ed25519 1.2.4-java

data/ext/ed25519_ref10/sha512.h

@@ -0,0 +1,8 @@
+#ifndef SHA512_H
+#define SHA512_H
+
+#include <stdint.h>
+
+int crypto_hash_sha512(uint8_t *out,const uint8_t *in,uint64_t inlen);
+
+#endif /* SHA512_H */

data/ext/ed25519_ref10/sign.c

@@ -0,0 +1,41 @@
+#include <string.h>
+#include "ed25519_ref10.h"
+#include "sha512.h"
+#include "ge.h"
+#include "sc.h"
+
+int crypto_sign_ed25519_ref10(
+  uint8_t *sm, uint64_t *smlen,
+  const uint8_t *m, uint64_t mlen,
+  const uint8_t *sk
+)
+{
+  unsigned char pk[32];
+  unsigned char az[64];
+  unsigned char nonce[64];
+  unsigned char hram[64];
+  ge_p3 R;
+
+  memmove(pk,sk + 32,32);
+
+  crypto_hash_sha512(az,sk,32);
+  az[0] &= 248;
+  az[31] &= 63;
+  az[31] |= 64;
+
+  *smlen = mlen + 64;
+  memmove(sm + 64,m,mlen);
+  memmove(sm + 32,az + 32,32);
+  crypto_hash_sha512(nonce,sm + 32,mlen + 32);
+  memmove(sm + 32,pk,32);
+
+  sc_reduce(nonce);
+  ge_scalarmult_base(&R,nonce);
+  ge_p3_tobytes(sm,&R);
+
+  crypto_hash_sha512(hram,sm,mlen + 64);
+  sc_reduce(hram);
+  sc_muladd(sm + 32,hram,az,nonce);
+
+  return 0;
+}

data/ext/ed25519_ref10/sqrtm1.h

@@ -0,0 +1 @@
+-32595792,-7943725,9377950,3500415,12389472,-272473,-25146209,-2005654,326686,11406482

data/ext/ed25519_ref10/verify.c

@@ -0,0 +1,40 @@
+#include "ed25519_ref10.h"
+
+int crypto_verify_32(const uint8_t *x,const uint8_t *y)
+{
+  unsigned int differentbits = 0;
+#define F(i) differentbits |= x[i] ^ y[i];
+  F(0)
+  F(1)
+  F(2)
+  F(3)
+  F(4)
+  F(5)
+  F(6)
+  F(7)
+  F(8)
+  F(9)
+  F(10)
+  F(11)
+  F(12)
+  F(13)
+  F(14)
+  F(15)
+  F(16)
+  F(17)
+  F(18)
+  F(19)
+  F(20)
+  F(21)
+  F(22)
+  F(23)
+  F(24)
+  F(25)
+  F(26)
+  F(27)
+  F(28)
+  F(29)
+  F(30)
+  F(31)
+  return (1 & ((differentbits - 1) >> 8)) - 1;
+}

data/lib/ed25519.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+require "ed25519/version"
+require "ed25519/signing_key"
+require "ed25519/verify_key"
+
+# The Ed25519 digital signatre algorithm
+# rubocop:disable Metrics/LineLength
+module Ed25519
+  module_function
+
+  # Size of an Ed25519 key (public or private) in bytes
+  KEY_SIZE = 32
+
+  # Size of an Ed25519 signature in bytes
+  SIGNATURE_SIZE = 64
+
+  # Raised when a signature fails to verify
+  VerifyError = Class.new(StandardError)
+
+  # Raised when the built-in self-test fails
+  SelfTestFailure = Class.new(StandardError)
+
+  class << self
+    # Obtain the backend provider module used to perform signatures
+    attr_accessor :provider
+  end
+
+  # Select the Ed25519::Provider to use based on the current environment
+  if defined? JRUBY_VERSION
+    require "ed25519_jruby"
+    self.provider = org.cryptorb.Ed25519Provider.createEd25519Module(JRuby.runtime)
+  else
+    require "ed25519_ref10"
+    self.provider = Ed25519::Provider::Ref10
+  end
+
+  # Ensure a serialized key meets the requirements
+  def validate_key_bytes(key_bytes)
+    raise TypeError, "expected String, got #{key_bytes.class}" unless key_bytes.is_a?(String)
+    return true if key_bytes.bytesize == KEY_SIZE
+    raise ArgumentError, "expected #{KEY_SIZE}-byte String, got #{key_bytes.bytesize}"
+  end
+
+  # Perform a self-test to ensure the selected provider is working
+  def self_test
+    signature_key = Ed25519::SigningKey.new("A" * 32)
+    raise SelfTestFailure, "failed to generate verify key correctly" unless signature_key.verify_key.to_bytes.unpack("H*").first == "db995fe25169d141cab9bbba92baa01f9f2e1ece7df4cb2ac05190f37fcc1f9d"
+
+    message = "crypto libraries should self-test on boot"
+    signature = signature_key.sign(message)
+    raise SelfTestFailure, "failed to generate correct signature" unless signature.unpack("H*").first == "c62c12a3a6cbfa04800d4be81468ef8aecd152a6a26a81d91257baecef13ba209531fe905a843e833c8b71cee04400fa2af3a29fef1152ece470421848758d0a"
+
+    verify_key = signature_key.verify_key
+    raise SelfTestFailure, "failed to verify a valid signature" unless verify_key.verify(signature, message)
+
+    bad_signature = signature[0...63] + "X"
+    ex = nil
+
+    # rubocop:disable Lint/HandleExceptions
+    begin
+      verify_key.verify(bad_signature, message)
+    rescue Ed25519::VerifyError => ex
+    end
+    # rubocop:enable Lint/HandleExceptions
+
+    raise SelfTestFailure, "failed to detect an invalid signature" unless ex.is_a?(Ed25519::VerifyError)
+  end
+end
+
+# Automatically run self-test when library loads
+Ed25519.self_test

