update the license files to make go do happy

.github/workflows/pre-commit.yaml

@@ -1,9 +1,7 @@
 name: pre-commit
 
 on:
-  pull_request:
   push:
-    # branches: [main]
 
 jobs:
   pre-commit:

.pre-commit-config.yaml

@@ -31,7 +31,7 @@ repos:
     - id: my-cmd-repo
       alias: govulncheck
       name: govulncheck
-      args: ["bash", "-c", "go run golang.org/x/vuln/cmd/govulncheck@v1.1.4 ./..."]
+      args: ["bash", "-c", "go tool golang.org/x/vuln/cmd/govulncheck ./..."]
 - repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook
   rev: v9.22.0
   hooks:

.tool-versions

@@ -1,4 +1,4 @@
 act 0.2.79
 golang 1.24.4
 golangci-lint 2.2.1
-pre-commit 4.2.0
+pre-commit 4.0.1

LICENSE

@@ -1,25 +0,0 @@
-The contents of this repository are Copyright (c) corresponding authors and
-contributors, licensed under the `Permissive License Stack` meaning either of:
-
-- Apache-2.0 Software License: https://www.apache.org/licenses/LICENSE-2.0
-  ([...4tr2kfsq](https://dweb.link/ipfs/bafkreiankqxazcae4onkp436wag2lj3ccso4nawxqkkfckd6cg4tr2kfsq))
-
-- MIT Software License: https://opensource.org/licenses/MIT
-  ([...vljevcba](https://dweb.link/ipfs/bafkreiepofszg4gfe2gzuhojmksgemsub2h4uy2gewdnr35kswvljevcba))
-
-You may not use the contents of this repository except in compliance
-with one of the listed Licenses. For an extended clarification of the
-intent behind the choice of Licensing please refer to
-https://protocol.ai/blog/announcing-the-permissive-license-stack/
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the terms listed in this notice is distributed on
-an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
-either express or implied. See each License for the specific language
-governing permissions and limitations under that License.
-
-<!--- SPDX-License-Identifier: Apache-2.0 OR MIT -->
-
-`SPDX-License-Identifier: Apache-2.0 OR MIT`
-
-Verbatim copies of both licenses are included in the LICENSE-APACHE-2.0 and LICENSE-MIT files.

LICENSE-MIT

@@ -1,21 +0,0 @@
-MIT License
-
-Copyright (c) 2025 UCAN Working Group - All rights reserved
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.

LICENSE.md

@@ -1,6 +1,35 @@
+The contents of this repository are Copyright (c) corresponding authors and
+contributors, licensed under the `Permissive License Stack` meaning either of:
+
+- Apache-2.0 Software License: https://www.apache.org/licenses/LICENSE-2.0
+  ([...4tr2kfsq](https://dweb.link/ipfs/bafkreiankqxazcae4onkp436wag2lj3ccso4nawxqkkfckd6cg4tr2kfsq))
+
+- MIT Software License: https://opensource.org/licenses/MIT
+  ([...vljevcba](https://dweb.link/ipfs/bafkreiepofszg4gfe2gzuhojmksgemsub2h4uy2gewdnr35kswvljevcba))
+
+You may not use the contents of this repository except in compliance
+with one of the listed Licenses. For an extended clarification of the
+intent behind the choice of Licensing please refer to
+https://protocol.ai/blog/announcing-the-permissive-license-stack/
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the terms listed in this notice is distributed on
+an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+either express or implied. See each License for the specific language
+governing permissions and limitations under that License.
+
+<!--- SPDX-License-Identifier: Apache-2.0 OR MIT -->
+
+`SPDX-License-Identifier: Apache-2.0 OR MIT`
+
+Verbatim copies of both licenses are included below:
+
+<details><summary>Apache-2.0 Software License</summary>
+
+```
                                  Apache License
                            Version 2.0, January 2004
-                        http://www.apache.org/licenses/
+                        https://www.apache.org/licenses/
 
    TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
 
@@ -174,28 +203,30 @@
       of your accepting any such warranty or additional liability.
 
    END OF TERMS AND CONDITIONS
+```
 
-   APPENDIX: How to apply the Apache License to your work.
+</details>
 
-      To apply the Apache License to your work, attach the following
+<details><summary>MIT Software License</summary>
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
 
-   Copyright 2025 UCAN Working Group - All right reserved
+```
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
 
-   Licensed under the Apache License, Version 2.0 (the "License");
+The above copyright notice and this permission notice shall be included in
-   you may not use this file except in compliance with the License.
+all copies or substantial portions of the Software.
-   You may obtain a copy of the License at
 
-       http://www.apache.org/licenses/LICENSE-2.0
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+```
 
-   Unless required by applicable law or agreed to in writing, software
+</details>
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.

README.md

@@ -1,9 +1,8 @@
 # go-varsig
 
-`go-varsig` implements the upcoming v1.0.0 release of the [`varsig` specification](https://github.com/ChainAgnostic/varsig/pull/18)
+`go-varsig` is a go implementation of the [`varsig` specification](https://github.com/ChainAgnostic/varsig).
-with limited (and soon to be deprecated) support for the `varsig` < v1.0
+
-specification.  This is predominantly included to support the UCAN v1.0
+Built with ❤️ by [Consensys](https://consensys.io/).
-use-case.
 
 ## Usage
 
@@ -13,6 +12,43 @@ Include the `go-varsig` library by running the following command:
 go get github.com/ucan-wg/go-varsig@latest
 ```
 
+## Quickstart
+
+```go
+func ExampleDecode() {
+	example, err := base64.RawStdEncoding.DecodeString("NAHtAe0BE3E")
+	handleErr(err)
+
+	vs, err := varsig.Decode(example)
+	handleErr(err)
+
+	fmt.Printf("%T\n", vs)
+	fmt.Printf("Algorithm: %d\n", vs.Algorithm())
+	fmt.Printf("Hash: %d\n", vs.Hash())
+	fmt.Printf("PayloadEncoding: %d\n", vs.PayloadEncoding())
+
+	// Output:
+	// varsig.EdDSAVarsig
+	// Algorithm: 237
+	// Hash: 19
+	// PayloadEncoding: 3
+}
+
+func ExampleEncode() {
+	edDSAVarsig := varsig.NewEdDSAVarsig(
+		varsig.CurveEd25519,
+		varsig.HashSha2_512,
+		varsig.PayloadEncodingDAGCBOR,
+	)
+
+	b64 := base64.RawStdEncoding.EncodeToString(edDSAVarsig.Encode())
+	fmt.Print(b64)
+
+	// Output:
+	// NAHtAe0BE3E
+}
+```
+
 ## Documentation
 
 Documentation for this library is provided as Go docs at
@@ -49,8 +85,15 @@ simulate the `docker` daemon:
 export DOCKER_HOST=unix:///var/run/podman/podman.sock
 ```
 
-Since there's only one workflow, the simplest command to test it is:
+The simplest command to test it is:
 
 ```bash
 act
 ```
+
+## License
+
+This project is dual-licensed under Apache 2.0 and MIT terms:
+
+- Apache License, Version 2.0, ([LICENSE-APACHE](https://github.com/ucan-wg/go-varsig/blob/master/LICENSE-APACHE-2.0) or http://www.apache.org/licenses/LICENSE-2.0)
+- MIT license ([LICENSE-MIT](https://github.com/ucan-wg/go-varsig/blob/master/LICENSE-MIT) or http://opensource.org/licenses/MIT)

common.go

@@ -1,41 +1,73 @@
 package varsig
 
-// Ed25519 produces a varsig that describes the associated algorithm defined
+import "fmt"
-// by the [IANA JOSE specification].
+
-//
 // [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
-func Ed25519(payloadEncoding PayloadEncoding, opts ...Option) (EdDSAVarsig, error) {
+
-	return NewEdDSAVarsig(CurveEd25519, HashAlgorithmSHA512, payloadEncoding, opts...)
+// Ed25519 produces a varsig for EdDSA using the Ed25519 curve.
+// This algorithm is defined in [IANA JOSE specification].
+func Ed25519(payloadEncoding PayloadEncoding) EdDSAVarsig {
+	return NewEdDSAVarsig(CurveEd25519, HashSha2_512, payloadEncoding)
 }
 
-// Ed448 produces a varsig that describes the associated algorithm defined
+// Ed448 produces a varsig for EdDSA using the Ed448 curve.
-// by the [IANA JOSE specification].
+// This algorithm is defined in [IANA JOSE specification].
-//
+func Ed448(payloadEncoding PayloadEncoding) EdDSAVarsig {
-// [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
+	return NewEdDSAVarsig(CurveEd448, HashShake_256, payloadEncoding)
-func Ed448(payloadEncoding PayloadEncoding, opts ...Option) (EdDSAVarsig, error) {
-	return NewEdDSAVarsig(CurveEd448, HashAlgorithmShake256, payloadEncoding, opts...)
 }
 
-// RS256 produces a varsig that describes the associated algorithm defined
+// RS256 produces a varsig for RSASSA-PKCS1-v1_5 using SHA-256.
-// by the [IANA JOSE specification].
+// This algorithm is defined in [IANA JOSE specification].
-//
+func RS256(keyLength uint64, payloadEncoding PayloadEncoding) RSAVarsig {
-// [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
+	return NewRSAVarsig(HashSha2_256, keyLength, payloadEncoding)
-func RS256(keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (RSAVarsig, error) {
-	return NewRSAVarsig(HashAlgorithmSHA256, keyLength, payloadEncoding, opts...)
 }
 
-// RS384 produces a varsig that describes the associated algorithm defined
+// RS384 produces a varsig for RSASSA-PKCS1-v1_5 using SHA-384.
-// by the [IANA JOSE specification].
+// This algorithm is defined in [IANA JOSE specification].
-//
+func RS384(keyLength uint64, payloadEncoding PayloadEncoding) RSAVarsig {
-// [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
+	return NewRSAVarsig(HashSha2_384, keyLength, payloadEncoding)
-func RS384(keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (RSAVarsig, error) {
-	return NewRSAVarsig(HashAlgorithmSHA384, keyLength, payloadEncoding, opts...)
 }
 
