private void DoTestConsistency(Ed25519.Algorithm algorithm, byte[] context)
{
Ed25519KeyPairGenerator kpg = new Ed25519KeyPairGenerator();
kpg.Init(new Ed25519KeyGenerationParameters(Random));
AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
Ed25519PrivateKeyParameters privateKey = (Ed25519PrivateKeyParameters)kp.Private;
Ed25519PublicKeyParameters publicKey = (Ed25519PublicKeyParameters)kp.Public;
byte[] msg = new byte[Random.NextInt() & 255];
Random.NextBytes(msg);
ISigner signer = CreateSigner(algorithm, context);
signer.Init(true, privateKey);
signer.BlockUpdate(msg, 0, msg.Length);
byte[] signature = signer.GenerateSignature();
ISigner verifier = CreateSigner(algorithm, context);
{
verifier.Init(false, publicKey);
verifier.BlockUpdate(msg, 0, msg.Length);
bool shouldVerify = verifier.VerifySignature(signature);
if (!shouldVerify)
{
Fail("Ed25519(" + algorithm + ") signature failed to verify");
}
}
{
byte[] wrongLengthSignature = Arrays.Append(signature, 0x00);
verifier.Init(false, publicKey);
verifier.BlockUpdate(msg, 0, msg.Length);
bool shouldNotVerify = verifier.VerifySignature(wrongLengthSignature);
if (shouldNotVerify)
{
Fail("Ed25519(" + algorithm + ") wrong length signature incorrectly verified");
}
}
{
byte[] badSignature = Arrays.Clone(signature);
badSignature[Random.Next() % badSignature.Length] ^= (byte)(1 << (Random.NextInt() & 7));
verifier.Init(false, publicKey);
verifier.BlockUpdate(msg, 0, msg.Length);
bool shouldNotVerify = verifier.VerifySignature(badSignature);
if (shouldNotVerify)
{
Fail("Ed25519(" + algorithm + ") bad signature incorrectly verified");
}
}
}
public void Sign(Ed25519.Algorithm algorithm, Ed25519PublicKeyParameters publicKey, byte[] ctx, byte[] msg, int msgOff, int msgLen,
byte[] sig, int sigOff)
{
byte[] pk = new byte[Ed25519.PublicKeySize];
if (null == publicKey)
{
Ed25519.GeneratePublicKey(data, 0, pk, 0);
}
else
{
publicKey.Encode(pk, 0);
}
switch (algorithm)
{
case Ed25519.Algorithm.Ed25519:
{
if (null != ctx)
{
throw new ArgumentException("ctx");
}
Ed25519.Sign(data, 0, pk, 0, msg, msgOff, msgLen, sig, sigOff);
break;
}
case Ed25519.Algorithm.Ed25519ctx:
{
Ed25519.Sign(data, 0, pk, 0, ctx, msg, msgOff, msgLen, sig, sigOff);
break;
}
case Ed25519.Algorithm.Ed25519ph:
{
if (Ed25519.PrehashSize != msgLen)
{
throw new ArgumentException("msgLen");
}
Ed25519.SignPrehash(data, 0, pk, 0, ctx, msg, msgOff, sig, sigOff);
break;
}
default:
{
throw new ArgumentException("algorithm");
}
}
}
private ISigner CreateSigner(Ed25519.Algorithm algorithm, byte[] context)
{
switch (algorithm)
{
case Ed25519.Algorithm.Ed25519:
return(new Ed25519Signer());
case Ed25519.Algorithm.Ed25519ctx:
return(new Ed25519ctxSigner(context));
case Ed25519.Algorithm.Ed25519ph:
return(new Ed25519phSigner(context));
default:
throw new ArgumentException("algorithm");
}
}
public void Sign(Ed25519.Algorithm algorithm, Ed25519PublicKeyParameters publicKey, byte[] ctx, byte[] msg, int msgOff, int msgLen,
byte[] sig, int sigOff)
{
Sign(algorithm, ctx, msg, msgOff, msgLen, sig, sigOff);
}
