CODEWITHSUNDEEP
gocryptography
Puneet Jindal
Puneet Jindal

Reputation: 117

How to use static string as of private key to sign the message?

I'm using crypto package to signing the data using below code. The DSA in the package is ed25519 . In this code I want to using a static private key which is generated by other service(node js) into sign function which mention in the code.I have tried it but showing me the error

cannot convert "3ef8cc42c5c5ed0f7a11ef2045da509ed175074223c6ee1a6acc71c15b2a8a8a" (untyped string constant) to [64]byte

CODE

package main

import (
    "log"

    crypto "golang.org/x/crypto/nacl/sign"
)

func main() {

    signedData := crypto.Sign(nil, []byte("hello"), *[64]byte("3ef8cc42c5c5ed0f7a11ef2045da509ed175074223c6ee1a6acc71c15b2a8a8a"))
    log.Println(string(signedData))
    log.Println(signedData)

}

Can anyone help me in this? library link

Upvotes: 0

Views: 640

Answers (1)

Topaco
Topaco

Reputation: 49415

Your key is (hex decoded) only 32 bytes and is only the seed, you have to append the 32 bytes public key, s. here:

3ef8cc42c5c5ed0f7a11ef2045da509ed175074223c6ee1a6acc71c15b2a8a8ae2f5b5f7c272360a8292b796c1dc28e8b15f415c9c3680bcae927dda3458261b

and hex decode the full key. Overall:

import (
    "encoding/hex"
    "log"
    crypto "golang.org/x/crypto/nacl/sign"
)

func main() {

    decoded, _ := hex.DecodeString("3ef8cc42c5c5ed0f7a11ef2045da509ed175074223c6ee1a6acc71c15b2a8a8ae2f5b5f7c272360a8292b796c1dc28e8b15f415c9c3680bcae927dda3458261b")
    var key [64]byte
    copy(key[:], decoded)
    signedData := crypto.Sign(nil, []byte("hello"), &key)
    log.Println(string(signedData))
    log.Println(hex.EncodeToString(signedData))
}

The code gives for the hex encoded signature:

560f119fd68a647eb9ff10fa83fff71713e377d041c7b076873bed767ed15bae74ff7822764636bfadc2afc4f430e93f32df6c7ba8b904f6055fc9b32fe85f0268656c6c6f

where the message 68656c6c6f is attached.

You can e.g. use this online tool and generate a signature for the same key and the same message. Since Ed25519 is deterministic, the same signature is always generated for the same input data. The test shows that both signatures match, so the above code is successfully tested.
Note that the tool does not append the message and that it uses Base64 encoded data for key and signature.

Upvotes: 2

Related Questions