Exemple #1
0
func (alg *Ecdh) WrapNewKey(cekSizeBits int, key interface{}, header map[string]interface{}) (cek []byte, encryptedCek []byte, err error) {

	if pubKey, ok := key.(*ecdsa.PublicKey); ok {

		if _, ok := header[alg.idHeader()].(string); !ok {
			return nil, nil, errors.New(fmt.Sprintf("Ecdh.WrapNewKey(): expected '%v' param in JWT header, but was not found.", alg.idHeader()))
		}

		var d []byte
		var x, y *big.Int

		if d, x, y, err = elliptic.GenerateKey(pubKey.Curve, rand.Reader); err != nil {
			return nil, nil, err
		}

		ephemeral := ecc.NewPrivate(x.Bytes(), y.Bytes(), d)

		xBytes := padding.Align(x.Bytes(), pubKey.Curve.Params().BitSize)
		yBytes := padding.Align(y.Bytes(), pubKey.Curve.Params().BitSize)

		epk := map[string]string{
			"kty": "EC",
			"x":   base64url.Encode(xBytes),
			"y":   base64url.Encode(yBytes),
			"crv": name(pubKey.Curve),
		}

		header["epk"] = epk

		return alg.deriveKey(pubKey, ephemeral, cekSizeBits, header), nil, nil
	}

	return nil, nil, errors.New("Ecdh.WrapNewKey(): expected key to be '*ecdsa.PublicKey'")
}
Exemple #2
0
func (alg *EcdsaUsingSha) Sign(securedInput []byte, key interface{}) (signature []byte, err error) {

	if privKey, ok := key.(*ecdsa.PrivateKey); ok {

		if sizeBits := privKey.Curve.Params().BitSize; sizeBits != alg.keySizeBits {
			return nil, errors.New(fmt.Sprintf("EcdsaUsingSha.Sign(): expected key of size %v bits, but was given %v bits.", alg.keySizeBits, sizeBits))
		}

		var r, s *big.Int

		if r, s, err = ecdsa.Sign(rand.Reader, privKey, sha(alg.hashSizeBits, securedInput)); err == nil {

			rBytes := padding.Align(r.Bytes(), alg.keySizeBits)
			sBytes := padding.Align(s.Bytes(), alg.keySizeBits)

			return arrays.Concat(rBytes, sBytes), nil
		}

		return nil, err
	}

	return nil, errors.New("EcdsaUsingSha.Sign(): expects key to be '*ecdsa.PrivateKey'")
}
Exemple #3
0
func (alg *Ecdh) deriveKey(pubKey *ecdsa.PublicKey, privKey *ecdsa.PrivateKey, keySizeBits int, header map[string]interface{}) []byte {

	var enc, apv, apu []byte
	var err error

	enc = []byte(header[alg.idHeader()].(string))

	if a, ok := header["apv"].(string); !ok {
		if apv, err = base64url.Decode(a); err != nil {
			apv = nil
		}
	}

	if a, ok := header["apu"].(string); !ok {
		if apu, err = base64url.Decode(a); err != nil {
			apu = nil
		}
	}

	z, _ := pubKey.Curve.ScalarMult(pubKey.X, pubKey.Y, privKey.D.Bytes())
	zBytes := padding.Align(z.Bytes(), privKey.Curve.Params().BitSize)

	return kdf.DeriveConcatKDF(keySizeBits, zBytes, prependDatalen(enc), prependDatalen(apu), prependDatalen(apv), arrays.UInt32ToBytes(uint32(keySizeBits)), nil, sha256.New())
}