re-implemented signature system to match the standard (orinal input, including sig for full sig; or 32k blockwise hash of input and sig from hash attached to original input without the hash), verify_buffered currently not implemented, armored sig only for output.

2025-12-17 03:50:57 +01:00 · 2014-01-23 15:40:06 +01:00
parent f09d4774cb
commit c717c060ec
12 changed files with 161 additions and 319 deletions
--- a/include/pcp/defines.h
+++ b/include/pcp/defines.h
@@ -40,8 +40,9 @@ typedef unsigned int    qbyte;          //  Quad byte = 32 bits
 #define PCP_ZFILE_HEADER "----- BEGIN Z85 ENCODED FILE -----"
 #define PCP_ZFILE_FOOTER "------ END Z85 ENCODED FILE ------"

-#define PCP_SIG_HEADER "----- BEGIN PCP SIGNATURE FILE -----"
-#define PCP_SIG_FOOTER "------ END PCP SIGNATURE FILE ------"
+#define PCP_SIG_HEADER "----- BEGIN PCP SIGNED MESSAGE -----"
+#define PCP_SIG_START  "----- BEGIN PCP SIGNATURE -----"
+#define PCP_SIG_END    "------ END PCP SIGNATURE ------"

 #define PCP_ME "Pretty Curved Privacy"

--- a/include/pcp/ed.h
+++ b/include/pcp/ed.h
@@ -19,6 +19,10 @@
    You can contact me by mail: <tlinden AT cpan DOT org>.
 */

+/*
+ ED25519 signatures. Currently unbuffered
+*/
+
 #ifndef _HAVE_PCP_ED_H
 #define _HAVE_PCP_ED_H

@@ -32,24 +36,19 @@
 #include "mem.h"
 #include "key.h"

-struct _pcp_sig_t {
-  byte edsig[crypto_sign_BYTES];
-  char id[17];
-  uint64_t ctime;
-  uint32_t version;
-};
+/* sign a message of messagesize using s->edsecret, if it works
+   return message+signature (size: messagesize + crypto_sign_BYTES),
+   returns NULL otherwise */
+unsigned char *pcp_ed_sign(unsigned char *message, size_t messagesize, pcp_key_t *s);

-typedef struct _pcp_sig_t pcp_sig_t;
+/* verify a signature of siglen size using p->edpub, if the signature verifies
+   return the raw message with the signature removed (size: siglen - crypto_sign_BYTES),
+   returns NULL otherwise */
+unsigned char * pcp_ed_verify(unsigned char *signature, size_t siglen, pcp_pubkey_t *p);

-int pcp_ed_verify(unsigned char *input, size_t inputlen,
-		  pcp_sig_t *sig, pcp_pubkey_t *p);
-
-pcp_sig_t *pcp_ed_sign(unsigned char *message,
-			   size_t messagesize, pcp_key_t *s);
-
-pcp_sig_t *sig2native(pcp_sig_t *k);
-pcp_sig_t *sig2be(pcp_sig_t *k);
-
-pcp_sig_t *pcp_ed_newsig(unsigned char *hash, char *id);
+/* same as pcp_ed_sign() but work on i/o directly, we're making a hash
+   of the input 32k-wise, copy in=>out, sign the hash and append the
+   sig only to the output */
+size_t pcp_ed_sign_buffered(FILE *in, FILE *out, pcp_key_t *s, int z85);

 #endif // _HAVE_PCP_ED_H