Module ECDH
Elliptic Curve Diffie-Hellman encryption (ECDH)
Asymmetric public/private key encryption technologies.
ECDH encryption and ECDSA signing functionalities are provided by this module. New keyring instances are instantiated by calling the new() method, keys can be imported using the
Alice = ECDH.new()
Bob = ECDH.new()
One can create more keyrings in the same script and call them with meaningful variable names to help making code more understandable. Each keyring instance offers methods prefixed with a double-colon that operate on arguments as well keys contained by the keyring: this way scripting can focus on the identities represented by each keyring, giving them names as 'Alice' or 'Bob'.
Info:
- Copyright: Dyne.org foundation 2017-2020
- License: AGPLv3
- Author: Denis "Jaromil" Roio
Class keyring
| keyring:keygen () | Generate an ECDH public/private key pair for a keyring
Keys generated are both returned and stored inside the keyring. |
| keyring:xy () | Returns X and Y coordinates of a public key |
| keyring:pubgen (key) | Imports a private key inside an ECDH keyring. |
| keyring:sign (message) | Elliptic Curve Digital Signature Algorithm (ECDSA) signing function. |
| keyring:verify (message, signature) | Elliptic Curve Digital Signature Algorithm (ECDSA) verification function. |
Class keyring
- keyring:keygen ()
-
Generate an ECDH public/private key pair for a keyring
Keys generated are both returned and stored inside the keyring. They can also be retrieved later using the ??? and ??? methods. ()
Returns:
- OCTET public key
- OCTET private key
- keyring:xy ()
-
Returns X and Y coordinates of a public key (public_key)
Returns:
- OCTET coordinate X of public key
- OCTET coordinate Y of public key
- keyring:pubgen (key)
-
Imports a private key inside an ECDH keyring.
This is a get/set method working both ways: without argument it returns the private key of a keyring, or if an OCTET argument is provided it is imported as private key inside the keyring and used to derivate its corresponding public key.
If the keyring contains already any key, it will refuse to overwrite them and return an error. (key)
Parameters:
- key [opt] octet of a private key to be imported
- keyring:sign (message)
-
Elliptic Curve Digital Signature Algorithm (ECDSA) signing
function. This method uses the private key inside a keyring to sign
a message, returning a signature to be used in keyring:verify.
(kp.private, message)
Parameters:
- message string or OCTET message to sign
Returns:
-
table containing signature parameters octets (r,s)
Usage:
kp = ECDH.keygen() -- generate keys or import them m = "Message to be signed" signature = ECDH.sign(kp.private, m) assert( ECDH.verify(kp.public, m, signature) )
- keyring:verify (message, signature)
-
Elliptic Curve Digital Signature Algorithm (ECDSA) verification
function. This method uses the public key inside a keyring to verify
a message, returning true or false. The signature parameters are
returned as 'r' and 's' in this same order by keyring:sign.
(kp.public, message,signature)
Parameters:
- message the message whose signature has to be verified
- signature the signature table returned by keyring:sign
Returns:
-
true if the signature is OK, or false if not.
See also: