1use crate::core::matter::{tables as matter, Matter};
2use crate::crypto::sign;
3use crate::error::{err, Error, Result};
4
5#[derive(Debug, Clone, PartialEq)]
6pub struct Verfer {
7 raw: Vec<u8>,
8 code: String,
9 size: u32,
10}
11
12impl Default for Verfer {
13 fn default() -> Self {
14 Verfer { raw: vec![], code: matter::Codex::Ed25519.to_string(), size: 0 }
15 }
16}
17
18fn validate_code(code: &str) -> Result<()> {
19 const CODES: &[&str] = &[
20 matter::Codex::Ed25519N,
21 matter::Codex::Ed25519,
22 matter::Codex::ECDSA_256k1N,
23 matter::Codex::ECDSA_256k1,
24 matter::Codex::ECDSA_256r1N,
25 matter::Codex::ECDSA_256r1,
26 ];
29
30 if !CODES.contains(&code) {
31 return err!(Error::UnexpectedCode(code.to_string()));
32 }
33
34 Ok(())
35}
36
37impl Verfer {
38 pub fn new(
39 code: Option<&str>,
40 raw: Option<&[u8]>,
41 qb64b: Option<&[u8]>,
42 qb64: Option<&str>,
43 qb2: Option<&[u8]>,
44 ) -> Result<Self> {
45 let code = code.unwrap_or(matter::Codex::Ed25519N);
46 let verfer: Self = Matter::new(Some(code), raw, qb64b, qb64, qb2)?;
47 validate_code(&verfer.code())?;
48 Ok(verfer)
49 }
50
51 pub fn new_with_raw(raw: &[u8], code: Option<&str>) -> Result<Self> {
52 Self::new(code, Some(raw), None, None, None)
53 }
54
55 pub fn new_with_qb64b(qb64b: &[u8]) -> Result<Self> {
56 Self::new(None, None, Some(qb64b), None, None)
57 }
58
59 pub fn new_with_qb64(qb64: &str) -> Result<Self> {
60 Self::new(None, None, None, Some(qb64), None)
61 }
62
63 pub fn new_with_qb2(qb2: &[u8]) -> Result<Self> {
64 Self::new(None, None, None, None, Some(qb2))
65 }
66
67 pub fn verify(&self, sig: &[u8], ser: &[u8]) -> Result<bool> {
68 validate_code(&self.code())?;
69 sign::verify(&self.code(), &self.raw(), sig, ser)
70 }
71}
72
73impl Matter for Verfer {
74 fn code(&self) -> String {
75 self.code.clone()
76 }
77
78 fn raw(&self) -> Vec<u8> {
79 self.raw.clone()
80 }
81
82 fn size(&self) -> u32 {
83 self.size
84 }
85
86 fn set_code(&mut self, code: &str) {
87 self.code = code.to_string();
88 }
89
90 fn set_raw(&mut self, raw: &[u8]) {
91 self.raw = raw.to_vec();
92 }
93
94 fn set_size(&mut self, size: u32) {
95 self.size = size;
96 }
97}
98
99#[cfg(test)]
100mod test {
101 use crate::core::matter::{tables as matter, Matter};
102 use crate::core::verfer::Verfer;
103 use hex_literal::hex;
104
105 #[test]
106 fn convenience() {
107 let raw = &hex!("0123456789abcdef00001111222233334444555566667777888899990000aaaa");
108 let code = matter::Codex::Ed25519N;
109
110 let verfer = Verfer::new(Some(code), Some(raw), None, None, None).unwrap();
111
112 assert!(Verfer::new_with_raw(&verfer.raw(), Some(&verfer.code())).is_ok());
113 assert!(Verfer::new_with_qb64b(&verfer.qb64b().unwrap()).is_ok());
114 assert!(Verfer::new_with_qb64(&verfer.qb64().unwrap()).is_ok());
115 assert!(Verfer::new_with_qb2(&verfer.qb2().unwrap()).is_ok());
116 }
117
118 #[test]
119 fn new() {
120 let raw = &hex!("0123456789abcdef00001111222233334444555566667777888899990000aaaa");
121 let code = matter::Codex::Ed25519N;
122
