module Crypto.PubKey.Ed25519
( SecretKey
, PublicKey
, Signature
, signature
, publicKey
, secretKey
, toPublic
, sign
, verify
) where
import Data.Word
import Foreign.Ptr
import Foreign.C.Types
import Crypto.Internal.Compat
import Crypto.Internal.Imports
import Crypto.Internal.ByteArray (ByteArrayAccess, withByteArray, ScrubbedBytes, Bytes)
import qualified Crypto.Internal.ByteArray as B
import Crypto.Error
newtype SecretKey = SecretKey ScrubbedBytes
deriving (Eq,ByteArrayAccess,NFData)
newtype PublicKey = PublicKey Bytes
deriving (Show,Eq,ByteArrayAccess,NFData)
newtype Signature = Signature Bytes
deriving (Show,Eq,ByteArrayAccess,NFData)
publicKey :: ByteArrayAccess ba => ba -> CryptoFailable PublicKey
publicKey bs
| B.length bs == publicKeySize =
CryptoPassed $ PublicKey $ B.copyAndFreeze bs (\_ -> return ())
| otherwise =
CryptoFailed $ CryptoError_PublicKeySizeInvalid
secretKey :: ByteArrayAccess ba => ba -> CryptoFailable SecretKey
secretKey bs
| B.length bs == secretKeySize = unsafeDoIO $ withByteArray bs initialize
| otherwise = CryptoFailed CryptoError_SecretKeyStructureInvalid
where
initialize inp = do
valid <- isValidPtr inp
if valid
then (CryptoPassed . SecretKey) <$> B.copy bs (\_ -> return ())
else return $ CryptoFailed CryptoError_SecretKeyStructureInvalid
isValidPtr _ =
return True
signature :: ByteArrayAccess ba => ba -> CryptoFailable Signature
signature bs
| B.length bs == signatureSize =
CryptoPassed $ Signature $ B.copyAndFreeze bs (\_ -> return ())
| otherwise =
CryptoFailed CryptoError_SecretKeyStructureInvalid
toPublic :: SecretKey -> PublicKey
toPublic (SecretKey sec) = PublicKey <$>
B.allocAndFreeze publicKeySize $ \result ->
withByteArray sec $ \psec ->
ccryptonite_ed25519_publickey psec result
sign :: ByteArrayAccess ba => SecretKey -> PublicKey -> ba -> Signature
sign secret public message =
Signature $ B.allocAndFreeze signatureSize $ \sig ->
withByteArray secret $ \sec ->
withByteArray public $ \pub ->
withByteArray message $ \msg ->
ccryptonite_ed25519_sign msg (fromIntegral msgLen) sec pub sig
where
!msgLen = B.length message
verify :: ByteArrayAccess ba => PublicKey -> ba -> Signature -> Bool
verify public message signatureVal = unsafeDoIO $
withByteArray signatureVal $ \sig ->
withByteArray public $ \pub ->
withByteArray message $ \msg -> do
r <- ccryptonite_ed25519_sign_open msg (fromIntegral msgLen) pub sig
return (r == 0)
where
!msgLen = B.length message
publicKeySize :: Int
publicKeySize = 32
secretKeySize :: Int
secretKeySize = 32
signatureSize :: Int
signatureSize = 64
foreign import ccall "cryptonite_ed25519_publickey"
ccryptonite_ed25519_publickey :: Ptr SecretKey
-> Ptr PublicKey
-> IO ()
foreign import ccall "cryptonite_ed25519_sign_open"
ccryptonite_ed25519_sign_open :: Ptr Word8
-> CSize
-> Ptr PublicKey
-> Ptr Signature
-> IO CInt
foreign import ccall "cryptonite_ed25519_sign"
ccryptonite_ed25519_sign :: Ptr Word8
-> CSize
-> Ptr SecretKey
-> Ptr PublicKey
-> Ptr Signature
-> IO ()