Add ED25519 SignerVerifier

Signed-off-by: Aditya Sirish <[email protected]>

Author: adityasaky

signerverifier/ed25519.go

@@ -0,0 +1,79 @@
+package signerverifier
+
+import (
+	"context"
+	"crypto"
+	"crypto/ed25519"
+	"encoding/hex"
+)
+
+const Ed25519KeyType = "ed25519"
+
+type Ed25519SignerVerifier struct {
+	keyID   string
+	private ed25519.PrivateKey
+	public  ed25519.PublicKey
+}
+
+// NewEd25519SignerVerifierFromSSLibKey creates an Ed25519SignerVerifier from an
+// SSLibKey.
+func NewEd25519SignerVerifierFromSSLibKey(key *SSLibKey) (*Ed25519SignerVerifier, error) {
+	public, err := hex.DecodeString(key.KeyVal.Public)
+	if err != nil {
+		return nil, err
+	}
+
+	var private []byte
+	if len(key.KeyVal.Private) > 0 {
+		private, err = hex.DecodeString(key.KeyVal.Private)
+		if err != nil {
+			return nil, err
+		}
+
+		// python-securesystemslib provides an interface to generate ed25519
+		// keys but it differs slightly in how it serializes the key to disk.
+		// Specifically, the keyval.private field includes _only_ the private
+		// portion of the key while libraries such as crypto/ed25519 also expect
+		// the public portion. So, if the private portion is half of what we
+		// expect, we append the public portion as well.
+		if len(private) == ed25519.PrivateKeySize/2 {
+			private = append(private, public...)
+		}
+	}
+
+	return &Ed25519SignerVerifier{
+		keyID:   key.KeyID(),
+		public:  ed25519.PublicKey(public),
+		private: ed25519.PrivateKey(private),
+	}, nil
+}
+
+// Sign creates a signature for `data`.
+func (sv *Ed25519SignerVerifier) Sign(ctx context.Context, data []byte) ([]byte, error) {
+	if len(sv.private) == 0 {
+		return nil, ErrNotPrivateKey
+	}
+
+	signature := ed25519.Sign(sv.private, data)
+	return signature, nil
+}
+
+// Verify verifies the `sig` value passed in against `data`.
+func (sv Ed25519SignerVerifier) Verify(ctx context.Context, data []byte, sig []byte) error {
+	if ok := ed25519.Verify(sv.public, data, sig); ok {
+		return nil
+	}
+	return ErrSignatureVerificationFailed
+}
+
+// KeyID returns the identifier of the key used to create the
+// Ed25519SignerVerifier instance.
+func (sv Ed25519SignerVerifier) KeyID() (string, error) {
+	return sv.keyID, nil
+}
+
+// Public returns the public portion of the key used to create the
+// Ed25519SignerVerifier instance.
+func (sv Ed25519SignerVerifier) Public() crypto.PublicKey {
+	return sv.public
+}

signerverifier/ed25519_test.go

@@ -0,0 +1,94 @@
+package signerverifier
+
+import (
+	"context"
+	"crypto/ed25519"
+	"encoding/hex"
+	"path/filepath"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestNewEd25519SignerVerifierFromSSLibKey(t *testing.T) {
+	key, err := LoadKeyFromFile(filepath.Join("test-data", "ed25519-test-key.pub"))
+	if err != nil {
+		t.Error(err)
+	}
+
+	sv, err := NewEd25519SignerVerifierFromSSLibKey(key)
+	if err != nil {
+		t.Error(err)
+	}
+
+	expectedPublicString := "3f586ce67329419fb0081bd995914e866a7205da463d593b3b490eab2b27fd3f"
+	expectedPublicKey := ed25519.PublicKey(hexDecode(t, expectedPublicString))
+
+	assert.Equal(t, "52e3b8e73279d6ebdd62a5016e2725ff284f569665eb92ccb145d83817a02997", sv.keyID)
+	assert.Equal(t, expectedPublicKey, sv.public)
+	assert.Nil(t, sv.private)
+}
+
+func TestEd25519SignerVerifierSign(t *testing.T) {
+	key, err := LoadKeyFromFile(filepath.Join("test-data", "ed25519-test-key"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	sv, err := NewEd25519SignerVerifierFromSSLibKey(key)
+	if err != nil {
+		t.Error(err)
+	}
+
+	message := []byte("test message")
+
+	signature, err := sv.Sign(context.Background(), message)
+	if err != nil {
+		t.Error(err)
+	}
+
+	expectedSignature := []byte{0x80, 0x72, 0xb4, 0x31, 0xc5, 0xa3, 0x7e, 0xc, 0xf3, 0x91, 0x22, 0x3, 0x60, 0xbf, 0x92, 0xa4, 0x46, 0x31, 0x84, 0x83, 0xf1, 0x31, 0x3, 0xdc, 0xbc, 0x5, 0x6f, 0xab, 0x84, 0xe4, 0xdc, 0xe9, 0xf5, 0x1c, 0xa9, 0xb3, 0x95, 0xa5, 0xa0, 0x16, 0xd3, 0xaa, 0x4d, 0xe7, 0xde, 0xaf, 0xc2, 0x5e, 0x1e, 0x9a, 0x9d, 0xc8, 0xb2, 0x5c, 0x1c, 0x68, 0xf7, 0x28, 0xb4, 0x1, 0x4d, 0x9f, 0xc8, 0x4}
+	assert.Equal(t, expectedSignature, signature)
+
+	key, err = LoadKeyFromFile(filepath.Join("test-data", "ed25519-test-key.pub"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	sv, err = NewEd25519SignerVerifierFromSSLibKey(key)
+	if err != nil {
+		t.Error(err)
+	}
+
+	_, err = sv.Sign(context.Background(), message)
+	assert.ErrorIs(t, err, ErrNotPrivateKey)
+}
+
+func TestEd25519SignerVerifierVerify(t *testing.T) {
+	key, err := LoadKeyFromFile(filepath.Join("test-data", "ed25519-test-key.pub"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	sv, err := NewEd25519SignerVerifierFromSSLibKey(key)
+	if err != nil {
+		t.Error(err)
+	}
+
+	message := []byte("test message")
+	signature := []byte{0x80, 0x72, 0xb4, 0x31, 0xc5, 0xa3, 0x7e, 0xc, 0xf3, 0x91, 0x22, 0x3, 0x60, 0xbf, 0x92, 0xa4, 0x46, 0x31, 0x84, 0x83, 0xf1, 0x31, 0x3, 0xdc, 0xbc, 0x5, 0x6f, 0xab, 0x84, 0xe4, 0xdc, 0xe9, 0xf5, 0x1c, 0xa9, 0xb3, 0x95, 0xa5, 0xa0, 0x16, 0xd3, 0xaa, 0x4d, 0xe7, 0xde, 0xaf, 0xc2, 0x5e, 0x1e, 0x9a, 0x9d, 0xc8, 0xb2, 0x5c, 0x1c, 0x68, 0xf7, 0x28, 0xb4, 0x1, 0x4d, 0x9f, 0xc8, 0x4}
+	assert.Nil(t, sv.Verify(context.Background(), message, signature))
+
+	message = []byte("corrupted message")
+	err = sv.Verify(context.Background(), message, signature)
+	assert.ErrorIs(t, err, ErrSignatureVerificationFailed)
+}
+
+func hexDecode(t *testing.T, data string) []byte {
+	t.Helper()
+	b, err := hex.DecodeString(data)
+	if err != nil {
+		t.Fatal(err)
+	}
+	return b
+}

