ed25519 1.0.0-jruby

data/ext/ed25519_ref10/sha512.h

@@ -0,0 +1,8 @@
+#ifndef SHA512_H
+#define SHA512_H
+
+#include <stdint.h>
+
+int crypto_hash_sha512(uint8_t *out,const uint8_t *in,uint64_t inlen);
+
+#endif /* SHA512_H */

data/ext/ed25519_ref10/sign.c

@@ -0,0 +1,41 @@
+#include <string.h>
+#include "ed25519_ref10.h"
+#include "sha512.h"
+#include "ge.h"
+#include "sc.h"
+
+int crypto_sign_ed25519_ref10(
+  uint8_t *sm, uint64_t *smlen,
+  const uint8_t *m, uint64_t mlen,
+  const uint8_t *sk
+)
+{
+  unsigned char pk[32];
+  unsigned char az[64];
+  unsigned char nonce[64];
+  unsigned char hram[64];
+  ge_p3 R;
+
+  memmove(pk,sk + 32,32);
+
+  crypto_hash_sha512(az,sk,32);
+  az[0] &= 248;
+  az[31] &= 63;
+  az[31] |= 64;
+
+  *smlen = mlen + 64;
+  memmove(sm + 64,m,mlen);
+  memmove(sm + 32,az + 32,32);
+  crypto_hash_sha512(nonce,sm + 32,mlen + 32);
+  memmove(sm + 32,pk,32);
+
+  sc_reduce(nonce);
+  ge_scalarmult_base(&R,nonce);
+  ge_p3_tobytes(sm,&R);
+
+  crypto_hash_sha512(hram,sm,mlen + 64);
+  sc_reduce(hram);
+  sc_muladd(sm + 32,hram,az,nonce);
+
+  return 0;
+}

data/ext/ed25519_ref10/sqrtm1.h

@@ -0,0 +1 @@
+-32595792,-7943725,9377950,3500415,12389472,-272473,-25146209,-2005654,326686,11406482

data/ext/ed25519_ref10/verify.c

@@ -0,0 +1,40 @@
+#include "ed25519_ref10.h"
+
+int crypto_verify_32(const uint8_t *x,const uint8_t *y)
+{
+  unsigned int differentbits = 0;
+#define F(i) differentbits |= x[i] ^ y[i];
+  F(0)
+  F(1)
+  F(2)
+  F(3)
+  F(4)
+  F(5)
+  F(6)
+  F(7)
+  F(8)
+  F(9)
+  F(10)
+  F(11)
+  F(12)
+  F(13)
+  F(14)
+  F(15)
+  F(16)
+  F(17)
+  F(18)
+  F(19)
+  F(20)
+  F(21)
+  F(22)
+  F(23)
+  F(24)
+  F(25)
+  F(26)
+  F(27)
+  F(28)
+  F(29)
+  F(30)
+  F(31)
+  return (1 & ((differentbits - 1) >> 8)) - 1;
+}

data/lib/ed25519.rb

@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+require "ed25519/version"
+require "ed25519/signing_key"
+require "ed25519/verify_key"
+
+# The Ed25519 digital signatre algorithm
+# rubocop:disable Metrics/LineLength
+module Ed25519
+  module_function
+
+  # Size of an Ed25519 key (public or private) in bytes
+  KEY_SIZE = 32
+
+  # Size of an Ed25519 signature in bytes
+  SIGNATURE_SIZE = 64
+
+  # Raised when a signature fails to verify
+  VerifyError = Class.new(StandardError)
+
+  # Raised when the built-in self-test fails
+  SelfTestFailure = Class.new(StandardError)
+
+  # Select the Ed25519::Provider to use based on the current environment
+  if defined? JRUBY_VERSION
+    require "ed25519/provider/jruby"
+    @provider = Ed25519::Provider::JRuby
+  else
+    require "ed25519_ref10"
+    @provider = Ed25519::Provider::Ref10
+  end
+
+  # Selected provider based on the logic above
+  def provider
+    @provider
+  end
+
+  # Perform a self-test to ensure the selected provider is working
+  def self_test
+    signature_key = Ed25519::SigningKey.new("A" * 32)
+    raise SelfTestFailure, "failed to generate verify key correctly" unless signature_key.verify_key.to_bytes.unpack("H*").first == "db995fe25169d141cab9bbba92baa01f9f2e1ece7df4cb2ac05190f37fcc1f9d"
+
+    message = "crypto libraries should self-test on boot"
+    signature = signature_key.sign(message)
+    raise SelfTestFailure, "failed to generate correct signature" unless signature.unpack("H*").first == "c62c12a3a6cbfa04800d4be81468ef8aecd152a6a26a81d91257baecef13ba209531fe905a843e833c8b71cee04400fa2af3a29fef1152ece470421848758d0a"
+
+    verify_key = signature_key.verify_key
+    raise SelfTestFailure, "failed to verify a valid signature" unless verify_key.verify(signature, message)
+
+    bad_signature = signature[0...63] + "X"
+    ex = nil
+
+    # rubocop:disable Lint/HandleExceptions
+    begin
+      verify_key.verify(bad_signature, message)
+    rescue Ed25519::VerifyError => ex
+    end
+    # rubocop:enable Lint/HandleExceptions
+
+    raise SelfTestFailure, "failed to detect an invalid signature" unless ex.is_a?(Ed25519::VerifyError)
+  end
+end
+
+# Automatically run self-test when library loads
+Ed25519.self_test

