From b718a4c94f23d2f61e5d973ef474c0229ba877c0 Mon Sep 17 00:00:00 2001
From: Mark Bundschuh <mark@mbund.dev>
Date: Mon, 10 Feb 2025 20:28:25 -0500
Subject: [PATCH 1/3] stuff

---
 benches/subscription.py                  |  2 +-
 decoder/subscribe.zig                    | 23 ++++++++++++++++++++---
 design/ectf25_design/decrypt_test.py     | 17 +++++++++++++++++
 design/ectf25_design/encoder.py          |  2 +-
 design/ectf25_design/gen_secrets.py      |  2 +-
 design/ectf25_design/gen_subscription.py | 11 ++++++++++-
 6 files changed, 50 insertions(+), 7 deletions(-)
 create mode 100644 design/ectf25_design/decrypt_test.py

diff --git a/benches/subscription.py b/benches/subscription.py
index 638fa54..aba341a 100644
--- a/benches/subscription.py
+++ b/benches/subscription.py
@@ -14,7 +14,7 @@ def main():
 
     secrets = open('secrets/secrets.json', 'rb').read()
     channel = 1
-    subscription = gen_subscription(secrets=secrets, device_id=0xdeadbeef, start=1, end=2**64 - 2, channel=channel)
+    subscription = gen_subscription(secrets=secrets, device_id=0xdeadbeef, start=0, end=10, channel=channel)
 
     t = time.perf_counter()
     decoder.subscribe(subscription)
diff --git a/decoder/subscribe.zig b/decoder/subscribe.zig
index f69e806..4924df6 100644
--- a/decoder/subscribe.zig
+++ b/decoder/subscribe.zig
@@ -2,11 +2,16 @@ const std = @import("std");
 const root = @import("root");
 const lib = @import("lib");
 const secrets = @import("secrets");
+const ed25519 = @import("ed25519");
 
 const flash = @import("flash.zig");
 const messaging = @import("messaging.zig");
 
-pub const max_message_size = @sizeOf(SubscribeHeader) + @sizeOf(lib.Subscription.Bytes);
+pub const max_message_size = @sizeOf(SignatureHeader) + @sizeOf(SubscribeHeader) + @sizeOf(lib.Subscription.Bytes);
+
+const SignatureHeader = extern struct {
+    signature: [64]u8 align(1),
+};
 
 const SubscribeHeader = extern struct {
     start: u64 align(1),
@@ -15,10 +20,22 @@ const SubscribeHeader = extern struct {
 };
 
 pub fn execute(body: []u8) !void {
+    const signature_header: *const SignatureHeader = @ptrCast(body.ptr);
+    const message_body = body[@sizeOf(SignatureHeader)..];
+    messaging.sendDebug("signature: {}", .{std.fmt.fmtSliceHexLower(&signature_header.signature)});
+    messaging.sendDebug("body: {}", .{std.fmt.fmtSliceHexLower(message_body)});
+    messaging.sendDebug("message_body.len: {}", .{message_body.len});
+    messaging.sendDebug("pubkey: {}", .{std.fmt.fmtSliceHexLower(&secrets.public_key)});
+    const valid = ed25519.ed25519_verify(&signature_header.signature, message_body.ptr, message_body.len, &secrets.public_key);
+    if (valid == 0) {
+        messaging.sendDebug("Invalid signature", .{});
+        return error.InvalidSignature;
+    }
+
     const key = secrets.subscription_key;
-    std.crypto.stream.salsa.Salsa20.xor(body, body, 0, key, std.mem.zeroes([8]u8));
+    std.crypto.stream.salsa.Salsa20.xor(message_body, message_body, 0, key, std.mem.zeroes([8]u8));
 
