feat: raw signer (#23)

alanshaw · web-flow · commit 2be8af85133c · 2024-10-09T15:27:11.000+01:00
This PR adds a `Raw()` method to `Signer`, which allows encoding the
private key without multiformats tags.

It effectively allows a signer generated here to interop with Go
`crypto` and libp2p crypto.

The `Signature` type _already_ has a `Raw()` method (which does the same
thing) so this is in keeping with that.
diff --git a/principal/ed25519/signer/signer.go b/principal/ed25519/signer/signer.go
@@ -112,9 +112,13 @@ func (s Ed25519Signer) Encode() []byte {
 	return s
 }
 
-func (s Ed25519Signer) Sign(msg []byte) signature.SignatureView {
+func (s Ed25519Signer) Raw() []byte {
 	pk := make(ed25519.PrivateKey, ed25519.PrivateKeySize)
 	copy(pk[0:ed25519.PublicKeySize], s[privateTagSize:pubKeyOffset])
 	copy(pk[ed25519.PrivateKeySize-ed25519.PublicKeySize:ed25519.PrivateKeySize], s[pubKeyOffset+publicTagSize:pubKeyOffset+publicTagSize+keySize])
-	return signature.NewSignatureView(signature.NewSignature(signature.EdDSA, ed25519.Sign(pk, msg)))
+	return pk
+}
+
+func (s Ed25519Signer) Sign(msg []byte) signature.SignatureView {
+	return signature.NewSignatureView(signature.NewSignature(signature.EdDSA, ed25519.Sign(s.Raw(), msg)))
 }
diff --git a/principal/ed25519/signer/signer_test.go b/principal/ed25519/signer/signer_test.go
@@ -1,8 +1,11 @@
 package signer
 
 import (
+	"crypto/ed25519"
 	"fmt"
 	"testing"
+
+	"github.com/stretchr/testify/require"
 )
 
 func TestGenerateEncodeDecode(t *testing.T) {
@@ -66,3 +69,14 @@ func TestVerify(t *testing.T) {
 		t.Fatalf("verify failed")
 	}
 }
+
+func TestSignerRaw(t *testing.T) {
+	s, err := Generate()
+	require.NoError(t, err)
+
+	msg := []byte{1, 2, 3}
+	raw := s.Raw()
+	sig := ed25519.Sign(raw, msg)
+
+	require.Equal(t, s.Sign(msg).Raw(), sig)
+}
diff --git a/principal/lib.go b/principal/lib.go
@@ -12,6 +12,8 @@ type Signer interface {
 	Code() uint64
 	Verifier() Verifier
 	Encode() []byte
+	// Raw encodes the bytes of the private key without multiformats tags.
+	Raw() []byte
 }
 
 // Verifier is the principal that issued a UCAN. In usually represents remote
diff --git a/principal/rsa/signer/signer.go b/principal/rsa/signer/signer.go
@@ -111,6 +111,11 @@ func (s rsasigner) Encode() []byte {
 	return s.bytes
 }
 
+func (s rsasigner) Raw() []byte {
+	b, _ := multiformat.UntagWith(Code, s.bytes, 0)
+	return b
+}
+
 func (s rsasigner) Sign(msg []byte) signature.SignatureView {
 	hash := sha256.New()
 	hash.Write(msg)
diff --git a/principal/signer/signer.go b/principal/signer/signer.go
@@ -37,6 +37,10 @@ func (w wrapsgn) Encode() []byte {
 	return w.key.Encode()
 }
 
+func (w wrapsgn) Raw() []byte {
+	return w.key.Raw()
+}
+
 func (w wrapsgn) Sign(msg []byte) signature.SignatureView {
 	return w.key.Sign(msg)
 }

Original file line number	Diff line number	Diff line change
`@@ -12,6 +12,8 @@ type Signer interface {`
`12`	`12`	`Code() uint64`
`13`	`13`	`Verifier() Verifier`
`14`	`14`	`Encode() []byte`
	`15`	`+ // Raw encodes the bytes of the private key without multiformats tags.`
	`16`	`+ Raw() []byte`
`15`	`17`	`}`
`16`	`18`
`17`	`19`	`// Verifier is the principal that issued a UCAN. In usually represents remote`
Original file line number	Diff line number	Diff line change
`@@ -37,6 +37,10 @@ func (w wrapsgn) Encode() []byte {`
`37`	`37`	`return w.key.Encode()`
`38`	`38`	`}`
`39`	`39`
	`40`	`+func (w wrapsgn) Raw() []byte {`
	`41`	`+ return w.key.Raw()`
	`42`	`+}`
	`43`	`+`
`40`	`44`	`func (w wrapsgn) Sign(msg []byte) signature.SignatureView {`
`41`	`45`	`return w.key.Sign(msg)`
`42`	`46`	`}`