Expose the hash on all varsig

perf(constants): avoid allocating a map for each Decode*() call

.github/workflows/pre-commit.yaml

@@ -1,9 +1,7 @@
 name: pre-commit
 
 on:
-  pull_request:
   push:
-    # branches: [main]
 
 jobs:
   pre-commit:

README.md

@@ -1,13 +1,12 @@
 # go-varsig
 
-`go-varsig` implements the upcoming v1.0.0 release of the [`varsig` specification](https://github.com/ChainAgnostic/varsig/pull/18)
-with limited (and soon to be deprecated) support for the `varsig` < v1.0
-specification.  This is predominatly included to support the UCAN v1.0
-use-case.
+`go-varsig` is a go implementation of the [`varsig` specification](https://github.com/ChainAgnostic/varsig).
+
+Built with ❤️ by [Consensys](https://consensys.io/).
 
 ## Usage
 
-Include the `go-varsig` library  by running the following command:
+Include the `go-varsig` library by running the following command:
 
 ```bash
 go get github.com/ucan-wg/go-varsig@latest
@@ -29,7 +28,7 @@ asdf install
 
 ### Checks
 
-This repository contains an set of pre-commit hooks that are run prior to
+This repository contains a set of pre-commit hooks that are run prior to
 each `git commit`.  You can also run these checks manually using the
 following command:
 
@@ -49,8 +48,15 @@ simulate the `docker` daemon:
 export DOCKER_HOST=unix:///var/run/podman/podman.sock
 ```
 
-Since there's only one workflow, the simplest command to test it is:
+The simplest command to test it is:
 
 ```bash
 act
 ```
+
+## License
+
+This project is dual-licensed under Apache 2.0 and MIT terms:
+
+- Apache License, Version 2.0, ([LICENSE-APACHE](https://github.com/ucan-wg/go-varsig/blob/master/LICENSE-APACHE-2.0) or http://www.apache.org/licenses/LICENSE-2.0)
+- MIT license ([LICENSE-MIT](https://github.com/ucan-wg/go-varsig/blob/master/LICENSE-MIT) or http://opensource.org/licenses/MIT)

common.go

@@ -1,41 +1,73 @@
 package varsig
 
-// Ed25519 produces a varsig that describes the associated algorithm defined
-// by the [IANA JOSE specification].
-//
+import "fmt"
+
 // [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
-func Ed25519(payloadEncoding PayloadEncoding, opts ...Option) (*EdDSAVarsig, error) {
-	return NewEdDSAVarsig(CurveEd25519, HashAlgorithmSHA512, payloadEncoding, opts...)
+
+// Ed25519 produces a varsig for EdDSA using the Ed25519 curve.
+// This algorithm is defined in [IANA JOSE specification].
+func Ed25519(payloadEncoding PayloadEncoding) EdDSAVarsig {
+	return NewEdDSAVarsig(CurveEd25519, HashSha2_512, payloadEncoding)
 }
 
-// Ed448 produces a varsig that describes the associated algorithm defined
-// by the [IANA JOSE specification].
-//
-// [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
-func Ed448(payloadEncoding PayloadEncoding, opts ...Option) (*EdDSAVarsig, error) {
-	return NewEdDSAVarsig(CurveEd448, HashAlgorithmShake256, payloadEncoding, opts...)
+// Ed448 produces a varsig for EdDSA using the Ed448 curve.
+// This algorithm is defined in [IANA JOSE specification].
+func Ed448(payloadEncoding PayloadEncoding) EdDSAVarsig {
+	return NewEdDSAVarsig(CurveEd448, HashShake_256, payloadEncoding)
 }
 
-// RS256 produces a varsig that describes the associated algorithm defined
-// by the [IANA JOSE specification].
-//
-// [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
-func RS256(keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (*RSAVarsig, error) {
-	return NewRSAVarsig(HashAlgorithmSHA256, keyLength, payloadEncoding, opts...)
+// RS256 produces a varsig for RSASSA-PKCS1-v1_5 using SHA-256.
+// This algorithm is defined in [IANA JOSE specification].
+func RS256(keyLength uint64, payloadEncoding PayloadEncoding) RSAVarsig {
+	return NewRSAVarsig(HashSha2_256, keyLength, payloadEncoding)
 }
 
-// RS384 produces a varsig that describes the associated algorithm defined
-// by the [IANA JOSE specification].
-//
-// [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
-func RS384(keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (*RSAVarsig, error) {
-	return NewRSAVarsig(HashAlgorithmSHA384, keyLength, payloadEncoding, opts...)
+// RS384 produces a varsig for RSASSA-PKCS1-v1_5 using SHA-384.
+// This algorithm is defined in [IANA JOSE specification].
+func RS384(keyLength uint64, payloadEncoding PayloadEncoding) RSAVarsig {
+	return NewRSAVarsig(HashSha2_384, keyLength, payloadEncoding)
 }
 
-// RS512 produces a varsig that describes the associated algorithm defined
-// by the [IANA JOSE specification].
-//
-// [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
-func RS512(keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (*RSAVarsig, error) {
-	return NewRSAVarsig(HashAlgorithmSHA512, keyLength, payloadEncoding, opts...)
+// RS512 produces a varsig for RSASSA-PKCS1-v1_5 using SHA-512.
+// This algorithm is defined in [IANA JOSE specification].
+func RS512(keyLength uint64, payloadEncoding PayloadEncoding) RSAVarsig {
+	return NewRSAVarsig(HashSha2_512, keyLength, payloadEncoding)
+}
+
+// ES256 produces a varsig for ECDSA using P-256 and SHA-256.
+// This algorithm is defined in [IANA JOSE specification].
+func ES256(payloadEncoding PayloadEncoding) ECDSAVarsig {
+	return NewECDSAVarsig(CurveP256, HashSha2_256, payloadEncoding)
+}
+
+// ES256K produces a varsig for ECDSA using secp256k1 curve and SHA-256.
+// This algorithm is defined in [IANA JOSE specification].
+func ES256K(payloadEncoding PayloadEncoding) ECDSAVarsig {
+	return NewECDSAVarsig(CurveSecp256k1, HashSha2_256, payloadEncoding)
+}
+
+// ES384 produces a varsig for ECDSA using P-384 and SHA-384.
+// This algorithm is defined in [IANA JOSE specification].
+func ES384(payloadEncoding PayloadEncoding) ECDSAVarsig {
+	return NewECDSAVarsig(CurveP384, HashSha2_384, payloadEncoding)
+}
+
+// ES512 produces a varsig for ECDSA using P-521 and SHA-512.
+// This algorithm is defined in [IANA JOSE specification].
+func ES512(payloadEncoding PayloadEncoding) ECDSAVarsig {
+	return NewECDSAVarsig(CurveP521, HashSha2_512, payloadEncoding)
+}
+
+// EIP191 produces a varsig for ECDSA using the Secp256k1 curve, Keccak256 and encoded
+// with the "personal_sign" format defined by [EIP191].
+// payloadEncoding must be either PayloadEncodingEIP191Raw or PayloadEncodingEIP191Cbor.
+// [EIP191]: https://eips.ethereum.org/EIPS/eip-191
+func EIP191(payloadEncoding PayloadEncoding) (ECDSAVarsig, error) {
+	switch payloadEncoding {
+	case PayloadEncodingEIP191Raw, PayloadEncodingEIP191Cbor:
+	default:
+		return ECDSAVarsig{}, fmt.Errorf("%w for EIP191: %v", ErrUnsupportedPayloadEncoding, payloadEncoding)
+	}
+
+	return NewECDSAVarsig(CurveSecp256k1, HashKeccak_256, payloadEncoding), nil
 }

common_test.go

@@ -1,63 +1,146 @@
 package varsig_test
 
 import (
+	"encoding/hex"
 	"testing"
 
-	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 
 	"github.com/ucan-wg/go-varsig"
 )
 
-func TestEd25519(t *testing.T) {
-	t.Parallel()
+func TestRoundTrip(t *testing.T) {
+	for _, tc := range []struct {
+		name      string
+		varsig    varsig.Varsig
+		dataHex   string
+		dataBytes []byte
+	}{
+		// Arbitrary use of presets
+		{
+			name:    "Ed25519",
+			varsig:  varsig.Ed25519(varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401ed01ed011371",
+		},
+		{
+			name:    "Ed448",
+			varsig:  varsig.Ed448(varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401ed0183241971",
+		},
+		{
+			name:    "RS256",
+			varsig:  varsig.RS256(0x100, varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401852412800271",
+		},
+		{
+			name:    "RS384",
+			varsig:  varsig.RS384(0x100, varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401852420800271",
+		},
+		{
+			name:    "RS512",
+			varsig:  varsig.RS512(0x100, varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401852413800271",
+		},
+		{
+			name:    "ES256",
+			varsig:  varsig.ES256(varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401ec0180241271",
+		},
+		{
+			name:    "ES256K",
+			varsig:  varsig.ES256K(varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401ec01e7011271",
+		},
+		{
+			name:    "ES384",
+			varsig:  varsig.ES384(varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401ec0181242071",
+		},
+		{
+			name:    "ES512",
+			varsig:  varsig.ES512(varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401ec0182241371",
+		},
+		{
+			name:    "EIP191",
+			varsig:  must(varsig.EIP191(varsig.PayloadEncodingEIP191Raw)),
+			dataHex: "3401ec01e7011b91c3035f",
+		},
 
