Modified signature_sign to still accept 32-byte private key.

jetperch · May 29, 2024 · fa432ad · fa432ad
1 parent 227b4fe
commit fa432ad
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 2 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,6 +9,7 @@ This file contains the list of changes made to pymonocypher.
 2024 May 29
 
 * Restore compute_signing_public_key 32-byte variant with a deprecation warning.
+* Modified signature_sign to still accept 32-byte private key.
 
 
 ## 4.0.2.2

diff --git a/c_monocypher.pyx b/c_monocypher.pyx
@@ -387,8 +387,8 @@ def compute_signing_public_key(secret_key: bytes) -> bytes:
         secret = bytes(64)
         public = bytes(32)
         crypto_eddsa_key_pair(secret, public, bytes(secret_key))
-        return public
-    elif len(secret_key) != 64:
+        secret_key = secret
+    if len(secret_key) != 64:
         raise ValueError('secret key length invalid')
     return secret_key[32:]
 
@@ -403,6 +403,13 @@ def signature_sign(secret_key: bytes, message: bytes) -> bytes:
     For a quick description of the signing process, see the bottom of
     https://pynacl.readthedocs.io/en/stable/signing/.
     """
+    if len(secret_key) == 32:
+        secret = bytes(64)
+        public = bytes(32)
+        crypto_eddsa_key_pair(secret, public, bytes(secret_key))
+        secret_key = secret
+    elif len(secret_key) != 64:
+        raise ValueError('invalid secret key length')
     sig = bytes(64)
     crypto_eddsa_sign(sig, secret_key, message, len(message))
     return sig

diff --git a/test/test_monocypher.py b/test/test_monocypher.py
@@ -116,6 +116,18 @@ def test_sign(self):
             sig2 = sig[:10] + bytes([(sig[10] + 1) & 0xff]) + sig[11:]
             self.assertFalse(monocypher.signature_check(sig2, public_key, msg))
 
+    def test_sign_secret32_deprecated(self):
+        random = np.random.RandomState(seed=1)
+        for i in range(100):
+            length = random.randint(1, 4096)
+            secret_key, public_key = monocypher.generate_signing_key_pair()
+            msg = bytes(random.randint(0, 256, length, dtype=np.uint8))
+            sig = monocypher.signature_sign(secret_key[:32], msg)
+            self.assertTrue(monocypher.signature_check(sig, public_key, msg))
+            self.assertFalse(monocypher.signature_check(sig, public_key, msg + b'0'))
+            sig2 = sig[:10] + bytes([(sig[10] + 1) & 0xff]) + sig[11:]
+            self.assertFalse(monocypher.signature_check(sig2, public_key, msg))
+
     def test_key_exchange_static(self):
         expect = b'l#\x84\xf2\xc0\xf1:\x8f\xf3\xce\xeeU\x07U@w\x8c\xd9\xf9C\x83\x17\x887\xae$\xf9\xf4\x19\xc1-{'
         your_secret_key = bytes(range(32))
-Original file line number
+Diff line change
@@ Expand Up / @@ -9,6 +9,7 @@ This file contains the list of changes made to pymonocypher. @@
 May 29
     * Restore compute_signing_public_key 32-byte variant with a deprecation warning.
+    * Modified signature_sign to still accept 32-byte private key.
     ## 4.0.2.2
@@ Expand Down @@