-// RS512 produces a varsig that describes the associated algorithm defined
+// RS512 produces a varsig for RSASSA-PKCS1-v1_5 using SHA-512.
-// by the [IANA JOSE specification].
+// This algorithm is defined in [IANA JOSE specification].
-//
+func RS512(keyLength uint64, payloadEncoding PayloadEncoding) RSAVarsig {
-// [IANA JOSE specification]: https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms
+	return NewRSAVarsig(HashSha2_512, keyLength, payloadEncoding)
-func RS512(keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (RSAVarsig, error) {
+}
-	return NewRSAVarsig(HashAlgorithmSHA512, keyLength, payloadEncoding, opts...)
+
+// ES256 produces a varsig for ECDSA using P-256 and SHA-256.
+// This algorithm is defined in [IANA JOSE specification].
+func ES256(payloadEncoding PayloadEncoding) ECDSAVarsig {
+	return NewECDSAVarsig(CurveP256, HashSha2_256, payloadEncoding)
+}
+
+// ES256K produces a varsig for ECDSA using secp256k1 curve and SHA-256.
+// This algorithm is defined in [IANA JOSE specification].
+func ES256K(payloadEncoding PayloadEncoding) ECDSAVarsig {
+	return NewECDSAVarsig(CurveSecp256k1, HashSha2_256, payloadEncoding)
+}
+
+// ES384 produces a varsig for ECDSA using P-384 and SHA-384.
+// This algorithm is defined in [IANA JOSE specification].
+func ES384(payloadEncoding PayloadEncoding) ECDSAVarsig {
+	return NewECDSAVarsig(CurveP384, HashSha2_384, payloadEncoding)
+}
+
+// ES512 produces a varsig for ECDSA using P-521 and SHA-512.
+// This algorithm is defined in [IANA JOSE specification].
+func ES512(payloadEncoding PayloadEncoding) ECDSAVarsig {
+	return NewECDSAVarsig(CurveP521, HashSha2_512, payloadEncoding)
+}
+
+// EIP191 produces a varsig for ECDSA using the Secp256k1 curve, Keccak256 and encoded
+// with the "personal_sign" format defined by [EIP191].
+// payloadEncoding must be either PayloadEncodingEIP191Raw or PayloadEncodingEIP191Cbor.
+// [EIP191]: https://eips.ethereum.org/EIPS/eip-191
+func EIP191(payloadEncoding PayloadEncoding) (ECDSAVarsig, error) {
+	switch payloadEncoding {
+	case PayloadEncodingEIP191Raw, PayloadEncodingEIP191Cbor:
+	default:
+		return ECDSAVarsig{}, fmt.Errorf("%w for EIP191: %v", ErrUnsupportedPayloadEncoding, payloadEncoding)
+	}
+
+	return NewECDSAVarsig(CurveSecp256k1, HashKeccak_256, payloadEncoding), nil
 }

common_test.go

@@ -1,68 +1,146 @@
 package varsig_test
 
 import (
+	"encoding/hex"
 	"testing"
 
-	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 
 	"github.com/ucan-wg/go-varsig"
 )
 
-func TestEd25519(t *testing.T) {
+func TestRoundTrip(t *testing.T) {
-	t.Parallel()
+	for _, tc := range []struct {
+		name      string
+		varsig    varsig.Varsig
+		dataHex   string
+		dataBytes []byte
+	}{
+		// Arbitrary use of presets
+		{
+			name:    "Ed25519",
+			varsig:  varsig.Ed25519(varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401ed01ed011371",
+		},
+		{
+			name:    "Ed448",
+			varsig:  varsig.Ed448(varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401ed0183241971",
+		},
+		{
+			name:    "RS256",
+			varsig:  varsig.RS256(0x100, varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401852412800271",
+		},
+		{
+			name:    "RS384",
+			varsig:  varsig.RS384(0x100, varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401852420800271",
+		},
+		{
+			name:    "RS512",
+			varsig:  varsig.RS512(0x100, varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401852413800271",
+		},
+		{
+			name:    "ES256",
+			varsig:  varsig.ES256(varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401ec0180241271",
+		},
+		{
+			name:    "ES256K",
+			varsig:  varsig.ES256K(varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401ec01e7011271",
+		},
+		{
+			name:    "ES384",
+			varsig:  varsig.ES384(varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401ec0181242071",
+		},
+		{
+			name:    "ES512",
+			varsig:  varsig.ES512(varsig.PayloadEncodingDAGCBOR),
+			dataHex: "3401ec0182241371",
+		},
+		{
+			name:    "EIP191",
+			varsig:  must(varsig.EIP191(varsig.PayloadEncodingEIP191Raw)),
+			dataHex: "3401ec01e7011b91c3035f",
+		},
 
-	in, err := varsig.Ed25519(varsig.PayloadEncodingDAGCBOR)
+		// from https://github.com/hugomrdias/iso-repo/blob/main/packages/iso-ucan/test/varsig.test.js
-	mustVarsig(t, in, err)
+		{
-	out := roundTrip(t, in, "3401ed01ed011371")
+			name:      "RS256+RAW",
-	assertEdDSAEqual(t, in, out)
+			varsig:    varsig.RS256(256, varsig.PayloadEncodingVerbatim),
+			dataBytes: []byte{52, 1, 133, 36, 18, 128, 2, 95},
+		},
+		{
+			name:      "ES256+RAW",
+			varsig:    varsig.ES256(varsig.PayloadEncodingVerbatim),
+			dataBytes: []byte{52, 1, 236, 1, 128, 36, 18, 95},
+		},
+		{
+			name:      "ES512+RAW",
+			varsig:    varsig.ES512(varsig.PayloadEncodingVerbatim),
+			dataBytes: []byte{52, 1, 236, 1, 130, 36, 19, 95},
+		},
+		{
+			name:      "ES256K+RAW",
+			varsig:    varsig.ES256K(varsig.PayloadEncodingVerbatim),
+			dataBytes: []byte{52, 1, 236, 1, 231, 1, 18, 95},
+		},
+		{
+			name:      "EIP191+RAW",
+			varsig:    must(varsig.EIP191(varsig.PayloadEncodingEIP191Raw)),
+			dataBytes: []byte{52, 1, 236, 1, 231, 1, 27, 145, 195, 3, 95},
+		},
+		{
+			name:      "EIP191+DAG-CBOR",
+			varsig:    must(varsig.EIP191(varsig.PayloadEncodingEIP191Cbor)),
+			dataBytes: []byte{52, 1, 236, 1, 231, 1, 27, 145, 195, 3, 113},
+		},
+	} {
+		t.Run(tc.name, func(t *testing.T) {
+			// round-trip encode and back
+			data := tc.varsig.Encode()
+
+			if tc.dataBytes != nil {
+				require.Equal(t, tc.dataBytes, data)
+			}
+			if tc.dataHex != "" {
+				require.Equal(t, tc.dataHex, hex.EncodeToString(data))
+			}
+
+			rt, err := varsig.Decode(data)
+			require.NoError(t, err)
+
+			require.Equal(t, tc.varsig.Version(), rt.Version())
+			require.Equal(t, tc.varsig.Algorithm(), rt.Algorithm())
+			require.Equal(t, tc.varsig.PayloadEncoding(), rt.PayloadEncoding())
+
+			switch vs := tc.varsig.(type) {
+			case varsig.EdDSAVarsig:
+				rt := rt.(varsig.EdDSAVarsig)
+				require.Equal(t, vs.Curve(), rt.Curve())
+				require.Equal(t, vs.Hash(), rt.Hash())
+			case varsig.ECDSAVarsig:
+				rt := rt.(varsig.ECDSAVarsig)
+				require.Equal(t, vs.Curve(), rt.Curve())
+				require.Equal(t, vs.Hash(), rt.Hash())
+			case varsig.RSAVarsig:
+				rt := rt.(varsig.RSAVarsig)
+				require.Equal(t, vs.Hash(), rt.Hash())
+				require.Equal(t, vs.KeyLength(), rt.KeyLength())
+			default:
+				t.Fatalf("unexpected varsig type: %T", vs)
+			}
+		})
+	}
 }
 
-func TestEd448(t *testing.T) {
+func must[T any](v T, err error) T {
-	t.Parallel()
+	if err != nil {
-
+		panic(err)
-	in, err := varsig.Ed448(varsig.PayloadEncodingDAGCBOR)
+	}
-	mustVarsig(t, in, err)
+	return v
-	out := roundTrip(t, in, "3401ed0183241971")
-	assertEdDSAEqual(t, in, out)
-}
-
-func TestRS256(t *testing.T) {
-	t.Parallel()
-
-	in, err := varsig.RS256(0x100, varsig.PayloadEncodingDAGCBOR)
-	mustVarsig(t, in, err)
-	out := roundTrip(t, in, "3401852412800271")
-	assertRSAEqual(t, in, out)
-}
-
-func TestRS384(t *testing.T) {
-	t.Parallel()
-
-	in, err := varsig.RS384(0x100, varsig.PayloadEncodingDAGCBOR)
-	mustVarsig(t, in, err)
-	out := roundTrip(t, in, "3401852420800271")
-	assertRSAEqual(t, in, out)
-}
-
-func TestRS512(t *testing.T) {
-	t.Parallel()
-
-	in, err := varsig.RS512(0x100, varsig.PayloadEncodingDAGCBOR)
-	mustVarsig(t, in, err)
-	out := roundTrip(t, in, "3401852413800271")
-	assertRSAEqual(t, in, out)
-}
-
-func assertEdDSAEqual(t *testing.T, in, out varsig.EdDSAVarsig) {
-	t.Helper()
-
-	assert.Equal(t, in.Curve(), out.Curve())
-	assert.Equal(t, in.HashAlgorithm(), out.HashAlgorithm())
-}
-
-func assertRSAEqual(t *testing.T, in, out varsig.RSAVarsig) {
-	t.Helper()
-
-	assert.Equal(t, in.HashAlgorithm(), out.HashAlgorithm())
-	assert.Equal(t, in.KeyLength(), out.KeyLength())
 }

constant.go

@@ -8,115 +8,179 @@ import (
 // Prefix is the value for the varsig's varuint prefix byte.
 const Prefix = uint64(0x34)
 
