go/varsig
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: go:constants-alloc
Branches Tags
go:main go:add-ci go:deps go:constants-alloc
go:v1.0.0 go:v1.0.0-pre6 go:v1.0.0-pre5 go:v1.0.0-pre4 go:v1.0.0-pre3 go:v1.0.0-pre2 go:v1.0.0-pre1
...
compare: go:v1.0.0-pre5
Branches Tags
go:main go:add-ci go:deps go:constants-alloc
go:v1.0.0 go:v1.0.0-pre6 go:v1.0.0-pre5 go:v1.0.0-pre4 go:v1.0.0-pre3 go:v1.0.0-pre2 go:v1.0.0-pre1

18 Commits
constants- ... v1.0.0-pre

Author SHA1 Message Date
Michael Muré
35ef54f79f feat: turns out, PayloadEncoding can be multiple values for EIP191 2025-07-24 16:52:58 +02:00
Michael Muré
2f22cb9b15 feat(test): add more tests for the presets, and compat with iso-ucan 2025-07-24 16:52:58 +02:00
Michael Muré
a43c3af4c8 feat(ecdsa): implement varsig for EdDSA 2025-07-22 14:24:39 +02:00
Michael Muré
eab24207bc fix(eddsa): ed25519 or ed448 should be curves, not discriminator 2025-07-22 13:57:22 +02:00
Michael Muré
be01529d44 perf: pre-allocate the buffer when encoding a varsig 2025-07-22 13:10:12 +02:00
Michael Muré
182036b055 fix(eddsa): fix the size of the signature check for ed448 2025-07-22 12:04:31 +02:00
Michael Muré
0763d6f8b6 feat(hashes): shorten HashAlgorithm to Hash, add more of them 2025-07-22 12:03:56 +02:00
Michael Muré
c7a870e9db readme: add authorship and license 2025-07-11 07:28:42 +02:00
Steve Moyer
2238f3a26c build: run GitHub checks only once 2025-07-10 10:47:33 -04:00
Steve Moyer
f2cd448a11 build: support Go v1.23.10 downstream 2025-07-10 10:10:35 -04:00
Steve Moyer
25d4579b29 test(ucan): add test for updated UCAN example varsig 2025-07-10 06:46:07 -04:00
Michael Muré
5fb3516d15 feat(deps): remove the multicodec dependency, as varsig constants are not multicodec 2025-07-10 12:39:27 +02:00
Michael Muré
eb70826a70 varsig: handle unknown version with an error 2025-07-09 13:39:09 +02:00
Michael Muré
6308c66ab7 update varsig documentation 2025-07-09 13:39:09 +02:00
Steve Moyer
f6b72f1907 fix(v0): restores validateSig behavior 2025-07-09 13:39:09 +02:00
Michael Muré
03770e0d38 use value receiver, remove unneeded generic 2025-07-09 13:39:09 +02:00
Steve Moyer
1ea8b00efd Merge pull request #1 from ucan-wg/constants-alloc 
perf(constants): avoid allocating a map for each Decode*() call
 2025-07-08 11:53:19 -04:00
Steve Moyer
21a78a9d2d fix(eddsa): use DecodeHashAlgorithm and create decodeEdDSACurve 2025-07-08 11:27:18 -04:00
18 changed files with 750 additions and 333 deletions
Expand all files Collapse all files

2
.github/workflows/pre-commit.yaml vendored
View File

@@ -1,9 +1,7 @@
name: pre-commit
on:
pull_request:
push:
# branches: [main]
jobs:
pre-commit:

15
README.md
View File

@@ -2,12 +2,14 @@
`go-varsig` implements the upcoming v1.0.0 release of the [`varsig` specification](https://github.com/ChainAgnostic/varsig/pull/18)
with limited (and soon to be deprecated) support for the `varsig` < v1.0
specification. This is predominatly included to support the UCAN v1.0
specification. This is predominantly included to support the UCAN v1.0
use-case.
Built with ❤️ by [Consensys](https://consensys.io/).
## Usage
Include the `go-varsig` library by running the following command:
Include the `go-varsig` library by running the following command:
```bash
go get github.com/ucan-wg/go-varsig@latest
@@ -29,7 +31,7 @@ asdf install
### Checks
This repository contains an set of pre-commit hooks that are run prior to
This repository contains a set of pre-commit hooks that are run prior to
each `git commit`. You can also run these checks manually using the
following command:
@@ -54,3 +56,10 @@ Since there's only one workflow, the simplest command to test it is:
```bash
act
```
## License
This project is dual-licensed under Apache 2.0 and MIT terms:
- Apache License, Version 2.0, ([LICENSE-APACHE](https://github.com/ucan-wg/go-varsig/blob/master/LICENSE-APACHE-2.0) or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license ([LICENSE-MIT](https://github.com/ucan-wg/go-varsig/blob/master/LICENSE-MIT) or http://opensource.org/licenses/MIT)

90
common.go
View File

@@ -1,41 +1,73 @@
package varsig
// Ed25519 produces a varsig that describes the associated algorithm defined
// by the [IANA JOSE specification].
//
import "fmt"
// [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
func Ed25519(payloadEncoding PayloadEncoding, opts ...Option) (*EdDSAVarsig, error) {
return NewEdDSAVarsig(CurveEd25519, HashAlgorithmSHA512, payloadEncoding, opts...)
// Ed25519 produces a varsig for EdDSA using Ed25519 curve.
// This algorithm is defined in [IANA JOSE specification].
func Ed25519(payloadEncoding PayloadEncoding, opts ...Option) (EdDSAVarsig, error) {
return NewEdDSAVarsig(CurveEd25519, HashSha2_512, payloadEncoding, opts...)
}
// Ed448 produces a varsig that describes the associated algorithm defined
// by the [IANA JOSE specification].
//
// [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
func Ed448(payloadEncoding PayloadEncoding, opts ...Option) (*EdDSAVarsig, error) {
return NewEdDSAVarsig(CurveEd448, HashAlgorithmShake256, payloadEncoding, opts...)
// Ed448 produces a varsig for EdDSA using Ed448 curve.
// This algorithm is defined in [IANA JOSE specification].
func Ed448(payloadEncoding PayloadEncoding, opts ...Option) (EdDSAVarsig, error) {
return NewEdDSAVarsig(CurveEd448, HashShake_256, payloadEncoding, opts...)
}
// RS256 produces a varsig that describes the associated algorithm defined
// by the [IANA JOSE specification].
//
// [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
func RS256(keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (*RSAVarsig, error) {
return NewRSAVarsig(HashAlgorithmSHA256, keyLength, payloadEncoding, opts...)
// RS256 produces a varsig for RSASSA-PKCS1-v1_5 using SHA-256.
// This algorithm is defined in [IANA JOSE specification].
func RS256(keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (RSAVarsig, error) {
return NewRSAVarsig(HashSha2_256, keyLength, payloadEncoding, opts...)
}
// RS384 produces a varsig that describes the associated algorithm defined
// by the [IANA JOSE specification].
//
// [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
func RS384(keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (*RSAVarsig, error) {
return NewRSAVarsig(HashAlgorithmSHA384, keyLength, payloadEncoding, opts...)
// RS384 produces a varsig for RSASSA-PKCS1-v1_5 using SHA-384.
// This algorithm is defined in [IANA JOSE specification].
func RS384(keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (RSAVarsig, error) {
return NewRSAVarsig(HashSha2_384, keyLength, payloadEncoding, opts...)
}
// RS512 produces a varsig that describes the associated algorithm defined
// by the [IANA JOSE specification].
//
// [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
func RS512(keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (*RSAVarsig, error) {
return NewRSAVarsig(HashAlgorithmSHA512, keyLength, payloadEncoding, opts...)
// RS512 produces a varsig for RSASSA-PKCS1-v1_5 using SHA-512.
// This algorithm is defined in [IANA JOSE specification].
func RS512(keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (RSAVarsig, error) {
return NewRSAVarsig(HashSha2_512, keyLength, payloadEncoding, opts...)
}
// ES256 produces a varsig for ECDSA using P-256 and SHA-256.
