bool unit_test_crypto_sign(){ uint64_t len = HACL_UNIT_TESTS_SIZE * sizeof(uint8_t); uint8_t *plaintext = malloc(HACL_UNIT_TESTS_SIZE * sizeof (uint8_t)); uint8_t *expected_signed_msg = malloc((HACL_UNIT_TESTS_SIZE+64) * sizeof (uint8_t)); uint8_t *hacl_signed_msg = malloc((HACL_UNIT_TESTS_SIZE+64) * sizeof (uint8_t)); uint8_t sk[64], pk[32]; crypto_sign_keypair(pk, sk); READ_RANDOM_BYTES(len, plaintext); int a, res; bool pass = true; long long unsigned int smlen; for (int i = 0; i < 256; i++){ tweet_crypto_sign(expected_signed_msg, &smlen, plaintext, i, sk); crypto_sign(hacl_signed_msg, &smlen, plaintext, i, sk); a = memcmp(hacl_signed_msg, expected_signed_msg, (i+64) * sizeof(uint8_t)); if (a != 0){ pass = false; printf("crypto_sign failed on input of size %d\n", i); break; } res = crypto_sign_open(hacl_signed_msg, &smlen, expected_signed_msg, i + 64, pk); if (res != 0) { pass = false; printf("crypto_sign_open returned value failed on input of size %d\n", i); break; } a = memcmp(hacl_signed_msg, plaintext, i * sizeof(uint8_t)); if (a != 0){ pass = false; printf("crypto_sign_open failed on input of size %d\n", i); break; } } if (!pass) return pass; tweet_crypto_sign(expected_signed_msg, &smlen, plaintext, HACL_UNIT_TESTS_SIZE, sk); crypto_sign(hacl_signed_msg, &smlen, plaintext, HACL_UNIT_TESTS_SIZE, sk); a = memcmp(hacl_signed_msg, expected_signed_msg, (HACL_UNIT_TESTS_SIZE+64) * sizeof (uint8_t)); if (a != 0){ pass = false; printf("crypto_sign failed on input of size %d\n.", HACL_UNIT_TESTS_SIZE); } res = crypto_sign_open(hacl_signed_msg, &smlen, expected_signed_msg, HACL_UNIT_TESTS_SIZE + 64, pk); if (res != 0) { pass = false; printf("crypto_sign_open returned value failed on input of size %d\n", HACL_UNIT_TESTS_SIZE); } a = memcmp(hacl_signed_msg, plaintext, HACL_UNIT_TESTS_SIZE * sizeof(uint8_t)); if (a != 0){ pass = false; printf("crypto_sign_open failed on input of size %d\n", HACL_UNIT_TESTS_SIZE); } free(plaintext); free(hacl_signed_msg); free(expected_signed_msg); return pass; }
void create_file(char* filename) { unsigned int j; FILE *urandom = fopen("/dev/urandom", "r"); crypto_sign_keypair(pk, sk); for(j=0;j<MLEN;j++) mi[j] = fgetc(urandom); crypto_sign(sm, &smlen, mi, MLEN, sk); FILE *file; file=fopen(filename,"wb"); if(file == NULL) printf("Unable to open file!\n"); fwrite(pk, 1, CRYPTO_PUBLICKEYBYTES, file); fwrite(sm, 1, MLEN+CRYPTO_BYTES, file); fwrite(&smlen, sizeof(unsigned long long), 1, file); fclose(file); for(j=0;j<CRYPTO_PUBLICKEYBYTES;j++) pk[j] = fgetc(urandom); for(j=0;j<MLEN+CRYPTO_BYTES;j++) sm[j] = fgetc(urandom); smlen = fgetc(urandom); fclose(urandom); }
PyObject *pycrypto_sign(PyObject *self, PyObject *args, PyObject *kw){ Py_ssize_t m_stringsize=0, sksize=0; const unsigned char *sk, *m_string; static const char *kwlist[] = {"m", "sk", 0}; PyObject *ret; unsigned long long mlen, smlen; unsigned char *m; if (!PyArg_ParseTupleAndKeywords(args, kw, "|s#s#:crypto_sign", (char **) kwlist, (char **)&m_string, &m_stringsize, (char **)&sk, &sksize)){ return (PyObject *)0;} if (sksize != crypto_sign_SECRETKEYBYTES){ return Py_BuildValue("i", 0);} mlen = m_stringsize; m = PyMem_Malloc(mlen + crypto_sign_BYTES); if (!m) return PyErr_NoMemory(); if (crypto_sign(m, &smlen, m_string, mlen, sk) != 0){ PyMem_Free(m); return Py_BuildValue("i", 0);} ret = PyBytes_FromStringAndSize((char *)m, smlen); PyMem_Free(m); return ret;}
