Commit 7e7ac67f authored by Joel Stanley's avatar Joel Stanley Committed by Parnell Springmeyer
Browse files

Add bindings to the libsodium DSA operations 'crypto_sign_detached' and...

Add bindings to the libsodium DSA operations 'crypto_sign_detached' and 'crypto_sign_verify_detached'
parent 89e28fea
......@@ -432,6 +432,11 @@ ERL_NIF_TERM enif_crypto_sign_keypair(ErlNifEnv *env, int argc, ERL_NIF_TERM con
return enif_make_tuple2(env, enif_make_binary(env, &pk), enif_make_binary(env, &sk));
}
/*
int crypto_sign(unsigned char *sm, unsigned long long *smlen,
const unsigned char *m, unsigned long long mlen,
const unsigned char *sk);
*/
static
ERL_NIF_TERM enif_crypto_sign(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) {
ErlNifBinary m, sk, sm;
......@@ -457,6 +462,11 @@ ERL_NIF_TERM enif_crypto_sign(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[
return enif_make_sub_binary(env, enif_make_binary(env, &sm), 0, smlen);
}
/*
int crypto_sign_open(unsigned char *m, unsigned long long *mlen,
const unsigned char *sm, unsigned long long smlen,
const unsigned char *pk);
*/
static
ERL_NIF_TERM enif_crypto_sign_open(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) {
ErlNifBinary m, sm, pk;
......@@ -485,6 +495,65 @@ ERL_NIF_TERM enif_crypto_sign_open(ErlNifEnv *env, int argc, ERL_NIF_TERM const
}
}
/*
int crypto_sign_detached(unsigned char *sig, unsigned long long *siglen,
const unsigned char *m, unsigned long long mlen,
const unsigned char *sk);
*/
static
ERL_NIF_TERM enif_crypto_sign_detached(ErlNifEnv* env, int argc, ERL_NIF_TERM const argv[]) {
ErlNifBinary m, sk, sig;
unsigned long long siglen;
if (
(argc != 2) ||
(!enif_inspect_iolist_as_binary(env, argv[0], &m)) ||
(!enif_inspect_binary(env, argv[1], &sk))) {
return enif_make_badarg(env);
}
if (sk.size != crypto_sign_SECRETKEYBYTES) {
return enif_make_badarg(env);
}
if (!enif_alloc_binary(crypto_sign_BYTES, &sig)) {
return nacl_error_tuple(env, "alloc_failed");
}
crypto_sign_detached(sig.data, &siglen, m.data, m.size, sk.data);
return enif_make_sub_binary(env, enif_make_binary(env, &sig), 0, siglen);
}
/*
int crypto_sign_verify_detached(const unsigned char *sig,
const unsigned char *m,
unsigned long long mlen,
const unsigned char *pk);
*/
static
ERL_NIF_TERM enif_crypto_sign_verify_detached(ErlNifEnv* env, int argc, ERL_NIF_TERM const argv[]) {
ErlNifBinary m, sig, pk;
if (
(argc != 3) ||
(!enif_inspect_binary(env, argv[0], &sig)) ||
(!enif_inspect_iolist_as_binary(env, argv[1], &m)) ||
(!enif_inspect_binary(env, argv[2], &pk))) {
return enif_make_badarg(env);
}
if (pk.size != crypto_sign_PUBLICKEYBYTES) {
return enif_make_badarg(env);
}
if (0 == crypto_sign_verify_detached(sig.data, m.data, m.size, pk.data)) {
return enif_make_atom(env, "true");
} else {
return enif_make_atom(env, "false");
}
}
/* Secret key cryptography */
static
......@@ -886,6 +955,9 @@ static ErlNifFunc nif_funcs[] = {
{"crypto_sign_open_b", 2, enif_crypto_sign_open},
{"crypto_sign_open", 2, enif_crypto_sign_open, ERL_NIF_DIRTY_JOB_CPU_BOUND},
{"crypto_sign_detached", 2, enif_crypto_sign_detached, ERL_NIF_DIRTY_JOB_CPU_BOUND},
{"crypto_sign_verify_detached", 3, enif_crypto_sign_verify_detached, ERL_NIF_DIRTY_JOB_CPU_BOUND},
{"crypto_secretbox_NONCEBYTES", 0, enif_crypto_secretbox_NONCEBYTES},
{"crypto_secretbox_ZEROBYTES", 0, enif_crypto_secretbox_ZEROBYTES},
{"crypto_secretbox_BOXZEROBYTES", 0, enif_crypto_secretbox_BOXZEROBYTES},
......