// This algorithm is defined in [IANA JOSE specification].
func ES256(payloadEncoding PayloadEncoding, opts ...Option) (ECDSAVarsig, error) {
return NewECDSAVarsig(CurveP256, HashSha2_256, payloadEncoding, opts...)
}
// ES256K produces a varsig for ECDSA using secp256k1 curve and SHA-256.
// This algorithm is defined in [IANA JOSE specification].
func ES256K(payloadEncoding PayloadEncoding, opts ...Option) (ECDSAVarsig, error) {
return NewECDSAVarsig(CurveSecp256k1, HashSha2_256, payloadEncoding, opts...)
}
// ES384 produces a varsig for ECDSA using P-384 and SHA-384.
// This algorithm is defined in [IANA JOSE specification].
func ES384(payloadEncoding PayloadEncoding, opts ...Option) (ECDSAVarsig, error) {
return NewECDSAVarsig(CurveP384, HashSha2_384, payloadEncoding, opts...)
}
// ES512 produces a varsig for ECDSA using P-521 and SHA-512.
// This algorithm is defined in [IANA JOSE specification].
func ES512(payloadEncoding PayloadEncoding, opts ...Option) (ECDSAVarsig, error) {
return NewECDSAVarsig(CurveP521, HashSha2_512, payloadEncoding, opts...)
}
// EIP191 produces a varsig for ECDSA using the Secp256k1 curve, Keccak256 and encoded
// with the "personal_sign" format defined by [EIP191].
// payloadEncoding must be either PayloadEncodingEIP191Raw or PayloadEncodingEIP191Cbor.
// [EIP191]: https://eips.ethereum.org/EIPS/eip-191
func EIP191(payloadEncoding PayloadEncoding, opts ...Option) (ECDSAVarsig, error) {
switch payloadEncoding {
case PayloadEncodingEIP191Raw, PayloadEncodingEIP191Cbor:
default:
return ECDSAVarsig{}, fmt.Errorf("%w for EIP191: %v", ErrUnsupportedPayloadEncoding, payloadEncoding)
}
return NewECDSAVarsig(CurveSecp256k1, HashKeccak256, payloadEncoding, opts...)
}

184
common_test.go
View File

@@ -1,63 +1,147 @@
package varsig_test
import (
"encoding/hex"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/ucan-wg/go-varsig"
)
func TestEd25519(t *testing.T) {
t.Parallel()
func TestRoundTrip(t *testing.T) {
for _, tc := range []struct {
name string
varsig varsig.Varsig
dataHex string
dataBytes []byte
}{
// Arbitrary use of presets
{
name: "Ed25519",
varsig: must(varsig.Ed25519(varsig.PayloadEncodingDAGCBOR)),
dataHex: "3401ed01ed011371",
},
{
name: "Ed448",
varsig: must(varsig.Ed448(varsig.PayloadEncodingDAGCBOR)),
dataHex: "3401ed0183241971",
},
{
name: "RS256",
varsig: must(varsig.RS256(0x100, varsig.PayloadEncodingDAGCBOR)),
dataHex: "3401852412800271",
},
{
name: "RS384",
varsig: must(varsig.RS384(0x100, varsig.PayloadEncodingDAGCBOR)),
dataHex: "3401852420800271",
},
{
name: "RS512",
varsig: must(varsig.RS512(0x100, varsig.PayloadEncodingDAGCBOR)),
dataHex: "3401852413800271",
},
{
name: "ES256",
varsig: must(varsig.ES256(varsig.PayloadEncodingDAGCBOR)),
dataHex: "3401ec0180241271",
},
{
name: "ES256K",
varsig: must(varsig.ES256K(varsig.PayloadEncodingDAGCBOR)),
dataHex: "3401ec01e7011271",
},
{
name: "ES384",
varsig: must(varsig.ES384(varsig.PayloadEncodingDAGCBOR)),
dataHex: "3401ec0181242071",
},
{
name: "ES512",
varsig: must(varsig.ES512(varsig.PayloadEncodingDAGCBOR)),
dataHex: "3401ec0182241371",
},
{
name: "EIP191",
varsig: must(varsig.EIP191(varsig.PayloadEncodingEIP191Raw)),
dataHex: "3401ec01e7011b91c3035f",
},
in := mustVarsig[varsig.EdDSAVarsig](t)(varsig.Ed25519(varsig.PayloadEncodingDAGCBOR))
out := roundTrip(t, in, "3401ed01ed011371")
assertEdDSAEqual(t, in, out)
// from https://github.com/hugomrdias/iso-repo/blob/main/packages/iso-ucan/test/varsig.test.js
{
name: "RS256+RAW",
varsig: must(varsig.RS256(256, varsig.PayloadEncodingVerbatim)),
dataBytes: []byte{52, 1, 133, 36, 18, 128, 2, 95},
},
{
name: "ES256+RAW",
varsig: must(varsig.ES256(varsig.PayloadEncodingVerbatim)),
dataBytes: []byte{52, 1, 236, 1, 128, 36, 18, 95},
},
{
name: "ES512+RAW",
varsig: must(varsig.ES512(varsig.PayloadEncodingVerbatim)),
dataBytes: []byte{52, 1, 236, 1, 130, 36, 19, 95},
},
{
name: "ES256K+RAW",
varsig: must(varsig.ES256K(varsig.PayloadEncodingVerbatim)),
dataBytes: []byte{52, 1, 236, 1, 231, 1, 18, 95},
},
{
name: "EIP191+RAW",
varsig: must(varsig.EIP191(varsig.PayloadEncodingEIP191Raw)),
dataBytes: []byte{52, 1, 236, 1, 231, 1, 27, 145, 195, 3, 95},
},
{
name: "EIP191+DAG-CBOR",
varsig: must(varsig.EIP191(varsig.PayloadEncodingEIP191Cbor)),
dataBytes: []byte{52, 1, 236, 1, 231, 1, 27, 145, 195, 3, 113},
},
} {
t.Run(tc.name, func(t *testing.T) {
// round-trip encode and back
data := tc.varsig.Encode()
if tc.dataBytes != nil {
require.Equal(t, tc.dataBytes, data)
}
if tc.dataHex != "" {
require.Equal(t, tc.dataHex, hex.EncodeToString(data))
}
rt, err := varsig.Decode(data)
require.NoError(t, err)
require.Equal(t, tc.varsig.Version(), rt.Version())
require.Equal(t, tc.varsig.Discriminator(), rt.Discriminator())
require.Equal(t, tc.varsig.PayloadEncoding(), rt.PayloadEncoding())
require.Equal(t, tc.varsig.Signature(), rt.Signature())
switch vs := tc.varsig.(type) {
case varsig.EdDSAVarsig:
rt := rt.(varsig.EdDSAVarsig)
require.Equal(t, vs.Curve(), rt.Curve())
require.Equal(t, vs.Hash(), rt.Hash())
case varsig.ECDSAVarsig:
rt := rt.(varsig.ECDSAVarsig)
require.Equal(t, vs.Curve(), rt.Curve())
require.Equal(t, vs.Hash(), rt.Hash())
case varsig.RSAVarsig:
rt := rt.(varsig.RSAVarsig)
require.Equal(t, vs.Hash(), rt.Hash())
require.Equal(t, vs.KeyLength(), rt.KeyLength())
default:
t.Fatalf("unexpected varsig type: %T", vs)
}
})
}
}
func TestEd448(t *testing.T) {
t.Parallel()
in := mustVarsig[varsig.EdDSAVarsig](t)(varsig.Ed448(varsig.PayloadEncodingDAGCBOR))
out := roundTrip(t, in, "3401ed0183241971")
assertEdDSAEqual(t, in, out)
}
func TestRS256(t *testing.T) {
t.Parallel()
in := mustVarsig[varsig.RSAVarsig](t)(varsig.RS256(0x100, varsig.PayloadEncodingDAGCBOR))
out := roundTrip(t, in, "3401852412800271")
assertRSAEqual(t, in, out)
}
func TestRS384(t *testing.T) {
t.Parallel()
in := mustVarsig[varsig.RSAVarsig](t)(varsig.RS384(0x100, varsig.PayloadEncodingDAGCBOR))
out := roundTrip(t, in, "3401852420800271")
assertRSAEqual(t, in, out)
}
func TestRS512(t *testing.T) {
t.Parallel()
in := mustVarsig[varsig.RSAVarsig](t)(varsig.RS512(0x100, varsig.PayloadEncodingDAGCBOR))
out := roundTrip(t, in, "3401852413800271")
assertRSAEqual(t, in, out)
}
func assertEdDSAEqual(t *testing.T, in, out *varsig.EdDSAVarsig) {
t.Helper()
assert.Equal(t, in.Curve(), out.Curve())
assert.Equal(t, in.HashAlgorithm(), out.HashAlgorithm())
}
func assertRSAEqual(t *testing.T, in, out *varsig.RSAVarsig) {
t.Helper()
assert.Equal(t, in.HashAlgorithm(), out.HashAlgorithm())
assert.Equal(t, in.KeyLength(), out.KeyLength())
func must[T any](v T, err error) T {
if err != nil {
panic(err)
}
return v
}

218
constant.go
View File

@@ -1,122 +1,206 @@
package varsig
import (
"bytes"
"encoding/binary"
"fmt"
"github.com/multiformats/go-multicodec"
)
// Prefix is the multicodec.Code for the varsig's varuint prefix byte.
