From af0845c8322cb135bf219b4f0b186080e22af698 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Mur=C3=A9?= Date: Mon, 28 Jul 2025 18:40:45 +0200 Subject: [PATCH] Remove support for varsig v0 --- common.go | 44 ++++++++++++------------- common_test.go | 27 ++++++++------- constant.go | 86 +++++++++++++++++------------------------------- constant_test.go | 32 +++--------------- ecdsa.go | 74 ++++++----------------------------------- eddsa.go | 71 ++++++--------------------------------- eddsa_test.go | 52 +---------------------------- error.go | 14 -------- option.go | 45 ------------------------- registry.go | 8 +++-- registry_test.go | 43 ++++-------------------- rsa.go | 47 +++++++------------------- rsa_test.go | 60 ++++----------------------------- varsig.go | 67 ++----------------------------------- varsig_test.go | 44 ------------------------- 15 files changed, 123 insertions(+), 591 deletions(-) delete mode 100644 option.go diff --git a/common.go b/common.go index 723f634..bca1778 100644 --- a/common.go +++ b/common.go @@ -4,70 +4,70 @@ import "fmt" // [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms -// Ed25519 produces a varsig for EdDSA using Ed25519 curve. +// Ed25519 produces a varsig for EdDSA using the Ed25519 curve. // This algorithm is defined in [IANA JOSE specification]. -func Ed25519(payloadEncoding PayloadEncoding, opts ...Option) (EdDSAVarsig, error) { - return NewEdDSAVarsig(CurveEd25519, HashSha2_512, payloadEncoding, opts...) +func Ed25519(payloadEncoding PayloadEncoding) EdDSAVarsig { + return NewEdDSAVarsig(CurveEd25519, HashSha2_512, payloadEncoding) } -// Ed448 produces a varsig for EdDSA using Ed448 curve. +// Ed448 produces a varsig for EdDSA using the Ed448 curve. // This algorithm is defined in [IANA JOSE specification]. -func Ed448(payloadEncoding PayloadEncoding, opts ...Option) (EdDSAVarsig, error) { - return NewEdDSAVarsig(CurveEd448, HashShake_256, payloadEncoding, opts...) +func Ed448(payloadEncoding PayloadEncoding) EdDSAVarsig { + return NewEdDSAVarsig(CurveEd448, HashShake_256, payloadEncoding) } // RS256 produces a varsig for RSASSA-PKCS1-v1_5 using SHA-256. // This algorithm is defined in [IANA JOSE specification]. -func RS256(keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (RSAVarsig, error) { - return NewRSAVarsig(HashSha2_256, keyLength, payloadEncoding, opts...) +func RS256(keyLength uint64, payloadEncoding PayloadEncoding) RSAVarsig { + return NewRSAVarsig(HashSha2_256, keyLength, payloadEncoding) } // RS384 produces a varsig for RSASSA-PKCS1-v1_5 using SHA-384. // This algorithm is defined in [IANA JOSE specification]. -func RS384(keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (RSAVarsig, error) { - return NewRSAVarsig(HashSha2_384, keyLength, payloadEncoding, opts...) +func RS384(keyLength uint64, payloadEncoding PayloadEncoding) RSAVarsig { + return NewRSAVarsig(HashSha2_384, keyLength, payloadEncoding) } // RS512 produces a varsig for RSASSA-PKCS1-v1_5 using SHA-512. // This algorithm is defined in [IANA JOSE specification]. -func RS512(keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (RSAVarsig, error) { - return NewRSAVarsig(HashSha2_512, keyLength, payloadEncoding, opts...) +func RS512(keyLength uint64, payloadEncoding PayloadEncoding) RSAVarsig { + return NewRSAVarsig(HashSha2_512, keyLength, payloadEncoding) } // ES256 produces a varsig for ECDSA using P-256 and SHA-256. // This algorithm is defined in [IANA JOSE specification]. -func ES256(payloadEncoding PayloadEncoding, opts ...Option) (ECDSAVarsig, error) { - return NewECDSAVarsig(CurveP256, HashSha2_256, payloadEncoding, opts...) +func ES256(payloadEncoding PayloadEncoding) ECDSAVarsig { + return NewECDSAVarsig(CurveP256, HashSha2_256, payloadEncoding) } // ES256K produces a varsig for ECDSA using secp256k1 curve and SHA-256. // This algorithm is defined in [IANA JOSE specification]. -func ES256K(payloadEncoding PayloadEncoding, opts ...Option) (ECDSAVarsig, error) { - return NewECDSAVarsig(CurveSecp256k1, HashSha2_256, payloadEncoding, opts...) +func ES256K(payloadEncoding PayloadEncoding) ECDSAVarsig { + return NewECDSAVarsig(CurveSecp256k1, HashSha2_256, payloadEncoding) } // ES384 produces a varsig for ECDSA using P-384 and SHA-384. // This algorithm is defined in [IANA JOSE specification]. -func ES384(payloadEncoding PayloadEncoding, opts ...Option) (ECDSAVarsig, error) { - return NewECDSAVarsig(CurveP384, HashSha2_384, payloadEncoding, opts...) +func ES384(payloadEncoding PayloadEncoding) ECDSAVarsig { + return NewECDSAVarsig(CurveP384, HashSha2_384, payloadEncoding) } // ES512 produces a varsig for ECDSA using P-521 and SHA-512. // This algorithm is defined in [IANA JOSE specification]. -func ES512(payloadEncoding PayloadEncoding, opts ...Option) (ECDSAVarsig, error) { - return NewECDSAVarsig(CurveP521, HashSha2_512, payloadEncoding, opts...) +func ES512(payloadEncoding PayloadEncoding) ECDSAVarsig { + return NewECDSAVarsig(CurveP521, HashSha2_512, payloadEncoding) } // EIP191 produces a varsig for ECDSA using the Secp256k1 curve, Keccak256 and encoded // with the "personal_sign" format defined by [EIP191]. // payloadEncoding must be either PayloadEncodingEIP191Raw or PayloadEncodingEIP191Cbor. // [EIP191]: https://eips.ethereum.org/EIPS/eip-191 -func EIP191(payloadEncoding PayloadEncoding, opts ...Option) (ECDSAVarsig, error) { +func EIP191(payloadEncoding PayloadEncoding) (ECDSAVarsig, error) { switch payloadEncoding { case PayloadEncodingEIP191Raw, PayloadEncodingEIP191Cbor: default: return ECDSAVarsig{}, fmt.Errorf("%w for EIP191: %v", ErrUnsupportedPayloadEncoding, payloadEncoding) } - return NewECDSAVarsig(CurveSecp256k1, HashKeccak256, payloadEncoding, opts...) + return NewECDSAVarsig(CurveSecp256k1, HashKeccak_256, payloadEncoding), nil } diff --git a/common_test.go b/common_test.go index 48be985..f749af1 100644 --- a/common_test.go +++ b/common_test.go @@ -19,47 +19,47 @@ func TestRoundTrip(t *testing.T) { // Arbitrary use of presets { name: "Ed25519", - varsig: must(varsig.Ed25519(varsig.PayloadEncodingDAGCBOR)), + varsig: varsig.Ed25519(varsig.PayloadEncodingDAGCBOR), dataHex: "3401ed01ed011371", }, { name: "Ed448", - varsig: must(varsig.Ed448(varsig.PayloadEncodingDAGCBOR)), + varsig: varsig.Ed448(varsig.PayloadEncodingDAGCBOR), dataHex: "3401ed0183241971", }, { name: "RS256", - varsig: must(varsig.RS256(0x100, varsig.PayloadEncodingDAGCBOR)), + varsig: varsig.RS256(0x100, varsig.PayloadEncodingDAGCBOR), dataHex: "3401852412800271", }, { name: "RS384", - varsig: must(varsig.RS384(0x100, varsig.PayloadEncodingDAGCBOR)), + varsig: varsig.RS384(0x100, varsig.PayloadEncodingDAGCBOR), dataHex: "3401852420800271", }, { name: "RS512", - varsig: must(varsig.RS512(0x100, varsig.PayloadEncodingDAGCBOR)), + varsig: varsig.RS512(0x100, varsig.PayloadEncodingDAGCBOR), dataHex: "3401852413800271", }, { name: "ES256", - varsig: must(varsig.ES256(varsig.PayloadEncodingDAGCBOR)), + varsig: varsig.ES256(varsig.PayloadEncodingDAGCBOR), dataHex: "3401ec0180241271", }, { name: "ES256K", - varsig: must(varsig.ES256K(varsig.PayloadEncodingDAGCBOR)), + varsig: varsig.ES256K(varsig.PayloadEncodingDAGCBOR), dataHex: "3401ec01e7011271", }, { name: "ES384", - varsig: must(varsig.ES384(varsig.PayloadEncodingDAGCBOR)), + varsig: varsig.ES384(varsig.PayloadEncodingDAGCBOR), dataHex: "3401ec0181242071", }, { name: "ES512", - varsig: must(varsig.ES512(varsig.PayloadEncodingDAGCBOR)), + varsig: varsig.ES512(varsig.PayloadEncodingDAGCBOR), dataHex: "3401ec0182241371", }, { @@ -71,22 +71,22 @@ func TestRoundTrip(t *testing.T) { // from https://github.com/hugomrdias/iso-repo/blob/main/packages/iso-ucan/test/varsig.test.js { name: "RS256+RAW", - varsig: must(varsig.RS256(256, varsig.PayloadEncodingVerbatim)), + varsig: varsig.RS256(256, varsig.PayloadEncodingVerbatim), dataBytes: []byte{52, 1, 133, 36, 18, 128, 2, 95}, }, { name: "ES256+RAW", - varsig: must(varsig.ES256(varsig.PayloadEncodingVerbatim)), + varsig: varsig.ES256(varsig.PayloadEncodingVerbatim), dataBytes: []byte{52, 1, 236, 1, 128, 36, 18, 95}, }, { name: "ES512+RAW", - varsig: must(varsig.ES512(varsig.PayloadEncodingVerbatim)), + varsig: varsig.ES512(varsig.PayloadEncodingVerbatim), dataBytes: []byte{52, 1, 236, 1, 130, 36, 19, 95}, }, { name: "ES256K+RAW", - varsig: must(varsig.ES256K(varsig.PayloadEncodingVerbatim)), + varsig: varsig.ES256K(varsig.PayloadEncodingVerbatim), dataBytes: []byte{52, 1, 236, 1, 231, 1, 18, 95}, }, { @@ -117,7 +117,6 @@ func TestRoundTrip(t *testing.T) { require.Equal(t, tc.varsig.Version(), rt.Version()) require.Equal(t, tc.varsig.Discriminator(), rt.Discriminator()) require.Equal(t, tc.varsig.PayloadEncoding(), rt.PayloadEncoding()) - require.Equal(t, tc.varsig.Signature(), rt.Signature()) switch vs := tc.varsig.(type) { case varsig.EdDSAVarsig: diff --git a/constant.go b/constant.go index 6e57953..a7cafc6 100644 --- a/constant.go +++ b/constant.go @@ -37,8 +37,14 @@ const ( HashShake_256 = Hash(0x19) - HashKeccak256 = Hash(0x1b) - HashKeccak512 = Hash(0x1d) + HashKeccak_256 = Hash(0x1b) + HashKeccak_512 = Hash(0x1d) + + // You should likely not use those: + HashRipemd_160 = Hash(0x1053) + HashMd4 = Hash(0xd4) + HashMd5 = Hash(0xd5) + HashSha1 = Hash(0x11) ) // DecodeHashAlgorithm reads and validates the expected hash algorithm @@ -67,8 +73,12 @@ func DecodeHashAlgorithm(r BytesReader) (Hash, error) { HashBlake2b_384, HashBlake2b_512, HashShake_256, - HashKeccak256, - HashKeccak512: + HashKeccak_256, + HashKeccak_512, + HashRipemd_160, + HashMd4, + HashMd5, + HashSha1: return h, nil