Implement key_pair, sign, and verify

This commit is contained in:
Luke Murphy 2019-10-05 11:34:57 +02:00
parent f43cf4fa52
commit 1072d2662a
No known key found for this signature in database
GPG Key ID: 5E2EF5A63E3718CC
3 changed files with 38 additions and 22 deletions

View File

@ -1,10 +1,16 @@
"""hypercore-crypto module.""" """hypercore-crypto module."""
# Note(decentral1se): Included to match export list of the original Javascript
# reference implementation. However, we don't implement this function
# ourselves.
from nacl.hash import blake2b # noqa
from hypercore_crypto.crypto import ( # noqa from hypercore_crypto.crypto import ( # noqa
blake2b, blake2b,
data, data,
discovery_key, discovery_key,
encode_unsigned_int64, encode_unsigned_int64,
key_pair,
leaf, leaf,
parent, parent,
random_bytes, random_bytes,

View File

@ -1,11 +1,15 @@
"""Cryptography primitives for Hypercore.""" """Cryptography primitives for Hypercore."""
from typing import Optional, Tuple
import nacl.exceptions
from nacl.bindings import ( from nacl.bindings import (
crypto_sign,
crypto_sign_keypair, crypto_sign_keypair,
crypto_sign_PUBLICKEYBYTES,
crypto_sign_SECRETKEYBYTES,
crypto_sign_seed_keypair, crypto_sign_seed_keypair,
) )
from nacl.hash import blake2b
from nacl.signing import VerifyKey
# https://en.wikipedia.org/wiki/Merkle_tree#Second_preimage_attack # https://en.wikipedia.org/wiki/Merkle_tree#Second_preimage_attack
LEAF_TYPE = bytearray([0]) LEAF_TYPE = bytearray([0])
@ -14,30 +18,31 @@ ROOT_TYPE = bytearray([2])
HYPERCORE = bytearray('hypercore', encoding='utf-8') HYPERCORE = bytearray('hypercore', encoding='utf-8')
# TODO(decentral1se): don't forget to type this def key_pair(seed: Optional[bytes] = None) -> Tuple[bytes, bytes]:
def key_pair(seed=None): """A new public key and secret key pair.
"""The signed public/secret key length."""
public_key = bytearray(crypto_sign_PUBLICKEYBYTES)
secret_key = bytearray(crypto_sign_SECRETKEYBYTES)
The seed must be at least 32 characters in length.
"""
if seed: if seed:
crypto_sign_seed_keypair(public_key, secret_key, seed) return crypto_sign_seed_keypair(seed)
else: return crypto_sign_keypair()
crypto_sign_keypair(public_key, secret_key)
return {'public-key': public_key, 'secret-key': secret_key}
def sign(): def sign(message: bytes, secret_key: bytes) -> bytes:
pass """Signed message from a secret key."""
return crypto_sign(message, secret_key)
def verify(): def verify(signed_message: bytes, signature: bytes, public_key: bytes) -> bool:
pass """Verify a signed message."""
try:
VerifyKey(public_key).verify(signed_message, signature=signature)
except (nacl.exceptions.TypeError, nacl.exceptions.BadSignatureError):
return False
return True
def data(): def data(data: bytes):
pass pass
@ -63,7 +68,3 @@ def discovery_key():
def encode_unsigned_int64(): def encode_unsigned_int64():
pass pass
def blake2b():
pass

9
test/test_crypto.py Normal file
View File

@ -0,0 +1,9 @@
"""Cryptography primitives test module."""
from hypercore_crypto import key_pair
def test_key_pair_length():
public_key, secret_key = key_pair()
assert len(public_key) == 32
assert len(secret_key) == 64