confitul 0.1.4

ConfitUL contains utilities for ConfitDB which is an experimental, distributed, real-time database, giving full control on conflict resolution.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110

use ed25519_dalek;
use sha2::Digest;
use signature;
use std::convert::TryFrom;

pub const CONTEXT: &'static [u8] = env!("CARGO_PKG_HOMEPAGE").as_bytes();

/// Verify that a message is correctly signed.
///
/// The difference between a plain ed25519 verify is that this
/// one uses a specific "context" so that it expects a message
/// signed by same "context" and will not validate the same message
/// signed by another app with the same algorithm.
///
/// # Examples
/// ```
/// use confitul::{sign,verify};
/// use ed25519_dalek::Keypair;
/// use rand07::rngs::OsRng;
///
/// let mut csprng = OsRng {};
/// let keypair: Keypair = Keypair::generate(&mut csprng);
///
/// let foo = "foo foo foo".as_bytes();
/// let sig_foo = sign(&keypair, foo);
/// assert!(matches!(verify(&keypair.public, foo, &sig_foo), Ok(())));
/// ```
pub fn verify(
    key: &ed25519_dalek::PublicKey,
    msg: &[u8],
    sig: &[u8],
) -> Result<(), signature::Error> {
    let sig = ed25519_dalek::Signature::try_from(sig)?;
    if CONTEXT.len() == 0 {
        return Err(signature::Error::new());
    }
    let mut prehashed = ed25519_dalek::Sha512::new();
    prehashed.update(msg);
    key.verify_prehashed(prehashed, Some(CONTEXT), &sig)
}

/// Sign a message.
///
/// The difference between a plain ed25519 sign is that this
/// one uses a specific "context" so that a message signed by
/// another app with the same algorithm does not have the same
/// signature.
///
/// # Examples
/// ```
/// use confitul::{sign,verify};
/// use ed25519_dalek::Keypair;
/// use rand07::rngs::OsRng;
///
/// let mut csprng = OsRng {};
/// let keypair: Keypair = Keypair::generate(&mut csprng);
///
/// let foo = "foo foo foo".as_bytes();
/// let sig_foo = sign(&keypair, foo);
/// assert!(matches!(verify(&keypair.public, foo, &sig_foo), Ok(())));
/// ```
pub fn sign(key: &ed25519_dalek::Keypair, msg: &[u8]) -> Vec<u8> {
    let mut prehashed = ed25519_dalek::Sha512::new();
    prehashed.update(msg);
    key.sign_prehashed(prehashed, Some(CONTEXT))
        .unwrap()
        .to_bytes()
        .into()
}

#[cfg(test)]
mod tests {
    use super::{sign, verify};
    use ed25519_dalek::Keypair;
    use rand07::rngs::OsRng;

    #[test]
    fn test_sign_verify() {
        let mut csprng = OsRng {};
        let keypair: Keypair = Keypair::generate(&mut csprng);

        let foo = "foo".as_bytes();
        let bar = "bar".as_bytes();
        let sig_foo = sign(&keypair, foo);
        let sig_bar = sign(&keypair, bar);

        assert!(matches!(verify(&keypair.public, foo, &sig_foo), Ok(())));
        assert!(matches!(verify(&keypair.public, foo, &sig_bar), Err(_)));
        assert!(matches!(verify(&keypair.public, bar, &sig_bar), Ok(())));
        assert!(matches!(verify(&keypair.public, bar, &sig_foo), Err(_)));
    }

    #[test]
    fn test_export_public() {
        let mut csprng = OsRng {};
        let keypair: Keypair = Keypair::generate(&mut csprng);
        let export = Vec::from(keypair.public.to_bytes());
        let public = ed25519_dalek::PublicKey::from_bytes(&export).unwrap();

        let foo = "foo".as_bytes();
        let bar = "bar".as_bytes();
        let sig_foo = sign(&keypair, foo);
        let sig_bar = sign(&keypair, bar);

        assert!(matches!(verify(&public, foo, &sig_foo), Ok(())));
        assert!(matches!(verify(&public, foo, &sig_bar), Err(_)));
        assert!(matches!(verify(&public, bar, &sig_bar), Ok(())));
        assert!(matches!(verify(&public, bar, &sig_foo), Err(_)));
    }
}