Add signature scheme versioning (#197)

Author: casey

src/bech32m.rs

@@ -176,7 +176,7 @@ mod tests {
     case::<0, { Fingerprint::LEN }, Fingerprint>("package", "package fingerprint");
     case::<0, { PrivateKey::LEN }, PrivateKey>("private", "private key");
     case::<0, { PublicKey::LEN }, PublicKey>("public", "public key");
-    case::<1, { Signature::LEN }, Signature>("signature", "signature");
+    case::<2, { Signature::LEN }, Signature>("signature", "signature");
   }
 
   #[test]

src/note.rs

@@ -67,7 +67,7 @@ mod tests {
     );
     assert_eq!(
       serde_json::from_str::<Note>(&json).unwrap_err().to_string(),
-      "invalid entry: found duplicate key at line 1 column 401",
+      "invalid entry: found duplicate key at line 1 column 403",
     );
   }
 

src/pgp.rs

@@ -313,7 +313,7 @@ fn pgp_v4_signatures_can_be_verified() {
   }
 
   // extract and verify public key
-  {
+  let private_key = {
     let packet::key::SecretKeyMaterial::Unencrypted(secret_key_material) =
       signing_key.key().optional_secret().unwrap()
     else {
@@ -327,7 +327,9 @@ fn pgp_v4_signatures_can_be_verified() {
     let private_key = PrivateKey::from_bytes(scalar.value().try_into().unwrap());
 
     assert_eq!(private_key.public_key(), public_key);
-  }
+
+    private_key
+  };
 
   // create filepack signature
   let signature = Signature::new(
@@ -339,4 +341,8 @@ fn pgp_v4_signatures_can_be_verified() {
 
   // verify signature
   signature.verify(&message, public_key).unwrap();
+
+  eprintln!("PGP_PRIVATE_KEY: {}", private_key.display_secret());
+  eprintln!("PGP_PUBLIC_KEY: {public_key}");
+  eprintln!("PGP_SIGNATURE: {signature}");
 }

src/signature.rs

@@ -24,7 +24,7 @@ impl Signature {
   }
 }
 
-impl Bech32m<1, { Signature::LEN }> for Signature {
+impl Bech32m<2, { Signature::LEN }> for Signature {
   const HRP: Hrp = Hrp::parse_unchecked("signature");
   const TYPE: &'static str = "signature";
   type Suffix = Vec<u8>;
@@ -55,14 +55,14 @@ impl FromStr for Signature {
 
   fn from_str(signature: &str) -> Result<Self, Self::Err> {
     let Bech32mPayload {
-      prefix: [scheme],
+      prefix: [scheme, version],
       data,
       suffix,
     } = Self::decode_bech32m(signature)?;
 
     Ok(Self {
       inner: ed25519_dalek::Signature::from_bytes(&data),
-      scheme: SignatureScheme::new(scheme, suffix)?,
+      scheme: SignatureScheme::new(scheme, version, suffix)?,
     })
   }
 }
@@ -97,13 +97,14 @@ mod tests {
 
     assert_eq!(
       bech32m.parse::<Signature>().unwrap_err().to_string(),
-      "expected bech32m signature to have 1 prefix character but found 0",
+      "expected bech32m signature to have 2 prefix characters but found 0",
     );
   }
 
   #[test]
   fn unsupported_scheme() {
     let bech32m = iter::once(Fe32::Q)
+      .chain(iter::once(Fe32::_0))
       .chain([0u8; Signature::LEN].iter().copied().bytes_to_fes())
       .with_checksum::<bech32::Bech32m>(&Signature::HRP)
       .with_witness_version(Fe32::A)
@@ -112,7 +113,7 @@ mod tests {
 
     assert_eq!(
       bech32m.parse::<Signature>().unwrap_err().to_string(),
-      "bech32m signature scheme `q` is not supported",
+      "signature scheme `q` is not supported",
     );
   }
 }

src/signature_error.rs

@@ -13,6 +13,14 @@ pub enum SignatureError {
   },
   #[snafu(display("found unexpected suffix for signature scheme `{scheme}`"))]
   UnexpectedSuffix { scheme: &'static str },
-  #[snafu(display("bech32m signature scheme `{scheme}` is not supported"))]
+  #[snafu(display("signature scheme `{scheme}` is not supported"))]
   UnsupportedScheme { scheme: Fe32 },
+  #[snafu(display(
+    "signature scheme `{scheme}` version `{actual}` is not supported, expected `{expected}`",
+  ))]
+  UnsupportedVersion {
+    actual: Fe32,
+    expected: Fe32,
+    scheme: &'static str,
+  },
 }

