Crypto: sign 32 bytes message hash

src/lib_crypto/ed25519.ml

@@ -265,12 +265,6 @@ let sign key msg = Sign.detached ~key msg
 let check public_key signature msg =
   Sign.verify_detached ~key:public_key ~signature msg
 
-let append key msg =
-  MBytes.concat msg (sign key msg)
-
-let concat msg signature =
-  MBytes.concat msg signature
-
 module Seed = struct
 
   type t = Bigstring.t

src/lib_crypto/s.ml

@@ -203,14 +203,8 @@ module type SIGNATURE = sig
 
   val zero: t
 
-  (** Check a signature *)
-  val check: Public_key.t -> t -> MBytes.t -> bool
-
-  (** Append a signature *)
-  val append: Secret_key.t -> MBytes.t -> MBytes.t
-  val concat: MBytes.t -> t -> MBytes.t
-
   val sign: Secret_key.t -> MBytes.t -> t
+  val check: Public_key.t -> t -> MBytes.t -> bool
 
   val generate_key: unit -> (Public_key_hash.t * Public_key.t * Secret_key.t)
 

src/lib_crypto/secp256k1.ml

@@ -245,12 +245,6 @@ let sign sk msg =
 let check public_key signature msg =
   Sign.verify_exn context ~pk:public_key ~msg ~signature
 
-let concat msg t =
-  MBytes.concat msg (Sign.to_bytes ~der:false context t)
-
-let append sk msg =
-  concat msg (Sign.sign_exn context ~sk msg)
-
 let generate_key () =
   let sk = Key.read_sk_exn context (Rand.generate 32) in
   let pk = Key.neuterize_exn context sk in

src/lib_crypto/signature.ml

@@ -432,12 +432,17 @@ let of_ed25519 s = Ed25519 s
 
 let zero = of_ed25519 Ed25519.zero
 
+let hash msg =
+  Blake2B.(to_bytes (hash_bytes [msg]))
+
 let sign secret_key message =
+  let message = hash message in
   match secret_key with
   | Secret_key.Ed25519 sk -> of_ed25519 (Ed25519.sign sk message)
   | Secret_key.Secp256k1 sk -> of_secp256k1 (Secp256k1.sign sk message)
 
 let check public_key signature message =
+  let message = hash message in
   match public_key, signature with
   | Public_key.Ed25519 pk, Unknown signature -> begin
       match Ed25519.of_bytes_opt signature with
@@ -456,10 +461,8 @@ let check public_key signature message =
   | Public_key.Ed25519 _, Secp256k1 _ -> false
   | Public_key.Secp256k1 _, Ed25519 _ -> false
 
-let append sk bytes =
-  match sk with
-  | Secret_key.Ed25519 s -> Ed25519.append s bytes
-  | Secret_key.Secp256k1 s -> Secp256k1.append s bytes
+let append sk msg =
+  MBytes.concat msg (to_bytes (sign sk msg))
 
 let concat msg signature =
   MBytes.concat msg (to_bytes signature)

src/lib_crypto/signature.mli

@@ -23,6 +23,14 @@ include S.SIGNATURE with type Public_key_hash.t = public_key_hash
                      and type Public_key.t = public_key
                      and type Secret_key.t = secret_key
 
+val append : secret_key -> MBytes.t -> MBytes.t
+(** [append sk buf] is the concatenation of [buf] and the
+    serialization of the signature of [buf] signed by [sk]. *)
+
+val concat : MBytes.t -> t -> MBytes.t
+(** [concat buf t] is the concatenation of [buf] and the serialization
+    of [t]. *)
+
 include S.RAW_DATA with type t := t
 
 type algo =

src/lib_protocol_environment/sigs/v1/s.mli

@@ -247,7 +247,5 @@ module type SIGNATURE = sig
   (** Check a signature *)
   val check: Public_key.t -> t -> MBytes.t -> bool
 
-  val concat: MBytes.t -> t -> MBytes.t
-
 end
 

src/lib_protocol_environment/tezos_protocol_environment.ml

@@ -315,8 +315,6 @@ module Make (Context : CONTEXT) = struct
         (** Check a signature *)
         val check: Public_key.t -> t -> MBytes.t -> bool
 
-        val concat: MBytes.t -> t -> MBytes.t
-
       end
 
     end