relay-crypto 0.1.0

The crypto library for the Relay Ecosystem.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

//! Tested in the integration tests `sign.rs` and `sign_e2e.rs`

use ed25519_dalek::ed25519::signature::Signer as _;

use crate::{crypto::CryptoError, record::KeyRecord};
use relay_core::signed::Signed;

/// Sing a blob of data with the given Ed25519 signing key.
pub fn sign(data: &[u8], key: &ed25519_dalek::SigningKey) -> Signed {
    let signature = key.sign(data);
    Signed {
        payload: data.to_vec(),
        sig: Some(signature.to_bytes().to_vec()),
    }
}

/// Verify the signature of a Signed payload using the provided KeyRecord's Ed25519 public key.
pub fn verify(signed: &Signed, record: &KeyRecord) -> Result<(), CryptoError> {
    if let Some(sig_bytes) = &signed.sig {
        if record.is_expired() {
            return Err(CryptoError::ExpiredKeyRecord);
        }

        let key = record
            .signing_key()
            .map_err(|_| CryptoError::BadPublicSignatureKey)?;
        let signature = ed25519_dalek::Signature::from_slice(sig_bytes)
            .map_err(|_| CryptoError::BadSignature)?;
        key.verify_strict(&signed.payload, &signature)
            .map_err(|_| CryptoError::BadSignature)
    } else {
        Err(CryptoError::MissingSignature)
    }
}