i2pd/libi2pd/Signature.cpp

#include <memory>
#include "Log.h"
#include "Signature.h"

namespace i2p
{
namespace crypto
{
	EDDSA25519Verifier::EDDSA25519Verifier (const uint8_t * signingKey)
	{
		memcpy (m_PublicKeyEncoded, signingKey, EDDSA25519_PUBLIC_KEY_LENGTH);
		BN_CTX * ctx = BN_CTX_new ();
		m_PublicKey = GetEd25519 ()->DecodePublicKey (m_PublicKeyEncoded, ctx);
		BN_CTX_free (ctx);
	}

	bool EDDSA25519Verifier::Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const
	{
		uint8_t digest[64];
		SHA512_CTX ctx;
		SHA512_Init (&ctx);
		SHA512_Update (&ctx, signature, EDDSA25519_SIGNATURE_LENGTH/2); // R
		SHA512_Update (&ctx, m_PublicKeyEncoded, EDDSA25519_PUBLIC_KEY_LENGTH); // public key
		SHA512_Update (&ctx, buf, len); // data
		SHA512_Final (digest, &ctx);

		return GetEd25519 ()->Verify (m_PublicKey, digest, signature);
	}

	EDDSA25519Signer::EDDSA25519Signer (const uint8_t * signingPrivateKey, const uint8_t * signingPublicKey)
	{
		// expand key
		Ed25519::ExpandPrivateKey (signingPrivateKey, m_ExpandedPrivateKey);
		// generate and encode public key
		BN_CTX * ctx = BN_CTX_new ();
		auto publicKey = GetEd25519 ()->GeneratePublicKey (m_ExpandedPrivateKey, ctx);
		GetEd25519 ()->EncodePublicKey (publicKey, m_PublicKeyEncoded, ctx);

		if (signingPublicKey && memcmp (m_PublicKeyEncoded, signingPublicKey, EDDSA25519_PUBLIC_KEY_LENGTH))
		{
			// keys don't match, it means older key with 0x1F
			LogPrint (eLogWarning, "Older EdDSA key detected");
			m_ExpandedPrivateKey[EDDSA25519_PRIVATE_KEY_LENGTH - 1] &= 0xDF; // drop third bit
			publicKey = GetEd25519 ()->GeneratePublicKey (m_ExpandedPrivateKey, ctx);
			GetEd25519 ()->EncodePublicKey (publicKey, m_PublicKeyEncoded, ctx);
		}
		BN_CTX_free (ctx);
	}

	void EDDSA25519Signer::Sign (const uint8_t * buf, int len, uint8_t * signature) const
	{
		GetEd25519 ()->Sign (m_ExpandedPrivateKey, m_PublicKeyEncoded, buf, len, signature);
	}
}
}
EdDSA signer added 2015-04-09 17:03:21 +03:00			`#include <memory>`
Decode point 2015-04-08 22:31:13 +03:00			`#include "Log.h"`
initial code for Ed25519 added 2015-04-08 20:21:49 +03:00			`#include "Signature.h"`

			`namespace i2p`
			`{`
			`namespace crypto`
			`{`
fixed race condition 2015-11-23 17:26:32 +03:00			`EDDSA25519Verifier::EDDSA25519Verifier (const uint8_t * signingKey)`
EdDSA signer added 2015-04-09 17:03:21 +03:00			`{`
remove trailing whitespaces 2018-01-06 06:48:51 +03:00			`memcpy (m_PublicKeyEncoded, signingKey, EDDSA25519_PUBLIC_KEY_LENGTH);`
fixed race condition 2015-11-23 17:26:32 +03:00			`BN_CTX * ctx = BN_CTX_new ();`
			`m_PublicKey = GetEd25519 ()->DecodePublicKey (m_PublicKeyEncoded, ctx);`
			`BN_CTX_free (ctx);`
EdDSA signer added 2015-04-09 17:03:21 +03:00			`}`

