// sign data with secret key sk
// return detached sig
// this uses crypto_sign instead pf crypto_sign_detached
func CryptoSignFucky(msg, sk []byte) []byte {
msgbuff := NewBuffer(msg)
defer msgbuff.Free()
skbuff := NewBuffer(sk)
defer skbuff.Free()
if skbuff.size != C.crypto_sign_bytes() {
log.Println("nacl.CryptoSign() invalid secret key size", len(sk))
return nil
}
// allocate the signed message buffer
sig := malloc(C.crypto_sign_bytes() + msgbuff.size)
defer sig.Free()
// compute signature
siglen := C.ulonglong(0)
res := C.crypto_sign(sig.uchar(), &siglen, msgbuff.uchar(), C.ulonglong(msgbuff.size), skbuff.uchar())
if res == 0 {
// return copy of signature inside the signed message
offset := int(C.crypto_sign_bytes())
return sig.Bytes()[:offset]
}
// failure to sign
log.Println("nacl.CryptoSign() failed")
return nil
}
func Sign(sealedMessageOut []byte, message []byte, sk []byte) int {
support.CheckSize(sealedMessageOut, SignBytes()+len(message), "sealed message output")
support.CheckSize(sk, SignSecretKeyBytes(), "secret key")
lenSealedMessageOut := (C.ulonglong)(len(sealedMessageOut))
return int(C.crypto_sign(
(*C.uchar)(&sealedMessageOut[0]), (*C.ulonglong)(&lenSealedMessageOut),
(*C.uchar)(&message[0]), (C.ulonglong)(len(message)),
(*C.uchar)(&sk[0])))
}
func CryptoSign(m []byte, sk []byte) ([]byte, int) {
support.CheckSize(sk, CryptoSignSecretKeyBytes(), "secret key")
sm := make([]byte, len(m)+CryptoSignBytes())
var actualSmSize C.ulonglong
exit := int(C.crypto_sign(
(*C.uchar)(&sm[0]),
(&actualSmSize),
(*C.uchar)(&m[0]),
(C.ulonglong)(len(m)),
(*C.uchar)(&sk[0])))
return sm[:actualSmSize], exit
}
// Sign takes a secret key and a message, and use the secret key to sign the message.
// Sign returns a single SignedMessage struct containing a Message and a Signature
func Sign(secretKey SecretKey, message string) (signedMessage SignedMessage, err error) {
// Points to a signed message of format signature + message after sigining
signedMessageBytes := make([]byte, len(message)+SignatureSize)
signedMessagePointer := (*C.uchar)(unsafe.Pointer(&signedMessageBytes[0]))
// Points to the length of the signed message after signing
var signatureLen uint64
lenPointer := (*C.ulonglong)(unsafe.Pointer(&signatureLen))
// Points to the message
var messagePointer *C.uchar
// Can't point to a slice of length 0
if len(message) == 0 {
messagePointer = (*C.uchar)(nil)
} else {
messageBytes := []byte(message)
messagePointer = (*C.uchar)(unsafe.Pointer(&messageBytes[0]))
}
// How long the message is
messageLen := C.ulonglong(len(message))
// Pointer to the signature
signaturePointer := (*C.uchar)(unsafe.Pointer(&secretKey[0]))
// sign message
errorCode := C.crypto_sign(signedMessagePointer, lenPointer, messagePointer, messageLen, signaturePointer)
if errorCode != 0 {
err = fmt.Errorf("Signature Failed!")
return
}
signedMessage.Message = message
// copy the signature from the byte slice to the Signature field of signedMessage
copy(signedMessage.Signature[:], signedMessageBytes[:len(signedMessage.Signature)])
return
}