-// HashAlgorithm is the value that specifies the hash algorithm
+// Hash is the value that specifies the hash algorithm
 // that's used to reduce the signed content
-type HashAlgorithm uint64
+type Hash uint64
 
 // Constant values that allow Varsig implementations to specify how
 // the payload content is hashed before the signature is generated.
 const (
-	HashAlgorithmUnspecified HashAlgorithm = 0x00
+	HashUnspecified Hash = 0x00
-	HashAlgorithmSHA256                    = HashAlgorithm(0x12)
+
-	HashAlgorithmSHA384                    = HashAlgorithm(0x20)
+	HashSha2_224 = Hash(0x1013)
-	HashAlgorithmSHA512                    = HashAlgorithm(0x13)
+	HashSha2_256 = Hash(0x12)
-	HashAlgorithmShake256                  = HashAlgorithm(0x19)
+	HashSha2_384 = Hash(0x20)
+	HashSha2_512 = Hash(0x13)
+
+	HashSha3_224 = Hash(0x17)
+	HashSha3_256 = Hash(0x16)
+	HashSha3_384 = Hash(0x15)
+	HashSha3_512 = Hash(0x14)
+
+	HashSha512_224 = Hash(0x1014)
+	HashSha512_256 = Hash(0x1015)
+
+	HashBlake2s_256 = Hash(0xb260)
+	HashBlake2b_256 = Hash(0xb220)
+	HashBlake2b_384 = Hash(0xb230)
+	HashBlake2b_512 = Hash(0xb240)
+
+	HashShake_256 = Hash(0x19)
+
+	HashKeccak_256 = Hash(0x1b)
+	HashKeccak_512 = Hash(0x1d)
+
+	// You should likely not use those:
+	HashRipemd_160 = Hash(0x1053)
+	HashMd4        = Hash(0xd4)
+	HashMd5        = Hash(0xd5)
+	HashSha1       = Hash(0x11)
 )
 
 // DecodeHashAlgorithm reads and validates the expected hash algorithm
 // (for varsig types include a variable hash algorithm.)
-func DecodeHashAlgorithm(r BytesReader) (HashAlgorithm, error) {
+func DecodeHashAlgorithm(r BytesReader) (Hash, error) {
 	u, err := binary.ReadUvarint(r)
 	if err != nil {
-		return HashAlgorithmUnspecified, fmt.Errorf("%w: %w", ErrUnknownHashAlgorithm, err)
+		return HashUnspecified, fmt.Errorf("%w: %w", ErrUnknownHash, err)
 	}
 
-	h := HashAlgorithm(u)
+	h := Hash(u)
 
 	switch h {
-	case HashAlgorithmSHA256,
+	case HashSha2_224,
-		HashAlgorithmSHA384,
+		HashSha2_256,
-		HashAlgorithmSHA512,
+		HashSha2_384,
-		HashAlgorithmShake256:
+		HashSha2_512,
+		HashSha3_224,
+		HashSha3_256,
+		HashSha3_384,
+		HashSha3_512,
+		HashSha512_224,
+		HashSha512_256,
+		HashBlake2s_256,
+		HashBlake2b_256,
+		HashBlake2b_384,
+		HashBlake2b_512,
+		HashShake_256,
+		HashKeccak_256,
+		HashKeccak_512,
+		HashRipemd_160,
+		HashMd4,
+		HashMd5,
+		HashSha1:
 		return h, nil
 	default:
-		return HashAlgorithmUnspecified, fmt.Errorf("%w: %x", ErrUnknownHashAlgorithm, h)
+		return HashUnspecified, fmt.Errorf("%w: %x", ErrUnknownHash, h)
 	}
 }
 
 // PayloadEncoding specifies the encoding of the data being (hashed and)
 // signed.  A canonical representation of the data is required to produce
 // consistent hashes and signatures.
-type PayloadEncoding uint64
+type PayloadEncoding int
 
 // Constant values that allow Varsig implementations to specify how the
 // payload content is encoded before being hashed.
-// In varsig >= v1, only canonical encoding is allowed.
 const (
-	PayloadEncodingUnspecified PayloadEncoding = 0x00
+	PayloadEncodingUnspecified = PayloadEncoding(iota)
-	PayloadEncodingVerbatim    PayloadEncoding = 0x5f
+	PayloadEncodingVerbatim
-	PayloadEncodingDAGPB                       = PayloadEncoding(0x70)
+	PayloadEncodingDAGPB
-	PayloadEncodingDAGCBOR                     = PayloadEncoding(0x71)
+	PayloadEncodingDAGCBOR
-	PayloadEncodingDAGJSON                     = PayloadEncoding(0x0129)
+	PayloadEncodingDAGJSON
-	PayloadEncodingEIP191                      = PayloadEncoding(0xd191)
+	PayloadEncodingEIP191Raw
-	PayloadEncodingJWT         PayloadEncoding = 0x6a77
+	PayloadEncodingEIP191Cbor
+	PayloadEncodingJWT
+)
+
+const (
+	encodingSegmentVerbatim = uint64(0x5f)
+	encodingSegmentDAGPB    = uint64(0x70)
+	encodingSegmentDAGCBOR  = uint64(0x71)
+	encodingSegmentDAGJSON  = uint64(0x0129)
+	encodingSegmentEIP191   = uint64(0xe191)
+	encodingSegmentJWT      = uint64(0x6a77)
 )
 
 // DecodePayloadEncoding reads and validates the expected canonical payload
 // encoding of the data to be signed.
-func DecodePayloadEncoding(r BytesReader, vers Version) (PayloadEncoding, error) {
+func DecodePayloadEncoding(r BytesReader) (PayloadEncoding, error) {
-	u, err := binary.ReadUvarint(r)
+	seg1, err := binary.ReadUvarint(r)
 	if err != nil {
 		return PayloadEncodingUnspecified, fmt.Errorf("%w: %w", ErrUnsupportedPayloadEncoding, err)
 	}
 
-	payEnc := PayloadEncoding(u)
+	switch seg1 {
-
+	case encodingSegmentVerbatim:
-	switch vers {
+		return PayloadEncodingVerbatim, nil
-	case Version0:
+	case encodingSegmentDAGCBOR:
-		return decodeEncodingInfoV0(payEnc)
+		return PayloadEncodingDAGCBOR, nil
-	case Version1:
+	case encodingSegmentDAGJSON:
-		return decodeEncodingInfoV1(payEnc)
+		return PayloadEncodingDAGJSON, nil
+	case encodingSegmentEIP191:
+		seg2, err := binary.ReadUvarint(r)
+		if err != nil {
+			return PayloadEncodingUnspecified, fmt.Errorf("%w: incomplete EIP191 encoding: %w", ErrUnsupportedPayloadEncoding, err)
+		}
+		switch seg2 {
+		case encodingSegmentVerbatim:
+			return PayloadEncodingEIP191Raw, nil
+		case encodingSegmentDAGCBOR:
+			return PayloadEncodingEIP191Cbor, nil
+		default:
+			return PayloadEncodingUnspecified, fmt.Errorf("%w: encoding=%x+%x", ErrUnsupportedPayloadEncoding, seg1, seg2)
+		}
 	default:
-		return 0, ErrUnsupportedVersion
+		return PayloadEncodingUnspecified, fmt.Errorf("%w: encoding=%x", ErrUnsupportedPayloadEncoding, seg1)
 	}
 }
 
-// https://github.com/ChainAgnostic/varsig#4-payload-encoding
+// EncodePayloadEncoding returns the PayloadEncoding as serialized bytes.
-func decodeEncodingInfoV0(payEnc PayloadEncoding) (PayloadEncoding, error) {
+// If enc is not a valid PayloadEncoding, this function will panic.
-	switch payEnc {
+func EncodePayloadEncoding(enc PayloadEncoding) []byte {
-	case PayloadEncodingVerbatim,
+	res := make([]byte, 0, 8)
-		PayloadEncodingDAGPB,
+	switch enc {
-		PayloadEncodingDAGCBOR,
+	case PayloadEncodingVerbatim:
-		PayloadEncodingDAGJSON,
+		res = binary.AppendUvarint(res, encodingSegmentVerbatim)
-		PayloadEncodingJWT,
+	case PayloadEncodingDAGPB:
-		PayloadEncodingEIP191:
+		res = binary.AppendUvarint(res, encodingSegmentDAGPB)
-		return payEnc, nil
+	case PayloadEncodingDAGCBOR:
+		res = binary.AppendUvarint(res, encodingSegmentDAGCBOR)
+	case PayloadEncodingDAGJSON:
+		res = binary.AppendUvarint(res, encodingSegmentDAGJSON)
+	case PayloadEncodingEIP191Raw:
+		res = binary.AppendUvarint(res, encodingSegmentEIP191)
+		res = binary.AppendUvarint(res, encodingSegmentVerbatim)
+	case PayloadEncodingEIP191Cbor:
+		res = binary.AppendUvarint(res, encodingSegmentEIP191)
+		res = binary.AppendUvarint(res, encodingSegmentDAGCBOR)
+	case PayloadEncodingJWT:
+		res = binary.AppendUvarint(res, encodingSegmentJWT)
 	default:
-		return PayloadEncodingUnspecified, fmt.Errorf("%w: version=%d, encoding=%x", ErrUnsupportedPayloadEncoding, Version0, payEnc)
+		panic(fmt.Sprintf("invalid encoding: %v", enc))
 	}
+
+	return res
 }
 