-	in := mustVarsig[varsig.EdDSAVarsig](t)(varsig.Ed25519(varsig.PayloadEncodingDAGCBOR))
-	out := roundTrip(t, in, "3401ed01ed011371")
-	assertEdDSAEqual(t, in, out)
+		// from https://github.com/hugomrdias/iso-repo/blob/main/packages/iso-ucan/test/varsig.test.js
+		{
+			name:      "RS256+RAW",
+			varsig:    varsig.RS256(256, varsig.PayloadEncodingVerbatim),
+			dataBytes: []byte{52, 1, 133, 36, 18, 128, 2, 95},
+		},
+		{
+			name:      "ES256+RAW",
+			varsig:    varsig.ES256(varsig.PayloadEncodingVerbatim),
+			dataBytes: []byte{52, 1, 236, 1, 128, 36, 18, 95},
+		},
+		{
+			name:      "ES512+RAW",
+			varsig:    varsig.ES512(varsig.PayloadEncodingVerbatim),
+			dataBytes: []byte{52, 1, 236, 1, 130, 36, 19, 95},
+		},
+		{
+			name:      "ES256K+RAW",
+			varsig:    varsig.ES256K(varsig.PayloadEncodingVerbatim),
+			dataBytes: []byte{52, 1, 236, 1, 231, 1, 18, 95},
+		},
+		{
+			name:      "EIP191+RAW",
+			varsig:    must(varsig.EIP191(varsig.PayloadEncodingEIP191Raw)),
+			dataBytes: []byte{52, 1, 236, 1, 231, 1, 27, 145, 195, 3, 95},
+		},
+		{
+			name:      "EIP191+DAG-CBOR",
+			varsig:    must(varsig.EIP191(varsig.PayloadEncodingEIP191Cbor)),
+			dataBytes: []byte{52, 1, 236, 1, 231, 1, 27, 145, 195, 3, 113},
+		},
+	} {
+		t.Run(tc.name, func(t *testing.T) {
+			// round-trip encode and back
+			data := tc.varsig.Encode()
+
+			if tc.dataBytes != nil {
+				require.Equal(t, tc.dataBytes, data)
+			}
+			if tc.dataHex != "" {
+				require.Equal(t, tc.dataHex, hex.EncodeToString(data))
+			}
+
+			rt, err := varsig.Decode(data)
+			require.NoError(t, err)
+
+			require.Equal(t, tc.varsig.Version(), rt.Version())
+			require.Equal(t, tc.varsig.Discriminator(), rt.Discriminator())
+			require.Equal(t, tc.varsig.PayloadEncoding(), rt.PayloadEncoding())
+
+			switch vs := tc.varsig.(type) {
+			case varsig.EdDSAVarsig:
+				rt := rt.(varsig.EdDSAVarsig)
+				require.Equal(t, vs.Curve(), rt.Curve())
+				require.Equal(t, vs.Hash(), rt.Hash())
+			case varsig.ECDSAVarsig:
+				rt := rt.(varsig.ECDSAVarsig)
+				require.Equal(t, vs.Curve(), rt.Curve())
+				require.Equal(t, vs.Hash(), rt.Hash())
+			case varsig.RSAVarsig:
+				rt := rt.(varsig.RSAVarsig)
+				require.Equal(t, vs.Hash(), rt.Hash())
+				require.Equal(t, vs.KeyLength(), rt.KeyLength())
+			default:
+				t.Fatalf("unexpected varsig type: %T", vs)
+			}
+		})
+	}
 }
 
-func TestEd448(t *testing.T) {
-	t.Parallel()
-
-	in := mustVarsig[varsig.EdDSAVarsig](t)(varsig.Ed448(varsig.PayloadEncodingDAGCBOR))
-	out := roundTrip(t, in, "3401ed0183241971")
-	assertEdDSAEqual(t, in, out)
-}
-
-func TestRS256(t *testing.T) {
-	t.Parallel()
-
-	in := mustVarsig[varsig.RSAVarsig](t)(varsig.RS256(0x100, varsig.PayloadEncodingDAGCBOR))
-	out := roundTrip(t, in, "3401852412800271")
-	assertRSAEqual(t, in, out)
-}
-
-func TestRS384(t *testing.T) {
-	t.Parallel()
-
-	in := mustVarsig[varsig.RSAVarsig](t)(varsig.RS384(0x100, varsig.PayloadEncodingDAGCBOR))
-	out := roundTrip(t, in, "3401852420800271")
-	assertRSAEqual(t, in, out)
-}
-
-func TestRS512(t *testing.T) {
-	t.Parallel()
-
-	in := mustVarsig[varsig.RSAVarsig](t)(varsig.RS512(0x100, varsig.PayloadEncodingDAGCBOR))
-	out := roundTrip(t, in, "3401852413800271")
-	assertRSAEqual(t, in, out)
-}
-
-func assertEdDSAEqual(t *testing.T, in, out *varsig.EdDSAVarsig) {
-	t.Helper()
-
-	assert.Equal(t, in.Curve(), out.Curve())
-	assert.Equal(t, in.HashAlgorithm(), out.HashAlgorithm())
-}
-
-func assertRSAEqual(t *testing.T, in, out *varsig.RSAVarsig) {
-	t.Helper()
-
-	assert.Equal(t, in.HashAlgorithm(), out.HashAlgorithm())
-	assert.Equal(t, in.KeyLength(), out.KeyLength())
+func must[T any](v T, err error) T {
+	if err != nil {
+		panic(err)
+	}
+	return v
 }

constant.go

@@ -1,122 +1,182 @@
 package varsig
 
 import (
-	"bytes"
 	"encoding/binary"
 	"fmt"
-
-	"github.com/multiformats/go-multicodec"
 )
 
-// Prefix is the multicodec.Code for the varsig's varuint prefix byte.
-const Prefix = uint64(multicodec.Varsig)
+// Prefix is the value for the varsig's varuint prefix byte.
+const Prefix = uint64(0x34)
 
-// HashAlgorithm is the multicodec.Code that specifies the hash algorithm
+// Hash is the value that specifies the hash algorithm
 // that's used to reduce the signed content
-type HashAlgorithm uint64
+type Hash uint64
 
-// Constant multicodec.Code values that allow Varsig implementations to
-// specify how the payload content is hashed before the signature is
-// generated.
+// Constant values that allow Varsig implementations to specify how
+// the payload content is hashed before the signature is generated.
 const (
-	HashAlgorithmUnspecified HashAlgorithm = 0x00
-	HashAlgorithmSHA256                    = HashAlgorithm(multicodec.Sha2_256)
-	HashAlgorithmSHA384                    = HashAlgorithm(multicodec.Sha2_384)
-	HashAlgorithmSHA512                    = HashAlgorithm(multicodec.Sha2_512)
-	HashAlgorithmShake256                  = HashAlgorithm(multicodec.Shake256)
+	HashUnspecified Hash = 0x00
+
+	HashSha2_224 = Hash(0x1013)
+	HashSha2_256 = Hash(0x12)
+	HashSha2_384 = Hash(0x20)
+	HashSha2_512 = Hash(0x13)
+
+	HashSha3_224 = Hash(0x17)
+	HashSha3_256 = Hash(0x16)
+	HashSha3_384 = Hash(0x15)
+	HashSha3_512 = Hash(0x14)
+
+	HashSha512_224 = Hash(0x1014)
+	HashSha512_256 = Hash(0x1015)
+
+	HashBlake2s_256 = Hash(0xb260)
+	HashBlake2b_256 = Hash(0xb220)
+	HashBlake2b_384 = Hash(0xb230)
+	HashBlake2b_512 = Hash(0xb240)
+
+	HashShake_256 = Hash(0x19)
+
+	HashKeccak_256 = Hash(0x1b)
+	HashKeccak_512 = Hash(0x1d)
+
+	// You should likely not use those:
+	HashRipemd_160 = Hash(0x1053)
+	HashMd4        = Hash(0xd4)
+	HashMd5        = Hash(0xd5)
+	HashSha1       = Hash(0x11)
 )
 
 // DecodeHashAlgorithm reads and validates the expected hash algorithm
 // (for varsig types include a variable hash algorithm.)
-func DecodeHashAlgorithm(r *bytes.Reader) (HashAlgorithm, error) {
+func DecodeHashAlgorithm(r BytesReader) (Hash, error) {
 	u, err := binary.ReadUvarint(r)
 	if err != nil {
-		return HashAlgorithmUnspecified, fmt.Errorf("%w: %w", ErrUnknownHashAlgorithm, err)
+		return HashUnspecified, fmt.Errorf("%w: %w", ErrUnknownHash, err)
 	}
 