const Prefix = uint64(multicodec.Varsig)
// Prefix is the value for the varsig's varuint prefix byte.
const Prefix = uint64(0x34)
// HashAlgorithm is the multicodec.Code that specifies the hash algorithm
// Hash is the value that specifies the hash algorithm
// that's used to reduce the signed content
type HashAlgorithm uint64
type Hash uint64
// Constant multicodec.Code values that allow Varsig implementations to
// specify how the payload content is hashed before the signature is
// generated.
// Constant values that allow Varsig implementations to specify how
// the payload content is hashed before the signature is generated.
const (
HashAlgorithmUnspecified HashAlgorithm = 0x00
HashAlgorithmSHA256 = HashAlgorithm(multicodec.Sha2_256)
HashAlgorithmSHA384 = HashAlgorithm(multicodec.Sha2_384)
HashAlgorithmSHA512 = HashAlgorithm(multicodec.Sha2_512)
HashAlgorithmShake256 = HashAlgorithm(multicodec.Shake256)
HashUnspecified Hash = 0x00
HashSha2_224 = Hash(0x1013)
HashSha2_256 = Hash(0x12)
HashSha2_384 = Hash(0x20)
HashSha2_512 = Hash(0x13)
HashSha3_224 = Hash(0x17)
HashSha3_256 = Hash(0x16)
HashSha3_384 = Hash(0x15)
HashSha3_512 = Hash(0x14)
HashSha512_224 = Hash(0x1014)
HashSha512_256 = Hash(0x1015)
HashBlake2s_256 = Hash(0xb260)
HashBlake2b_256 = Hash(0xb220)
HashBlake2b_384 = Hash(0xb230)
HashBlake2b_512 = Hash(0xb240)
HashShake_256 = Hash(0x19)
HashKeccak256 = Hash(0x1b)
HashKeccak512 = Hash(0x1d)
)
// DecodeHashAlgorithm reads and validates the expected hash algorithm
// (for varsig types include a variable hash algorithm.)
func DecodeHashAlgorithm(r *bytes.Reader) (HashAlgorithm, error) {
func DecodeHashAlgorithm(r BytesReader) (Hash, error) {
u, err := binary.ReadUvarint(r)
if err != nil {
return HashAlgorithmUnspecified, fmt.Errorf("%w: %w", ErrUnknownHashAlgorithm, err)
return HashUnspecified, fmt.Errorf("%w: %w", ErrUnknownHash, err)
}
h := HashAlgorithm(u)
h := Hash(u)
switch h {
case HashAlgorithmSHA256,
HashAlgorithmSHA384,
HashAlgorithmSHA512,
HashAlgorithmShake256:
case HashSha2_224,
HashSha2_256,
HashSha2_384,
HashSha2_512,
HashSha3_224,
HashSha3_256,
HashSha3_384,
HashSha3_512,
HashSha512_224,
HashSha512_256,
HashBlake2s_256,
HashBlake2b_256,
HashBlake2b_384,
HashBlake2b_512,
HashShake_256,
HashKeccak256,
HashKeccak512:
return h, nil
default:
return HashAlgorithmUnspecified, fmt.Errorf("%w: %x", ErrUnknownHashAlgorithm, h)
return HashUnspecified, fmt.Errorf("%w: %x", ErrUnknownHash, h)
}
}
// PayloadEncoding specifies the encoding of the data being (hashed and)
// signed. A canonical representation of the data is required to produce
// consistent hashes and signatures.
type PayloadEncoding uint64
type PayloadEncoding int
// Constant multicodec.Code values that allow Varsig implementations to
// specify how the payload content is encoded before being hashed. In
// varsig >= v1, only canonical encoding is allowed.
// Constant values that allow Varsig implementations to specify how the
// payload content is encoded before being hashed.
// In varsig >= v1, only canonical encoding is allowed.
const (
PayloadEncodingUnspecified PayloadEncoding = 0x00
PayloadEncodingVerbatim PayloadEncoding = 0x5f
PayloadEncodingDAGPB = PayloadEncoding(multicodec.DagPb)
PayloadEncodingDAGCBOR = PayloadEncoding(multicodec.DagCbor)
PayloadEncodingDAGJSON = PayloadEncoding(multicodec.DagJson)
PayloadEncodingEIP191 = PayloadEncoding(multicodec.Eip191)
PayloadEncodingJWT PayloadEncoding = 0x6a77
PayloadEncodingUnspecified = PayloadEncoding(iota)
PayloadEncodingVerbatim
PayloadEncodingDAGPB
PayloadEncodingDAGCBOR
PayloadEncodingDAGJSON
PayloadEncodingEIP191Raw
PayloadEncodingEIP191Cbor
PayloadEncodingJWT
)
const (
encodingSegmentVerbatim = uint64(0x5f)
encodingSegmentDAGPB = uint64(0x70)
encodingSegmentDAGCBOR = uint64(0x71)
encodingSegmentDAGJSON = uint64(0x0129)
encodingSegmentEIP191 = uint64(0xe191)
encodingSegmentJWT = uint64(0x6a77)
)
// DecodePayloadEncoding reads and validates the expected canonical payload
// encoding of the data to be signed.