signerverifier/signerverifier.go

@@ -0,0 +1,72 @@
+package signerverifier
+
+import (
+	"crypto/sha256"
+	"encoding/hex"
+	"encoding/json"
+	"errors"
+	"os"
+
+	"github.com/secure-systems-lab/go-securesystemslib/cjson"
+)
+
+var (
+	ErrNotPrivateKey               = errors.New("loaded key is not a private key")
+	ErrSignatureVerificationFailed = errors.New("failed to verify signature")
+	ErrUnknownKeyType              = errors.New("unknown key type")
+	ErrInvalidThreshold            = errors.New("threshold is either less than 1 or greater than number of provided public keys")
+)
+
+type SSLibKey struct {
+	KeyIDHashAlgorithms []string `json:"keyid_hash_algorithms"`
+	KeyType             string   `json:"keytype"`
+	KeyVal              KeyVal   `json:"keyval"`
+	Scheme              string   `json:"scheme"`
+	keyID               string
+}
+
+func (k *SSLibKey) KeyID() string {
+	return k.keyID
+}
+
+type KeyVal struct {
+	Private     string `json:"private,omitempty"`
+	Public      string `json:"public"`
+	Certificate string `json:"certificate,omitempty"`
+}
+
+// LoadKeyFromBytes returns a pointer to a Key instance created from the
+// contents of the bytes. The key contents are expected to be in the custom
+// securesystemslib format.
+func LoadKeyFromBytes(contents []byte) (*SSLibKey, error) {
+	var key *SSLibKey
+	if err := json.Unmarshal(contents, &key); err != nil {
+		return nil, err
+	}
+
+	keyID, err := calculateKeyID(key)
+	if err != nil {
+		return nil, err
+	}
+	key.keyID = keyID
+
+	return key, nil
+}
+
+func LoadKeyFromFile(path string) (*SSLibKey, error) {
+	contents, err := os.ReadFile(path)
+	if err != nil {
+		return nil, err
+	}
+
+	return LoadKeyFromBytes(contents)
+}
+
+func calculateKeyID(k *SSLibKey) (string, error) {
+	canonical, err := cjson.EncodeCanonical(k)
+	if err != nil {
+		return "", err
+	}
+	digest := sha256.Sum256(canonical)
+	return hex.EncodeToString(digest[:]), nil
+}

signerverifier/test-data/ed25519-test-key

@@ -0,0 +1 @@
+{"keytype": "ed25519", "scheme": "ed25519", "keyid": "52e3b8e73279d6ebdd62a5016e2725ff284f569665eb92ccb145d83817a02997", "keyid_hash_algorithms": ["sha256", "sha512"], "keyval": {"public": "3f586ce67329419fb0081bd995914e866a7205da463d593b3b490eab2b27fd3f", "private": "66f6ebad4aeb949b91c84c9cfd6ee351fc4fd544744bab6e30fb400ba13c6e9a"}}

signerverifier/test-data/ed25519-test-key.pub

@@ -0,0 +1 @@
+{"keytype": "ed25519", "scheme": "ed25519", "keyid_hash_algorithms": ["sha256", "sha512"], "keyval": {"public": "3f586ce67329419fb0081bd995914e866a7205da463d593b3b490eab2b27fd3f"}}