-	h := HashAlgorithm(u)
+	h := Hash(u)
 
 	switch h {
-	case HashAlgorithmSHA256,
-		HashAlgorithmSHA384,
-		HashAlgorithmSHA512,
-		HashAlgorithmShake256:
+	case HashSha2_224,
+		HashSha2_256,
+		HashSha2_384,
+		HashSha2_512,
+		HashSha3_224,
+		HashSha3_256,
+		HashSha3_384,
+		HashSha3_512,
+		HashSha512_224,
+		HashSha512_256,
+		HashBlake2s_256,
+		HashBlake2b_256,
+		HashBlake2b_384,
+		HashBlake2b_512,
+		HashShake_256,
+		HashKeccak_256,
+		HashKeccak_512,
+		HashRipemd_160,
+		HashMd4,
+		HashMd5,
+		HashSha1:
 		return h, nil
 	default:
-		return HashAlgorithmUnspecified, fmt.Errorf("%w: %x", ErrUnknownHashAlgorithm, h)
+		return HashUnspecified, fmt.Errorf("%w: %x", ErrUnknownHash, h)
 	}
 }
 
 // PayloadEncoding specifies the encoding of the data being (hashed and)
 // signed.  A canonical representation of the data is required to produce
 // consistent hashes and signatures.
-type PayloadEncoding uint64
+type PayloadEncoding int
 
-// Constant multicodec.Code values that allow Varsig implementations to
-// specify how the payload content is encoded before being hashed.  In
-// varsig >= v1, only canonical encoding is allowed.
+// Constant values that allow Varsig implementations to specify how the
+// payload content is encoded before being hashed.
 const (
-	PayloadEncodingUnspecified PayloadEncoding = 0x00
-	PayloadEncodingVerbatim    PayloadEncoding = 0x5f
-	PayloadEncodingDAGPB                       = PayloadEncoding(multicodec.DagPb)
-	PayloadEncodingDAGCBOR                     = PayloadEncoding(multicodec.DagCbor)
-	PayloadEncodingDAGJSON                     = PayloadEncoding(multicodec.DagJson)
-	PayloadEncodingEIP191                      = PayloadEncoding(multicodec.Eip191)
-	PayloadEncodingJWT         PayloadEncoding = 0x6a77
+	PayloadEncodingUnspecified = PayloadEncoding(iota)
+	PayloadEncodingVerbatim
+	PayloadEncodingDAGPB
+	PayloadEncodingDAGCBOR
+	PayloadEncodingDAGJSON
+	PayloadEncodingEIP191Raw
+	PayloadEncodingEIP191Cbor
+	PayloadEncodingJWT
+)
+
+const (
+	encodingSegmentVerbatim = uint64(0x5f)
+	encodingSegmentDAGPB    = uint64(0x70)
+	encodingSegmentDAGCBOR  = uint64(0x71)
+	encodingSegmentDAGJSON  = uint64(0x0129)
+	encodingSegmentEIP191   = uint64(0xe191)
+	encodingSegmentJWT      = uint64(0x6a77)
 )
 
 // DecodePayloadEncoding reads and validates the expected canonical payload
 // encoding of the data to be signed.
-func DecodePayloadEncoding(r *bytes.Reader, vers Version) (PayloadEncoding, error) {
-	u, err := binary.ReadUvarint(r)
+func DecodePayloadEncoding(r BytesReader) (PayloadEncoding, error) {
+	seg1, err := binary.ReadUvarint(r)
 	if err != nil {
 		return PayloadEncodingUnspecified, fmt.Errorf("%w: %w", ErrUnsupportedPayloadEncoding, err)
 	}
 
-	payEnc := PayloadEncoding(u)
-
-	switch vers {
-	case Version0:
-		return decodeEncodingInfoV0(payEnc)
-	case Version1:
-		return decodeEncodingInfoV1(payEnc)
+	switch seg1 {
+	case encodingSegmentVerbatim:
+		return PayloadEncodingVerbatim, nil
+	case encodingSegmentDAGCBOR:
+		return PayloadEncodingDAGCBOR, nil
+	case encodingSegmentDAGJSON:
+		return PayloadEncodingDAGJSON, nil
+	case encodingSegmentEIP191:
+		seg2, err := binary.ReadUvarint(r)
+		if err != nil {
+			return PayloadEncodingUnspecified, fmt.Errorf("%w: incomplete EIP191 encoding: %w", ErrUnsupportedPayloadEncoding, err)
+		}
+		switch seg2 {
+		case encodingSegmentVerbatim:
+			return PayloadEncodingEIP191Raw, nil
+		case encodingSegmentDAGCBOR:
+			return PayloadEncodingEIP191Cbor, nil
+		default:
+			return PayloadEncodingUnspecified, fmt.Errorf("%w: encoding=%x+%x", ErrUnsupportedPayloadEncoding, seg1, seg2)
+		}
 	default:
-		return 0, ErrUnsupportedVersion
+		return PayloadEncodingUnspecified, fmt.Errorf("%w: encoding=%x", ErrUnsupportedPayloadEncoding, seg1)
 	}
 }
 
-// https://github.com/ChainAgnostic/varsig#4-payload-encoding
-func decodeEncodingInfoV0(payEnc PayloadEncoding) (PayloadEncoding, error) {
-	switch payEnc {
-	case PayloadEncodingVerbatim,
-		PayloadEncodingDAGPB,
-		PayloadEncodingDAGCBOR,
-		PayloadEncodingDAGJSON,
-		PayloadEncodingJWT,
-		PayloadEncodingEIP191:
-		return payEnc, nil
+// EncodePayloadEncoding returns the PayloadEncoding as serialized bytes.
+// If enc is not a valid PayloadEncoding, this function will panic.
+func EncodePayloadEncoding(enc PayloadEncoding) []byte {
+	res := make([]byte, 0, 8)
+	switch enc {
+	case PayloadEncodingVerbatim:
+		res = binary.AppendUvarint(res, encodingSegmentVerbatim)
+	case PayloadEncodingDAGPB:
+		res = binary.AppendUvarint(res, encodingSegmentDAGPB)
+	case PayloadEncodingDAGCBOR:
+		res = binary.AppendUvarint(res, encodingSegmentDAGCBOR)
+	case PayloadEncodingDAGJSON:
+		res = binary.AppendUvarint(res, encodingSegmentDAGJSON)
+	case PayloadEncodingEIP191Raw:
+		res = binary.AppendUvarint(res, encodingSegmentEIP191)
+		res = binary.AppendUvarint(res, encodingSegmentVerbatim)
+	case PayloadEncodingEIP191Cbor:
+		res = binary.AppendUvarint(res, encodingSegmentEIP191)
+		res = binary.AppendUvarint(res, encodingSegmentDAGCBOR)
+	case PayloadEncodingJWT:
+		res = binary.AppendUvarint(res, encodingSegmentJWT)
 	default:
-		return PayloadEncodingUnspecified, fmt.Errorf("%w: version=%d, encoding=%x", ErrUnsupportedPayloadEncoding, Version0, payEnc)
+		panic(fmt.Sprintf("invalid encoding: %v", enc))
 	}
+
+	return res
 }
 
-// https://github.com/expede/varsig/blob/main/README.md#payload-encoding
-func decodeEncodingInfoV1(payEnc PayloadEncoding) (PayloadEncoding, error) {
-	switch payEnc {
-	case PayloadEncodingVerbatim,
-		PayloadEncodingDAGCBOR,
-		PayloadEncodingDAGJSON,
-		PayloadEncodingEIP191:
-		return payEnc, nil
-	default:
-		return PayloadEncodingUnspecified, fmt.Errorf("%w: version=%d, encoding=%x", ErrUnsupportedPayloadEncoding, Version1, payEnc)
-	}
-}
-
-// Discriminator is (usually) the multicodec.Code representing the public
-// key type of the algorithm used to create the signature.
+// Discriminator is (usually) the value representing the public key type of
+// the algorithm used to create the signature.
 //
-// There is not set list of constants here, nor is there a decode function
+// There is no set list of constants here, nor is there a decode function
 // as the author of an implementation should include the constant with the
 // implementation, and the decoding is handled by the Handler, which uses
 // the Discriminator to choose the correct implementation.  Also note that

constant_test.go

@@ -18,24 +18,24 @@ func TestDecodeHashAlgorithm(t *testing.T) {
 
 		hashAlg, err := varsig.DecodeHashAlgorithm(bytes.NewReader([]byte{0x12}))
 		require.NoError(t, err)
-		require.Equal(t, varsig.HashAlgorithmSHA256, hashAlg)
+		require.Equal(t, varsig.HashSha2_256, hashAlg)
 	})
 
 	t.Run("fails - truncated varsig (no bytes)", func(t *testing.T) {
 		t.Parallel()
 
 		hashAlg, err := varsig.DecodeHashAlgorithm(bytes.NewReader([]byte{}))
-		require.ErrorIs(t, err, varsig.ErrUnknownHashAlgorithm)
+		require.ErrorIs(t, err, varsig.ErrUnknownHash)
 		require.ErrorIs(t, err, io.EOF)
-		require.Equal(t, varsig.HashAlgorithmUnspecified, hashAlg)
+		require.Equal(t, varsig.HashUnspecified, hashAlg)
 	})
 
 	t.Run("fails - unknown hash algorithm", func(t *testing.T) {
 		t.Parallel()
 
 		hashAlg, err := varsig.DecodeHashAlgorithm(bytes.NewReader([]byte{0x42}))
-		require.ErrorIs(t, err, varsig.ErrUnknownHashAlgorithm)
-		require.Equal(t, varsig.HashAlgorithmUnspecified, hashAlg)
+		require.ErrorIs(t, err, varsig.ErrUnknownHash)
+		require.Equal(t, varsig.HashUnspecified, hashAlg)
 	})
 }
 
