From 467524ae030ed5a96e031151312b90e9c758e2cb Mon Sep 17 00:00:00 2001 From: Geoffroy Couprie Date: Sun, 9 Feb 2025 12:27:14 +0100 Subject: [PATCH 1/2] test signature prehashing --- biscuit-auth/Cargo.toml | 3 +-- biscuit-auth/src/crypto/mod.rs | 34 +++++++++++++++++++++++++++++++++ biscuit-auth/src/crypto/p256.rs | 2 +- 3 files changed, 36 insertions(+), 3 deletions(-) diff --git a/biscuit-auth/Cargo.toml b/biscuit-auth/Cargo.toml index 6f4d765a..0664a1a4 100644 --- a/biscuit-auth/Cargo.toml +++ b/biscuit-auth/Cargo.toml @@ -27,7 +27,6 @@ pem = ["ed25519-dalek/pem", "ed25519-dalek/pkcs8"] [dependencies] rand_core = "^0.6" -sha2 = "^0.9" prost = "0.10" prost-types = "0.10" regex = { version = "1.5", default-features = false, features = ["std"] } @@ -38,7 +37,7 @@ thiserror = "1" rand = { version = "0.8" } wasm-bindgen = { version = "0.2", optional = true } base64 = "0.13.0" -ed25519-dalek = { version = "2.0.0", features = ["rand_core", "zeroize"] } +ed25519-dalek = { version = "2.0.0", features = ["rand_core", "zeroize", "digest"] } serde = { version = "1.0.132", optional = true, features = ["derive"] } getrandom = { version = "0.2.15" } time = { version = "0.3.7", features = ["formatting", "parsing"] } diff --git a/biscuit-auth/src/crypto/mod.rs b/biscuit-auth/src/crypto/mod.rs index 1c1054ce..5795370d 100644 --- a/biscuit-auth/src/crypto/mod.rs +++ b/biscuit-auth/src/crypto/mod.rs @@ -986,4 +986,38 @@ mod tests { let deser_pub = PublicKey::from_pem(&pem_pub).unwrap(); assert_eq!(p256_pub, deser_pub); } + + #[test] + fn prehashed_signature() { + use ::p256::NistP256; + use ecdsa::hazmat::DigestPrimitive; + use ed25519_dalek::DigestSigner; + + fn generate_authority_block_signature_payload_v1_prehashed< + H: ecdsa::signature::digest::Update, + >( + payload: &[u8], + version: u32, + hasher: &mut H, + ) { + hasher.update(b"\0BLOCK\0\0VERSION\0"); + hasher.update(&version.to_le_bytes()); + + hasher.update(&b"\0PAYLOAD\0"[..]); + hasher.update(payload); + } + + let mut prehashed: ed25519_dalek::Sha512 = ed25519_dalek::Sha512::default(); + generate_authority_block_signature_payload_v1_prehashed(b"payload", 1, &mut prehashed); + let kp = ed25519::KeyPair::new(); + //let hash = ed25519_dalek::Digest::finalize(prehashed); + let sig = kp.kp.try_sign_digest(prehashed).unwrap(); + println!("{:?}", sig); + + let mut prehashed2 = ::Digest::default(); + generate_authority_block_signature_payload_v1_prehashed(b"payload", 1, &mut prehashed2); + let kp = p256::KeyPair::new(); + let sig: ecdsa::Signature = kp.kp.try_sign_digest(prehashed2).unwrap(); + println!("{:?