data/lib/ed25519/signing_key.rb

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+require "securerandom"
+
+module Ed25519
+  # Private key for producing digital signatures
+  class SigningKey
+    attr_reader :seed, :keypair, :verify_key
+
+    # Generate a random Ed25519 signing key (i.e. private scalar)
+    def self.generate
+      new SecureRandom.random_bytes(Ed25519::KEY_SIZE)
+    end
+
+    # Create a SigningKey from a 64-byte Ed25519 keypair (i.e. public + private)
+    #
+    # @param keypair [String] 64-byte keypair value containing both seed + public key
+    def self.from_keypair(keypair)
+      raise TypeError, "expected String, got #{keypair.class}" unless keypair.is_a?(String)
+      raise ArgumentError, "expected 64-byte String, got #{keypair.bytesize}" unless keypair.bytesize == 64
+
+      new(keypair[0, KEY_SIZE]).tap do |key|
+        raise ArgumentError, "corrupt keypair" unless keypair[KEY_SIZE, KEY_SIZE] == key.verify_key.to_bytes
+      end
+    end
+
+    # Create a new Ed25519::SigningKey from the given seed value
+    #
+    # @param seed [String] 32-byte seed value from which the key should be derived
+    def initialize(seed)
+      Ed25519.validate_key_bytes(seed)
+
+      @seed = seed
+      @keypair = Ed25519.provider.create_keypair(seed)
+      @verify_key = VerifyKey.new(@keypair[32, 32])
+    end
+
+    # Sign the given message, returning an Ed25519 signature
+    #
+    # @param message [String] message to be signed
+    #
+    # @return [String] 64-byte Ed25519 signature
+    def sign(message)
+      Ed25519.provider.sign(@keypair, message)
+    end
+
+    # String inspection that does not leak secret values
+    def inspect
+      to_s
+    end
+
+    # Return a bytestring representation of this signing key
+    #
+    # @return [String] signing key converted to a bytestring
+    def to_bytes
+      seed
+    end
+    alias to_str to_bytes
+  end
+end

data/lib/ed25519/verify_key.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+module Ed25519
+  # Public key for verifying digital signatures
+  class VerifyKey
+    # Create a Ed25519::VerifyKey from its serialized Twisted Edwards representation
+    #
+    # @param key [String] 32-byte string representing a serialized public key
+    def initialize(key)
+      Ed25519.validate_key_bytes(key)
+      @key_bytes = key
+    end
+
+    # Verify an Ed25519 signature against the message
+    #
+    # @param signature [String] 64-byte string containing an Ed25519 signature
+    # @param message [String] string containing message to be verified
+    #
+    # @raise Ed25519::VerifyError signature verification failed
+    #
+    # @return [true] message verified successfully
+    def verify(signature, message)
+      if signature.length != SIGNATURE_SIZE
+        raise ArgumentError, "expected #{SIGNATURE_SIZE} byte signature, got #{signature.length}"
+      end
+
+      return true if Ed25519.provider.verify(@key_bytes, signature, message)
+      raise VerifyError, "signature verification failed!"
+    end
+
+    # Return a compressed twisted Edwards coordinate representing the public key
+    #
+    # @return [String] bytestring serialization of this public key
+    def to_bytes
+      @key_bytes
+    end
+    alias to_str to_bytes
+
+    # Show hex representation of serialized coordinate in string inspection
+    def inspect
+      "#<#{self.class}:#{@key_bytes.unpack('H*').first}>"
+    end
+  end
+end