@@ -53,18 +53,10 @@ func TestDecodePayloadEncoding(t *testing.T) {
 	t.Run("passes", func(t *testing.T) {
 		t.Parallel()
 
-		t.Run("v0", func(t *testing.T) {
-			t.Parallel()
-
-			payEnc, err := varsig.DecodePayloadEncoding(bytes.NewReader([]byte{0x5f}), varsig.Version1)
-			require.NoError(t, err)
-			require.Equal(t, varsig.PayloadEncodingVerbatim, payEnc)
-		})
-
 		t.Run("v1", func(t *testing.T) {
 			t.Parallel()
 
-			payEnc, err := varsig.DecodePayloadEncoding(bytes.NewReader([]byte{0x5f}), varsig.Version1)
+			payEnc, err := varsig.DecodePayloadEncoding(bytes.NewReader([]byte{0x5f}))
 			require.NoError(t, err)
 			require.Equal(t, varsig.PayloadEncodingVerbatim, payEnc)
 		})
@@ -76,27 +68,13 @@ func TestDecodePayloadEncoding(t *testing.T) {
 		tests := []struct {
 			name string
 			data []byte
-			vers varsig.Version
 			err  error
 		}{
 			{
-				name: "unsupported encoding - v0",
-				data: []byte{0x42}, // random
-				vers: varsig.Version0,
-				err:  varsig.ErrUnsupportedPayloadEncoding,
-			},
-			{
-				name: "unsupported encoding - v1",
+				name: "unsupported encoding",
 				data: []byte{0x6a, 0x77}, // JWT
-				vers: varsig.Version1,
 				err:  varsig.ErrUnsupportedPayloadEncoding,
 			},
-			{
-				name: "unsupported version",
-				data: []byte{0x5f}, // Verbatim
-				vers: 99,           // random
-				err:  varsig.ErrUnsupportedVersion,
-			},
 		}
 
 		for _, tt := range tests {
@@ -105,10 +83,8 @@ func TestDecodePayloadEncoding(t *testing.T) {
 				t.Parallel()
 
 				r := bytes.NewReader(tt.data)
-				_, err := varsig.DecodePayloadEncoding(r, tt.vers)
+				_, err := varsig.DecodePayloadEncoding(r)
 				require.ErrorIs(t, err, tt.err)
-				// t.Log(err)
-				// t.Fail()
 			})
 		}
 	})
@@ -118,6 +94,6 @@ func BenchmarkDecodePayloadEncoding(b *testing.B) {
 	b.ReportAllocs()
 	data := []byte{0x5f}
 	for i := 0; i < b.N; i++ {
-		_, _ = varsig.DecodePayloadEncoding(bytes.NewReader(data), varsig.Version1)
+		_, _ = varsig.DecodePayloadEncoding(bytes.NewReader(data))
 	}
 }

ecdsa.go

@@ -1,9 +1,101 @@
 package varsig
 
-// Stub
-const (
-	DiscriminatorECDSASecp256k1 Discriminator = 0xe7
-	DiscriminatorECDSAP256      Discriminator = 0x1200
-	DiscriminatorECDSAP384      Discriminator = 0x1201
-	DiscriminatorECDSAP521      Discriminator = 0x1202
+import (
+	"encoding/binary"
+	"fmt"
 )
+
+// DiscriminatorECDSA is the value specifying an ECDSA signature.
+const DiscriminatorECDSA = Discriminator(0xec)
+
+// ECDSACurve are values that specify which ECDSA curve is used when
+// generating the signature.
+type ECDSACurve uint64
+
+// Constants describing the values for each specific ECDSA curve that can
+// be encoded into a Varsig.
+const (
+	CurveSecp256k1 = ECDSACurve(0xe7)
+	CurveP256      = ECDSACurve(0x1200)
+	CurveP384      = ECDSACurve(0x1201)
+	CurveP521      = ECDSACurve(0x1202)
+)
+
+func decodeECDSACurve(r BytesReader) (ECDSACurve, error) {
+	u, err := binary.ReadUvarint(r)
+	if err != nil {
+		return 0, err
+	}
+
+	switch curve := ECDSACurve(u); curve {
+	case CurveSecp256k1, CurveP256, CurveP384, CurveP521:
+		return curve, nil
+	default:
+		return 0, fmt.Errorf("%w: %x", ErrUnknownECDSACurve, u)
+	}
+}
+
+var _ Varsig = ECDSAVarsig{}
+
+// ECDSAVarsig is a varsig that encodes the parameters required to describe
+// an ECDSA signature.
+type ECDSAVarsig struct {
+	varsig
+
+	curve   ECDSACurve
+	hashAlg Hash
+}
+
+// NewECDSAVarsig creates and validates an ECDSA varsig with the provided
+// curve, hash algorithm and payload encoding.
+func NewECDSAVarsig(curve ECDSACurve, hashAlgorithm Hash, payloadEncoding PayloadEncoding) ECDSAVarsig {
+	return ECDSAVarsig{
+		varsig: varsig{
+			disc:   DiscriminatorECDSA,
+			payEnc: payloadEncoding,
+		},
+		curve:   curve,
+		hashAlg: hashAlgorithm,
+	}
+}
+
+// Curve returns the elliptic curve used to generate the ECDSA signature.
+func (v ECDSAVarsig) Curve() ECDSACurve {
+	return v.curve
+}
+
+// Hash returns the value describing the hash algorithm used to hash
+// the payload content before the signature is generated.
+func (v ECDSAVarsig) Hash() Hash {
+	return v.hashAlg
+}
+
+// Encode returns the encoded byte format of the ECDSAVarsig.
+func (v ECDSAVarsig) Encode() []byte {
+	buf := v.encode()
+
+	buf = binary.AppendUvarint(buf, uint64(v.curve))
+	buf = binary.AppendUvarint(buf, uint64(v.hashAlg))
+	buf = append(buf, EncodePayloadEncoding(v.payEnc)...)
+
+	return buf
+}
+
+func decodeECDSA(r BytesReader) (Varsig, error) {
+	curve, err := decodeECDSACurve(r)
+	if err != nil {
+		return nil, err
+	}
+
+	hashAlg, err := DecodeHashAlgorithm(r)
+	if err != nil {
+		return nil, err
+	}
+
+	payEnc, err := DecodePayloadEncoding(r)
+	if err != nil {
+		return nil, err
+	}
+
+	return NewECDSAVarsig(curve, hashAlg, payEnc), nil
+}

eddsa.go

@@ -1,81 +1,70 @@
 package varsig
 
 import (
-	"bytes"
-	"crypto/ed25519"
 	"encoding/binary"
-
-	"github.com/multiformats/go-multicodec"
+	"fmt"
 )
 
-// Constants containing multicodec.Code values that specify EdDSA signatures.
-const (
-	DiscriminatorEdDSA   = Discriminator(multicodec.Ed25519Pub)
-	DiscriminatorEd25519 = Discriminator(multicodec.Ed25519Pub)
-	DiscriminatorEd448   = Discriminator(multicodec.Ed448Pub)
-)
+// DiscriminatorEdDSA is the value specifying an EdDSA signature.
+const DiscriminatorEdDSA = Discriminator(0xed)
 
-// EdDSACurve are multicodec.Code values that specify which Edwards curve
-// is used when generating the signature.
+// EdDSACurve are values that specify which Edwards curve is used when
+// generating the signature.
 type EdDSACurve uint64
 
-// Constants describing the multicodec.Code for each specific Edwards
-// curve that can be encoded into a Varsig.
+// Constants describing the values for each specific Edwards curve that can
+// be encoded into a Varsig.
 const (
-	CurveEd25519 = EdDSACurve(multicodec.Ed25519Pub)
-	CurveEd448   = EdDSACurve(multicodec.Ed448Pub)
+	CurveEd25519 = EdDSACurve(0xed)
+	CurveEd448   = EdDSACurve(0x1203)
 )
 
-var _ Varsig = (*EdDSAVarsig)(nil)
+func decodeEdDSACurve(r BytesReader) (EdDSACurve, error) {
+	u, err := binary.ReadUvarint(r)
+	if err != nil {
+		return 0, err
+	}
+
+	switch curve := EdDSACurve(u); curve {
+	case CurveEd25519, CurveEd448:
+		return curve, nil
+	default:
+		return 0, fmt.Errorf("%w: %x", ErrUnknownEdDSACurve, u)
+	}
+}
+
+var _ Varsig = EdDSAVarsig{}
 
