fix(swift): Various bugs in key related things

Add tests too!

Signed-off-by: Skyler Ross <[email protected]>

Author: izik1

sdk/swift/Sources/Hedera/PrivateKey.swift

@@ -52,10 +52,28 @@ private struct ChainCode {
 #endif
 
 /// A private key on the Hedera network.
-public struct PrivateKey: LosslessStringConvertible, ExpressibleByStringLiteral {
+public struct PrivateKey: LosslessStringConvertible, ExpressibleByStringLiteral, CustomStringConvertible,
+    CustomDebugStringConvertible
+{
+    /// Debug description for `PrivateKey`
+    ///
+    /// Please note that debugDescriptions of any kind should not be considered a stable format.
+    public var debugDescription: String {
+        "PrivateKey(kind: \(String(reflecting: guts)), chainCode: \(String(describing: chainCode?.data))"
+    }
+
     // we need to be sendable, so...
     // The idea being that we initialize the key whenever we need it, which is absolutely not free, but it is `Sendable`.
-    fileprivate enum Repr {
+    fileprivate enum Repr: CustomDebugStringConvertible {
+        fileprivate var debugDescription: String {
+            switch self {
+            case .ed25519:
+                return "ed25519([redacted])"
+            case .ecdsa:
+                return "ecdsa([redacted])"
+            }
+        }
+
         case ed25519(Data)
         case ecdsa(Data)
 
@@ -462,6 +480,35 @@ public struct PrivateKey: LosslessStringConvertible, ExpressibleByStringLiteral
     }
 }
 
+// for testing purposes :/
+extension PrivateKey {
+    internal func withChainCode(chainCode: Data) -> Self {
+        precondition(chainCode.count == 32)
+        return Self(kind: kind, chainCode: chainCode)
+    }
+
+    internal func prettyPrint() -> String {
+        let data = toStringRaw()
+        let chainCode = String(describing: chainCode?.data.hexStringEncoded())
+
+        let start: String
+
+        switch guts {
+        case .ecdsa:
+            start = "PrivateKey.ecdsa"
+        case .ed25519:
+            start = "PrivateKey.ed25519"
+        }
+
+        return """
+            \(start)(
+                key: \(data),
+                chainCode: \(chainCode)
+            )
+            """
+    }
+}
+
 #if compiler(>=5.7)
     extension PrivateKey.Repr: Sendable {}
 #else

sdk/swift/Sources/Hedera/PublicKey.swift

@@ -23,6 +23,7 @@ import Foundation
 import HederaProtobufs
 import SwiftASN1
 import secp256k1
+import secp256k1_bindings
 
 /// A public key on the Hedera network.
 public struct PublicKey: LosslessStringConvertible, ExpressibleByStringLiteral, Equatable, Hashable {
@@ -279,7 +280,7 @@ public struct PublicKey: LosslessStringConvertible, ExpressibleByStringLiteral,
             let isValid: Bool
             do {
                 isValid = try key.ecdsa.isValidSignature(
-                    .init(rawRepresentation: signature), for: Keccak256Digest(Crypto.Sha3.keccak256(message))!)
+                    .init(compactRepresentation: signature), for: Keccak256Digest(Crypto.Sha3.keccak256(message))!)
             } catch {
                 throw HError(kind: .signatureVerify, description: "invalid signature")
             }
@@ -323,8 +324,38 @@ public struct PublicKey: LosslessStringConvertible, ExpressibleByStringLiteral,
             return nil
         }
 
+        // when the bindings aren't enough :/
+        var pubkey = secp256k1_pubkey()
+
+        key.rawRepresentation.withUnsafeTypedBytes { bytes in
+            let result = secp256k1_bindings.secp256k1_ec_pubkey_parse(
+                secp256k1.Context.raw,
+                &pubkey,
+                bytes.baseAddress!,
+                bytes.count
+            )
+
+            precondition(result == 1)
+        }
+
+        var output = Data(repeating: 0, count: 65)
+
+        output.withUnsafeMutableTypedBytes { output in
+            var outputLen = output.count
+
+            let result = secp256k1_ec_pubkey_serialize(
+                secp256k1.Context.raw, output.baseAddress!,
+                &outputLen,
+                &pubkey,
+                secp256k1.Format.uncompressed.rawValue
+            )
+
+            precondition(result == 1)
+            precondition(outputLen == output.count)
+        }
+
         // fixme(important): sec1 uncompressed point
-        let hash = Crypto.Sha3.keccak256(key.rawRepresentation)
+        let hash = Crypto.Sha3.keccak256(output[1...])
 
