bc_components/
signing_public_key.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
use crate::{ tags, ECKeyBase, ECPublicKey, Ed25519PublicKey, SchnorrPublicKey, Signature, Verifier };
use anyhow::{ bail, Result, Error };
use bc_ur::prelude::*;
use ssh_key::public::PublicKey as SSHPublicKey;

/// A public key that can be used for signing. Supports both ECDSA and Schnorr.
#[derive(Clone, Debug, PartialEq, Eq, Hash)]
pub enum SigningPublicKey {
    Schnorr(SchnorrPublicKey),
    ECDSA(ECPublicKey),
    Ed25519(Ed25519PublicKey),
    SSH(SSHPublicKey),
}

impl SigningPublicKey {
    /// Restores a `SigningPublicKey` from a `SchnorrPublicKey`.
    pub fn from_schnorr(key: SchnorrPublicKey) -> Self {
        Self::Schnorr(key)
    }

    /// Restores a `SigningPublicKey` from an `ECPublicKey`.
    pub fn from_ecdsa(key: ECPublicKey) -> Self {
        Self::ECDSA(key)
    }

    /// Restores a `SigningPublicKey` from an `Ed25519PublicKey`.
    pub fn from_ed25519(key: Ed25519PublicKey) -> Self {
        Self::Ed25519(key)
    }

    /// Restores a `SigningPublicKey` from an SSH public key.
    pub fn from_ssh(key: SSHPublicKey) -> Self {
        Self::SSH(key)
    }

    /// Returns the `SchnorrPublicKey` of this `SigningPublicKey`, if it is a Schnorr key.
    pub fn to_schnorr(&self) -> Option<&SchnorrPublicKey> {
        match self {
            Self::Schnorr(key) => Some(key),
            _ => None,
        }
    }

    /// Returns the `ECPublicKey` of this `SigningPublicKey`, if it is an ECDSA key.
    pub fn to_ecdsa(&self) -> Option<&ECPublicKey> {
        match self {
            Self::ECDSA(key) => Some(key),
            _ => None,
        }
    }

    /// Returns the SSH public key of this `SigningPublicKey`, if it is an SSH key.
    pub fn to_ssh(&self) -> Option<&SSHPublicKey> {
        match self {
            Self::SSH(key) => Some(key),
            _ => None,
        }
    }

}

impl Verifier for SigningPublicKey {
    /// Verifies a signature against a message.
    ///
    /// The type of signature must match the type of this key, and the
    /// signature must be valid for the message, or the verification
    /// will fail.
    fn verify(&self, signature: &Signature, message: &dyn AsRef<[u8]>) -> bool {
        match self {
            SigningPublicKey::Schnorr(key) => {
                match signature {
                    Signature::Schnorr(sig) => key.schnorr_verify::<_, &[u8]>(sig, message),
                    _ => false,
                }
            }
            SigningPublicKey::ECDSA(key) => {
                match signature {
                    Signature::ECDSA(sig) => key.verify(sig, message),
                    _ => false,
                }
            }
            SigningPublicKey::Ed25519(key) => {
                match signature {
                    Signature::Ed25519(sig) => key.verify(sig, message),
                    _ => false,
                }
            }
            SigningPublicKey::SSH(key) => {
                match signature {
                    Signature::SSH(sig) =>
                        key.verify(sig.namespace(), message.as_ref(), sig).is_ok(),
                    _ => false,
                }
            }
        }
    }
}

impl AsRef<SigningPublicKey> for SigningPublicKey {
    fn as_ref(&self) -> &SigningPublicKey {
        self
    }
}

impl CBORTagged for SigningPublicKey {
    fn cbor_tags() -> Vec<Tag> {
        tags_for_values(&[tags::TAG_SIGNING_PUBLIC_KEY])
    }
}

impl From<SigningPublicKey> for CBOR {
    fn from(value: SigningPublicKey) -> Self {
        value.tagged_cbor()
    }
}

impl CBORTaggedEncodable for SigningPublicKey {
    fn untagged_cbor(&self) -> CBOR {
        match self {
            SigningPublicKey::Schnorr(key) => { CBOR::to_byte_string(key.data()) }
            SigningPublicKey::ECDSA(key) => {
                vec![(1).into(), CBOR::to_byte_string(key.data())].into()
            }
            SigningPublicKey::Ed25519(key) => {
                vec![(2).into(), CBOR::to_byte_string(key.data())].into()
            }
            SigningPublicKey::SSH(key) => {
                let string = key.to_openssh().unwrap();
                CBOR::to_tagged_value(tags::TAG_SSH_TEXT_PUBLIC_KEY, string)
            }
        }
    }
}

impl TryFrom<CBOR> for SigningPublicKey {
    type Error = Error;

    fn try_from(cbor: CBOR) -> Result<Self, Self::Error> {
        Self::from_tagged_cbor(cbor)
    }
}

impl CBORTaggedDecodable for SigningPublicKey {
    fn from_untagged_cbor(untagged_cbor: CBOR) -> Result<Self> {
        match untagged_cbor.into_case() {
            CBORCase::ByteString(data) => {
                Ok(Self::Schnorr(SchnorrPublicKey::from_data_ref(data)?))
            }
            CBORCase::Array(mut elements) => {
                if elements.len() == 2 {
                    let mut drain = elements.drain(0..);
                    let ele_0 = drain.next().unwrap().into_case();
                    let ele_1 = drain.next().unwrap().into_case();
                    if let CBORCase::Unsigned(1) = ele_0 {
                        if let CBORCase::ByteString(data) = ele_1 {
                            return Ok(Self::ECDSA(ECPublicKey::from_data_ref(data)?));
                        }
                    } else if let CBORCase::Unsigned(2) = ele_0 {
                        if let CBORCase::ByteString(data) = ele_1 {
                            return Ok(Self::Ed25519(Ed25519PublicKey::from_data_ref(data)?));
                        }
                    }
                }
                bail!("invalid signing public key");
            }
            CBORCase::Tagged(tag, item) => {
                if tag.value() == tags::TAG_SSH_TEXT_PUBLIC_KEY {
                    let string = item.try_into_text()?;
                    let key = SSHPublicKey::from_openssh(&string)?;
                    return Ok(Self::SSH(key));
                }
                bail!("invalid signing public key");
            }
            _ => bail!("invalid signing public key"),
        }
    }
}