-// https://github.com/expede/varsig/blob/main/README.md#payload-encoding
+// Algorithm is (usually) the value representing the public key type of
-func decodeEncodingInfoV1(payEnc PayloadEncoding) (PayloadEncoding, error) {
-	switch payEnc {
-	case PayloadEncodingVerbatim,
-		PayloadEncodingDAGCBOR,
-		PayloadEncodingDAGJSON,
-		PayloadEncodingEIP191:
-		return payEnc, nil
-	default:
-		return PayloadEncodingUnspecified, fmt.Errorf("%w: version=%d, encoding=%x", ErrUnsupportedPayloadEncoding, Version1, payEnc)
-	}
-}
-
-// Discriminator is (usually) the value representing the public key type of
 // the algorithm used to create the signature.
 //
-// There is not set list of constants here, nor is there a decode function
+// There is no set list of constants here, nor is there a decode function
 // as the author of an implementation should include the constant with the
 // implementation, and the decoding is handled by the Handler, which uses
-// the Discriminator to choose the correct implementation.  Also note that
+// the Algorithm to choose the correct implementation.  Also note that
-// some of the Discriminator values for a specific implementation have
+// some of the Algorithm values for a specific implementation have
 // changed between varsig v0 and v1, so it's possible to have more than one
 // constant defined per implementation.
-type Discriminator uint64
+type Algorithm uint64

constant_test.go

@@ -18,24 +18,24 @@ func TestDecodeHashAlgorithm(t *testing.T) {
 
 		hashAlg, err := varsig.DecodeHashAlgorithm(bytes.NewReader([]byte{0x12}))
 		require.NoError(t, err)
-		require.Equal(t, varsig.HashAlgorithmSHA256, hashAlg)
+		require.Equal(t, varsig.HashSha2_256, hashAlg)
 	})
 
 	t.Run("fails - truncated varsig (no bytes)", func(t *testing.T) {
 		t.Parallel()
 
 		hashAlg, err := varsig.DecodeHashAlgorithm(bytes.NewReader([]byte{}))
-		require.ErrorIs(t, err, varsig.ErrUnknownHashAlgorithm)
+		require.ErrorIs(t, err, varsig.ErrUnknownHash)
 		require.ErrorIs(t, err, io.EOF)
-		require.Equal(t, varsig.HashAlgorithmUnspecified, hashAlg)
+		require.Equal(t, varsig.HashUnspecified, hashAlg)
 	})
 
 	t.Run("fails - unknown hash algorithm", func(t *testing.T) {
 		t.Parallel()
 
 		hashAlg, err := varsig.DecodeHashAlgorithm(bytes.NewReader([]byte{0x42}))
-		require.ErrorIs(t, err, varsig.ErrUnknownHashAlgorithm)
+		require.ErrorIs(t, err, varsig.ErrUnknownHash)
-		require.Equal(t, varsig.HashAlgorithmUnspecified, hashAlg)
+		require.Equal(t, varsig.HashUnspecified, hashAlg)
 	})
 }
 
@@ -53,18 +53,10 @@ func TestDecodePayloadEncoding(t *testing.T) {
 	t.Run("passes", func(t *testing.T) {
 		t.Parallel()
 
-		t.Run("v0", func(t *testing.T) {
-			t.Parallel()
-
-			payEnc, err := varsig.DecodePayloadEncoding(bytes.NewReader([]byte{0x5f}), varsig.Version1)
-			require.NoError(t, err)
-			require.Equal(t, varsig.PayloadEncodingVerbatim, payEnc)
-		})
-
 		t.Run("v1", func(t *testing.T) {
 			t.Parallel()
 
-			payEnc, err := varsig.DecodePayloadEncoding(bytes.NewReader([]byte{0x5f}), varsig.Version1)
+			payEnc, err := varsig.DecodePayloadEncoding(bytes.NewReader([]byte{0x5f}))
 			require.NoError(t, err)
 			require.Equal(t, varsig.PayloadEncodingVerbatim, payEnc)
 		})
@@ -76,27 +68,13 @@ func TestDecodePayloadEncoding(t *testing.T) {
 		tests := []struct {
 			name string
 			data []byte
-			vers varsig.Version
 			err  error
 		}{
 			{
-				name: "unsupported encoding - v0",
+				name: "unsupported encoding",
-				data: []byte{0x42}, // random
-				vers: varsig.Version0,
-				err:  varsig.ErrUnsupportedPayloadEncoding,
-			},
-			{
-				name: "unsupported encoding - v1",
 				data: []byte{0x6a, 0x77}, // JWT
-				vers: varsig.Version1,
 				err:  varsig.ErrUnsupportedPayloadEncoding,
 			},
-			{
-				name: "unsupported version",
-				data: []byte{0x5f}, // Verbatim
-				vers: 99,           // random
-				err:  varsig.ErrUnsupportedVersion,
-			},
 		}
 
 		for _, tt := range tests {
@@ -105,10 +83,8 @@ func TestDecodePayloadEncoding(t *testing.T) {
 				t.Parallel()
 
 				r := bytes.NewReader(tt.data)
-				_, err := varsig.DecodePayloadEncoding(r, tt.vers)
+				_, err := varsig.DecodePayloadEncoding(r)
 				require.ErrorIs(t, err, tt.err)
-				// t.Log(err)
-				// t.Fail()
 			})
 		}
 	})
@@ -118,6 +94,6 @@ func BenchmarkDecodePayloadEncoding(b *testing.B) {
 	b.ReportAllocs()
 	data := []byte{0x5f}
 	for i := 0; i < b.N; i++ {
-		_, _ = varsig.DecodePayloadEncoding(bytes.NewReader(data), varsig.Version1)
+		_, _ = varsig.DecodePayloadEncoding(bytes.NewReader(data))
 	}
 }

ecdsa.go

@@ -1,9 +1,101 @@
 package varsig
 
-// Stub
+import (
-const (
+	"encoding/binary"
-	DiscriminatorECDSASecp256k1 Discriminator = 0xe7
+	"fmt"
-	DiscriminatorECDSAP256      Discriminator = 0x1200
-	DiscriminatorECDSAP384      Discriminator = 0x1201
-	DiscriminatorECDSAP521      Discriminator = 0x1202
 )
+
+// AlgorithmECDSA is the value specifying an ECDSA signature.
+const AlgorithmECDSA = Algorithm(0xec)
+
+// ECDSACurve are values that specify which ECDSA curve is used when
+// generating the signature.
+type ECDSACurve uint64
+
+// Constants describing the values for each specific ECDSA curve that can
+// be encoded into a Varsig.
+const (
+	CurveSecp256k1 = ECDSACurve(0xe7)
+	CurveP256      = ECDSACurve(0x1200)
+	CurveP384      = ECDSACurve(0x1201)
+	CurveP521      = ECDSACurve(0x1202)
+)
+
+func decodeECDSACurve(r BytesReader) (ECDSACurve, error) {
+	u, err := binary.ReadUvarint(r)
+	if err != nil {
+		return 0, err
+	}
+
+	switch curve := ECDSACurve(u); curve {
+	case CurveSecp256k1, CurveP256, CurveP384, CurveP521:
+		return curve, nil
+	default:
+		return 0, fmt.Errorf("%w: %x", ErrUnknownECDSACurve, u)
+	}
+}
+
+var _ Varsig = ECDSAVarsig{}
+
+// ECDSAVarsig is a varsig that encodes the parameters required to describe
+// an ECDSA signature.
+type ECDSAVarsig struct {
+	varsig
+
+	curve   ECDSACurve
+	hashAlg Hash
+}
+
+// NewECDSAVarsig creates and validates an ECDSA varsig with the provided
+// curve, hash algorithm and payload encoding.
+func NewECDSAVarsig(curve ECDSACurve, hashAlgorithm Hash, payloadEncoding PayloadEncoding) ECDSAVarsig {
+	return ECDSAVarsig{
+		varsig: varsig{
+			algo:   AlgorithmECDSA,
+			payEnc: payloadEncoding,
+		},
+		curve:   curve,
+		hashAlg: hashAlgorithm,
+	}
+}
+
+// Curve returns the elliptic curve used to generate the ECDSA signature.
+func (v ECDSAVarsig) Curve() ECDSACurve {
+	return v.curve
+}
+
+// Hash returns the value describing the hash algorithm used to hash
+// the payload content before the signature is generated.
+func (v ECDSAVarsig) Hash() Hash {
+	return v.hashAlg
+}
+
+// Encode returns the encoded byte format of the ECDSAVarsig.
+func (v ECDSAVarsig) Encode() []byte {
+	buf := v.encode()
+
+	buf = binary.AppendUvarint(buf, uint64(v.curve))
+	buf = binary.AppendUvarint(buf, uint64(v.hashAlg))
+	buf = append(buf, EncodePayloadEncoding(v.payEnc)...)
+
+	return buf
+}
+
+func decodeECDSA(r BytesReader) (Varsig, error) {
+	curve, err := decodeECDSACurve(r)
+	if err != nil {
+		return nil, err
+	}
+
+	hashAlg, err := DecodeHashAlgorithm(r)
+	if err != nil {
+		return nil, err
+	}
+
+	payEnc, err := DecodePayloadEncoding(r)
+	if err != nil {
+		return nil, err
+	}
+
+	return NewECDSAVarsig(curve, hashAlg, payEnc), nil
+}

eddsa.go

@@ -1,17 +1,12 @@
 package varsig
 
 import (
-	"crypto/ed25519"
 	"encoding/binary"
 	"fmt"
 )
 
-// Constants containing values that specify EdDSA signatures.
+// AlgorithmEdDSA is the value specifying an EdDSA signature.
-const (
+const AlgorithmEdDSA = Algorithm(0xed)
-	DiscriminatorEdDSA   = Discriminator(0xed)
-	DiscriminatorEd25519 = Discriminator(0xed)
-	DiscriminatorEd448   = Discriminator(0x1203)
-)
 