-    const header: *const SubscribeHeader = @ptrCast(body.ptr);
+    const header: *const SubscribeHeader = @ptrCast(message_body.ptr);
     const channel_index = header.channel - 1;
 
     if (root.subscriptions[channel_index]) |*subscription| subscription.deinit();
diff --git a/design/ectf25_design/decrypt_test.py b/design/ectf25_design/decrypt_test.py
new file mode 100644
index 0000000..b8ec685
--- /dev/null
+++ b/design/ectf25_design/decrypt_test.py
@@ -0,0 +1,17 @@
+from Crypto.Signature import eddsa
+from Crypto.PublicKey import ECC
+
+body = bytes.fromhex("f16ff19f62966867818a62a43d7e8a26f698e187f30aafe162a48657615f65d12343a68accd8596768b10a8e0767d7cf80387d42c640482add1772d98b1b91c53372e156767f40c4c10c9ac34c6f1621a54e2df6078298d2bb")
+pubkey = bytes.fromhex("e7043835f45f3a60b00cb1315600d791006d58ced32368d300affe69839f0dd3")
+sig = bytes.fromhex("c47046aa86c17b3d59f8865556949edb7bf34f156d942641c8b65e70f664eb3091d382edaa14f38da422372dc81094cb2acb281b62ddf91a1300033dfd8b3903")
+
+privkey = "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEIHTI9n0ipGCLchGSUfsDVuzdxATVSWdCZckhqRLkZviD\n-----END PRIVATE KEY-----"
+privkey2 = ECC.import_key(privkey)
+
+# eddsa.import_private_key
+
+# print(privkey2.public_key().export_key())
+
+# pubkey2 = eddsa.import_public_key(pubkey)
+
+# eddsa.new(pubkey2, "rfc8032").verify(body, sig)
\ No newline at end of file
diff --git a/design/ectf25_design/encoder.py b/design/ectf25_design/encoder.py
index 530d24b..99754ff 100755
--- a/design/ectf25_design/encoder.py
+++ b/design/ectf25_design/encoder.py
@@ -44,7 +44,7 @@ def __init__(self, secrets: bytes):
             int(channel): bytes.fromhex(seed)
             for channel, seed in secrets["seeds"].items()
         }
-        self.signer = eddsa.new(ECC.import_key(secrets["private_key"]), "rfc8032")
+        self.signer = eddsa.new(eddsa.import_private_key(bytes.fromhex(secrets["private_key"])), "rfc8032")
 
     def encode(self, channel: int, frame: bytes, timestamp: int) -> bytes:
         """The frame encoder function
diff --git a/design/ectf25_design/gen_secrets.py b/design/ectf25_design/gen_secrets.py
index 6e4fe04..cdbeb66 100644
--- a/design/ectf25_design/gen_secrets.py
+++ b/design/ectf25_design/gen_secrets.py
@@ -39,7 +39,7 @@ def gen_secrets(channels: list[int]) -> bytes:
         "seeds": {str(channel): os.urandom(24).hex() for channel in channels},
         "subscription_salt": os.urandom(32).hex(),
         "public_key": keypair.public_key().export_key(format="raw").hex(),
-        "private_key": keypair.export_key(format="PEM"),
+        "private_key": keypair.export_key(format="DER").hex(),
     }
 
     return json.dumps(secrets, indent=2).encode()
diff --git a/design/ectf25_design/gen_subscription.py b/design/ectf25_design/gen_subscription.py
index 5256346..5551d6e 100644
--- a/design/ectf25_design/gen_subscription.py
+++ b/design/ectf25_design/gen_subscription.py
@@ -18,6 +18,8 @@
 from loguru import logger
 from blake3 import blake3
 from Crypto.Cipher import Salsa20
+from Crypto.Signature import eddsa
+from Crypto.PublicKey import ECC
 
 HASH_TREE_HEIGHT = 64
 LEFT_SALT = b"L"
@@ -51,6 +53,8 @@ def gen_subscription(
     secrets = json.loads(secrets)
     seed = bytes.fromhex(secrets["seeds"][str(channel)])
 
+    signer = eddsa.new(eddsa.import_private_key(bytes.fromhex(secrets["private_key"])), "rfc8032")
+
     roots = get_roots(start, end)
 