void speed_ed25519() { unsigned long long t[NTIMINGS]; int i; unsigned char pk[32]; unsigned char sk[64]; // Benchmarking keypair for(i=0;i<NTIMINGS;i++) { t[i] = cpucycles(); crypto_sign_keypair(pk, sk); } print_bench("sign_keypair",t,NTIMINGS); // Benchmarking sign for(i=0;i<NTIMINGS;i++) { t[i] = cpucycles(); crypto_sign(sm, &smlen, msg, MLEN, sk); } print_bench("sign (59 bytes)",t,NTIMINGS); // Benchmarking sign_open for(i=0;i<NTIMINGS;i++) { t[i] = cpucycles(); crypto_sign_open(mo, &mlen, sm, smlen, pk); } print_bench("sign_open (59 bytes)",t,NTIMINGS); }
static char * createGUID() { sodium_init(); unsigned char out[crypto_hash_sha512_BYTES]; unsigned char sk[crypto_sign_SECRETKEYBYTES]; int valid_pow = 0; while (valid_pow == 0){ //Generate a key pair unsigned char pk[crypto_sign_PUBLICKEYBYTES]; unsigned char sk[crypto_sign_SECRETKEYBYTES]; crypto_sign_keypair(pk, sk); //Sign the public key const unsigned char * message = pk; int message_len = crypto_sign_PUBLICKEYBYTES; unsigned char signed_message[crypto_sign_BYTES + message_len]; unsigned long long signed_message_len; crypto_sign(signed_message, &signed_message_len, message, message_len, sk); //Hash the signed key with sha512 crypto_hash_sha512(out, signed_message, signed_message_len); char proof_of_work[32]; memcpy(proof_of_work, &out[32], 32); char * pow = to_hex(proof_of_work, 3); valid_pow = test_pow(pow); } to_hex(sk, 32); return to_hex(sk, 32); }
EncryptedMessage CryptoEngine::EncryptWithPublicKeyAndSign(const Message &message, const VerificationEngine &ver_engine) { // check the public key if (ver_engine.public_key().empty()) { std::cout << "The recipient public key is empty. Cannot encrypt here." << std::endl; throw g_crypto_engine_encryption_failure; } if (ver_engine.signing_public_key().empty()) { std::cout << "The recipient signing public key is empty. Cannot encrypt here." << std::endl; throw g_crypto_engine_encryption_failure; } if (private_key_.empty()) { std::cout << "The secret key is empty. Cannot encrypt here." << std::endl; throw g_crypto_engine_encryption_failure; } if (nonce_master_key_.empty()) { std::cout << "The master key for deriving the nonce is not valid" << std::endl; throw g_crypto_engine_encryption_failure; } if (context_.empty()) { std::cout << "The context identifier for deriving the nonce is not valid" << std::endl; throw g_crypto_engine_encryption_failure; } if (salt_.empty()) { std::cout << "The salt for deriving the nonce is not valid" << std::endl; throw g_crypto_engine_encryption_failure; } // means the current crypto engine and the recipient crypto engine have the same public keys ! // This is NOT SAFE - stop immediately if(crypto_verify_32 (reinterpret_cast<const unsigned char *>(public_key_.data()), reinterpret_cast<const unsigned char *>(ver_engine.public_key().data())) == 0) { std::cout << "The engine public key and the recipient public key are the same !!! Did you copy the same files to two different