diff --git a/libi2pd/Signature.cpp b/libi2pd/Signature.cpp index 342b6d03..d9fa0248 100644 --- a/libi2pd/Signature.cpp +++ b/libi2pd/Signature.cpp @@ -1,5 +1,5 @@ /* -* Copyright (c) 2013-2023, The PurpleI2P Project +* Copyright (c) 2013-2025, The PurpleI2P Project * * This file is part of Purple i2pd project and licensed under BSD3 * @@ -149,5 +149,56 @@ namespace crypto LogPrint (eLogError, "EdDSA signing key is not set"); } #endif + +#if (OPENSSL_VERSION_NUMBER >= 0x030000000) + static const OSSL_PARAM EDDSA25519phParams[] = + { + OSSL_PARAM_utf8_string ("instance", (char *)"Ed25519ph", 9), + OSSL_PARAM_END + }; + + bool EDDSA25519phVerifier::Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const + { + auto pkey = GetPkey (); + if (pkey) + { + uint8_t digest[64]; + SHA512 (buf, len, digest); + EVP_MD_CTX * ctx = EVP_MD_CTX_create (); + EVP_DigestVerifyInit_ex (ctx, NULL, NULL, NULL, NULL, pkey, EDDSA25519phParams); + auto ret = EVP_DigestVerify (ctx, signature, 64, digest, 64); + EVP_MD_CTX_destroy (ctx); + return ret; + } + else + LogPrint (eLogError, "EdDSA verification key is not set"); + return false; + } + + EDDSA25519phSigner::EDDSA25519phSigner (const uint8_t * signingPrivateKey): + EDDSA25519Signer (signingPrivateKey) + { + } + + void EDDSA25519phSigner::Sign (const uint8_t * buf, int len, uint8_t * signature) const + { + auto pkey = GetPkey (); + if (pkey) + { + uint8_t digest[64]; + SHA512 (buf, len, digest); + EVP_MD_CTX * ctx = EVP_MD_CTX_create (); + size_t l = 64; + uint8_t sig[64]; + EVP_DigestSignInit_ex (ctx, NULL, NULL, NULL, NULL, pkey, EDDSA25519phParams); + if (!EVP_DigestSign (ctx, sig, &l, digest, 64)) + LogPrint (eLogError, "EdDSA signing failed"); + memcpy (signature, sig, 64); + EVP_MD_CTX_destroy (ctx); + } + else + LogPrint (eLogError, "EdDSA signing key is not set"); + } +#endif } } diff --git a/libi2pd/Signature.h b/libi2pd/Signature.h index 8bd94357..2a731703 100644 --- a/libi2pd/Signature.h +++ b/libi2pd/Signature.h @@ -1,5 +1,5 @@ /* -* Copyright (c) 2013-2023, The PurpleI2P Project +* Copyright (c) 2013-2025, The PurpleI2P Project * * This file is part of Purple i2pd project and licensed under BSD3 * @@ -303,14 +303,28 @@ namespace crypto private: -#if OPENSSL_EDDSA +#if OPENSSL_EDDSA + EVP_PKEY * m_Pkey; + + protected: + + EVP_PKEY * GetPkey () const { return m_Pkey; }; #else EDDSAPoint m_PublicKey; uint8_t m_PublicKeyEncoded[EDDSA25519_PUBLIC_KEY_LENGTH]; #endif }; +#if (OPENSSL_VERSION_NUMBER >= 0x030000000) // since 3.0.0 + class EDDSA25519phVerifier: public EDDSA25519Verifier + { + public: + + bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const; + }; +#endif + class EDDSA25519SignerCompat: public Signer { public: @@ -339,6 +353,10 @@ namespace crypto void Sign (const uint8_t * buf, int len, uint8_t * signature) const; + protected: + + EVP_PKEY * GetPkey () const { return m_Pkey; }; + private: EVP_PKEY * m_Pkey; @@ -350,6 +368,18 @@ namespace crypto #endif +#if (OPENSSL_VERSION_NUMBER >= 0x030000000) // since 3.0.0 + class EDDSA25519phSigner: public EDDSA25519Signer + { + public: + + EDDSA25519phSigner (const uint8_t * signingPrivateKey); + + void Sign (const uint8_t * buf, int len, uint8_t * signature) const; + }; + +#endif + inline void CreateEDDSA25519RandomKeys (uint8_t * signingPrivateKey, uint8_t * signingPublicKey) { #if OPENSSL_EDDSA