feat: Implement Ed25519 to Curve25519

f-person · f-person · commit f719d163797f · 2023-07-01T02:55:25.000+04:00
See https://libsodium.gitbook.io/doc/advanced/ed25519-curve25519
diff --git a/packages/sodium/lib/src/api/sumo/sign_sumo.dart b/packages/sodium/lib/src/api/sumo/sign_sumo.dart
@@ -20,4 +20,14 @@ abstract class SignSumo implements Sign {
   ///
   /// See https://libsodium.gitbook.io/doc/public-key_cryptography/public-key_signatures#extracting-the-seed-and-the-public-key-from-the-secret-key
   Uint8List skToPk(SecureKey secretKey);
+
+  /// Provides crypto_sign_ed25519_pk_to_curve25519.
+  ///
+  /// See https://libsodium.gitbook.io/doc/advanced/ed25519-curve25519
+  Uint8List pkToCurve25519(Uint8List publicKey);
+
+  /// Provides crypto_sign_ed25519_sk_to_curve25519.
+  ///
+  /// See https://libsodium.gitbook.io/doc/advanced/ed25519-curve25519
+  Uint8List skToCurve25519(SecureKey secretKey);
 }
diff --git a/packages/sodium/lib/src/ffi/api/sumo/sign_sumo_ffi.dart b/packages/sodium/lib/src/ffi/api/sumo/sign_sumo_ffi.dart
@@ -6,6 +6,7 @@ import 'package:meta/meta.dart';
 import '../../../api/secure_key.dart';
 import '../../../api/sodium_exception.dart';
 import '../../../api/sumo/sign_sumo.dart';
+import '../../bindings/memory_protection.dart';
 import '../../bindings/secure_key_native.dart';
 import '../../bindings/sodium_pointer.dart';
 import '../secure_key_ffi.dart';
@@ -46,8 +47,7 @@ class SignSumoFFI extends SignFFI implements SignSumo {
   Uint8List skToPk(SecureKey secretKey) {
     validateSecretKey(secretKey);
 
-    final publicKey =
-        SodiumPointer<UnsignedChar>.alloc(sodium, count: publicKeyBytes);
+    final publicKey = _allocatePublicKey();
     try {
       final result = secretKey.runUnlockedNative(
         sodium,
@@ -63,4 +63,52 @@ class SignSumoFFI extends SignFFI implements SignSumo {
       publicKey.dispose();
     }
   }
+
+  @override
+  Uint8List pkToCurve25519(Uint8List publicKey) {
+    validatePublicKey(publicKey);
+
+    final ed25519PublicKey = publicKey.toSodiumPointer<UnsignedChar>(
+      sodium,
+      memoryProtection: MemoryProtection.readOnly,
+    );
+    final curve25519PublicKey = _allocatePublicKey();
+
+    try {
+      final result = sodium.crypto_sign_ed25519_pk_to_curve25519(
+        curve25519PublicKey.ptr,
+        ed25519PublicKey.ptr,
+      );
+      SodiumException.checkSucceededInt(result);
+
+      return Uint8List.fromList(curve25519PublicKey.asListView());
+    } finally {
+      ed25519PublicKey.dispose();
+      curve25519PublicKey.dispose();
+    }
+  }
+
+  @override
+  Uint8List skToCurve25519(SecureKey secretKey) {
+    validateSecretKey(secretKey);
+
+    final publicKey = _allocatePublicKey();
+    try {
+      final result = secretKey.runUnlockedNative(
+        sodium,
+        (secretKeyPtr) => sodium.crypto_sign_ed25519_sk_to_curve25519(
+          publicKey.ptr,
+          secretKeyPtr.ptr,
+        ),
+      );
+      SodiumException.checkSucceededInt(result);
+
+      return Uint8List.fromList(publicKey.asListView());
+    } finally {
+      publicKey.dispose();
+    }
+  }
+
+  SodiumPointer<UnsignedChar> _allocatePublicKey() =>
+      SodiumPointer<UnsignedChar>.alloc(sodium, count: publicKeyBytes);
 }
diff --git a/packages/sodium/lib/src/js/api/sumo/sign_sumo_js.dart b/packages/sodium/lib/src/js/api/sumo/sign_sumo_js.dart
@@ -38,4 +38,24 @@ class SignSumoJS extends SignJS implements SignSumo {
       ),
     );
   }
+
+  @override
+  Uint8List pkToCurve25519(Uint8List publicKey) {
+    validatePublicKey(publicKey);
+
+    return jsErrorWrap(
+      () => sodium.crypto_sign_ed25519_pk_to_curve25519(publicKey),
+    );
+  }
+
+  @override
+  Uint8List skToCurve25519(SecureKey secretKey) {
+    validateSecretKey(secretKey);
+
+    return jsErrorWrap(
+      () => secretKey.runUnlockedSync(
+        sodium.crypto_sign_ed25519_sk_to_curve25519,
+      ),
+    );
+  }
 }
diff --git a/packages/sodium/test/unit/ffi/api/sumo/sign_sumo_ffi_test.dart b/packages/sodium/test/unit/ffi/api/sumo/sign_sumo_ffi_test.dart