func DecodePayloadEncoding(r *bytes.Reader, vers Version) (PayloadEncoding, error) {
u, err := binary.ReadUvarint(r)
func DecodePayloadEncoding(r BytesReader, vers Version) (PayloadEncoding, error) {
seg1, err := binary.ReadUvarint(r)
if err != nil {
return PayloadEncodingUnspecified, fmt.Errorf("%w: %w", ErrUnsupportedPayloadEncoding, err)
}
payEnc := PayloadEncoding(u)
switch vers {
case Version0:
return decodeEncodingInfoV0(payEnc)
switch seg1 {
case encodingSegmentVerbatim:
return PayloadEncodingVerbatim, nil
case encodingSegmentDAGPB:
return PayloadEncodingDAGPB, nil
case encodingSegmentDAGCBOR:
return PayloadEncodingDAGCBOR, nil
case encodingSegmentDAGJSON:
return PayloadEncodingDAGJSON, nil
case encodingSegmentEIP191:
seg2, err := binary.ReadUvarint(r)
if err != nil {
return PayloadEncodingUnspecified, fmt.Errorf("%w: incomplete EIP191 encoding: %w", ErrUnsupportedPayloadEncoding, err)
}
switch seg2 {
case encodingSegmentVerbatim:
return PayloadEncodingEIP191Raw, nil
case encodingSegmentDAGCBOR:
return PayloadEncodingEIP191Cbor, nil
default:
return PayloadEncodingUnspecified, fmt.Errorf("%w: version=%d, encoding=%x+%x", ErrUnsupportedPayloadEncoding, vers, seg1, seg2)
}
case encodingSegmentJWT:
return PayloadEncodingJWT, nil
default:
return PayloadEncodingUnspecified, fmt.Errorf("%w: version=%d, encoding=%x", ErrUnsupportedPayloadEncoding, vers, seg1)
}
case Version1:
return decodeEncodingInfoV1(payEnc)
switch seg1 {
case encodingSegmentVerbatim:
return PayloadEncodingVerbatim, nil
case encodingSegmentDAGCBOR:
return PayloadEncodingDAGCBOR, nil
case encodingSegmentDAGJSON:
return PayloadEncodingDAGJSON, nil
case encodingSegmentEIP191:
seg2, err := binary.ReadUvarint(r)
if err != nil {
return PayloadEncodingUnspecified, fmt.Errorf("%w: incomplete EIP191 encoding: %w", ErrUnsupportedPayloadEncoding, err)
}
switch seg2 {
case encodingSegmentVerbatim:
return PayloadEncodingEIP191Raw, nil
case encodingSegmentDAGCBOR:
return PayloadEncodingEIP191Cbor, nil
default:
return PayloadEncodingUnspecified, fmt.Errorf("%w: version=%d, encoding=%x+%x", ErrUnsupportedPayloadEncoding, vers, seg1, seg2)
}
default:
return PayloadEncodingUnspecified, fmt.Errorf("%w: version=%d, encoding=%x", ErrUnsupportedPayloadEncoding, vers, seg1)
}
default:
return 0, ErrUnsupportedVersion
}
}
// https://github.com/ChainAgnostic/varsig#4-payload-encoding
func decodeEncodingInfoV0(payEnc PayloadEncoding) (PayloadEncoding, error) {
switch payEnc {
case PayloadEncodingVerbatim,
PayloadEncodingDAGPB,
PayloadEncodingDAGCBOR,
PayloadEncodingDAGJSON,
PayloadEncodingJWT,
PayloadEncodingEIP191:
return payEnc, nil
// EncodePayloadEncoding returns the PayloadEncoding as serialized bytes.
// If enc is not a valid PayloadEncoding, this function will panic.
func EncodePayloadEncoding(enc PayloadEncoding) []byte {
res := make([]byte, 0, 8)
switch enc {
case PayloadEncodingVerbatim:
res = binary.AppendUvarint(res, encodingSegmentVerbatim)
case PayloadEncodingDAGPB:
res = binary.AppendUvarint(res, encodingSegmentDAGPB)
case PayloadEncodingDAGCBOR:
res = binary.AppendUvarint(res, encodingSegmentDAGCBOR)
case PayloadEncodingDAGJSON:
res = binary.AppendUvarint(res, encodingSegmentDAGJSON)
case PayloadEncodingEIP191Raw:
res = binary.AppendUvarint(res, encodingSegmentEIP191)
res = binary.AppendUvarint(res, encodingSegmentVerbatim)
case PayloadEncodingEIP191Cbor:
res = binary.AppendUvarint(res, encodingSegmentEIP191)
res = binary.AppendUvarint(res, encodingSegmentDAGCBOR)
case PayloadEncodingJWT:
res = binary.AppendUvarint(res, encodingSegmentJWT)
default:
return PayloadEncodingUnspecified, fmt.Errorf("%w: version=%d, encoding=%x", ErrUnsupportedPayloadEncoding, Version0, payEnc)
panic(fmt.Sprintf("invalid encoding: %v", enc))
}
return res
}
// https://github.com/expede/varsig/blob/main/README.md#payload-encoding
func decodeEncodingInfoV1(payEnc PayloadEncoding) (PayloadEncoding, error) {
switch payEnc {
case PayloadEncodingVerbatim,
PayloadEncodingDAGCBOR,
PayloadEncodingDAGJSON,
PayloadEncodingEIP191:
return payEnc, nil
default:
return PayloadEncodingUnspecified, fmt.Errorf("%w: version=%d, encoding=%x", ErrUnsupportedPayloadEncoding, Version1, payEnc)
}
}
// Discriminator is (usually) the multicodec.Code representing the public
// key type of the algorithm used to create the signature.
// Discriminator is (usually) the value representing the public key type of
// the algorithm used to create the signature.
//
// There is not set list of constants here, nor is there a decode function
// There is no set list of constants here, nor is there a decode function
// as the author of an implementation should include the constant with the
// implementation, and the decoding is handled by the Handler, which uses
// the Discriminator to choose the correct implementation. Also note that

10
constant_test.go
View File

@@ -18,24 +18,24 @@ func TestDecodeHashAlgorithm(t *testing.T) {
hashAlg, err := varsig.DecodeHashAlgorithm(bytes.NewReader([]byte{0x12}))
require.NoError(t, err)
require.Equal(t, varsig.HashAlgorithmSHA256, hashAlg)
require.Equal(t, varsig.HashSha2_256, hashAlg)
})
t.Run("fails - truncated varsig (no bytes)", func(t *testing.T) {
t.Parallel()
hashAlg, err := varsig.DecodeHashAlgorithm(bytes.NewReader([]byte{}))
require.ErrorIs(t, err, varsig.ErrUnknownHashAlgorithm)
require.ErrorIs(t, err, varsig.ErrUnknownHash)
require.ErrorIs(t, err, io.EOF)
require.Equal(t, varsig.HashAlgorithmUnspecified, hashAlg)
require.Equal(t, varsig.HashUnspecified, hashAlg)
})
t.Run("fails - unknown hash algorithm", func(t *testing.T) {
t.Parallel()
hashAlg, err := varsig.DecodeHashAlgorithm(bytes.NewReader([]byte{0x42}))
require.ErrorIs(t, err, varsig.ErrUnknownHashAlgorithm)
require.Equal(t, varsig.HashAlgorithmUnspecified, hashAlg)
require.ErrorIs(t, err, varsig.ErrUnknownHash)
require.Equal(t, varsig.HashUnspecified, hashAlg)
})
}

158
ecdsa.go
View File

@@ -1,9 +1,155 @@
package varsig
// Stub
const (
DiscriminatorECDSASecp256k1 Discriminator = 0xe7
DiscriminatorECDSAP256 Discriminator = 0x1200
DiscriminatorECDSAP384 Discriminator = 0x1201
DiscriminatorECDSAP521 Discriminator = 0x1202
import (
"encoding/binary"
"fmt"
)
// DiscriminatorECDSA is the value specifying an ECDSA signature.
const DiscriminatorECDSA = Discriminator(0xec)
// ECDSACurve are values that specify which ECDSA curve is used when
// generating the signature.
type ECDSACurve uint64
// Constants describing the values for each specific ECDSA curve that can
// be encoded into a Varsig.
const (
CurveSecp256k1 = ECDSACurve(0xe7)
CurveP256 = ECDSACurve(0x1200)
CurveP384 = ECDSACurve(0x1201)
CurveP521 = ECDSACurve(0x1202)
)
func decodeECDSACurve(r BytesReader) (ECDSACurve, error) {
u, err := binary.ReadUvarint(r)
if err != nil {
return 0, err
}
switch curve := ECDSACurve(u); curve {
case CurveSecp256k1, CurveP256, CurveP384, CurveP521:
return curve, nil
default:
return 0, fmt.Errorf("%w: %x", ErrUnknownECDSACurve, u)
}
}
var _ Varsig = ECDSAVarsig{}
// ECDSAVarsig is a varsig that encodes the parameters required to describe
// an ECDSA signature.
type ECDSAVarsig struct {
varsig
curve ECDSACurve
hashAlg Hash
}
// NewECDSAVarsig creates and validates an ECDSA varsig with the provided
// curve, hash algorithm and payload encoding.
func NewECDSAVarsig(curve ECDSACurve, hashAlgorithm Hash, payloadEncoding PayloadEncoding, opts ...Option) (ECDSAVarsig, error) {
options := newOptions(opts...)
var (
vers = Version1
disc = DiscriminatorECDSA
sig []byte
)
if options.ForceVersion0() {
vers = Version0
disc = Discriminator(curve)
sig = options.Signature()
}
v := ECDSAVarsig{
varsig: varsig{
vers: vers,
disc: disc,
payEnc: payloadEncoding,
sig: sig,
},
curve: curve,
hashAlg: hashAlgorithm,
}
switch curve {
case CurveSecp256k1, CurveP256:
return validateSig(v, 64)
case CurveP384:
return validateSig(v, 96)
case CurveP521:
return validateSig(v, 132)
default:
return ECDSAVarsig{}, fmt.Errorf("%w: %x", ErrUnknownECDSACurve, curve)
}
}
// Curve returns the elliptic curve used to generate the ECDSA signature.
