Index: .fossil-settings/ignore-glob
==================================================================
--- .fossil-settings/ignore-glob
+++ .fossil-settings/ignore-glob
@@ -1,6 +1,7 @@
 nano.so
+nano.o
 Makefile
 pkgIndex.tcl
 aclocal.m4
 config.guess
 config.sub

Index: Makefile.in
==================================================================
--- Makefile.in
+++ Makefile.in
@@ -1,8 +1,8 @@
 CC            := @CC@
 CFLAGS        := @CFLAGS@ @SHOBJFLAGS@
-CPPFLAGS      := @CPPFLAGS@ @SHOBJCPPFLAGS@
+CPPFLAGS      := -I./tweetnacl/ -I./blake2b/ -DSUPERCOP=1 @CPPFLAGS@ @SHOBJCPPFLAGS@
 LDFLAGS       := @LDFLAGS@
 LIBS          := @LIBS@
 SHOBJLDFLAGS  := @SHOBJLDFLAGS@
 export CC CFLAGS CPPFLAGS
 

ADDED   build/test/test.tcl
Index: build/test/test.tcl
==================================================================
--- /dev/null
+++ build/test/test.tcl
@@ -0,0 +1,11 @@
+#! /usr/bin/env tclsh
+
+lappend auto_path [file join [file dirname [info script]] .. ..]
+
+package require nano
+
+set key [binary decode hex 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000]
+puts "Key Length: [string length $key]"
+set signed [binary encode hex [::nano::internal::sign "" $key]]
+
+puts $signed

Index: nano.c
==================================================================
--- nano.c
+++ nano.c
@@ -1,7 +1,9 @@
 #include <tcl.h>
 #include <stdint.h>
+#include <limits.h>
+#include "tweetnacl.h"
 
 #if 0
 #include <sys/random.h>
 
 void randombytes(uint8_t *buffer, uint64_t length) {
@@ -44,10 +46,13 @@
 
 	return;
 }
 #endif
 
+/*
+ * XXX:TODO: NOT RANDOM: For testing only
+ */
 void randombytes(uint8_t *buffer, uint64_t length) {
 	while (length > 0) {
 		buffer[length - 1] = (length % 256);
 		length--;
 	}
@@ -54,11 +59,56 @@
 
 	return;
 }
 
 static int nano_sign(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
+	int cs_ret;
+	unsigned char *signature, *data, *secret_key;
+	unsigned long long signature_length;
+	int data_length, secret_key_length;
+
+	if (objc != 3) {
+		Tcl_WrongNumArgs(interp, 1, objv, "data secretKey");
+
+		return(TCL_ERROR);
+	}
+
+	data = Tcl_GetByteArrayFromObj(objv[1], &data_length);
+	secret_key = Tcl_GetByteArrayFromObj(objv[2], &secret_key_length);
+	if (secret_key_length != crypto_sign_SECRETKEYBYTES) {
+		Tcl_SetResult(interp, "Secret key is not the right size", NULL);
+
+		return(TCL_ERROR);
+	}
+
+	signature_length = data_length + crypto_sign_BYTES;
+	if (signature_length >= UINT_MAX) {
+		Tcl_SetResult(interp, "Input message too long", NULL);
+
+		return(TCL_ERROR);
+	}
+
+	signature = (unsigned char *) Tcl_AttemptAlloc(signature_length);
+	if (!signature) {
+		Tcl_SetResult(interp, "Unable to allocate memory", NULL);
+
+		return(TCL_ERROR);
+	}
+
+	cs_ret = crypto_sign(signature, &signature_length, data, data_length, secret_key);
+	if (cs_ret != 0) {
+		Tcl_SetResult(interp, "crypto_sign failed", NULL);
+
+		return(TCL_ERROR);
+	}
+
+	Tcl_SetObjResult(interp, Tcl_NewByteArrayObj(signature, signature_length));
+
 	return(TCL_OK);
+
+	/* NOTREACH */
+	clientData = clientData;
 }
 
 int Nano_Init(Tcl_Interp *interp) {
 #ifdef USE_TCL_STUBS
 	const char *tclInitStubs_ret;
@@ -67,9 +117,10 @@
 	tclInitStubs_ret = Tcl_InitStubs(interp, TCL_PATCH_LEVEL, 0);
 	if (!tclInitStubs_ret) {
 		return(TCL_ERROR);
 	}
 #endif
+
 	Tcl_CreateObjCommand(interp, "::nano::internal::sign", nano_sign, NULL, NULL);
 
 	return(TCL_OK);
 }