data/lib/ed25519/provider/jruby.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require "java"
+require "ed25519_java"
+
+module Ed25519
+  module Provider
+    # Binding between the JRuby extension and the Ed25519::Provider API
+    #
+    # TODO: implement the Ed25519::Provider API natively in the Java extension
+    module JRuby
+      module_function
+
+      def create_keypair(seed)
+        raise ArgumentError, "seed must be #{KEY_SIZE}-bytes long" unless seed.length == Ed25519::KEY_SIZE
+
+        verify_key = org.cryptosphere.ed25519.publickey(seed.to_java_bytes)
+        verify_key = String.from_java_bytes(verify_key)
+        seed + verify_key
+      end
+
+      def sign(signing_key, message)
+        verify_key  = signing_key[32, 32].to_java_bytes
+        signing_key = signing_key[0, 32].to_java_bytes
+
+        signature = org.cryptosphere.ed25519.signature(message.to_java_bytes, signing_key, verify_key)
+        String.from_java_bytes(signature)
+      end
+
+      def verify(verify_key, signature, message)
+        org.cryptosphere.ed25519.checkvalid(
+          signature.to_java_bytes,
+          message.to_java_bytes,
+          verify_key.to_java_bytes
+        )
+      end
+    end
+  end
+end

data/lib/ed25519/signing_key.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require "securerandom"
+
+module Ed25519
+  # Private key for producing digital signatures
+  class SigningKey
+    attr_reader :seed, :keypair, :verify_key
+
+    # Generate a random Ed25519 signing key (i.e. private scalar)
+    def self.generate
+      new SecureRandom.random_bytes(Ed25519::KEY_SIZE)
+    end
+
+    # Create a new Ed25519::SigningKey from the given seed value
+    #
+    # @param seed [String] 32-byte seed value from which the key should be derived
+    def initialize(seed)
+      raise ArgumentError, "seed must be #{KEY_SIZE}-bytes long" unless seed.length == KEY_SIZE
+      @seed = seed
+
+      @keypair = Ed25519.provider.create_keypair(seed)
+      @verify_key = VerifyKey.new(@keypair[32, 32])
+    end
+
+    def sign(message)
+      Ed25519.provider.sign(@keypair, message)
+    end
+
+    def inspect
+      to_s
+    end
+
+    def to_bytes
+      seed
+    end
+    alias to_str to_bytes
+  end
+end

data/lib/ed25519/verify_key.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+module Ed25519
+  # Public key for verifying digital signatures
+  class VerifyKey
+    # Create a Ed25519::VerifyKey from its serialized Twisted Edwards representation
+    #
+    # @param key [String] 32-byte string representing a serialized public key
+    def initialize(key)
+      raise ArgumentError, "seed must be 32 bytes long" unless key.length == KEY_SIZE
+      @key_bytes = key
+    end
+
+    # Verify an Ed25519 signature against the message
+    #
+    # @param signature [String] 64-byte string containing an Ed25519 signature
+    # @param message [String] string containing message to be verified
+    #
+    # @raise Ed25519::VerifyError signature verification failed
+    #
+    # @return [true] message verified successfully
+    def verify(signature, message)
+      if signature.length != SIGNATURE_SIZE
+        raise ArgumentError, "expected #{SIGNATURE_SIZE} byte signature, got #{signature.length}"
+      end
+
+      return true if Ed25519.provider.verify(@key_bytes, signature, message)
+      raise VerifyError, "signature verification failed!"
+    end
+
+    # Return a compressed twisted Edwards coordinate representing the public key
+    #
+    # @return [String] bytestring serialization of this public key
+    def to_bytes
+      @key_bytes
+    end
+    alias to_str to_bytes
+
+    # Show hex representation of serialized coordinate in string inspection
+    def inspect
+      "#<#{self.class}:#{@key_bytes.unpack('H*').first}>"
+    end
+  end
+end

