From: Fred Morcos <fred.morcos@open-xchange.com>
Date: Thu, 14 Apr 2022 12:42:31 +0000 (+0200)
Subject: Reimpl sodium ed25519 sign & verify using the simpler detached mode
X-Git-Tag: auth-4.8.0-alpha0~124^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F11493%2Fhead;p=thirdparty%2Fpdns.git

Reimpl sodium ed25519 sign & verify using the simpler detached mode
---

diff --git a/pdns/sodiumsigners.cc b/pdns/sodiumsigners.cc
index dd01a45662..dbec4af75e 100644
--- a/pdns/sodiumsigners.cc
+++ b/pdns/sodiumsigners.cc
@@ -180,12 +180,14 @@ void SodiumED25519DNSCryptoKeyEngine::fromPublicKeyString(const std::string& inp
 
 std::string SodiumED25519DNSCryptoKeyEngine::sign(const std::string& msg) const
 {
-  unsigned long long smlen = msg.length() + crypto_sign_ed25519_BYTES;
-  auto sm = std::make_unique<unsigned char[]>(smlen);
+  unsigned char signature[crypto_sign_ed25519_BYTES];
 
-  crypto_sign_ed25519(sm.get(), &smlen, (const unsigned char*)msg.c_str(), msg.length(), d_seckey);
+  // https://doc.libsodium.org/public-key_cryptography/public-key_signatures#detached-mode:
+  // It is safe to ignore siglen and always consider a signature as crypto_sign_BYTES
+  // bytes long; shorter signatures will be transparently padded with zeros if necessary.
+  crypto_sign_ed25519_detached(signature, nullptr, (const unsigned char*)msg.c_str(), msg.length(), d_seckey);
 
-  return string((const char*)sm.get(), crypto_sign_ed25519_BYTES);
+  return {(const char*)signature, crypto_sign_ed25519_BYTES};
 }
 
 bool SodiumED25519DNSCryptoKeyEngine::verify(const std::string& msg, const std::string& signature) const
@@ -194,15 +196,7 @@ bool SodiumED25519DNSCryptoKeyEngine::verify(const std::string& msg, const std::
     return false;
   }
 
-  unsigned long long smlen = msg.length() + crypto_sign_ed25519_BYTES;
-  auto sm = std::make_unique<unsigned char[]>(smlen);
-
-  memcpy(sm.get(), signature.c_str(), crypto_sign_ed25519_BYTES);
-  memcpy(sm.get() + crypto_sign_ed25519_BYTES, msg.c_str(), msg.length());
-
-  auto m = std::make_unique<unsigned char[]>(smlen);
-
-  return crypto_sign_ed25519_open(m.get(), &smlen, sm.get(), smlen, d_pubkey) == 0;
+  return crypto_sign_ed25519_verify_detached((const unsigned char*)signature.c_str(), (const unsigned char*)msg.c_str(), msg.length(), d_pubkey) == 0;
 }
 
 namespace {