pkcrypto: use ASN1 funcs

                                  │     OLD     │                NEW                 │
                                  │   sec/op    │   sec/op     vs base               │
VerifyUplinkOrderSignature-32       75.74µ ± 1%   75.05µ ± 1%  -0.91% (p=0.009 n=10)
VerifyUplinkPieceHashSignature-32   77.60µ ± 1%   76.63µ ± 3%       ~ (p=0.089 n=10)
VerifyOrderLimitSignature-32        86.57µ ± 1%   83.32µ ± 0%  -3.76% (p=0.000 n=10)
geomean                             79.83µ        78.25µ       -1.98%

                                  │     OLD      │                  NEW                   │
                                  │     B/op     │     B/op      vs base                  │
VerifyUplinkOrderSignature-32         776.0 ± 0%     776.0 ± 0%        ~ (p=1.000 n=10) ¹
VerifyUplinkPieceHashSignature-32     992.0 ± 0%     992.0 ± 0%        ~ (p=1.000 n=10) ¹
VerifyOrderLimitSignature-32        2.742Ki ± 0%   2.000Ki ± 0%  -27.07% (p=0.000 n=10)
geomean                             1.263Ki        1.137Ki        -9.99%
¹ all samples are equal

                                  │    OLD     │                 NEW                  │
                                  │ allocs/op  │ allocs/op   vs base                  │
VerifyUplinkOrderSignature-32       20.00 ± 0%   20.00 ± 0%        ~ (p=1.000 n=10) ¹
VerifyUplinkPieceHashSignature-32   24.00 ± 0%   24.00 ± 0%        ~ (p=1.000 n=10) ¹
VerifyOrderLimitSignature-32        65.00 ± 0%   43.00 ± 0%  -33.85% (p=0.000 n=10)
geomean                             31.48        27.43       -12.87%

Change-Id: I4f643e446f8af7e47416bcea87f9b4e921396cb4

Author: egonelbre

pkcrypto/encoding.go

@@ -6,10 +6,8 @@ package pkcrypto
 import (
 	"crypto"
 	"crypto/x509"
-	"encoding/asn1"
 	"encoding/pem"
 	"io"
-	"math/big"
 
 	"github.com/zeebo/errs"
 )
@@ -208,22 +206,6 @@ func (e *encodedChain) Parse() ([]*x509.Certificate, error) {
 	return chain, nil
 }
 
-type ecdsaSignature struct {
-	R, S *big.Int
-}
-
-func marshalECDSASignature(r, s *big.Int) ([]byte, error) {
-	return asn1.Marshal(ecdsaSignature{R: r, S: s})
-}
-
-func unmarshalECDSASignature(signatureBytes []byte) (r, s *big.Int, err error) {
-	var signature ecdsaSignature
-	if _, err = asn1.Unmarshal(signatureBytes, &signature); err != nil {
-		return nil, nil, err
-	}
-	return signature.R, signature.S, nil
-}
-
 // ecPrivateKeyFromASN1 parses a private key from the special Elliptic Curve
 // Private Key ASN.1 structure. This is here only for backward compatibility.
 // Use PKCS#8 instead.

pkcrypto/signing.go

@@ -79,11 +79,7 @@ func verifyECDSASignatureWithoutHashing(pubKey *ecdsa.PublicKey, digest, signatu
 	race2.ReadSlice(digest)
 	race2.ReadSlice(signatureBytes)
 
-	r, s, err := unmarshalECDSASignature(signatureBytes)
-	if err != nil {
-		return ErrVerifySignature.New("unable to unmarshal ecdsa signature: %v", err)
-	}
-	if !ecdsa.Verify(pubKey, digest, r, s) {
+	if !ecdsa.VerifyASN1(pubKey, digest, signatureBytes) {
 		return ErrVerifySignature.New("signature is not valid")
 	}
 	return nil
@@ -165,11 +161,8 @@ func VerifyHMACSHA256(privKey crypto.PrivateKey, data, signature []byte) error {
 func signECDSAWithoutHashing(privKey *ecdsa.PrivateKey, digest []byte) ([]byte, error) {
 	race2.ReadSlice(digest)
 
-	r, s, err := ecdsa.Sign(rand.Reader, privKey, digest)
-	if err != nil {
-		return nil, ErrSign.Wrap(err)
-	}
-	return marshalECDSASignature(r, s)
+	sig, err := ecdsa.SignASN1(rand.Reader, privKey, digest)
+	return sig, ErrSign.Wrap(err)
 }
 
 func signRSAWithoutHashing(privKey *rsa.PrivateKey, digest []byte) ([]byte, error) {