data/lib/ed25519/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Ed25519
+  VERSION = "1.0.0"
+end

metadata

@@ -0,0 +1,138 @@
+--- !ruby/object:Gem::Specification
+name: ed25519
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: jruby
+authors:
+- Tony Arcieri
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2017-12-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  name: bundler
+  prerelease: false
+  type: :development
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+description: A Ruby binding to the Ed25519 elliptic curve public-key signature system
+  described in RFC 8032.
+email:
+- tony.arcieri@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
+- CHANGES.md
+- CODE_OF_CONDUCT.md
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- ed25519.gemspec
+- ed25519.png
+- ext/ed25519_java/org/cryptosphere/ed25519.java
+- ext/ed25519_ref10/api.h
+- ext/ed25519_ref10/base.h
+- ext/ed25519_ref10/base2.h
+- ext/ed25519_ref10/d.h
+- ext/ed25519_ref10/d2.h
+- ext/ed25519_ref10/ed25519_ref10.c
+- ext/ed25519_ref10/ed25519_ref10.h
+- ext/ed25519_ref10/extconf.rb
+- ext/ed25519_ref10/fe.h
+- ext/ed25519_ref10/fe_0.c
+- ext/ed25519_ref10/fe_1.c
+- ext/ed25519_ref10/fe_add.c
+- ext/ed25519_ref10/fe_cmov.c
+- ext/ed25519_ref10/fe_copy.c
+- ext/ed25519_ref10/fe_frombytes.c
+- ext/ed25519_ref10/fe_invert.c
+- ext/ed25519_ref10/fe_isnegative.c
+- ext/ed25519_ref10/fe_isnonzero.c
+- ext/ed25519_ref10/fe_mul.c
+- ext/ed25519_ref10/fe_neg.c
+- ext/ed25519_ref10/fe_pow22523.c
+- ext/ed25519_ref10/fe_sq.c
+- ext/ed25519_ref10/fe_sq2.c
+- ext/ed25519_ref10/fe_sub.c
+- ext/ed25519_ref10/fe_tobytes.c
+- ext/ed25519_ref10/ge.h
+- ext/ed25519_ref10/ge_add.c
+- ext/ed25519_ref10/ge_add.h
+- ext/ed25519_ref10/ge_double_scalarmult.c
+- ext/ed25519_ref10/ge_frombytes.c
+- ext/ed25519_ref10/ge_madd.c
+- ext/ed25519_ref10/ge_madd.h
+- ext/ed25519_ref10/ge_msub.c
+- ext/ed25519_ref10/ge_msub.h
+- ext/ed25519_ref10/ge_p1p1_to_p2.c
+- ext/ed25519_ref10/ge_p1p1_to_p3.c
+- ext/ed25519_ref10/ge_p2_0.c
+- ext/ed25519_ref10/ge_p2_dbl.c
+- ext/ed25519_ref10/ge_p2_dbl.h
+- ext/ed25519_ref10/ge_p3_0.c
+- ext/ed25519_ref10/ge_p3_dbl.c
+- ext/ed25519_ref10/ge_p3_to_cached.c
+- ext/ed25519_ref10/ge_p3_to_p2.c
+- ext/ed25519_ref10/ge_p3_tobytes.c
+- ext/ed25519_ref10/ge_precomp_0.c
+- ext/ed25519_ref10/ge_scalarmult_base.c
+- ext/ed25519_ref10/ge_sub.c
+- ext/ed25519_ref10/ge_sub.h
+- ext/ed25519_ref10/ge_tobytes.c
+- ext/ed25519_ref10/keypair.c
+- ext/ed25519_ref10/open.c
+- ext/ed25519_ref10/pow22523.h
+- ext/ed25519_ref10/pow225521.h
+- ext/ed25519_ref10/sc.h
+- ext/ed25519_ref10/sc_muladd.c
+- ext/ed25519_ref10/sc_reduce.c
+- ext/ed25519_ref10/sha512.c
+- ext/ed25519_ref10/sha512.h
+- ext/ed25519_ref10/sign.c
+- ext/ed25519_ref10/sqrtm1.h
+- ext/ed25519_ref10/verify.c
+- lib/ed25519.rb
+- lib/ed25519/provider/jruby.rb
+- lib/ed25519/signing_key.rb
+- lib/ed25519/verify_key.rb
+- lib/ed25519/version.rb
+- lib/ed25519_java.jar
+homepage: https://github.com/cryptosphere/ed25519
+licenses: []
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.2.2
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.6.14
+signing_key:
+specification_version: 4
+summary: An efficient digital signature library providing the Ed25519 algorithm
+test_files: []