123 assert!(Verfer::new(Some(code), Some(raw), None, None, None).is_ok());
124 }
125
126 #[test]
127 fn new_with_code_and_raw() {
128 let raw = hex!("0123456789abcdef00001111222233334444555566667777888899990000aaaa");
129 let code = matter::Codex::Ed25519N;
130
131 let m = Verfer::new(Some(code), Some(&raw), None, None, None).unwrap();
132 assert_eq!(m.raw(), raw);
133
134 let code = matter::Codex::Blake3_256;
135 assert!(Verfer::new(Some(code), Some(&raw), None, None, None).is_err());
136 }
137
138 #[test]
139 fn new_with_qb64() {
140 let raw = hex!("0123456789abcdef00001111222233334444555566667777888899990000aaaa");
141
142 let good_code = matter::Codex::Ed25519N;
143 let good_qb64 =
144 Verfer::new(Some(good_code), Some(&raw), None, None, None).unwrap().qb64().unwrap();
145
146 let bad_code = matter::Codex::Blake3_256;
147 let bad_qb64 = <Verfer as Matter>::new(Some(bad_code), Some(&raw), None, None, None)
148 .unwrap()
149 .qb64()
150 .unwrap();
151
152 assert!(Verfer::new(None, None, None, Some(&good_qb64), None).is_ok());
153 assert!(Verfer::new(None, None, None, Some(&bad_qb64), None).is_err());
154 }
155
156 #[test]
157 fn new_with_qb64b() {
158 let raw = hex!("0123456789abcdef00001111222233334444555566667777888899990000aaaa");
159
160 let good_code = matter::Codex::Ed25519N;
161 let good_qb64b =
162 Verfer::new(Some(good_code), Some(&raw), None, None, None).unwrap().qb64b().unwrap();
163
164 let bad_code = matter::Codex::Blake3_256;
165 let bad_qb64b = <Verfer as Matter>::new(Some(bad_code), Some(&raw), None, None, None)
166 .unwrap()
167 .qb64b()
168 .unwrap();
169
170 assert!(Verfer::new(None, None, Some(&good_qb64b), None, None).is_ok());
171 assert!(Verfer::new(None, None, Some(&bad_qb64b), None, None).is_err());
172 }
173
174 #[test]
175 fn new_with_qb2() {
176 let raw = hex!("0123456789abcdef00001111222233334444555566667777888899990000aaaa");
177
178 let good_code = matter::Codex::Ed25519N;
179 let good_qb2 =
180 Verfer::new(Some(good_code), Some(&raw), None, None, None).unwrap().qb2().unwrap();
181
182 let bad_code = matter::Codex::Blake3_256;
183 let bad_qb2 = <Verfer as Matter>::new(Some(bad_code), Some(&raw), None, None, None)
184 .unwrap()
185 .qb2()
186 .unwrap();
187
188 assert!(Verfer::new(None, None, None, None, Some(&good_qb2)).is_ok());
189 assert!(Verfer::new(None, None, None, None, Some(&bad_qb2)).is_err());
190 }
191
192 #[test]
193 fn verify_ed25519() {
194 use ed25519_dalek::Signer;
195
196 let ser = hex!("e1be4d7a8ab5560aa4199eea339849ba8e293d55ca0a81006726d184519e647f"
197 "5b49b82f805a538c68915c1ae8035c900fd1d4b13902920fd05e1450822f36de");
198 let bad_ser = hex!("e1be4d7a8ab5560aa4199eea339849ba8e293d55ca0a81006726d184519e647f"
199 "5b49b82f805a538c68915c1ae8035c900fd1d4b13902920fd05e1450822f36df");
200
201 let mut csprng = rand_core::OsRng;
202 let keypair = ed25519_dalek::SigningKey::generate(&mut csprng);
203
204 let sig = keypair.sign(&ser).to_bytes();
205 let mut bad_sig = sig;
206 bad_sig[0] ^= 0xff;
207
208 let raw = keypair.verifying_key().to_bytes();