func (v ECDSAVarsig) Curve() ECDSACurve {
return v.curve
}
// Hash returns the value describing the hash algorithm used to hash
// the payload content before the signature is generated.
func (v ECDSAVarsig) Hash() Hash {
return v.hashAlg
}
// Encode returns the encoded byte format of the ECDSAVarsig.
func (v ECDSAVarsig) Encode() []byte {
buf := v.encode()
if v.vers != Version0 {
buf = binary.AppendUvarint(buf, uint64(v.curve))
}
buf = binary.AppendUvarint(buf, uint64(v.hashAlg))
buf = append(buf, EncodePayloadEncoding(v.payEnc)...)
buf = append(buf, v.Signature()...)
return buf
}
func decodeECDSA(r BytesReader, vers Version, disc Discriminator) (Varsig, error) {
curve := ECDSACurve(disc)
if vers != Version0 {
var err error
curve, err = decodeECDSACurve(r)
if err != nil {
return nil, err
}
}
hashAlg, err := DecodeHashAlgorithm(r)
if err != nil {
return nil, err
}
v := ECDSAVarsig{
varsig: varsig{
vers: vers,
disc: disc,
},
curve: curve,
hashAlg: hashAlg,
}
v.payEnc, v.sig, err = v.decodePayEncAndSig(r)
if err != nil {
return nil, err
}
switch curve {
case CurveSecp256k1, CurveP256:
return validateSig(v, 64)
case CurveP384:
return validateSig(v, 96)
case CurveP521:
return validateSig(v, 132)
default:
return ECDSAVarsig{}, fmt.Errorf("%w: %x", ErrUnknownECDSACurve, curve)
}
}

108
eddsa.go
View File

@@ -1,51 +1,59 @@
package varsig
import (
"bytes"
"crypto/ed25519"
"encoding/binary"
"github.com/multiformats/go-multicodec"
"fmt"
)
// Constants containing multicodec.Code values that specify EdDSA signatures.
const (
DiscriminatorEdDSA = Discriminator(multicodec.Ed25519Pub)
DiscriminatorEd25519 = Discriminator(multicodec.Ed25519Pub)
DiscriminatorEd448 = Discriminator(multicodec.Ed448Pub)
)
// DiscriminatorEdDSA is the value specifying an EdDSA signature.
const DiscriminatorEdDSA = Discriminator(0xed)
// EdDSACurve are multicodec.Code values that specify which Edwards curve
// is used when generating the signature.
// EdDSACurve are values that specify which Edwards curve is used when
// generating the signature.
type EdDSACurve uint64
// Constants describing the multicodec.Code for each specific Edwards
// curve that can be encoded into a Varsig.
// Constants describing the values for each specific Edwards curve that can
// be encoded into a Varsig.
const (
CurveEd25519 = EdDSACurve(multicodec.Ed25519Pub)
CurveEd448 = EdDSACurve(multicodec.Ed448Pub)
CurveEd25519 = EdDSACurve(0xed)
CurveEd448 = EdDSACurve(0x1203)
)
var _ Varsig = (*EdDSAVarsig)(nil)
func decodeEdDSACurve(r BytesReader) (EdDSACurve, error) {
u, err := binary.ReadUvarint(r)
if err != nil {
return 0, err
}
switch curve := EdDSACurve(u); curve {
case CurveEd25519, CurveEd448:
return curve, nil
default:
return 0, fmt.Errorf("%w: %x", ErrUnknownEdDSACurve, u)
}
}
var _ Varsig = EdDSAVarsig{}
// EdDSAVarsig is a varsig that encodes the parameters required to describe
// an EdDSA signature.
type EdDSAVarsig struct {
varsig[EdDSAVarsig]
varsig
curve EdDSACurve
hashAlg HashAlgorithm
hashAlg Hash
}
// NewEdDSAVarsig creates and validates an EdDSA varsig with the provided
// curve, hash algorithm and payload encoding.
func NewEdDSAVarsig(curve EdDSACurve, hashAlgorithm HashAlgorithm, payloadEncoding PayloadEncoding, opts ...Option) (*EdDSAVarsig, error) {
func NewEdDSAVarsig(curve EdDSACurve, hashAlgorithm Hash, payloadEncoding PayloadEncoding, opts ...Option) (EdDSAVarsig, error) {
options := newOptions(opts...)
var (
vers = Version1
disc = DiscriminatorEdDSA
sig = []byte{}
sig []byte
)
if options.ForceVersion0() {
@@ -54,8 +62,8 @@ func NewEdDSAVarsig(curve EdDSACurve, hashAlgorithm HashAlgorithm, payloadEncodi
sig = options.Signature()
}
v := &EdDSAVarsig{
varsig: varsig[EdDSAVarsig]{
v := EdDSAVarsig{
varsig: varsig{
vers: vers,
disc: disc,
payEnc: payloadEncoding,
@@ -65,17 +73,24 @@ func NewEdDSAVarsig(curve EdDSACurve, hashAlgorithm HashAlgorithm, payloadEncodi
hashAlg: hashAlgorithm,
}
return v.validateSig(v, ed25519.PrivateKeySize)
switch curve {
case CurveEd25519:
return validateSig(v, ed25519.SignatureSize)
case CurveEd448:
return validateSig(v, 114)
default:
return EdDSAVarsig{}, fmt.Errorf("%w: %x", ErrUnknownEdDSACurve, curve)
}
}
// Curve returns the Edwards curve used to generate the EdDSA signature.
func (v *EdDSAVarsig) Curve() EdDSACurve {
func (v EdDSAVarsig) Curve() EdDSACurve {
return v.curve
}
// HashAlgorithm returns the multicodec.Code describing the hash algorithm
// used to hash the payload content before the signature is generated.
func (v *EdDSAVarsig) HashAlgorithm() HashAlgorithm {
// Hash returns the value describing the hash algorithm used to hash
// the payload content before the signature is generated.
func (v EdDSAVarsig) Hash() Hash {
return v.hashAlg
}
@@ -88,37 +103,48 @@ func (v EdDSAVarsig) Encode() []byte {
}
buf = binary.AppendUvarint(buf, uint64(v.hashAlg))
buf = binary.AppendUvarint(buf, uint64(v.payEnc))
buf = append(buf, EncodePayloadEncoding(v.payEnc)...)
buf = append(buf, v.Signature()...)
return buf
}
func decodeEd25519(r *bytes.Reader, vers Version, disc Discriminator) (Varsig, error) {
curve := uint64(disc)
func decodeEdDSA(r BytesReader, vers Version, disc Discriminator) (Varsig, error) {
curve := EdDSACurve(disc)
if vers != Version0 {
u, err := binary.ReadUvarint(r)
var err error
curve, err = decodeEdDSACurve(r)
if err != nil {
return nil, err // TODO: wrap error?
return nil, err
}
curve = u
}
hashAlg, err := binary.ReadUvarint(r)
hashAlg, err := DecodeHashAlgorithm(r)
if err != nil {
return nil, err // TODO: wrap error?