EdDSA signature type added 2015-04-08 23:28:52 +03:00			`bool EDDSA25519Verifier::Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const`
EdDSA signature type added 2015-04-08 23:18:16 +03:00			`{`
cumulative update from bitbucket 2015-11-03 17:15:49 +03:00			`uint8_t digest[64];`
moved BN_CTX creation to curve's Verify and Sign 2015-11-26 18:25:51 +03:00			`SHA512_CTX ctx;`
			`SHA512_Init (&ctx);`
			`SHA512_Update (&ctx, signature, EDDSA25519_SIGNATURE_LENGTH/2); // R`
			`SHA512_Update (&ctx, m_PublicKeyEncoded, EDDSA25519_PUBLIC_KEY_LENGTH); // public key`
remove trailing whitespaces 2018-01-06 06:48:51 +03:00			`SHA512_Update (&ctx, buf, len); // data`
moved BN_CTX creation to curve's Verify and Sign 2015-11-26 18:25:51 +03:00			`SHA512_Final (digest, &ctx);`
remove trailing whitespaces 2018-01-06 06:48:51 +03:00
moved BN_CTX creation to curve's Verify and Sign 2015-11-26 18:25:51 +03:00			`return GetEd25519 ()->Verify (m_PublicKey, digest, signature);`
EdDSA signer added 2015-04-09 17:03:21 +03:00			`}`

EdDSA keys compatible with Java 2017-01-08 05:20:09 +03:00			`EDDSA25519Signer::EDDSA25519Signer (const uint8_t * signingPrivateKey, const uint8_t * signingPublicKey)`
remove trailing whitespaces 2018-01-06 06:48:51 +03:00			`{`
cumulative update from bitbucket 2015-11-03 17:15:49 +03:00			`// expand key`
NTCP2 added 2018-06-05 19:53:13 +03:00			`Ed25519::ExpandPrivateKey (signingPrivateKey, m_ExpandedPrivateKey);`
cumulative update from bitbucket 2015-11-03 17:15:49 +03:00			`// generate and encode public key`
remove trailing whitespaces 2018-01-06 06:48:51 +03:00			`BN_CTX * ctx = BN_CTX_new ();`
fixed race condition 2015-11-23 17:26:32 +03:00			`auto publicKey = GetEd25519 ()->GeneratePublicKey (m_ExpandedPrivateKey, ctx);`
remove trailing whitespaces 2018-01-06 06:48:51 +03:00			`GetEd25519 ()->EncodePublicKey (publicKey, m_PublicKeyEncoded, ctx);`

EdDSA keys compatible with Java 2017-01-08 05:20:09 +03:00			`if (signingPublicKey && memcmp (m_PublicKeyEncoded, signingPublicKey, EDDSA25519_PUBLIC_KEY_LENGTH))`
			`{`
			`// keys don't match, it means older key with 0x1F`
			`LogPrint (eLogWarning, "Older EdDSA key detected");`
remove trailing whitespaces 2018-01-06 06:48:51 +03:00			`m_ExpandedPrivateKey[EDDSA25519_PRIVATE_KEY_LENGTH - 1] &= 0xDF; // drop third bit`
EdDSA keys compatible with Java 2017-01-08 05:20:09 +03:00			`publicKey = GetEd25519 ()->GeneratePublicKey (m_ExpandedPrivateKey, ctx);`
remove trailing whitespaces 2018-01-06 06:48:51 +03:00			`GetEd25519 ()->EncodePublicKey (publicKey, m_PublicKeyEncoded, ctx);`
EdDSA keys compatible with Java 2017-01-08 05:20:09 +03:00			`}`
fixed race condition 2015-11-23 17:26:32 +03:00			`BN_CTX_free (ctx);`
remove trailing whitespaces 2018-01-06 06:48:51 +03:00			`}`

cumulative update from bitbucket 2015-11-03 17:15:49 +03:00			`void EDDSA25519Signer::Sign (const uint8_t * buf, int len, uint8_t * signature) const`
EdDSA signer added 2015-04-09 17:03:21 +03:00			`{`
moved BN_CTX creation to curve's Verify and Sign 2015-11-26 18:25:51 +03:00			`GetEd25519 ()->Sign (m_ExpandedPrivateKey, m_PublicKeyEncoded, buf, len, signature);`
remove trailing whitespaces 2018-01-06 06:48:51 +03:00			`}`
initial code for Ed25519 added 2015-04-08 20:21:49 +03:00			`}`
			`}`