1use iota_types::{SimpleSignature, UserSignature};
6use signature::Verifier;
7
8use crate::SignatureError;
9
10pub struct SimpleVerifier;
11
12impl Verifier<SimpleSignature> for SimpleVerifier {
13 #[allow(unused_variables)]
14 fn verify(&self, message: &[u8], signature: &SimpleSignature) -> Result<(), SignatureError> {
15 match signature {
16 #[cfg(feature = "ed25519")]
17 SimpleSignature::Ed25519 {
18 signature,
19 public_key,
20 } => {
21 let verifying_key = crate::ed25519::Ed25519VerifyingKey::new(public_key)?;
22 verifying_key.verify(message, signature)
23 }
24 #[cfg(not(feature = "ed25519"))]
25 SimpleSignature::Ed25519 { .. } => Err(SignatureError::from_source(
26 "support for ed25519 is not enabled",
27 )),
28 #[cfg(feature = "secp256k1")]
29 SimpleSignature::Secp256k1 {
30 signature,
31 public_key,
32 } => {
33 let verifying_key = crate::secp256k1::Secp256k1VerifyingKey::new(public_key)?;
34 verifying_key.verify(message, signature)
35 }
36 #[cfg(not(feature = "secp256k1"))]
37 SimpleSignature::Secp256k1 { .. } => Err(SignatureError::from_source(
38 "support for secp256k1 is not enabled",
39 )),
40 #[cfg(feature = "secp256r1")]
41 SimpleSignature::Secp256r1 {
42 signature,
43 public_key,
44 } => {
45 let verifying_key = crate::secp256r1::Secp256r1VerifyingKey::new(public_key)?;
46 verifying_key.verify(message, signature)
47 }
48 #[cfg(not(feature = "secp256r1"))]
49 SimpleSignature::Secp256r1 { .. } => Err(SignatureError::from_source(
50 "support for secp256r1 is not enabled",
51 )),
52 }
53 }
54}
55
56impl Verifier<UserSignature> for SimpleVerifier {
57 fn verify(&self, message: &[u8], signature: &UserSignature) -> Result<(), SignatureError> {
58 let UserSignature::Simple(signature) = signature else {
59 return Err(SignatureError::from_source("not a simple signature"));
60 };
61
62 <Self as Verifier<SimpleSignature>>::verify(self, message, signature)
63 }
64}
65
66#[cfg(any(feature = "ed25519", feature = "secp256r1", feature = "secp256k1",))]
67#[cfg_attr(
68 doc_cfg,
69 doc(cfg(any(feature = "ed25519", feature = "secp256r1", feature = "secp256k1",)))
70)]
71#[rustfmt::skip]
72pub use keypair::{SimpleKeypair, SimpleVerifyingKey};
73
74#[cfg(any(feature = "ed25519", feature = "secp256r1", feature = "secp256k1",))]
75#[cfg_attr(
76 doc_cfg,
77 doc(cfg(any(feature = "ed25519", feature = "secp256r1", feature = "secp256k1",)))
78)]
79mod keypair {
80 use iota_types::{
81 MultisigMemberPublicKey, PublicKeyExt, SignatureScheme, SimpleSignature, UserSignature,
82 };
83 use signature::{Signer, Verifier};
84
85 use crate::SignatureError;
86
87 #[derive(Debug, Clone)]
88 pub struct SimpleKeypair {
89 inner: InnerKeypair,
90 }
91
92 #[derive(Debug, Clone)]
93 enum InnerKeypair {
94 #[cfg(feature = "ed25519")]
95 Ed25519(crate::ed25519::Ed25519PrivateKey),
96 #[cfg(feature = "secp256k1")]
97 Secp256k1(crate::secp256k1::Secp256k1PrivateKey),
98 #[cfg(feature = "secp256r1")]
99 Secp256r1(crate::secp256r1::Secp256r1PrivateKey),
100 }
101
102 impl SimpleKeypair {
103 pub fn scheme(&self) -> SignatureScheme {
104 match &self.inner {
105 #[cfg(feature = "ed25519")]
106 InnerKeypair::Ed25519(private_key) => private_key.scheme(),
107 #[cfg(feature = "secp256k1")]
108 InnerKeypair::Secp256k1(private_key) => private_key.scheme(),
109 #[cfg(feature = "secp256r1")]
110 InnerKeypair::Secp256r1(private_key) => private_key.scheme(),
111 }
112 }
113
114 pub fn verifying_key(&self) -> SimpleVerifyingKey {