209
210 let mut m =
211 Verfer::new(Some(matter::Codex::Ed25519), Some(&raw), None, None, None).unwrap();
212 assert!(m.verify(&sig, &ser).unwrap());
213 assert!(!m.verify(&bad_sig, &ser).unwrap());
214 assert!(!m.verify(&sig, &bad_ser).unwrap());
215 assert!(m.verify(&[], &ser).is_err());
216
217 m.set_code(matter::Codex::Ed25519N);
219 assert!(m.verify(&sig, &ser).unwrap());
220 assert!(!m.verify(&bad_sig, &ser).unwrap());
221 assert!(!m.verify(&sig, &bad_ser).unwrap());
222 }
223
224 #[test]
225 fn verify_ecdsa_256k1() {
226 use k256::ecdsa::{signature::Signer, Signature, SigningKey, VerifyingKey};
227
228 let ser = hex!("e1be4d7a8ab5560aa4199eea339849ba8e293d55ca0a81006726d184519e647f"
229 "5b49b82f805a538c68915c1ae8035c900fd1d4b13902920fd05e1450822f36de");
230 let bad_ser = hex!("badd");
231
232 let mut csprng = rand_core::OsRng;
233 let private_key = SigningKey::random(&mut csprng);
234
235 let sig = <SigningKey as Signer<Signature>>::sign(&private_key, &ser).to_bytes();
236 let mut bad_sig = sig;
237 bad_sig[0] ^= 0xff;
238
239 let public_key = VerifyingKey::from(private_key);
240 let raw = public_key.to_encoded_point(true).to_bytes();
241
242 let mut m =
243 Verfer::new(Some(matter::Codex::ECDSA_256k1), Some(&raw), None, None, None).unwrap();
244 assert!(m.verify(&sig, &ser).unwrap());
245 assert!(!m.verify(&bad_sig, &ser).unwrap());
246 assert!(!m.verify(&sig, &bad_ser).unwrap());
247 assert!(m.verify(&[], &ser).is_err());
248
249 m.set_code(matter::Codex::ECDSA_256k1N);
250 assert!(m.verify(&sig, &ser).unwrap());
251 assert!(!m.verify(&bad_sig, &ser).unwrap());
252 assert!(!m.verify(&sig, &bad_ser).unwrap());
253 }
254
255 #[test]
256 fn verify_ecdsa_256r1() {
257 use p256::ecdsa::{signature::Signer, Signature, SigningKey, VerifyingKey};
258
259 let ser = hex!("e1be4d7a8ab5560aa4199eea339849ba8e293d55ca0a81006726d184519e647f"
260 "5b49b82f805a538c68915c1ae8035c900fd1d4b13902920fd05e1450822f36de");
261 let bad_ser = hex!("badd");
262
263 let mut csprng = rand_core::OsRng;
264 let private_key = SigningKey::random(&mut csprng);
265
266 let sig = <SigningKey as Signer<Signature>>::sign(&private_key, &ser).to_bytes();
267 let mut bad_sig = sig;
268 bad_sig[0] ^= 0xff;
269
270 let public_key = VerifyingKey::from(private_key);
271 let raw = public_key.to_encoded_point(true).to_bytes();
272
273 let mut m =
274 Verfer::new(Some(matter::Codex::ECDSA_256r1), Some(&raw), None, None, None).unwrap();
275 assert!(m.verify(&sig, &ser).unwrap());
276 assert!(!m.verify(&bad_sig, &ser).unwrap());
277 assert!(!m.verify(&sig, &bad_ser).unwrap());
278 assert!(m.verify(&[], &ser).is_err());
279
280 m.set_code(matter::Codex::ECDSA_256r1N);
281 assert!(m.verify(&sig, &ser).unwrap());
282 assert!(!m.verify(&bad_sig, &ser).unwrap());
283 assert!(!m.verify(&sig, &bad_ser).unwrap());
284 }
285
286 #[test]
287 fn unhappy_paths() {
288 assert!(Verfer { code: matter::Codex::Blake3_256.to_string(), raw: vec![], size: 0 }
289 .verify(&[], &[])
290 .is_err());
291 }
292}