src/signature_scheme.rs

@@ -11,16 +11,32 @@ pub(crate) enum SignatureScheme {
 }
 
 impl SignatureScheme {
-  pub(crate) fn new(scheme: Fe32, suffix: Vec<u8>) -> Result<Self, SignatureError> {
+  pub(crate) fn new(scheme: Fe32, version: Fe32, suffix: Vec<u8>) -> Result<Self, SignatureError> {
     match scheme {
       Fe32::F => {
+        ensure!(
+          version == Fe32::_0,
+          signature_error::UnsupportedVersion {
+            scheme: "filepack",
+            actual: version,
+            expected: Fe32::_0,
+          },
+        );
         ensure!(
           suffix.is_empty(),
           signature_error::UnexpectedSuffix { scheme: "filepack" },
         );
         Ok(SignatureScheme::Filepack)
       }
       Fe32::P => {
+        ensure!(
+          version == Fe32::_4,
+          signature_error::UnsupportedVersion {
+            scheme: "pgp",
+            actual: version,
+            expected: Fe32::_4,
+          },
+        );
         u16::try_from(suffix.len())
           .ok()
           .context(signature_error::SuffixLength {
@@ -33,6 +49,14 @@ impl SignatureScheme {
         })
       }
       Fe32::S => {
+        ensure!(
+          version == Fe32::_0,
+          signature_error::UnsupportedVersion {
+            scheme: "ssh",
+            actual: version,
+            expected: Fe32::_0,
+          },
+        );
         ensure!(
           suffix.is_empty(),
           signature_error::UnexpectedSuffix { scheme: "ssh" },
@@ -43,11 +67,11 @@ impl SignatureScheme {
     }
   }
 
-  pub(crate) fn prefix_and_suffix(&self) -> ([Fe32; 1], &[u8]) {
+  pub(crate) fn prefix_and_suffix(&self) -> ([Fe32; 2], &[u8]) {
     match self {
-      SignatureScheme::Filepack => ([Fe32::F], &[]),
-      SignatureScheme::Pgp { hashed_area } => ([Fe32::P], hashed_area),
-      SignatureScheme::Ssh => ([Fe32::S], &[]),
+      SignatureScheme::Filepack => ([Fe32::F, Fe32::_0], &[]),
+      SignatureScheme::Pgp { hashed_area } => ([Fe32::P, Fe32::_4], hashed_area),
+      SignatureScheme::Ssh => ([Fe32::S, Fe32::_0], &[]),
     }
   }
 

src/ssh.rs

@@ -68,7 +68,7 @@ fn ssh_signatures_can_be_verified() {
   };
 
   // extract and verify private key
-  {
+  let private_key = {
     let pem = filesystem::read_to_string(&key_path).unwrap();
     let private_key = ssh_key::PrivateKey::from_openssh(&pem).unwrap();
 
@@ -80,7 +80,9 @@ fn ssh_signatures_can_be_verified() {
 
     let private_key = PrivateKey::from_bytes(keypair.private.to_bytes());
 
-    assert_eq!(private_key.public_key(), public_key,);
+    assert_eq!(private_key.public_key(), public_key);
+
+    private_key
   };
 
   // extract signature
@@ -97,4 +99,8 @@ fn ssh_signatures_can_be_verified() {
 
   // verify signature
   signature.verify(&message, public_key).unwrap();
+
+  eprintln!("SSH_PRIVATE_KEY: {}", private_key.display_secret());
+  eprintln!("SSH_PUBLIC_KEY: {public_key}");
+  eprintln!("SSH_SIGNATURE: {signature}");
 }

src/test.rs

@@ -12,8 +12,8 @@ pub(crate) const PUBLIC_KEY: &str =
   "public1a67dndhhmae7p6fsfnj0z37zf78cde6mwqgtms0y87h8ldlvvflyqcxnd63";
 
 pub(crate) const SIGNATURE: &str = concat!(
-  "signature1afppampjlm7qs0g4amn9fnq87crhn70k5lv5wf48ajy6k774tqw",
-  "6yc9s5n0kpq5420jrz644sgu7geahpffl8l7nuv9azsqv8jpgtrcqsdxjghp",
+  "signature1af0ppampjlm7qs0g4amn9fnq87crhn70k5lv5wf48ajy6k774tq",
+  "w6yc9s5n0kpq5420jrz644sgu7geahpffl8l7nuv9azsqv8jpgtrcqsarjptp",
 );
 
