使用Golang进行ECDSA签名,并使用SHA224摘要生成私钥。

huangapple go评论85阅读模式
英文:

Golang signing with ecdsa and Private Key from a SHA224 digest

问题

我需要为提交到远程服务(通过websocket)签署一条消息。为此,我需要基于一个整数(我的用户ID)和一个密码短语(一个base64编码的字符串)构建一个私钥,使用SHA224进行哈希。我正在使用golang和crypto/ecdsa进行操作,并使用相应的包进行字节编码等。

这是我拥有的文档:

签名使用椭圆曲线数字签名算法(ECDSA)编码的消息,包含:用户ID、服务器随机数、客户端节点和私钥。私钥是通过使用SHA224哈希您的用户ID和密码生成的。

这是我的函数:

func NewKey(userId int64, pass string) (prKey ecdsa.PrivateKey) {
    buf := new(bytes.Buffer)
    binary.Write(buf, binary.BigEndian, userId)
    passArr := []byte(pass)

    sha := sha256.New224()
    sha.Write(buf.Bytes())
    sha.Write(passArr)
    sum := sha.Sum(nil)

    var in int64
    reader := bytes.NewReader(sum)
    err := binary.Read(reader, binary.BigEndian, &in)

    if err != nil {
        log.Fatal(err)
    }

    prKey.D = big.NewInt(in)
    prKey.PublicKey.Curve = elliptic.P224()
    return prKey
}

我编写这个函数的目的是:

  1. 使用SHA224正确地将userId和pass哈希为[]byte

  2. 将其读入一个int64,然后将其用作私钥。

  3. 正确地构造ecdsa.PrivateKey实例和相应的ecdsa.PublicKey

  4. 返回该密钥以供在ecdsa.Sign()函数调用中使用。

然后,我签署另一条消息,其中包含一个userId(整数)和两个随机数。

这是我如何签署消息的方式:

key := NewKey(userId, pass) // 上述函数
msg := sha256.New224().Sum([]byte(userId + srNonce + clNonce))
r, s, err := ecdsa.Sign(rand.Reader, &key, msg)
sig := []string{enc(r.String()), enc(s.String())}

问题:

  1. 我的NewKey函数是否正确?

  2. rs组件非常大 - 这可能是因为我使用了int64吗?这可能会成为问题吗?

  3. sha256.New224().Sum([]byte(userId + pass))这一行对于哈希这两个项目来说是否“正确”?

  4. 如果我的私钥创建不正确(假设它是错误的),我应该如何正确地创建私钥并随后签署消息?

我对ECDSA非常陌生,对于加密知识也只有基础的了解。

英文:

I need to sign a message for submission to a remote service (over a websocket). To do this, I need to structure a private key based on an integer (my user id) and a passphrase (a base64 encoded string)., hashed using SHA224. I'm using golang, and crypto/ecdsa for this with accompanying packages for byte encoding etc.

Here's the documentation I have:

> Signatures use an Elliptic Curve Digital Signature Algorithm (ECDSA)
> encoded message containing: user ID, Server Nonce, Client Node and
> Private key. Private keys are generated hashing your user ID and your
> password with SHA224.

Here's my func:

func NewKey(userId int64, pass string) (prKey ecdsa.PrivateKey) {
	buf := new(bytes.Buffer)
	binary.Write(buf, binary.BigEndian, userId)
	passArr := []byte(pass)

	sha := sha256.New224()
	sha.Write(buf.Bytes())
	sha.Write(passArr)
	sum := sha.Sum(nil)

	var in int64
	reader := bytes.NewReader(sum)
	err := binary.Read(reader, binary.BigEndian, &in)

	if err != nil {
		log.Fatal(err)
	}

	prKey.D = big.NewInt(in)
	prKey.PublicKey.Curve = elliptic.P224()
	return prKey
}

My intent with this func is that it:

  1. Hashes the userId and pass correctly in a []byte using SHA224.

  2. Reads that into an int64 which is then used as the private key

  3. Constructs an instance of ecdsa.PrivateKey and corresponding ecdsa.PublicKey correctly

  4. Returns said key for use in ecdsa.Sign() function calls

I then sign another message which consists of a userId (integer), and two nonces.

Here's how I sign my message:

key := NewKey(userId, pass) // the above func
msg := sha256.New224().Sum([]byte(userId + srNonce + clNonce))
r, s, err := ecdsa.Sign(rand.Reader, &key, msg)
sig := []string{enc(r.String()), enc(s.String())}

Questions:

  1. Is my NewKey func correct?

  2. The r and s components are very large - presumably because I'm using int64. Could this be an issue?

  3. Is the line sha256.New224().Sum([]byte(userId + pass)) "correct" for hasing those two items?

  4. How can I create my private key correctly (assuming it's wrong) and subsequently sign the message?

I'm very new to ECDSA and have basic crypto knowledge in general.

答案1

得分: 0

回答我的问题:

> 我的 NewKey 函数正确吗?

不正确。

> r 和 s 组件非常大 - 可能是因为我使用了 int64。这可能是个问题吗?

它们应该是很大的。

> sha256.New224().Sum([]byte(userId + pass)) 这行代码对于哈希这两个项来说是“正确”的吗?

就目前而言,它是正确的,因为我将一个 []byte 传递给它。

> 如果我的私钥有问题,我应该如何正确创建它,并随后对消息进行签名?

私钥需要一个 big.Int,所以假设哈希是正确的,使用以下代码应该足够:

key := new(big.Int).SetBytes(sum)
英文:

To answer my own questions:

> Is my NewKey func correct?

No.

> The r and s components are very large - presumably because I'm using int64. Could this be an issue?

They should be large.

> Is the line sha256.New224().Sum([]byte(userId + pass)) "correct" for hashing those two items?

It's correct insofar as I'm passing it a []byte.

> How can I create my private key correctly (assuming it's wrong) and
> subsequently sign the message?

The key requires a big.Int, so using the following should suffice assuming the hash is correct:

key := new(big.Int).SetBytes(sum)

huangapple
  • 本文由 发表于 2014年2月9日 19:26:25
  • 转载请务必保留本文链接:https://go.coder-hub.com/21658469.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定