func main() { var privateKey dsa.PrivateKey params := &privateKey.Parameters // L2048N224 is length of L and N if err := dsa.GenerateParameters(params, rand.Reader, dsa.L2048N224); err != nil { fmt.Printf("Err: %s", err) return } if err := dsa.GenerateKey(&privateKey, rand.Reader); err != nil { fmt.Printf("Err: %s", err) return } hashed := []byte("This is test hashed message") // It returns the signature as a pair of integers. r, s, err := dsa.Sign(rand.Reader, &privateKey, hashed) if err != nil { fmt.Printf("Err: %s", err) return } // Check signnature can be verified publicKey := &privateKey.PublicKey if dsa.Verify(publicKey, hashed, r, s) { fmt.Printf("Verified\n") } }
func generateDSAKey(size uint) (*dsaKey, error) { dsakey := new(dsaKey) if size == 0 { size = T_DSA_PRIV.defaultSize() } if !T_DSA_PRIV.isAcceptableSize(size) { return nil, ErrInvalidKeySize } var psz dsa.ParameterSizes switch size { case 1024: psz = dsa.L1024N160 default: panic("unknown dsa key size") } err := dsa.GenerateParameters(&dsakey.key.PublicKey.Parameters, rand.Reader, psz) if err != nil { return nil, err } err = dsa.GenerateKey(&dsakey.key, rand.Reader) if err != nil { return nil, err } dsakey.publicKey.key = dsakey.key.PublicKey return dsakey, nil }
// Generates a compatible OpenSSH private key. The key is in the // raw Go key format. To convert this to a PEM encoded key, see // MarshalPrivate. func GenerateKey(keytype Type, size int) (key interface{}, err error) { switch keytype { case KEY_RSA: if size < 2048 { return nil, ErrInvalidKeySize } var rsakey *rsa.PrivateKey rsakey, err = rsa.GenerateKey(PRNG, size) if err != nil { return } key = rsakey case KEY_ECDSA: var eckey *ecdsa.PrivateKey switch size { case 256: eckey, err = ecdsa.GenerateKey(elliptic.P256(), PRNG) case 384: eckey, err = ecdsa.GenerateKey(elliptic.P384(), PRNG) case 521: eckey, err = ecdsa.GenerateKey(elliptic.P521(), PRNG) default: return nil, ErrInvalidKeySize } key = eckey case KEY_DSA: var sizes dsa.ParameterSizes switch size { case 1024: sizes = dsa.L1024N160 case 2048: sizes = dsa.L2048N256 case 3072: sizes = dsa.L3072N256 default: err = ErrInvalidKeySize return } params := dsa.Parameters{} err = dsa.GenerateParameters(¶ms, rand.Reader, sizes) if err != nil { return } dsakey := &dsa.PrivateKey{ PublicKey: dsa.PublicKey{ Parameters: params, }, } err = dsa.GenerateKey(dsakey, rand.Reader) if err != nil { return } key = dsakey } return }
// generate a dsa keypair func generateDSA(priv *dsa.PrivateKey, rand io.Reader) error { // put our paramters in priv.P = param.P priv.Q = param.Q priv.G = param.G // generate the keypair return dsa.GenerateKey(priv, rand) }
func (priv *PrivateKey) Generate(rand io.Reader) { if err := dsa.GenerateParameters(&priv.PrivateKey.PublicKey.Parameters, rand, dsa.L1024N160); err != nil { panic(err.Error()) } if err := dsa.GenerateKey(&priv.PrivateKey, rand); err != nil { panic(err.Error()) } priv.PublicKey.PublicKey = priv.PrivateKey.PublicKey }
// Generate will generate a new DSA Private Key with the randomness provided. The parameter size used is 1024 and 160. func (priv *PrivateKey) Generate(rand io.Reader) error { if err := dsa.GenerateParameters(&priv.PrivateKey.PublicKey.Parameters, rand, dsa.L1024N160); err != nil { return err } if err := dsa.GenerateKey(&priv.PrivateKey, rand); err != nil { return err } priv.PublicKey.PublicKey = priv.PrivateKey.PublicKey return nil }
func TestNewSignatureVerifierFailsWithUnsupportedKeyType(t *testing.T) { var k dsa.PrivateKey if err := dsa.GenerateParameters(&k.Parameters, rand.Reader, dsa.L1024N160); err != nil { t.Fatalf("Failed to generate DSA key parameters: %v", err) } if err := dsa.GenerateKey(&k, rand.Reader); err != nil { t.Fatalf("Failed to generate DSA key: %v", err) } if _, err := NewSignatureVerifier(k); err == nil { t.Fatal("Creating a SignatureVerifier with a DSA key unexpectedly succeeded") } }
func MakeKey() *dsa.PrivateKey { key := new(dsa.PrivateKey) err := dsa.GenerateParameters(&key.Parameters, rand.Reader, dsa.L2048N256) if err != nil { log.Fatalf("failed to parameters: %s", err) } err = dsa.GenerateKey(key, rand.Reader) if err != nil { log.Fatalf("failed to generate key: %s", err) } return key }
func TestDSA(t *testing.T) { params := dsa.Parameters{} if !assert.NoError(t, dsa.GenerateParameters(¶ms, rand.Reader, dsa.L2048N256), "Parameter generation succeeds") { return } privkey := dsa.PrivateKey{ PublicKey: dsa.PublicKey{ Parameters: params, }, } if !assert.NoError(t, dsa.GenerateKey(&privkey, rand.Reader), "GenerateKey succeeds") { return } key := NewDSA(&privkey.PublicKey) xmlstr, err := key.Serialize() if !assert.NoError(t, err, "Serialize succeeds") { return } t.Logf("%s", xmlstr) key2, err := Parse([]byte(xmlstr)) if !assert.NoError(t, err, "Parse succeeds") { return } switch key2.(type) { case *DSA: default: if !assert.Fail(t, "expected *DSA type, but got something else") { return } } }