}", sig); + } } diff --git a/biscuit-auth/src/crypto/p256.rs b/biscuit-auth/src/crypto/p256.rs index a76e4ce4..3aec91df 100644 --- a/biscuit-auth/src/crypto/p256.rs +++ b/biscuit-auth/src/crypto/p256.rs @@ -16,7 +16,7 @@ use std::hash::Hash; /// pair of cryptographic keys used to sign a token's block #[derive(Debug, PartialEq)] pub struct KeyPair { - kp: SigningKey, + pub(super) kp: SigningKey, } impl KeyPair { From fec4d9bf9f7bf60fb2f29e584bd84b899712d3f1 Mon Sep 17 00:00:00 2001 From: Geoffroy Couprie Date: Sat, 10 May 2025 17:48:20 +0200 Subject: [PATCH 2/2] test --- biscuit-auth/src/crypto/mod.rs | 65 ++++++++++++++++++++++------------ 1 file changed, 43 insertions(+), 22 deletions(-) diff --git a/biscuit-auth/src/crypto/mod.rs b/biscuit-auth/src/crypto/mod.rs index 5795370d..ab04410a 100644 --- a/biscuit-auth/src/crypto/mod.rs +++ b/biscuit-auth/src/crypto/mod.rs @@ -672,6 +672,27 @@ pub(crate) fn generate_authority_block_signature_payload_v1( to_verify } +pub(crate) fn generate_authority_block_signature_payload_v1_prehashed< + H: ecdsa::signature::digest::Update, +>( + payload: &[u8], + next_key: &PublicKey, + version: u32, + hasher: &mut H, +) { + hasher.update(b"\0BLOCK\0\0VERSION\0"); + hasher.update(&version.to_le_bytes()); + + hasher.update(&b"\0PAYLOAD\0"[..]); + hasher.update(payload); + + hasher.update(&b"\0ALGORITHM\0"[..]); + hasher.update(&(next_key.algorithm() as i32).to_le_bytes()); + + hasher.update(&b"\0NEXTKEY\0"[..]); + hasher.update(&next_key.to_bytes()); +} + pub(crate) fn generate_block_signature_payload_v1( payload: &[u8], next_key: &PublicKey, @@ -993,31 +1014,31 @@ mod tests { use ecdsa::hazmat::DigestPrimitive; use ed25519_dalek::DigestSigner; - fn generate_authority_block_signature_payload_v1_prehashed< - H: ecdsa::signature::digest::Update, - >( - payload: &[u8], - version: u32, - hasher: &mut H, - ) { - hasher.update(b"\0BLOCK\0\0VERSION\0"); - hasher.update(&version.to_le_bytes()); - - hasher.update(&b"\0PAYLOAD\0"[..]); - hasher.update(payload); - } - - let mut prehashed: ed25519_dalek::Sha512 = ed25519_dalek::Sha512::default(); - generate_authority_block_signature_payload_v1_prehashed(b"payload", 1, &mut prehashed); let kp = ed25519::KeyPair::new(); + let next_key = KeyPair::new(); + let version = 1; + let payload = b"payload"; + let mut prehashed: ed25519_dalek::Sha512 = ed25519_dalek::Sha512::default(); + generate_authority_block_signature_payload_v1_prehashed( + payload, + &next_key.public(), + version, + &mut prehashed, + ); //let hash = ed25519_dalek::Digest::finalize(prehashed); - let sig = kp.kp.try_sign_digest(prehashed).unwrap(); + let sig = kp.kp.try_sign_digest(prehashed).unwrap().to_vec(); println!("{:?}", sig); - let mut prehashed2 = ::Digest::default(); - generate_authority_block_signature_payload_v1_prehashed(b"payload", 1, &mut prehashed2); - let kp = p256::KeyPair::new(); - let sig: ecdsa::Signature = kp.kp.try_sign_digest(prehashed2).unwrap(); - println!("{:?}", sig); + let to_sign = + generate_authority_block_signature_payload_v1(payload, &next_key.public(), version); + + let sig2 = kp.sign(&to_sign).unwrap(); + assert_eq!(sig, sig2.to_bytes()); + + // let mut prehashed2 = ::Digest::default(); + // generate_authority_block_signature_payload_v1_prehashed(b"payload", 1, &mut prehashed2); + // let kp = p256::KeyPair::new(); + // let sig: ecdsa::Signature = kp.kp.try_sign_digest(prehashed2).unwrap(); + // println!("{:?}", sig); } }