Implement signature

src/signature.ts

@@ -0,0 +1,67 @@
+import {Result} from 'rust'
+import logger from 'log'
+
+export type PrivKey = CryptoKey
+export type PubKey = CryptoKey
+export type KeyPair = [PrivKey, PubKey]
+
+const algorithm: EcdsaParams = {
+    name: "ECDSA",
+    hash: {name: "SHA-512"},
+}
+const log = logger('crypto:signature')
+
+/**
+ * Create a new keypair for signing
+ * @param extractable if the keys must be extractable or not
+ * @return [privkey, pubkey] keys
+ */
+export async function gen_keypair(extractable: boolean = false) : Promise<KeyPair> {
+    log.trace('Generating keypair')
+    log.debug('Extractable :', extractable ? 'yes' : 'no')
+
+    let key = await window.crypto.subtle.generateKey(
+        {
+            name: "ECDSA",
+            namedCurve: "P-521"
+        } as EcKeyGenParams,
+        extractable,
+        ['sign', 'verify']
+    )
+
+    return [key.privateKey, key.publicKey]
+}
+export async function sign(privkey: PrivKey, message: Uint8Array) : Promise<Result<ArrayBuffer>> {
+    log.trace('sign')
+
+    try {
+        return Result.ok(await window.crypto.subtle.sign(
+            algorithm,
+            privkey,
+            message,
+        ))
+    } catch(e) {
+        log.warn('Signature failed')
+        log.debug(`Error : ${e}`)
+    }
+
+    return Result.error([])
+}
+
+export async function verify(pubkey: PubKey, message: Uint8Array, signature: ArrayBuffer): Promise<boolean> {
+    log.trace('Verify signature')
+
+    try {
+        return await window.crypto.subtle.verify(
+            algorithm,
+            pubkey,
+            signature,
+            message
+        );
+    } catch (e) {
+        log.warn('Verification failed')
+        log.debug(`Error : ${e}`)
+    }
+
+    return false;
+}

test/signature.test.ts

@@ -0,0 +1,57 @@
+import {test, expect} from 'bun:test'
+
+import {signature} from '../index'
+
+test('base case', async () => {
+    let keypair = await signature.gen_keypair()
+    let data = new TextEncoder().encode("Message 123 !")
+
+    const sig = (await signature.sign(keypair[0], data)).expect("Should sign the message")
+    let verification = await signature.verify(keypair[1], data, sig)
+
+    expect(verification).toBe(true)
+})
+
+test('inverted keys', async () => {
+    let keypair = await signature.gen_keypair()
+    let data = new TextEncoder().encode("Message 123 !")
+
+    ;(await signature.sign(keypair[1], data)).expect_err("Shouldn't sign the message with the wrong key")
+
+    const sig = (await signature.sign(keypair[0], data)).expect("Should sign the message")
+    let verification = await signature.verify(keypair[0], data, sig)
+    expect(verification).toBe(false)
+})
+
+test('tampered message', async () => {
+    let keypair = await signature.gen_keypair()
+    let data1 = new TextEncoder().encode("Message 123 !")
+    let data2 = new TextEncoder().encode("Message 321 !")
+    expect(data1).not.toEqual(data2)
+
+    const sig = (await signature.sign(keypair[0], data1)).expect("Should sign the message")
+    let verification = await signature.verify(keypair[1], data2, sig)
+
+    expect(verification).toBe(false)
+})
+
+test('different keypair', async () => {
+    const keypair = await signature.gen_keypair()
+    const keypair2 = await signature.gen_keypair()
+    let data = new TextEncoder().encode("Message 123 !")
+
+    const sig = (await signature.sign(keypair[0], data)).expect("Should sign the message")
+    let verification = await signature.verify(keypair2[1], data, sig)
+
+    expect(verification).toBe(false)
+})
+
+test('tampered signature', async () => {
+    let keypair = await signature.gen_keypair()
+    let data = new TextEncoder().encode("Message 123 !")
+
+    const sig = (await signature.sign(keypair[0], data)).expect("Should sign the message")
+    let verification = await signature.verify(keypair[1], data, sig.slice(0, -1))
+
+    expect(verification).toBe(false)
+})