XEd25519 signature creation.

author: Joe Crayne <joe@jerkface.net> 2019-11-15 09:21:15 -0500
committer: Joe Crayne <joe@jerkface.net> 2019-11-15 13:51:43 -0500
commit: 79de52bece59e84d6641a94afed6ef5f7b6f098c (patch)
tree: 862e86a51bb0b78ecd06b359b385bd29c9ab0ab1
parent: 713295a4ac808cc4bb1eb1f7be78d79d70dc6cd1 (diff)
2 files changed, 26 insertions, 4 deletions
diff --git a/Data/OpenPGP/Util/Gen.hs b/Data/OpenPGP/Util/Gen.hs
index c33ef1e..babd12d 100644
--- a/Data/OpenPGP/Util/Gen.hs
+++ b/Data/OpenPGP/Util/Gen.hs
@@ -40,6 +40,7 @@ genKeyAlg :: GenerateKeyParams -> KeyAlgorithm
 genKeyAlg (GenRSA _)      = RSA
 genKeyAlg (GenDSA _)      = DSA
 genKeyAlg (GenEd25519 {}) = Ed25519
+genKeyAlg (GenCv25519 {}) = ECC
 -- | Generate a secret key pgp packet from system entropy.
 generateKey :: GenerateKeyParams -> IO Packet
diff --git a/Data/OpenPGP/Util/Sign.hs b/Data/OpenPGP/Util/Sign.hs
index 085d545..c586b60 100644
--- a/Data/OpenPGP/Util/Sign.hs
+++ b/Data/OpenPGP/Util/Sign.hs
@@ -17,17 +17,22 @@ import Data.Time.Clock.POSIX
 #endif
 import Control.Exception as Exception (IOException(..),catch)
-import Data.OpenPGP.Util.Ed25519
-import Data.OpenPGP.Util.Fingerprint (fingerprint)
-import Data.OpenPGP.Util.Gen
 import qualified Crypto.Random as Vincent
 import qualified Crypto.PubKey.DSA as Vincent.DSA
 import qualified Crypto.PubKey.RSA as Vincent.RSA
 import qualified Crypto.PubKey.RSA.PKCS15 as Vincent.RSA
 import qualified Crypto.PubKey.ECC.ECDSA as Vincent.ECDSA
+import qualified Crypto.PubKey.Curve25519 as Cv25519
+import qualified Data.ByteArray as BA
+import Crypto.XEd25519 as Xed25519
+import Data.OpenPGP.Util.Ed25519
+import Data.OpenPGP.Util.Cv25519
+import Data.OpenPGP.Util.Fingerprint (fingerprint)
+import Data.OpenPGP.Util.Gen
 import Data.OpenPGP.Util.Base
+import Data.OpenPGP.Internal
 privateECDSAkey :: OpenPGP.Packet -> Vincent.ECDSA.PrivateKey
 privateECDSAkey k = Vincent.ECDSA.PrivateKey curve d
@@ -52,6 +57,19 @@ privateRSAkey k =
    q = keyParam 'q' k
    pubkey = rsaKey k
+xed25519Sign :: Vincent.MonadRandom m =>
+                Cv25519.SecretKey
+                -> OpenPGP.HashAlgorithm
+                -> BS.ByteString
+                -> m [Integer]
+xed25519Sign cv25519key hsh dta = do
+    let hashbs = hashBySymbol hsh $ LZ.fromChunks [dta]
+        (sec,pub) = Xed25519.toSigningKeyPair cv25519key
+    nonce <- Vincent.getRandomBytes 32
+    let sig = Xed25519.sign hashbs nonce sec pub
+        (rbs,sbs) = BS.splitAt 32 $ BA.convert sig
+    return [ getBigNum rbs, getBigNum sbs ]
 -- | Make a signature
 --
 -- In order to set more options on a signature, pass in a signature packet.
@@ -71,6 +89,9 @@ unsafeSign keys over hsh keyid timestamp g = (over {OpenPGP.signatures_over = [s
        OpenPGP.DSA -> ([dsaR, dsaS], dsaG)
        OpenPGP.ECDSA -> ([ecdsaR,ecdsaS],ecdsaG)
        OpenPGP.Ed25519 -> (ed25519Sign k hsh dta, g)
+        OpenPGP.ECC | oid_cv25519 == keyParam 'c' k
+                    , Just cvk <- privateCv25519Key k
+                        -> Vincent.withDRG g $ xed25519Sign cvk hsh dta
        kalgo | kalgo `elem` [OpenPGP.RSA,OpenPGP.RSA_S] -> ([toNum rsaFinal], g)
              | otherwise ->
            error ("Unsupported key algorithm " ++ show kalgo ++ " in sign")
author	Joe Crayne <joe@jerkface.net>	2019-11-15 09:21:15 -0500
committer	Joe Crayne <joe@jerkface.net>	2019-11-15 13:51:43 -0500
commit	79de52bece59e84d6641a94afed6ef5f7b6f098c (patch)
tree	862e86a51bb0b78ecd06b359b385bd29c9ab0ab1
parent	713295a4ac808cc4bb1eb1f7be78d79d70dc6cd1 (diff)