Added bindings for crypto_sign_ed25519_sk_to_pk (#488)

* Added bindings for crypto_sign_ed25519_sk_to_pk * Updated docstring * Faster method of extracting the public key * Typos * Added bindings for crypto_sign_ed25519_sk_to_seed * Cleaned up headers
pyca · Oct 30, 2018 · 13fb94e · 13fb94e
1 parent 067daf3
commit 13fb94e
Show file tree

Hide file tree

Showing 3 changed files with 46 additions and 1 deletion.
diff --git a/src/nacl/bindings/__init__.py b/src/nacl/bindings/__init__.py
@@ -166,6 +166,7 @@
     crypto_sign, crypto_sign_BYTES, crypto_sign_PUBLICKEYBYTES,
     crypto_sign_SECRETKEYBYTES, crypto_sign_SEEDBYTES,
     crypto_sign_ed25519_pk_to_curve25519, crypto_sign_ed25519_sk_to_curve25519,
+    crypto_sign_ed25519_sk_to_pk, crypto_sign_ed25519_sk_to_seed,
     crypto_sign_ed25519ph_STATEBYTES, crypto_sign_ed25519ph_final_create,
     crypto_sign_ed25519ph_final_verify, crypto_sign_ed25519ph_state,
     crypto_sign_ed25519ph_update, crypto_sign_keypair, crypto_sign_open,
@@ -297,6 +298,8 @@
     "crypto_sign_open",
     "crypto_sign_ed25519_pk_to_curve25519",
     "crypto_sign_ed25519_sk_to_curve25519",
+    "crypto_sign_ed25519_sk_to_pk",
+    "crypto_sign_ed25519_sk_to_seed",
     "crypto_sign_ed25519ph_STATEBYTES",
     "crypto_sign_ed25519ph_final_create",
     "crypto_sign_ed25519ph_final_verify",

diff --git a/src/nacl/bindings/crypto_sign.py b/src/nacl/bindings/crypto_sign.py
@@ -147,7 +147,7 @@ def crypto_sign_ed25519_sk_to_curve25519(secret_key_bytes):
     Raises a ValueError if ``secret_key_bytes``is not of length
     ``crypto_sign_SECRETKEYBYTES``
 
-    :param public_key_bytes: bytes
+    :param secret_key_bytes: bytes
     :rtype: bytes
     """
     if len(secret_key_bytes) != crypto_sign_SECRETKEYBYTES:
@@ -165,6 +165,40 @@ def crypto_sign_ed25519_sk_to_curve25519(secret_key_bytes):
     return ffi.buffer(curve_secret_key, curve_secret_key_len)[:]
 
 
+def crypto_sign_ed25519_sk_to_pk(secret_key_bytes):
+    """
+    Extract the public Ed25519 key from a secret Ed25519 key (encoded
+    as bytes ``secret_key_bytes``).
+
+    Raises a ValueError if ``secret_key_bytes``is not of length
+    ``crypto_sign_SECRETKEYBYTES``
+
+    :param secret_key_bytes: bytes
+    :rtype: bytes
+    """
+    if len(secret_key_bytes) != crypto_sign_SECRETKEYBYTES:
+        raise exc.ValueError("Invalid secret key")
+
+    return secret_key_bytes[crypto_sign_SEEDBYTES:]
+
+
+def crypto_sign_ed25519_sk_to_seed(secret_key_bytes):
+    """
+    Extract the seed from a secret Ed25519 key (encoded
+    as bytes ``secret_key_bytes``).
+
+    Raises a ValueError if ``secret_key_bytes``is not of length
+    ``crypto_sign_SECRETKEYBYTES``
+
+    :param secret_key_bytes: bytes
+    :rtype: bytes
+    """
+    if len(secret_key_bytes) != crypto_sign_SECRETKEYBYTES:
+        raise exc.ValueError("Invalid secret key")
+
+    return secret_key_bytes[:crypto_sign_SEEDBYTES]
+
+
 class crypto_sign_ed25519ph_state(object):
     """
     State object wrapping the sha-512 state used in ed25519ph computation

diff --git a/tests/test_bindings.py b/tests/test_bindings.py
@@ -211,6 +211,14 @@ def test_sign_test_key_conversion():
                              b"42318124095afabe4d1451a559faedee")
     ed25519_pk, ed25519_sk = c.crypto_sign_seed_keypair(keypair_seed)
 
+    assert c.crypto_sign_ed25519_sk_to_pk(ed25519_sk) == ed25519_pk
+    with pytest.raises(ValueError):
+        c.crypto_sign_ed25519_sk_to_pk(unhexlify(b"12"))
+
+    assert c.crypto_sign_ed25519_sk_to_seed(ed25519_sk) == keypair_seed
+    with pytest.raises(ValueError):
+        c.crypto_sign_ed25519_sk_to_seed(unhexlify(b"12"))
+
     curve25519_pk = c.crypto_sign_ed25519_pk_to_curve25519(ed25519_pk)
 
     with pytest.raises(ValueError):