#include "../lib/mmap.h"
#include "../lib/uuid.h"
+#include "verifier-ed25519-blake2b.h"
#include "verifier-gost3410.h"
int
}
struct YACCerSigVerifier sigVerifiers[] = {
+ {.algo = "ed25519-blake2b", .func = ed25519blake2bSignatureVerifier},
{.algo = "gost3410-256A", .func = gost3410SignatureVerifier},
{.algo = "gost3410-512C", .func = gost3410SignatureVerifier},
{.algo = NULL},
-deps="../lib/mmap.o ../lib/uuid.o verifier-gost3410.o"
-redo-ifchange $1.c $deps conf/gcl3.rc \
+deps="../lib/mmap.o ../lib/uuid.o verifier-ed25519-blake2b.o verifier-gost3410.o"
+redo-ifchange $1.c $deps conf/gcl3.rc conf/monocypher.rc \
../../conf/cc ../../conf/cflags ../../conf/ldflags ../../conf/prefix
read CC <../../conf/cc
CFLAGS=$(cat ../../conf/cflags)
LDFLAGS=$(cat ../../conf/ldflags)
. conf/gcl3.rc
+. conf/monocypher.rc
read PREFIX <../../conf/prefix
$CC \
$CFLAGS -I$PREFIX/include \
-o $3 $2.c $deps \
- $LDFLAGS $GCL3_LDFLAGS -L$PREFIX/lib \
- -lyac -lyacpki $GCL3_LDLIBS
+ $LDFLAGS $GCL3_LDFLAGS $MONOCYPHER_LDFLAGS -L$PREFIX/lib \
+ -lyac -lyacpki $GCL3_LDLIBS $MONOCYPHER_LDLIBS -static
#!/bin/sh -e
-exec rm -f cer-verify compile_flags.txt conf/gcl3.rc
+exec rm -f cer-verify compile_flags.txt conf/gcl3.rc conf/monocypher.rc *.o
--- /dev/null
+PKGCONF=${PKGCONF:-`command -v pkgconf || command -v pkg-config`}
+cat <<EOF
+{
+ read MONOCYPHER_CFLAGS
+ read MONOCYPHER_LDFLAGS
+ read MONOCYPHER_LDLIBS
+} <<EOF
+EOF
+$PKGCONF --cflags monocypher
+$PKGCONF --libs-only-L monocypher
+$PKGCONF --libs-only-l monocypher
+echo EOF
--- /dev/null
+#include <stdbool.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <string.h>
+
+#include <monocypher.h>
+
+#include "verifier-ed25519-blake2b.h"
+
+bool
+ed25519blake2bSignatureVerifier(
+ char **failReason,
+ const unsigned char *ai,
+ const size_t aiLen,
+ const unsigned char *sig,
+ const size_t sigLen,
+ const unsigned char *pub,
+ const size_t pubLen,
+ const unsigned char *data,
+ const size_t dataLen)
+{
+ if (pubLen != 32) {
+ (*failReason) = "invalid pubkey len";
+ return false;
+ }
+ if (sigLen != 64) {
+ (*failReason) = "invalid signature len";
+ return false;
+ }
+ return crypto_eddsa_check(sig, pub, data, dataLen) == 0;
+}
--- /dev/null
+#ifndef YAC_VERIFIER_ED25519_BLAKE2B_H
+#define YAC_VERIFIER_ED25519_BLAKE2B_H
+
+#include <stdbool.h>
+#include <stdlib.h>
+
+bool
+ed25519blake2bSignatureVerifier(
+ char **failReason,
+ const unsigned char *ai,
+ const size_t aiLen,
+ const unsigned char *sig,
+ const size_t sigLen,
+ const unsigned char *pub,
+ const size_t pubLen,
+ const unsigned char *data,
+ const size_t dataLen);
+
+#endif // YAC_VERIFIER_ED25519_BLAKE2B_H
--- /dev/null
+redo-ifchange ${1%.o}.c conf/monocypher.rc ../../conf/cc ../../conf/cflags
+read CC <../../conf/cc
+CFLAGS=$(cat ../../conf/cflags)
+. conf/monocypher.rc
+$CC $CFLAGS $MONOCYPHER_CFLAGS -c -o $3 ${1%.o}.c