return nil, err
}
v := &EdDSAVarsig{
varsig: varsig[EdDSAVarsig]{
v := EdDSAVarsig{
varsig: varsig{
vers: vers,
disc: disc,
},
curve: EdDSACurve(curve),
hashAlg: HashAlgorithm(hashAlg),
curve: curve,
hashAlg: hashAlg,
}
return v.decodePayEncAndSig(r, v, ed25519.PrivateKeySize)
v.payEnc, v.sig, err = v.decodePayEncAndSig(r)
if err != nil {
return nil, err
}
switch curve {
case CurveEd25519:
return validateSig(v, ed25519.SignatureSize)
case CurveEd448:
return validateSig(v, 114)
default:
return EdDSAVarsig{}, fmt.Errorf("%w: %x", ErrUnknownEdDSACurve, curve)
}
}

50
eddsa_test.go
View File

@@ -1,6 +1,7 @@
package varsig_test
import (
"encoding/base64"
"encoding/hex"
"testing"
@@ -31,14 +32,14 @@ func TestDecodeEd25519(t *testing.T) {
require.NoError(t, err)
require.NotNil(t, v)
assert.Equal(t, varsig.Version0, v.Version())
assert.Equal(t, varsig.DiscriminatorEd25519, v.Discriminator())
assert.Equal(t, varsig.DiscriminatorEdDSA, v.Discriminator())
assert.Equal(t, varsig.PayloadEncodingDAGCBOR, v.PayloadEncoding())
assert.Len(t, v.Signature(), 64)
impl, ok := v.(*varsig.EdDSAVarsig)
impl, ok := v.(varsig.EdDSAVarsig)
require.True(t, ok)
assert.Equal(t, varsig.CurveEd25519, impl.Curve())
assert.Equal(t, varsig.HashAlgorithmSHA512, impl.HashAlgorithm())
assert.Equal(t, varsig.HashSha2_512, impl.Hash())
})
t.Run("Encode", func(t *testing.T) {
@@ -46,7 +47,7 @@ func TestDecodeEd25519(t *testing.T) {
v, err := varsig.NewEdDSAVarsig(
varsig.CurveEd25519,
varsig.HashAlgorithmSHA512,
varsig.HashSha2_512,
varsig.PayloadEncodingDAGCBOR,
varsig.WithForceVersion0(sig),
)
@@ -56,3 +57,44 @@ func TestDecodeEd25519(t *testing.T) {
})
})
}
func TestUCANExampleV1(t *testing.T) {
t.Parallel()
// This test is the value shown in the UCAN v1.0.0 example, which is
// an EdDSA varsig = v1 with the Ed25519 curve, SHA2_256 hashing and
// DAG-CBOR content encoding.
example, err := base64.RawStdEncoding.DecodeString("NAHtAe0BE3E")
require.NoError(t, err)
t.Run("Decode", func(t *testing.T) {
t.Parallel()
v, err := varsig.Decode(example)
require.NoError(t, err)
ed25519V, ok := v.(varsig.EdDSAVarsig)
require.True(t, ok)
assert.Equal(t, varsig.Version1, ed25519V.Version())
assert.Equal(t, varsig.DiscriminatorEdDSA, ed25519V.Discriminator())
assert.Equal(t, varsig.CurveEd25519, ed25519V.Curve())
assert.Equal(t, varsig.HashSha2_512, ed25519V.Hash())
assert.Equal(t, varsig.PayloadEncodingDAGCBOR, ed25519V.PayloadEncoding())
assert.Len(t, ed25519V.Signature(), 0)
})
t.Run("Encode", func(t *testing.T) {
t.Parallel()
edDSAVarsig, err := varsig.NewEdDSAVarsig(
varsig.CurveEd25519,
varsig.HashSha2_512,
varsig.PayloadEncodingDAGCBOR,
)
require.NoError(t, err)
assert.Equal(t, example, edDSAVarsig.Encode())
t.Log(base64.RawStdEncoding.EncodeToString(edDSAVarsig.Encode()))
})
}

18
error.go
View File

@@ -13,7 +13,7 @@ var ErrMissingSignature = errors.New("missing signature expected in varsig v0")
var ErrNotYetImplemented = errors.New("not yet implemented")
// ErrUnexpectedSignaturePresent is returned when a signature is present
// in a varsig >= v1.
// in a varsig >= v1.
var ErrUnexpectedSignaturePresent = errors.New("unexpected signature present in varsig >= v1")
// ErrUnexpectedSignatureSize is returned when the length of the decoded
@@ -21,23 +21,31 @@ var ErrUnexpectedSignaturePresent = errors.New("unexpected signature present in
// signing algorithm or sent via a Varsig field.
var ErrUnexpectedSignatureSize = errors.New("unexpected signature size in varsig v0")
// ErrUnknownHashAlgoritm is returned when an unexpected value is provided
// ErrUnknownHash is returned when an unexpected value is provided
// while decoding the hashing algorithm.
var ErrUnknownHashAlgorithm = errors.New("unknown hash algorithm")
var ErrUnknownHash = errors.New("unknown hash algorithm")
// ErrUnsupportedPayloadEncoding is returned when an unexpected value is
// provided while decoding the payload encoding field. The allowed values
// for this field may vary based on the varsig version.
var ErrUnsupportedPayloadEncoding = errors.New("unsupported payload encoding")
// ErrUnknowndiscorith is returned when the Registry doesn't have a
// ErrUnknownDiscriminator is returned when the Registry doesn't have a
// parsing function for the decoded signing algorithm.
var ErrUnknownDiscriminator = errors.New("unknown signing algorithm")
// ErrUnknownEdDSACurve is returned when the decoded uvarint isn't either
// CurveEd25519 or CurveEd448.
var ErrUnknownEdDSACurve = errors.New("unknown Edwards curve")
// ErrUnknownECDSACurve is returned when the decoded uvarint isn't either
// CurveSecp256k1, CurveP256, CurveP384 or CurveP521.
var ErrUnknownECDSACurve = errors.New("unknown ECDSA curve")
// ErrUnsupportedVersion is returned when an unsupported varsig version
// field is present.
var ErrUnsupportedVersion = errors.New("unsupported version")
// ErrBadPrefix is returned when the prefix field contains a value other
// than 0x34 (encoded as a uvarint).
// than 0x34 (encoded as an uvarint).
var ErrBadPrefix = errors.New("varsig prefix not found")

9
go.mod
View File

@@ -1,11 +1,10 @@
module github.com/ucan-wg/go-varsig
go 1.24.4
go 1.23.10
require (
github.com/multiformats/go-multicodec v0.9.2
github.com/stretchr/testify v1.10.0
)
toolchain go1.24.4
require github.com/stretchr/testify v1.10.0
require (
github.com/davecgh/go-spew v1.1.1 // indirect

2
go.sum
View File

@@ -6,8 +6,6 @@ github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/renameio v0.1.0 h1:GOZbcHa3HfsPKPlmyPyN2KEohoMXOhdMbHrvbpl2QaA=
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
github.com/multiformats/go-multicodec v0.9.2 h1:YrlXCuqxjqm3bXl+vBq5LKz5pz4mvAsugdqy78k0pXQ=
github.com/multiformats/go-multicodec v0.9.2/go.mod h1:LLWNMtyV5ithSBUo3vFIMaeDy+h3EbkMTek1m+Fybbo=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=

25
registry.go
View File

@@ -6,11 +6,11 @@ import (
"fmt"
)
// Version represents which version of the vasig specification was used
// Version represents which version of the varsig specification was used
// to produce Varsig value.
type Version uint64
// Constancts for the existing varsig specifications
// Constants for the existing varsig specifications
const (
Version0 Version = 0
Version1 Version = 1
@@ -18,9 +18,9 @@ const (
// DecodeFunc is a function that parses the varsig representing a specific
// signing algorithm.
type DecodeFunc func(*bytes.Reader, Version, Discriminator) (Varsig, error)
type DecodeFunc func(BytesReader, Version, Discriminator) (Varsig, error)
// Registry contains a mapping between known signing algorithms, and
// Registry contains a mapping between known signing algorithms and
// functions that can parse varsigs for that signing algorithm.
type Registry map[Discriminator]DecodeFunc
@@ -28,12 +28,9 @@ type Registry map[Discriminator]DecodeFunc
// signing algorithms which have an implementation within this library.
func DefaultRegistry() Registry {
return map[Discriminator]DecodeFunc{
DiscriminatorRSA: decodeRSA,
DiscriminatorEdDSA: decodeEd25519,
DiscriminatorEd448: decodeEd25519,
DiscriminatorECDSAP256: notYetImplementedVarsigDecoder,
DiscriminatorECDSASecp256k1: notYetImplementedVarsigDecoder,
DiscriminatorECDSAP521: notYetImplementedVarsigDecoder,
DiscriminatorRSA: decodeRSA,
DiscriminatorEdDSA: decodeEdDSA,
DiscriminatorECDSA: decodeECDSA,
}
}
@@ -56,7 +53,7 @@ func (rs Registry) Decode(data []byte) (Varsig, error) {
// DecodeStream converts data read from the provided io.Reader into one
// of the registered Varsig types.
