ed: sign

rust/ares_crypto/Cargo.lock

@@ -302,6 +302,7 @@ dependencies = [
  "ed25519",
  "rand_core",
  "sha2",
+ "signature",
  "subtle",
 ]
 
@@ -676,6 +677,7 @@ version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de"
 dependencies = [
+ "digest",
  "rand_core",
 ]
 

rust/ares_crypto/Cargo.toml

@@ -10,14 +10,14 @@ assert_no_alloc = "1.1.2"
 # use this when debugging requires allocation (e.g. eprintln)
 # assert_no_alloc = {version="1.1.2", features=["warn_debug"]}
 aes-siv = { version = "0.7.0", features = ["heapless"], default-features = false }
-ed25519-dalek = { version = "2.1.0", features = ["pkcs8", "rand_core"], default-features = false }
-ed25519 = { version = "2.2.3" }
-rand = { version = "0.8.5", features = ["std_rng"], default-features = false }
-urcrypt-sys = { version = "0.1.1", optional = true }
-sha2 = "0.10.8"
-ibig = "0.3.6"
-x25519-dalek = { version = "2.0.0", features = ["static_secrets"], default-features = false }
 curve25519-dalek = "4.1.1"
+ed25519-dalek = { version = "2.1.0", features = ["digest", "pkcs8", "rand_core"], default-features = false }
+ed25519 = { version = "2.2.3" }
+ibig = "0.3.6"
+rand = { version = "0.8.5", features = ["std_rng"], default-features = false }
+sha2 = "0.10.8"
+urcrypt-sys = { version = "0.1.1", optional = true }
+x25519-dalek = { version = "2.0.0", features = ["static_secrets"], default-features = false }
 
 [features]
 # XX turn off test_vs_urcrypt after development

rust/ares_crypto/src/ed25519.rs

@@ -1,5 +1,7 @@
-use curve25519_dalek::{edwards::CompressedEdwardsY, EdwardsPoint, MontgomeryPoint};
-use ed25519_dalek::{SigningKey, VerifyingKey};
+use sha2::{Digest, Sha512};
+
+use curve25519_dalek::edwards::CompressedEdwardsY;
+use ed25519_dalek::{SigningKey, VerifyingKey, Signer};
 use x25519_dalek::{PublicKey, StaticSecret};
 
 /// Generate a public key from the given seed and write it to the given output slice.
@@ -25,6 +27,12 @@ pub fn ac_ed_shar(public: &[u8; 32], seed: &[u8; 32], out: &mut [u8; 32]) {
     }
 }
 
+pub fn ac_ed_sign(msg: &[u8], seed: &[u8; 32], out: &mut [u8; 64]) {
+    let signing_key = SigningKey::from_bytes(seed);
+    let signature = signing_key.sign(msg);
+    *out = signature.to_bytes();
+}
+
 #[cfg(test)]
 mod tests {
     use super::ac_ed_puck;
@@ -47,9 +55,9 @@ mod tests {
 #[cfg(test)]
 #[cfg(feature = "test_vs_urcrypt")]
 mod ucrypt_tests {
-    use super::{ac_ed_puck, ac_ed_shar};
+    use super::{ac_ed_puck, ac_ed_shar, ac_ed_sign};
     use ibig::ubig;
-    use urcrypt_sys::{urcrypt_ed_puck, urcrypt_ed_shar};
+    use urcrypt_sys::{urcrypt_ed_puck, urcrypt_ed_shar, urcrypt_ed_sign};
 
     #[test]
     fn test_ed_puck() {
@@ -72,9 +80,8 @@ mod ucrypt_tests {
         let mut public_key: [u8; 32] = [0; 32];
         public_key.copy_from_slice(public_key_src);
 
-        let seed_src =
-            &ubig!(_0x4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb)
-                .to_le_bytes();
+        let seed_src = &ubig!(_0x4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb)
+            .to_le_bytes();
         let mut seed: [u8; 32] = [0; 32];
         seed.copy_from_slice(seed_src);
 
@@ -86,4 +93,21 @@ mod ucrypt_tests {
 
         assert_eq!(ac_out, uc_out);
     }
+
+    #[test]
+    fn test_ed_sign() {
+        let msg = b"test";
+        let seed_src = &ubig!(_0x4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb)
+            .to_le_bytes();
+        let mut seed: [u8; 32] = [0; 32];
+        seed.copy_from_slice(seed_src);
+
+        let mut uc_out: [u8; 64] = [0; 64];
+        unsafe { urcrypt_ed_sign(msg.as_ptr(), msg.len(), seed.as_ptr(), uc_out.as_mut_ptr()) };
+
+        let mut ac_out: [u8; 64] = [0; 64];
+        ac_ed_sign(msg, &seed, &mut ac_out);
+
+        assert_eq!(ac_out, uc_out);
+    }
 }