 // EdDSACurve are values that specify which Edwards curve is used when
 // generating the signature.
@@ -46,38 +41,20 @@ type EdDSAVarsig struct {
 	varsig
 
 	curve   EdDSACurve
-	hashAlg HashAlgorithm
+	hashAlg Hash
 }
 
 // NewEdDSAVarsig creates and validates an EdDSA varsig with the provided
 // curve, hash algorithm and payload encoding.
-func NewEdDSAVarsig(curve EdDSACurve, hashAlgorithm HashAlgorithm, payloadEncoding PayloadEncoding, opts ...Option) (EdDSAVarsig, error) {
+func NewEdDSAVarsig(curve EdDSACurve, hashAlgorithm Hash, payloadEncoding PayloadEncoding) EdDSAVarsig {
-	options := newOptions(opts...)
+	return EdDSAVarsig{
-
-	var (
-		vers = Version1
-		disc = DiscriminatorEdDSA
-		sig  []byte
-	)
-
-	if options.ForceVersion0() {
-		vers = Version0
-		disc = Discriminator(curve)
-		sig = options.Signature()
-	}
-
-	v := EdDSAVarsig{
 		varsig: varsig{
-			vers:   vers,
+			algo:   AlgorithmEdDSA,
-			disc:   disc,
 			payEnc: payloadEncoding,
-			sig:    sig,
 		},
 		curve:   curve,
 		hashAlg: hashAlgorithm,
 	}
-
-	return validateSig(v, ed25519.SignatureSize)
 }
 
 // Curve returns the Edwards curve used to generate the EdDSA signature.
@@ -85,9 +62,9 @@ func (v EdDSAVarsig) Curve() EdDSACurve {
 	return v.curve
 }
 
-// HashAlgorithm returns the value describing the hash algorithm used to hash
+// Hash returns the value describing the hash algorithm used to hash
 // the payload content before the signature is generated.
-func (v EdDSAVarsig) HashAlgorithm() HashAlgorithm {
+func (v EdDSAVarsig) Hash() Hash {
 	return v.hashAlg
 }
 
@@ -95,26 +72,17 @@ func (v EdDSAVarsig) HashAlgorithm() HashAlgorithm {
 func (v EdDSAVarsig) Encode() []byte {
 	buf := v.encode()
 
-	if v.vers != Version0 {
+	buf = binary.AppendUvarint(buf, uint64(v.curve))
-		buf = binary.AppendUvarint(buf, uint64(v.curve))
-	}
-
 	buf = binary.AppendUvarint(buf, uint64(v.hashAlg))
-	buf = binary.AppendUvarint(buf, uint64(v.payEnc))
+	buf = append(buf, EncodePayloadEncoding(v.payEnc)...)
-	buf = append(buf, v.Signature()...)
 
 	return buf
 }
 
-func decodeEd25519(r BytesReader, vers Version, disc Discriminator) (Varsig, error) {
+func decodeEdDSA(r BytesReader) (Varsig, error) {
-	curve := EdDSACurve(disc)
+	curve, err := decodeEdDSACurve(r)
-	if vers != Version0 {
+	if err != nil {
-		var err error
+		return nil, err
-
-		curve, err = decodeEdDSACurve(r)
-		if err != nil {
-			return nil, err
-		}
 	}
 
 	hashAlg, err := DecodeHashAlgorithm(r)
@@ -122,19 +90,10 @@ func decodeEd25519(r BytesReader, vers Version, disc Discriminator) (Varsig, err
 		return nil, err
 	}
 
-	v := EdDSAVarsig{
+	payEnc, err := DecodePayloadEncoding(r)
-		varsig: varsig{
-			vers: vers,
-			disc: disc,
-		},
-		curve:   curve,
-		hashAlg: hashAlg,
-	}
-
-	v.payEnc, v.sig, err = v.decodePayEncAndSig(r)
 	if err != nil {
 		return nil, err
 	}
 
-	return validateSig(v, ed25519.SignatureSize)
+	return NewEdDSAVarsig(curve, hashAlg, payEnc), nil
 }

eddsa_test.go

@@ -2,7 +2,6 @@ package varsig_test
 
 import (
 	"encoding/base64"
-	"encoding/hex"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -11,53 +10,6 @@ import (
 	"github.com/ucan-wg/go-varsig"
 )
 
-func TestDecodeEd25519(t *testing.T) {
-	t.Parallel()
-
-	t.Run("passes - section 3 example - v0", func(t *testing.T) {
-		// Original:  34ed01    1371ae3784f03f9ee1163382fa6efa73b0c31ecf58c899c836709303ba4621d1e6df20e09aaa568914290b7ea124f5b38e70b9b69c7de0d216880eac885edd41c302
-		// Corrected: 34ed011371ae3784f03f9ee1163382fa6efa73b0c31ecf58c899c836709303ba4621d1e6df20e09aaa568914290b7ea124f5b38e70b9b69c7de0d216880eac885edd41c302")
-
-		hdr, err := hex.DecodeString("34ed011371")
-		require.NoError(t, err)
-
-		sig, err := hex.DecodeString("ae3784f03f9ee1163382fa6efa73b0c31ecf58c899c836709303ba4621d1e6df20e09aaa568914290b7ea124f5b38e70b9b69c7de0d216880eac885edd41c302")
-		require.NoError(t, err)
-		require.Len(t, sig, 64)
-
-		t.Run("Decode", func(t *testing.T) {
-			t.Parallel()
-
-			v, err := varsig.Decode(append(hdr, sig...))
-			require.NoError(t, err)
-			require.NotNil(t, v)
-			assert.Equal(t, varsig.Version0, v.Version())
-			assert.Equal(t, varsig.DiscriminatorEd25519, v.Discriminator())
-			assert.Equal(t, varsig.PayloadEncodingDAGCBOR, v.PayloadEncoding())
-			assert.Len(t, v.Signature(), 64)
-
-			impl, ok := v.(varsig.EdDSAVarsig)
-			require.True(t, ok)
-			assert.Equal(t, varsig.CurveEd25519, impl.Curve())
-			assert.Equal(t, varsig.HashAlgorithmSHA512, impl.HashAlgorithm())
-		})
-
-		t.Run("Encode", func(t *testing.T) {
-			t.Parallel()
-
-			v, err := varsig.NewEdDSAVarsig(
-				varsig.CurveEd25519,
-				varsig.HashAlgorithmSHA512,
-				varsig.PayloadEncodingDAGCBOR,
-				varsig.WithForceVersion0(sig),
-			)
-			require.NoError(t, err)
-			require.NotNil(t, v)
-			assert.Equal(t, append(hdr, sig...), v.Encode())
-		})
-	})
-}
-
 func TestUCANExampleV1(t *testing.T) {
 	t.Parallel()
 
@@ -73,26 +25,24 @@ func TestUCANExampleV1(t *testing.T) {
 		v, err := varsig.Decode(example)
 		require.NoError(t, err)
 
-		rsaV, ok := v.(varsig.EdDSAVarsig)
+		ed25519V, ok := v.(varsig.EdDSAVarsig)
 		require.True(t, ok)
 
-		assert.Equal(t, varsig.Version1, rsaV.Version())
+		assert.Equal(t, varsig.Version1, ed25519V.Version())
-		assert.Equal(t, varsig.DiscriminatorEdDSA, rsaV.Discriminator())
+		assert.Equal(t, varsig.AlgorithmEdDSA, ed25519V.Algorithm())
-		assert.Equal(t, varsig.CurveEd25519, rsaV.Curve())
+		assert.Equal(t, varsig.CurveEd25519, ed25519V.Curve())
-		assert.Equal(t, varsig.HashAlgorithmSHA512, rsaV.HashAlgorithm())
+		assert.Equal(t, varsig.HashSha2_512, ed25519V.Hash())
-		assert.Equal(t, varsig.PayloadEncodingDAGCBOR, rsaV.PayloadEncoding())
+		assert.Equal(t, varsig.PayloadEncodingDAGCBOR, ed25519V.PayloadEncoding())
-		assert.Len(t, rsaV.Signature(), 0)
 	})
 
 	t.Run("Encode", func(t *testing.T) {
 		t.Parallel()
 
-		edDSAVarsig, err := varsig.NewEdDSAVarsig(
+		edDSAVarsig := varsig.NewEdDSAVarsig(
 			varsig.CurveEd25519,
-			varsig.HashAlgorithmSHA512,
+			varsig.HashSha2_512,
 			varsig.PayloadEncodingDAGCBOR,
 		)
-		require.NoError(t, err)
 
 		assert.Equal(t, example, edDSAVarsig.Encode())
 		t.Log(base64.RawStdEncoding.EncodeToString(edDSAVarsig.Encode()))

error.go

@@ -2,42 +2,32 @@ package varsig
 
 import "errors"
 
-// ErrMissingSignature is returned when a varsig v0 is parsed and does
-// not contain the expected signature bytes.  This is expected in some
-// intermediate cases, such as the UCAN v1 specification.
-var ErrMissingSignature = errors.New("missing signature expected in varsig v0")
-
 // ErrNotYetImplemented is returned when a function is currently under
 // construction.  For released versions of this library, this error should
 // never occur.
 var ErrNotYetImplemented = errors.New("not yet implemented")
 
-// ErrUnexpectedSignaturePresent is returned when a signature is present
+// ErrUnknownHash is returned when an unexpected value is provided
-// in a varsig >= v1.
-var ErrUnexpectedSignaturePresent = errors.New("unexpected signature present in varsig >= v1")
-
-// ErrUnexpectedSignatureSize is returned when the length of the decoded
-// signature doesn't match the expected signature length as defined by the
-// signing algorithm or sent via a Varsig field.
-var ErrUnexpectedSignatureSize = errors.New("unexpected signature size in varsig v0")
-
-// ErrUnknownHashAlgorithm is returned when an unexpected value is provided
 // while decoding the hashing algorithm.
-var ErrUnknownHashAlgorithm = errors.New("unknown hash algorithm")
+var ErrUnknownHash = errors.New("unknown hash algorithm")
 