         return try! EvmAddress(Data(hash.dropFirst(12)))
 

sdk/swift/Tests/HederaTests/PrivateKeyTests.swift

@@ -22,6 +22,10 @@ import XCTest
 
 @testable import Hedera
 
+private func keyWithChain(key: PrivateKey, chainCode: String) -> PrivateKey {
+    key.withChainCode(chainCode: Data(hexEncoded: chainCode)!)
+}
+
 internal final class PrivateKeyTests: XCTestCase {
     internal func testParseEd25519() throws {
         let privateKey: PrivateKey =
@@ -41,6 +45,30 @@ internal final class PrivateKeyTests: XCTestCase {
             "3030020100300706052b8104000a042204208776c6b831a1b61ac10dac0304a2843de4716f54b1919bb91a2685d0fe3f3048")
     }
 
+    internal func testEd25519Sign() throws {
+        let message = "hello, world".data(using: .utf8)!
+        let privateKey: PrivateKey =
+            "302e020100300506032b657004220420db484b828e64b2d8f12ce3c0a0e93a0b8cce7af1bb8f39c97732394482538e10"
+
+        let signature = privateKey.sign(message)
+
+        // note that CryptoKit randomizes the signature, *sigh*, so the only thing we *can* test is that the signature verifies.
+
+        XCTAssertNoThrow(try privateKey.publicKey.verify(message, signature))
+    }
+
+    internal func testEcdsaSign() throws {
+        let privateKey: PrivateKey =
+            "3030020100300706052b8104000a042204208776c6b831a1b61ac10dac0304a2843de4716f54b1919bb91a2685d0fe3f3048"
+
+        let signature = privateKey.sign("hello world".data(using: .utf8)!)
+
+        XCTAssertEqual(
+            signature.hexStringEncoded(),
+            "f3a13a555f1f8cd6532716b8f388bd4e9d8ed0b252743e923114c0c6cbfe414c086e3717a6502c3edff6130d34df252fb94b6f662d0cd27e2110903320563851"
+        )
+    }
+
     internal func testEd25519LegacyDerive() throws {
         let privateKey: PrivateKey =
             "302e020100300506032b65700422042098aa82d6125b5efa04bf8372be7931d05cd77f5ef3330b97d6ee7c006eaaf312"
@@ -69,6 +97,47 @@ internal final class PrivateKeyTests: XCTestCase {
             "302e020100300506032b6570042204206890dc311754ce9d3fc36bdf83301aa1c8f2556e035a6d0d13c2cccdbbab1242")
     }
 
+    // "iosKey"
+    internal func testEd25519Derive1() throws {
+        let key = keyWithChain(
+            key: "302e020100300506032b657004220420a6b9548d7e123ad4c8bc6fee58301e9b96360000df9d03785c07b620569e7728",
+            chainCode: "cde7f535264f1db4e2ded409396f8c72f8075cc43757bd5a205c97699ea40271"
+        )
+
+        let child = try key.derive(0)
+
+        XCTAssertEqual(
+            child.prettyPrint(),
+            #"""
+            PrivateKey.ed25519(
+                key: 5f66a51931e8c99089472e0d70516b6272b94dd772b967f8221e1077f966dbda,
+                chainCode: Optional("0e5c869c1cf9daecd03edb2d49cf2621412578a352578a4bb7ef4eef2942b7c9")
+            )
+            """#
+        )
+    }
+
+    // "androidKey"
+    internal func testEd25519Derive2() throws {
+        let key = keyWithChain(
+            key:
+                "302e020100300506032b65700422042097dbce1988ef8caf5cf0fd13a5374969e2be5f50650abd19314db6b32f96f18e",
+            chainCode: "b7b406314eb2224f172c1907fe39f807e306655e81f2b3bc4766486f42ef1433"
+        )
+
+        let child = try key.derive(0)
+
+        XCTAssertEqual(
+            child.prettyPrint(),
+            #"""
+            PrivateKey.ed25519(
+                key: c284c25b3a1458b59423bc289e83703b125c8eefec4d5aa1b393c2beb9f2bae6,
+                chainCode: Optional("a7a1c2d115a988e51efc12c23692188a4796b312a4a700d6c703e4de4cf1a7f6")
+            )
+            """#
+        )
+    }
+
     internal func testEd25519FromPem() throws {
         let pemString = """
             -----BEGIN PRIVATE KEY-----

