-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathLibsodiumSignatureDetachedString.py
64 lines (50 loc) · 2.42 KB
/
LibsodiumSignatureDetachedString.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
import nacl.utils
from nacl.encoding import Base64Encoder
from nacl.signing import SigningKey
from nacl.signing import VerifyKey
import nacl.bindings
# https://github.com/pyca/pynacl/
# PyNaCl version 1.4.0
# https://pynacl.readthedocs.io/en/latest/
def libsodiumSignDetachedToBase64(privateKey, dataToSign):
# build signing_key from seed
seed = nacl.bindings.crypto_sign_ed25519_sk_to_seed(privateKey)
signing_key = SigningKey(seed)
signed_b64 = signing_key.sign(dataToSign.encode("ascii"), encoder=Base64Encoder).signature
return signed_b64.decode('utf-8')
def libsodiumVerifyDetachedFromBase64(publicKey, dataToSign, signatureBase64):
verify_key = VerifyKey(publicKey)
result = verify_key.verify(dataToSign.encode("ascii"), base64Decoding (signatureBase64))
if result == dataToSign.encode("ascii"):
return "true"
else:
return "false"
def loadEd25519PrivateKey():
return base64Decoding("""Gjho7dILimbXJY8RvmQZEBczDzCYbZonGt/e5QQ3Vro2sjTp95EMxOrgEaWiprPduR/KJFBRA+RlDDpkvmhVfw==""")
def loadEd25519PublicKey():
return base64Decoding("""NrI06feRDMTq4BGloqaz3bkfyiRQUQPkZQw6ZL5oVX8=""")
def base64Encoding(input):
dataBase64 = nacl.encoding.Base64Encoder.encode(input)
dataBase64P = dataBase64.decode("UTF-8")
return dataBase64P
def base64Decoding(input):
return nacl.encoding.Base64Encoder.decode(input.encode("ascii"))
def insert_colon(string, index):
return string[:index] + ':' + string[index:]
def remove_colon(string):
return string.replace(':', '')
print("Libsodium detached signature string")
dataToSign = "The quick brown fox jumps over the lazy dog"
print("dataToSign: " + dataToSign)
# usually we would load the private and public key from a file or keystore
# here we use hardcoded keys for demonstration - don't do this in real programs
print("\n* * * sign the plaintext with the ED25519 private key * * *")
print("all data are in Base64 encoding")
privateKey = loadEd25519PrivateKey()
signatureBase64 = libsodiumSignDetachedToBase64(privateKey, dataToSign)
print("signature (Base64): " + signatureBase64)
print("\n* * * verify the signature against the plaintext with the ED25519 public key * * *")
publicKey = loadEd25519PublicKey()
signatureVerified = libsodiumVerifyDetachedFromBase64(publicKey, dataToSign, signatureBase64)
print("signature (Base64): " + signatureBase64)
print("signature (Base64) verified: " + signatureVerified)