115 let verifying_key = match &self.inner {
116 #[cfg(feature = "ed25519")]
117 InnerKeypair::Ed25519(private_key) => {
118 InnerVerifyingKey::Ed25519(private_key.verifying_key())
119 }
120 #[cfg(feature = "secp256k1")]
121 InnerKeypair::Secp256k1(private_key) => {
122 InnerVerifyingKey::Secp256k1(private_key.verifying_key())
123 }
124 #[cfg(feature = "secp256r1")]
125 InnerKeypair::Secp256r1(private_key) => {
126 InnerVerifyingKey::Secp256r1(private_key.verifying_key())
127 }
128 };
129
130 SimpleVerifyingKey {
131 inner: verifying_key,
132 }
133 }
134
135 pub fn public_key(&self) -> MultisigMemberPublicKey {
136 self.verifying_key().public_key()
137 }
138
139 pub fn to_bytes(&self) -> Vec<u8> {
141 use crate::ToFromBytes;
142
143 let mut bytes = Vec::new();
144 bytes.push(self.scheme().to_u8());
145
146 match &self.inner {
147 #[cfg(feature = "ed25519")]
148 InnerKeypair::Ed25519(private_key) => {
149 bytes.extend_from_slice(&private_key.to_bytes());
150 }
151 #[cfg(feature = "secp256k1")]
152 InnerKeypair::Secp256k1(private_key) => {
153 bytes.extend_from_slice(&private_key.to_bytes());
154 }
155 #[cfg(feature = "secp256r1")]
156 InnerKeypair::Secp256r1(private_key) => {
157 bytes.extend_from_slice(&private_key.to_bytes());
158 }
159 }
160
161 bytes
162 }
163
164 pub fn from_bytes(bytes: &[u8]) -> Result<Self, SignatureError> {
166 if bytes.is_empty() {
167 return Err(SignatureError::from_source("empty bytes"));
168 }
169
170 let flag = SignatureScheme::from_byte(bytes[0]).map_err(|e| {
171 SignatureError::from_source(format!("invalid signature scheme: {:?}", e))
172 })?;
173 let key_bytes = &bytes[1..];
174
175 match flag {
176 #[cfg(feature = "ed25519")]
177 SignatureScheme::Ed25519 => {
178 if key_bytes.len() != crate::ed25519::Ed25519PrivateKey::LENGTH {
179 return Err(SignatureError::from_source("invalid ed25519 key length"));
180 }
181 let mut arr = [0u8; crate::ed25519::Ed25519PrivateKey::LENGTH];
182 arr.copy_from_slice(key_bytes);
183 Ok(Self {
184 inner: InnerKeypair::Ed25519(crate::ed25519::Ed25519PrivateKey::new(arr)),
185 })
186 }
187 #[cfg(feature = "secp256k1")]
188 SignatureScheme::Secp256k1 => {
189 if key_bytes.len() != crate::secp256k1::Secp256k1PrivateKey::LENGTH {
190 return Err(SignatureError::from_source("invalid secp256k1 key length"));
191 }
192 let mut arr = [0u8; crate::secp256k1::Secp256k1PrivateKey::LENGTH];
193 arr.copy_from_slice(key_bytes);
194 crate::secp256k1::Secp256k1PrivateKey::new(arr)
195 .map(InnerKeypair::Secp256k1)
196 .map(|inner| Self { inner })
197 }
198 #[cfg(feature = "secp256r1")]
199 SignatureScheme::Secp256r1 => {
200 if key_bytes.len() != crate::secp256r1::Secp256r1PrivateKey::LENGTH {
201 return Err(SignatureError::from_source("invalid secp256r1 key length"));
202 }
203 let mut arr = [0u8; crate::secp256r1::Secp256r1PrivateKey::LENGTH];
204 arr.copy_from_slice(key_bytes);
205 Ok(Self {
206 inner: InnerKeypair::Secp256r1(crate::secp256r1::Secp256r1PrivateKey::new(
207 arr,
208 )),
209 })
210 }
211 _ => Err(SignatureError::from_source(
212 "unsupported signature scheme for SimpleKeypair",
213 )),
214 }
215 }
216
217 #[cfg(feature = "pem")]
218 #[cfg_attr(doc_cfg, doc(cfg(feature = "pem")))]
219 pub fn from_der(bytes: &[u8]) -> Result<Self, SignatureError> {
222 let private_key =
223 pkcs8::PrivateKeyInfo::try_from(bytes).map_err(SignatureError::from_source)?;
224
225 match private_key
226 .algorithm
227 .oids()
228 .map_err(SignatureError::from_source)?
