Check-in [027525ece7]
Overview
Comment:Added validation to verification
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 027525ece7fe32a6f8779c8d50f9b74772dc3eb0735dc1d90af04064e29357be
User & Date: rkeene on 2018-07-01 21:50:10
Other Links: manifest | tags
Context
2018-07-01
22:04
Added support for hashing arbitrary data check-in: 54a51a61b6 user: rkeene tags: trunk
21:50
Added validation to verification check-in: 027525ece7 user: rkeene tags: trunk
20:55
Ensure we include the headers for memcpy() check-in: f12cd8142a user: rkeene tags: trunk
Changes

Modified build/test/test.tcl from [9536bccf33] to [45be124a0a].

1
2
3
4
5
6
7

8
9
10
11
12
13
14
15

16
17
18


19
20



21


22





















23
24
25
#! /usr/bin/env tclsh

lappend auto_path [file join [file dirname [info script]] .. ..]

package require nano

proc test1 {} {

	set data [binary decode hex 0000000000000000000000000000000000000000000000000000000000000000]
	set key  [binary decode hex C4D214F19E706E9C7487CEF00DE8059200C32414F0ED82E5E33B523AEDF719BA]
	set signed [string toupper [binary encode hex [::nano::internal::signDetached $data $key]]]
	set signed_expected 1C2DE9B8A71215F949A11BBEA7EFA4ECD67A8C2B5A9AD98AE6B1AB7F7A3D2CFD715F570309148C7B39C346FB9B91B321D7E75BD598F271AF31AB60A99D086709

	if {$signed ne $signed_expected} {
		puts "\[FAIL\] Got: $signed"
		puts "\[FAIL\] Exp: $signed_expected"

		return false
	}



	set pubKey [::nano::internal::publicKey $key]
	set pubKey [binary encode hex $pubKey]






	puts "Pub: $pubKey"





















}

test1







>


|
|

|
|
|
>



>
>

|
>
>
>

>
>
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>



1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
#! /usr/bin/env tclsh

lappend auto_path [file join [file dirname [info script]] .. ..]

package require nano

proc test1 {} {
	# Detached signature
	set data [binary decode hex 0000000000000000000000000000000000000000000000000000000000000000]
	set key  [binary decode hex C4D214F19E706E9C7487CEF00DE8059200C32414F0ED82E5E33B523AEDF719BA]
	set sig  [string toupper [binary encode hex [::nano::internal::signDetached $data $key]]]
	set sig_expected 1C2DE9B8A71215F949A11BBEA7EFA4ECD67A8C2B5A9AD98AE6B1AB7F7A3D2CFD715F570309148C7B39C346FB9B91B321D7E75BD598F271AF31AB60A99D086709

	if {$sig ne $sig_expected} {
		puts "\[FAIL\] Got: $sig"
		puts "\[FAIL\] Exp: $sig_expected"

		return false
	}

	# Public key generation
	set pubKey_expected "FE1934767B26FA05A1526E40101E899959AB088FA1C4219865F33669E8EB99B6"
	set pubKey [::nano::internal::publicKey $key]
	set pubKey [string toupper [binary encode hex $pubKey]]
	if {$pubKey ne $pubKey_expected} {
		puts "\[FAIL\] Got: $pubKey"
		puts "\[FAIL\] Exp: $pubKey_expected"

		return false
	}

	# Detached signature verification
	## Positive
	set data   [binary decode hex 0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF]
	set key    [binary decode hex C4D214F19E706E9C7487CEF00DE8059200C32414F0ED82E5E33B523AEDF719BA]
	set pubKey [::nano::internal::publicKey $key]
	set sig    [::nano::internal::signDetached $data $key]
	set verified [::nano::internal::verifyDetached $data $sig $pubKey]
	if {!$verified} {
		puts "\[FAIL\] Got: $verified"
		puts "\[FAIL\] Exp: true"
		return false
	}

	## Negative
	set pubKey [binary decode hex "7E0008FAD05BD9E22A8DEBA963CE3C9C769BC01B00974226D264C9078A7A98A8"]
	set verified [::nano::internal::verifyDetached $data $sig $pubKey]
	if {$verified} {
		puts "\[FAIL\] Got: $verified"
		puts "\[FAIL\] Exp: false"
		return false
	}
}

test1

Modified nano.c from [6a8716cb4e] to [ca961d2702].

186
187
188
189
190
191
192

193
194
195
196
197
198
199
}

static int nano_tcl_verify_detached(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
	int cso_ret;
	unsigned char *signature, *data, *signed_data, *public_key;
	int signature_length, data_length, signed_data_length, public_key_length;
	unsigned long long data_length_nacl;


	if (objc != 4) {
		Tcl_WrongNumArgs(interp, 1, objv, "data signature publicKey");

		return(TCL_ERROR);
	}








>







186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
}

static int nano_tcl_verify_detached(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
	int cso_ret;
	unsigned char *signature, *data, *signed_data, *public_key;
	int signature_length, data_length, signed_data_length, public_key_length;
	unsigned long long data_length_nacl;
	int result;

	if (objc != 4) {
		Tcl_WrongNumArgs(interp, 1, objv, "data signature publicKey");

		return(TCL_ERROR);
	}

221
222
223
224
225
226
227

228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
	}

	memcpy(signed_data, signature, signature_length);
	memcpy(signed_data + signature_length, data, data_length);

	data_length_nacl = data_length;
	cso_ret = crypto_sign_open(data, &data_length_nacl, signed_data, signed_data_length, public_key);

	if (cso_ret != 0) {
		Tcl_Free((char *) signed_data);

		Tcl_SetResult(interp, "crypto_sign_open failed", NULL);

		return(TCL_ERROR);
	}

	Tcl_Free((char *) signed_data);

	/* XXX:TODO: Validate */

	return(TCL_OK);

	/* NOTREACH */
	clientData = clientData;
}








>
|
<
|
<
<
<




|







222
223
224
225
226
227
228
229
230

231



232
233
234
235
236
237
238
239
240
241
242
243
	}

	memcpy(signed_data, signature, signature_length);
	memcpy(signed_data + signature_length, data, data_length);

	data_length_nacl = data_length;
	cso_ret = crypto_sign_open(data, &data_length_nacl, signed_data, signed_data_length, public_key);
	result = 0;
	if (cso_ret == 0) {

		result = 1;



	}

	Tcl_Free((char *) signed_data);

	Tcl_SetObjResult(interp, Tcl_NewBooleanObj(result));

	return(TCL_OK);

	/* NOTREACH */
	clientData = clientData;
}