1#![no_std]
2#![doc = "Crypto-agile envelope metadata for BCX."]
3
4mod envelope;
5mod error;
6
7pub use envelope::{
8 AlgorithmPolicy, SignatureAlgorithm, SignatureEnvelope, SignedEnvelope, Verifier,
9};
10pub use error::VerificationError;
11
12#[cfg(test)]
13mod tests {
14 use super::*;
15 use bcx_core::Digest;
16
17 #[test]
18 fn empty_signature_is_rejected() {
19 let envelope = SignatureEnvelope {
20 key_id: Digest::new([1; Digest::LEN]),
21 algorithm: SignatureAlgorithm::Ed25519,
22 signature: &[],
23 };
24
25 assert_eq!(
26 envelope.validate(256),
27 Err(VerificationError::EmptySignature)
28 );
29 }
30
31 #[test]
32 fn wrong_signature_length_is_rejected() {
33 let envelope = SignatureEnvelope {
34 key_id: Digest::new([1; Digest::LEN]),
35 algorithm: SignatureAlgorithm::Ed25519,
36 signature: &[7; 63],
37 };
38
39 assert_eq!(
40 envelope.validate(256),
41 Err(VerificationError::InvalidSignature)
42 );
43 }
44
45 #[test]
46 fn policy_rejects_unadmitted_algorithm_before_verifier() {
47 struct RejectingVerifier;
48
49 impl Verifier for RejectingVerifier {
50 fn verify(
51 &self,
52 _envelope: &SignatureEnvelope<'_>,
53 _canonical_payload: &[u8],
54 ) -> Result<(), VerificationError> {
55 Err(VerificationError::InvalidSignature)
56 }
57 }
58
59 let signature = [1; 64];
60 let envelope = SignedEnvelope {
61 payload: (),
62 signature: SignatureEnvelope {
63 key_id: Digest::new([1; Digest::LEN]),
64 algorithm: SignatureAlgorithm::Ed25519,
65 signature: &signature,
66 },
67 };
68 let policy = AlgorithmPolicy::new(&[SignatureAlgorithm::MlDsa65]);
69
70 assert_eq!(
71 envelope.verify_bytes(&RejectingVerifier, &policy, b"payload", 8_000),
72 Err(VerificationError::AlgorithmNotAdmitted)
73 );
74 }
75}