Add support for Ed25519 signatures.

2026-02-12 10:49:06 +01:00 · 2017-11-22 14:28:16 +00:00
parent 92748ac872
commit 166fc2948c
14 changed files with 333 additions and 34 deletions
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java
@@ -20,6 +20,10 @@ public interface CryptoComponent {

 	KeyParser getSignatureKeyParser();

+	KeyPair generateEdKeyPair();
+
+	KeyParser getEdKeyParser();
+
 	KeyParser getMessageKeyParser();

 	/**
@@ -61,7 +65,6 @@ public interface CryptoComponent {
 	 * @param ourKeyPair our ephemeral keypair
 	 * @param alice true if ourKeyPair belongs to Alice
 	 * @return the shared secret
-	 * @throws GeneralSecurityException
 	 */
 	SecretKey deriveSharedSecret(byte[] theirPublicKey, KeyPair ourKeyPair,
 			boolean alice) throws GeneralSecurityException;
@@ -106,7 +109,6 @@ public interface CryptoComponent {
 	 * @param ourKeyPair our ephemeral keypair
 	 * @param alice true if ourKeyPair belongs to Alice
 	 * @return the shared secret
-	 * @throws GeneralSecurityException
 	 */
 	SecretKey deriveMasterSecret(byte[] theirPublicKey, KeyPair ourKeyPair,
 			boolean alice) throws GeneralSecurityException;
@@ -130,7 +132,7 @@ public interface CryptoComponent {
 			long streamNumber);

 	/**
-	 * Signs the given byte[] with the given PrivateKey.
+	 * Signs the given byte[] with the given ECDSA private key.
 	 *
 	 * @param label A label specific to this signature
 	 *              to ensure that the signature cannot be repurposed
@@ -139,8 +141,17 @@ public interface CryptoComponent {
 			throws GeneralSecurityException;

 	/**
-	 * Verifies that the given signature is valid for the signedData
-	 * and the given publicKey.
+	 * Signs the given byte[] with the given Ed25519 private keu.
+	 *
+	 * @param label A label specific to this signature
+	 *              to ensure that the signature cannot be repurposed
+	 */
+	byte[] signEd(String label, byte[] toSign, byte[] privateKey)
+			throws GeneralSecurityException;
+
+	/**
+	 * Verifies that the given signature is valid for the signed data
+	 * and the given ECDSA public key.
 	 *
 	 * @param label A label that was specific to this signature
 	 *              to ensure that the signature cannot be repurposed
@@ -149,6 +160,17 @@ public interface CryptoComponent {
 	boolean verify(String label, byte[] signedData, byte[] publicKey,
 			byte[] signature) throws GeneralSecurityException;

+	/**
+	 * Verifies that the given signature is valid for the signed data
+	 * and the given Ed25519 public key.
+	 *
+	 * @param label A label that was specific to this signature
+	 *              to ensure that the signature cannot be repurposed
+	 * @return true if the signature was valid, false otherwise.
+	 */
+	boolean verifyEd(String label, byte[] signedData, byte[] publicKey,
+			byte[] signature) throws GeneralSecurityException;
+
 	/**
 	 * Returns the hash of the given inputs. The inputs are unambiguously
 	 * combined by prefixing each input with its length.