-
Notifications
You must be signed in to change notification settings - Fork 0
/
Ed25519.cs
105 lines (81 loc) · 3.2 KB
/
Ed25519.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
using NSec.Cryptography;
namespace biscuit_net;
public class Ed25519 : ICryptoProvider
{
public Ed25519() {}
public IEphemeralSigningKey CreateEphemeral()
{
return new EphemeralSigningKey();
}
public IEphemeralSigningKey CreateEphemeral(byte[] secretKey)
{
return new EphemeralSigningKey(secretKey);
}
public IVerificationKey CreateVerification(Proto.PublicKey publicKey)
{
return new VerificationKey(publicKey);
}
public static ISigningKey NewSigningKey()
{
return new SigningKey();
}
class SigningKey : ISigningKey
{
readonly SignatureAlgorithm _algorithm = SignatureAlgorithm.Ed25519;
readonly NSec.Cryptography.Key _key;
public PublicKey Public => new(Algorithm.Ed25519, _key.PublicKey.Export(KeyBlobFormat.RawPublicKey));
public SigningKey()
{
_key = NSec.Cryptography.Key.Create(_algorithm);
}
public byte[] Sign(ReadOnlySpan<byte> data)
=> _algorithm.Sign(_key, data);
public ICryptoProvider CreateProvider() => new Ed25519();
}
class EphemeralSigningKey : IEphemeralSigningKey
{
readonly SignatureAlgorithm _algorithm = SignatureAlgorithm.Ed25519;
readonly NSec.Cryptography.Key _key;
public byte[] Private => _key.Export(KeyBlobFormat.RawPrivateKey);
public PublicKey Public => new(Algorithm.Ed25519, _key.PublicKey.Export(KeyBlobFormat.RawPublicKey));
public EphemeralSigningKey()
{
var creationParameters = new KeyCreationParameters()
{
ExportPolicy = KeyExportPolicies.AllowPlaintextExport
};
_key = NSec.Cryptography.Key.Create(_algorithm, creationParameters);
}
public EphemeralSigningKey(byte[] secretKey)
{
_key = NSec.Cryptography.Key.Import(_algorithm, secretKey, KeyBlobFormat.RawPrivateKey);
}
public byte[] Sign(ReadOnlySpan<byte> data)
=> _algorithm.Sign(_key, data);
public ICryptoProvider CreateProvider() => new Ed25519();
}
public class VerificationKey : IVerificationKey
{
readonly SignatureAlgorithm _algorithm;
readonly NSec.Cryptography.PublicKey _key;
public PublicKey PublicKey => new(Algorithm.Ed25519, _publicKey);
readonly byte[] _publicKey;
public VerificationKey(byte[] key) : this(new PublicKey(Algorithm.Ed25519, key))
{
}
public VerificationKey(Proto.PublicKey publicKey)
{
_algorithm = SignatureAlgorithm.Ed25519;
_publicKey = publicKey.Key;
_key = NSec.Cryptography.PublicKey.Import(_algorithm, publicKey.Key, KeyBlobFormat.RawPublicKey);
}
public VerificationKey(PublicKey publicKey)
{
_algorithm = SignatureAlgorithm.Ed25519;
_publicKey = publicKey.Key;
_key = NSec.Cryptography.PublicKey.Import(_algorithm, publicKey.Key, KeyBlobFormat.RawPublicKey);
}
public bool Verify(ReadOnlySpan<byte> data, ReadOnlySpan<byte> signature)
=> _algorithm.Verify(_key, data, signature);
}
}