From 6bc46bb0abdd76311b787f44b1774a919a1d8b24 Mon Sep 17 00:00:00 2001 From: Pascal Perrenoud Date: Tue, 14 May 2024 13:20:44 +0200 Subject: [PATCH] Implement signature --- src/signature.ts | 56 ++++++++++++++++++++++++++++++++++------- test/signature.test.ts | 57 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 104 insertions(+), 9 deletions(-) create mode 100644 test/signature.test.ts diff --git a/src/signature.ts b/src/signature.ts index 0041f8e..1168462 100644 --- a/src/signature.ts +++ b/src/signature.ts @@ -1,13 +1,51 @@ -export type PrivKey = void -export type PubKey = void -export type Signature = string +import {Result} from 'result' -export function gen_keypair() : [PrivKey, PubKey] { - throw "todo" +export type PrivKey = CryptoKey +export type PubKey = CryptoKey + +const algorithm: EcdsaParams = { + name: "ECDSA", + hash: {name: "SHA-512"}, } -export function sign(privkey: PrivKey, message: Uint8Array) : Signature { - throw "todo" + +/** + * Create a new keypair for signing + * @param extractable if the keys must be extractable or not + * @return [privkey, pubkey] keys + */ +export async function gen_keypair(extractable: boolean = false) : Promise<[PrivKey, PubKey]> { + let key = await window.crypto.subtle.generateKey( + { + name: "ECDSA", + namedCurve: "P-521" + } as EcKeyGenParams, + extractable, + ['sign', 'verify'] + ) + + return [key.privateKey, key.publicKey] } -export function verify(pubkey: PubKey, message: Uint8Array, signature: Signature) : boolean { - throw "todo" +export async function sign(privkey: PrivKey, message: Uint8Array) : Promise> { + try { + return Result.ok(await window.crypto.subtle.sign( + algorithm, + privkey, + message, + )) + } catch(_) {} + + return Result.error([]) +} + +export async function verify(pubkey: PubKey, message: Uint8Array, signature: ArrayBuffer): Promise { + try { + return await window.crypto.subtle.verify( + algorithm, + pubkey, + signature, + message + ); + } catch (_) {} + + return false; } diff --git a/test/signature.test.ts b/test/signature.test.ts new file mode 100644 index 0000000..f80e84d --- /dev/null +++ b/test/signature.test.ts @@ -0,0 +1,57 @@ +import {test, expect} from 'bun:test' + +import {signature} from '../index' + +test('base case', async () => { + let keypair = await signature.gen_keypair() + let data = new TextEncoder().encode("Message 123 !") + + const sig = (await signature.sign(keypair[0], data)).expect("Should sign the message") + let verification = await signature.verify(keypair[1], data, sig) + + expect(verification).toBe(true) +}) + +test('inverted keys', async () => { + let keypair = await signature.gen_keypair() + let data = new TextEncoder().encode("Message 123 !") + + ;(await signature.sign(keypair[1], data)).expect_err("Shouldn't sign the message with the wrong key") + + const sig = (await signature.sign(keypair[0], data)).expect("Should sign the message") + let verification = await signature.verify(keypair[0], data, sig) + expect(verification).toBe(false) +}) + +test('tampered message', async () => { + let keypair = await signature.gen_keypair() + let data1 = new TextEncoder().encode("Message 123 !") + let data2 = new TextEncoder().encode("Message 321 !") + expect(data1).not.toEqual(data2) + + const sig = (await signature.sign(keypair[0], data1)).expect("Should sign the message") + let verification = await signature.verify(keypair[1], data2, sig) + + expect(verification).toBe(false) +}) + +test('different keypair', async () => { + const keypair = await signature.gen_keypair() + const keypair2 = await signature.gen_keypair() + let data = new TextEncoder().encode("Message 123 !") + + const sig = (await signature.sign(keypair[0], data)).expect("Should sign the message") + let verification = await signature.verify(keypair2[1], data, sig) + + expect(verification).toBe(false) +}) + +test('tampered signature', async () => { + let keypair = await signature.gen_keypair() + let data = new TextEncoder().encode("Message 123 !") + + const sig = (await signature.sign(keypair[0], data)).expect("Should sign the message") + let verification = await signature.verify(keypair[1], data, sig.slice(0, -1)) + + expect(verification).toBe(false) +})