peers ? This is NOT SAFE !! STOPPING !" << std::endl; throw g_crypto_engine_encryption_failure; } // derive the nonce std::string nonce = hkdf_.DeriveNonce(nonce_master_key_, salt_); // calculate the hash of the data std::string hash(crypto_hash(message.ToBytesString())); // calculate the signature on the hash std::string signed_hash = crypto_sign(hash, sign_private_key_); // prepend the signature+hash to the message std::string signed_message_string = signed_hash + message.ToBytesString(); // encrypt with the recipient public key std::string cipher_text = crypto_box(signed_message_string, nonce, ver_engine.public_key(), private_key_); return EncryptedMessage(nonce, cipher_text); }
void PaysharesPrivateKey::sign(uint256 const& message, Blob& retSignature) const { unsigned char out[crypto_sign_BYTES + message.bytes]; unsigned long long len; const unsigned char *key = mPair.mPrivateKey.data(); // contrary to the docs it puts the signature in front crypto_sign(out, &len, (unsigned char*)message.begin(), message.size(), key); retSignature.resize(crypto_sign_BYTES); memcpy(&retSignature[0], out, crypto_sign_BYTES); }
/* * Sign a piece of data. Returns the data and signature in one output buffer. */ return_status master_keys_sign( master_keys * const keys, const buffer_t * const data, buffer_t * const signed_data) { //output, length of data + SIGNATURE_SIZE return_status status = return_status_init(); if ((keys == NULL) || (data == NULL) || (signed_data == NULL) || (signed_data->buffer_length < (data->content_length + SIGNATURE_SIZE))) { throw(INVALID_INPUT, "Invalid input to master_keys_sign."); } sodium_mprotect_readonly(keys); int status_int = 0; unsigned long long signed_message_length; status_int = crypto_sign( signed_data->content, &signed_message_length, data->content, data->content_length, keys->private_signing_key->content); if (status_int != 0) { throw(SIGN_ERROR, "Failed to sign message."); } signed_data->content_length = (size_t) signed_message_length; cleanup: if (keys != NULL) { sodium_mprotect_noaccess(keys); } on_error { if (signed_data != NULL) { signed_data->content_length = 0; } } return status; }
static nif_term_t salt_sign(nif_heap_t *hp, int argc, const nif_term_t argv[]) { /* salt_sign(Message, Secret_key) -> Signed_msg. */ unsigned long long len; nif_bin_t pm; nif_bin_t sk; nif_bin_t sm; nif_term_t raw; if (argc != 2) return (BADARG); /* Unpack arguments ensuring they're suitably typed. */ if (! enif_inspect_iolist_as_binary(hp, argv[0], &pm)) return (BADARG); if (! enif_inspect_binary(hp, argv[1], &sk)) return (BADARG); /* Check constraints on size. */ if (pm.size < 1 || pm.size > SALT_MAX_MESSAGE_SIZE) return (BADARG); if (sk.size != crypto_sign_SECRETKEYBYTES) return (BADARG); /* Perform the crypto, potentially adjust signed message size. */ if (! enif_alloc_binary(pm.size + crypto_sign_BYTES, &sm)) return (BADARG); (void)crypto_sign(sm.data, &len, pm.data, pm.size, sk.data); raw = enif_make_binary(hp, &sm); if (len != sm.size) return (enif_make_sub_binary(hp, raw, 0, len)); else return (raw); }
