From 7a4f938a55fc22c9fc83b08465aadd9a2d6e9388 Mon Sep 17 00:00:00 2001 From: pilcrowOnPaper Date: Sat, 21 Sep 2024 19:54:32 +0900 Subject: [PATCH] add ecdsa page --- malta.config.json | 6 +++ pages/cryptography/ecdsa.md | 83 +++++++++++++++++++++++++++++++++++++ 2 files changed, 89 insertions(+) create mode 100644 pages/cryptography/ecdsa.md diff --git a/malta.config.json b/malta.config.json index 387c0f4..88a9798 100644 --- a/malta.config.json +++ b/malta.config.json @@ -20,6 +20,12 @@ ["Open redirect", "/open-redirect"] ] }, + { + "title": "Cryptography", + "pages": [ + ["ECDSA", "/cryptography/ecdsa"] + ] + }, { "title": "Links", "pages": [ diff --git a/pages/cryptography/ecdsa.md b/pages/cryptography/ecdsa.md new file mode 100644 index 0000000..24e77e1 --- /dev/null +++ b/pages/cryptography/ecdsa.md @@ -0,0 +1,83 @@ +--- +title: "Elliptic curve digital signature algorithm (ECDSA)" +--- + +# Elliptic curve digital signature algorithm (ECDSA) + +ECDSA is a digital signature algorithm using elliptic-curve cryptography. A private key is used to sign a message and a public key is used verify the signature. + +The message is hashed with algorithms like SHA-256 before signing. + +```go +import ( + "crypto/ecdsa" + "crypto/rand" + "crypto/sha256" +) + +msg := "Hello world!" +hash := sha256.Sum256([]byte(msg)) +signature, err := ecdsa.SignASN1(rand.Reader, privateKey, hash[:]) +``` + +## Signatures + +ECDSA signatures are represented using a pair of positive integers, (r, s). + +### IEEE P1363 + +In the IEEE P1363 format, the signature is the concatenation of r and s. The values are encoded as big-endian bytes with a size equivalent to the curve size. For example, P-256 is 256 bits or 32 bytes in size. + +```ts +r || s; +``` + +### PKIX + +In [RFC 5480](https://datatracker.ietf.org/doc/html/rfc5480) by the PKIX working group, the signature is ASN.1 DER encoded sequence of r and s. + +``` +SEQUENCE { + r INTEGER, + s INTEGER +} +``` + +## Public keys + +ECDSA public keys are represented as a pair of positive integers, (x, y). + +### SEC1 + +In SEC 1, which defines ECDSA, public keys can either be uncompressed or compressed. Uncompressed keys are the concatenation of x and y, with a leading `0x04` byte. The values are encoded as big-endian bytes with a size equivalent to the curve size. For example, P-256 is 256 bits or 32 bytes in size. + +``` +0x04 || x || y +``` + +Compressed keys are the x value with a leading `0x02` if x is even or `0x03` byte if odd. The y value can be calculated from x and the curve. + +``` +0x02 || x +0x03 || x +``` + +### PKIX + +In [RFC 5480](https://datatracker.ietf.org/doc/html/rfc5480) by the PKIX working group, the public key is represented as a `SubjectPublicKeyInfo` ASN.1 sequence. The `subjectPublicKey` is either the compressed or uncompressed SEC1 public key. + +``` +SubjectPublicKeyInfo := SEQUENCE { + algorithm AlgorithmIdentifier, + subjectPublicKey BIT STRING +} +``` + +The `AlgorithmIdentifier` for ECDSA is an ASN.1 sequence with the ECDSA object identifier (`1.2.840.10045.2.1`) and the curve (e.g. `1.2.840.10045.3.1.7` for P-256 curve) + +``` +AlgorithmIdentifier := SEQUENCE { + algorithm OBJECT IDENTIFIER + namedCurve OBJECT IDENTIFIER +} +```