......@@ -2,6 +2,13 @@
-include_lib("eqc/include/eqc.hrl").
-compile(export_all).
%% dummy test property
prop_append() ->
?FORALL({Xs,Ys},{list(int()),list(int())},
lists:reverse(Xs++Ys)
==
lists:reverse(Ys) ++ lists:reverse(Xs)).
non_byte_int() ->
oneof([
?LET(N, nat(), -(N+1)),
......@@ -667,3 +674,32 @@ badargs(Thunk) ->
catch
error:badarg -> true
end.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% Joel Test Blobs
test_basic_signing() ->
#{ public := PK0, secret := SK0 } = enacl:sign_keypair(),
#{ public := PK1, secret := SK1 } = enacl:sign_keypair(),
MSG0 = <<"This is super s3Kr3t, srsly!">>,
[
%% (+) Sign and open using valid keypair
case enacl:sign_open(enacl:sign(MSG0, SK0), PK0) of
{ok,MSG1} -> MSG0==MSG1;
_ -> false
end
, %% (-) Sign and open using invalid keypair
case enacl:sign_open(enacl:sign(MSG0, SK0), PK1) of
{error,failed_verification} -> true;
_ -> false
end
, %% (+) Detached mode sig and verify
{ enacl:sign_verify_detached(enacl:sign_detached(MSG0, SK0), MSG0, PK0)
, enacl:sign_verify_detached(enacl:sign_detached(MSG0, SK1), MSG0, PK1)
}
, %% (-) Incorrect sigs/PKs/messages given during verify
{ false == enacl:sign_verify_detached(enacl:sign_detached(MSG0, SK0), MSG0, PK1)
, false == enacl:sign_verify_detached(enacl:sign_detached(MSG0, SK1), MSG0, PK0)
, false == enacl:sign_verify_detached(enacl:sign_detached(MSG0, SK0), <<"bzzt">>, PK0)
}
].
......@@ -34,7 +34,9 @@
sign_keypair_secret_size/0,
sign_keypair/0,
sign/2,
sign_open/2
sign_open/2,
sign_detached/2,
sign_verify_detached/3
]).
%% Secret key crypto
......@@ -380,6 +382,29 @@ sign_open(SM, PK) ->
end
end.
%% @doc sign_detached/2 computes a digital signature given a message and a secret key.
%%
%% Given a message `M' and a secret key `SK' the function will compute the digital signature `DS'.
%% @end
-spec sign_detached(M, SK) -> DS
when
M :: iodata(),
SK :: binary(),
DS :: binary().
sign_detached(M, SK) -> enacl_nif:crypto_sign_detached(M, SK).
%% @doc sign_verify_detached/3 verifies the given signature against the given
%% message for the given public key.
%%
%% Given a signature `SIG', a message `M', and a public key `PK', the function computes
%% true iff the `SIG' is valid for `M' and `PK'.
-spec sign_verify_detached(SIG, M, PK) -> boolean()
when
SIG :: binary(),
M :: iodata(),
PK :: binary().
sign_verify_detached(SIG, M, PK) -> enacl_nif:crypto_sign_verify_detached(SIG, M, PK).
%% @private
-spec box_secret_key_bytes() -> pos_integer().
box_secret_key_bytes() ->
......
......@@ -31,7 +31,11 @@
crypto_sign_b/2,
crypto_sign_keypair/0,
crypto_sign_open/2,
crypto_sign_open_b/2
crypto_sign_open_b/2,
crypto_sign_detached/2,
crypto_sign_verify_detached/3
]).
%% Secret key crypto
......@@ -144,6 +148,9 @@ crypto_sign_b(_M, _SK) -> erlang:nif_error(nif_not_loaded).
crypto_sign_open(_SignedMessage, _PK) -> erlang:nif_error(nif_not_loaded).
crypto_sign_open_b(_SignedMessage, _PK) -> erlang:nif_error(nif_not_loaded).
crypto_sign_detached(_M, _SK) -> erlang:nif_error(nif_not_loaded).
crypto_sign_verify_detached(_SIG, _M, _PK) -> erlang:nif_error(nif_not_loaded).
crypto_secretbox_NONCEBYTES() -> erlang:nif_error(nif_not_loaded).
crypto_secretbox_ZEROBYTES() -> erlang:nif_error(nif_not_loaded).
crypto_secretbox_KEYBYTES() -> erlang:nif_error(nif_not_loaded).
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment