rns-embedded-core 0.5.1

Embedded-friendly Reticulum core primitives for no-std and constrained runtimes.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90

use crate::{EmbeddedError, EmbeddedResult};

#[derive(Debug, Clone, Eq, PartialEq)]
pub struct EmbeddedIdentity {
    pub id: [u8; 32],
    pub verify_key: [u8; 32],
}

impl EmbeddedIdentity {
    pub fn new(id: [u8; 32], verify_key: [u8; 32]) -> EmbeddedResult<Self> {
        if id == [0; 32] || verify_key == [0; 32] {
            return Err(EmbeddedError::InvalidInput);
        }
        Ok(Self { id, verify_key })
    }
}

pub trait IdentityProvider {
    fn active_identity(&self) -> EmbeddedResult<EmbeddedIdentity>;
}

#[derive(Debug, Clone, Eq, PartialEq)]
pub struct Signature(pub [u8; 64]);

pub trait PayloadSigner {
    fn sign(&self, payload: &[u8]) -> EmbeddedResult<Signature>;
}

pub trait PayloadVerifier {
    fn verify(&self, payload: &[u8], signature: &Signature) -> EmbeddedResult<bool>;
}

pub fn sign_payload(signer: &dyn PayloadSigner, payload: &[u8]) -> EmbeddedResult<Signature> {
    if payload.is_empty() {
        return Err(EmbeddedError::InvalidInput);
    }
    signer.sign(payload)
}

pub fn verify_payload(
    verifier: &dyn PayloadVerifier,
    payload: &[u8],
    signature: &Signature,
) -> EmbeddedResult<bool> {
    if payload.is_empty() {
        return Err(EmbeddedError::InvalidInput);
    }
    verifier.verify(payload, signature)
}

#[cfg(test)]
mod tests {
    use super::{sign_payload, verify_payload, PayloadSigner, PayloadVerifier, Signature};
    use crate::{hash::digest32, EmbeddedError, EmbeddedResult};

    struct FakeCrypto;

    impl PayloadSigner for FakeCrypto {
        fn sign(&self, payload: &[u8]) -> EmbeddedResult<Signature> {
            let digest = digest32(payload);
            let mut sig = [0_u8; 64];
            sig[..32].copy_from_slice(&digest);
            sig[32..].copy_from_slice(&digest);
            Ok(Signature(sig))
        }
    }

    impl PayloadVerifier for FakeCrypto {
        fn verify(&self, payload: &[u8], signature: &Signature) -> EmbeddedResult<bool> {
            let expected = self.sign(payload)?;
            Ok(signature == &expected)
        }
    }

    #[test]
    fn sign_then_verify() {
        let crypto = FakeCrypto;
        let payload = b"embedded-node";
        let signature = sign_payload(&crypto, payload).expect("sign");
        assert!(verify_payload(&crypto, payload, &signature).expect("verify"));
        assert!(!verify_payload(&crypto, b"different", &signature).expect("verify mismatch"));
    }

    #[test]
    fn empty_payload_is_rejected() {
        let crypto = FakeCrypto;
        let err = sign_payload(&crypto, b"").expect_err("empty payload rejected");
        assert_eq!(err, EmbeddedError::InvalidInput);
    }
}