ecdh package - crypto/ecdh - Go Packages
Package ecdh implements Elliptic Curve Diffie-Hellman over NIST curves and Curve25519.
This section is empty.
This section is empty.
This section is empty.
P256 returns a Curve which implements NIST P-256 (FIPS 186-3, section D.2.3), also known as secp256r1 or prime256v1.
Multiple invocations of this function will return the same value, which can be used for equality checks and switch statements.
P384 returns a Curve which implements NIST P-384 (FIPS 186-3, section D.2.4), also known as secp384r1.
Multiple invocations of this function will return the same value, which can be used for equality checks and switch statements.
P521 returns a Curve which implements NIST P-521 (FIPS 186-3, section D.2.5), also known as secp521r1.
Multiple invocations of this function will return the same value, which can be used for equality checks and switch statements.
X25519 returns a Curve which implements the X25519 function over Curve25519 (RFC 7748, Section 5).
Multiple invocations of this function will return the same value, so it can be used for equality checks and switch statements.
type KeyExchanger interface {
PublicKey() *PublicKey
Curve() Curve
ECDH(*PublicKey) ([]byte, error)
}
KeyExchanger is an interface for an opaque private key that can be used for key exchange operations. For example, an ECDH key kept in a hardware module.
It is implemented by PrivateKey.
type PrivateKey struct {
}
PrivateKey is an ECDH private key, usually kept secret.
These keys can be parsed with crypto/x509.ParsePKCS8PrivateKey and encoded with crypto/x509.MarshalPKCS8PrivateKey. For NIST curves, they then need to be converted with crypto/ecdsa.PrivateKey.ECDH after parsing.
func (k *PrivateKey) Bytes() []byte
Bytes returns a copy of the encoding of the private key.
func (k *PrivateKey) Curve() Curve
ECDH performs an ECDH exchange and returns the shared secret. The PrivateKey and PublicKey must use the same curve.
For NIST curves, this performs ECDH as specified in SEC 1, Version 2.0, Section 3.3.1, and returns the x-coordinate encoded according to SEC 1, Version 2.0, Section 2.3.5. The result is never the point at infinity. This is also known as the Shared Secret Computation of the Ephemeral Unified Model scheme specified in NIST SP 800-56A Rev. 3, Section 6.1.2.2.
For X25519, this performs ECDH as specified in RFC 7748, Section 6.1. If the result is the all-zero value, ECDH returns an error.
Equal returns whether x represents the same private key as k.
Note that there can be equivalent private keys with different encodings which would return false from this check but behave the same way as inputs to [ECDH].
This check is performed in constant time as long as the key types and their curve match.
Public implements the implicit interface of all standard library private keys. See the docs of crypto.PrivateKey.
func (k *PrivateKey) PublicKey() *PublicKey
type PublicKey struct {
}
PublicKey is an ECDH public key, usually a peer's ECDH share sent over the wire.
These keys can be parsed with crypto/x509.ParsePKIXPublicKey and encoded with crypto/x509.MarshalPKIXPublicKey. For NIST curves, they then need to be converted with crypto/ecdsa.PublicKey.ECDH after parsing.
Equal returns whether x represents the same public key as k.
Note that there can be equivalent public keys with different encodings which would return false from this check but behave the same way as inputs to ECDH.
This check is performed in constant time as long as the key types and their curve match.