gabi

package module
v0.0.0-...-202feaa Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 22, 2024 License: BSD-3-Clause Imports: 13 Imported by: 31

README

Gabi   Go Reference Go Report Card

gabi is a Go implementation of the IRMA approach to the Idemix attribute based credential system. Check out the Privacy by Design Foundation website to learn more on this great alternative to traditional identity management.

gabi is the authoritative IRMA Idemix implementation, but it is still largely compatible with the now deprecated Java implementation.

gabi serves as the cryptographic core of irmago, which implements the IRMA server, IRMA app core, shared functionality between the two, and more. Most projects wanting to use IRMA or Idemix will want to use irmago instead of depending on gabi directly.

Install

To install:

go get github.com/privacybydesign/gabi

Test

To run tests:

go test -v ./...

History

gabi was originally created and developed by Maarten Everts in 2015 and 2016. Since 2017, the Privacy by Design Foundation and SIDN maintain and develop gabi.

Documentation

Overview

Package gabi is an implementation of the IRMA (https://irma.app) approach to attribute based credentials. For now, see gabi_test.go on how to use the library.

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrIncorrectProofOfSignatureCorrectness is issued when the proof of
	// correctness on the signature does not verify.
	ErrIncorrectProofOfSignatureCorrectness = errors.New("Proof of correctness on signature does not verify.")
	// ErrIncorrectAttributeSignature is issued when the signature on the
	// attributes is not correct.
	ErrIncorrectAttributeSignature = errors.New("The Signature on the attributes is not correct.")
)
View Source 
var (
	// ErrMissingProofU is returned when a ProofU proof is missing in a prooflist
	// when this is expected.
	ErrMissingProofU = errors.New("Missing ProofU in ProofList, has a CredentialBuilder been added?")
)
View Source 
var Logger *logrus.Logger

Functions

func GenerateNonce 

func GenerateNonce() (*big.Int, error)

GenerateNonce generates a nonce for use in proofs

func GenerateSecretAttribute 

func GenerateSecretAttribute() (*big.Int, error)

GenerateSecretAttribute generates secret attribute used prove ownership and links between credentials from the same user.

func KeyshareUserCommitmentRequest 

func KeyshareUserCommitmentRequest[T comparable](
	builders ProofBuilderList, randomizers map[string]*big.Int, keys map[T]*gabikeys.PublicKey,
) (KeyshareCommitmentRequest, []KeyshareUserChallengeInput[T], error)

KeyshareUserCommitmentRequest computes the user's first message to the keyshare server in the keyshare protocol, containing its commitment (h_W) to its contributions to the challenge, in the joint computation of the zero knowledge proof of the secret key.

func NewKeyshareSecret 

func NewKeyshareSecret() (*big.Int, error)

NewKeyshareSecret generates keyshare secret

func NewProofRandomizers 

func NewProofRandomizers() (map[string]*big.Int, error)

NewProofRandomizers constructs state necessary for constructing a zero-knowledge proof showing that (alongside whatever else the proof shows) several non-disclosed numbers have the same value. Currently used only for the secret key across multiple credentials.

func RepresentToPublicKey 

func RepresentToPublicKey(pk *gabikeys.PublicKey, exps []*big.Int) (*big.Int, error)

RepresentToPublicKey returns a representation of the given exponents in terms of the R bases from the public key. For example given exponents exps[1],...,exps[k] this function returns 

R[1]^{exps[1]}*...*R[k]^{exps[k]} (mod N)

with R and N coming from the public key. The exponents are hashed if their length exceeds the maximum message length from the public key.

Types

type CLSignature 

type CLSignature struct {
	A         *big.Int
	E         *big.Int `json:"e"`
	V         *big.Int `json:"v"`
	KeyshareP *big.Int `json:"KeyshareP"` // R_0^{keysharesecret}, necessary for verification
}

CLSignature is a data structure for holding a Camenisch-Lysyanskaya signature.

func SignMessageBlock 

func SignMessageBlock(sk *gabikeys.PrivateKey, pk *gabikeys.PublicKey, ms []*big.Int) (*CLSignature, error)

SignMessageBlock signs a message block (ms) using the Camenisch-Lysyanskaya signature scheme as used in the Idemix system.

func (*CLSignature) Randomize 

func (s *CLSignature) Randomize(pk *gabikeys.PublicKey) (*CLSignature, error)

