From 76485f7b069dbec405204721b8495eb9792a6221 Mon Sep 17 00:00:00 2001
From: tuxxy <me@johnpacific.com>
Date: Mon, 18 Sep 2017 10:25:36 -0700
Subject: [PATCH] Add sign/verify functions

---
 nkms/crypto/keyring/keys/signing_keypair.py | 38 ++++++++++++++++++++-
 1 file changed, 37 insertions(+), 1 deletion(-)

diff --git a/nkms/crypto/keyring/keys/signing_keypair.py b/nkms/crypto/keyring/keys/signing_keypair.py
index 55028635b..489b944a7 100644
--- a/nkms/crypto/keyring/keys/signing_keypair.py
+++ b/nkms/crypto/keyring/keys/signing_keypair.py
@@ -1,5 +1,6 @@
+import msgpack
 from random import SystemRandom
-from py_ecc.secp256k1 import N, privtopub
+from py_ecc.secp256k1 import N, privtopub, ecdsa_raw_sign, ecdsa_raw_recover
 
 
 class SigningKeypair(object):
@@ -13,3 +14,38 @@ class SigningKeypair(object):
             self.priv_key = priv_number.to_bytes(32, byteorder='big')
         # Get the public component
         self.pub_key = privtopub(self.priv_key)
+
+    def sign(self, msghash):
+        """
+        Signs a hashed message and returns a msgpack'ed v, r, and s.
+
+        :param bytes msghash: Hash of the message
+
+        :rtype: Bytestring
+        :return: Msgpacked bytestring of v, r, and s (the signature)
+        """
+        v, r, s = ecdsa_raw_sign(msghash, self.priv_key)
+        v_bytes = v.to_bytes(1, byteorder='big')
+        r_bytes = r.to_bytes(32, byteorder='big')
+        s_bytes = s.to_bytes(32, byteorder='big')
+        return msgpack.dumps((v_bytes + r_bytes + s_bytes))
+
+    def verify(self, msghash, signature):
+        """
+        Takes a msgpacked signature and verifies the message.
+
+        :param bytes msghash: The hashed message to verify
+        :param bytes signature: The msgpacked signature (v, r, and s)
+
+        :rtype: Boolean
+        :return: Is the signature valid or not?
+        """
+        sig = msgpack.loads(signature)
+        v = int.from_bytes(sig[0], byteorder='big')
+        r = int.from_bytes(sig[1], byteorder='big')
+        s = int.from_bytes(sig[2], byteorder='big')
+
+        # Generate the public key from the signature and validate
+        # TODO: Look into fixed processing time functions for comparison
+        verify_sig = ecdsa_raw_recover(msghash, (v, r, s))
+        return verify_sig == self.pub_key