int main(int argc, const char **argv) { unsigned char *sk, *m, *sm; size_t mlen, n; long long unsigned int smlen; if (argc < 2) { puts("usage: csign PRIVATE_KEY"); return 1; } if (strlen(argv[1]) != crypto_sign_SECRETKEYBYTES * 2) errx(1, "bad key length"); sk = decodehex(argv[1]); mlen = readmsg(&m); if ((sm = calloc(mlen + crypto_sign_BYTES, 1)) == NULL) err(1, NULL); crypto_sign(sm, &smlen, m, mlen, sk); if ((n = fwrite(sm, 1, crypto_sign_BYTES, stdout)) != smlen) err(1, NULL); return 0; }
static int sign(lua_State *L) { size_t mlen; unsigned char *msg = NULL; msg = (unsigned char *)lua_tolstring(L, 1, &mlen); size_t keylen; const unsigned char *key = NULL; key = (unsigned char*)lua_tolstring(L, 2, &keylen); // @todo validate key by checking it's length? unsigned long long slen; unsigned char sig[mlen + crypto_sign_BYTES]; if (crypto_sign(sig, &slen, msg, mlen, key) != 0) { lua_pushnil(L); lua_pushstring(L, "Failed to sign msg"); return 2; } lua_pushlstring(L, (char *)sig, slen); return 1; }
void measure(void) { int i; int loop; for (loop = 0;loop < LOOPS;++loop) { for (i = 0;i <= TIMINGS;++i) { cycles[i] = cpucycles(); crypto_sign_keypair(pk,sk); } for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i]; printentry(-1,"keypair_cycles",cycles,TIMINGS); for (mlen = 0;mlen <= MAXTEST_BYTES;mlen += 1 + mlen / 4) { randombytes(m,mlen); for (i = 0;i <= TIMINGS;++i) { cycles[i] = cpucycles(); bytes[i] = crypto_sign(sm,&smlen,m,mlen,sk); if (bytes[i] == 0) bytes[i] = smlen; } for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i]; printentry(mlen,"cycles",cycles,TIMINGS); printentry(mlen,"bytes",bytes,TIMINGS); for (i = 0;i <= TIMINGS;++i) { cycles[i] = cpucycles(); bytes[i] = crypto_sign_open(t,&tlen,sm,smlen,pk); if (bytes[i] == 0) bytes[i] = tlen; } for (i = 0;i < TIMINGS;++i) cycles[i] = cycles[i + 1] - cycles[i]; printentry(mlen,"open_cycles",cycles,TIMINGS); printentry(mlen,"open_bytes",bytes,TIMINGS); } } }
int main(void) { volatile unsigned char a; /* Mark the beginning of the stack */ for(i=0;i<5;i++) { canary = random(); WRITE_CANARY(&a); crypto_sign_keypair(pk,sk); newctr =(unsigned int)&a - (unsigned int)&_end - stack_count(canary); ctr = (newctr>ctr)?newctr:ctr; } print_stack(XSTR(crypto_sign_keypair),-1,ctr); for(i=0;i<5;i++) { canary = random(); WRITE_CANARY(&a); crypto_sign(sm,&smlen,sm,0,sk); newctr =(unsigned int)&a - (unsigned int)&_end - stack_count(canary); ctr = (newctr>ctr)?newctr:ctr; } print_stack(XSTR(crypto_sign),0,ctr); for(i=0;i<5;i++) { canary = random(); WRITE_CANARY(&a); crypto_sign_open(sm,&mlen,sm,smlen,pk); newctr =(unsigned int)&a - (unsigned int)&_end - stack_count(canary); ctr = (newctr>ctr)?newctr:ctr; } print_stack(XSTR(crypto_sign_open),smlen,ctr); for(j=1;j<=MAXTEST_BYTES;j<<=1) { mlen = j; for(i=0;i<5;i++) { canary = random(); WRITE_CANARY(&a); crypto_sign(sm,&smlen,sm,mlen,sk); newctr =(unsigned int)&a - (unsigned int)&_end - stack_count(canary); ctr = (newctr>ctr)?newctr:ctr; } print_stack(XSTR(crypto_sign),mlen,ctr); for(i=0;i<5;i++) { canary = random(); WRITE_CANARY(&a); crypto_sign_open(sm,&mlen,sm,smlen,pk); newctr =(unsigned int)&a - (unsigned int)&_end - stack_count(canary); ctr = (newctr>ctr)?newctr:ctr; } print_stack(XSTR(crypto_sign_open),smlen,ctr); } avr_end(); return 0; }