 // EdDSAVarsig is a varsig that encodes the parameters required to describe
 // an EdDSA signature.
 type EdDSAVarsig struct {
-	varsig[EdDSAVarsig]
+	varsig
 
 	curve   EdDSACurve
-	hashAlg HashAlgorithm
+	hashAlg Hash
 }
 
 // NewEdDSAVarsig creates and validates an EdDSA varsig with the provided
 // curve, hash algorithm and payload encoding.
-func NewEdDSAVarsig(curve EdDSACurve, hashAlgorithm HashAlgorithm, payloadEncoding PayloadEncoding, opts ...Option) (*EdDSAVarsig, error) {
-	options := newOptions(opts...)
-
-	var (
-		vers = Version1
-		disc = DiscriminatorEdDSA
-		sig  = []byte{}
-	)
-
-	if options.ForceVersion0() {
-		vers = Version0
-		disc = Discriminator(curve)
-		sig = options.Signature()
-	}
-
-	v := &EdDSAVarsig{
-		varsig: varsig[EdDSAVarsig]{
-			vers:   vers,
-			disc:   disc,
+func NewEdDSAVarsig(curve EdDSACurve, hashAlgorithm Hash, payloadEncoding PayloadEncoding) EdDSAVarsig {
+	return EdDSAVarsig{
+		varsig: varsig{
+			disc:   DiscriminatorEdDSA,
 			payEnc: payloadEncoding,
-			sig:    sig,
 		},
 		curve:   curve,
 		hashAlg: hashAlgorithm,
 	}
-
-	return v.validateSig(v, ed25519.PrivateKeySize)
 }
 
 // Curve returns the Edwards curve used to generate the EdDSA signature.
-func (v *EdDSAVarsig) Curve() EdDSACurve {
+func (v EdDSAVarsig) Curve() EdDSACurve {
 	return v.curve
 }
 
-// HashAlgorithm returns the multicodec.Code describing the hash algorithm
-// used to hash the payload content before the signature is generated.
-func (v *EdDSAVarsig) HashAlgorithm() HashAlgorithm {
+// Hash returns the value describing the hash algorithm used to hash
+// the payload content before the signature is generated.
+func (v EdDSAVarsig) Hash() Hash {
 	return v.hashAlg
 }
 
@@ -83,42 +72,28 @@ func (v *EdDSAVarsig) HashAlgorithm() HashAlgorithm {
 func (v EdDSAVarsig) Encode() []byte {
 	buf := v.encode()
 
-	if v.vers != Version0 {
-		buf = binary.AppendUvarint(buf, uint64(v.curve))
-	}
-
+	buf = binary.AppendUvarint(buf, uint64(v.curve))
 	buf = binary.AppendUvarint(buf, uint64(v.hashAlg))
-	buf = binary.AppendUvarint(buf, uint64(v.payEnc))
-	buf = append(buf, v.Signature()...)
+	buf = append(buf, EncodePayloadEncoding(v.payEnc)...)
 
 	return buf
 }
 
-func decodeEd25519(r *bytes.Reader, vers Version, disc Discriminator) (Varsig, error) {
-	curve := uint64(disc)
-	if vers != Version0 {
-		u, err := binary.ReadUvarint(r)
-
-		if err != nil {
-			return nil, err // TODO: wrap error?
-		}
-
-		curve = u
-	}
-
-	hashAlg, err := binary.ReadUvarint(r)
+func decodeEdDSA(r BytesReader) (Varsig, error) {
+	curve, err := decodeEdDSACurve(r)
 	if err != nil {
-		return nil, err // TODO: wrap error?
+		return nil, err
 	}
 
-	v := &EdDSAVarsig{
-		varsig: varsig[EdDSAVarsig]{
-			vers: vers,
-			disc: disc,
-		},
-		curve:   EdDSACurve(curve),
-		hashAlg: HashAlgorithm(hashAlg),
+	hashAlg, err := DecodeHashAlgorithm(r)
+	if err != nil {
+		return nil, err
 	}
 
-	return v.decodePayEncAndSig(r, v, ed25519.PrivateKeySize)
+	payEnc, err := DecodePayloadEncoding(r)
+	if err != nil {
+		return nil, err
+	}
+
+	return NewEdDSAVarsig(curve, hashAlg, payEnc), nil
 }

eddsa_test.go

@@ -1,7 +1,7 @@
 package varsig_test
 
 import (
-	"encoding/hex"
+	"encoding/base64"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -10,49 +10,41 @@ import (
 	"github.com/ucan-wg/go-varsig"
 )
 
-func TestDecodeEd25519(t *testing.T) {
+func TestUCANExampleV1(t *testing.T) {
 	t.Parallel()
 
-	t.Run("passes - section 3 example - v0", func(t *testing.T) {
-		// Original:  34ed01    1371ae3784f03f9ee1163382fa6efa73b0c31ecf58c899c836709303ba4621d1e6df20e09aaa568914290b7ea124f5b38e70b9b69c7de0d216880eac885edd41c302
-		// Corrected: 34ed011371ae3784f03f9ee1163382fa6efa73b0c31ecf58c899c836709303ba4621d1e6df20e09aaa568914290b7ea124f5b38e70b9b69c7de0d216880eac885edd41c302")
+	// This test is the value shown in the UCAN v1.0.0 example, which is
+	// an EdDSA varsig = v1 with the Ed25519 curve, SHA2_256 hashing and
+	// DAG-CBOR content encoding.
+	example, err := base64.RawStdEncoding.DecodeString("NAHtAe0BE3E")
+	require.NoError(t, err)
 
-		hdr, err := hex.DecodeString("34ed011371")
+	t.Run("Decode", func(t *testing.T) {
+		t.Parallel()
+
+		v, err := varsig.Decode(example)
 		require.NoError(t, err)
 
-		sig, err := hex.DecodeString("ae3784f03f9ee1163382fa6efa73b0c31ecf58c899c836709303ba4621d1e6df20e09aaa568914290b7ea124f5b38e70b9b69c7de0d216880eac885edd41c302")
-		require.NoError(t, err)
-		require.Len(t, sig, 64)
+		ed25519V, ok := v.(varsig.EdDSAVarsig)
+		require.True(t, ok)
 
-		t.Run("Decode", func(t *testing.T) {
-			t.Parallel()
+		assert.Equal(t, varsig.Version1, ed25519V.Version())
+		assert.Equal(t, varsig.DiscriminatorEdDSA, ed25519V.Discriminator())
+		assert.Equal(t, varsig.CurveEd25519, ed25519V.Curve())
+		assert.Equal(t, varsig.HashSha2_512, ed25519V.Hash())
+		assert.Equal(t, varsig.PayloadEncodingDAGCBOR, ed25519V.PayloadEncoding())
+	})
 
-			v, err := varsig.Decode(append(hdr, sig...))
-			require.NoError(t, err)
-			require.NotNil(t, v)
-			assert.Equal(t, varsig.Version0, v.Version())
-			assert.Equal(t, varsig.DiscriminatorEd25519, v.Discriminator())
-			assert.Equal(t, varsig.PayloadEncodingDAGCBOR, v.PayloadEncoding())
-			assert.Len(t, v.Signature(), 64)
+	t.Run("Encode", func(t *testing.T) {
+		t.Parallel()
 
-			impl, ok := v.(*varsig.EdDSAVarsig)
-			require.True(t, ok)
-			assert.Equal(t, varsig.CurveEd25519, impl.Curve())
-			assert.Equal(t, varsig.HashAlgorithmSHA512, impl.HashAlgorithm())
-		})
+		edDSAVarsig := varsig.NewEdDSAVarsig(
+			varsig.CurveEd25519,
+			varsig.HashSha2_512,
+			varsig.PayloadEncodingDAGCBOR,
+		)
 
-		t.Run("Encode", func(t *testing.T) {
-			t.Parallel()
-
-			v, err := varsig.NewEdDSAVarsig(
-				varsig.CurveEd25519,
-				varsig.HashAlgorithmSHA512,
-				varsig.PayloadEncodingDAGCBOR,
-				varsig.WithForceVersion0(sig),
-			)
-			require.NoError(t, err)
-			require.NotNil(t, v)
-			assert.Equal(t, append(hdr, sig...), v.Encode())
-		})
+		assert.Equal(t, example, edDSAVarsig.Encode())
+		t.Log(base64.RawStdEncoding.EncodeToString(edDSAVarsig.Encode()))
 	})
 }

error.go

@@ -2,42 +2,36 @@ package varsig
 
 import "errors"
 
-// ErrMissingSignature is returned when a varsig v0 is parsed and does
-// not contain the expected signature bytes.  This is expected in some
-// intermediate cases, such as the UCAN v1 specification.
-var ErrMissingSignature = errors.New("missing signature expected in varsig v0")
-
 // ErrNotYetImplemented is returned when a function is currently under
 // construction.  For released versions of this library, this error should
 // never occur.
 var ErrNotYetImplemented = errors.New("not yet implemented")
 