default: return HashUnspecified, fmt.Errorf("%w: %x", ErrUnknownHash, h) @@ -82,7 +92,6 @@ type PayloadEncoding int // Constant values that allow Varsig implementations to specify how the // payload content is encoded before being hashed. -// In varsig >= v1, only canonical encoding is allowed. const ( PayloadEncodingUnspecified = PayloadEncoding(iota) PayloadEncodingVerbatim @@ -105,67 +114,34 @@ const ( // DecodePayloadEncoding reads and validates the expected canonical payload // encoding of the data to be signed. -func DecodePayloadEncoding(r BytesReader, vers Version) (PayloadEncoding, error) { +func DecodePayloadEncoding(r BytesReader) (PayloadEncoding, error) { seg1, err := binary.ReadUvarint(r) if err != nil { return PayloadEncodingUnspecified, fmt.Errorf("%w: %w", ErrUnsupportedPayloadEncoding, err) } - switch vers { - case Version0: - switch seg1 { - case encodingSegmentVerbatim: - return PayloadEncodingVerbatim, nil - case encodingSegmentDAGPB: - return PayloadEncodingDAGPB, nil - case encodingSegmentDAGCBOR: - return PayloadEncodingDAGCBOR, nil - case encodingSegmentDAGJSON: - return PayloadEncodingDAGJSON, nil - case encodingSegmentEIP191: - seg2, err := binary.ReadUvarint(r) - if err != nil { - return PayloadEncodingUnspecified, fmt.Errorf("%w: incomplete EIP191 encoding: %w", ErrUnsupportedPayloadEncoding, err) - } - switch seg2 { - case encodingSegmentVerbatim: - return PayloadEncodingEIP191Raw, nil - case encodingSegmentDAGCBOR: - return PayloadEncodingEIP191Cbor, nil - default: - return PayloadEncodingUnspecified, fmt.Errorf("%w: version=%d, encoding=%x+%x", ErrUnsupportedPayloadEncoding, vers, seg1, seg2) - } - case encodingSegmentJWT: - return PayloadEncodingJWT, nil - default: - return PayloadEncodingUnspecified, fmt.Errorf("%w: version=%d, encoding=%x", ErrUnsupportedPayloadEncoding, vers, seg1) + switch seg1 { + case encodingSegmentVerbatim: + return PayloadEncodingVerbatim, nil + case encodingSegmentDAGCBOR: + return PayloadEncodingDAGCBOR, nil + case encodingSegmentDAGJSON: + return PayloadEncodingDAGJSON, nil + case encodingSegmentEIP191: + seg2, err := binary.ReadUvarint(r) + if err != nil { + return PayloadEncodingUnspecified, fmt.Errorf("%w: incomplete EIP191 encoding: %w", ErrUnsupportedPayloadEncoding, err) } - case Version1: - switch seg1 { + switch seg2 { case encodingSegmentVerbatim: - return PayloadEncodingVerbatim, nil + return PayloadEncodingEIP191Raw, nil case encodingSegmentDAGCBOR: - return PayloadEncodingDAGCBOR, nil - case encodingSegmentDAGJSON: - return PayloadEncodingDAGJSON, nil - case encodingSegmentEIP191: - seg2, err := binary.ReadUvarint(r) - if err != nil { - return PayloadEncodingUnspecified, fmt.Errorf("%w: incomplete EIP191 encoding: %w", ErrUnsupportedPayloadEncoding, err) - } - switch seg2 { - case encodingSegmentVerbatim: - return PayloadEncodingEIP191Raw, nil - case encodingSegmentDAGCBOR: - return PayloadEncodingEIP191Cbor, nil - default: - return PayloadEncodingUnspecified, fmt.Errorf("%w: version=%d, encoding=%x+%x", ErrUnsupportedPayloadEncoding, vers, seg1, seg2) - } + return PayloadEncodingEIP191Cbor, nil default: - return PayloadEncodingUnspecified, fmt.Errorf("%w: version=%d, encoding=%x", ErrUnsupportedPayloadEncoding, vers, seg1) + return PayloadEncodingUnspecified, fmt.Errorf("%w: encoding=%x+%x", ErrUnsupportedPayloadEncoding, seg1, seg2) } default: - return 0, ErrUnsupportedVersion + return PayloadEncodingUnspecified, fmt.Errorf("%w: encoding=%x", ErrUnsupportedPayloadEncoding, seg1) } } diff --git a/constant_test.go b/constant_test.go index 3226ea5..9554ad4 100644 --- a/constant_test.go +++ b/constant_test.go @@ -53,18 +53,10 @@ func TestDecodePayloadEncoding(t *testing.T) { t.Run("passes", func(t *testing.T) { t.Parallel() - t.Run("v0", func(t *testing.T) { - t.Parallel() - - payEnc, err := varsig.DecodePayloadEncoding(bytes.NewReader([]byte{0x5f}), varsig.Version1) - require.NoError(t, err) - require.Equal(t, varsig.PayloadEncodingVerbatim, payEnc) - }) - t.Run("v1", func(t *testing.T) { t.Parallel() - payEnc, err := varsig.DecodePayloadEncoding(bytes.NewReader([]byte{0x5f}), varsig.Version1) + payEnc, err := varsig.DecodePayloadEncoding(bytes.NewReader([]byte{0x5f})) require.NoError(t, err) require.Equal(t, varsig.PayloadEncodingVerbatim, payEnc) }) @@ -76,27 +68,13 @@ func TestDecodePayloadEncoding(t *testing.T) { tests := []struct { name string data []byte - vers varsig.Version err error }{ { - name: "unsupported encoding - v0", - data: []byte{0x42}, // random - vers: varsig.Version0, - err: varsig.ErrUnsupportedPayloadEncoding, - }, - { - name: "unsupported encoding - v1", + name: "unsupported encoding", data: []byte{0x6a, 0x77}, // JWT - vers: varsig.Version1, err: varsig.ErrUnsupportedPayloadEncoding, }, - { - name: "unsupported version", - data: []byte{0x5f}, // Verbatim - vers: 99, // random - err: varsig.ErrUnsupportedVersion, - }, } for _, tt := range tests { @@ -105,10 +83,8 @@ func TestDecodePayloadEncoding(t *testing.T) { t.Parallel() r := bytes.NewReader(tt.data) - _, err := varsig.DecodePayloadEncoding(r, tt.vers) + _, err := varsig.DecodePayloadEncoding(r) require.ErrorIs(t, err, tt.err) - // t.Log(err) - // t.Fail() }) } }) @@ -118,6 +94,6 @@ func BenchmarkDecodePayloadEncoding(b *testing.B) { b.ReportAllocs() data := []byte{0x5f} for i := 0; i < b.N; i++ { - _, _ = varsig.DecodePayloadEncoding(bytes.NewReader(data), varsig.Version1) + _, _ = varsig.DecodePayloadEncoding(bytes.NewReader(data)) } } diff --git a/ecdsa.go b/ecdsa.go index 4ae4118..94a8e62 100644 --- a/ecdsa.go +++ b/ecdsa.go @@ -48,42 +48,15 @@ type ECDSAVarsig struct { // NewECDSAVarsig creates and validates an ECDSA varsig with the provided // curve, hash algorithm and payload encoding. -func NewECDSAVarsig(curve ECDSACurve, hashAlgorithm Hash, payloadEncoding PayloadEncoding, opts ...Option) (ECDSAVarsig, error) { - options := newOptions(opts...) - - var ( - vers = Version1 - disc = DiscriminatorECDSA - sig []byte - ) - - if options.ForceVersion0() { - vers = Version0 - disc = Discriminator(curve) - sig = options.Signature() - } - - v := ECDSAVarsig{ +func NewECDSAVarsig(curve ECDSACurve, hashAlgorithm Hash, payloadEncoding PayloadEncoding) ECDSAVarsig { + return ECDSAVarsig{ varsig: varsig{ - vers: vers, - disc: disc, + disc: DiscriminatorECDSA, payEnc: payloadEncoding, - sig: sig, }, curve: curve, hashAlg: hashAlgorithm, } - - switch curve { - case CurveSecp256k1, CurveP256: - return validateSig(v, 64) - case CurveP384: - return validateSig(v, 96) - case CurveP521: - return validateSig(v, 132) - default: - return ECDSAVarsig{}, fmt.Errorf("%w: %x", ErrUnknownECDSACurve, curve) - } } // Curve returns the elliptic curve used to generate the ECDSA signature. @@ -101,26 +74,17 @@ func (v ECDSAVarsig) Hash() Hash { func (v ECDSAVarsig) Encode() []byte { buf := v.encode() - if v.vers != Version0 { - buf = binary.AppendUvarint(buf, uint64(v.curve)) - } - + buf = binary.AppendUvarint(buf, uint64(v.curve)) buf = binary.AppendUvarint(buf, uint64(v.hashAlg)) buf = append(buf, EncodePayloadEncoding(v.payEnc)...) - buf = append(buf, v.Signature()...) return buf } -func decodeECDSA(r BytesReader, vers Version, disc Discriminator) (Varsig, error) { - curve := ECDSACurve(disc) - if vers != Version0 { - var err error - - curve, err = decodeECDSACurve(r) - if err != nil { - return nil, err - } +func decodeECDSA(r BytesReader) (Varsig, error) { + curve, err := decodeECDSACurve(r) + if err != nil { + return nil, err } hashAlg, err := DecodeHashAlgorithm(r) @@ -128,28 +92,10 @@ func decodeECDSA(r BytesReader, vers Version, disc Discriminator) (Varsig, error return nil, err } - v := ECDSAVarsig{ - varsig: varsig{ - vers: vers, - disc: disc, - }, - curve: curve, - hashAlg: hashAlg, - } - - v.payEnc, v.sig, err = v.decodePayEncAndSig(r) + payEnc, err := DecodePayloadEncoding(r) if err != nil { return nil, err } - switch curve { - case CurveSecp256k1, CurveP256: - return validateSig(v, 64) - case CurveP384: - return validateSig(v, 96) - case CurveP521: - return validateSig(v, 132) - default: - return ECDSAVarsig{}, fmt.Errorf("%w: %x", ErrUnknownECDSACurve, curve) - } + return NewECDSAVarsig(curve, hashAlg, payEnc), nil } diff --git a/eddsa.go b/eddsa.go index 71797b8..9678583 100644 --- a/eddsa.go +++ b/eddsa.go @@ -1,7 +1,6 @@ package varsig import ( - "crypto/ed25519" "encoding/binary" "fmt" ) @@ -47,40 +46,15 @@ type EdDSAVarsig struct { // NewEdDSAVarsig creates and validates an EdDSA varsig with the provided // curve, hash algorithm and payload encoding. -func NewEdDSAVarsig(curve EdDSACurve, hashAlgorithm Hash, payloadEncoding PayloadEncoding, opts ...Option) (EdDSAVarsig, error) { - options := newOptions(opts...) - - var ( - vers = Version1 - disc = DiscriminatorEdDSA - sig []byte - ) - - if options.ForceVersion0() { - vers = Version0 - disc = Discriminator(curve) - sig = options.Signature() - } - - v := EdDSAVarsig{ +func NewEdDSAVarsig(curve EdDSACurve, hashAlgorithm Hash, payloadEncoding PayloadEncoding) EdDSAVarsig { + return EdDSAVarsig{ varsig: varsig{ - vers: vers, - disc: disc, + disc: DiscriminatorEdDSA, payEnc: payloadEncoding, - sig: sig, }, curve: curve, hashAlg: hashAlgorithm, } - - switch curve { - case CurveEd25519: - return validateSig(v, ed25519.SignatureSize) - case CurveEd448: - return validateSig(v, 114) - default: - return EdDSAVarsig{}, fmt.Errorf("%w: %x", ErrUnknownEdDSACurve, curve) - } } // Curve returns the Edwards curve used to generate the EdDSA signature. @@ -98,26 +72,17 @@ func (v EdDSAVarsig) Hash() Hash { func (v EdDSAVarsig) Encode() []byte { buf := v.encode() - if v.vers != Version0 { - buf = binary.AppendUvarint(buf, uint64(v.curve)) - } - + buf = binary.AppendUvarint(buf, uint64(v.curve)) buf = binary.AppendUvarint(buf, uint64(v.hashAlg)) buf = append(buf, EncodePayloadEncoding(v.payEnc)...) - buf = append(buf, v.Signature()...) return buf } -func decodeEdDSA(r BytesReader, vers Version, disc Discriminator) (Varsig, error) { - curve := EdDSACurve(disc) - if vers != Version0 { - var err error - - curve, err = decodeEdDSACurve(r) - if err != nil { - return nil, err - } +func decodeEdDSA(r BytesReader) (Varsig, error) { + curve, err := decodeEdDSACurve(r) + if err != nil { + return nil, err } hashAlg, err := DecodeHashAlgorithm(r) @@ -125,26 +90,10 @@ func decodeEdDSA(r BytesReader, vers Version, disc Discriminator) (Varsig, error return nil, err } - v := EdDSAVarsig{ - varsig: varsig{ - vers: vers, - disc: disc, - }, - curve: curve, - hashAlg: hashAlg, - } - - v.payEnc, v.sig, err = v.decodePayEncAndSig(r) + payEnc, err := DecodePayloadEncoding(r) if err != nil { return nil, err } - switch curve { - case CurveEd25519: - return validateSig(v, ed25519.SignatureSize) - case CurveEd448: - return validateSig(v, 114) - default: - return EdDSAVarsig{}, fmt.Errorf("%w: %x", ErrUnknownEdDSACurve, curve) - } + return NewEdDSAVarsig(curve, hashAlg, payEnc), nil } diff --git a/eddsa_test.go b/eddsa_test.go index 9b6bc36..a9b7727 100644 --- a/eddsa_test.go +++ b/eddsa_test.go @@ -2,7 +2,6 @@ package varsig_test import ( "encoding/base64" - "encoding/hex" "testing" "github.com/stretchr/testify/assert" @@ -11,53 +10,6 @@ import ( "github.com/ucan-wg/go-varsig" ) -func TestDecodeEd25519(t *testing.T) { - t.Parallel() - - t.Run("passes - section 3 example - v0", func(t *testing.T) { - // Original: 34ed01 1371ae3784f03f9ee1163382fa6efa73b0c31ecf58c899c836709303ba4621d1e6df20e09aaa568914290b7ea124f5b38e70b9b69c7de0d216880eac885edd41c302 - // Corrected: 34ed011371ae3784f03f9ee1163382fa6efa73b0c31ecf58c899c836709303ba4621d1e6df20e09aaa568914290b7ea124f5b38e70b9b69c7de0d216880eac885edd41c302") - - hdr, err := hex.DecodeString("34ed011371") - require.NoError(t, err) - - sig, err := hex.DecodeString("ae3784f03f9ee1163382fa6efa73b0c31ecf58c899c836709303ba4621d1e6df20e09aaa568914290b7ea124f5b38e70b9b69c7de0d216880eac885edd41c302") - require.NoError(t, err) - require.Len(t, sig, 64) - - t.Run("Decode", func(t *testing.T) { - t.Parallel() - - v, err := varsig.Decode(append(hdr, sig...)) - require.NoError(t, err) - require.NotNil(t, v) - assert.Equal(t, varsig.Version0, v.Version()) - assert.Equal(t, varsig.DiscriminatorEdDSA, v.Discriminator()) - assert.Equal(t, varsig.PayloadEncodingDAGCBOR, v.PayloadEncoding()) - assert.Len(t, v.Signature(), 64) - - impl, ok := v.(varsig.EdDSAVarsig) - require.True(t, ok) - assert.Equal(t, varsig.CurveEd25519, impl.Curve()) - assert.Equal(t, varsig.HashSha2_512, impl.Hash()) - }) - - t.Run("Encode", func(t *testing.T) { - t.Parallel() - - v, err := varsig.NewEdDSAVarsig( - varsig.CurveEd25519, - varsig.HashSha2_512, - varsig.PayloadEncodingDAGCBOR, - varsig.WithForceVersion0(sig), - ) - require.NoError(t, err) - require.NotNil(t, v) - assert.Equal(t, append(hdr, sig...), v.Encode()) - }) - }) -} - func TestUCANExampleV1(t *testing.T) { t.Parallel() @@ -81,18 +33,16 @@ func TestUCANExampleV1(t *testing.T) { assert.Equal(t, varsig.CurveEd25519, ed25519V.Curve()) assert.Equal(t, varsig.HashSha2_512, ed25519V.Hash()) assert.Equal(t, varsig.PayloadEncodingDAGCBOR, ed25519V.PayloadEncoding()) - assert.Len(t, ed25519V.Signature(), 0) }) t.Run("Encode", func(t *testing.T) { t.Parallel() - edDSAVarsig, err := varsig.NewEdDSAVarsig( + edDSAVarsig := varsig.NewEdDSAVarsig( varsig.CurveEd25519, varsig.HashSha2_512, varsig.PayloadEncodingDAGCBOR, ) - require.NoError(t, err) assert.Equal(t, example, edDSAVarsig.Encode()) t.Log(base64.RawStdEncoding.EncodeToString(edDSAVarsig.Encode())) diff --git a/error.go b/error.go index bc8e2e9..bd0676a 100644 --- a/error.go +++ b/error.go @@ -2,25 +2,11 @@ package varsig import "errors" -// ErrMissingSignature is returned when a varsig v0 is parsed and does -// not contain the expected signature bytes. This is expected in some -// intermediate cases, such as the UCAN v1 specification. -var ErrMissingSignature = errors.New("missing signature expected in varsig v0") - // ErrNotYetImplemented is returned when a function is currently under // construction. For released versions of this library, this error should // never occur. var ErrNotYetImplemented = errors.New("not yet implemented") -// ErrUnexpectedSignaturePresent is returned when a signature is present -// in a varsig >= v1. -var ErrUnexpectedSignaturePresent = errors.New("unexpected signature present in varsig >= v1") - -// ErrUnexpectedSignatureSize