229 {
230 #[cfg(feature = "ed25519")]
231 (ed25519_dalek::pkcs8::ALGORITHM_OID, None) => private_key
232 .try_into()
233 .map(crate::ed25519::Ed25519PrivateKey::from_dalek)
234 .map(InnerKeypair::Ed25519)
235 .map_err(SignatureError::from_source),
236 #[cfg(feature = "secp256r1")]
237 (
238 p256::elliptic_curve::ALGORITHM_OID,
239 Some(<p256::NistP256 as pkcs8::AssociatedOid>::OID),
240 ) => private_key
241 .try_into()
242 .map(crate::secp256r1::Secp256r1PrivateKey::from_p256)
243 .map(InnerKeypair::Secp256r1)
244 .map_err(SignatureError::from_source),
245 #[cfg(feature = "secp256k1")]
246 (
247 k256::elliptic_curve::ALGORITHM_OID,
248 Some(<k256::Secp256k1 as pkcs8::AssociatedOid>::OID),
249 ) => private_key
250 .try_into()
251 .map(crate::secp256k1::Secp256k1PrivateKey::from_k256)
252 .map(InnerKeypair::Secp256k1)
253 .map_err(SignatureError::from_source),
254 _ => Err(SignatureError::from_source(
255 "unsupported or invalid private key type",
256 )),
257 }
258 .map(|inner| Self { inner })
259 }
260
261 #[cfg(feature = "pem")]
262 #[cfg_attr(doc_cfg, doc(cfg(feature = "pem")))]
263 pub fn to_der(&self) -> Result<Vec<u8>, SignatureError> {
265 match &self.inner {
266 #[cfg(feature = "ed25519")]
267 InnerKeypair::Ed25519(private_key) => private_key.to_der(),
268 #[cfg(feature = "secp256k1")]
269 InnerKeypair::Secp256k1(private_key) => private_key.to_der(),
270 #[cfg(feature = "secp256r1")]
271 InnerKeypair::Secp256r1(private_key) => private_key.to_der(),
272 }
273 }
274
275 #[cfg(feature = "pem")]
276 #[cfg_attr(doc_cfg, doc(cfg(feature = "pem")))]
277 pub fn from_pem(s: &str) -> Result<Self, SignatureError> {
279 use pkcs8::der::pem::PemLabel;
280
281 let (label, doc) =
282 pkcs8::SecretDocument::from_pem(s).map_err(SignatureError::from_source)?;
283 pkcs8::PrivateKeyInfo::validate_pem_label(label)
284 .map_err(SignatureError::from_source)?;
285 Self::from_der(doc.as_bytes())
286 }
287
288 #[cfg(feature = "pem")]
289 #[cfg_attr(doc_cfg, doc(cfg(feature = "pem")))]
290 pub fn to_pem(&self) -> Result<String, SignatureError> {
292 match &self.inner {
293 #[cfg(feature = "ed25519")]
294 InnerKeypair::Ed25519(private_key) => private_key.to_pem(),
295 #[cfg(feature = "secp256k1")]
296 InnerKeypair::Secp256k1(private_key) => private_key.to_pem(),
297 #[cfg(feature = "secp256r1")]
298 InnerKeypair::Secp256r1(private_key) => private_key.to_pem(),
299 }
300 }
301 }
302
303 impl Signer<SimpleSignature> for SimpleKeypair {
304 fn try_sign(&self, message: &[u8]) -> Result<SimpleSignature, SignatureError> {
305 match &self.inner {
306 #[cfg(feature = "ed25519")]
307 InnerKeypair::Ed25519(private_key) => private_key.try_sign(message),
308 #[cfg(feature = "secp256k1")]
309 InnerKeypair::Secp256k1(private_key) => private_key.try_sign(message),
310 #[cfg(feature = "secp256r1")]
311 InnerKeypair::Secp256r1(private_key) => private_key.try_sign(message),
312 }
313 }
314 }
315
316 impl Signer<UserSignature> for SimpleKeypair {
