-
Notifications
You must be signed in to change notification settings - Fork 6
/
sign.c
96 lines (70 loc) · 1.63 KB
/
sign.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
// sign.c
// 2019-10-09 Markku-Juhani O. Saarinen <[email protected]>
// NIST PQC API interface for Ken MacKay's micro-ecc
#include <stdio.h>
#include <string.h>
#include "api.h"
#include "uECC.h"
#include "randombytes.h"
#if uECC_BYTES == 32
#include "sha2.h"
#define MY_SIGN_HASH(out, in, inlen) sha256(out, in, inlen);
#endif
#ifndef MY_SIGN_HASH
#error "No a hash algorithm mathing uECC_BYTES defined"
#endif
// uECC needs the RNG to return 1 on success
int fake_rng(uint8_t *dest, unsigned len)
{
randombytes(dest, len);
return 1;
}
// create a public-secret keypair
int crypto_sign_keypair(uint8_t *pk, uint8_t *sk)
{
uECC_set_rng(&fake_rng);
if (!uECC_make_key(pk, sk))
return -1;
return 0;
}
// sign a message
int crypto_sign(uint8_t *sm, size_t *smlen,
const uint8_t *m, size_t mlen,
const uint8_t *sk)
{
size_t i;
uint8_t hash[uECC_BYTES];
uECC_set_rng(&fake_rng);
// hash the message
MY_SIGN_HASH(hash, m, mlen);
// compute signature
if (!uECC_sign(sk, hash, sm))
return -1;
// copy message
*smlen = CRYPTO_BYTES + mlen;
for (i = 0; i < mlen; i++)
sm[CRYPTO_BYTES + i] = m[i];
return 0;
}
// verify a signature
int crypto_sign_open(uint8_t *m, size_t *mlen,
const uint8_t *sm, size_t smlen,
const uint8_t *pk)
{
size_t i, ml;
uint8_t hash[uECC_BYTES];
// message length
if (smlen < CRYPTO_BYTES)
return -1;
ml = smlen - CRYPTO_BYTES;
// hash the message
MY_SIGN_HASH(hash, &sm[CRYPTO_BYTES], ml);
// verify signature
if (!uECC_verify(pk, hash, sm))
return -1;
// copy message
*mlen = ml;
for (i = 0; i < ml; i++)
m[i] = sm[CRYPTO_BYTES + i];
return 0;
}