func (rs Registry) DecodeStream(r *bytes.Reader) (Varsig, error) {
func (rs Registry) DecodeStream(r BytesReader) (Varsig, error) {
pre, err := binary.ReadUvarint(r)
if err != nil {
return nil, fmt.Errorf("%w: %w", ErrBadPrefix, err)
@@ -79,7 +76,7 @@ func (rs Registry) DecodeStream(r *bytes.Reader) (Varsig, error) {
return decodeFunc(r, vers, disc)
}
func (rs Registry) decodeVersAnddisc(r *bytes.Reader) (Version, Discriminator, error) {
func (rs Registry) decodeVersAnddisc(r BytesReader) (Version, Discriminator, error) {
vers, err := binary.ReadUvarint(r)
if err != nil {
return Version(vers), 0, err
@@ -97,7 +94,3 @@ func (rs Registry) decodeVersAnddisc(r *bytes.Reader) (Version, Discriminator, e
return Version(vers), Discriminator(disc), err
}
func notYetImplementedVarsigDecoder(_ *bytes.Reader, vers Version, disc Discriminator) (Varsig, error) {
return nil, fmt.Errorf("%w: Version: %d, Discriminator: %x", ErrNotYetImplemented, vers, disc)
}

14
registry_test.go
View File

@@ -61,7 +61,7 @@ func testRegistry(t *testing.T) varsig.Registry {
func testDecodeFunc(t *testing.T) varsig.DecodeFunc {
t.Helper()
return func(r *bytes.Reader, vers varsig.Version, disc varsig.Discriminator) (varsig.Varsig, error) {
return func(r varsig.BytesReader, vers varsig.Version, disc varsig.Discriminator) (varsig.Varsig, error) {
v := &testVarsig{
vers: vers,
disc: disc,
@@ -71,7 +71,7 @@ func testDecodeFunc(t *testing.T) varsig.DecodeFunc {
}
}
var _ varsig.Varsig = (*testVarsig)(nil)
var _ varsig.Varsig = testVarsig{}
type testVarsig struct {
vers varsig.Version
@@ -80,22 +80,22 @@ type testVarsig struct {
sig []byte
}
func (v *testVarsig) Version() varsig.Version {
func (v testVarsig) Version() varsig.Version {
return v.vers
}
func (v *testVarsig) Discriminator() varsig.Discriminator {
func (v testVarsig) Discriminator() varsig.Discriminator {
return v.disc
}
func (v *testVarsig) PayloadEncoding() varsig.PayloadEncoding {
func (v testVarsig) PayloadEncoding() varsig.PayloadEncoding {
return v.payEnc
}
func (v *testVarsig) Signature() []byte {
func (v testVarsig) Signature() []byte {
return v.sig
}
func (v *testVarsig) Encode() []byte {
func (v testVarsig) Encode() []byte {
return nil
}

47
rsa.go
View File

@@ -1,33 +1,30 @@
package varsig
import (
"bytes"
"encoding/binary"
"github.com/multiformats/go-multicodec"
)
// DiscriminatorRSA is the multicodec.Code specifying an RSA signature.
const DiscriminatorRSA = Discriminator(multicodec.RsaPub)
// DiscriminatorRSA is the value specifying an RSA signature.
const DiscriminatorRSA = Discriminator(0x1205)
var _ Varsig = (*RSAVarsig)(nil)
var _ Varsig = RSAVarsig{}
// RSAVarsig is a varsig that encodes the parameters required to describe
// an RSA signature.
type RSAVarsig struct {
varsig[RSAVarsig]
hashAlg HashAlgorithm
varsig
hashAlg Hash
sigLen uint64
}
// NewRSAVarsig creates and validates an RSA varsig with the provided
// hash algorithm, key length and payload encoding.
func NewRSAVarsig(hashAlgorithm HashAlgorithm, keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (*RSAVarsig, error) {
func NewRSAVarsig(hashAlgorithm Hash, keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (RSAVarsig, error) {
options := newOptions(opts...)
var (
vers = Version1
sig = []byte{}
sig []byte
)
if options.ForceVersion0() {
@@ -35,8 +32,8 @@ func NewRSAVarsig(hashAlgorithm HashAlgorithm, keyLength uint64, payloadEncoding
sig = options.Signature()
}
v := &RSAVarsig{
varsig: varsig[RSAVarsig]{
v := RSAVarsig{
varsig: varsig{
vers: vers,
disc: DiscriminatorRSA,
payEnc: payloadEncoding,
@@ -46,7 +43,7 @@ func NewRSAVarsig(hashAlgorithm HashAlgorithm, keyLength uint64, payloadEncoding
sigLen: keyLength,
}
return v.validateSig(v, v.sigLen)
return validateSig(v, v.sigLen)
}
// Encode returns the encoded byte format of the RSAVarsig.
@@ -54,24 +51,25 @@ func (v RSAVarsig) Encode() []byte {
buf := v.encode()
buf = binary.AppendUvarint(buf, uint64(v.hashAlg))
buf = binary.AppendUvarint(buf, v.sigLen)
buf = binary.AppendUvarint(buf, uint64(v.payEnc))
buf = append(buf, EncodePayloadEncoding(v.payEnc)...)
buf = append(buf, v.Signature()...)
return buf
}
// HashAlgorithm returns the hash algorithm used to has the payload content.
func (v *RSAVarsig) HashAlgorithm() HashAlgorithm {
// Hash returns the value describing the hash algorithm used to hash
// the payload content before the signature is generated.
func (v RSAVarsig) Hash() Hash {
return v.hashAlg
}
// KeyLength returns the length of the RSA key used to sign the payload
// content.
func (v *RSAVarsig) KeyLength() uint64 {
func (v RSAVarsig) KeyLength() uint64 {
return v.sigLen
}
func decodeRSA(r *bytes.Reader, vers Version, disc Discriminator) (Varsig, error) {
func decodeRSA(r BytesReader, vers Version, disc Discriminator) (Varsig, error) {
hashAlg, err := DecodeHashAlgorithm(r)
if err != nil {
return nil, err
@@ -82,14 +80,19 @@ func decodeRSA(r *bytes.Reader, vers Version, disc Discriminator) (Varsig, error
return nil, err
}
vs := &RSAVarsig{
varsig: varsig[RSAVarsig]{
vs := RSAVarsig{
varsig: varsig{
vers: vers,
disc: disc,
},
hashAlg: HashAlgorithm(hashAlg),
hashAlg: hashAlg,
sigLen: sigLen,
}
return vs.decodePayEncAndSig(r, vs, sigLen)
vs.payEnc, vs.sig, err = vs.decodePayEncAndSig(r)
if err != nil {
return nil, err
}
return validateSig(vs, vs.sigLen)
}

14
rsa_test.go
View File

@@ -26,12 +26,12 @@ func TestRSAVarsig(t *testing.T) {
vs, err := varsig.Decode(example)
require.NoError(t, err)
rsaVs, ok := vs.(*varsig.RSAVarsig)
rsaVs, ok := vs.(varsig.RSAVarsig)
require.True(t, ok)
assert.Equal(t, varsig.Version1, rsaVs.Version())
assert.Equal(t, varsig.DiscriminatorRSA, rsaVs.Discriminator())
assert.Equal(t, varsig.HashAlgorithmSHA256, rsaVs.HashAlgorithm())
assert.Equal(t, varsig.HashSha2_256, rsaVs.Hash())
assert.Equal(t, varsig.PayloadEncodingDAGCBOR, rsaVs.PayloadEncoding())
assert.Equal(t, uint64(keyLen), rsaVs.KeyLength())
assert.Len(t, rsaVs.Signature(), 0)
@@ -41,7 +41,7 @@ func TestRSAVarsig(t *testing.T) {
t.Parallel()
rsaVarsig, err := varsig.NewRSAVarsig(
varsig.HashAlgorithmSHA256,
varsig.HashSha2_256,
keyLen,
varsig.PayloadEncodingDAGCBOR,
)
@@ -52,7 +52,7 @@ func TestRSAVarsig(t *testing.T) {
})
}
func TestUCANExample(t *testing.T) {
func TestUCANExampleV0(t *testing.T) {
t.Parallel()
const keyLen = 0x100
@@ -69,12 +69,12 @@ func TestUCANExample(t *testing.T) {
vs, err := varsig.Decode(example)
require.ErrorIs(t, err, varsig.ErrMissingSignature)
rsaVs, ok := vs.(*varsig.RSAVarsig)
rsaVs, ok := vs.(varsig.RSAVarsig)
require.True(t, ok)
assert.Equal(t, varsig.Version0, rsaVs.Version())
assert.Equal(t, varsig.DiscriminatorRSA, rsaVs.Discriminator())
assert.Equal(t, varsig.HashAlgorithmSHA256, rsaVs.HashAlgorithm())
assert.Equal(t, varsig.HashSha2_256, rsaVs.Hash())
assert.Equal(t, varsig.PayloadEncodingDAGCBOR, rsaVs.PayloadEncoding())
assert.Equal(t, uint64(keyLen), rsaVs.KeyLength())
assert.Len(t, rsaVs.Signature(), 0)
@@ -84,7 +84,7 @@ func TestUCANExample(t *testing.T) {
t.Parallel()
rsaVarsig, err := varsig.NewRSAVarsig(
varsig.HashAlgorithmSHA256,
varsig.HashSha2_256,
keyLen,
varsig.PayloadEncodingDAGCBOR,
varsig.WithForceVersion0([]byte{}),

87
varsig.go
View File

@@ -19,21 +19,29 @@
package varsig
import (
"bytes"
"encoding/binary"
"errors"
"io"
)
// Varsig represents types that describe how a signature was generated
// and thus how to interpret the signature and verify the signed data.
