eclipse-biscuit · Geal · Feb 9, 2025 · May 10, 2025
diff --git a/biscuit-auth/Cargo.toml b/biscuit-auth/Cargo.toml
@@ -27,7 +27,6 @@ pem = ["ed25519-dalek/pem", "ed25519-dalek/pkcs8"]
 
 [dependencies]
 rand_core = "^0.6"
-sha2 = "^0.9"
 prost = "0.10"
 prost-types = "0.10"
 regex = { version = "1.5", default-features = false, features = ["std"] }
@@ -38,7 +37,7 @@ thiserror = "1"
 rand = { version = "0.8" }
 wasm-bindgen = { version = "0.2", optional = true }
 base64 = "0.13.0"
-ed25519-dalek = { version = "2.0.0", features = ["rand_core", "zeroize"] }
+ed25519-dalek = { version = "2.0.0", features = ["rand_core", "zeroize", "digest"] }
 serde = { version = "1.0.132", optional = true, features = ["derive"] }
 getrandom = { version = "0.2.15" }
 time = { version = "0.3.7", features = ["formatting", "parsing"] }

diff --git a/biscuit-auth/src/crypto/mod.rs b/biscuit-auth/src/crypto/mod.rs
@@ -672,6 +672,27 @@
     to_verify
 }
 
+pub(crate) fn generate_authority_block_signature_payload_v1_prehashed<
+    H: ecdsa::signature::digest::Update,
+>(
+    payload: &[u8],
+    next_key: &PublicKey,
+    version: u32,
+    hasher: &mut H,
+) {
+    hasher.update(b"\0BLOCK\0\0VERSION\0");
+    hasher.update(&version.to_le_bytes());
+
+    hasher.update(&b"\0PAYLOAD\0"[..]);
+    hasher.update(payload);
+
+    hasher.update(&b"\0ALGORITHM\0"[..]);
+    hasher.update(&(next_key.algorithm() as i32).to_le_bytes());
+
+    hasher.update(&b"\0NEXTKEY\0"[..]);
+    hasher.update(&next_key.to_bytes());
+}
+
 pub(crate) fn generate_block_signature_payload_v1(
     payload: &[u8],
     next_key: &PublicKey,
@@ -986,4 +1007,38 @@
         let deser_pub = PublicKey::from_pem(&pem_pub).unwrap();
         assert_eq!(p256_pub, deser_pub);
     }
+
+    #[test]
+    fn prehashed_signature() {
+        use ::p256::NistP256;
+        use ecdsa::hazmat::DigestPrimitive;
+        use ed25519_dalek::DigestSigner;
+
+        let kp = ed25519::KeyPair::new();
+        let next_key = KeyPair::new();
+        let version = 1;
+        let payload = b"payload";
+        let mut prehashed: ed25519_dalek::Sha512 = ed25519_dalek::Sha512::default();
+        generate_authority_block_signature_payload_v1_prehashed(
+            payload,
+            &next_key.public(),
+            version,
+            &mut prehashed,
+        );
+        //let hash = ed25519_dalek::Digest::finalize(prehashed);
+        let sig = kp.kp.try_sign_digest(prehashed).unwrap().to_vec();
+        println!("{:?}", sig);
+
+        let to_sign =
+            generate_authority_block_signature_payload_v1(payload, &next_key.public(), version);
+
+        let sig2 = kp.sign(&to_sign).unwrap();
+        assert_eq!(sig, sig2.to_bytes());
+
+        // let mut prehashed2 = <NistP256 as DigestPrimitive>::Digest::default();
+        // generate_authority_block_signature_payload_v1_prehashed(b"payload", 1, &mut prehashed2);
+        // let kp = p256::KeyPair::new();
+        // let sig: ecdsa::Signature<NistP256> = kp.kp.try_sign_digest(prehashed2).unwrap();
+        // println!("{:?}", sig);
+    }
 }
diff --git a/biscuit-auth/src/crypto/p256.rs b/biscuit-auth/src/crypto/p256.rs
@@ -16,7 +16,7 @@ use std::hash::Hash;
 /// pair of cryptographic keys used to sign a token's block
 #[derive(Debug, PartialEq)]
 pub struct KeyPair {
-    kp: SigningKey,
+    pub(super) kp: SigningKey,
 }
 
 impl KeyPair {