317 fn try_sign(&self, msg: &[u8]) -> Result<UserSignature, SignatureError> {
318 <Self as Signer<SimpleSignature>>::try_sign(self, msg).map(UserSignature::Simple)
319 }
320 }
321
322 #[cfg(feature = "ed25519")]
323 #[cfg_attr(doc_cfg, doc(cfg(feature = "ed25519")))]
324 impl From<crate::ed25519::Ed25519PrivateKey> for SimpleKeypair {
325 fn from(private_key: crate::ed25519::Ed25519PrivateKey) -> Self {
326 Self {
327 inner: InnerKeypair::Ed25519(private_key),
328 }
329 }
330 }
331
332 #[cfg(feature = "secp256r1")]
333 #[cfg_attr(doc_cfg, doc(cfg(feature = "secp256r1")))]
334 impl From<crate::secp256r1::Secp256r1PrivateKey> for SimpleKeypair {
335 fn from(private_key: crate::secp256r1::Secp256r1PrivateKey) -> Self {
336 Self {
337 inner: InnerKeypair::Secp256r1(private_key),
338 }
339 }
340 }
341
342 #[cfg(feature = "secp256k1")]
343 #[cfg_attr(doc_cfg, doc(cfg(feature = "secp256k1")))]
344 impl From<crate::secp256k1::Secp256k1PrivateKey> for SimpleKeypair {
345 fn from(private_key: crate::secp256k1::Secp256k1PrivateKey) -> Self {
346 Self {
347 inner: InnerKeypair::Secp256k1(private_key),
348 }
349 }
350 }
351
352 #[derive(Debug, Clone, Eq, PartialEq)]
353 pub struct SimpleVerifyingKey {
354 inner: InnerVerifyingKey,
355 }
356
357 #[derive(Debug, Clone, Eq, PartialEq)]
358 enum InnerVerifyingKey {
359 #[cfg(feature = "ed25519")]
360 Ed25519(crate::ed25519::Ed25519VerifyingKey),
361 #[cfg(feature = "secp256k1")]
362 Secp256k1(crate::secp256k1::Secp256k1VerifyingKey),
363 #[cfg(feature = "secp256r1")]
364 Secp256r1(crate::secp256r1::Secp256r1VerifyingKey),
365 }
366
367 impl SimpleVerifyingKey {
368 pub fn scheme(&self) -> SignatureScheme {
369 match &self.inner {
370 #[cfg(feature = "ed25519")]
371 InnerVerifyingKey::Ed25519(verifying_key) => verifying_key.public_key().scheme(),
372 #[cfg(feature = "secp256k1")]
373 InnerVerifyingKey::Secp256k1(verifying_key) => verifying_key.public_key().scheme(),
374 #[cfg(feature = "secp256r1")]
375 InnerVerifyingKey::Secp256r1(verifying_key) => verifying_key.public_key().scheme(),
376 }
377 }
378
379 pub fn public_key(&self) -> MultisigMemberPublicKey {
380 match &self.inner {
381 #[cfg(feature = "ed25519")]
382 InnerVerifyingKey::Ed25519(verifying_key) => {
383 MultisigMemberPublicKey::Ed25519(verifying_key.public_key())
384 }
385 #[cfg(feature = "secp256k1")]
386 InnerVerifyingKey::Secp256k1(verifying_key) => {
387 MultisigMemberPublicKey::Secp256k1(verifying_key.public_key())
388 }
389 #[cfg(feature = "secp256r1")]
390 InnerVerifyingKey::Secp256r1(verifying_key) => {
391 MultisigMemberPublicKey::Secp256r1(verifying_key.public_key())
392 }
393 }
394 }
395
396 #[cfg(feature = "pem")]
397 #[cfg_attr(doc_cfg, doc(cfg(feature = "pem")))]
398 pub fn from_der(bytes: &[u8]) -> Result<Self, SignatureError> {
400 let public_key = pkcs8::SubjectPublicKeyInfoRef::try_from(bytes)
401 .map_err(SignatureError::from_source)?;
402
403 match public_key
404 .algorithm
405 .oids()
406 .map_err(SignatureError::from_source)?
