From 79de52bece59e84d6641a94afed6ef5f7b6f098c Mon Sep 17 00:00:00 2001
From: Joe Crayne <joe@jerkface.net>
Date: Fri, 15 Nov 2019 09:21:15 -0500
Subject: XEd25519 signature creation.

---
 Data/OpenPGP/Util/Gen.hs  |  1 +
 Data/OpenPGP/Util/Sign.hs | 29 +++++++++++++++++++++++++----
 2 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/Data/OpenPGP/Util/Gen.hs b/Data/OpenPGP/Util/Gen.hs
index c33ef1e..babd12d 100644
--- a/Data/OpenPGP/Util/Gen.hs
+++ b/Data/OpenPGP/Util/Gen.hs
@@ -40,6 +40,7 @@ genKeyAlg :: GenerateKeyParams -> KeyAlgorithm
 genKeyAlg (GenRSA _)      = RSA
 genKeyAlg (GenDSA _)      = DSA
 genKeyAlg (GenEd25519 {}) = Ed25519
+genKeyAlg (GenCv25519 {}) = ECC
 
 -- | Generate a secret key pgp packet from system entropy.
 generateKey :: GenerateKeyParams -> IO Packet
diff --git a/Data/OpenPGP/Util/Sign.hs b/Data/OpenPGP/Util/Sign.hs
index 085d545..c586b60 100644
--- a/Data/OpenPGP/Util/Sign.hs
+++ b/Data/OpenPGP/Util/Sign.hs
@@ -17,17 +17,22 @@ import Data.Time.Clock.POSIX
 #endif
 import Control.Exception as Exception (IOException(..),catch)
 
-import Data.OpenPGP.Util.Ed25519
-import Data.OpenPGP.Util.Fingerprint (fingerprint)
-import Data.OpenPGP.Util.Gen
-
 import qualified Crypto.Random as Vincent
 import qualified Crypto.PubKey.DSA as Vincent.DSA
 import qualified Crypto.PubKey.RSA as Vincent.RSA
 import qualified Crypto.PubKey.RSA.PKCS15 as Vincent.RSA
 import qualified Crypto.PubKey.ECC.ECDSA as Vincent.ECDSA
+import qualified Crypto.PubKey.Curve25519 as Cv25519
 
+import qualified Data.ByteArray as BA
+import Crypto.XEd25519 as Xed25519
+import Data.OpenPGP.Util.Ed25519
+import Data.OpenPGP.Util.Cv25519
+import Data.OpenPGP.Util.Fingerprint (fingerprint)
+import Data.OpenPGP.Util.Gen
 import Data.OpenPGP.Util.Base
+import Data.OpenPGP.Internal
+
 
 privateECDSAkey :: OpenPGP.Packet -> Vincent.ECDSA.PrivateKey
 privateECDSAkey k = Vincent.ECDSA.PrivateKey curve d
@@ -52,6 +57,19 @@ privateRSAkey k =
     q = keyParam 'q' k
     pubkey = rsaKey k
 
+xed25519Sign :: Vincent.MonadRandom m =>
+                Cv25519.SecretKey
+                -> OpenPGP.HashAlgorithm
+                -> BS.ByteString
+                -> m [Integer]
+xed25519Sign cv25519key hsh dta = do
+    let hashbs = hashBySymbol hsh $ LZ.fromChunks [dta]
+        (sec,pub) = Xed25519.toSigningKeyPair cv25519key
+    nonce <- Vincent.getRandomBytes 32
+    let sig = Xed25519.sign hashbs nonce sec pub
+        (rbs,sbs) = BS.splitAt 32 $ BA.convert sig
+    return [ getBigNum rbs, getBigNum sbs ]
+
 -- | Make a signature
 --
 -- In order to set more options on a signature, pass in a signature packet.
@@ -71,6 +89,9 @@ unsafeSign keys over hsh keyid timestamp g = (over {OpenPGP.signatures_over = [s
         OpenPGP.DSA -> ([dsaR, dsaS], dsaG)
         OpenPGP.ECDSA -> ([ecdsaR,ecdsaS],ecdsaG)
         OpenPGP.Ed25519 -> (ed25519Sign k hsh dta, g)
+        OpenPGP.ECC | oid_cv25519 == keyParam 'c' k
+                    , Just cvk <- privateCv25519Key k
+                        -> Vincent.withDRG g $ xed25519Sign cvk hsh dta
         kalgo | kalgo `elem` [OpenPGP.RSA,OpenPGP.RSA_S] -> ([toNum rsaFinal], g)
               | otherwise ->
             error ("Unsupported key algorithm " ++ show kalgo ++ " in sign")
-- 
cgit v1.2.3