Randomize returns a randomized copy of the signature.

func (*CLSignature) Verify 

func (s *CLSignature) Verify(pk *gabikeys.PublicKey, ms []*big.Int) bool

Verify checks whether the signature is correct while being given a public key and the messages.

type Credential 

type Credential struct {
	Signature            *CLSignature        `json:"signature"`
	Pk                   *gabikeys.PublicKey `json:"-"`
	Attributes           []*big.Int          `json:"attributes"`
	NonRevocationWitness *revocation.Witness `json:"nonrevWitness,omitempty"`
	// contains filtered or unexported fields
}

Credential represents an Idemix credential.

func (*Credential) CreateDisclosureProof 

func (ic *Credential) CreateDisclosureProof(
	disclosedAttributes []int,
	rangeStatements map[int][]*rangeproof.Statement,
	nonrev bool,
	context, nonce1 *big.Int,
) (*ProofD, error)

CreateDisclosureProof creates a disclosure proof (ProofD) for the provided indices of disclosed attributes.

func (*Credential) CreateDisclosureProofBuilder 

func (ic *Credential) CreateDisclosureProofBuilder(
	disclosedAttributes []int,
	rangeStatements map[int][]*rangeproof.Statement,
	nonrev bool,
) (*DisclosureProofBuilder, error)

CreateDisclosureProofBuilder produces a DisclosureProofBuilder, an object to hold the state in the protocol for producing a disclosure proof that is linked to other proofs.

func (*Credential) NonrevBuildProofBuilder 

func (ic *Credential) NonrevBuildProofBuilder() (*NonRevocationProofBuilder, error)

NonrevBuildProofBuilder builds and returns a new committed-to NonRevocationProofBuilder.

func (*Credential) NonrevIndex 

func (ic *Credential) NonrevIndex() (int, error)

func (*Credential) NonrevPrepareCache 

func (ic *Credential) NonrevPrepareCache() error

NonrevPrepareCache ensures that the Credential's non-revocation proof builder cache is usable, by creating one if it does not exist, or otherwise updating it to the latest accumulator contained in the credential's witness.

type CredentialBuilder 

type CredentialBuilder struct {
	// contains filtered or unexported fields
}

CredentialBuilder is a temporary object to hold some state for the protocol that is used to create (build) a credential. It also implements the ProofBuilder interface.

func NewCredentialBuilder 

func NewCredentialBuilder(pk *gabikeys.PublicKey, context, secret *big.Int, nonce2 *big.Int, keyshareP *big.Int, blind []int) (*CredentialBuilder, error)

NewCredentialBuilder creates a new credential builder. The resulting credential builder is already committed to the provided secret. arg blind: list of indices of random blind attributes (excluding the secret key)

func (*CredentialBuilder) Commit 

func (b *CredentialBuilder) Commit(randomizers map[string]*big.Int) ([]*big.Int, error)

Commit commits to the secret (first attribute) using the provided randomizer. Optionally commits to the user shares of random blind attributes if any are present.

func (*CredentialBuilder) CommitToSecretAndProve 

func (b *CredentialBuilder) CommitToSecretAndProve(nonce1 *big.Int) (*IssueCommitmentMessage, error)

CommitToSecretAndProve creates the response to the initial challenge nonce nonce1 sent by the issuer. The response consists of a commitment to the secret (set on creation of the builder, see NewBuilder) and a proof of correctness of this commitment.

func (*CredentialBuilder) ConstructCredential 

func (b *CredentialBuilder) ConstructCredential(msg *IssueSignatureMessage, attributes []*big.Int) (*Credential, error)

ConstructCredential creates a credential using the IssueSignatureMessage from the issuer and the content of the attributes.

func (*CredentialBuilder) CreateIssueCommitmentMessage 

func (b *CredentialBuilder) CreateIssueCommitmentMessage(proofs ProofList) *IssueCommitmentMessage

CreateIssueCommitmentMessage creates the IssueCommitmentMessage based on the provided ProofList, to be sent to the issuer.

func (*CredentialBuilder) CreateProof 

func (b *CredentialBuilder) CreateProof(challenge *big.Int) Proof

CreateProof creates a (ProofU) Proof using the provided challenge.

func (*CredentialBuilder) PublicKey 

func (b *CredentialBuilder) PublicKey() *gabikeys.PublicKey

PublicKey returns the Idemix public key against which the credential will verify.

