diff --git a/xed25519.cpp b/xed25519.cpp index dde4ba5f..d1461a23 100644 --- a/xed25519.cpp +++ b/xed25519.cpp @@ -625,8 +625,7 @@ ed25519Signer::ed25519Signer(RandomNumberGenerator &rng) ed25519Signer::ed25519Signer(BufferedTransformation ¶ms) { - ed25519PrivateKey& key = static_cast(AccessPrivateKey()); - key.BERDecode(params); + AccessPrivateKey().Load(params); } size_t ed25519Signer::SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart) const @@ -635,7 +634,7 @@ size_t ed25519Signer::SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccum ed25519_MessageAccumulator& accum = static_cast(messageAccumulator); const ed25519PrivateKey& pk = static_cast(GetPrivateKey()); - int ret = Donna::ed25519_sign(accum.data(), accum.size(), pk.m_sk, pk.m_pk, signature); + int ret = Donna::ed25519_sign(accum.data(), accum.size(), pk.GetPrivateKeyBytePtr(), pk.GetPublicKeyBytePtr(), signature); CRYPTOPP_ASSERT(ret == 0); if (restart) @@ -796,21 +795,7 @@ ed25519Verifier::ed25519Verifier(const Integer &y) ed25519Verifier::ed25519Verifier(BufferedTransformation ¶ms) { - // TODO: Fix the on-disk format once we determine what it is. - BERSequenceDecoder seq(params); - - size_t read; - BERSequenceDecoder pk(seq, OCTET_STRING); - - CRYPTOPP_ASSERT(pk.MaxRetrievable() >= PUBLIC_KEYLENGTH); - read = pk.Get(m_key.m_pk, PUBLIC_KEYLENGTH); - - pk.MessageEnd(); - - if (read != PUBLIC_KEYLENGTH) - throw BERDecodeErr(); - - seq.MessageEnd(); + AccessPublicKey().Load(params); } ed25519Verifier::ed25519Verifier(const ed25519Signer& signer) @@ -823,7 +808,7 @@ bool ed25519Verifier::VerifyAndRestart(PK_MessageAccumulator &messageAccumulator { ed25519_MessageAccumulator& accum = static_cast(messageAccumulator); const ed25519PublicKey& pk = static_cast(GetPublicKey()); - int ret = Donna::ed25519_sign_open(accum.data(), accum.size(), pk.m_pk.begin(), accum.signature()); + int ret = Donna::ed25519_sign_open(accum.data(), accum.size(), pk.GetPublicKeyBytePtr(), accum.signature()); accum.Restart(); return ret == 0; diff --git a/xed25519.h b/xed25519.h index 2cab0a45..cd9ffee5 100644 --- a/xed25519.h +++ b/xed25519.h @@ -227,7 +227,7 @@ struct ed25519_MessageAccumulator : public PK_MessageAccumulator /// \brief Create a message accumulator /// \details ed25519 does not use a RNG. You can safely use - /// NullRNG() because IsProbablistic returns false; + /// NullRNG() because IsProbablistic returns false. ed25519_MessageAccumulator(RandomNumberGenerator &rng) { CRYPTOPP_UNUSED(rng); Restart(); } @@ -358,6 +358,21 @@ struct ed25519PrivateKey : public PKCS8PrivateKey /// \param x private key bool IsClamped(const byte x[SECRET_KEYLENGTH]) const; + /// \brief Retrieve private key byte array + /// \returns the private key byte array + /// \details GetPrivateKeyBytePtr() is used by signing code to call ed25519_sign. + const byte* GetPrivateKeyBytePtr() const { + return m_sk.begin(); + } + + /// \brief Retrieve public key byte array + /// \returns the public key byte array + /// \details GetPublicKeyBytePtr() is used by signing code to call ed25519_sign. + const byte* GetPublicKeyBytePtr() const { + return m_pk.begin(); + } + +protected: FixedSizeSecBlock m_sk; FixedSizeSecBlock m_pk; OID m_oid; // preferred OID @@ -498,6 +513,14 @@ struct ed25519PublicKey : public X509PublicKey void SetPublicElement(const Element &y); const Element& GetPublicElement() const; + /// \brief Retrieve public key byte array + /// \returns the public key byte array + /// \details GetPublicKeyBytePtr() is used by signing code to call ed25519_sign. + const byte* GetPublicKeyBytePtr() const { + return m_pk.begin(); + } + +protected: FixedSizeSecBlock m_pk; OID m_oid; // preferred OID mutable Integer m_y; // for DL_PublicKey