feat: Add sign_with_shared_secret
function to K256Secret
Signed-off-by: Awiteb <a@4rs.nl>
This commit is contained in:
parent
aeac22250e
commit
39337f8d90
1 changed files with 25 additions and 18 deletions
|
@ -106,6 +106,30 @@ impl K256Secret {
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Sign a data with the shared secret.
|
||||||
|
///
|
||||||
|
/// The signature is exiplained in the OTMP specification.
|
||||||
|
pub fn sign_with_shared_secret(data: &[u8], shared_secret: &[u8; 32]) -> CoreSignature {
|
||||||
|
let mut time_and_nonce = [0u8; 24];
|
||||||
|
time_and_nonce[0..=7].copy_from_slice(
|
||||||
|
&SystemTime::now()
|
||||||
|
.duration_since(UNIX_EPOCH)
|
||||||
|
.expect("SystemTime before UNIX EPOCH!")
|
||||||
|
.as_secs()
|
||||||
|
.to_be_bytes(),
|
||||||
|
);
|
||||||
|
thread_rng().fill_bytes(&mut time_and_nonce[8..=23]);
|
||||||
|
|
||||||
|
let mut hmac_secret = [0u8; 56];
|
||||||
|
hmac_secret[0..=31].copy_from_slice(shared_secret);
|
||||||
|
hmac_secret[32..=55].copy_from_slice(&time_and_nonce);
|
||||||
|
let mut signature = [0u8; 56];
|
||||||
|
signature[0..=31].copy_from_slice(&hmac_sha256(data, &hmac_secret));
|
||||||
|
signature[32..=55].copy_from_slice(&time_and_nonce);
|
||||||
|
|
||||||
|
CoreSignature::from(signature)
|
||||||
|
}
|
||||||
|
|
||||||
/// Returns the public key.
|
/// Returns the public key.
|
||||||
pub fn pubkey(&self) -> CorePublicKey {
|
pub fn pubkey(&self) -> CorePublicKey {
|
||||||
CorePublicKey::try_from(
|
CorePublicKey::try_from(
|
||||||
|
@ -182,24 +206,7 @@ impl K256Secret {
|
||||||
/// The signature is exiplained in the OTMP specification.
|
/// The signature is exiplained in the OTMP specification.
|
||||||
#[logcall]
|
#[logcall]
|
||||||
pub fn sign(&self, data: &[u8], sign_to: &CorePublicKey) -> CoreSignature {
|
pub fn sign(&self, data: &[u8], sign_to: &CorePublicKey) -> CoreSignature {
|
||||||
let mut time_and_nonce = [0u8; 24];
|
Self::sign_with_shared_secret(data, &self.shared_secret(sign_to))
|
||||||
time_and_nonce[0..=7].copy_from_slice(
|
|
||||||
&SystemTime::now()
|
|
||||||
.duration_since(UNIX_EPOCH)
|
|
||||||
.expect("SystemTime before UNIX EPOCH!")
|
|
||||||
.as_secs()
|
|
||||||
.to_be_bytes(),
|
|
||||||
);
|
|
||||||
thread_rng().fill_bytes(&mut time_and_nonce[8..=23]);
|
|
||||||
|
|
||||||
let mut hmac_secret = [0u8; 56];
|
|
||||||
hmac_secret[0..=31].copy_from_slice(&self.shared_secret(sign_to));
|
|
||||||
hmac_secret[32..=55].copy_from_slice(&time_and_nonce);
|
|
||||||
let mut signature = [0u8; 56];
|
|
||||||
signature[0..=31].copy_from_slice(&hmac_sha256(data, &hmac_secret));
|
|
||||||
signature[32..=55].copy_from_slice(&time_and_nonce);
|
|
||||||
|
|
||||||
CoreSignature::from(signature)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Verify a signature with the shared secret.
|
/// Verify a signature with the shared secret.
|
||||||
|
|
Loading…
Reference in a new issue