// makeAuthMsg creates the initiator handshake message. func (h *encHandshake) makeAuthMsg(prv *ecdsa.PrivateKey, token []byte) (*authMsgV4, error) { rpub, err := h.remoteID.Pubkey() if err != nil { return nil, fmt.Errorf("bad remoteID: %v", err) } h.remotePub = ecies.ImportECDSAPublic(rpub) // Generate random initiator nonce. h.initNonce = make([]byte, shaLen) if _, err := rand.Read(h.initNonce); err != nil { return nil, err } // Generate random keypair to for ECDH. h.randomPrivKey, err = ecies.GenerateKey(rand.Reader, secp256k1.S256(), nil) if err != nil { return nil, err } // Sign known message: static-shared-secret ^ nonce token, err = h.staticSharedSecret(prv) if err != nil { return nil, err } signed := xor(token, h.initNonce) signature, err := crypto.Sign(signed, h.randomPrivKey.ExportECDSA()) if err != nil { return nil, err } msg := new(authMsgV4) copy(msg.Signature[:], signature) copy(msg.InitiatorPubkey[:], crypto.FromECDSAPub(&prv.PublicKey)[1:]) copy(msg.Nonce[:], h.initNonce) msg.Version = 4 return msg, nil }
func TestNodeID_recover(t *testing.T) { prv := newkey() hash := make([]byte, 32) sig, err := crypto.Sign(hash, prv) if err != nil { t.Fatalf("signing error: %v", err) } pub := PubkeyID(&prv.PublicKey) recpub, err := recoverNodeID(hash, sig) if err != nil { t.Fatalf("recovery error: %v", err) } if pub != recpub { t.Errorf("recovered wrong pubkey:\ngot: %v\nwant: %v", recpub, pub) } ecdsa, err := pub.Pubkey() if err != nil { t.Errorf("Pubkey error: %v", err) } if !reflect.DeepEqual(ecdsa, &prv.PublicKey) { t.Errorf("Pubkey mismatch:\n got: %#v\n want: %#v", ecdsa, &prv.PublicKey) } }
// SignPayment returns a signed transaction on the current payment channel. func (c *Subscription) SignPayment(amount *big.Int) (Cheque, error) { sig, err := crypto.Sign(sha3(c.Id[:], c.From[:], c.ServiceId.Bytes(), c.Nonce.Bytes(), amount.Bytes()), c.key) if err != nil { return Cheque{}, err } return Cheque{Sig: sig, From: c.From, ServiceId: c.ServiceId, Nonce: c.Nonce, Amount: amount}, nil }
func (tx *Transaction) SignECDSA(prv *ecdsa.PrivateKey) (*Transaction, error) { h := tx.SigHash() sig, err := crypto.Sign(h[:], prv) if err != nil { return nil, err } return tx.WithSignature(sig) }
// Sign libsecp256k1 func BitcoinSign(msg []byte, key *ecdsa.PrivateKey) (string, error) { hmsg := EncodeMessageHash(msg) sig, err := crypto.Sign(hmsg, key) if err != nil { return "", err } return EncodeSignature(sig, true), nil }
func (tx *Transaction) SignECDSA(prv *ecdsa.PrivateKey) error { h := tx.Hash() sig, err := crypto.Sign(h[:], prv) if err != nil { return err } tx.SetSignatureValues(sig) return nil }
// SignWithPassphrase signs hash if the private key matching the given address can be // decrypted with the given passphrase. func (am *Manager) SignWithPassphrase(addr common.Address, passphrase string, hash []byte) (signature []byte, err error) { _, key, err := am.getDecryptedKey(Account{Address: addr}, passphrase) if err != nil { return nil, err } defer zeroKey(key.PrivateKey) return crypto.Sign(hash, key.PrivateKey) }
// Sign signs hash with an unlocked private key matching the given address. func (am *Manager) Sign(addr common.Address, hash []byte) (signature []byte, err error) { am.mu.RLock() defer am.mu.RUnlock() unlockedKey, found := am.unlocked[addr] if !found { return nil, ErrLocked } return crypto.Sign(hash, unlockedKey.PrivateKey) }
func (am *Manager) Sign(a Account, toSign []byte) (signature []byte, err error) { am.mutex.RLock() unlockedKey, found := am.unlocked[a.Address] am.mutex.RUnlock() if !found { return nil, ErrLocked } signature, err = crypto.Sign(toSign, unlockedKey.PrivateKey) return signature, err }
// NewKeyedTransactor is a utility method to easily create a transaction signer // from a plain go-ethereum crypto key. func NewKeyedTransactor(key *crypto.Key) *TransactOpts { return &TransactOpts{ From: key.Address, Signer: func(address common.Address, tx *types.Transaction) (*types.Transaction, error) { if address != key.Address { return nil, errors.New("not authorized to sign this account") } signature, err := crypto.Sign(tx.SigHash().Bytes(), key.PrivateKey) if err != nil { return nil, err } return tx.WithSignature(signature) }, } }
func encodePacket(priv *ecdsa.PrivateKey, ptype byte, req interface{}) ([]byte, error) { b := new(bytes.Buffer) b.Write(headSpace) b.WriteByte(ptype) if err := rlp.Encode(b, req); err != nil { glog.V(logger.Error).Infoln("error encoding packet:", err) return nil, err } packet := b.Bytes() sig, err := crypto.Sign(crypto.Sha3(packet[headSize:]), priv) if err != nil { glog.V(logger.Error).Infoln("could not sign packet:", err) return nil, err } copy(packet[macSize:], sig) // add the hash to the front. Note: this doesn't protect the // packet in any way. Our public key will be part of this hash in // The future. copy(packet, crypto.Sha3(packet[macSize:])) return packet, nil }
// authMsg creates an encrypted initiator handshake message. func (h *encHandshake) authMsg(prv *ecdsa.PrivateKey, token []byte) ([]byte, error) { var tokenFlag byte if token == nil { // no session token found means we need to generate shared secret. // ecies shared secret is used as initial session token for new peers // generate shared key from prv and remote pubkey var err error if token, err = h.ecdhShared(prv); err != nil { return nil, err } } else { // for known peers, we use stored token from the previous session tokenFlag = 0x01 } // sign known message: // ecdh-shared-secret^nonce for new peers // token^nonce for old peers signed := xor(token, h.initNonce) signature, err := crypto.Sign(signed, h.randomPrivKey.ExportECDSA()) if err != nil { return nil, err } // encode auth message // signature || sha3(ecdhe-random-pubk) || pubk || nonce || token-flag msg := make([]byte, authMsgLen) n := copy(msg, signature) n += copy(msg[n:], crypto.Sha3(exportPubkey(&h.randomPrivKey.PublicKey))) n += copy(msg[n:], crypto.FromECDSAPub(&prv.PublicKey)[1:]) n += copy(msg[n:], h.initNonce) msg[n] = tokenFlag // encrypt auth message using remote-pubk return ecies.Encrypt(rand.Reader, h.remotePub, msg, nil, nil) }
// sign calculates and sets the cryptographic signature for the message , also // setting the sign flag. func (self *Message) sign(key *ecdsa.PrivateKey) (err error) { self.Flags |= signatureFlag self.Signature, err = crypto.Sign(self.hash(), key) return }