 // ErrUnsupportedPayloadEncoding is returned when an unexpected value is
 // provided while decoding the payload encoding field.  The allowed values
 // for this field may vary based on the varsig version.
 var ErrUnsupportedPayloadEncoding = errors.New("unsupported payload encoding")
 
-// ErrUnknownDiscriminator is returned when the Registry doesn't have a
+// ErrUnknownAlgorithm is returned when the Registry doesn't have a
 // parsing function for the decoded signing algorithm.
-var ErrUnknownDiscriminator = errors.New("unknown signing algorithm")
+var ErrUnknownAlgorithm = errors.New("unknown signing algorithm")
 
 // ErrUnknownEdDSACurve is returned when the decoded uvarint isn't either
 // CurveEd25519 or CurveEd448.
 var ErrUnknownEdDSACurve = errors.New("unknown Edwards curve")
 
+// ErrUnknownECDSACurve is returned when the decoded uvarint isn't either
+// CurveSecp256k1, CurveP256, CurveP384 or CurveP521.
+var ErrUnknownECDSACurve = errors.New("unknown ECDSA curve")
+
 // ErrUnsupportedVersion is returned when an unsupported varsig version
 // field is present.
 var ErrUnsupportedVersion = errors.New("unsupported version")

go.mod

@@ -1,11 +1,21 @@
 module github.com/ucan-wg/go-varsig
 
-go 1.24.4
+go 1.23.10
+
+toolchain go1.24.4
 
 require github.com/stretchr/testify v1.10.0
 
 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
+	golang.org/x/mod v0.22.0 // indirect
+	golang.org/x/sync v0.10.0 // indirect
+	golang.org/x/sys v0.29.0 // indirect
+	golang.org/x/telemetry v0.0.0-20240522233618-39ace7a40ae7 // indirect
+	golang.org/x/tools v0.29.0 // indirect
+	golang.org/x/vuln v1.1.4 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
+
+tool golang.org/x/vuln/cmd/govulncheck

go.sum

@@ -1,9 +1,27 @@
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/google/go-cmdtest v0.4.1-0.20220921163831-55ab3332a786 h1:rcv+Ippz6RAtvaGgKxc+8FQIpxHgsF+HBzPyYL2cyVU=
+github.com/google/go-cmdtest v0.4.1-0.20220921163831-55ab3332a786/go.mod h1:apVn/GCasLZUVpAJ6oWAuyP7Ne7CEsQbTnc0plM3m+o=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/renameio v0.1.0 h1:GOZbcHa3HfsPKPlmyPyN2KEohoMXOhdMbHrvbpl2QaA=
+github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
 github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4=
+golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
+golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
+golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
+golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/telemetry v0.0.0-20240522233618-39ace7a40ae7 h1:FemxDzfMUcK2f3YY4H+05K9CDzbSVr2+q/JKN45pey0=
+golang.org/x/telemetry v0.0.0-20240522233618-39ace7a40ae7/go.mod h1:pRgIJT+bRLFKnoM1ldnzKoxTIn14Yxz928LQRYYgIN0=
+golang.org/x/tools v0.29.0 h1:Xx0h3TtM9rzQpQuR4dKLrdglAmCEN5Oi+P74JdhdzXE=
+golang.org/x/tools v0.29.0/go.mod h1:KMQVMRsVxU6nHCFXrBPhDB8XncLNLM0lIy/F14RP588=
+golang.org/x/vuln v1.1.4 h1:Ju8QsuyhX3Hk8ma3CesTbO8vfJD9EvUBgHvkxHBzj0I=
+golang.org/x/vuln v1.1.4/go.mod h1:F+45wmU18ym/ca5PLTPLsSzr2KppzswxPP603ldA67s=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=

option.go

@@ -1,45 +0,0 @@
-package varsig
-
-// Options define customization when creating a new Varsig.
-type Options struct {
-	forceVersion0 bool
-	signature     []byte
-}
-
-func newOptions(opts ...Option) *Options {
-	o := &Options{}
-
-	for _, opt := range opts {
-		opt(o)
-	}
-
-	return o
-}
-
-// ForceVersion0 returns a boolean indicating that a Varsig < v1 should
-// be created (which means the encoded Varsig won't have a version field
-// and might contain the signature bytes as the last field.)
-func (o *Options) ForceVersion0() bool {
-	return o.forceVersion0
-}
-
-// Signature returns the optional signature bytes when creating a Varsig
-// < v1.
-func (o *Options) Signature() []byte {
-	return o.signature
-}
-
-// Option is a function that alters the default behavior of constructors
-// that produce implementations of the Varsig type.
-type Option func(*Options)
-
-// WithForceVersion0 indicates that a Varsig < v1 should be produced. If
-// the signature is a) not nil, b) not empty and c) the correct length
-// based on the signing algorithm or signing key, the signature's bytes
-// will be appended to the encoded Varsig.
-func WithForceVersion0(signature []byte) Option {
-	return func(o *Options) {
-		o.forceVersion0 = true
-		o.signature = signature
-	}
-}

registry.go

@@ -18,22 +18,19 @@ const (
 
 // DecodeFunc is a function that parses the varsig representing a specific
 // signing algorithm.
-type DecodeFunc func(BytesReader, Version, Discriminator) (Varsig, error)
+type DecodeFunc func(BytesReader) (Varsig, error)
 
 // Registry contains a mapping between known signing algorithms and
 // functions that can parse varsigs for that signing algorithm.
-type Registry map[Discriminator]DecodeFunc
+type Registry map[Algorithm]DecodeFunc
 
 // DefaultRegistry provides a Registry containing the mappings for the
 // signing algorithms which have an implementation within this library.
 func DefaultRegistry() Registry {
-	return map[Discriminator]DecodeFunc{
+	return map[Algorithm]DecodeFunc{
-		DiscriminatorRSA:            decodeRSA,
+		AlgorithmRSA:   decodeRSA,
-		DiscriminatorEdDSA:          decodeEd25519,
+		AlgorithmEdDSA: decodeEdDSA,
-		DiscriminatorEd448:          decodeEd25519,
+		AlgorithmECDSA: decodeECDSA,
-		DiscriminatorECDSAP256:      notYetImplementedVarsigDecoder,
-		DiscriminatorECDSASecp256k1: notYetImplementedVarsigDecoder,
-		DiscriminatorECDSAP521:      notYetImplementedVarsigDecoder,
 	}
 }
 
@@ -44,7 +41,7 @@ func NewRegistry() Registry {
 
 // Register allows new mappings between a signing algorithm and its parsing
 // function to the Registry.
-func (rs Registry) Register(alg Discriminator, decodeFunc DecodeFunc) {
+func (rs Registry) Register(alg Algorithm, decodeFunc DecodeFunc) {
 	rs[alg] = decodeFunc
 }
 
@@ -66,20 +63,24 @@ func (rs Registry) DecodeStream(r BytesReader) (Varsig, error) {
 		return nil, fmt.Errorf("%w: expected %d, got %d", ErrBadPrefix, Prefix, pre)
 	}
 
-	vers, disc, err := rs.decodeVersAnddisc(r)
+	vers, algo, err := rs.decodeVersAndAlgo(r)
 	if err != nil {
 		return nil, err
 	}
 
-	decodeFunc, ok := rs[Discriminator(disc)]
+	if vers != Version1 {
-	if !ok {
+		return nil, fmt.Errorf("%w: %d", ErrUnsupportedVersion, vers)
-		return nil, fmt.Errorf("%w: %x", ErrUnknownDiscriminator, disc)
 	}
 
-	return decodeFunc(r, vers, disc)
+	decodeFunc, ok := rs[Algorithm(algo)]
+	if !ok {
+		return nil, fmt.Errorf("%w: %x", ErrUnknownAlgorithm, algo)
+	}
+
+	return decodeFunc(r)
 }
 
-func (rs Registry) decodeVersAnddisc(r BytesReader) (Version, Discriminator, error) {
+func (rs Registry) decodeVersAndAlgo(r BytesReader) (Version, Algorithm, error) {
 	vers, err := binary.ReadUvarint(r)
 	if err != nil {
 		return Version(vers), 0, err
@@ -90,14 +91,10 @@ func (rs Registry) decodeVersAnddisc(r BytesReader) (Version, Discriminator, err
 	}
 
 	if vers >= 64 {
-		return 0, Discriminator(vers), nil
+		return 0, Algorithm(vers), nil
 	}
 
-	disc, err := binary.ReadUvarint(r)
+	algo, err := binary.ReadUvarint(r)
 
-	return Version(vers), Discriminator(disc), err
+	return Version(vers), Algorithm(algo), err
-}
-
-func notYetImplementedVarsigDecoder(_ BytesReader, vers Version, disc Discriminator) (Varsig, error) {
-	return nil, fmt.Errorf("%w: Version: %d, Discriminator: %x", ErrNotYetImplemented, vers, disc)
 }

registry_test.go

@@ -12,25 +12,7 @@ import (
 )
 
 func TestRegistry_Decode(t *testing.T) {
-	t.Parallel()
-
-	t.Run("passes - v0", func(t *testing.T) {
-		t.Parallel()
-
-		data, err := hex.DecodeString("348120")
-		require.NoError(t, err)
-
-		reg := testRegistry(t)
-
-		vs, err := reg.DecodeStream(bytes.NewReader(data))
-		require.NoError(t, err)
-		assert.Equal(t, varsig.Version0, vs.Version())
-		assert.Equal(t, testDiscriminator1, vs.Discriminator())
-	})
-
 	t.Run("passes - v1", func(t *testing.T) {
-		t.Parallel()
-
 		data, err := hex.DecodeString("34018120")
 		require.NoError(t, err)
 