func generateDSAKey() ([]byte, []byte, error) { params := &dsa.Parameters{} if err := dsa.GenerateParameters(params, rand.Reader, dsa.L1024N160); err != nil { return nil, nil, err } dsaKey := &dsa.PrivateKey{ PublicKey: dsa.PublicKey{ Parameters: *params, }, } if err := dsa.GenerateKey(dsaKey, rand.Reader); err != nil { return nil, nil, err } pubKey, err := ssh.NewPublicKey(&dsaKey.PublicKey) if err != nil { return nil, nil, err } dsaKeyASN1, err := asn1.Marshal(struct { Version int P, Q, G, Y, X *big.Int }{ 0, dsaKey.P, dsaKey.Q, dsaKey.G, dsaKey.Y, dsaKey.X, }) if err != nil { return nil, nil, err } return pem.EncodeToMemory(&pem.Block{ Type: "DSA PRIVATE KEY", Bytes: dsaKeyASN1, }), ssh.MarshalAuthorizedKey(pubKey), nil }
// Generate generates a DNSKEY of the given bit size. // The public part is put inside the DNSKEY record. // The Algorithm in the key must be set as this will define // what kind of DNSKEY will be generated. // The ECDSA algorithms imply a fixed keysize, in that case // bits should be set to the size of the algorithm. func (r *RR_DNSKEY) Generate(bits int) (PrivateKey, error) { switch r.Algorithm { case DSA, DSANSEC3SHA1: if bits != 1024 { return nil, ErrKeySize } case RSAMD5, RSASHA1, RSASHA256, RSASHA1NSEC3SHA1: if bits < 512 || bits > 4096 { return nil, ErrKeySize } case RSASHA512: if bits < 1024 || bits > 4096 { return nil, ErrKeySize } case ECDSAP256SHA256: if bits != 256 { return nil, ErrKeySize } case ECDSAP384SHA384: if bits != 384 { return nil, ErrKeySize } } switch r.Algorithm { case DSA, DSANSEC3SHA1: params := new(dsa.Parameters) if err := dsa.GenerateParameters(params, rand.Reader, dsa.L1024N160); err != nil { return nil, err } priv := new(dsa.PrivateKey) priv.PublicKey.Parameters = *params err := dsa.GenerateKey(priv, rand.Reader) if err != nil { return nil, err } r.setPublicKeyDSA(params.Q, params.P, params.G, priv.PublicKey.Y) return priv, nil case RSAMD5, RSASHA1, RSASHA256, RSASHA512, RSASHA1NSEC3SHA1: priv, err := rsa.GenerateKey(rand.Reader, bits) if err != nil { return nil, err } r.setPublicKeyRSA(priv.PublicKey.E, priv.PublicKey.N) return priv, nil case ECDSAP256SHA256, ECDSAP384SHA384: var c elliptic.Curve switch r.Algorithm { case ECDSAP256SHA256: c = elliptic.P256() case ECDSAP384SHA384: c = elliptic.P384() } priv, err := ecdsa.GenerateKey(c, rand.Reader) if err != nil { return nil, err } r.setPublicKeyCurve(priv.PublicKey.X, priv.PublicKey.Y) return priv, nil default: return nil, ErrAlg } return nil, nil // Dummy return }
func SignatureGenerateServerKey() *dsa.PrivateKey { priv := dsa.PrivateKey{} dsa.GenerateParameters(&priv.Parameters, rand.Reader, dsa.L3072N256) dsa.GenerateKey(&priv, rand.Reader) return &priv }
// Creates a DSA private/public keypair. Returns the private key as a byte slice. func MakeDSAKeypair(name string, keysize int) { // TODO - Implement functionality to create and return a DSA private key. keypair, err := dsa.GenerateKey(rand.Reader, keysize) check(err) fmt.Println(keypair) }
func TestMetadata(t *testing.T) { params := dsa.Parameters{} if !assert.NoError(t, dsa.GenerateParameters(¶ms, rand.Reader, dsa.L2048N256), "Parameter generation succeeds") { return } privkey := dsa.PrivateKey{ PublicKey: dsa.PublicKey{ Parameters: params, }, } if !assert.NoError(t, dsa.GenerateKey(&privkey, rand.Reader), "GenerateKey succeeds") { return } md := md.Metadata{ EntityDescriptors: []md.EntityDescriptor{ md.IDPDescriptor{ ContactPerson: &md.ContactPerson{ Type: "technical", GivenName: "Daisuke", SurName: "Maki", EmailAddress: "*****@*****.**", TelephoneNumber: "000-1234-5678", }, KeyDescriptor: &md.KeyDescriptor{ Key: key.NewDSA(&privkey.PublicKey), Use: "signing", }, RoleDescriptor: md.RoleDescriptor{ CommonDescriptor: md.CommonDescriptor{ ID: "https://github.com/lestrrat/go-saml", }, }, SSODescriptor: md.SSODescriptor{ SingleLogoutService: []saml.Endpoint{ saml.Endpoint{ ProtocolBinding: binding.HTTPRedirect, Location: `https://github.com/lestrrat/go-saml/dummy/idp/logout`, }, }, NameIDFormat: nameid.Transient, }, SingleSignOnService: []saml.Endpoint{ saml.Endpoint{ ProtocolBinding: binding.HTTPRedirect, Location: `https://github.com/lestrrat/go-saml/dummy/idp/sso`, }, }, }, }, } xmlstr, err := md.Serialize() if !assert.NoError(t, err, "Serialize succeeds") { return } t.Logf("%s", xmlstr) }