func (*CredentialBuilder) SetProofPCommitment 

func (b *CredentialBuilder) SetProofPCommitment(commitment *ProofPCommitment)

type DisclosureProofBuilder 

type DisclosureProofBuilder struct {
	// contains filtered or unexported fields
}

DisclosureProofBuilder is an object that holds the state for the protocol to produce a disclosure proof.

func (*DisclosureProofBuilder) Commit 

func (d *DisclosureProofBuilder) Commit(randomizers map[string]*big.Int) ([]*big.Int, error)

Commit commits to the first attribute (the secret) using the provided randomizer.

func (*DisclosureProofBuilder) CreateProof 

func (d *DisclosureProofBuilder) CreateProof(challenge *big.Int) Proof

CreateProof creates a (disclosure) proof with the provided challenge.

func (*DisclosureProofBuilder) PublicKey 

func (d *DisclosureProofBuilder) PublicKey() *gabikeys.PublicKey

PublicKey returns the Idemix public key against which this disclosure proof will verify.

func (*DisclosureProofBuilder) SetProofPCommitment 

func (d *DisclosureProofBuilder) SetProofPCommitment(commitment *ProofPCommitment)

func (*DisclosureProofBuilder) TimestampRequestContributions 

func (d *DisclosureProofBuilder) TimestampRequestContributions() (*big.Int, []*big.Int)

TimestampRequestContributions returns the contributions of this disclosure proof to the message that is to be signed by the timestamp server: - A of the randomized CL-signature - Slice of big.Int populated with the disclosed attributes and 0 for the undisclosed ones.

type IssueCommitmentMessage 

type IssueCommitmentMessage struct {
	U          *big.Int          `json:"U,omitempty"`
	Nonce2     *big.Int          `json:"n_2"`
	Proofs     ProofList         `json:"combinedProofs"`
	ProofPjwt  string            `json:"proofPJwt,omitempty"`
	ProofPjwts map[string]string `json:"proofPJwts,omitempty"`
}

IssueCommitmentMessage encapsulates the messages sent by the receiver to the issuer in the second step of the issuance protocol.

type IssueSignatureMessage 

type IssueSignatureMessage struct {
	Proof                *ProofS             `json:"proof"`
	Signature            *CLSignature        `json:"signature"`
	NonRevocationWitness *revocation.Witness `json:"nonrev,omitempty"`
	MIssuer              map[int]*big.Int    `json:"m_issuer,omitempty"` // Issuers shares of random blind attributes
}

IssueSignatureMessage encapsulates the messages sent from the issuer to the receiver in the final step of the issuance protocol.

type Issuer 

type Issuer struct {
	Sk      *gabikeys.PrivateKey
	Pk      *gabikeys.PublicKey
	Context *big.Int
}

Issuer holds the key material for a credential issuer.

func NewIssuer 

func NewIssuer(sk *gabikeys.PrivateKey, pk *gabikeys.PublicKey, context *big.Int) *Issuer

NewIssuer creates a new credential issuer.

func (*Issuer) IssueSignature 

func (i *Issuer) IssueSignature(U *big.Int, attributes []*big.Int, witness *revocation.Witness, nonce2 *big.Int, blind []int) (*IssueSignatureMessage, error)

IssueSignature produces an IssueSignatureMessage for the attributes based on the IssueCommitmentMessage provided. Note that this function DOES NOT check the proofs containted in the IssueCommitmentMessage! That needs to be done at a higher level!

type KeyshareCommitmentRequest 

type KeyshareCommitmentRequest struct {
	HashedUserCommitments []byte `json:"hashedComms"`
}

KeyshareCommitmentRequest contains the data the user must send to the keyshare server when it requests the keyshare server's contributions to the commitments, in the joint computation of the zero knowledge proof.

type KeyshareResponseRequest 

type KeyshareResponseRequest[T any] struct {
	Context            *big.Int `json:"context,omitempty"`
	Nonce              *big.Int `json:"nonce"`
	UserResponse       *big.Int `json:"resp"`
	IsSignatureSession bool     `json:"sig"`

	// UserChallengeInput contains the arguments used by the user to compute the
	// HashedUserCommitments sent earlier in the commitment request.
	UserChallengeInput []KeyshareUserChallengeInput[T]
}