407 {
408 #[cfg(feature = "ed25519")]
409 (ed25519_dalek::pkcs8::ALGORITHM_OID, None) => public_key
410 .try_into()
411 .map(crate::ed25519::Ed25519VerifyingKey::from_dalek)
412 .map(InnerVerifyingKey::Ed25519)
413 .map_err(SignatureError::from_source),
414 #[cfg(feature = "secp256r1")]
415 (
416 p256::elliptic_curve::ALGORITHM_OID,
417 Some(<p256::NistP256 as pkcs8::AssociatedOid>::OID),
418 ) => public_key
419 .try_into()
420 .map(crate::secp256r1::Secp256r1VerifyingKey::from_p256)
421 .map(InnerVerifyingKey::Secp256r1)
422 .map_err(SignatureError::from_source),
423 #[cfg(feature = "secp256k1")]
424 (
425 k256::elliptic_curve::ALGORITHM_OID,
426 Some(<k256::Secp256k1 as pkcs8::AssociatedOid>::OID),
427 ) => public_key
428 .try_into()
429 .map(crate::secp256k1::Secp256k1VerifyingKey::from_k256)
430 .map(InnerVerifyingKey::Secp256k1)
431 .map_err(SignatureError::from_source),
432 _ => Err(SignatureError::from_source(
433 "unsupported or invalid public key type",
434 )),
435 }
436 .map(|inner| Self { inner })
437 }
438
439 #[cfg(feature = "pem")]
440 #[cfg_attr(doc_cfg, doc(cfg(feature = "pem")))]
441 pub fn to_der(&self) -> Result<Vec<u8>, SignatureError> {
443 match &self.inner {
444 #[cfg(feature = "ed25519")]
445 InnerVerifyingKey::Ed25519(verifying_key) => verifying_key.to_der(),
446 #[cfg(feature = "secp256k1")]
447 InnerVerifyingKey::Secp256k1(verifying_key) => verifying_key.to_der(),
448 #[cfg(feature = "secp256r1")]
449 InnerVerifyingKey::Secp256r1(verifying_key) => verifying_key.to_der(),
450 }
451 }
452
453 #[cfg(feature = "pem")]
454 #[cfg_attr(doc_cfg, doc(cfg(feature = "pem")))]
455 pub fn from_pem(s: &str) -> Result<Self, SignatureError> {
457 use pkcs8::der::pem::PemLabel;
458
459 let (label, doc) = pkcs8::Document::from_pem(s).map_err(SignatureError::from_source)?;
460 pkcs8::SubjectPublicKeyInfoRef::validate_pem_label(label)
461 .map_err(SignatureError::from_source)?;
462 Self::from_der(doc.as_bytes())
463 }
464
465 #[cfg(feature = "pem")]
466 #[cfg_attr(doc_cfg, doc(cfg(feature = "pem")))]
467 pub fn to_pem(&self) -> Result<String, SignatureError> {
469 match &self.inner {
470 #[cfg(feature = "ed25519")]
471 InnerVerifyingKey::Ed25519(verifying_key) => verifying_key.to_pem(),
472 #[cfg(feature = "secp256k1")]
473 InnerVerifyingKey::Secp256k1(verifying_key) => verifying_key.to_pem(),
474 #[cfg(feature = "secp256r1")]
475 InnerVerifyingKey::Secp256r1(verifying_key) => verifying_key.to_pem(),
476 }
477 }
478 }
479
480 impl Verifier<SimpleSignature> for SimpleVerifyingKey {
481 fn verify(
482 &self,
483 message: &[u8],
484 signature: &SimpleSignature,
485 ) -> Result<(), SignatureError> {
486 match &self.inner {
487 #[cfg(feature = "ed25519")]
488 InnerVerifyingKey::Ed25519(verifying_key) => {
489 verifying_key.verify(message, signature)
490 }
491 #[cfg(feature = "secp256k1")]
492 InnerVerifyingKey::Secp256k1(verifying_key) => {
493 verifying_key.verify(message, signature)
494 }
495 #[cfg(feature = "secp256r1")]
496 InnerVerifyingKey::Secp256r1(verifying_key) => {
497 verifying_key.verify(message, signature)
498 }
499 }
500 }
501 }
502
503 impl Verifier<UserSignature> for SimpleVerifyingKey {
