[Core Add] Add support to Ed25519

src/Neo/Cryptography/Ed25519.cs

@@ -0,0 +1,68 @@
+// Copyright (C) 2015-2024 The Neo Project.
+//
+// Ed25519.cs file belongs to the neo project and is free
+// software distributed under the MIT software license, see the
+// accompanying file LICENSE in the main directory of the
+// repository or http://www.opensource.org/licenses/mit-license.php
+// for more details.
+//
+// Redistribution and use in source and binary forms with or without
+// modifications are permitted.
+
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Security;
+using System;
+using System.Linq;
+
+namespace Neo.Cryptography;
+
+public class Ed25519
+{
+    internal const int PublicKeySize = 32;
+    private const int PrivateKeySize = 32;
+    internal const int SignatureSize = 64;
+
+    public static byte[] GenerateKeyPair()
+    {
+        var keyPairGenerator = new Ed25519KeyPairGenerator();
+        keyPairGenerator.Init(new Ed25519KeyGenerationParameters(new SecureRandom()));
+        var keyPair = keyPairGenerator.GenerateKeyPair();
+        return ((Ed25519PrivateKeyParameters)keyPair.Private).GetEncoded();
+    }
+
+    public static byte[] GetPublicKey(byte[] privateKey)
+    {
+        if (privateKey.Length != PrivateKeySize)
+            throw new ArgumentException("Invalid private key size", nameof(privateKey));
+
+        var privateKeyParams = new Ed25519PrivateKeyParameters(privateKey, 0);
+        return privateKeyParams.GeneratePublicKey().GetEncoded();
+    }
+
+    public static byte[] Sign(byte[] message, byte[] privateKey)
+    {
+        if (privateKey.Length != PrivateKeySize)
+            throw new ArgumentException("Invalid private key size", nameof(privateKey));
+
+        var signer = new Ed25519Signer();
+        signer.Init(true, new Ed25519PrivateKeyParameters(privateKey, 0));
+        signer.BlockUpdate(message, 0, message.Length);
+        return signer.GenerateSignature();
+    }
+
+    public static bool Verify(byte[] message, byte[] signature, byte[] publicKey)
+    {
+        if (signature.Length != SignatureSize)
+            throw new ArgumentException("Invalid signature size", nameof(signature));
+
+        if (publicKey.Length != PublicKeySize)
+            throw new ArgumentException("Invalid public key size", nameof(publicKey));
+
+        var verifier = new Ed25519Signer();
+        verifier.Init(false, new Ed25519PublicKeyParameters(publicKey, 0));
+        verifier.BlockUpdate(message, 0, message.Length);
+        return verifier.VerifySignature(signature);
+    }
+}

src/Neo/SmartContract/Native/CryptoLib.cs

@@ -11,6 +11,8 @@
 
 using Neo.Cryptography;
 using Neo.Cryptography.ECC;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
 using System;
 using System.Collections.Generic;
 
@@ -100,7 +102,7 @@ public static bool VerifyWithECDsa(byte[] message, byte[] pubkey, byte[] signatu
         }
 
         // This is for solving the hardfork issue in https://github.com/neo-project/neo/pull/3209
-        [ContractMethod(true, Hardfork.HF_Cockatrice, CpuFee = 1 << 15, Name = "verifyWithECDsa")]
+        [ContractMethod(Hardfork.HF_Echidna, CpuFee = 1 << 15, Name = "verifyWithECDsa")]
         public static bool VerifyWithECDsaV0(byte[] message, byte[] pubkey, byte[] signature, NamedCurveHash curve)
         {
             if (curve != NamedCurveHash.secp256k1SHA256 && curve != NamedCurveHash.secp256r1SHA256)
@@ -115,5 +117,27 @@ public static bool VerifyWithECDsaV0(byte[] message, byte[] pubkey, byte[] signa
                 return false;
             }
         }
+
+        /// <summary>
+        /// Verifies that a digital signature is appropriate for the provided key and message using the Ed25519 algorithm.
+        /// </summary>
+        /// <param name="message">The signed message.</param>
+        /// <param name="signature">The signature to be verified.</param>
+        /// <param name="publicKey">The public key to be used.</param>
+        /// <returns><see langword="true"/> if the signature is valid; otherwise, <see langword="false"/>.</returns>
+        [ContractMethod(Hardfork.HF_Echidna, CpuFee = 1 << 15)]
+        public static bool VerifyWithEd25519(byte[] message, byte[] signature, byte[] publicKey)
+        {
+            if (signature.Length != Ed25519.SignatureSize)
+                throw new ArgumentException("Invalid signature size", nameof(signature));
+
+            if (publicKey.Length != Ed25519.PublicKeySize)
+                throw new ArgumentException("Invalid public key size", nameof(publicKey));
+
+            var verifier = new Ed25519Signer();
+            verifier.Init(false, new Ed25519PublicKeyParameters(publicKey, 0));
+            verifier.BlockUpdate(message, 0, message.Length);
+            return verifier.VerifySignature(signature);
+        }
     }
 }

