wsc 0.9.0

WebAssembly Signature Component - WASM signing and verification toolkit
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300

use crate::signature::*;
use crate::wasm_module::*;

use log::*;

impl Module {
    /// Print the structure of a module to the standard output, mainly for debugging purposes.
    ///
    /// Set `verbose` to `true` in order to also print details about signature data.
    pub fn show(&self, verbose: bool) -> Result<(), WSError> {
        for (idx, section) in self.sections.iter().enumerate() {
            println!("{}:\t{}", idx, section.display(verbose));
        }
        Ok(())
    }

    /// Prepare a module for partial verification.
    ///
    /// The predicate should return `true` if a section is part of a set that can be verified,
    /// and `false` if the section can be ignored during verification.
    ///
    /// It is highly recommended to always include the standard sections in the signed set.
    pub fn split<P>(self, mut predicate: P) -> Result<Module, WSError>
    where
        P: FnMut(&Section) -> bool,
    {
        let mut out_sections = vec![];
        let mut flip = false;
        let mut last_was_delimiter = false;
        for (idx, section) in self.sections.into_iter().enumerate() {
            if section.is_signature_header() {
                info!("Module is already signed");
                out_sections.push(section);
                continue;
            }
            if section.is_signature_delimiter() {
                out_sections.push(section);
                last_was_delimiter = true;
                continue;
            }
            let section_can_be_signed = predicate(&section);
            if idx == 0 {
                flip = !section_can_be_signed;
            } else if section_can_be_signed == flip {
                if !last_was_delimiter {
                    let delimiter = new_delimiter_section()?;
                    out_sections.push(delimiter);
                }
                flip = !flip;
            }
            out_sections.push(section);
            last_was_delimiter = false;
        }
        if let Some(last_section) = out_sections.last()
            && !last_section.is_signature_delimiter()
        {
            let delimiter = new_delimiter_section()?;
            out_sections.push(delimiter);
        }
        Ok(Module {
            header: self.header,
            sections: out_sections,
        })
    }

    /// Detach the signature from a signed module.
    ///
    /// This function returns the module without the embedded signature,
    /// as well as the detached signature as a byte string.
    pub fn detach_signature(mut self) -> Result<(Module, Vec<u8>), WSError> {
        let mut out_sections = vec![];
        let mut sections = self.sections.into_iter();
        let detached_signature = match sections.next() {
            None => return Err(WSError::NoSignatures),
            Some(section) => {
                if !section.is_signature_header() {
                    return Err(WSError::NoSignatures);
                }
                section.payload().to_vec()
            }
        };
        for section in sections {
            out_sections.push(section);
        }
        self.sections = out_sections;
        debug!("Signature detached");
        Ok((self, detached_signature))
    }

    /// Embed a detached signature into a module.
    /// This function returns the module with embedded signature.
    pub fn attach_signature(mut self, detached_signature: &[u8]) -> Result<Module, WSError> {
        let mut out_sections = vec![];
        let sections = self.sections.into_iter();
        let signature_header = Section::Custom(CustomSection::new(
            SIGNATURE_SECTION_HEADER_NAME.to_string(),
            detached_signature.to_vec(),
        ));
        out_sections.push(signature_header);
        for section in sections {
            if section.is_signature_header() {
                return Err(WSError::SignatureAlreadyAttached);
            }
            out_sections.push(section);
        }
        self.sections = out_sections;
        debug!("Signature attached");
        Ok(self)
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    fn create_test_module() -> Module {
        Module {
            header: [0x00, 0x61, 0x73, 0x6d, 0x01, 0x00, 0x00, 0x00],
            sections: vec![
                Section::Standard(StandardSection::new(SectionId::Type, vec![1, 2, 3])),
                Section::Standard(StandardSection::new(SectionId::Function, vec![4, 5, 6])),
                Section::Standard(StandardSection::new(SectionId::Code, vec![7, 8, 9])),
            ],
        }
    }

    #[test]
    fn test_detach_signature_no_signatures() {
        let module = create_test_module();
        let result = module.detach_signature();
        assert!(result.is_err());
        assert!(matches!(result.unwrap_err(), WSError::NoSignatures));
    }

