40 lines
1.5 KiB
Nim
40 lines
1.5 KiB
Nim
# Markus Maiwald (Architect) | Voxis Forge (AI)
|
|
# RUMPK CORE // CRYPTO
|
|
# Wrapper for Monocypher
|
|
|
|
{.push stackTrace: off, lineTrace: off.}
|
|
|
|
# Monocypher ABI
|
|
# int crypto_eddsa_check(const uint8_t sig[64], const uint8_t pub_key[32], const uint8_t *msg, size_t msg_size);
|
|
# Returns 0 on success, -1 on failure.
|
|
proc crypto_eddsa_check(sig: ptr uint8,
|
|
pub_key: ptr uint8,
|
|
msg: pointer,
|
|
msg_size: csize_t): cint
|
|
{.importc: "crypto_eddsa_check", header: "monocypher.h".}
|
|
|
|
# The Root of Trust (Hardcoded Public Key for now)
|
|
# Enforce 16-byte alignment because Monocypher v4 uses SIMD ldp/stp (Q registers)
|
|
# Using 'let' to ensure it resides in initialized data section.
|
|
let ROOT_PUB_KEY* {.align: 16.}: array[32, uint8] = [
|
|
0x19'u8, 0xD3, 0xD9, 0x19, 0x47, 0x5D, 0xEE, 0xD4,
|
|
0x69, 0x6B, 0x5D, 0x13, 0x01, 0x81, 0x51, 0xD1,
|
|
0xAF, 0x88, 0xB2, 0xBD, 0x3B, 0xCF, 0xF0, 0x48,
|
|
0xB4, 0x50, 0x31, 0xC1, 0xF3, 0x6D, 0x18, 0x58
|
|
]
|
|
|
|
proc verify_npl_signature*(sig: array[64, uint8], body_ptr: pointer,
|
|
body_len: uint64): bool =
|
|
# signature 'sig' is passed by value (copied on stack)
|
|
# AArch64 stack is 16-byte aligned, so sig should be fine if we ensure it.
|
|
var sig_aligned {.align: 16.} = sig
|
|
|
|
let s_ptr = unsafeAddr sig_aligned[0]
|
|
let p_ptr = unsafeAddr ROOT_PUB_KEY[0]
|
|
|
|
let check_res = crypto_eddsa_check(s_ptr, p_ptr, body_ptr, cast[csize_t](body_len))
|
|
|
|
return check_res == 0
|
|
|
|
{.pop.}
|