src/Neo/SmartContract/Native/RoleManagement.cs

@@ -78,10 +78,10 @@
             list.AddRange(nodes);
             list.Sort();
             engine.SnapshotCache.Add(key, new StorageItem(list));
-            
+
             if (engine.IsHardforkEnabled(Hardfork.HF_Echidna))
             {
                 var oldNodes = new VM.Types.Array(engine.ReferenceCounter, GetDesignatedByRole(engine.Snapshot, role, index - 1).Select(u => (ByteString)u.EncodePoint(true)));
                 var newNodes = new VM.Types.Array(engine.ReferenceCounter, nodes.Select(u => (ByteString)u.EncodePoint(true)));
 
                 engine.SendNotification(Hash, "Designation", new VM.Types.Array(engine.ReferenceCounter, [(int)role, engine.PersistingBlock.Index, oldNodes, newNodes]));

tests/Neo.UnitTests/Cryptography/UT_Ed25519.cs

@@ -0,0 +1,135 @@
+// Copyright (C) 2015-2024 The Neo Project.
+//
+// UT_Ed25519.cs file belongs to the neo project and is free
+// software distributed under the MIT software license, see the
+// accompanying file LICENSE in the main directory of the
+// repository or http://www.opensource.org/licenses/mit-license.php
+// for more details.
+//
+// Redistribution and use in source and binary forms with or without
+// modifications are permitted.
+
+using FluentAssertions;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+using Neo.Cryptography;
+using Neo.Extensions;
+using Neo.IO;
+using Neo.Network.P2P.Payloads;
+using Neo.SmartContract;
+using Neo.Wallets;
+using Neo.Wallets.NEP6;
+using System;
+using System.Linq;
+using System.Text;
+
+namespace Neo.UnitTests.Cryptography
+{
+    [TestClass]
+    public class UT_Ed25519
+    {
+        [TestMethod]
+        public void TestGenerateKeyPair()
+        {
+            byte[] keyPair = Ed25519.GenerateKeyPair();
+            keyPair.Should().NotBeNull();
+            keyPair.Length.Should().Be(32);
+        }
+
+        [TestMethod]
+        public void TestGetPublicKey()
+        {
+            byte[] privateKey = Ed25519.GenerateKeyPair();
+            byte[] publicKey = Ed25519.GetPublicKey(privateKey);
+            publicKey.Should().NotBeNull();
+            publicKey.Length.Should().Be(Ed25519.PublicKeySize);
+        }
+
+        [TestMethod]
+        public void TestSignAndVerify()
+        {
+            byte[] privateKey = Ed25519.GenerateKeyPair();
+            byte[] publicKey = Ed25519.GetPublicKey(privateKey);
+            byte[] message = Encoding.UTF8.GetBytes("Hello, Neo!");
+
+            byte[] signature = Ed25519.Sign(message, privateKey);
+            signature.Should().NotBeNull();
+            signature.Length.Should().Be(Ed25519.SignatureSize);
+
+            bool isValid = Ed25519.Verify(message, signature, publicKey);
+            isValid.Should().BeTrue();
+        }
+
+        [TestMethod]
+        public void TestInvalidPrivateKeySize()
+        {
+            byte[] invalidPrivateKey = new byte[31]; // Invalid size
+            Action act = () => Ed25519.GetPublicKey(invalidPrivateKey);
+            act.Should().Throw<ArgumentException>().WithMessage("Invalid private key size*");
+        }
+
+        [TestMethod]
+        public void TestInvalidSignatureSize()
+        {
+            byte[] message = Encoding.UTF8.GetBytes("Test message");
+            byte[] invalidSignature = new byte[63]; // Invalid size
