luajitos

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs

Ed25519_Lua.c (2767B)

      1 /*
      2  * Ed25519_Lua.c - Lua bindings for Ed25519 digital signatures
      3  */
      4 
      5 #include "Ed25519_Lua.h"
      6 #include "Ed25519.h"
      7 #include "CSPRNG.h"
      8 #include <string.h>
      9 #include <stdlib.h>
     10 
     11 /* Base64 encoding function (provided by crypto.c) */
     12 extern char* base64_encode(const uint8_t *data, size_t len, size_t *out_len);
     13 
     14 /* ed25519.keypair() - Generate Ed25519 keypair (returns public_key_b64, secret_key_b64) */
     15 int l_ed25519_keypair(lua_State *L) {
     16     uint8_t seed[32];
     17     uint8_t public_key[32];
     18     uint8_t secret_key[64];
     19 
     20     /* Generate random seed */
     21     random_bytes(seed, 32);
     22 
     23     /* Create keypair */
     24     ed25519_create_keypair(public_key, secret_key, seed);
     25 
     26     /* Zero seed */
     27     memset(seed, 0, 32);
     28 
     29     /* Encode to base64 */
     30     size_t pub_b64_len, sec_b64_len;
     31     char *pub_b64 = base64_encode(public_key, 32, &pub_b64_len);
     32     char *sec_b64 = base64_encode(secret_key, 64, &sec_b64_len);
     33 
     34     /* Zero sensitive data */
     35     memset(secret_key, 0, 64);
     36 
     37     if (!pub_b64 || !sec_b64) {
     38         free(pub_b64);
     39         free(sec_b64);
     40         return luaL_error(L, "Base64 encoding failed");
     41     }
     42 
     43     /* Return public_key, secret_key */
     44     lua_pushlstring(L, pub_b64, pub_b64_len);
     45     lua_pushlstring(L, sec_b64, sec_b64_len);
     46 
     47     free(pub_b64);
     48     free(sec_b64);
     49     return 2;
     50 }
     51 
     52 /* ed25519.sign(message, secret_key) - Sign message with secret key */
     53 int l_ed25519_sign(lua_State *L) {
     54     size_t message_len, secret_len;
     55     const uint8_t *message = (const uint8_t*)luaL_checklstring(L, 1, &message_len);
     56     const uint8_t *secret_key = (const uint8_t*)luaL_checklstring(L, 2, &secret_len);
     57 
     58     if (secret_len != 64) {
     59         return luaL_error(L, "Secret key must be 64 bytes");
     60     }
     61 
     62     uint8_t signature[64];
     63     ed25519_sign(signature, message, message_len, secret_key);
     64 
     65     size_t b64_len;
     66     char *b64 = base64_encode(signature, 64, &b64_len);
     67 
     68     if (!b64) {
     69         return luaL_error(L, "Base64 encoding failed");
     70     }
     71 
     72     lua_pushlstring(L, b64, b64_len);
     73     free(b64);
     74     return 1;
     75 }
     76 
     77 /* ed25519.verify(message, signature, public_key) - Verify signature */
     78 int l_ed25519_verify(lua_State *L) {
     79     size_t message_len, signature_len, public_len;
     80     const uint8_t *message = (const uint8_t*)luaL_checklstring(L, 1, &message_len);
     81     const uint8_t *signature = (const uint8_t*)luaL_checklstring(L, 2, &signature_len);
     82     const uint8_t *public_key = (const uint8_t*)luaL_checklstring(L, 3, &public_len);
     83 
     84     if (signature_len != 64) {
     85         return luaL_error(L, "Signature must be 64 bytes");
     86     }
     87 
     88     if (public_len != 32) {
     89         return luaL_error(L, "Public key must be 32 bytes");
     90     }
     91 
     92     int result = ed25519_verify(signature, message, message_len, public_key);
     93 
     94     lua_pushboolean(L, result == 0);
     95     return 1;
     96 }