-
Notifications
You must be signed in to change notification settings - Fork 20.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ECIES with ECDSA keys from the Go standard library? #29744
Comments
Are you compiling both tests with the same go version ? Tagged this as triage, as we should have a discussion about ecies imo. We should in my opinion make it very clear that our ecies implementation should not be used or imported by 3rd parties, since we don't have the capabilities to properly maintain it atm |
I remember there was a change recently that required us to explicitly set the curve in the marshalling and unmarshalling operations edit: #28946 |
After more digging: Its because If you want to use |
Right, thanks. But then, why does this line exlicitly reference |
It used to work out of the box, but unfortunately due to the changes in go 1.22, it doesn't work without marshalling anymore |
Since #28946, in particular commit ab49f22, the
Encrypt()
andDecrypt()
functions in thecrypto/ecies
require the public keys to implement thecrypto.EllipticCurve
interface, otherwise they returnecies.ErrInvalidCurve
. Consequentially, since this change theecies
package no longer accepts ECDSA keys as returned by the Go standard library, e.g. generated withecdsa.GenerateKey(elliptic.P256(), rand.Reader)
, since those do not implementcrypto.EllipticCurve
. This used to work fine in versions v1.13.x, as shown by the following test, which works in v1.13.x and fails in v1.14.x:At the same time, in the
ecies
package the functionsExportECDSA()
,ImportECDSA()
andImportECDSAPublic()
for importingecdsa.PublicKey
andecdsa.PrivateKey
instances still exist. Those sort of suggest that using ordinary ECDSA keys (i.e. P256 keys from the Go standard library) should work, as well as these ECIES parameters being set up for the P256 curve from the standard library.Should using ECDSA keys from the Go standard library work? In other words, is it a bug that the above test fails?
The text was updated successfully, but these errors were encountered: