# Package ecdsa

Package ecdsa implements the Elliptic Curve Digital Signature Algorithm, as
defined in FIPS 186-3.

This implementation derives the nonce from an AES-CTR CSPRNG keyed by
ChopMD(256, SHA2-512(priv.D || entropy || hash)). The CSPRNG key is IRO by
a result of Coron; the AES-CTR stream is IRO under standard assumptions.

- func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)
- func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool
- type PrivateKey
- func GenerateKey(c elliptic.Curve, rand io.Reader) (*PrivateKey, error)
- func (priv *PrivateKey) Public() crypto.PublicKey
- func (priv *PrivateKey) Sign(rand io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)
- type PublicKey

#### Package files

ecdsa.go

In the call graph viewer below, each node
is a function belonging to this package
and its children are the functions it
calls—perhaps dynamically.

The root nodes are the entry points of the
package: functions that may be called from
outside the package.
There may be non-exported or anonymous
functions among them if they are called
dynamically from another package.

Click a node to visit that function's source code.
From there you can visit its callers by
clicking its declaring `func`

token.

Functions may be omitted if they were
determined to be unreachable in the
particular programs or tests that were
analyzed.

func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)

Sign signs a hash (which should be the result of hashing a larger message)
using the private key, priv. If the hash is longer than the bit-length of the
private key's curve order, the hash will be truncated to that length. It
returns the signature as a pair of integers. The security of the private key
depends on the entropy of rand.

▾ Internal call graph

This viewer shows the portion of the internal call
graph of this package that is reachable from this function.
See the package's call
graph for more information.

func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool

Verify verifies the signature in r, s of hash using the public key, pub. Its
return value records whether the signature is valid.

▾ Internal call graph

This viewer shows the portion of the internal call
graph of this package that is reachable from this function.
See the package's call
graph for more information.

PrivateKey represents a ECDSA private key.

type PrivateKey struct {
PublicKey
D *big.Int
}

func GenerateKey(c elliptic.Curve, rand io.Reader) (*PrivateKey, error)

GenerateKey generates a public and private key pair.

▾ Internal call graph

This viewer shows the portion of the internal call
graph of this package that is reachable from this function.
See the package's call
graph for more information.

### func (*PrivateKey) Public
¶

func (priv *PrivateKey) Public() crypto.PublicKey

Public returns the public key corresponding to priv.

▾ Internal call graph

This viewer shows the portion of the internal call
graph of this package that is reachable from this function.
See the package's call
graph for more information.

### func (*PrivateKey) Sign
¶

func (priv *PrivateKey) Sign(rand io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)

Sign signs msg with priv, reading randomness from rand. This method is
intended to support keys where the private part is kept in, for example, a
hardware module. Common uses should use the Sign function in this package
directly.

▾ Internal call graph

This viewer shows the portion of the internal call
graph of this package that is reachable from this function.
See the package's call
graph for more information.

PublicKey represents an ECDSA public key.

type PublicKey struct {
elliptic.Curve
X, Y *big.Int
}