504 fn verify(&self, message: &[u8], signature: &UserSignature) -> Result<(), SignatureError> {
505 let UserSignature::Simple(signature) = signature else {
506 return Err(SignatureError::from_source("not a simple signature"));
507 };
508
509 <Self as Verifier<SimpleSignature>>::verify(self, message, signature)
510 }
511 }
512
513 #[cfg(feature = "ed25519")]
514 #[cfg_attr(doc_cfg, doc(cfg(feature = "ed25519")))]
515 impl From<crate::ed25519::Ed25519VerifyingKey> for SimpleVerifyingKey {
516 fn from(verifying_key: crate::ed25519::Ed25519VerifyingKey) -> Self {
517 Self {
518 inner: InnerVerifyingKey::Ed25519(verifying_key),
519 }
520 }
521 }
522
523 #[cfg(feature = "secp256r1")]
524 #[cfg_attr(doc_cfg, doc(cfg(feature = "secp256r1")))]
525 impl From<crate::secp256r1::Secp256r1VerifyingKey> for SimpleVerifyingKey {
526 fn from(verifying_key: crate::secp256r1::Secp256r1VerifyingKey) -> Self {
527 Self {
528 inner: InnerVerifyingKey::Secp256r1(verifying_key),
529 }
530 }
531 }
532
533 #[cfg(feature = "secp256k1")]
534 #[cfg_attr(doc_cfg, doc(cfg(feature = "secp256k1")))]
535 impl From<crate::secp256k1::Secp256k1VerifyingKey> for SimpleVerifyingKey {
536 fn from(verifying_key: crate::secp256k1::Secp256k1VerifyingKey) -> Self {
537 Self {
538 inner: InnerVerifyingKey::Secp256k1(verifying_key),
539 }
540 }
541 }
542
543 impl crate::ToFromFlaggedBytes for SimpleKeypair {
544 type Error = crate::PrivateKeyError;
545
546 fn to_flagged_bytes(&self) -> Vec<u8> {
547 self.to_bytes()
548 }
549
550 fn from_flagged_bytes(bytes: &[u8]) -> Result<Self, crate::PrivateKeyError>
551 where
552 Self: Sized,
553 {
554 Self::from_bytes(bytes)
555 .map_err(|e| crate::PrivateKeyError::InvalidScheme(e.to_string()))
556 }
557 }
558}
559
560#[cfg(test)]
561mod tests {
562 use test_strategy::proptest;
563
564 use super::*;
565 use crate::{
566 ToFromBech32,
567 ed25519::{Ed25519PrivateKey, Ed25519VerifyingKey},
568 secp256k1::{Secp256k1PrivateKey, Secp256k1VerifyingKey},
569 secp256r1::{Secp256r1PrivateKey, Secp256r1VerifyingKey},
570 };
571
572 #[proptest]
573 fn ed25519_pem_der(signer: Ed25519PrivateKey) {
574 let public_key = signer.public_key();
577 let ed25519_der = signer.to_der().unwrap();
578 let ed25519_pem = signer.to_pem().unwrap();
579
580 let from_der = Ed25519PrivateKey::from_der(&ed25519_der).unwrap();
582 assert_eq!(from_der.public_key(), public_key);
583 let from_pem = Ed25519PrivateKey::from_pem(&ed25519_pem).unwrap();
584 assert_eq!(from_pem.public_key(), public_key);
585
586 Secp256r1PrivateKey::from_der(&ed25519_der).unwrap_err();
588 Secp256r1PrivateKey::from_pem(&ed25519_pem).unwrap_err();
589 Secp256k1PrivateKey::from_der(&ed25519_der).unwrap_err();
590 Secp256k1PrivateKey::from_pem(&ed25519_pem).unwrap_err();
591
592 let keypair_from_der = SimpleKeypair::from_der(&ed25519_der).unwrap();
594 assert_eq!(ed25519_der, keypair_from_der.to_der().unwrap());
595 let keypair_from_pem = SimpleKeypair::from_pem(&ed25519_pem).unwrap();
596 assert_eq!(ed25519_pem, keypair_from_pem.to_pem().unwrap());
597
598 let verifying_key = signer.verifying_key();
601 let der = verifying_key.to_der().unwrap();
602 let pem = verifying_key.to_pem().unwrap();
603
604 let from_der = Ed25519VerifyingKey::from_der(&der).unwrap();
