really still wip

User/lib/ed25519/ed_25519.h

@@ -4,34 +4,21 @@
 // Nightcracker's Ed25519 -  https://github.com/orlp/ed25519
 
 #include <stddef.h>
-
-#if defined(_WIN32)
-    #if defined(ED25519_BUILD_DLL)
-        #define ED25519_DECLSPEC __declspec(dllexport)
-    #elif defined(ED25519_DLL)
-        #define ED25519_DECLSPEC __declspec(dllimport)
-    #else
-        #define ED25519_DECLSPEC
-    #endif
-#else
-    #define ED25519_DECLSPEC
-#endif
-
+#include "meshcore/packetstructs.h"
 
 #ifdef __cplusplus
 extern "C" {
 #endif
 
-#ifndef ED25519_NO_SEED
-int ED25519_DECLSPEC ed25519_create_seed(unsigned char *seed);
-#endif
 
-void ED25519_DECLSPEC ed25519_create_keypair(unsigned char *public_key, unsigned char *private_key, const unsigned char *seed);
-void ED25519_DECLSPEC ed25519_derive_pub(unsigned char *public_key, const unsigned char *private_key);
-void ED25519_DECLSPEC ed25519_sign(unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *public_key, const unsigned char *private_key);
-int ED25519_DECLSPEC ed25519_verify(const unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *public_key);
-void ED25519_DECLSPEC ed25519_add_scalar(unsigned char *public_key, unsigned char *private_key, const unsigned char *scalar);
-void ED25519_DECLSPEC ed25519_key_exchange(unsigned char *shared_secret, const unsigned char *public_key, const unsigned char *private_key);
+void ed25519_create_keypair(unsigned char *public_key, unsigned char *private_key, const unsigned char *seed);
+void ed25519_derive_pub(unsigned char *public_key, const unsigned char *private_key);
+void ed25519_sign(unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *public_key, const unsigned char *private_key);
+void ed25519_sign_ad(FrameStruct *frame);
+int ed25519_verify(const unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *public_key);
+int ed25519_verify_ad(const FrameStruct *frame);
+void ed25519_add_scalar(unsigned char *public_key, unsigned char *private_key, const unsigned char *scalar);
+void ed25519_key_exchange(unsigned char *shared_secret, const unsigned char *public_key, const unsigned char *private_key);
 
 
 #ifdef __cplusplus

User/lib/ed25519/seed.c

@@ -1,40 +0,0 @@
-#include "ed_25519.h"
-
-#ifndef ED25519_NO_SEED
-
-#ifdef _WIN32
-#include <windows.h>
-#include <wincrypt.h>
-#else
-#include <stdio.h>
-#endif
-
-int ed25519_create_seed(unsigned char *seed) {
-#ifdef _WIN32
-    HCRYPTPROV prov;
-
-    if (!CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))  {
-        return 1;
-    }
-
-    if (!CryptGenRandom(prov, 32, seed))  {
-        CryptReleaseContext(prov, 0);
-        return 1;
-    }
-
-    CryptReleaseContext(prov, 0);
-#else
-    FILE *f = fopen("/dev/urandom", "rb");
-
-    if (f == NULL) {
-        return 1;
-    }
-
-    fread(seed, 1, 32, f);
-    fclose(f);
-#endif
-
-    return 0;
-}
-
-#endif

User/lib/ed25519/sign.c

@@ -1,4 +1,5 @@
 #include "ed_25519.h"
+#include "lib/config.h"
 #include "sha512.h"
 #include "ge.h"
 #include "sc.h"
@@ -29,3 +30,35 @@ void ed25519_sign(unsigned char *signature, const unsigned char *message, size_t
     sc_reduce(hram);
     sc_muladd(signature + 32, hram, private_key, r);
 }
+
+void ed25519_sign_ad(FrameStruct *frame) {
+    sha512_context hash;
+    unsigned char hram[64];
+    unsigned char r[64];
+    ge_p3 R;
+
+    unsigned char *signature = &(frame->payload[36]);
+
+
+    sha512_init(&hash);
+    sha512_update(&hash, persistent.privkey + 32, 32);
+    sha512_update(&hash, frame->payload, 32);
+    sha512_update(&hash, frame->payload, 36); // pubkey and timestamp combined (32 bytes pubkey, 4 bytes timestamp)
+    sha512_update(&hash, &(frame->payload[100]), frame->payloadLen - 100);
+    sha512_final(&hash, r);
+
+    sc_reduce(r);
+    ge_scalarmult_base(&R, r);
+    ge_p3_tobytes(signature, &R);
+
+    sha512_init(&hash);
+    sha512_update(&hash, signature, 32);
+    sha512_update(&hash, frame->payload, 32);
+    sha512_update(&hash, frame->payload, 36); // pubkey and timestamp combined (32 bytes pubkey, 4 bytes timestamp)
+    sha512_update(&hash, &(frame->payload[100]), frame->payloadLen - 100);
+    sha512_final(&hash, hram);
+
+    sc_reduce(hram);
+    sc_muladd(signature + 32, hram, persistent.privkey, r);
+}
+

User/lib/ed25519/verify.c

@@ -75,3 +75,38 @@ int ed25519_verify(const unsigned char *signature, const unsigned char *message,
 
     return 1;
 }
+
+
+int ed25519_verify_ad(const FrameStruct *frame) {
+    unsigned char h[64];
+    unsigned char checker[32];
+    sha512_context hash;
+    ge_p3 A;
+    ge_p2 R;
+    const unsigned char *signature = &(frame->payload[36]);
+
+    if (signature[63] & 224) {
+        return 0;
+    }
+
+    if (ge_frombytes_negate_vartime(&A, frame->payload) != 0) { //pubkey is at start
+        return 0;
+    }
+
+    sha512_init(&hash);
+    sha512_update(&hash, signature, 32);
+    sha512_update(&hash, frame->payload, 32);
+    sha512_update(&hash, frame->payload, 36); // pubkey and timestamp combined (32 bytes pubkey, 4 bytes timestamp)
+    sha512_update(&hash, &(frame->payload[100]), frame->payloadLen - 100);
+    sha512_final(&hash, h);
+    
+    sc_reduce(h);
+    ge_double_scalarmult_vartime(&R, h, &A, signature + 32);
+    ge_tobytes(checker, &R);
+
+    if (!consttime_equal(checker, signature)) {
+        return 0;
+    }
+
+    return 1;
+}