@@ -4,6 +4,7 @@
 library sign_sumo_ffi_test;
 
 import 'dart:ffi';
+import 'dart:typed_data';
 
 import 'package:mocktail/mocktail.dart';
 import 'package:sodium/src/api/sodium_exception.dart';
@@ -182,5 +183,156 @@ void main() {
         verify(() => mockSodium.sodium_free(any())).called(2);
       });
     });
+
+    group('pkToCurve25519', () {
+      test('asserts if publicKey is invalid', () {
+        expect(
+          () => sut.pkToCurve25519(Uint8List.fromList(const [])),
+          throwsA(isA<RangeError>()),
+        );
+
+        verify(() => mockSodium.crypto_sign_publickeybytes());
+      });
+
+      test('calls crypto_sign_ed25519_pk_to_curve25519 with correct arguments',
+          () {
+        when(
+          () => mockSodium.crypto_sign_ed25519_pk_to_curve25519(
+            any(),
+            any(),
+          ),
+        ).thenReturn(0);
+
+        final publicKey = Uint8List.fromList(
+          List.generate(5, (index) => 30 + index),
+        );
+
+        sut.pkToCurve25519(publicKey);
+
+        verifyInOrder([
+          () => mockSodium.sodium_allocarray(5, 1),
+          () => mockSodium.sodium_mprotect_readonly(
+                any(that: hasRawData(publicKey)),
+              ),
+          () => mockSodium.crypto_sign_ed25519_pk_to_curve25519(
+                any(that: isNot(nullptr)),
+                any(that: hasRawData<UnsignedChar>(publicKey)),
+              ),
+        ]);
+      });
+
+      test('returns the curve25519 public key of the ed25519 public key', () {
+        final curve25519PublicKey = Uint8List.fromList(
+          List.generate(5, (index) => 30 + index),
+        );
+        when(
+          () => mockSodium.crypto_sign_ed25519_pk_to_curve25519(
+            any(),
+            any(),
+          ),
+        ).thenAnswer((i) {
+          fillPointer(
+            i.positionalArguments.first as Pointer,
+            curve25519PublicKey,
+          );
+          return 0;
+        });
+
+        final result = sut.pkToCurve25519(curve25519PublicKey);
+
+        expect(result, curve25519PublicKey);
+
+        verify(() => mockSodium.sodium_free(any())).called(2);
+      });
+
+      test('throws exception on failure', () {
+        when(
+          () => mockSodium.crypto_sign_ed25519_pk_to_curve25519(
+            any(),
+            any(),
+          ),
+        ).thenReturn(1);
+
+        expect(
+          () => sut.pkToCurve25519(
+            Uint8List.fromList(List.generate(5, (index) => 30 + index)),
+          ),
+          throwsA(isA<SodiumException>()),
+        );
+
+        verify(() => mockSodium.sodium_free(any())).called(2);
+      });
+    });
+
+    group('skToCurve25519', () {
+      test('asserts if secretKey is invalid', () {
+        expect(
+          () => sut.skToCurve25519(SecureKeyFake.empty(10)),
+          throwsA(isA<RangeError>()),
+        );
+
+        verify(() => mockSodium.crypto_sign_secretkeybytes());
+      });
+
+      test('calls crypto_sign_ed25519_sk_to_curve25519 with correct arguments',
+          () {
+        when(
+          () => mockSodium.crypto_sign_ed25519_sk_to_curve25519(
+            any(),
+            any(),
+          ),
+        ).thenReturn(0);
+
+        final secretKey = List.generate(5, (index) => 30 + index);
+
+        sut.skToCurve25519(SecureKeyFake(secretKey));
+
+        verifyInOrder([
+          () => mockSodium.sodium_allocarray(5, 1),
+          () => mockSodium.sodium_mprotect_readonly(
+                any(that: hasRawData(secretKey)),
+              ),
+          () => mockSodium.crypto_sign_ed25519_sk_to_curve25519(
+                any(that: isNot(nullptr)),
+                any(that: hasRawData<UnsignedChar>(secretKey)),
+              ),
+        ]);
+      });
+
+      test('returns the public key of the secret key', () {
+        final publicKey = List.generate(5, (index) => 100 - index);
+        when(
+          () => mockSodium.crypto_sign_ed25519_sk_to_curve25519(
+            any(),
+            any(),
+          ),
+        ).thenAnswer((i) {