606 assert_eq!(from_der.public_key(), public_key);
607 let from_pem = Ed25519VerifyingKey::from_pem(&pem).unwrap();
608 assert_eq!(from_pem.public_key(), public_key);
609
610 Secp256r1VerifyingKey::from_der(&der).unwrap_err();
612 Secp256r1VerifyingKey::from_pem(&pem).unwrap_err();
613 Secp256k1VerifyingKey::from_der(&der).unwrap_err();
614 Secp256k1VerifyingKey::from_pem(&pem).unwrap_err();
615
616 let from_der = SimpleVerifyingKey::from_der(&der).unwrap();
618 assert_eq!(der, from_der.to_der().unwrap());
619 let from_pem = SimpleVerifyingKey::from_pem(&pem).unwrap();
620 assert_eq!(pem, from_pem.to_pem().unwrap());
621 }
622
623 #[proptest]
624 fn secp256r1_pem_der(signer: Secp256r1PrivateKey) {
625 let public_key = signer.public_key();
628 let secp256r1_der = signer.to_der().unwrap();
629 let secp256r1_pem = signer.to_pem().unwrap();
630
631 let from_der = Secp256r1PrivateKey::from_der(&secp256r1_der).unwrap();
633 assert_eq!(from_der.public_key(), public_key);
634 let from_pem = Secp256r1PrivateKey::from_pem(&secp256r1_pem).unwrap();
635 assert_eq!(from_pem.public_key(), public_key);
636
637 Ed25519PrivateKey::from_der(&secp256r1_der).unwrap_err();
639 Ed25519PrivateKey::from_pem(&secp256r1_pem).unwrap_err();
640 Secp256k1PrivateKey::from_der(&secp256r1_der).unwrap_err();
641 Secp256k1PrivateKey::from_pem(&secp256r1_pem).unwrap_err();
642
643 let keypair_from_der = SimpleKeypair::from_der(&secp256r1_der).unwrap();
645 assert_eq!(secp256r1_der, keypair_from_der.to_der().unwrap());
646 let keypair_from_pem = SimpleKeypair::from_pem(&secp256r1_pem).unwrap();
647 assert_eq!(secp256r1_pem, keypair_from_pem.to_pem().unwrap());
648
649 let verifying_key = signer.verifying_key();
652 let der = verifying_key.to_der().unwrap();
653 let pem = verifying_key.to_pem().unwrap();
654
655 let from_der = Secp256r1VerifyingKey::from_der(&der).unwrap();
657 assert_eq!(from_der.public_key(), public_key);
658 let from_pem = Secp256r1VerifyingKey::from_pem(&pem).unwrap();
659 assert_eq!(from_pem.public_key(), public_key);
660
661 Ed25519VerifyingKey::from_der(&der).unwrap_err();
663 Ed25519VerifyingKey::from_pem(&pem).unwrap_err();
664 Secp256k1VerifyingKey::from_der(&der).unwrap_err();
665 Secp256k1VerifyingKey::from_pem(&pem).unwrap_err();
666
667 let from_der = SimpleVerifyingKey::from_der(&der).unwrap();
669 assert_eq!(der, from_der.to_der().unwrap());
670 let from_pem = SimpleVerifyingKey::from_pem(&pem).unwrap();
671 assert_eq!(pem, from_pem.to_pem().unwrap());
672 }
673
674 #[proptest]
675 fn secp256k1_pem_der(signer: Secp256k1PrivateKey) {
676 let public_key = signer.public_key();
679 let secp256k1_der = signer.to_der().unwrap();
680 let secp256k1_pem = signer.to_pem().unwrap();
681
682 let from_der = Secp256k1PrivateKey::from_der(&secp256k1_der).unwrap();
684 assert_eq!(from_der.public_key(), public_key);
685 let from_pem = Secp256k1PrivateKey::from_pem(&secp256k1_pem).unwrap();
686 assert_eq!(from_pem.public_key(), public_key);
687
688 Ed25519PrivateKey::from_der(&secp256k1_der).unwrap_err();
690 Ed25519PrivateKey::from_pem(&secp256k1_pem).unwrap_err();
691 Secp256r1PrivateKey::from_der(&secp256k1_der).unwrap_err();