KeyshareResponseRequest contains the data the user must send to the keyshare server when it requests the keyshare server's contributions to the responses, in the joint computation of the zero knowledge proof.

func KeyshareUserResponseRequest 

func KeyshareUserResponseRequest[T comparable](
	builders ProofBuilderList,
	randomizers map[string]*big.Int,
	hashInput []KeyshareUserChallengeInput[T],
	context, nonce *big.Int,
	signature bool,
) (KeyshareResponseRequest[T], *big.Int, error)

KeyshareUserResponseRequest computes the user's second message to the keyshare server in the keyshare protocol, containing its response in the joint computation of the zero- knowledgeproof of the secret key. Also returns the challenge to be used in constructing the proofs.

type KeyshareUserChallengeInput 

type KeyshareUserChallengeInput[T any] struct {
	// KeyID identifies the public key for this value and commitment. If nil, the keyshare
	// server does not participate for this value and commitment.
	KeyID *T `json:"key,omitempty"`

	// Value of whose exponents the user proves knowledge; A' = AS^r (disclosure) or U (issuance).
	Value *big.Int `json:"val"`
	// Commitment is the user's contributions to the commitment of this proof of knowledge.
	Commitment *big.Int `json:"comm"`

	// OtherCommitments contain commitments for non-revocation proofs and range proofs
	// (if present).
	OtherCommitments []*big.Int `json:"otherComms,omitempty"`
}

KeyshareUserChallengeInput contains the user's contributions to the challenge, in the joint computation of the zero knowledge proof.

type NonRevocationProofBuilder 

type NonRevocationProofBuilder struct {
	// contains filtered or unexported fields
}

func (*NonRevocationProofBuilder) Commit 

func (b *NonRevocationProofBuilder) Commit() ([]*big.Int, error)

func (*NonRevocationProofBuilder) CreateProof 

func (b *NonRevocationProofBuilder) CreateProof(challenge *big.Int) *revocation.Proof

func (*NonRevocationProofBuilder) UpdateCommit 

func (b *NonRevocationProofBuilder) UpdateCommit(witness *revocation.Witness) error

UpdateCommit updates the builder to the latest accumulator contained in the specified (updated) witness.

type Proof 

type Proof interface {
	VerifyWithChallenge(pk *gabikeys.PublicKey, reconstructedChallenge *big.Int) bool
	SecretKeyResponse() *big.Int
	ChallengeContribution(pk *gabikeys.PublicKey) ([]*big.Int, error)
	MergeProofP(proofP *ProofP, pk *gabikeys.PublicKey)
}

Proof represents a non-interactive zero-knowledge proof

type ProofBuilder 

type ProofBuilder interface {
	Commit(randomizers map[string]*big.Int) ([]*big.Int, error)
	CreateProof(challenge *big.Int) Proof
	PublicKey() *gabikeys.PublicKey
	SetProofPCommitment(commitment *ProofPCommitment)
}

ProofBuilder is an interface for a proof builder. That is, an object to hold the state to build a list of bounded proofs (see ProofList).

type ProofBuilderList 

type ProofBuilderList []ProofBuilder

ProofBuilderList is a list of proof builders, for calculating a list of bound proofs.

func (ProofBuilderList) BuildDistributedProofList 

func (builders ProofBuilderList) BuildDistributedProofList(
	challenge *big.Int, proofPs []*ProofP,
) (ProofList, error)

func (ProofBuilderList) BuildProofList 

func (builders ProofBuilderList) BuildProofList(context, nonce *big.Int, issig bool) (ProofList, error)

BuildProofList builds a list of bounded proofs. For this it is given a list of ProofBuilders. Examples of proof builders are CredentialBuilder and DisclosureProofBuilder.

func (ProofBuilderList) Challenge 

func (builders ProofBuilderList) Challenge(context, nonce *big.Int, issig bool) (*big.Int, error)

func (ProofBuilderList) ChallengeWithRandomizers 

func (builders ProofBuilderList) ChallengeWithRandomizers(context, nonce *big.Int, randomizers map[string]*big.Int, issig bool) (*big.Int, error)

type ProofD 

type ProofD struct {
	C                  *big.Int                    `json:"c"`
	A                  *big.Int                    `json:"A"`
	EResponse          *big.Int                    `json:"e_response"`
	VResponse          *big.Int                    `json:"v_response"`
	AResponses         map[int]*big.Int            `json:"a_responses"`
	ADisclosed         map[int]*big.Int            `json:"a_disclosed"`
	NonRevocationProof *revocation.Proof           `json:"nonrev_proof,omitempty"`
	RangeProofs        map[int][]*rangeproof.Proof `json:"rangeproofs,omitempty"`
	// contains filtered or unexported fields
}

