NewDSA(&privkey.PublicKey),
					Use: "signing",
				},
				RoleDescriptor: md.RoleDescriptor{
					CommonDescriptor: md.CommonDescriptor{
						ID: "https://github.com/lestrrat/go-saml",
					},
				},
				SSODescriptor: md.SSODescriptor{
					SingleLogoutService: []saml.Endpoint{
						saml.Endpoint{
							ProtocolBinding: binding.HTTPRedirect,
							Location:        `https://github.com/lestrrat/go-saml/dummy/idp/logout`,
						},
					},
					NameIDFormat: nameid.Transient,
				},
				SingleSignOnService: []saml.Endpoint{
					saml.Endpoint{
						ProtocolBinding: binding.HTTPRedirect,
						Location:        `https://github.com/lestrrat/go-saml/dummy/idp/sso`,
					},
				},
			},
		},
	}

	xmlstr, err := md.Serialize()
	if !assert.NoError(t, err, "Serialize succeeds") {
		return
	}

	t.Logf("%s", xmlstr)
}