Closed qmuntal closed 2 years ago
I just noticed that this PR does not add support for P-224 and that I haven't documented it in the description. Although CNG does not provide P-224 curves out-of-the-box, I think it can be implemented as a custom curve, will try to do so in a follow-up PR.
This PR implements ECDSA functions and methods.
There doesn't seem to be any incompatibility with Go crypto 😄There are two related incompatibilities with the boring API:
boring.SignMarshalECDSA
because the returned signature is expected to be ASN.1 encoded, but bcrypt returns it as P1363 encoded. We can't importencoding/asn1
, so it is not feasible to convert P1363 -> ASN.1. I've implementedSignECDSA
instead, which returns unencoded big numbers, being the P1363 -> big number really stright-forward.boring.VerifyECDSA
because it accepts an ASN.1 encoded signature, and we can't decode it for the same reason asboring.SignMarshalECDSA
. I've modified the functions parameters to accept big numbers.This will require patching
crypto/ecdsa
to do special logic when working with this backend, but I expect it to be minimal.