 pub(crate) const WEAK_PUBLIC_KEY: &str =

tests/lib.rs

@@ -46,6 +46,6 @@ const PRIVATE_KEY: &str = "private1a24p4zsr2nh04f4pkgtxfzv5yle473x4jue7s6lkwg9td
 const PUBLIC_KEY: &str = "public1a67dndhhmae7p6fsfnj0z37zf78cde6mwqgtms0y87h8ldlvvflyqcxnd63";
 
 const SIGNATURE: &str = concat!(
-  "signature1afppampjlm7qs0g4amn9fnq87crhn70k5lv5wf48ajy6k774tqw",
-  "6yc9s5n0kpq5420jrz644sgu7geahpffl8l7nuv9azsqv8jpgtrcqsdxjghp",
+  "signature1af0ppampjlm7qs0g4amn9fnq87crhn70k5lv5wf48ajy6k774tq",
+  "w6yc9s5n0kpq5420jrz644sgu7geahpffl8l7nuv9azsqv8jpgtrcqsarjptp",
 );

tests/verify.rs

@@ -461,18 +461,14 @@ fn non_unicode_path_error() {
 
 #[test]
 fn pgp_signature() {
-  #[allow(unused)]
-  const PGP_PRIVATE_KEY: &str =
-    "private1at6hy62ykv46jmlqks3jpnx3lmgv2avtrrtnt2uljwhzdrfx54n6sx4cj9e";
-
-  const PGP_PUBLIC_KEY: &str = "public1afzgrryd0m6n96syhjl4fadx3hjse8pjr23uztxpwv4685lkjm37qmgwsd3";
+  const PGP_PUBLIC_KEY: &str = "public1axadguya9tqnfavpjq08st0sfzgvmxwjsqcfudgg55sh4ztjnsugsxmnnj0";
 
   const PGP_SIGNATURE: &str = concat!(
-    "signature1apnckuwdwggchcm3wp5tyqef2ea03kucmc8j7p3ewcqh8falwrd0",
-    "axhp3n59c644jxnyk66tcwhs33ut0v7puw58024g4xd756m7y7szs9sf5hzw",
-    "qrpyg93acd9h5ckdxygu2qqqqqqqqpuqpqwdskcazqdehhgct5d9hkuuewwd",
-    "jhzat0d9sj6ur8wqhx7un8fp3vcyaew0zvdd79t5tmsy3hy4mun4gql69d8n",
-    "4t05sykyn9fm53vggy47uff5p0uvufjpvme2d43acd9h5ckdxy2u26nt",
+    "signature1ap4f9anzsjk4gq0hh0a7uk5v7vvjpfz20hwp2y548twpn2ecxn5",
+    "ahdjd2gusuztpwxs63ajcqzl26k7s95tcatvpsz8r2pgtj0yxjav2rc9sf5hz",
+    "c22pygwudfszugaanvcgu2qqqqqqqqpuqpqwdskcazqdehhgct5d9hkuuewwd",
+    "jhzat0d9sj6ur8wqhx7un8rl2l6gcc3ccvenxhfpyacp57t5xfyp3dktmz068",
+    "w8uspdfdwy89pvggyppyz88rs9es8fq65rx77udfszugaanvcclxt00",
   );
 
   Test::new()
@@ -635,15 +631,11 @@ error: 1 mismatched file
 
 #[test]
 fn ssh_signature() {
-  #[allow(unused)]
-  const SSH_PRIVATE_KEY: &str =
-    "private1a4u5t9g3hlfk56d5kaw8drqgc478ljeqzae7lqc4y742pa6u6ur7srw5lct";
-
-  const SSH_PUBLIC_KEY: &str = "public1a5yf9ackwkywzmygc3q4mglp7qd32ruyj5fr0w3szp70jt4cl34cqwtjjhh";
+  const SSH_PUBLIC_KEY: &str = "public1avp5pgjsqf6uzcrd34x4hgdndfaf5w5h786wh3tjs9vyup3n74h2shpdku2";
 
   const SSH_SIGNATURE: &str = concat!(
-    "signature1as2wzp8g6f9d6gt53dpt37zlz4qw2hwhn4q7yg99uz6lrua63mh",
-    "h7mnmka5cap6z37rglrst2thst909zlmerltgna7yhgf240dsqd6pgrvzhv0",
+    "signature1as0qpsm76yvvg4wjn4l7vqemk5vpc5khpp5ceqrp693x2ndrvrn",
+    "vsga58suzl239sjh4t5uhprwpyfmypy4cmp0upe055cvzxg226e7gzq3e7nwt",
   );
 
   Test::new()