@@ -39,63 +21,54 @@ func TestRegistry_Decode(t *testing.T) {
 		vs, err := reg.DecodeStream(bytes.NewReader(data))
 		require.NoError(t, err)
 		assert.Equal(t, varsig.Version1, vs.Version())
-		assert.Equal(t, testDiscriminator1, vs.Discriminator())
+		assert.Equal(t, testAlgorithm1, vs.Algorithm())
 	})
 }
 
 const (
-	testDiscriminator0 varsig.Discriminator = 0x1000
+	testAlgorithm0 varsig.Algorithm = 0x1000
-	testDiscriminator1 varsig.Discriminator = 0x1001
+	testAlgorithm1 varsig.Algorithm = 0x1001
 )
 
 func testRegistry(t *testing.T) varsig.Registry {
 	t.Helper()
 
 	reg := varsig.NewRegistry()
-	reg.Register(testDiscriminator0, testDecodeFunc(t))
+	reg.Register(testAlgorithm0, testDecodeFunc(testAlgorithm0))
-	reg.Register(testDiscriminator1, testDecodeFunc(t))
+	reg.Register(testAlgorithm1, testDecodeFunc(testAlgorithm1))
 
 	return reg
 }
 
-func testDecodeFunc(t *testing.T) varsig.DecodeFunc {
+func testDecodeFunc(algo varsig.Algorithm) varsig.DecodeFunc {
-	t.Helper()
+	return func(r varsig.BytesReader) (varsig.Varsig, error) {
-
+		return &testVarsig{algo: algo}, nil
-	return func(r varsig.BytesReader, vers varsig.Version, disc varsig.Discriminator) (varsig.Varsig, error) {
-		v := &testVarsig{
-			vers: vers,
-			disc: disc,
-		}
-
-		return v, nil
 	}
 }
 
 var _ varsig.Varsig = testVarsig{}
 
 type testVarsig struct {
-	vers   varsig.Version
+	algo   varsig.Algorithm
-	disc   varsig.Discriminator
 	payEnc varsig.PayloadEncoding
-	sig    []byte
 }
 
 func (v testVarsig) Version() varsig.Version {
-	return v.vers
+	return varsig.Version1
 }
 
-func (v testVarsig) Discriminator() varsig.Discriminator {
+func (v testVarsig) Algorithm() varsig.Algorithm {
-	return v.disc
+	return v.algo
+}
+
+func (v testVarsig) Hash() varsig.Hash {
+	return varsig.HashUnspecified
 }
 
 func (v testVarsig) PayloadEncoding() varsig.PayloadEncoding {
 	return v.payEnc
 }
 
-func (v testVarsig) Signature() []byte {
-	return v.sig
-}
-
 func (v testVarsig) Encode() []byte {
 	return nil
 }

rsa.go

@@ -4,8 +4,8 @@ import (
 	"encoding/binary"
 )
 
-// DiscriminatorRSA is the value specifying an RSA signature.
+// AlgorithmRSA is the value specifying an RSA signature.
-const DiscriminatorRSA = Discriminator(0x1205)
+const AlgorithmRSA = Algorithm(0x1205)
 
 var _ Varsig = RSAVarsig{}
 
@@ -13,85 +13,61 @@ var _ Varsig = RSAVarsig{}
 // an RSA signature.
 type RSAVarsig struct {
 	varsig
-	hashAlg HashAlgorithm
+	hashAlg Hash
-	sigLen  uint64
+	keyLen  uint64
 }
 
 // NewRSAVarsig creates and validates an RSA varsig with the provided
 // hash algorithm, key length and payload encoding.
-func NewRSAVarsig(hashAlgorithm HashAlgorithm, keyLength uint64, payloadEncoding PayloadEncoding, opts ...Option) (RSAVarsig, error) {
+func NewRSAVarsig(hashAlgorithm Hash, keyLen uint64, payloadEncoding PayloadEncoding) RSAVarsig {
-	options := newOptions(opts...)
+	return RSAVarsig{
-
-	var (
-		vers = Version1
-		sig  []byte
-	)
-
-	if options.ForceVersion0() {
-		vers = Version0
-		sig = options.Signature()
-	}
-
-	v := RSAVarsig{
 		varsig: varsig{
-			vers:   vers,
+			algo:   AlgorithmRSA,
-			disc:   DiscriminatorRSA,
 			payEnc: payloadEncoding,
-			sig:    sig,
 		},
 		hashAlg: hashAlgorithm,
-		sigLen:  keyLength,
+		keyLen:  keyLen,
 	}
-
-	return validateSig(v, v.sigLen)
 }
 
 // Encode returns the encoded byte format of the RSAVarsig.
 func (v RSAVarsig) Encode() []byte {
 	buf := v.encode()
+
 	buf = binary.AppendUvarint(buf, uint64(v.hashAlg))
-	buf = binary.AppendUvarint(buf, v.sigLen)
+	buf = binary.AppendUvarint(buf, v.keyLen)
-	buf = binary.AppendUvarint(buf, uint64(v.payEnc))
+	buf = append(buf, EncodePayloadEncoding(v.payEnc)...)
-	buf = append(buf, v.Signature()...)
 
 	return buf
 }
 
-// HashAlgorithm returns the hash algorithm used to has the payload content.
+// Hash returns the value describing the hash algorithm used to hash
-func (v RSAVarsig) HashAlgorithm() HashAlgorithm {
+// the payload content before the signature is generated.
+func (v RSAVarsig) Hash() Hash {
 	return v.hashAlg
 }
 
 // KeyLength returns the length of the RSA key used to sign the payload
 // content.
 func (v RSAVarsig) KeyLength() uint64 {
-	return v.sigLen
+	return v.keyLen
 }
 
-func decodeRSA(r BytesReader, vers Version, disc Discriminator) (Varsig, error) {
+func decodeRSA(r BytesReader) (Varsig, error) {
 	hashAlg, err := DecodeHashAlgorithm(r)
 	if err != nil {
 		return nil, err
 	}
 
-	sigLen, err := binary.ReadUvarint(r)
+	keyLen, err := binary.ReadUvarint(r)
 	if err != nil {
 		return nil, err
 	}
 
-	vs := RSAVarsig{
+	payEnc, err := DecodePayloadEncoding(r)
-		varsig: varsig{
-			vers: vers,
-			disc: disc,
-		},
-		hashAlg: hashAlg,
-		sigLen:  sigLen,
-	}
-
-	vs.payEnc, vs.sig, err = vs.decodePayEncAndSig(r)
 	if err != nil {
 		return nil, err
 	}
 
-	return validateSig(vs, vs.sigLen)
+	return NewRSAVarsig(hashAlg, keyLen, payEnc), nil
 }

rsa_test.go

@@ -4,7 +4,6 @@ import (
 	"encoding/base64"
 	"testing"
 
-	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 
 	"github.com/ucan-wg/go-varsig"
@@ -29,68 +28,23 @@ func TestRSAVarsig(t *testing.T) {
 		rsaVs, ok := vs.(varsig.RSAVarsig)
 		require.True(t, ok)
 
-		assert.Equal(t, varsig.Version1, rsaVs.Version())
+		require.Equal(t, varsig.Version1, rsaVs.Version())
-		assert.Equal(t, varsig.DiscriminatorRSA, rsaVs.Discriminator())
+		require.Equal(t, varsig.AlgorithmRSA, rsaVs.Algorithm())
-		assert.Equal(t, varsig.HashAlgorithmSHA256, rsaVs.HashAlgorithm())
+		require.Equal(t, varsig.HashSha2_256, rsaVs.Hash())
-		assert.Equal(t, varsig.PayloadEncodingDAGCBOR, rsaVs.PayloadEncoding())
+		require.Equal(t, varsig.PayloadEncodingDAGCBOR, rsaVs.PayloadEncoding())
-		assert.Equal(t, uint64(keyLen), rsaVs.KeyLength())
+		require.Equal(t, uint64(keyLen), rsaVs.KeyLength())
-		assert.Len(t, rsaVs.Signature(), 0)
 	})
 
 	t.Run("Encode", func(t *testing.T) {
 		t.Parallel()
 
-		rsaVarsig, err := varsig.NewRSAVarsig(
+		rsaVarsig := varsig.NewRSAVarsig(
-			varsig.HashAlgorithmSHA256,
+			varsig.HashSha2_256,
 			keyLen,
 			varsig.PayloadEncodingDAGCBOR,
 		)
-		require.NoError(t, err)
 
-		assert.Equal(t, example, rsaVarsig.Encode())
+		require.Equal(t, example, rsaVarsig.Encode())
 		t.Log(base64.RawStdEncoding.EncodeToString(rsaVarsig.Encode()))
 	})
 }
-
-func TestUCANExampleV0(t *testing.T) {
-	t.Parallel()
-
-	const keyLen = 0x100
-
-	// This test is the value shown in the UCAN v1.0.0 example, which is
-	// an RSA varsig < v1 encoded as RS256 with a key length of 0x100
-	// bytes and DAG-CBOR payload encoding.
-	example, err := base64.RawStdEncoding.DecodeString("NIUkEoACcQ")
-	require.NoError(t, err)
-
-	t.Run("Decode", func(t *testing.T) {
-		t.Parallel()
-
-		vs, err := varsig.Decode(example)
-		require.ErrorIs(t, err, varsig.ErrMissingSignature)
-
-		rsaVs, ok := vs.(varsig.RSAVarsig)
-		require.True(t, ok)
-
-		assert.Equal(t, varsig.Version0, rsaVs.Version())
-		assert.Equal(t, varsig.DiscriminatorRSA, rsaVs.Discriminator())
-		assert.Equal(t, varsig.HashAlgorithmSHA256, rsaVs.HashAlgorithm())
-		assert.Equal(t, varsig.PayloadEncodingDAGCBOR, rsaVs.PayloadEncoding())
-		assert.Equal(t, uint64(keyLen), rsaVs.KeyLength())
-		assert.Len(t, rsaVs.Signature(), 0)
-	})
-
-	t.Run("Encode", func(t *testing.T) {
-		t.Parallel()
-
-		rsaVarsig, err := varsig.NewRSAVarsig(
-			varsig.HashAlgorithmSHA256,
-			keyLen,
-			varsig.PayloadEncodingDAGCBOR,
-			varsig.WithForceVersion0([]byte{}),
-		)
-		require.ErrorIs(t, err, varsig.ErrMissingSignature)
-
-		assert.Equal(t, example, rsaVarsig.Encode())
-	})
-}

varsig.go

@@ -20,7 +20,6 @@ package varsig
 
 import (
 	"encoding/binary"
-	"errors"
 	"io"
 )
 
