Unsigning failing on a particular example about tweetnacl-js HOT 9 CLOSED

Thank you for your kind words. How did you generate that secret key?

from tweetnacl-js.

In some Java code shown below, where username = "Freddy" and password = "password", hash is the SHA256 of the UTF-8 bytes of its argument, and the true argument to TweetNaCl means it doesn't randomise the input. This is using my own Java port of tweetNaCl:

    byte[] hash = hash(username+password);
    byte[] publicSigningKey = new byte[32];
    byte[] secretSigningKey = new byte[64];
    Random r = new Random(Arrays.hashCode(hash));
    r.nextBytes(secretSigningKey); // only 32 are used
    TweetNaCl.crypto_sign_keypair(publicSigningKey, secretSigningKey, true);

from tweetnacl-js.

Looks like you want nacl.sign.keyPair.fromSeed instead of nacl.sign.keyPair.fromSecretKey:

https://jsfiddle.net/p0028d2b/1/

Edit: wait, that will obviously produce a different public key. I'll check with C implementation.

from tweetnacl-js.

I definitely mean fromSecretKey, that should be a valid secret key.

from tweetnacl-js.

Here's a program that signs and tries to open using your provided keys and tweetnacl.c:

#include <err.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

#include "tweetnacl.h"

void
randombytes(unsigned char *x, long long y)
{
    errx(1, "we don't use randombytes");
}

int
main(int argc, const char **argv)
{
    const unsigned char sk[] = {23, 249, 212, 165, 37, 77, 20, 99, 245, 125, 21, 161,
        134, 14, 203, 177, 161, 121, 148, 140, 17, 253, 164, 181, 122,
        238, 52, 160, 77, 134, 7, 204, 187, 166, 193, 191, 27, 254, 243,
        35, 38, 131, 8, 105, 17, 140, 145, 61, 151, 216, 75, 255, 27,
        37, 59, 116, 167, 214, 87, 103, 56, 123, 63, 227};

    unsigned char m[] = {1,2,3,4,5,6,7,8,9,10,11};
    unsigned long long mlen = sizeof(m);
    unsigned long long smlen;
    unsigned char sm[sizeof(m) + crypto_sign_BYTES];
    unsigned char om[sizeof(m)];

    crypto_sign(sm, &smlen, m, mlen, sk);

    printf("%d", crypto_sign_open(om, &mlen, sm, smlen, &sk[32]));
    return 0;
}

It returns -1, meaning it also can't open the signature. Are you sure there are no bugs in key generation of your port?

from tweetnacl-js.

That seems pretty conclusive. I will dig deeper on my end. Sorry for wasting your time.

from tweetnacl-js.

No problem!

from tweetnacl-js.

Just for anyone else who wants to use this C code, the om declaration line needs to be:
unsigned char om[sizeof(m) + crypto_sign_BYTES];
otherwise it always returns -1. (although it does anyway for this example)

from tweetnacl-js.

@ianopolous oops, thanks for checking it. I should have made the test try the correct key too.

from tweetnacl-js.