type Varsig interface {
// accessors for fields that are common to all varsig
// Version returns the varsig's version field.
Version() Version
// Discriminator returns the algorithm used to produce the corresponding signature.
Discriminator() Discriminator
// PayloadEncoding returns the codec that was used to encode the signed data.
PayloadEncoding() PayloadEncoding
// Signature returns the cryptographic signature of the signed data.
// This value is never present in a varsig >= v1 and must either be a valid
// signature with the correct length or empty in varsig < v1.
Signature() []byte
// Operations that are common to all varsig
// Encode returns the encoded byte format of the varsig.
Encode() []byte
}
@@ -45,11 +53,11 @@ func Decode(data []byte) (Varsig, error) {
// DecodeStream converts data read from the provided io.Reader into one
// of the Varsig types provided by the DefaultRegistry.
func DecodeStream(r *bytes.Reader) (Varsig, error) {
func DecodeStream(r BytesReader) (Varsig, error) {
return DefaultRegistry().DecodeStream(r)
}
type varsig[T Varsig] struct {
type varsig struct {
vers Version
disc Discriminator
payEnc PayloadEncoding
@@ -57,31 +65,34 @@ type varsig[T Varsig] struct {
}
// Version returns the varsig's version field.
func (v varsig[_]) Version() Version {
func (v varsig) Version() Version {
return v.vers
}
// Discriminator returns the algorithm used to produce corresponding
// Discriminator returns the algorithm used to produce the corresponding
// signature.
func (v varsig[_]) Discriminator() Discriminator {
func (v varsig) Discriminator() Discriminator {
return v.disc
}
// PayloadEncoding returns the codec that was used to encode the signed
// data.
func (v varsig[_]) PayloadEncoding() PayloadEncoding {
func (v varsig) PayloadEncoding() PayloadEncoding {
return v.payEnc
}
// Signature returns the cryptographic signature of the signed data. This
// value is never present in a varsig >= v1 and must either be a valid
// signature with the correct length or empty in varsig < v1.
func (v varsig[_]) Signature() []byte {
func (v varsig) Signature() []byte {
return v.sig
}
func (v *varsig[_]) encode() []byte {
var buf []byte
func (v varsig) encode() []byte {
// Pre-allocate to the maximum size to avoid re-allocating.
// I think the maximum is 10 bytes, but it's all the same for go to allocate 16 (due to the small
// size allocation class), so we might as well get some headroom for bigger varints.
buf := make([]byte, 0, 16)
buf = binary.AppendUvarint(buf, Prefix)
@@ -94,37 +105,51 @@ func (v *varsig[_]) encode() []byte {
return buf
}
func (v *varsig[T]) decodePayEncAndSig(r *bytes.Reader, varsig *T, expectedLength uint64) (*T, error) {
func (v varsig) decodePayEncAndSig(r BytesReader) (PayloadEncoding, []byte, error) {
payEnc, err := DecodePayloadEncoding(r, v.Version())
if err != nil {
return nil, err
return 0, nil, err
}
v.payEnc = payEnc
signature, err := io.ReadAll(r)
if err != nil {
return nil, err
var signature []byte
switch v.Version() {
case Version0:
signature, err = io.ReadAll(r)
if err != nil {
return 0, nil, err
}
case Version1:
_, err := r.ReadByte()
if err != nil && !errors.Is(err, io.EOF) {
return 0, nil, err
}
if err == nil {
return 0, nil, ErrUnexpectedSignaturePresent
}
default:
return 0, nil, ErrUnsupportedVersion
}
v.sig = signature
return v.validateSig(varsig, expectedLength)
return payEnc, signature, nil
}
func (v *varsig[T]) validateSig(varsig *T, expectedLength uint64) (*T, error) {
if v.Version() == Version0 && len(v.sig) == 0 {
return varsig, ErrMissingSignature
func validateSig[T Varsig](v T, expectedLength uint64) (T, error) {
if v.Version() == Version0 && len(v.Signature()) == 0 {
return v, ErrMissingSignature
}
if v.Version() == Version0 && uint64(len(v.sig)) != expectedLength {
return nil, ErrUnexpectedSignatureSize
if v.Version() == Version0 && uint64(len(v.Signature())) != expectedLength {
return *new(T), ErrUnexpectedSignatureSize
}
if v.Version() == Version1 && len(v.sig) != 0 {
return nil, ErrUnexpectedSignaturePresent
if v.Version() == Version1 && len(v.Signature()) != 0 {
return *new(T), ErrUnexpectedSignaturePresent
}
return varsig, nil
return v, nil
}
type BytesReader interface {
io.ByteReader
io.Reader
}

32
varsig_test.go
View File

@@ -2,7 +2,6 @@ package varsig_test
import (
"encoding/hex"
"errors"
"io"
"testing"
@@ -133,7 +132,7 @@ func TestDecode(t *testing.T) {
vs, err := varsig.Decode(data)
require.ErrorIs(t, err, varsig.ErrUnexpectedSignatureSize)
assert.Nil(t, vs)
assert.Zero(t, vs)
})
t.Run("fails - unexpected signature present - v1", func(t *testing.T) {
@@ -157,32 +156,3 @@ func TestDecode(t *testing.T) {
assert.NotNil(t, vs) // varsig is still returned with just "header"
})
}
func mustVarsig[T varsig.Varsig](t *testing.T) func(*T, error) *T {
t.Helper()
return func(v *T, err error) *T {
if err != nil && ((*v).Version() != varsig.Version0 || !errors.Is(err, varsig.ErrMissingSignature)) {
t.Error(err)
}
return v
}
}
func roundTrip[T varsig.Varsig](t *testing.T, in T, expEncHex string) T {
data := in.Encode()
assert.Equal(t, expEncHex, hex.EncodeToString(data))
out, err := varsig.Decode(in.Encode())
if err != nil && (out.Version() != varsig.Version0 || !errors.Is(err, varsig.ErrMissingSignature)) {
t.Fail()
}
assert.Equal(t, in.Version(), out.Version())
assert.Equal(t, in.Discriminator(), out.Discriminator())
assert.Equal(t, in.PayloadEncoding(), out.PayloadEncoding())
assert.Equal(t, in.Signature(), out.Signature())
return out.(T)
}