Skip to content

Commit

Permalink
crypto: ed25519 signing should hash input
Browse files Browse the repository at this point in the history
  • Loading branch information
emturner committed Dec 14, 2023
1 parent caefa03 commit 3b3d3f6
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 5 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ parameterized by the lifetime of the input byte slice.

- Fix prefix used in `SeedEd25519` encoding.
- Add explicit prefix check during base58check decoding.
- Hash input before signing with `SecretKeyEd25519`, to match octez impl.

### Security

Expand Down
15 changes: 10 additions & 5 deletions crypto/src/hash.rs
Original file line number Diff line number Diff line change
Expand Up @@ -648,7 +648,9 @@ impl SecretKeyEd25519 {
actual: self.0.len(),
})?;

let signature = sk.sign(data.as_ref());
let payload = crate::blake2b::digest_256(data.as_ref())
.map_err(|e| CryptoError::AlgorithmError(e.to_string()))?;
let signature = sk.sign(&payload);
Ok(Signature(signature.to_bytes().to_vec()))
}
}
Expand All @@ -669,7 +671,10 @@ impl PublicKeySignatureVerifier for PublicKeyEd25519 {
let pk = ed25519_dalek::VerifyingKey::try_from(self)
.map_err(|_| CryptoError::InvalidPublicKey)?;

pk.verify_strict(bytes, &signature)
let payload = crate::blake2b::digest_256(bytes)
.map_err(|e| CryptoError::AlgorithmError(e.to_string()))?;

pk.verify_strict(&payload, &signature)
.map_err(CryptoError::Ed25519)?;

Ok(true)
Expand Down Expand Up @@ -1092,13 +1097,13 @@ mod tests {
#[test]
fn test_ed255519_signature_verification() {
let pk = PublicKeyEd25519::from_base58_check(
"edpkvWR5truf7AMF3PZVCXx7ieQLCW4MpNDzM3VwPfmFWVbBZwswBw",
"edpkuAwxKwdJK9r9Ersa185YqxPBNNZc6iFKCn8ifibHiPhztvf2NZ",
)
.unwrap();
let sig = Signature::from_base58_check(
"sigdGBG68q2vskMuac4AzyNb1xCJTfuU8MiMbQtmZLUCYydYrtTd5Lessn1EFLTDJzjXoYxRasZxXbx6tHnirbEJtikcMHt3"
"sigsZwFnCnHBdmBcD763TUFZL5wCLXBDmAwPMyGY5edWe1B8XQQBv4X83RHkkrScVkAEKmU3CYg3cLH8Gja24LfDRyR23raX"
).unwrap();
let msg = hex::decode("bcbb7b77cb0712e4cd02160308cfd53e8dde8a7980c4ff28b62deb12304913c2")
let msg = hex::decode("b718d2420ad9498466bbfddf864f02f8a9a526a8585cf2e38ffac60e7a86f022cb0242acd44d3628255bf4b90d0737911193bf2e98064b9b237017d9b0b5fb53af478196f6bc99e43e7009e6")
.unwrap();

let result = pk.verify_signature(&sig, &msg).unwrap();
Expand Down

0 comments on commit 3b3d3f6

Please sign in to comment.