692 Secp256r1PrivateKey::from_pem(&secp256k1_pem).unwrap_err();
693
694 let keypair_from_der = SimpleKeypair::from_der(&secp256k1_der).unwrap();
696 assert_eq!(secp256k1_der, keypair_from_der.to_der().unwrap());
697 let keypair_from_pem = SimpleKeypair::from_pem(&secp256k1_pem).unwrap();
698 assert_eq!(secp256k1_pem, keypair_from_pem.to_pem().unwrap());
699
700 let verifying_key = signer.verifying_key();
703 let der = verifying_key.to_der().unwrap();
704 let pem = verifying_key.to_pem().unwrap();
705
706 let from_der = Secp256k1VerifyingKey::from_der(&der).unwrap();
708 assert_eq!(from_der.public_key(), public_key);
709 let from_pem = Secp256k1VerifyingKey::from_pem(&pem).unwrap();
710 assert_eq!(from_pem.public_key(), public_key);
711
712 Ed25519VerifyingKey::from_der(&der).unwrap_err();
714 Ed25519VerifyingKey::from_pem(&pem).unwrap_err();
715 Secp256r1VerifyingKey::from_der(&der).unwrap_err();
716 Secp256r1VerifyingKey::from_pem(&pem).unwrap_err();
717
718 let from_der = SimpleVerifyingKey::from_der(&der).unwrap();
720 assert_eq!(der, from_der.to_der().unwrap());
721 let from_pem = SimpleVerifyingKey::from_pem(&pem).unwrap();
722 assert_eq!(pem, from_pem.to_pem().unwrap());
723 }
724
725 #[cfg(feature = "bech32")]
726 #[test]
727 fn test_bech32_roundtrip_ed25519() {
728 use rand::{SeedableRng, rngs::StdRng};
729
730 let keypair: SimpleKeypair = Ed25519PrivateKey::generate(StdRng::from_seed([1; 32])).into();
731 let encoded = keypair.to_bech32().unwrap();
732 let decoded = SimpleKeypair::from_bech32(&encoded).unwrap();
733 assert_eq!(keypair.public_key(), decoded.public_key());
734
735 let re_encoded = decoded.to_bech32().unwrap();
737 assert_eq!(encoded, re_encoded);
738 }
739
740 #[cfg(feature = "bech32")]
741 #[test]
742 fn test_bech32_roundtrip_secp256k1() {
743 use rand::{SeedableRng, rngs::StdRng};
744
745 let keypair: SimpleKeypair =
746 Secp256k1PrivateKey::generate(StdRng::from_seed([2; 32])).into();
747 let encoded = keypair.to_bech32().unwrap();
748 let decoded = SimpleKeypair::from_bech32(&encoded).unwrap();
749 assert_eq!(keypair.public_key(), decoded.public_key());
750
751 let re_encoded = decoded.to_bech32().unwrap();
753 assert_eq!(encoded, re_encoded);
754 }
755
756 #[cfg(feature = "bech32")]
757 #[test]
758 fn test_bech32_roundtrip_secp256r1() {
759 use rand::{SeedableRng, rngs::StdRng};
760
761 let keypair: SimpleKeypair =
762 Secp256r1PrivateKey::generate(StdRng::from_seed([3; 32])).into();
763 let encoded = keypair.to_bech32().unwrap();
764 let decoded = SimpleKeypair::from_bech32(&encoded).unwrap();
765 assert_eq!(keypair.public_key(), decoded.public_key());
766
767 let re_encoded = decoded.to_bech32().unwrap();
769 assert_eq!(encoded, re_encoded);
770 }
771
772 #[cfg(feature = "bech32")]
773 #[test]
774 fn test_bech32_invalid_hrp() {
775 let invalid_hrp =
776 "invalidprivkey1qzdlfxn2qa2lj5uprl8pyhexs02sg2wrhdy7qaq50cqgnffw4c247zslwv6";
777 let result = SimpleKeypair::from_bech32(invalid_hrp);
778 assert!(result.is_err());
779 }
780
781 #[cfg(feature = "bech32")]
782 #[test]
783 fn test_bech32_invalid_data() {
784 let invalid_data = "iotaprivkey1invalid";
785 let result = SimpleKeypair::from_bech32(invalid_data);
786 assert!(result.is_err());
787 }
788}