is returned when the length of the decoded -// signature doesn't match the expected signature length as defined by the -// signing algorithm or sent via a Varsig field. -var ErrUnexpectedSignatureSize = errors.New("unexpected signature size in varsig v0") - // ErrUnknownHash is returned when an unexpected value is provided // while decoding the hashing algorithm. var ErrUnknownHash = errors.New("unknown hash algorithm") diff --git a/option.go b/option.go deleted file mode 100644 index 46d7861..0000000 --- a/option.go +++ /dev/null @@ -1,45 +0,0 @@ -package varsig - -// Options define customization when creating a new Varsig. -type Options struct { - forceVersion0 bool - signature []byte -} - -func newOptions(opts ...Option) *Options { - o := &Options{} - - for _, opt := range opts { - opt(o) - } - - return o -} - -// ForceVersion0 returns a boolean indicating that a Varsig < v1 should -// be created (which means the encoded Varsig won't have a version field -// and might contain the signature bytes as the last field.) -func (o *Options) ForceVersion0() bool { - return o.forceVersion0 -} - -// Signature returns the optional signature bytes when creating a Varsig -// < v1. -func (o *Options) Signature() []byte { - return o.signature -} - -// Option is a function that alters the default behavior of constructors -// that produce implementations of the Varsig type. -type Option func(*Options) - -// WithForceVersion0 indicates that a Varsig < v1 should be produced. If -// the signature is a) not nil, b) not empty and c) the correct length -// based on the signing algorithm or signing key, the signature's bytes -// will be appended to the encoded Varsig. -func WithForceVersion0(signature []byte) Option { - return func(o *Options) { - o.forceVersion0 = true - o.signature = signature - } -} diff --git a/registry.go b/registry.go index f5019d5..1930555 100644 --- a/registry.go +++ b/registry.go @@ -18,7 +18,7 @@ const ( // DecodeFunc is a function that parses the varsig representing a specific // signing algorithm. -type DecodeFunc func(BytesReader, Version, Discriminator) (Varsig, error) +type DecodeFunc func(BytesReader) (Varsig, error) // Registry contains a mapping between known signing algorithms and // functions that can parse varsigs for that signing algorithm. @@ -68,12 +68,16 @@ func (rs Registry) DecodeStream(r BytesReader) (Varsig, error) { return nil, err } + if vers != Version1 { + return nil, fmt.Errorf("%w: %d", ErrUnsupportedVersion, vers) + } + decodeFunc, ok := rs[Discriminator(disc)] if !ok { return nil, fmt.Errorf("%w: %x", ErrUnknownDiscriminator, disc) } - return decodeFunc(r, vers, disc) + return decodeFunc(r) } func (rs Registry) decodeVersAnddisc(r BytesReader) (Version, Discriminator, error) { diff --git a/registry_test.go b/registry_test.go index 75c6df2..61400b4 100644 --- a/registry_test.go +++ b/registry_test.go @@ -12,25 +12,7 @@ import ( ) func TestRegistry_Decode(t *testing.T) { - t.Parallel() - - t.Run("passes - v0", func(t *testing.T) { - t.Parallel() - - data, err := hex.DecodeString("348120") - require.NoError(t, err) - - reg := testRegistry(t) - - vs, err := reg.DecodeStream(bytes.NewReader(data)) - require.NoError(t, err) - assert.Equal(t, varsig.Version0, vs.Version()) - assert.Equal(t, testDiscriminator1, vs.Discriminator()) - }) - t.Run("passes - v1", func(t *testing.T) { - t.Parallel() - data, err := hex.DecodeString("34018120") require.NoError(t, err) @@ -52,36 +34,27 @@ func testRegistry(t *testing.T) varsig.Registry { t.Helper() reg := varsig.NewRegistry() - reg.Register(testDiscriminator0, testDecodeFunc(t)) - reg.Register(testDiscriminator1, testDecodeFunc(t)) + reg.Register(testDiscriminator0, testDecodeFunc(testDiscriminator0)) + reg.Register(testDiscriminator1, testDecodeFunc(testDiscriminator1)) return reg } -func testDecodeFunc(t *testing.T) varsig.DecodeFunc { - t.Helper() - - return func(r varsig.BytesReader, vers varsig.Version, disc varsig.Discriminator) (varsig.Varsig, error) { - v := &testVarsig{ - vers: vers, - disc: disc, - } - - return v, nil +func testDecodeFunc(disc varsig.Discriminator) varsig.DecodeFunc { + return func(r varsig.BytesReader) (varsig.Varsig, error) { + return &testVarsig{disc: disc}, nil } } var _ varsig.Varsig = testVarsig{} type testVarsig struct { - vers varsig.Version disc varsig.Discriminator payEnc varsig.PayloadEncoding - sig []byte } func (v testVarsig) Version() varsig.Version { - return v.vers + return varsig.Version1 } func (v testVarsig) Discriminator() varsig.Discriminator { @@ -92,10 +65,6 @@ func (v testVarsig) PayloadEncoding() varsig.PayloadEncoding { return v.payEnc } -func (v testVarsig) Signature() []byte { - return v.sig -} - func (v testVarsig) Encode() []byte { return nil } diff --git a/rsa.go b/rsa.go