ProofD represents a proof in the showing protocol.

func (*ProofD) Challenge 

func (p *ProofD) Challenge() *big.Int

Challenge returns the challenge in the proof (part of the Proof interface).

func (*ProofD) ChallengeContribution 

func (p *ProofD) ChallengeContribution(pk *gabikeys.PublicKey) ([]*big.Int, error)

ChallengeContribution returns the contribution of this proof to the challenge.

func (*ProofD) HasNonRevocationProof 

func (p *ProofD) HasNonRevocationProof() bool

func (*ProofD) MergeProofP 

func (p *ProofD) MergeProofP(proofP *ProofP, _ *gabikeys.PublicKey)

MergeProofP merges a ProofP into the ProofD.

func (*ProofD) SecretKeyResponse 

func (p *ProofD) SecretKeyResponse() *big.Int

SecretKeyResponse returns the secret key response (as part of Proof interface).

func (*ProofD) Verify 

func (p *ProofD) Verify(pk *gabikeys.PublicKey, context, nonce1 *big.Int, issig bool) bool

Verify verifies the proof against the given public key, context, and nonce.

func (*ProofD) VerifyWithChallenge 

func (p *ProofD) VerifyWithChallenge(pk *gabikeys.PublicKey, reconstructedChallenge *big.Int) bool

VerifyWithChallenge verifies the proof against the given public key and the provided reconstructed challenge.

type ProofList 

type ProofList []Proof

ProofList represents a list of (typically bound) proofs.

func (ProofList) GetFirstProofU 

func (pl ProofList) GetFirstProofU() (*ProofU, error)

GetFirstProofU returns the first ProofU in this proof list

func (ProofList) GetProofU 

func (pl ProofList) GetProofU(n int) (*ProofU, error)

GetProofU returns the n'th ProofU in this proof list.

func (*ProofList) UnmarshalJSON 

func (pl *ProofList) UnmarshalJSON(bytes []byte) error

UnmarshalJSON implements json.Unmarshaler (json's default unmarshaler is unable to handle a list of interfaces).

func (ProofList) Verify 

func (pl ProofList) Verify(publicKeys []*gabikeys.PublicKey, context, nonce *big.Int, issig bool, keyshareServers []string) bool

Verify returns true when all the proofs inside verify. The keyshareServers parameter is used to indicate which proofs should be verified to share the same secret key: when two proofs share the same keyshare server (or none), so that they should have the same secret key, they should have identical entries (index-wise) in keyshareServers. Pass nil if all proofs should have the same secret key (i.e. it should be verified that all proofs use either none, or one and the same keyshare server). An empty ProofList is not considered valid.

type ProofP 

type ProofP struct {
	P         *big.Int `json:"P,omitempty"`
	C         *big.Int `json:"c"`
	SResponse *big.Int `json:"s_response"`
}

ProofP is a keyshare server's knowledge of its part of the secret key.

func KeyshareResponse 

func KeyshareResponse[T comparable](
	secret *big.Int,
	randomizer *big.Int,
	commRequest KeyshareCommitmentRequest,
	responseRequest KeyshareResponseRequest[T],
	keys map[T]*gabikeys.PublicKey,
) (*ProofP, error)

KeyshareResponse generates the keyshare response, using the keyshare secret and the user's input in the keyshare protocol so far.

func KeyshareResponseLegacy 

func KeyshareResponseLegacy(secret, commit, challenge *big.Int, key *gabikeys.PublicKey) *ProofP

KeyshareResponseLegacy generates the keyshare response for a given challenge and commit, given a secret, in the legacy keyshare protocol.

type ProofPCommitment 

type ProofPCommitment struct {
	P       *big.Int
	Pcommit *big.Int
}

ProofPCommitment is a keyshare server's first message in its proof of knowledge of its part of the secret key.

func NewKeyshareCommitments 

func NewKeyshareCommitments(secret *big.Int, keys []*gabikeys.PublicKey) (*big.Int, []*ProofPCommitment, error)