-// ErrUnexpectedSignaturePresent is returned when a signature is present
-// in  a varsig >= v1.
-var ErrUnexpectedSignaturePresent = errors.New("unexpected signature present in varsig >= v1")
-
-// ErrUnexpectedSignatureSize is returned when the length of the decoded
-// signature doesn't match the expected signature length as defined by the
-// signing algorithm or sent via a Varsig field.
-var ErrUnexpectedSignatureSize = errors.New("unexpected signature size in varsig v0")
-
-// ErrUnknownHashAlgoritm is returned when an unexpected value is provided
+// ErrUnknownHash is returned when an unexpected value is provided
 // while decoding the hashing algorithm.
-var ErrUnknownHashAlgorithm = errors.New("unknown hash algorithm")
+var ErrUnknownHash = errors.New("unknown hash algorithm")
 
 // ErrUnsupportedPayloadEncoding is returned when an unexpected value is
 // provided while decoding the payload encoding field.  The allowed values
 // for this field may vary based on the varsig version.
 var ErrUnsupportedPayloadEncoding = errors.New("unsupported payload encoding")
 
-// ErrUnknowndiscorith is returned when the Registry doesn't have a
+// ErrUnknownDiscriminator is returned when the Registry doesn't have a
 // parsing function for the decoded signing algorithm.
 var ErrUnknownDiscriminator = errors.New("unknown signing algorithm")
 
+// ErrUnknownEdDSACurve is returned when the decoded uvarint isn't either
+// CurveEd25519 or CurveEd448.
+var ErrUnknownEdDSACurve = errors.New("unknown Edwards curve")
+
+// ErrUnknownECDSACurve is returned when the decoded uvarint isn't either
+// CurveSecp256k1, CurveP256, CurveP384 or CurveP521.
+var ErrUnknownECDSACurve = errors.New("unknown ECDSA curve")
+
 // ErrUnsupportedVersion is returned when an unsupported varsig version
 // field is present.
 var ErrUnsupportedVersion = errors.New("unsupported version")
 
 // ErrBadPrefix is returned when the prefix field contains a value other
-// than 0x34 (encoded as a uvarint).
+// than 0x34 (encoded as an uvarint).
 var ErrBadPrefix = errors.New("varsig prefix not found")

go.mod

@@ -1,11 +1,10 @@
 module github.com/ucan-wg/go-varsig
 
-go 1.24.4
+go 1.23.10
 
-require (
-	github.com/multiformats/go-multicodec v0.9.2
-	github.com/stretchr/testify v1.10.0
-)
+toolchain go1.24.4
+
+require github.com/stretchr/testify v1.10.0
 
 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect

go.sum

@@ -6,8 +6,6 @@ github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/renameio v0.1.0 h1:GOZbcHa3HfsPKPlmyPyN2KEohoMXOhdMbHrvbpl2QaA=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
-github.com/multiformats/go-multicodec v0.9.2 h1:YrlXCuqxjqm3bXl+vBq5LKz5pz4mvAsugdqy78k0pXQ=
-github.com/multiformats/go-multicodec v0.9.2/go.mod h1:LLWNMtyV5ithSBUo3vFIMaeDy+h3EbkMTek1m+Fybbo=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=

option.go

@@ -1,45 +0,0 @@
-package varsig
-
-// Options define customization when creating a new Varsig.
-type Options struct {
-	forceVersion0 bool
-	signature     []byte
-}
-
-func newOptions(opts ...Option) *Options {
-	o := &Options{}
-
-	for _, opt := range opts {
-		opt(o)
-	}
-
-	return o
-}
-
-// ForceVersion0 returns a boolean indicating that a Varsig < v1 should
-// be created (which means the encoded Varsig won't have a version field
-// and might contain the signature bytes as the last field.)
-func (o *Options) ForceVersion0() bool {
-	return o.forceVersion0
-}
-
-// Signature returns the optional signature bytes when creating a Varsig
-// < v1.
-func (o *Options) Signature() []byte {
-	return o.signature
-}
-
-// Option is a function that alters the default behavior of constructors
-// that produce implementations of the Varsig type.
-type Option func(*Options)
-
-// WithForceVersion0 indicates that a Varsig < v1 should be produced. If
-// the signature is a) not nil, b) not empty and c) the correct length
-// based on the signing algorithm or signing key, the signature's bytes
-// will be appended to the encoded Varsig.
-func WithForceVersion0(signature []byte) Option {
-	return func(o *Options) {
-		o.forceVersion0 = true
-		o.signature = signature
-	}
-}

registry.go

@@ -6,11 +6,11 @@ import (
 	"fmt"
 )
 
-// Version represents which version of the vasig specification was used
+// Version represents which version of the varsig specification was used
 // to produce Varsig value.
 type Version uint64
 
-// Constancts for the existing varsig specifications
+// Constants for the existing varsig specifications
 const (
 	Version0 Version = 0
 	Version1 Version = 1
@@ -18,9 +18,9 @@ const (
 
 // DecodeFunc is a function that parses the varsig representing a specific
 // signing algorithm.
-type DecodeFunc func(*bytes.Reader, Version, Discriminator) (Varsig, error)
+type DecodeFunc func(BytesReader) (Varsig, error)
 
-// Registry contains a mapping between known signing algorithms, and
+// Registry contains a mapping between known signing algorithms and
 // functions that can parse varsigs for that signing algorithm.
 type Registry map[Discriminator]DecodeFunc
 
@@ -28,12 +28,9 @@ type Registry map[Discriminator]DecodeFunc
 // signing algorithms which have an implementation within this library.
 func DefaultRegistry() Registry {
 	return map[Discriminator]DecodeFunc{
-		DiscriminatorRSA:            decodeRSA,
-		DiscriminatorEdDSA:          decodeEd25519,
-		DiscriminatorEd448:          decodeEd25519,
-		DiscriminatorECDSAP256:      notYetImplementedVarsigDecoder,
-		DiscriminatorECDSASecp256k1: notYetImplementedVarsigDecoder,
-		DiscriminatorECDSAP521:      notYetImplementedVarsigDecoder,
+		DiscriminatorRSA:   decodeRSA,
+		DiscriminatorEdDSA: decodeEdDSA,
+		DiscriminatorECDSA: decodeECDSA,
 	}
 }
 
@@ -56,7 +53,7 @@ func (rs Registry) Decode(data []byte) (Varsig, error) {
 
 // DecodeStream converts data read from the provided io.Reader into one
 // of the registered Varsig types.
-func (rs Registry) DecodeStream(r *bytes.Reader) (Varsig, error) {
+func (rs Registry) DecodeStream(r BytesReader) (Varsig, error) {
 	pre, err := binary.ReadUvarint(r)
 	if err != nil {
 		return nil, fmt.Errorf("%w: %w", ErrBadPrefix, err)
@@ -71,15 +68,19 @@ func (rs Registry) DecodeStream(r *bytes.Reader) (Varsig, error) {
 		return nil, err
 	}
 
+	if vers != Version1 {
+		return nil, fmt.Errorf("%w: %d", ErrUnsupportedVersion, vers)
+	}
+
 	decodeFunc, ok := rs[Discriminator(disc)]
 	if !ok {
 		return nil, fmt.Errorf("%w: %x", ErrUnknownDiscriminator, disc)
 	}
 
-	return decodeFunc(r, vers, disc)
+	return decodeFunc(r)
 }
 
-func (rs Registry) decodeVersAnddisc(r *bytes.Reader) (Version, Discriminator, error) {
+func (rs Registry) decodeVersAnddisc(r BytesReader) (Version, Discriminator, error) {
 	vers, err := binary.ReadUvarint(r)
 	if err != nil {
 		return Version(vers), 0, err
@@ -97,7 +98,3 @@ func (rs Registry) decodeVersAnddisc(r *bytes.Reader) (Version, Discriminator, e
 
 	return Version(vers), Discriminator(disc), err
 }
-
-func notYetImplementedVarsigDecoder(_ *bytes.Reader, vers Version, disc Discriminator) (Varsig, error) {
-	return nil, fmt.Errorf("%w: Version: %d, Discriminator: %x", ErrNotYetImplemented, vers, disc)
-}

registry_test.go

@@ -12,25 +12,7 @@ import (
 )
 
 func TestRegistry_Decode(t *testing.T) {
-	t.Parallel()
-
-	t.Run("passes - v0", func(t *testing.T) {
-		t.Parallel()
-
-		data, err := hex.DecodeString("348120")
-		require.NoError(t, err)
-
-		reg := testRegistry(t)
-
-		vs, err := reg.DecodeStream(bytes.NewReader(data))
-		require.NoError(t, err)
-		assert.Equal(t, varsig.Version0, vs.Version())
-		assert.Equal(t, testDiscriminator1, vs.Discriminator())
-	})
-
 	t.Run("passes - v1", func(t *testing.T) {
-		t.Parallel()
-
 		data, err := hex.DecodeString("34018120")
 		require.NoError(t, err)
 
