def crypto_sign_ed25519ph_final_verify(edph, signature, pk):
    """
    Verify a prehashed signature using the public key pk

    :param edph: the ed25519ph state for the data
                 being verified
    :type edph: crypto_sign_ed25519ph_state
    :param signature: the signature being verified
    :type signature: bytes
    :param pk: the ed25519 public part of the signing key
    :type pk: bytes
    :return: True if the signature is valid
    :rtype: boolean
    :raises exc.BadSignatureError: if the signature is not valid
    """
    ensure(
        isinstance(edph, crypto_sign_ed25519ph_state),
        "edph parameter must be a ed25519ph_state object",
        raising=exc.TypeError,
    )
    ensure(
        isinstance(signature, bytes),
        "signature parameter must be a bytes object",
        raising=exc.TypeError,
    )
    ensure(
        len(signature) == crypto_sign_BYTES,
        ("signature must be {0} "
         "bytes long").format(crypto_sign_BYTES),
        raising=exc.TypeError,
    )
    ensure(
        isinstance(pk, bytes),
        "public key parameter must be a bytes object",
        raising=exc.TypeError,
    )
    ensure(
        len(pk) == crypto_sign_PUBLICKEYBYTES,
        ("public key must be {0} "
         "bytes long").format(crypto_sign_PUBLICKEYBYTES),
        raising=exc.TypeError,
    )
    rc = lib.crypto_sign_ed25519ph_final_verify(edph.state, signature, pk)
    if rc != 0:
        raise exc.BadSignatureError("Signature was forged or corrupt")

    return True
Exemplo n.º 2
0
def crypto_sign_ed25519_blake2b_open(signed, pk):
    """
    Verifies the signature of the signed message ``signed`` using the public
    key ``pk`` and returns the unsigned message.

    :param signed: bytes
    :param pk: bytes
    :rtype: bytes
    """
    message = ffi.new("unsigned char[]", len(signed))
    message_len = ffi.new("unsigned long long *")

    if lib.crypto_sign_ed25519_blake2b_open(message, message_len, signed,
                                            len(signed), pk) != 0:
        raise exc.BadSignatureError("Signature was forged or corrupt")

    return ffi.buffer(message, message_len[0])[:]
def crypto_sign_verify_detached(signature, message, pk):
    ensure(isinstance(pk, bytes),
           'public key parameter must be a bytes object',
           raising=exc.TypeError)
    ensure(isinstance(signature, bytes),
           'signature parameter must be a bytes object',
           raising=exc.TypeError)
    ensure(isinstance(message, bytes),
           'message parameter must be a bytes object',
           raising=exc.TypeError)
    ensure(len(signature) == crypto_sign_BYTES,
           ('signature must be {0} '
            'bytes long').format(crypto_sign_BYTES),
           raising=exc.TypeError)
    ensure(len(pk) == crypto_sign_PUBLICKEYBYTES,
           ('public key must be {0} '
            'bytes long').format(crypto_sign_PUBLICKEYBYTES),
           raising=exc.TypeError)
    rc = lib.crypto_sign_verify_detached(signature, message, len(message), pk)

    if rc != 0:
        raise exc.BadSignatureError("Signature was forged or corrupt")

    return True