data/lib/ed25519/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Ed25519
+  VERSION = "1.2.4"
+end

metadata

@@ -0,0 +1,137 @@
+--- !ruby/object:Gem::Specification
+name: ed25519
+version: !ruby/object:Gem::Version
+  version: 1.2.4
+platform: java
+authors:
+- Tony Arcieri
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2018-01-05 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  name: bundler
+  prerelease: false
+  type: :development
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+description: A Ruby binding to the Ed25519 elliptic curve public-key signature system
+  described in RFC 8032.
+email:
+- tony.arcieri@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
+- CHANGES.md
+- CODE_OF_CONDUCT.md
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- appveyor.yml
+- ed25519.gemspec
+- ed25519.png
+- ext/ed25519_jruby/LICENSE.txt
+- ext/ed25519_jruby/README.md
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/EdDSAEngine.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/EdDSAKey.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/EdDSAPrivateKey.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/EdDSAPublicKey.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/EdDSASecurityProvider.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/KeyFactory.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/KeyPairGenerator.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/Utils.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/math/Constants.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/math/Curve.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/math/Encoding.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/math/Field.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/math/FieldElement.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/math/GroupElement.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/math/ScalarOps.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/math/bigint/BigIntegerFieldElement.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/math/bigint/BigIntegerLittleEndianEncoding.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/math/bigint/BigIntegerScalarOps.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/math/bigint/package.html
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/math/ed25519/Ed25519FieldElement.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/math/ed25519/Ed25519LittleEndianEncoding.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/math/ed25519/Ed25519ScalarOps.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/spec/EdDSAGenParameterSpec.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/spec/EdDSANamedCurveSpec.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/spec/EdDSANamedCurveTable.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/spec/EdDSAParameterSpec.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/spec/EdDSAPrivateKeySpec.java
+- ext/ed25519_jruby/net/i2p/crypto/eddsa/spec/EdDSAPublicKeySpec.java
+- ext/ed25519_jruby/org/cryptorb/Ed25519Provider.java
+- ext/ed25519_ref10/api.h
+- ext/ed25519_ref10/base.h
+- ext/ed25519_ref10/base2.h
+- ext/ed25519_ref10/d.h
+- ext/ed25519_ref10/d2.h
+- ext/ed25519_ref10/ed25519_ref10.c
+- ext/ed25519_ref10/ed25519_ref10.h
+- ext/ed25519_ref10/extconf.rb
+- ext/ed25519_ref10/fe.c
+- ext/ed25519_ref10/fe.h
+- ext/ed25519_ref10/ge.c
+- ext/ed25519_ref10/ge.h
+- ext/ed25519_ref10/ge_add.h
+- ext/ed25519_ref10/ge_madd.h
+- ext/ed25519_ref10/ge_msub.h
+- ext/ed25519_ref10/ge_p2_dbl.h
+- ext/ed25519_ref10/ge_sub.h
+- ext/ed25519_ref10/keypair.c
+- ext/ed25519_ref10/open.c
+- ext/ed25519_ref10/pow22523.h
+- ext/ed25519_ref10/pow225521.h
+- ext/ed25519_ref10/sc.h
+- ext/ed25519_ref10/sc_muladd.c
+- ext/ed25519_ref10/sc_reduce.c
+- ext/ed25519_ref10/sha512.c
+- ext/ed25519_ref10/sha512.h
+- ext/ed25519_ref10/sign.c
+- ext/ed25519_ref10/sqrtm1.h
+- ext/ed25519_ref10/verify.c
+- lib/ed25519.rb
+- lib/ed25519/signing_key.rb
+- lib/ed25519/verify_key.rb
+- lib/ed25519/version.rb
+- lib/ed25519_jruby.jar
+homepage: https://github.com/crypto-rb/ed25519
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.0.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.7.4
+signing_key:
+specification_version: 4
+summary: An efficient digital signature library providing the Ed25519 algorithm
+test_files: []