-
Notifications
You must be signed in to change notification settings - Fork 44
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Implement signatures & verification #27
- Loading branch information
Showing
9 changed files
with
155 additions
and
68 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
fn main() { | ||
use ring::{ | ||
rand, | ||
signature::{self, KeyPair}, | ||
}; | ||
|
||
// Generate a key pair in PKCS#8 (v2) format. | ||
let rng = rand::SystemRandom::new(); | ||
let pkcs8_bytes = signature::Ed25519KeyPair::generate_pkcs8(&rng).unwrap(); | ||
|
||
// Normally the application would store the PKCS#8 file persistently. Later | ||
// it would read the PKCS#8 file from persistent storage to use it. | ||
|
||
let key_pair = signature::Ed25519KeyPair::from_pkcs8(pkcs8_bytes.as_ref()).unwrap(); | ||
|
||
// Sign the message "hello, world". | ||
const MESSAGE: &[u8] = b"hello, world"; | ||
let sig = key_pair.sign(MESSAGE); | ||
|
||
let pubkey_b64 = base64::encode(key_pair.public_key()); | ||
|
||
let peer_public_key_bytes = base64::decode(pubkey_b64).unwrap(); | ||
|
||
// Normally an application would extract the bytes of the signature and | ||
// send them in a protocol message to the peer(s). Here we just get the | ||
// public key key directly from the key pair. | ||
// let peer_public_key_bytes = key_pair.public_key().as_ref(); | ||
|
||
// Verify the signature of the message using the public key. Normally the | ||
// verifier of the message would parse the inputs to this code out of the | ||
// protocol message(s) sent by the signer. | ||
let peer_public_key = | ||
signature::UnparsedPublicKey::new(&signature::ED25519, peer_public_key_bytes); | ||
peer_public_key.verify(MESSAGE, sig.as_ref()).unwrap(); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.