@@ -52,50 +34,41 @@ func testRegistry(t *testing.T) varsig.Registry {
 	t.Helper()
 
 	reg := varsig.NewRegistry()
-	reg.Register(testDiscriminator0, testDecodeFunc(t))
-	reg.Register(testDiscriminator1, testDecodeFunc(t))
+	reg.Register(testDiscriminator0, testDecodeFunc(testDiscriminator0))
+	reg.Register(testDiscriminator1, testDecodeFunc(testDiscriminator1))
 
 	return reg
 }
 
-func testDecodeFunc(t *testing.T) varsig.DecodeFunc {
-	t.Helper()
-
-	return func(r *bytes.Reader, vers varsig.Version, disc varsig.Discriminator) (varsig.Varsig, error) {
-		v := &testVarsig{
-			vers: vers,
-			disc: disc,
-		}
-
-		return v, nil
+func testDecodeFunc(disc varsig.Discriminator) varsig.DecodeFunc {
+	return func(r varsig.BytesReader) (varsig.Varsig, error) {
+		return &testVarsig{disc: disc}, nil
 	}
 }
 
-var _ varsig.Varsig = (*testVarsig)(nil)
+var _ varsig.Varsig = testVarsig{}
 
 type testVarsig struct {
-	vers   varsig.Version
 	disc   varsig.Discriminator
 	payEnc varsig.PayloadEncoding
-	sig    []byte
 }
 
-func (v *testVarsig) Version() varsig.Version {
-	return v.vers
+func (v testVarsig) Version() varsig.Version {
+	return varsig.Version1
 }
 
-func (v *testVarsig) Discriminator() varsig.Discriminator {
+func (v testVarsig) Discriminator() varsig.Discriminator {
 	return v.disc
 }
 
-func (v *testVarsig) PayloadEncoding() varsig.PayloadEncoding {
+func (v testVarsig) Hash() varsig.Hash {
+	return varsig.HashUnspecified
+}
+
+func (v testVarsig) PayloadEncoding() varsig.PayloadEncoding {
 	return v.payEnc
 }
 
-func (v *testVarsig) Signature() []byte {
-	return v.sig
-}
-
-func (v *testVarsig) Encode() []byte {
+func (v testVarsig) Encode() []byte {
 	return nil
 }

rsa.go

@@ -1,95 +1,73 @@
 package varsig
 
 import (
-	"bytes"
 	"encoding/binary"
-
-	"github.com/multiformats/go-multicodec"
 )
 
-// DiscriminatorRSA is the multicodec.Code specifying an RSA signature.
-const DiscriminatorRSA = Discriminator(multicodec.RsaPub)
+// DiscriminatorRSA is the value specifying an RSA signature.
+const DiscriminatorRSA = Discriminator(0x1205)
 
-var _ Varsig = (*RSAVarsig)(nil)
+var _ Varsig = RSAVarsig{}
 
 // RSAVarsig is a varsig that encodes the parameters required to describe
 // an RSA signature.
 type RSAVarsig struct {
-	varsig[RSAVarsig]
-	hashAlg HashAlgorithm
-	sigLen  uint64
+	varsig
+	hashAlg Hash
+	keyLen  uint64
 }
 
 // NewRSAVarsig creates and validates an RSA varsig with the provided
 // hash algorithm, key length and payload encoding.
-func NewRSAVarsig(hashAlgorithm HashAlgorithm, keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (*RSAVarsig, error) {
-	options := newOptions(opts...)
-
-	var (
-		vers = Version1
-		sig  = []byte{}
-	)
-
-	if options.ForceVersion0() {
-		vers = Version0
-		sig = options.Signature()
-	}
-
-	v := &RSAVarsig{
-		varsig: varsig[RSAVarsig]{
-			vers:   vers,
+func NewRSAVarsig(hashAlgorithm Hash, keyLen uint64, payloadEncoding PayloadEncoding) RSAVarsig {
+	return RSAVarsig{
+		varsig: varsig{
 			disc:   DiscriminatorRSA,
 			payEnc: payloadEncoding,
-			sig:    sig,
 		},
 		hashAlg: hashAlgorithm,
-		sigLen:  keyLength,
+		keyLen:  keyLen,
 	}
-
-	return v.validateSig(v, v.sigLen)
 }
 
 // Encode returns the encoded byte format of the RSAVarsig.
 func (v RSAVarsig) Encode() []byte {
 	buf := v.encode()
+
 	buf = binary.AppendUvarint(buf, uint64(v.hashAlg))
-	buf = binary.AppendUvarint(buf, v.sigLen)
-	buf = binary.AppendUvarint(buf, uint64(v.payEnc))
-	buf = append(buf, v.Signature()...)
+	buf = binary.AppendUvarint(buf, v.keyLen)
+	buf = append(buf, EncodePayloadEncoding(v.payEnc)...)
 
 	return buf
 }
 
-// HashAlgorithm returns the hash algorithm used to has the payload content.
-func (v *RSAVarsig) HashAlgorithm() HashAlgorithm {
+// Hash returns the value describing the hash algorithm used to hash
+// the payload content before the signature is generated.
+func (v RSAVarsig) Hash() Hash {
 	return v.hashAlg
 }
 
 // KeyLength returns the length of the RSA key used to sign the payload
 // content.
-func (v *RSAVarsig) KeyLength() uint64 {
-	return v.sigLen
+func (v RSAVarsig) KeyLength() uint64 {
+	return v.keyLen
 }
 
-func decodeRSA(r *bytes.Reader, vers Version, disc Discriminator) (Varsig, error) {
+func decodeRSA(r BytesReader) (Varsig, error) {
 	hashAlg, err := DecodeHashAlgorithm(r)
 	if err != nil {
 		return nil, err
 	}
 
-	sigLen, err := binary.ReadUvarint(r)
+	keyLen, err := binary.ReadUvarint(r)
 	if err != nil {
 		return nil, err
 	}
 
-	vs := &RSAVarsig{
-		varsig: varsig[RSAVarsig]{
-			vers: vers,
-			disc: disc,
-		},
-		hashAlg: HashAlgorithm(hashAlg),
-		sigLen:  sigLen,
+	payEnc, err := DecodePayloadEncoding(r)
+	if err != nil {
+		return nil, err
 	}
 
-	return vs.decodePayEncAndSig(r, vs, sigLen)
+	return NewRSAVarsig(hashAlg, keyLen, payEnc), nil
 }

rsa_test.go

@@ -4,7 +4,6 @@ import (
 	"encoding/base64"
 	"testing"
 
-	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 
 	"github.com/ucan-wg/go-varsig"
@@ -26,71 +25,26 @@ func TestRSAVarsig(t *testing.T) {
 		vs, err := varsig.Decode(example)
 		require.NoError(t, err)
 
-		rsaVs, ok := vs.(*varsig.RSAVarsig)
+		rsaVs, ok := vs.(varsig.RSAVarsig)
 		require.True(t, ok)
 
-		assert.Equal(t, varsig.Version1, rsaVs.Version())
-		assert.Equal(t, varsig.DiscriminatorRSA, rsaVs.Discriminator())
-		assert.Equal(t, varsig.HashAlgorithmSHA256, rsaVs.HashAlgorithm())
-		assert.Equal(t, varsig.PayloadEncodingDAGCBOR, rsaVs.PayloadEncoding())
-		assert.Equal(t, uint64(keyLen), rsaVs.KeyLength())
-		assert.Len(t, rsaVs.Signature(), 0)
+		require.Equal(t, varsig.Version1, rsaVs.Version())
+		require.Equal(t, varsig.DiscriminatorRSA, rsaVs.Discriminator())
+		require.Equal(t, varsig.HashSha2_256, rsaVs.Hash())
+		require.Equal(t, varsig.PayloadEncodingDAGCBOR, rsaVs.PayloadEncoding())
+		require.Equal(t, uint64(keyLen), rsaVs.KeyLength())
 	})
 
 	t.Run("Encode", func(t *testing.T) {
 		t.Parallel()
 
-		rsaVarsig, err := varsig.NewRSAVarsig(
-			varsig.HashAlgorithmSHA256,
+		rsaVarsig := varsig.NewRSAVarsig(
+			varsig.HashSha2_256,
 			keyLen,
 			varsig.PayloadEncodingDAGCBOR,
 		)
-		require.NoError(t, err)
 