NewKeyshareCommitments generates commitments for the keyshare server for given set of keys

type ProofS 

type ProofS struct {
	C         *big.Int `json:"c"`
	EResponse *big.Int `json:"e_response"`
}

ProofS represents a proof.

func (*ProofS) Verify 

func (p *ProofS) Verify(pk *gabikeys.PublicKey, signature *CLSignature, context, nonce *big.Int) bool

Verify verifies the proof against the given public key, signature, context, and nonce.

type ProofU 

type ProofU struct {
	U              *big.Int         `json:"U"`
	C              *big.Int         `json:"c"`
	VPrimeResponse *big.Int         `json:"v_prime_response"`
	SResponse      *big.Int         `json:"s_response"`
	MUserResponses map[int]*big.Int `json:"m_user_responses,omitempty"`
}

ProofU represents a proof of correctness of the commitment in the first phase of the issuance protocol.

func (*ProofU) Challenge 

func (p *ProofU) Challenge() *big.Int

Challenge returns the challenge in the proof (part of the Proof interface).

func (*ProofU) ChallengeContribution 

func (p *ProofU) ChallengeContribution(pk *gabikeys.PublicKey) ([]*big.Int, error)

ChallengeContribution returns the contribution of this proof to the challenge.

func (*ProofU) MergeProofP 

func (p *ProofU) MergeProofP(proofP *ProofP, pk *gabikeys.PublicKey)

func (*ProofU) RemoveKeyshareP 

func (p *ProofU) RemoveKeyshareP(b *CredentialBuilder)

func (*ProofU) SecretKeyResponse 

func (p *ProofU) SecretKeyResponse() *big.Int

SecretKeyResponse returns the secret key response (as part of Proof interface).

func (*ProofU) Verify 

func (p *ProofU) Verify(pk *gabikeys.PublicKey, context, nonce *big.Int) bool

Verify verifies whether the proof is correct.

func (*ProofU) VerifyWithChallenge 

func (p *ProofU) VerifyWithChallenge(pk *gabikeys.PublicKey, reconstructedChallenge *big.Int) bool

VerifyWithChallenge verifies whether the proof is correct.

Source Files

View all Source files

Directories

Path Synopsis
Package big contains a mostly API-compatible "math/big".Int that JSON-marshals to and from Base64.
 Package big contains a mostly API-compatible "math/big".Int that JSON-marshals to and from Base64.
internal
common
Package keyproof ------------ INTRODUCTION ------------ This sublibrary implements functionality for creating and verifying zero knowledge attestations of proper generation of idemix keys.
 Package keyproof ------------ INTRODUCTION ------------ This sublibrary implements functionality for creating and verifying zero knowledge attestations of proper generation of idemix keys.
Package revocation implements the RSA-B accumulator and associated zero knowledge proofs, introduced in "Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials", Jan Camenisch and Anna Lysyanskaya, CRYPTO 2002, DOI https://doi.org/10.1007/3-540-45708-9_5, http://static.cs.brown.edu/people/alysyans/papers/camlys02.pdf, and "Accumulators with Applications to Anonymity-Preserving Revocation", Foteini Baldimtsi et al, IEEE 2017, DOI https://doi.org/10.1109/EuroSP.2017.13, https://eprint.iacr.org/2017/043.pdf.
 Package revocation implements the RSA-B accumulator and associated zero knowledge proofs, introduced in "Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials", Jan Camenisch and Anna Lysyanskaya, CRYPTO 2002, DOI https://doi.org/10.1007/3-540-45708-9_5, http://static.cs.brown.edu/people/alysyans/papers/camlys02.pdf, and "Accumulators with Applications to Anonymity-Preserving Revocation", Foteini Baldimtsi et al, IEEE 2017, DOI https://doi.org/10.1109/EuroSP.2017.13, https://eprint.iacr.org/2017/043.pdf.
Package safeprime computes safe primes, i.e.
 Package safeprime computes safe primes, i.e.
Package signed contains (1) convenience functions for ECDSA private and public key handling, and for signing and verifying byte slices with ECDSA; (2) functions for marshaling structs to signed bytes, and verifying and unmarshaling signed bytes back to structs.
 Package signed contains (1) convenience functions for ECDSA private and public key handling, and for signing and verifying byte slices with ECDSA; (2) functions for marshaling structs to signed bytes, and verifying and unmarshaling signed bytes back to structs.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.