search

JamesTheAwesomeDude / pypqc

Attempt to expose Wiggers and Stebila's PQClean via Python CFFI
Other
0 stars 1 forks source link

Add "non-detached" signature support #15

Open JamesTheAwesomeDude opened 5 months ago

JamesTheAwesomeDude commented 5 months ago

It looks like PQClean adds an alternative "non-detached" signature mode

The API there looks a little weird

  1. returns int indicating success/failure
  2. uint8_t *sm which is a pre-allocated array of mlen + CRYPTO_BYTES bytes, which the result will be written into
  3. size_t *smlen which is a pre-allocated pointer, which (*mlen) + siglen will be written into
    • This is, of course, only useful when siglen < CRYPTO_BYTES may occur, (i.e. variable-length signatures.)
  4. const uint8_t *m, which is the array containing the message.
    • When sm == m, then I guess that allows big efficiency gains with memmove? (Does that mean we can reasonably deduce that the signature is always appended to the message?)
  5. size_t mlen, which is, of course, the length of the message
  6. const uint8_t sk[CRYPTO_SECRETKEYBYTES]
JamesTheAwesomeDude commented 5 months ago

sign_attached is low priority, perhaps; it really does look like this is a pure "helper function" that does nothing special

int crypto_sign(uint8_t *sm, size_t *smlen,
                const uint8_t *m, size_t mlen,
                const uint8_t *sk) {
    size_t siglen;

    crypto_sign_signature(sm, &siglen, m, mlen, sk);

    memmove(sm + SPX_BYTES, m, mlen);
    *smlen = siglen + mlen;

    return 0;
}

However, I wonder if it could provide value in making an API for writing into a bytearray, cf. BufferedIOBase.readinto()?

Maybe not exactly the same, but using PyByteArray_Resize?

from pqc.sign import falcon_512 as sigalg

m = '\x00\x69MessageToBeSigned\x69\x00'

msigned = sigalg.sign_attached(m)
mbuf = bytearray(m); sigalg.sign_inplace(mbuf)

assert len(msigned) > len(m)
assert len(mbuf) > len(m)
sigalg.verify_attached(msigned)
sigalg.verify_attached(mbuf)