-		assert.Equal(t, example, rsaVarsig.Encode())
+		require.Equal(t, example, rsaVarsig.Encode())
 		t.Log(base64.RawStdEncoding.EncodeToString(rsaVarsig.Encode()))
 	})
 }
-
-func TestUCANExample(t *testing.T) {
-	t.Parallel()
-
-	const keyLen = 0x100
-
-	// This test is the value shown in the UCAN v1.0.0 example, which is
-	// an RSA varsig < v1 encoded as RS256 with a key length of 0x100
-	// bytes and DAG-CBOR payload encoding.
-	example, err := base64.RawStdEncoding.DecodeString("NIUkEoACcQ")
-	require.NoError(t, err)
-
-	t.Run("Decode", func(t *testing.T) {
-		t.Parallel()
-
-		vs, err := varsig.Decode(example)
-		require.ErrorIs(t, err, varsig.ErrMissingSignature)
-
-		rsaVs, ok := vs.(*varsig.RSAVarsig)
-		require.True(t, ok)
-
-		assert.Equal(t, varsig.Version0, rsaVs.Version())
-		assert.Equal(t, varsig.DiscriminatorRSA, rsaVs.Discriminator())
-		assert.Equal(t, varsig.HashAlgorithmSHA256, rsaVs.HashAlgorithm())
-		assert.Equal(t, varsig.PayloadEncodingDAGCBOR, rsaVs.PayloadEncoding())
-		assert.Equal(t, uint64(keyLen), rsaVs.KeyLength())
-		assert.Len(t, rsaVs.Signature(), 0)
-	})
-
-	t.Run("Encode", func(t *testing.T) {
-		t.Parallel()
-
-		rsaVarsig, err := varsig.NewRSAVarsig(
-			varsig.HashAlgorithmSHA256,
-			keyLen,
-			varsig.PayloadEncodingDAGCBOR,
-			varsig.WithForceVersion0([]byte{}),
-		)
-		require.ErrorIs(t, err, varsig.ErrMissingSignature)
-
-		assert.Equal(t, example, rsaVarsig.Encode())
-	})
-}

varsig.go

@@ -19,7 +19,6 @@
 package varsig
 
 import (
-	"bytes"
 	"encoding/binary"
 	"io"
 )
@@ -27,13 +26,19 @@ import (
 // Varsig represents types that describe how a signature was generated
 // and thus how to interpret the signature and verify the signed data.
 type Varsig interface {
-	// accessors for fields that are common to all varsig
+	// Version returns the varsig's version field.
 	Version() Version
-	Discriminator() Discriminator
-	PayloadEncoding() PayloadEncoding
-	Signature() []byte
 
-	// Operations that are common to all varsig
+	// Discriminator returns the algorithm used to produce the corresponding signature.
+	Discriminator() Discriminator
+
+	// Hash returns the hash used on the data before signature.
+	Hash() Hash
+
+	// PayloadEncoding returns the codec that was used to encode the signed data.
+	PayloadEncoding() PayloadEncoding
+
+	// Encode returns the encoded byte format of the varsig.
 	Encode() []byte
 }
 
@@ -45,86 +50,46 @@ func Decode(data []byte) (Varsig, error) {
 
 // DecodeStream converts data read from the provided io.Reader into one
 // of the Varsig types provided by the DefaultRegistry.
-func DecodeStream(r *bytes.Reader) (Varsig, error) {
+func DecodeStream(r BytesReader) (Varsig, error) {
 	return DefaultRegistry().DecodeStream(r)
 }
 
-type varsig[T Varsig] struct {
-	vers   Version
+type varsig struct {
 	disc   Discriminator
 	payEnc PayloadEncoding
-	sig    []byte
 }
 
 // Version returns the varsig's version field.
-func (v varsig[_]) Version() Version {
-	return v.vers
+func (v varsig) Version() Version {
+	return Version1
 }
 
-// Discriminator returns the algorithm used to produce corresponding
+// Discriminator returns the algorithm used to produce the corresponding
 // signature.
-func (v varsig[_]) Discriminator() Discriminator {
+func (v varsig) Discriminator() Discriminator {
 	return v.disc
 }
 
 // PayloadEncoding returns the codec that was used to encode the signed
 // data.
-func (v varsig[_]) PayloadEncoding() PayloadEncoding {
+func (v varsig) PayloadEncoding() PayloadEncoding {
 	return v.payEnc
 }
 
-// Signature returns the cryptographic signature of the signed data. This
-// value is never present in a varsig >= v1 and must either be a valid
-// signature with the correct length or empty in varsig < v1.
-func (v varsig[_]) Signature() []byte {
-	return v.sig
-}
-
-func (v *varsig[_]) encode() []byte {
-	var buf []byte
+func (v varsig) encode() []byte {
+	// Pre-allocate to the maximum size to avoid re-allocating.
+	// I think the maximum is 10 bytes, but it's all the same for go to allocate 16 (due to the small
+	// size allocation class), so we might as well get some headroom for bigger varints.
+	buf := make([]byte, 0, 16)
 
 	buf = binary.AppendUvarint(buf, Prefix)
-
-	if v.Version() == Version1 {
-		buf = binary.AppendUvarint(buf, uint64(Version1))
-	}
-
+	buf = binary.AppendUvarint(buf, uint64(Version1))
 	buf = binary.AppendUvarint(buf, uint64(v.disc))
 
 	return buf
 }
 
-func (v *varsig[T]) decodePayEncAndSig(r *bytes.Reader, varsig *T, expectedLength uint64) (*T, error) {
-	payEnc, err := DecodePayloadEncoding(r, v.Version())
-	if err != nil {
-		return nil, err
-	}
-
-	v.payEnc = payEnc
-
-	signature, err := io.ReadAll(r)
-	if err != nil {
-		return nil, err
-	}
-
-	v.sig = signature
-
-	return v.validateSig(varsig, expectedLength)
-}
-
-func (v *varsig[T]) validateSig(varsig *T, expectedLength uint64) (*T, error) {
-	if v.Version() == Version0 && len(v.sig) == 0 {
-		return varsig, ErrMissingSignature
-	}
-
-	if v.Version() == Version0 && uint64(len(v.sig)) != expectedLength {
-		return nil, ErrUnexpectedSignatureSize
-	}
-
-	if v.Version() == Version1 && len(v.sig) != 0 {
-		return nil, ErrUnexpectedSignaturePresent
-	}
-
-	return varsig, nil
-
+type BytesReader interface {
+	io.ByteReader
+	io.Reader
 }

varsig_test.go

@@ -2,7 +2,6 @@ package varsig_test
 
 import (
 	"encoding/hex"
-	"errors"
 	"io"
 	"testing"
 
@@ -59,17 +58,6 @@ func TestDecode(t *testing.T) {
 		assert.Nil(t, vs)
 	})
 
-	t.Run("fails - unknown signature algorithm - v0", func(t *testing.T) {
-		t.Parallel()
-
-		data, err := hex.DecodeString("3464")
-		require.NoError(t, err)
-
-		vs, err := varsig.Decode(data)
-		require.ErrorIs(t, err, varsig.ErrUnknownDiscriminator)
-		assert.Nil(t, vs)
-	})
-
 	t.Run("fails - unknown signature algorithm - v1", func(t *testing.T) {
 		t.Parallel()
 
@@ -88,7 +76,6 @@ func TestDecode(t *testing.T) {
 		rsaHex    = "8524"
 		sha256Hex = "12"
 		keyLen    = "8002"
-		rsaBaseV0 = "34" + rsaHex + sha256Hex + keyLen
 		rsaBaseV1 = "3401" + rsaHex + sha256Hex + keyLen
 	)
 
@@ -124,65 +111,4 @@ func TestDecode(t *testing.T) {
 		require.ErrorIs(t, err, varsig.ErrUnsupportedPayloadEncoding)
 		assert.Nil(t, vs)
 	})
-
-	t.Run("fails - unexpected signature length - v0", func(t *testing.T) {
-		t.Parallel()
-
-		data, err := hex.DecodeString(rsaBaseV0 + "5f" + "42") // 0x42 is only a single byte - 256 bytes are expected
-		require.NoError(t, err)
-
-		vs, err := varsig.Decode(data)
-		require.ErrorIs(t, err, varsig.ErrUnexpectedSignatureSize)
-		assert.Nil(t, vs)
-	})
-
-	t.Run("fails - unexpected signature present - v1", func(t *testing.T) {
-		t.Parallel()
-
-		data, err := hex.DecodeString(rsaBaseV1 + "5f" + "42") // 0x42 is only a single byte - 256 bytes are expected
-		require.NoError(t, err)
-
-		vs, err := varsig.Decode(data)
-		require.ErrorIs(t, err, varsig.ErrUnexpectedSignaturePresent)
-		assert.Nil(t, vs)
-	})
-
-	t.Run("passes with error - v0", func(t *testing.T) {
-		t.Parallel()
-		data, err := hex.DecodeString(rsaBaseV0 + "5f")
-		require.NoError(t, err)
-
-		vs, err := varsig.Decode(data)
-		require.ErrorIs(t, err, varsig.ErrMissingSignature)
-		assert.NotNil(t, vs) // varsig is still returned with just "header"
-	})
-}
-
-func mustVarsig[T varsig.Varsig](t *testing.T) func(*T, error) *T {
-	t.Helper()
-
-	return func(v *T, err error) *T {
-		if err != nil && ((*v).Version() != varsig.Version0 || !errors.Is(err, varsig.ErrMissingSignature)) {
-			t.Error(err)
-		}
-
-		return v
-	}
-}
-
-func roundTrip[T varsig.Varsig](t *testing.T, in T, expEncHex string) T {
-	data := in.Encode()
-	assert.Equal(t, expEncHex, hex.EncodeToString(data))
-
-	out, err := varsig.Decode(in.Encode())
-	if err != nil && (out.Version() != varsig.Version0 || !errors.Is(err, varsig.ErrMissingSignature)) {
-		t.Fail()
-	}
-
-	assert.Equal(t, in.Version(), out.Version())
-	assert.Equal(t, in.Discriminator(), out.Discriminator())
-	assert.Equal(t, in.PayloadEncoding(), out.PayloadEncoding())
-	assert.Equal(t, in.Signature(), out.Signature())
-
-	return out.(T)
 }