+            byte[] publicKey = new byte[Ed25519.PublicKeySize];
+            Action act = () => Ed25519.Verify(message, invalidSignature, publicKey);
+            act.Should().Throw<ArgumentException>().WithMessage("Invalid signature size*");
+        }
+
+        [TestMethod]
+        public void TestInvalidPublicKeySize()
+        {
+            byte[] message = Encoding.UTF8.GetBytes("Test message");
+            byte[] signature = new byte[Ed25519.SignatureSize];
+            byte[] invalidPublicKey = new byte[31]; // Invalid size
+            Action act = () => Ed25519.Verify(message, signature, invalidPublicKey);
+            act.Should().Throw<ArgumentException>().WithMessage("Invalid public key size*");
+        }
+
+        // Test vectors from RFC 8032 (https://datatracker.ietf.org/doc/html/rfc8032)
+        // Section 7.1. Test Vectors for Ed25519
+
+        [TestMethod]
+        public void TestVectorCase1()
+        {
+            byte[] privateKey = "9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60".HexToBytes();
+            byte[] publicKey = "d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a".HexToBytes();
+            byte[] message = Array.Empty<byte>();
+            byte[] signature = ("e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e06522490155" +
+                                "5fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b").HexToBytes();
+
+            Ed25519.GetPublicKey(privateKey).Should().Equal(publicKey);
+            Ed25519.Sign(message, privateKey).Should().Equal(signature);
+            Ed25519.Verify(message, signature, publicKey).Should().BeTrue();
+        }
+
+        [TestMethod]
+        public void TestVectorCase2()
+        {
+            byte[] privateKey = "4ccd089b28ff96da9db6c346ec114e0f5b8a319f35aba624da8cf6ed4fb8a6fb".HexToBytes();
+            byte[] publicKey = "3d4017c3e843895a92b70aa74d1b7ebc9c982ccf2ec4968cc0cd55f12af4660c".HexToBytes();
+            byte[] message = Encoding.UTF8.GetBytes("r");
+            byte[] signature = ("92a009a9f0d4cab8720e820b5f642540a2b27b5416503f8fb3762223ebdb69da" +
+                                "085ac1e43e15996e458f3613d0f11d8c387b2eaeb4302aeeb00d291612bb0c00").HexToBytes();
+
+            Ed25519.GetPublicKey(privateKey).Should().Equal(publicKey);
+            Ed25519.Sign(message, privateKey).Should().Equal(signature);
+            Ed25519.Verify(message, signature, publicKey).Should().BeTrue();
+        }
+
+        [TestMethod]
+        public void TestVectorCase3()
+        {
+            byte[] privateKey = "c5aa8df43f9f837bedb7442f31dcb7b166d38535076f094b85ce3a2e0b4458f7".HexToBytes();
+            byte[] publicKey = "fc51cd8e6218a1a38da47ed00230f0580816ed13ba3303ac5deb911548908025".HexToBytes();
+            byte[] message = new byte[] { 0xaf, 0x82 };
+            byte[] signature = ("6291d657deec24024827e69c3abe01a30ce548a284743a445e3680d7db5ac3ac" +
+                                "18ff9b538d16f290ae67f760984dc6594a7c15e9716ed28dc027beceea1ec40a").HexToBytes();
+
+            Ed25519.GetPublicKey(privateKey).Should().Equal(publicKey);
+            Ed25519.Sign(message, privateKey).Should().Equal(signature);
+            Ed25519.Verify(message, signature, publicKey).Should().BeTrue();
+        }
+    }
+}