ssi_crypto/
verification.rs

1use crate::{Algorithm, AlgorithmInstance, PublicKey};
2
3#[derive(Debug, thiserror::Error)]
4pub enum VerificationError {
5    #[error("unsupported algorithm `{0}`")]
6    UnsupportedAlgorithm(Algorithm),
7
8    #[error("secret key is not compatible with the signature algorithm")]
9    IncompatibleKey,
10
11    #[error("invalid signature")]
12    InvalidSignature,
13}
14
15impl AlgorithmInstance {
16    #[allow(unused)]
17    pub fn verify(
18        &self,
19        key: &PublicKey,
20        signing_bytes: &[u8],
21        signature_bytes: &[u8],
22    ) -> Result<bool, VerificationError> {
23        match self {
24            #[cfg(feature = "ed25519")]
25            Self::EdDSA => match key {
26                PublicKey::Ed25519(key) => {
27                    use ed25519_dalek::Verifier;
28                    let signature: ed25519_dalek::Signature = signature_bytes
29                        .try_into()
30                        .map_err(|_| VerificationError::InvalidSignature)?;
31                    Ok(key.verify(signing_bytes, &signature).is_ok())
32                }
33                #[allow(unreachable_patterns)]
34                _ => Err(VerificationError::IncompatibleKey),
35            },
36            #[cfg(feature = "secp256k1")]
37            Self::ES256K => match key {
38                PublicKey::Secp256k1(key) => {
39                    use k256::ecdsa::signature::Verifier;
40                    let verifying_key = k256::ecdsa::VerifyingKey::from(key);
41                    let sig = k256::ecdsa::Signature::try_from(signature_bytes)
42                        .map_err(|_| VerificationError::InvalidSignature)?;
43                    Ok(verifying_key.verify(signing_bytes, &sig).is_ok())
44                }
45                #[allow(unreachable_patterns)]
46                _ => Err(VerificationError::IncompatibleKey),
47            },
48            #[cfg(feature = "secp256r1")]
49            Self::ES256 => match key {
50                PublicKey::P256(key) => {
51                    use p256::ecdsa::signature::Verifier;
52                    let verifying_key = p256::ecdsa::VerifyingKey::from(key);
53                    let sig = p256::ecdsa::Signature::try_from(signature_bytes)
54                        .map_err(|_| VerificationError::InvalidSignature)?;
55                    Ok(verifying_key.verify(signing_bytes, &sig).is_ok())
56                }
57                #[allow(unreachable_patterns)]
58                _ => Err(VerificationError::IncompatibleKey),
59            },
60            #[cfg(feature = "secp384r1")]
61            Self::ES384 => match key {
62                PublicKey::P384(key) => {
63                    use p384::ecdsa::signature::Verifier;
64                    let verifying_key = p384::ecdsa::VerifyingKey::from(key);
65                    let sig = p384::ecdsa::Signature::try_from(signature_bytes)
66                        .map_err(|_| VerificationError::InvalidSignature)?;
67                    Ok(verifying_key.verify(signing_bytes, &sig).is_ok())
68                }
69                #[allow(unreachable_patterns)]
70                _ => Err(VerificationError::IncompatibleKey),
71            },
72            other => Err(VerificationError::UnsupportedAlgorithm(other.algorithm())),
73        }
74    }
75}
ssi_crypto/verification.rs

ssi_crypto/
verification.rs
