bebc362ae6
- Fix bootstrap sema to type simple enum variants as the enum itself
(not _Tag), and .tag access returns the enum type.
- Fix hir_lower to lower simple enum .tag as no-op and Enum{tag:X}
init as X directly.
- Fix sema collectGlobals to register imports AFTER real declarations,
preventing duplicate-symbol errors when stdlib files import symbols
defined in later files (e.g. jwt.bux importing rsa.bux).
- Rewrite lib/crypto/*.bux as single-line to work around bootstrap
parser limitations with multi-line function calls.
- Rename 'pub' -> 'pubBuf' in ed25519.bux and jwt-pitbul/Main.bux
to avoid reserved keyword collision.
- Remove algTag:int workaround from jwt-pitbul/Main.bux; enum
comparisons now type-check without manual casts.
- Update .gitignore to exclude _test_*/ and backup files.
- Delete accidentally-committed _test_array/ directory.
59 lines
2.8 KiB
Plaintext
59 lines
2.8 KiB
Plaintext
// =============================================================================
|
|
// Std::Crypto::Ecdsa — ECDSA P-256 and P-384 sign/verify
|
|
// =============================================================================
|
|
module Std::Crypto::Ecdsa {
|
|
|
|
import Std::Mem::{Alloc, Free};
|
|
import Std::String::{String_Len};
|
|
|
|
// Extern declarations for the runtime C implementations
|
|
extern func bux_ecdsa_sign_p256(key: String, keylen: int, data: String, datalen: int, outlen: *int) -> String;
|
|
extern func bux_ecdsa_verify_p256(key: String, keylen: int, data: String, datalen: int, sig: String, siglen: int) -> int;
|
|
extern func bux_ecdsa_sign_p384(key: String, keylen: int, data: String, datalen: int, outlen: *int) -> String;
|
|
extern func bux_ecdsa_verify_p384(key: String, keylen: int, data: String, datalen: int, sig: String, siglen: int) -> int;
|
|
extern func bux_base64_encode(data: String, len: int) -> String;
|
|
extern func bux_base64_decode(data: String, len: int, outlen: *int) -> String;
|
|
|
|
func Ecdsa_SignP256(pemPrivateKey: String, data: String) -> String {
|
|
let siglen: int = 0;
|
|
return bux_ecdsa_sign_p256(pemPrivateKey, String_Len(pemPrivateKey) as int, data, String_Len(data) as int, &siglen);
|
|
}
|
|
|
|
func Ecdsa_SignP256Base64(pemPrivateKey: String, data: String) -> String {
|
|
let raw: String = Ecdsa_SignP256(pemPrivateKey, data);
|
|
return bux_base64_encode(raw, String_Len(raw) as int);
|
|
}
|
|
|
|
func Ecdsa_VerifyP256(pemPublicKey: String, data: String, signature: String) -> bool {
|
|
let r: int = bux_ecdsa_verify_p256(pemPublicKey, String_Len(pemPublicKey) as int, data, String_Len(data) as int, signature, String_Len(signature) as int);
|
|
return r == 1;
|
|
}
|
|
|
|
func Ecdsa_VerifyP256Base64(pemPublicKey: String, data: String, signatureB64: String) -> bool {
|
|
let outlen: int = 0;
|
|
let sig: String = bux_base64_decode(signatureB64, String_Len(signatureB64) as int, &outlen);
|
|
return Ecdsa_VerifyP256(pemPublicKey, data, sig);
|
|
}
|
|
|
|
func Ecdsa_SignP384(pemPrivateKey: String, data: String) -> String {
|
|
let siglen: int = 0;
|
|
return bux_ecdsa_sign_p384(pemPrivateKey, String_Len(pemPrivateKey) as int, data, String_Len(data) as int, &siglen);
|
|
}
|
|
|
|
func Ecdsa_SignP384Base64(pemPrivateKey: String, data: String) -> String {
|
|
let raw: String = Ecdsa_SignP384(pemPrivateKey, data);
|
|
return bux_base64_encode(raw, String_Len(raw) as int);
|
|
}
|
|
|
|
func Ecdsa_VerifyP384(pemPublicKey: String, data: String, signature: String) -> bool {
|
|
let r: int = bux_ecdsa_verify_p384(pemPublicKey, String_Len(pemPublicKey) as int, data, String_Len(data) as int, signature, String_Len(signature) as int);
|
|
return r == 1;
|
|
}
|
|
|
|
func Ecdsa_VerifyP384Base64(pemPublicKey: String, data: String, signatureB64: String) -> bool {
|
|
let outlen: int = 0;
|
|
let sig: String = bux_base64_decode(signatureB64, String_Len(signatureB64) as int, &outlen);
|
|
return Ecdsa_VerifyP384(pemPublicKey, data, sig);
|
|
}
|
|
}
|