index 41b080e..5110e7b 100644 --- a/rsa.go +++ b/rsa.go @@ -14,45 +14,29 @@ var _ Varsig = RSAVarsig{} type RSAVarsig struct { varsig hashAlg Hash - sigLen uint64 + keyLen uint64 } // NewRSAVarsig creates and validates an RSA varsig with the provided // hash algorithm, key length and payload encoding. -func NewRSAVarsig(hashAlgorithm Hash, keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (RSAVarsig, error) { - options := newOptions(opts...) - - var ( - vers = Version1 - sig []byte - ) - - if options.ForceVersion0() { - vers = Version0 - sig = options.Signature() - } - - v := RSAVarsig{ +func NewRSAVarsig(hashAlgorithm Hash, keyLen uint64, payloadEncoding PayloadEncoding) RSAVarsig { + return RSAVarsig{ varsig: varsig{ - vers: vers, disc: DiscriminatorRSA, payEnc: payloadEncoding, - sig: sig, }, hashAlg: hashAlgorithm, - sigLen: keyLength, + keyLen: keyLen, } - - return validateSig(v, v.sigLen) } // Encode returns the encoded byte format of the RSAVarsig. func (v RSAVarsig) Encode() []byte { buf := v.encode() + buf = binary.AppendUvarint(buf, uint64(v.hashAlg)) - buf = binary.AppendUvarint(buf, v.sigLen) + buf = binary.AppendUvarint(buf, v.keyLen) buf = append(buf, EncodePayloadEncoding(v.payEnc)...) - buf = append(buf, v.Signature()...) return buf } @@ -66,33 +50,24 @@ func (v RSAVarsig) Hash() Hash { // KeyLength returns the length of the RSA key used to sign the payload // content. func (v RSAVarsig) KeyLength() uint64 { - return v.sigLen + return v.keyLen } -func decodeRSA(r BytesReader, vers Version, disc Discriminator) (Varsig, error) { +func decodeRSA(r BytesReader) (Varsig, error) { hashAlg, err := DecodeHashAlgorithm(r) if err != nil { return nil, err } - sigLen, err := binary.ReadUvarint(r) + keyLen, err := binary.ReadUvarint(r) if err != nil { return nil, err } - vs := RSAVarsig{ - varsig: varsig{ - vers: vers, - disc: disc, - }, - hashAlg: hashAlg, - sigLen: sigLen, - } - - vs.payEnc, vs.sig, err = vs.decodePayEncAndSig(r) + payEnc, err := DecodePayloadEncoding(r) if err != nil { return nil, err } - return validateSig(vs, vs.sigLen) + return NewRSAVarsig(hashAlg, keyLen, payEnc), nil } diff --git a/rsa_test.go b/rsa_test.go index e28743f..88b8c22 100644 --- a/rsa_test.go +++ b/rsa_test.go @@ -4,7 +4,6 @@ import ( "encoding/base64" "testing" - "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/ucan-wg/go-varsig" @@ -29,68 +28,23 @@ func TestRSAVarsig(t *testing.T) { rsaVs, ok := vs.(varsig.RSAVarsig) require.True(t, ok) - assert.Equal(t, varsig.Version1, rsaVs.Version()) - assert.Equal(t, varsig.DiscriminatorRSA, rsaVs.Discriminator()) - assert.Equal(t, varsig.HashSha2_256, rsaVs.Hash()) - assert.Equal(t, varsig.PayloadEncodingDAGCBOR, rsaVs.PayloadEncoding()) - assert.Equal(t, uint64(keyLen), rsaVs.KeyLength()) - assert.Len(t, rsaVs.Signature(), 0) + require.Equal(t, varsig.Version1, rsaVs.Version()) + require.Equal(t, varsig.DiscriminatorRSA, rsaVs.Discriminator()) + require.Equal(t, varsig.HashSha2_256, rsaVs.Hash()) + require.Equal(t, varsig.PayloadEncodingDAGCBOR, rsaVs.PayloadEncoding()) + require.Equal(t, uint64(keyLen), rsaVs.KeyLength()) }) t.Run("Encode", func(t *testing.T) { t.Parallel() - rsaVarsig, err := varsig.NewRSAVarsig( + rsaVarsig := varsig.NewRSAVarsig( varsig.HashSha2_256, keyLen, varsig.PayloadEncodingDAGCBOR, ) - require.NoError(t, err) - assert.Equal(t, example, rsaVarsig.Encode()) + require.Equal(t, example, rsaVarsig.Encode()) t.Log(base64.RawStdEncoding.EncodeToString(rsaVarsig.Encode())) }) } - -func TestUCANExampleV0(t *testing.T) { - t.Parallel() - - const keyLen = 0x100 - - // This test is the value shown in the UCAN v1.0.0 example, which is - // an RSA varsig < v1 encoded as RS256 with a key length of 0x100 - // bytes and DAG-CBOR payload encoding. - example, err := base64.RawStdEncoding.DecodeString("NIUkEoACcQ") - require.NoError(t, err) - - t.Run("Decode", func(t *testing.T) { - t.Parallel() - - vs, err := varsig.Decode(example) - require.ErrorIs(t, err, varsig.ErrMissingSignature) - - rsaVs, ok := vs.(varsig.RSAVarsig) - require.True(t, ok) - - assert.Equal(t, varsig.Version0, rsaVs.Version()) - assert.Equal(t, varsig.DiscriminatorRSA, rsaVs.Discriminator()) - assert.Equal(t, varsig.HashSha2_256, rsaVs.Hash()) - assert.Equal(t, varsig.PayloadEncodingDAGCBOR, rsaVs.PayloadEncoding()) - assert.Equal(t, uint64(keyLen), rsaVs.KeyLength()) - assert.Len(t, rsaVs.Signature(), 0) - }) - - t.Run("Encode", func(t *testing.T) { - t.Parallel() - - rsaVarsig, err := varsig.NewRSAVarsig( - varsig.HashSha2_256, - keyLen, - varsig.PayloadEncodingDAGCBOR, - varsig.WithForceVersion0([]byte{}), - ) - require.ErrorIs(t, err, varsig.ErrMissingSignature) - - assert.Equal(t, example, rsaVarsig.Encode()) - }) -} diff --git a/varsig.go b/varsig.go index 513d10d..8cbbd91 100644 --- a/varsig.go +++ b/varsig.go @@ -20,7 +20,6 @@ package varsig import ( "encoding/binary" - "errors" "io" ) @@ -36,11 +35,6 @@ type Varsig interface { // PayloadEncoding returns the codec that was used to encode the signed data. PayloadEncoding() PayloadEncoding - // Signature returns the cryptographic signature of the signed data. - // This value is never present in a varsig >= v1 and must either be a valid - // signature with the correct length or empty in varsig < v1. - Signature() []byte - // Encode returns the encoded byte format of the varsig. Encode() []byte } @@ -58,15 +52,13 @@ func DecodeStream(r BytesReader) (Varsig, error) { } type varsig struct { - vers Version disc Discriminator payEnc PayloadEncoding - sig []byte } // Version returns the varsig's version field. func (v varsig) Version() Version { - return v.vers + return Version1 } // Discriminator returns the algorithm used to produce the corresponding @@ -81,13 +73,6 @@ func (v varsig) PayloadEncoding() PayloadEncoding { return v.payEnc } -// Signature returns the cryptographic signature of the signed data. This -// value is never present in a varsig >= v1 and must either be a valid -// signature with the correct length or empty in varsig < v1. -func (v varsig) Signature() []byte { - return v.sig -} - func (v varsig) encode() []byte { // Pre-allocate to the maximum size to avoid re-allocating. // I think the maximum is 10 bytes, but it's all the same for go to allocate 16 (due to the small @@ -95,60 +80,12 @@ func (v varsig) encode() []byte { buf := make([]byte, 0, 16) buf = binary.AppendUvarint(buf, Prefix) - - if v.Version() == Version1 { - buf = binary.AppendUvarint(buf, uint64(Version1)) - } - + buf = binary.AppendUvarint(buf, uint64(Version1)) buf = binary.AppendUvarint(buf, uint64(v.disc)) return buf } -func (v varsig) decodePayEncAndSig(r BytesReader) (PayloadEncoding, []byte, error) { - payEnc, err := DecodePayloadEncoding(r, v.Version()) - if err != nil { - return 0, nil, err - } - - var signature []byte - switch v.Version() { - case Version0: - signature, err = io.ReadAll(r) - if err != nil { - return 0, nil, err - } - case Version1: - _, err := r.ReadByte() - if err != nil && !errors.Is(err, io.EOF) { - return 0, nil, err - } - if err == nil { - return 0, nil, ErrUnexpectedSignaturePresent - } - default: - return 0, nil, ErrUnsupportedVersion - } - - return payEnc, signature, nil -} - -func validateSig[T Varsig](v T, expectedLength uint64) (T, error) { - if v.Version() == Version0 && len(v.Signature()) == 0 { - return v, ErrMissingSignature - } - - if v.Version() == Version0 && uint64(len(v.Signature())) != expectedLength { - return *new(T), ErrUnexpectedSignatureSize - } - - if v.Version() == Version1 && len(v.Signature()) != 0 { - return *new(T), ErrUnexpectedSignaturePresent - } - - return v, nil -} - type BytesReader interface { io.ByteReader io.Reader diff --git a/varsig_test.go b/varsig_test.go index 86194de..b1d6306 100644 --- a/varsig_test.go +++ b/varsig_test.go @@ -58,17 +58,6 @@ func TestDecode(t *testing.T) { assert.Nil(t, vs) }) - t.Run("fails - unknown signature algorithm - v0", func(t *testing.T) { - t.Parallel() - - data, err := hex.DecodeString("3464") - require.NoError(t, err) - - vs, err := varsig.Decode(data) - require.ErrorIs(t, err, varsig.ErrUnknownDiscriminator) - assert.Nil(t, vs) - }) - t.Run("fails - unknown signature algorithm - v1", func(t *testing.T) { t.Parallel() @@ -87,7 +76,6 @@ func TestDecode(t *testing.T) { rsaHex = "8524" sha256Hex = "12" keyLen = "8002" - rsaBaseV0 = "34" + rsaHex + sha256Hex + keyLen rsaBaseV1 = "3401" + rsaHex + sha256Hex + keyLen ) @@ -123,36 +111,4 @@ func TestDecode(t *testing.T) { require.ErrorIs(t, err, varsig.ErrUnsupportedPayloadEncoding) assert.Nil(t, vs) }) - - t.Run("fails - unexpected signature length - v0", func(t *testing.T) { - t.Parallel() - - data, err := hex.DecodeString(rsaBaseV0 + "5f" + "42") // 0x42 is only a single byte - 256 bytes are expected - require.NoError(t, err) - - vs, err := varsig.Decode(data) - require.ErrorIs(t, err, varsig.ErrUnexpectedSignatureSize) - assert.Zero(t, vs) - }) - - t.Run("fails - unexpected signature present - v1", func(t *testing.T) { - t.Parallel() - - data, err := hex.DecodeString(rsaBaseV1 + "5f" + "42") // 0x42 is only a single byte - 256 bytes are expected - require.NoError(t, err) - - vs, err := varsig.Decode(data) - require.ErrorIs(t, err, varsig.ErrUnexpectedSignaturePresent) - assert.Nil(t, vs) - }) - - t.Run("passes with error - v0", func(t *testing.T) { - t.Parallel() - data, err := hex.DecodeString(rsaBaseV0 + "5f") - require.NoError(t, err) - - vs, err := varsig.Decode(data) - require.ErrorIs(t, err, varsig.ErrMissingSignature) - assert.NotNil(t, vs) // varsig is still returned with just "header" - }) }