    #[test]
    fn test_detach_signature_with_signature() {
        let signature_data = vec![1, 2, 3, 4, 5];
        let module = Module {
            header: [0x00, 0x61, 0x73, 0x6d, 0x01, 0x00, 0x00, 0x00],
            sections: vec![
                Section::Custom(CustomSection::new(
                    SIGNATURE_SECTION_HEADER_NAME.to_string(),
                    signature_data.clone(),
                )),
                Section::Standard(StandardSection::new(SectionId::Type, vec![1, 2, 3])),
                Section::Standard(StandardSection::new(SectionId::Code, vec![4, 5, 6])),
            ],
        };

        let result = module.detach_signature();
        assert!(result.is_ok());
        let (new_module, detached_sig) = result.unwrap();
        assert_eq!(detached_sig, signature_data);
        assert_eq!(new_module.sections.len(), 2);
        assert!(!new_module.sections[0].is_signature_header());
    }

    #[test]
    fn test_attach_signature() {
        let module = create_test_module();
        let signature_data = vec![10, 20, 30];

        let result = module.attach_signature(&signature_data);
        assert!(result.is_ok());
        let signed_module = result.unwrap();

        // First section should be the signature
        assert_eq!(signed_module.sections.len(), 4);
        assert!(signed_module.sections[0].is_signature_header());
        assert_eq!(signed_module.sections[0].payload(), &signature_data);
    }

    #[test]
    fn test_attach_signature_already_signed() {
        let signature_data = vec![1, 2, 3];
        let module = Module {
            header: [0x00, 0x61, 0x73, 0x6d, 0x01, 0x00, 0x00, 0x00],
            sections: vec![
                Section::Custom(CustomSection::new(
                    SIGNATURE_SECTION_HEADER_NAME.to_string(),
                    signature_data.clone(),
                )),
                Section::Standard(StandardSection::new(SectionId::Code, vec![4, 5, 6])),
            ],
        };

        let new_signature = vec![7, 8, 9];
        let result = module.attach_signature(&new_signature);
        assert!(result.is_err());
        assert!(matches!(
            result.unwrap_err(),
            WSError::SignatureAlreadyAttached
        ));
    }

    #[test]
    fn test_split_all_sections() {
        let module = create_test_module();

        // Predicate that includes all sections
        let result = module.split(|_| true);
        assert!(result.is_ok());
        let split_module = result.unwrap();

        // Should have original sections plus a delimiter at the end
        assert!(split_module.sections.len() >= 3);
        assert!(
            split_module
                .sections
                .last()
                .unwrap()
                .is_signature_delimiter()
        );
    }

    #[test]
    fn test_split_no_sections() {
        let module = create_test_module();

        // Predicate that includes no sections
        let result = module.split(|_| false);
        assert!(result.is_ok());
        let split_module = result.unwrap();

        // Should have delimiters inserted
        assert!(split_module.sections.len() > 3);
    }

    #[test]
    fn test_split_with_existing_signature() {
        let module = Module {
            header: [0x00, 0x61, 0x73, 0x6d, 0x01, 0x00, 0x00, 0x00],
            sections: vec![
                Section::Custom(CustomSection::new(
                    SIGNATURE_SECTION_HEADER_NAME.to_string(),
                    vec![1, 2, 3],
                )),
                Section::Standard(StandardSection::new(SectionId::Type, vec![4, 5, 6])),
            ],
        };

        let result = module.split(|_| true);
        assert!(result.is_ok());
        let split_module = result.unwrap();

        // Signature header should be preserved
        assert!(split_module.sections[0].is_signature_header());
    }

    #[test]
    fn test_split_selective() {
        let module = create_test_module();

        // Only include Type sections
        let result = module.split(|section| matches!(section.id(), SectionId::Type));
        assert!(result.is_ok());
        let split_module = result.unwrap();

        // Should have delimiters between different section types
        let has_delimiter = split_module
            .sections
            .iter()
            .any(|s| s.is_signature_delimiter());
        assert!(has_delimiter);
    }

    #[test]
    fn test_show_non_verbose() {
        let module = create_test_module();
        // Just verify it doesn't crash
        let result = module.show(false);
        assert!(result.is_ok());
    }

    #[test]
    fn test_show_verbose() {
        let module = create_test_module();
        // Just verify it doesn't crash
        let result = module.show(true);
        assert!(result.is_ok());
    }

    #[test]
    fn test_detach_attach_roundtrip() {
        let signature_data = vec![42, 43, 44];
        let original_module = create_test_module();

        // Attach a signature
        let signed_module = original_module.attach_signature(&signature_data).unwrap();

        // Detach it
        let (unsigned_module, detached_sig) = signed_module.detach_signature().unwrap();

        // Verify the signature matches
        assert_eq!(detached_sig, signature_data);

        // Verify we're back to original structure (same number of sections)
        assert_eq!(unsigned_module.sections.len(), 3);
    }
}