Plaster

common-lisp
;; Signing (defmethod sign-using-identity ((identity identity) message) (let ((private-key (scuttle/primitives::private-key identity))) (ironclad:sign-message private-key message))) (defmethod create-detached-signature ((connection connection)) (let* ((secret1 (first (shared-secrets connection))) (message (make-array (* 3 32) :element-type '(unsigned-byte 8)))) (replace message (network-id connection)) (replace message (contact-octets (server-contact connection)) :start1 32) (replace message (ironclad:digest-sequence :sha256 secret1) :start1 64) (sign-using-identity (client-identity connection) message))) ;; Verification (defmethod create-message-for-verification ((connection connection)) (let ((message (make-array (+ 32 64 32 32) :element-type '(unsigned-byte 8))) (secret1 (first (shared-secrets connection)))) (replace message (network-id connection)) (replace message (create-detached-signature connection) :start1 32) (replace message (contact-octets (client-identity connection)) :start1 (+ 32 64)) (ironclad:digest-sequence :sha256 secret1 :digest message :digest-start (+ 32 64 32)) message)) (defmethod verify-server-signature ((connection connection) detached-signature-b) (let* ((key (scuttle/primitives::public-key (server-contact connection))) (message (create-message-for-verification connection))) (unless (ironclad:verify-signature key message detached-signature-b) (error "Could not verify server accept message."))))