sdk/swift/Tests/HederaTests/PublicKeyTests.swift

@@ -46,4 +46,81 @@ internal final class PublicKeyTests: XCTestCase {
             key: "302d300706052b8104000a03220002703a9370b0443be6ae7c507b0aec81a55e94e4a863b9655360bd65358caa6588"
         )
     }
+
+    internal func testToEvmAddress() throws {
+        let publicKey = try PrivateKey.fromStringEcdsa(
+            "debae3ca62ab3157110dba79c8de26540dc320ee9be73a77d70ba175643a3500"
+        ).publicKey
+
+        let evmAddress = publicKey.toEvmAddress()
+
+        XCTAssertEqual(evmAddress, "0xd8eb8db03c699faa3f47adcdcd2ae91773b10f8b")
+    }
+
+    internal func testToEvmAddress2() throws {
+        let publicKey = try PublicKey.fromStringEcdsa(
+            "029469a657510f3bf199a0e29b21e11e7039d8883f3547d59c3568f9c89f704cbc")
+
+        let evmAddress = publicKey.toEvmAddress()
+
+        XCTAssertEqual(evmAddress, "0xbbaa6bdfe888ae1fc8e7c8cee82081fa79ba8834")
+    }
+
+    internal func testEd25519Verify() throws {
+        let publicKey = try PublicKey.fromStringDer(
+            "302a300506032b6570032100e0c8ec2758a5879ffac226a13c0c516b799e72e35141a0dd828f94d37988a4b7"
+        )
+
+        let signature = Data(
+            hexEncoded: "9d04bfed7baa97c80d29a6ae48c0d896ce8463a7ea0c16197d55a563c73996ef"
+                + "062b2adf507f416c108422c0310fc6fb21886e11ce3de3e951d7a56049743f07"
+        )!
+
+        XCTAssertNoThrow(try publicKey.verify("hello, world".data(using: .utf8)!, signature))
+    }
+
+    internal func testEcdsaVerify() throws {
+        let publicKey = try PublicKey.fromStringDer(
+            "302d300706052b8104000a03220002703a9370b0443be6ae7c507b0aec81a55e94e4a863b9655360bd65358caa6588"
+        )
+
+        let signature = Data(
+            hexEncoded: "f3a13a555f1f8cd6532716b8f388bd4e9d8ed0b252743e923114c0c6cbfe414c"
+                + "086e3717a6502c3edff6130d34df252fb94b6f662d0cd27e2110903320563851"
+        )!
+
+        XCTAssertNoThrow(try publicKey.verify("hello world".data(using: .utf8)!, signature))
+    }
+
+    /// We should error if we try to verify a signature with the wrong public key (or the right public key with the wrong signature, same thing)
+    ///
+    /// This in particular tests attempting to verify a ecdsa-secp256k1 signature for an ed25519 public key.
+    internal func testEd25519VerifyErrorEcdsa() throws {
+        let publicKey = try PublicKey.fromStringDer(
+            "302a300506032b6570032100e0c8ec2758a5879ffac226a13c0c516b799e72e35141a0dd828f94d37988a4b7"
+        )
+
+        let signature = Data(
+            hexEncoded: "f3a13a555f1f8cd6532716b8f388bd4e9d8ed0b252743e923114c0c6cbfe414c"
+                + "086e3717a6502c3edff6130d34df252fb94b6f662d0cd27e2110903320563851"
+        )!
+
+        XCTAssertThrowsError(try publicKey.verify("hello, world".data(using: .utf8)!, signature))
+    }
+
+    /// We should error if we try to verify a signature with the wrong public key (or the right public key with the wrong signature, same thing)
+    ///
+    /// This in particular tests attempting to verify a ed25519 signature for an ecdsa-secp256k1 public key.
+    internal func testEcdsaVerifyErrorEd25519() throws {
+        let publicKey = try PublicKey.fromStringDer(
+            "302d300706052b8104000a03220002703a9370b0443be6ae7c507b0aec81a55e94e4a863b9655360bd65358caa6588"
+        )
+
+        let signature = Data(
+            hexEncoded: "9d04bfed7baa97c80d29a6ae48c0d896ce8463a7ea0c16197d55a563c73996ef"
+                + "062b2adf507f416c108422c0310fc6fb21886e11ce3de3e951d7a56049743f07"
+        )!
+
+        XCTAssertThrowsError(try publicKey.verify("hello world".data(using: .utf8)!, signature))
+    }
 }