+          fillPointer(i.positionalArguments.first as Pointer, publicKey);
+          return 0;
+        });
+
+        final result = sut.skToCurve25519(SecureKeyFake.empty(5));
+
+        expect(result, publicKey);
+
+        verify(() => mockSodium.sodium_free(any())).called(2);
+      });
+
+      test('throws exception on failure', () {
+        when(
+          () => mockSodium.crypto_sign_ed25519_sk_to_curve25519(
+            any(),
+            any(),
+          ),
+        ).thenReturn(1);
+
+        expect(
+          () => sut.skToCurve25519(SecureKeyFake.empty(5)),
+          throwsA(isA<SodiumException>()),
+        );
+
+        verify(() => mockSodium.sodium_free(any())).called(2);
+      });
+    });
   });
 }
diff --git a/packages/sodium/test/unit/js/api/sumo/sign_sumo_js_test.dart b/packages/sodium/test/unit/js/api/sumo/sign_sumo_js_test.dart
@@ -133,5 +133,105 @@ void main() {
         );
       });
     });
+
+    group('pkToCurve25519', () {
+      test('asserts if publicKey is invalid', () {
+        expect(
+          () => sut.pkToCurve25519(Uint8List(0)),
+          throwsA(isA<RangeError>()),
+        );
+
+        verify(() => mockSodium.crypto_sign_PUBLICKEYBYTES);
+      });
+
+      test('calls crypto_sign_ed25519_pk_to_curve25519 with correct arguments',
+          () {
+        when(
+          () => mockSodium.crypto_sign_ed25519_pk_to_curve25519(any()),
+        ).thenReturn(Uint8List(0));
+
+        final publicKey = List.generate(5, (index) => 30 + index);
+
+        sut.pkToCurve25519(Uint8List.fromList(publicKey));
+
+        verify(
+          () => mockSodium.crypto_sign_ed25519_pk_to_curve25519(
+            Uint8List.fromList(publicKey),
+          ),
+        );
+      });
+
+      test('returns the curve25519 public key of the ed25519 public key', () {
+        final curve25519PublicKey = List.generate(5, (index) => 100 - index);
+        when(
+          () => mockSodium.crypto_sign_ed25519_pk_to_curve25519(any()),
+        ).thenReturn(Uint8List.fromList(curve25519PublicKey));
+
+        final result = sut.pkToCurve25519(Uint8List(5));
+
+        expect(result, curve25519PublicKey);
+      });
+
+      test('throws exception on failure', () {
+        when(
+          () => mockSodium.crypto_sign_ed25519_pk_to_curve25519(any()),
+        ).thenThrow(JsError());
+
+        expect(
+          () => sut.pkToCurve25519(Uint8List(5)),
+          throwsA(isA<SodiumException>()),
+        );
+      });
+    });
+
+    group('skToCurve25519', () {
+      test('asserts if secretKey is invalid', () {
+        expect(
+          () => sut.skToCurve25519(SecureKeyFake.empty(10)),
+          throwsA(isA<RangeError>()),
+        );
+
+        verify(() => mockSodium.crypto_sign_SECRETKEYBYTES);
+      });
+
+      test('calls crypto_sign_ed25519_sk_to_curve25519 with correct arguments',
+          () {
+        when(
+          () => mockSodium.crypto_sign_ed25519_sk_to_curve25519(any()),
+        ).thenReturn(Uint8List(0));
+
+        final secretKey = List.generate(5, (index) => 30 + index);
+
+        sut.skToCurve25519(SecureKeyFake(secretKey));
+
+        verify(
+          () => mockSodium.crypto_sign_ed25519_sk_to_curve25519(
+            Uint8List.fromList(secretKey),
+          ),
+        );
+      });
+
+      test('returns the curve25519 secret key of the ed25519 secret key', () {
+        final curve25519SecretKey = List.generate(5, (index) => 100 - index);
+        when(
+          () => mockSodium.crypto_sign_ed25519_sk_to_curve25519(any()),
+        ).thenReturn(Uint8List.fromList(curve25519SecretKey));
+
+        final result = sut.skToCurve25519(SecureKeyFake.empty(5));
+
+        expect(result, curve25519SecretKey);
+      });
+
+      test('throws exception on failure', () {
+        when(
+          () => mockSodium.crypto_sign_ed25519_sk_to_curve25519(any()),
+        ).thenThrow(JsError());
+
+        expect(
+          () => sut.skToCurve25519(SecureKeyFake.empty(5)),
+          throwsA(isA<SodiumException>()),
+        );
+      });
+    });
   });
 }