@@ -30,17 +29,15 @@ type Varsig interface {
 	// Version returns the varsig's version field.
 	Version() Version
 
-	// Discriminator returns the algorithm used to produce the corresponding signature.
+	// Algorithm returns the algorithm used to produce the corresponding signature.
-	Discriminator() Discriminator
+	Algorithm() Algorithm
+
+	// Hash returns the hash used on the data before signature.
+	Hash() Hash
 
 	// PayloadEncoding returns the codec that was used to encode the signed data.
 	PayloadEncoding() PayloadEncoding
 
-	// Signature returns the cryptographic signature of the signed data.
-	// This value is never present in a varsig >= v1 and must either be a valid
-	// signature with the correct length or empty in varsig < v1.
-	Signature() []byte
-
 	// Encode returns the encoded byte format of the varsig.
 	Encode() []byte
 }
@@ -58,21 +55,19 @@ func DecodeStream(r BytesReader) (Varsig, error) {
 }
 
 type varsig struct {
-	vers   Version
+	algo   Algorithm
-	disc   Discriminator
 	payEnc PayloadEncoding
-	sig    []byte
 }
 
 // Version returns the varsig's version field.
 func (v varsig) Version() Version {
-	return v.vers
+	return Version1
 }
 
-// Discriminator returns the algorithm used to produce the corresponding
+// Algorithm returns the algorithm used to produce the corresponding
 // signature.
-func (v varsig) Discriminator() Discriminator {
+func (v varsig) Algorithm() Algorithm {
-	return v.disc
+	return v.algo
 }
 
 // PayloadEncoding returns the codec that was used to encode the signed
@@ -81,71 +76,19 @@ func (v varsig) PayloadEncoding() PayloadEncoding {
 	return v.payEnc
 }
 
-// Signature returns the cryptographic signature of the signed data. This
-// value is never present in a varsig >= v1 and must either be a valid
-// signature with the correct length or empty in varsig < v1.
-func (v varsig) Signature() []byte {
-	return v.sig
-}
-
 func (v varsig) encode() []byte {
-	var buf []byte
+	// Pre-allocate to the maximum size to avoid re-allocating.
+	// I think the maximum is 10 bytes, but it's all the same for go to allocate 16 (due to the small
+	// size allocation class), so we might as well get some headroom for bigger varints.
+	buf := make([]byte, 0, 16)
 
 	buf = binary.AppendUvarint(buf, Prefix)
-
+	buf = binary.AppendUvarint(buf, uint64(Version1))
-	if v.Version() == Version1 {
+	buf = binary.AppendUvarint(buf, uint64(v.algo))
-		buf = binary.AppendUvarint(buf, uint64(Version1))
-	}
-
-	buf = binary.AppendUvarint(buf, uint64(v.disc))
 
 	return buf
 }
 
-func (v varsig) decodePayEncAndSig(r BytesReader) (PayloadEncoding, []byte, error) {
-	payEnc, err := DecodePayloadEncoding(r, v.Version())
-	if err != nil {
-		return 0, nil, err
-	}
-
-	var signature []byte
-	switch v.Version() {
-	case Version0:
-		signature, err = io.ReadAll(r)
-		if err != nil {
-			return 0, nil, err
-		}
-	case Version1:
-		_, err := r.ReadByte()
-		if err != nil && !errors.Is(err, io.EOF) {
-			return 0, nil, err
-		}
-		if err == nil {
-			return 0, nil, ErrUnexpectedSignaturePresent
-		}
-	default:
-		return 0, nil, ErrUnsupportedVersion
-	}
-
-	return payEnc, signature, nil
-}
-
-func validateSig[T Varsig](v T, expectedLength uint64) (T, error) {
-	if v.Version() == Version0 && len(v.Signature()) == 0 {
-		return v, ErrMissingSignature
-	}
-
-	if v.Version() == Version0 && uint64(len(v.Signature())) != expectedLength {
-		return *new(T), ErrUnexpectedSignatureSize
-	}
-
-	if v.Version() == Version1 && len(v.Signature()) != 0 {
-		return *new(T), ErrUnexpectedSignaturePresent
-	}
-
-	return v, nil
-}
-
 type BytesReader interface {
 	io.ByteReader
 	io.Reader

varsig_test.go

@@ -1,8 +1,9 @@
 package varsig_test
 
 import (
+	"encoding/base64"
 	"encoding/hex"
-	"errors"
+	"fmt"
 	"io"
 	"testing"
 
@@ -12,6 +13,39 @@ import (
 	"github.com/ucan-wg/go-varsig"
 )
 
+func ExampleDecode() {
+	example, err := base64.RawStdEncoding.DecodeString("NAHtAe0BE3E")
+	handleErr(err)
+
+	vs, err := varsig.Decode(example)
+	handleErr(err)
+
+	fmt.Printf("%T\n", vs)
+	fmt.Printf("Algorithm: %d\n", vs.Algorithm())
+	fmt.Printf("Hash: %d\n", vs.Hash())
+	fmt.Printf("PayloadEncoding: %d\n", vs.PayloadEncoding())
+
+	// Output:
+	// varsig.EdDSAVarsig
+	// Algorithm: 237
+	// Hash: 19
+	// PayloadEncoding: 3
+}
+
+func ExampleEncode() {
+	edDSAVarsig := varsig.NewEdDSAVarsig(
+		varsig.CurveEd25519,
+		varsig.HashSha2_512,
+		varsig.PayloadEncodingDAGCBOR,
+	)
+
+	b64 := base64.RawStdEncoding.EncodeToString(edDSAVarsig.Encode())
+	fmt.Print(b64)
+
+	// Output:
+	// NAHtAe0BE3E
+}
+
 func TestDecode(t *testing.T) {
 	t.Parallel()
 
@@ -59,17 +93,6 @@ func TestDecode(t *testing.T) {
 		assert.Nil(t, vs)
 	})
 
-	t.Run("fails - unknown signature algorithm - v0", func(t *testing.T) {
-		t.Parallel()
-
-		data, err := hex.DecodeString("3464")
-		require.NoError(t, err)
-
-		vs, err := varsig.Decode(data)
-		require.ErrorIs(t, err, varsig.ErrUnknownDiscriminator)
-		assert.Nil(t, vs)
-	})
-
 	t.Run("fails - unknown signature algorithm - v1", func(t *testing.T) {
 		t.Parallel()
 
@@ -77,7 +100,7 @@ func TestDecode(t *testing.T) {
 		require.NoError(t, err)
 
 		vs, err := varsig.Decode(data)
-		require.ErrorIs(t, err, varsig.ErrUnknownDiscriminator)
+		require.ErrorIs(t, err, varsig.ErrUnknownAlgorithm)
 		assert.Nil(t, vs)
 	})
 
@@ -88,7 +111,6 @@ func TestDecode(t *testing.T) {
 		rsaHex    = "8524"
 		sha256Hex = "12"
 		keyLen    = "8002"
-		rsaBaseV0 = "34" + rsaHex + sha256Hex + keyLen
 		rsaBaseV1 = "3401" + rsaHex + sha256Hex + keyLen
 	)
 
@@ -124,61 +146,10 @@ func TestDecode(t *testing.T) {
 		require.ErrorIs(t, err, varsig.ErrUnsupportedPayloadEncoding)
 		assert.Nil(t, vs)
 	})
-
-	t.Run("fails - unexpected signature length - v0", func(t *testing.T) {
-		t.Parallel()
-
-		data, err := hex.DecodeString(rsaBaseV0 + "5f" + "42") // 0x42 is only a single byte - 256 bytes are expected
-		require.NoError(t, err)
-
-		vs, err := varsig.Decode(data)
-		require.ErrorIs(t, err, varsig.ErrUnexpectedSignatureSize)
-		assert.Zero(t, vs)
-	})
-
-	t.Run("fails - unexpected signature present - v1", func(t *testing.T) {
-		t.Parallel()
-
-		data, err := hex.DecodeString(rsaBaseV1 + "5f" + "42") // 0x42 is only a single byte - 256 bytes are expected
-		require.NoError(t, err)
-
-		vs, err := varsig.Decode(data)
-		require.ErrorIs(t, err, varsig.ErrUnexpectedSignaturePresent)
-		assert.Nil(t, vs)
-	})
-
-	t.Run("passes with error - v0", func(t *testing.T) {
-		t.Parallel()
-		data, err := hex.DecodeString(rsaBaseV0 + "5f")
-		require.NoError(t, err)
-
-		vs, err := varsig.Decode(data)
-		require.ErrorIs(t, err, varsig.ErrMissingSignature)
-		assert.NotNil(t, vs) // varsig is still returned with just "header"
-	})
 }
 
-func mustVarsig[T varsig.Varsig](t *testing.T, v T, err error) {
+func handleErr(err error) {
-	t.Helper()
+	if err != nil {
-
+		panic(err)
-	if err != nil && (v.Version() != varsig.Version0 || !errors.Is(err, varsig.ErrMissingSignature)) {
-		t.Error(err)
 	}
 }
-
-func roundTrip[T varsig.Varsig](t *testing.T, in T, expEncHex string) T {
-	data := in.Encode()
-	assert.Equal(t, expEncHex, hex.EncodeToString(data))
-
-	out, err := varsig.Decode(in.Encode())
-	if err != nil && (out.Version() != varsig.Version0 || !errors.Is(err, varsig.ErrMissingSignature)) {
-		t.Fail()
-	}
-
-	assert.Equal(t, in.Version(), out.Version())
-	assert.Equal(t, in.Discriminator(), out.Discriminator())
-	assert.Equal(t, in.PayloadEncoding(), out.PayloadEncoding())
-	assert.Equal(t, in.Signature(), out.Signature())
-
-	return out.(T)
-}