 
@@ -66,9 +70,14 @@ def gen_subscription(
 
     subscription_salt = bytes.fromhex(secrets["subscription_salt"])
     key = blake3(f"{subscription_salt.hex()}{device_id:08x}".encode()).digest()
+    message = struct.pack("<QQB", start, end, channel) + b''.join(hashes)
+    signature = signer.sign(message)
+    print("signature", signature.hex())
+    print("len", len(message))
 
     # Pack the subscription. This will be sent to the decoder with ectf25.tv.subscribe
-    return Salsa20.new(key=key, nonce=bytes(0 for i in range(8))).encrypt(struct.pack("<QQB", start, end, channel) + b''.join(hashes))
+    print("body", Salsa20.new(key=key, nonce=bytes(0 for i in range(8))).encrypt(message).hex())
+    return signature + Salsa20.new(key=key, nonce=bytes(0 for i in range(8))).encrypt(message)
 
 
 def ctz(x: int) -> int:

From d8c3c63dab954b7aaee6dbdec9edc7e20df455a3 Mon Sep 17 00:00:00 2001
From: Joshua Sims <jm8hjkl@gmail.com>
Date: Tue, 11 Feb 2025 15:11:45 -0500
Subject: [PATCH 2/3] unchange

---
 benches/subscription.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/benches/subscription.py b/benches/subscription.py
index aba341a..638fa54 100644
--- a/benches/subscription.py
+++ b/benches/subscription.py
@@ -14,7 +14,7 @@ def main():
 
     secrets = open('secrets/secrets.json', 'rb').read()
     channel = 1
-    subscription = gen_subscription(secrets=secrets, device_id=0xdeadbeef, start=0, end=10, channel=channel)
+    subscription = gen_subscription(secrets=secrets, device_id=0xdeadbeef, start=1, end=2**64 - 2, channel=channel)
 
     t = time.perf_counter()
     decoder.subscribe(subscription)

From 66c0a030d20c2ab15c8de703275c95bff320624c Mon Sep 17 00:00:00 2001
From: Joshua Sims <jm8hjkl@gmail.com>
Date: Tue, 11 Feb 2025 15:12:52 -0500
Subject: [PATCH 3/3] unchange

---
 design/ectf25_design/decrypt_test.py | 17 -----------------
 1 file changed, 17 deletions(-)
 delete mode 100644 design/ectf25_design/decrypt_test.py

diff --git a/design/ectf25_design/decrypt_test.py b/design/ectf25_design/decrypt_test.py
deleted file mode 100644
index b8ec685..0000000
--- a/design/ectf25_design/decrypt_test.py
+++ /dev/null
@@ -1,17 +0,0 @@
-from Crypto.Signature import eddsa
-from Crypto.PublicKey import ECC
-
-body = bytes.fromhex("f16ff19f62966867818a62a43d7e8a26f698e187f30aafe162a48657615f65d12343a68accd8596768b10a8e0767d7cf80387d42c640482add1772d98b1b91c53372e156767f40c4c10c9ac34c6f1621a54e2df6078298d2bb")
-pubkey = bytes.fromhex("e7043835f45f3a60b00cb1315600d791006d58ced32368d300affe69839f0dd3")
-sig = bytes.fromhex("c47046aa86c17b3d59f8865556949edb7bf34f156d942641c8b65e70f664eb3091d382edaa14f38da422372dc81094cb2acb281b62ddf91a1300033dfd8b3903")
-
-privkey = "-----BEGIN PRIVATE KEY-----\nMC4CAQAwBQYDK2VwBCIEIHTI9n0ipGCLchGSUfsDVuzdxATVSWdCZckhqRLkZviD\n-----END PRIVATE KEY-----"
-privkey2 = ECC.import_key(privkey)
-
-# eddsa.import_private_key
-
-# print(privkey2.public_key().export_key())
-
-# pubkey2 = eddsa.import_public_key(pubkey)
-
-# eddsa.new(pubkey2, "rfc8032").verify(body, sig)
\ No newline at end of file